last executing test programs:

2.096619846s ago: executing program 4 (id=1876):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000005700)={'wlan1\x00'})
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f00000059c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20008804)

2.044006388s ago: executing program 0 (id=1877):
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="78000000070a01040000000a0000070900010073797a31000000005800048054000180090001006d6574610000000044000280080001400000000f0800034000000000080003400000000a080002400000001508000140000000c53ceda0fd4e519c18b374c1e40b0800016aeb000012080002"], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@ipv6_delrule={0x24, 0x21, 0x1, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8}]}, 0x24}}, 0x0)
r4 = socket(0x10, 0x80003, 0x0)
write(r4, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)}], 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
ioctl$BTRFS_IOC_BALANCE_CTL(r6, 0x40049421, 0x1)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0)

1.87628666s ago: executing program 4 (id=1880):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="90000000", @ANYRES16=r1, @ANYBLOB="050200000024000000000f00000008000300", @ANYRES32=r2, @ANYBLOB], 0x90}}, 0x0)

1.463100636s ago: executing program 4 (id=1885):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000000000000002000000020000000200000000000000000000010500000008009000000000000100000500000000000000000100009541433b000000"], 0x0, 0x5a}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x10002, 0x0, 0x1}, 0x48)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r4)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x1c, r5, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(r3, 0x0, 0x2000c001)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x2, &(0x7f0000000000)=""/31, &(0x7f0000000040)=0x1f)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100165749b4454ceee6736168c22f15000080000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="040000000100"/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r6, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
r9 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f00000004c0), &(0x7f0000000600)=0x10, 0x100800)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000680)={'wg2\x00', &(0x7f0000000640)=@ethtool_sfeatures={0x3b, 0x2, [{0x1, 0xbb}, {0x6941}]}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r8, 0x20, &(0x7f0000000100)={0x0, 0x0, <r10=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001840)=r10, 0x4)
r11 = openat$cgroup_ro(r6, &(0x7f0000000440)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1a, 0x5, &(0x7f0000000300)=@raw=[@map_fd={0x18, 0x3, 0x1, 0x0, r7}, @alu={0x7, 0x0, 0xd, 0x7, 0x9, 0xfffffffffffffff0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0xdf}], &(0x7f0000000340)='GPL\x00', 0x1b97b0e1, 0x5c, &(0x7f0000000380)=""/92, 0x1f00, 0x1, '\x00', r2, @tracing=0x1c, r0, 0x8, &(0x7f0000000400)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, r10, r11, 0x2, 0x0, &(0x7f0000000480)=[{0x1, 0x5, 0x5, 0x3}, {0x0, 0x3, 0xf, 0x9}], 0x10, 0x5}, 0x94)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=r10, 0xfffffffffffffe25)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="030000000400ff0704000000020000000000800002a1a72c174ee167f5c1fc3c35358d692a697b100500000000000000b5c2cac42ebc938b7e48f75d4b09a9376dedae93754c7e54211ac16841671c02f084a2", @ANYRES32=0x1, @ANYBLOB='\b\x00'/20, @ANYRES32=r2, @ANYRES32=r12, @ANYBLOB="04000000010000000200"/28], 0x50)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000210a0108fdffffff0000000000000000630003"], 0x2cc}}, 0x0)

1.396260008s ago: executing program 4 (id=1887):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0x20, 0x4)
r1 = socket$igmp(0x2, 0x3, 0x2)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000200)={r3, 0x2, 0x30}, &(0x7f0000000240)=0xc)
getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x9, 0x0, &(0x7f0000001580))
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xd)

1.205363827s ago: executing program 3 (id=1890):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000005700)={'wlan1\x00'})
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f00000059c0)={0x0, 0x0, &(0x7f0000005980)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x20008804)

1.204787876s ago: executing program 2 (id=1891):
socketpair(0x22, 0xa, 0x1ff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000002000000000000000008500000061000000850000000700000095"], &(0x7f0000000200)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x1f2f, 0x22, 0x0, &(0x7f0000000440)="9f44947021919559684010a408002d7a5d4153f0226dcacf36a548ab01b5cb16afce", 0x0, 0x0, 0x0, 0x0, 0xc0, 0x0, &(0x7f0000000580)="06000000e163a1e841f40df2cd0bf7059fa3e938181322c860b54b1365fdcf07b3b6cee510ae46cb0900001000000000f8d81d246c7ce9e66f813f64f1df9ff13a660358ca101ac28ae055fa04fa324e3a45ede8471c652ee3804f1c95fbb6f8d89dc0517ad21e3b517c0d343f47b91fe7bcea724fe3656487a7925a1c71daf5e46b870cfd506007fdba7370fd0054b201b8750b15ddffff77f438e2aa32c8fe6314ee831756f39012683df6ceb8e449ea96f260d17dd86ec4ac553a5b92bd84"}, 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f000001a100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@setlink={0x44, 0x13, 0x800, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x48283}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0x7f}, @IFLA_TXQLEN={0x8, 0xd, 0x5}, @IFLA_NET_NS_FD={0x8}, @IFLA_ADDRESS={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f8c0000000c0a01080000000000000000010000000900020073797a3200000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c0001400000000000000000140001800c000100636f756e74657200000000000000058011e70000666c6f775f6f66666c6f6164000000000900010073797a30"], 0x110}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="30000000190001000000000000"], 0x30}}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2)
socket$packet(0x11, 0x3, 0x300)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f00000001c0)={@empty, @local, 0x0, "450cfa4b8ba6c8f11d937340c577c969d205dc0fce67830da210d707c86aa133", 0x10000, 0xffff, 0x3ff, 0xfffffe01}, 0x3c)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x40, r6, 0x4, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x1000}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x2}, @L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x40}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x54184}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}}], {0x14, 0x10}}, 0x5c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)

1.156988446s ago: executing program 3 (id=1893):
socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'geneve1\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000080)="a99c383d33c9c607b1b9d49688a8834a88a8", 0x16, 0x88a8ffffffffffff, &(0x7f0000000000)={0x11, 0x8100, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)

1.024808421s ago: executing program 0 (id=1894):
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, &(0x7f00000000c0)="e137ee1c89c0bd1c14a2a912ac3fd89c26d16f7620820156117e4da25c43c3867eaebf0218b5df556ca38a8c119fe82c5fa8ad0ce5aab9013ac2ab7ba1f5d210a9e3631462b16464775c14cb5e88549bfb08a2b688543e3f71", 0x59, 0xc040, &(0x7f0000000000)={0xa, 0x4e21, 0x800, @private1, 0x4000}, 0x1c) (async)
sendto$inet6(r0, &(0x7f00000000c0)="e137ee1c89c0bd1c14a2a912ac3fd89c26d16f7620820156117e4da25c43c3867eaebf0218b5df556ca38a8c119fe82c5fa8ad0ce5aab9013ac2ab7ba1f5d210a9e3631462b16464775c14cb5e88549bfb08a2b688543e3f71", 0x59, 0xc040, &(0x7f0000000000)={0xa, 0x4e21, 0x800, @private1, 0x4000}, 0x1c)
listen(r0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000380)=0x80000000, 0x4) (async)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000380)=0x80000000, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x7}, 0x50)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c020000190001000000000010000000e0000001000000000000000000000000ac1414bb00000000000000000000000000000000ffff00000a00800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000084010500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000800ac1414aa000000000000000000000000000000003c00000000000000fe80000000000000000000000000000000000000030000000008000000000000000000007f00000100000000000000000000000000000000320000000000000000000000000000000000ffff7f0000010000800003000000000000000000000000000000ff0100000000000000000000000000010000000033000000000000000a010101000000000000000000000000043500000000010000000000bf0a000000000000fe8000000000000000000000000000aa000004d46c00000000000000e00000010000000000000000000000000300000000000000000000000000000000000000fc000000000000000000000000000001000000003c0000000a000000fc010000000000accb6e156b4743068732ab9fa209"], 0x23c}}, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r1, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r0}, 0x20) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r1, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r0}, 0x20)
recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12060, 0x0) (async)
recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12060, 0x0)
close(r1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x49920d862a92153b, 0x0, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, 0x14, 0x8980}, [@IFLA_WEIGHT={0x8, 0xf, 0x7}]}, 0x28}}, 0x40000)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000bc0)={{{@in=@rand_addr=0x4, @in6=@private0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x20, 0x20}, {0x0, 0x0, 0x2, 0x0, 0x8, 0x8, 0x4}, {0x4, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in6=@remote, 0x4d3, 0x32}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x8}}, 0xe8)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x34, r6, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30) (async)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x34, r6, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='qrtr_ns_service_announce_new\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ba00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000140)={r1}, 0x8)
sendmsg$can_raw(r8, &(0x7f0000000340)={&(0x7f0000000180), 0x10, &(0x7f00000001c0)={&(0x7f00000002c0)=@canfd={{0x3}, 0x33, 0x1, 0x0, 0x0, "4cdace9f91504677bf3ccff743675b3d786f72c036ce0f6dc69eee3d3aaa77a7affbf3115bd9996ae88c8bfc26ba30de61cb5ce93f3d3d4dfcc3b29012a86097"}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x8804)
close(r8)

1.02387164s ago: executing program 1 (id=1895):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe24}, {0x0, 0x40c0}, {0x0}, {0x0}, {&(0x7f00000020c0), 0x500}], 0x5}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0, @ANYBLOB="1922000000000000140012800900010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x40)

1.006985659s ago: executing program 2 (id=1896):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x200, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x84}, 0x200080d0)
socketpair(0x29, 0x5, 0x6, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000200)={0x2bc, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x383}]}, @NL80211_ATTR_CQM={0x80, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xd}, @NL80211_ATTR_CQM_RSSI_THOLD={0x1c, 0x1, [0x3ff, 0x8, 0x5, 0x35fb, 0x1, 0x9]}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x874d}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x20, 0x1, [0x7f3, 0x10, 0x7, 0x5, 0xe, 0x5, 0x400]}, @NL80211_ATTR_CQM_RSSI_THOLD={0x20, 0x1, [0x1, 0x4, 0x2, 0x1, 0x3, 0x5, 0x4]}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x6}]}, @NL80211_ATTR_CQM={0x88, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x1]}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x3]}, @NL80211_ATTR_CQM_RSSI_THOLD={0x2c, 0x1, [0xd00, 0xff, 0x6, 0x8001, 0x401, 0x1, 0x9, 0x200, 0x7, 0x401]}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x3}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x43}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x2}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x75d}, @NL80211_ATTR_CQM_RSSI_THOLD={0x18, 0x1, [0xd4, 0x0, 0x2, 0x401, 0x3]}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x2cd}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x3}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x154}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x10, 0x1, [0x4, 0x3ff, 0x1]}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x3c}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x7}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xfffffff8}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x7fff}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x2d}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x5fb}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xfffffff9}]}, @NL80211_ATTR_CQM={0x3c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x2f}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x100}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x50}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x3df}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x6}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x4}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x10}]}, @NL80211_ATTR_CQM={0x24, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x2bce}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x2}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x4}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x58}]}, @NL80211_ATTR_CQM={0x6c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x2000000, 0x7]}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x80000001}, @NL80211_ATTR_CQM_RSSI_THOLD={0x14, 0x1, [0xe, 0x9, 0x4, 0x8]}, @NL80211_ATTR_CQM_RSSI_THOLD={0x20, 0x1, [0x6, 0x4, 0x1ff, 0x80, 0x3, 0x1, 0x29]}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x8000}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x10001}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x13}]}, @NL80211_ATTR_CQM={0x54, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x7}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x1fe}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x4}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x4}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x1b4}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x2f}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0xee}, @NL80211_ATTR_CQM_RSSI_THOLD={0x10, 0x1, [0x79, 0x200, 0x10]}]}]}, 0x2bc}, 0x1, 0x0, 0x0, 0x1}, 0x1) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$gtp(&(0x7f0000000580), r0)
sendmsg$GTP_CMD_DELPDP(r5, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x60, r6, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@GTPA_FAMILY={0x5, 0xd, 0x1a}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_MS_ADDR6={0x14, 0xc, @mcast2}, @GTPA_FAMILY={0x5, 0xd, 0x27}, @GTPA_FLOW={0x6}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x4000805) (async)
syz_genetlink_get_family_id$batadv(&(0x7f00000006c0), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000700)={'veth1_macvtap\x00', <r7=>0x0}) (async)
pwritev(r3, &(0x7f0000001a80)=[{&(0x7f0000000740)="67a53717bc77024c5787fb60691037dcaf520124d30b770ecc70d9900dcf437e2b381700760b6c177b3cb69e29aab16559cb743e79a6846a7896abf50637622a8e7e5666a5378892b2a3e81baa5498b89565444ea550b3c56ded2a429b3eceb4dcb8c6dc7d28b9c3f5ed4c2b64990078d8feee05b46941d1bb54fe03214c381a42f65ed06076cc0962ecde98316424030550dd55567232a3bcfbb1e523", 0x9d}, {&(0x7f0000000800)="8c86665c2005acb165b9cdc136c2c87b8a1801ffa604e5bbcfc19b6724c4894eab6439d1e319855b321e3c13e2738affe09e66bfc32775e1958a6c1d8725b51e3f18f562a9d62ed64a95a97c20d4ba4dd9f8c15ebc16f3e1347b43f6c067e8ca76fed32d0fdcf4d5d3efa1101a7dd451bd22ead0f6c47c8058c6ebd124d8a5ae3c551e814e563e15e1c7dfe1f6c4c0a768b95a2f32b9e6d495702b2388d73ae24044003427aced5992ac8d7d15ee22bcf566c87ee6adb8615efed7161efaa5952a66284b404e920747051ca859cd4da252b14df8a2934878e16f8629482227fea48f0cd64320cea7c381db33f7e40de82677734330efc04ac78acb05b1d42397782488fd9dea8c53c4a9113d370735e4e3198649646a31625b0bcfec752c90ba980a852bc53db04d498c9a6e2ed99765d8724c0bcd5ba752fef82eb41d2a6d70eb83f6019cf15ac3e5970df1a35b46a3fc78be77c919d71e99d0363616a278753fd79befc571edcfc47a483b68884b6a192737196e4b2f006dd20b2911268985362187df57cfe20dd10730c728fd2972af9c92980cd0ba0884abae65c7d1f911a162a649f6677c56521ba70b6aa67a95c55c3ad2102c427deb2f52d6d9668b89622c7d85f5e9fa10e85a5e402655d755e82c8bfb56b75c5f77209529789d4c79da69b2c3030faac3b4980db0d3fa8781c919ce857cc88a463d6f76e26b5a0f9b667dde187ab88173edb0a57559498db8fcbc732d4e51b0fa41efecac7c06bb129ca9f604711e2e2650a836348675a468b886103a95060f6ba2488fbcbb67f4da5b3742ad819a64093fdd915f18422d72c0c9d84c73cf9517bf967c306e4ea0d32962d5de7c75ca3cd767926df9de1d038d41d641f3aa2cbd915fe16dfff2d7f6ce52f91b32f4a6621fa9e6ed9c9c2669249de04b06ccb077983e24b7ecde1c698aa5fe3c6f3ba7049d2e28cf39811fd20962c1625fea48b0d1961267735370f093988a49af0401166d8d406d53aeb849ac4cfc7449716952d6d42b8219cc0414ab07add95294cd3e2756028bed3945b4333599e47de9e34034e0bb96870ddcc7c5ca4ef5316a221df3cbec8cd08d1704012ffbc5c5331ae071c5c6c46fffdfb81f2408b37ce058f7ff5d98467acaa80dc4e9a29997ba961096d6d17f56ae7349f8c45c535a63aed2ec7d7c87a0c84f1a52ce7a729c42e42c940be243343cd9a69748c67637002259c1d0d4b438a43284edb0ac3949add82648a65307998998b50d136c9b7fa4f8754a2bce0f469757b0691b5ec676d947a55b4e5d03170a0c12ed1a9e7d3d6190950ea52fc713328118e1491cc756465940d5d3653e71b2f75ea9a45286d34db90c2a1ad27bf0bebd8a18cbb2f895df056ee978b75294dd34ee6b342b54432b7f3b59079b5480433eb4b03d9fbaaa0c9d52ead5bcc95de64ae617d97e904bf940365bdbeb263c02a3a224009c5e2274e70e4d45a2c6f25c1779307fb4f0aebf43023ad005ed1a4755c8e4ab205e6bd840d018948610e3c743837776aca5a8417d4ba8a486a479de2f3d63c64ad91ce4aaeb41635fe7e2af64b69730e7f52b1eb6d2dd39803c8cc2f5d5630b7614c8e8fa6348ad7d50bbf3b7cf2ee3b41d5778d428ce7edbd97c3ef2513c1d4d01a28f0f9abdd9e78a773a71b3e7abc8df60dbe38682ecad7646457ccddbc667124cd278502b8bd69e16b406ab7bb728993d208331a867405e1c8fb585a07fe64630ff0a4b6c0b87d26dc8b48bdd11e6e4ed3b422518cf6654eeba47588c4c7f3221f3a217797ebf88329cacc95aae790ef551113a8112a4f64b7cb85349d83cdd7a94aa12cd6d435f79adf2363bae4a4c62238a559b8db3f675aba6c4c52df3fd62181219d766521fb91f5b00cf928572f3391767271a20734a287b76b8105a2a8f8c81b22b643a0eb256a6f507b1bc7b433e029db72eef3075f9b365e592f5ad2846ff2797a3fef03c6c7a14fa6bbff2f520dff9c0e0f4f81b63017bb8d07d4bd7ee886aff9ffe3188f088eb169971a7655062fc1739618853c655c382621e6522450877916530e2b31feb1416a23d9e126f2c3921ff3f0e434938f35c27f071471646cbd7fb6fdae8b545c3980c1b66ea297554773b1bce69c5781ea63bd85dbe34e19d7376d27d5efbcc34732acabc93b189b1bda946d3bbb3b58d137776cf554f91e70ee65016a842db61f89b5f102a34a1d42d9fe9341d36380b02eda7df2b689273ce53df47d3a99a11f8f0813729e1546b2073bad362f8d40b3e6e4d2f7f908b013de3e37e5a940e935036a0a624cfc2dd8e178a771055f9caf5a40fdef02b4d4fe359f4e28d8d72e4e59983a46d6c483af89d90183791345fc01aca2bcb35f1f88e46f1d7bf5ee778f26575258d5539300e8644780fb72eebb160738e8c0f3ca46077204338b77cecf469584a84d817e5b112a1bca4a8f54f1f8db705860cd275e79e50fb02fa1867d7104548e91c3f154ab3d5ec19db0681e0e60ebef5f9c3332e5fc69309db7860c96f1b3938a1bb638a21ec19c3dbc8a8fbda3d178f0b02b53c93485c88c15f30453b10b3f0d980394e4f456da55ec77be1dee19010357f0ee0b47156fcd2c2161de8d2941b6d8eab4234a7cd011a02265e7823a22bcbf9cde9e0fbec6f0ec12ebab87d428091cb0c14e2da2efa12e8576c8c141b3acee2904bd2760425038c34783ff072027a81e9dc964f698e33513711d897e5bc7f8520a14bbc4a38929204f1458dbd64e39d1812aeba3bff3bd59f894d8f05b10e0865944994f7ceb5ac359c6ddcb7cd8eadf3d24fa7963cec1c627fe91681908400ae89af02de291fbdefbadf7fad2666069356dc966b5f0375d037545b1d3772863fb448e45ddca1c61c1b528d730f57f5db6d90e7195a5e9ffac2e8d53d7e41184cc9ba049f38aeefde4b38794f86bc4523b57ca28ba5c1b4bb5835ad58ca37a55835bd292d23ea216088fd44cbb9858af649fc83db1b74f06851f54690c8fc0b012115b106c9ce4f75512935b654b47db7772fb3b7a0249cd4a63087d2911278d9f365f88271d674e0f3cb9d3f4fdba30f2f3406943a5d0e8e221f1f1bdb95ed4f3cbbde221328454a28930fc0c610eba6935b1e1e420c9ed0723e740d4ef0e5dbfcf62d14d00ece25d52af3b4d474ec967c1fc0a44cc780a2d9ac4ccce21add914dc7323523afd002fb028d84edd9bef84b1ac83a705e7e7d0a840a4be3175e94da47b355ca467c6736ac79e87370a295c5f9c0f4150b8d777c8fe019834bfc55528ed320d0d64b93641b3259169526ca5f6b77a9482efd0f6b023e005c59312dc10577a485be288ccc9e7e9774094def0b0baa4309296c024696bb3ac47cb8b955108f8cb694d5bad86d2f7e31836095220e2e74e191774a508e40c4c2566ab94ac08c3b78ff55e110b7e478ab124cc72838d39ee0385155bed45bad74cee983c4a18a0366fc732c77f4b43a8869403083e489e03c164ea3c24b353b8cc0ded5868f478d2d043a5988ef81f59e1afcfabdd6252827b8663bb2e9452e82b7043768f323e5a7d9fcf8e2ca1e4f466303b9279c31c06874e6e2da92e74a0373f95f43086500cd026270c398426e2f802f71439483b3919fe506b4c6b22bf77bd537df5af08faac2402ae55946ada7303fcfa5fa24100ced39ca7d7b9cc3dd1643b0796149a1c8051eb8efebaf646763ec87095871d6a8fb8e5fe027bbb509fb480138f06887e4cf458854d30acb92ba5725493d29e9ea568f97a2adabadbf4ad0295027ae6723d070c283cadec78107791f35ed4b32fc2dbbad17bd0faeb0506a81855266f6890199d953039f1432ffc53380477da6785765c522bd847c37936a624534ea52ae8c8ba0cdf7028aef097756043a46e8b2cad9e08910c2130816f3f05fb65896fe9b9859074f29950925c6346b6f885e43b6681e1801e5f9e434b3407505be44e9aebe0f75ea53ae5bee198dbb6226a80c6bd2d5ae38a5915e145b2c6770a954c15fc5bb31a87a869fe31252569fff3d572a641ad6322529c885c18c96d82f47bfddef34cd0bff899c9c0f8fca429cb9ff4783283df937927bc5f7c7cfbdae3b1c2563c40c59102f26ac910efbf9e47d927247c21735ed8d178e10a9b41d5df9c035e9f3b2d506c142e6142f94c7d0f79521e0dbc4c1ca3a21b2353b25ad92d1f025b9874b965484b8fd40758d2f956f20f503df700f3d6491ebb91a4410d4343b4d113e33513cb50097298d7173a9cbe426d6dc2f0dbcc4e059c2c2169176bfe807abe9976e896d2554dd1c28335439cf50f1572d63fc9e63f3a98bd6f672ef5ab7e2df12cc3c6e6325643624ffe5fb5a3751815baa25df6e39c3a01d03f054ac47c55ac4302d44ab5b0e18028c98d00c289b77a576d6fc3ea41b7a467a85a716532347e4f5816c8dcb3fe929c79998bba6bfcac7b45502fc96fc5397304269bb61b747c180686613ab363b5b52703fdb012c188abe8408aafbe37069eb888f3fd29c2d1b5de395be565db6a4d82e6ae7f900666e4f98e4d886978d91de6898fdb3dacfc77425319d0e393f9396833bcd7f8499af074b5e7f01ff7865f5b67a3e657d58b37adad01fe81103586dfabe8acae4b4ebdefefcffd0c179b420dacd9c54e85aa60dd53dcb5a79f8af62c373eda3b4c3a7a71d39be8fd6636f8e29dd3b682a455bcd782f9d29272ad3539dea46c07c049d96497302cd88a96b0e529487e6d81f785d3415e8e58fc8db63eba21e86284e6a8743355b9f4b6ecf5b22976ca581a2c7ce0be02205d887eaced8c85d7e713c48caef65a0400bb4efe70b82467ab635b51a63b0f11624b7b5bed84ed58d37667f6611c67b6ed79eac05a6329fa0bd5dc0054524ecbd4e3a0f6828e0baa4ed735f4186ab1b80e3f38ed31fee47d62ecd716dd93581e71562cf2d9768df80dc17c8fe06a1f795d508fc41d29f60304390f3c036720a1010fa724a7348ed8528948ea108f15e2f92c521b567bbf473bd978af29f41e314005641851770ee7c30ad1b7148f6f001959ea54134b498a72b0059fc2bd637ff05639205fd49d33f489a549932091a57446b3aa787d83758feaf55da4c490a2c5bf91d14d936ba5ec2072c3521156faba8a65a5123d3a9ca70c0bdf4f5698a38bb74a12394f2e75efdaf05c36c6fd4cc90ae7e5cbd3380405e84088538528b05762fb4d5e366ba98fb11dfdbfad1eab5b741baa51285969ae8fc96adaabd228987d92a45d6b35a3a1762d3960283c8083894b495103f33ddebd268e1ad13765a6a0cbb276bdb9407a0f681c770d6cc7d3aad92129753ca97c79d9731651a4c2ed1315b6c80ada18c49ce4e78c9e16dee807ae6fbd9b31b8ab244f27136c748bce5369d4f204eb5f4da2ce723d777c87aa19234aa1e1423c84cf82141a3e60429402834287c01331c41da07a55aaad736786a5948803caf5097fb152e6951f12c5a9cd9346612a21c0dea8e54d64b1acca51019f8e2768ba3b869140273ed6fe8a357081dc410775d8d1767da2db3f8609c2b03cb01cf5a11a3587c7df30a99fbf664021b4604f3fc45fc1a52f83b2013aee13e066a6b4c92b7746e14f0e2b7797d92a5a647300bbee95383dae3055c6ef856344ddc4258dbddde30df772488a08f22628c5e6ebda51a349c58464e53820f59f4c7aab1554a3c5511e57861ecf135f06b6a616ce101fd4703a9f8e08823cc7e36029f1f4d5ee909d4949cb59ebc2890e30edb935808fd1285781c51482bb0740abd3d6725e3c14c", 0x1000}, {&(0x7f0000001800)="585fdddc71c0cc12fe9500e015f628e29a7bd9323d6a06c8dd3276ad349b3d1764bbe831eab5cc916dc2d7e5259d1e20c88084f17c5240ef5a8560b397dd2d96b95f1a22e7953168d0f3bc50d4da5cf863ee058648993dd15c", 0x59}, {&(0x7f0000001880)="e61393b065b3fec32e300114d40ea2acf7f1ae870d61dd67300c89f47e5cf2ac9ad6669b03677c0cccf6183d24ca0f99e3a9902a608d5f20d8e3c97af1fb7b7ea64778436d3e18e2997ac93fc4a0568ae3a29d4f4bf0194f0e7e20bfde", 0x5d}, {&(0x7f0000001900)="23b9d5abd253cab2c32fd82d6449515c1c300bb76217a332f0957deff706c9fd94f4ae671a6a10fdf7", 0x29}, {&(0x7f0000001940)="f95a64c1bda0d61764bdd651dc25f34d0f7143db66f3338c93acb2386b9b7598d26fc5da43130a9625d5998a6f84571fdc955d9d78465c422ec94d0b8ea9eab46a6a7b45fcad641e85523c6217e58e80acf7741cd797d4e6688466ba8fcb728fa44f608c9abab4a55e3401ac5792b3458c993fb472157d43fc8d2f2ebb71163e0479f87d658b6e3e889c2b691d77b03dc425a69ec2265bff7839bc7a4165729b979a69dd3aefadb2b5cf0d8c26c4d88ec8c88378ae", 0xb5}, {&(0x7f0000001a00)="9a4931b728f6a8daf14f8893e681752c3ccedb43e5657b989ad644ae076195a7e847e77e5129c524b3dbf3184475b211cbe502abf0ca99437af600c5cb3121ee6edc9435d896ddaefbb5ef1d806ed7b4c38862673244a04f0ed43743f29d17faa0054df8b36984610bb58b7878be3a82e015bb0c2d324527ee1dab1beb", 0x7d}], 0x7, 0x8777, 0x80000001) (async)
sendmsg$L2TP_CMD_SESSION_MODIFY(r3, &(0x7f0000001bc0)={&(0x7f0000001b00), 0xc, &(0x7f0000001b80)={&(0x7f0000001b40)={0x2c, 0x0, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x8000}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x80}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) (async, rerun: 64)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
sendmsg$NFT_BATCH(r2, &(0x7f0000001d00)={&(0x7f0000001c00)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001c40)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELCHAIN={0x28, 0x5, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x20000005) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001d80), r3)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000002300)={&(0x7f0000001d40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000022c0)={&(0x7f0000001dc0)={0x4dc, r9, 0xa24, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_SCAN_SSIDS={0x28, 0x2d, 0x0, 0x1, [{0x5, 0x0, @random='I'}, {0xf, 0x0, @random="db2698508958a6dc4f8e8f"}, {0xa, 0x0, @default_ibss_ssid}]}, @NL80211_ATTR_SCAN_SUPP_RATES={0x1c0, 0x7d, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xf6, 0x2, "3874d0941c905b7ad5dc47d2e1cda0763ae4dc497a6354bf31f139e29ec680f8c4428147372af29b07de26e20ce14d168376a45eedc122da7dc0282535d3e5fbad6ab51574b8e2630fc6afa7e6b8ba043f11fa1c8184e9bb6f0ee39b147d4987d69db942c1398b6dd04edb0d9ccd8beb67a5cc7e8a1212fa15b7ba760aa3af8024243e754edc4461fbb561dcc540f07dfc77b5deea83c27e9c5ec68486d418927a98d08691023eca8cd8f6cbad852563c17b021d310a1a17da25ee13ce2051615d941e3a3413677b7a36d5aad238a6853cf8dc3d03402324e45e35f2d856b949d549dba0720545f86de54eca185c2291fc21"}, @NL80211_BAND_6GHZ={0x99, 0x3, "70044de1094382d3309e55179ca97caf3dea48b4258b46c1769a7f852094081ab458bc5d8deefad3bb62d3faf5954e7d4b9d7550ec28bc59dd874360d9dccb14d943a97978d823de5f8d776db273dbb324977d69a002190bbdcf426a0bfb5a321735f543dcc17c060e1ac6832d2dab44cf7b121fac88e96c2c887746bc16e42665e80db2cd08654e255b1648a5b82bb49de7b12b44"}, @NL80211_BAND_5GHZ={0x27, 0x1, "da7f1b1725a81e365e08fd0c72d3ca98ad2ceb3e2b03037196777bf770bf241a559fe9"}]}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x70, 0x84, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x3c, 0x6, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x8, 0x0, 0xfffffffe}, @NL80211_BAND_LC={0x8, 0x5, 0x3}, @NL80211_BAND_LC={0x8, 0x5, 0x7f}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x2}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x8}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x1}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x1}]}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0xc, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x3}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x5}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @from_mac=@device_b}]}]}, @NL80211_ATTR_SCAN_SUPP_RATES={0x260, 0x7d, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x29, 0x2, "0c2aff3465d31274bce1465d39219c99e7472f22ba510d3b00741b9d32ea85c906677124a2"}, @NL80211_BAND_2GHZ={0xcf, 0x0, "5bd26f10fcf8f4527f8d645efb6676300f5f08d6117d37b7ebea6440e682eddc36085db1e52c80adafaecfaf70afb1eb048cca19931b1fe9c4caba040ac793a975c50de6ff291b6f023e589893627f27ec57c61d16c2024c83cee61a3216a6ad39e79f8513c002cd0d7967db8e2a562597841be16326133e30f84498a9dd9bc64b042c0fcb5459b95c1a228a3702d1afd3c5fa05db4968bff95a5e64068810cb2dfb1e5d52fd39735a211ae8686f2102794aba10a3ece83740a4e9fd45e167277a34c8c7499e68821276cf"}, @NL80211_BAND_6GHZ={0x46, 0x3, "724ba83cb0064013c716aee788f3abb5bab306bdde56ff480f064518b9b54f2cac0439f9bc784451e64c0cf59895e520ea14f4c94bd9970f79b98f877574d6b5a487"}, @NL80211_BAND_5GHZ={0xf0, 0x1, "ff1384f304812a88ccbc95c40b50f31abee559d63500387aab584ad9a2865e35f20ea98b3cc38a2eae0543f2b7f97f773c376c77e57bb740f22faee91835d93f45a96494ed95975de29ba3de93c9106649511448dd5a76294c064b0dfd2c2e5685c024f17250bc0ea536e8eac974399a4740e951d59138aefc30702f8dede2fc80f4a2a64f2879ce09230203e8bb3c8992078b4f45b414cf9e9195d94a6df9977577b9d1beb8ca0fbee056387a7813fd4d3cb49df675b1dd7f5d6e9fded744304ed18d3381fa9727820ea592ff32abc08d4adc40175728458c3897adb6a1a7939f75379c8d590a3f8ec9cbbf"}, @NL80211_BAND_6GHZ={0x25, 0x3, "135c42eddc9a191461faeec8312c9e333047168111788ba790169f5da44497a678"}]}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x9}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x4dc}, 0x1, 0x0, 0x0, 0x40080}, 0x4844) (async)
socket$nl_route(0x10, 0x3, 0x0)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000002380), r2)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r5, &(0x7f0000002600)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000025c0)={&(0x7f00000023c0)={0x1f8, r10, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x52}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x903e}, {0x6, 0x11, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x797811fb}, {0x6, 0x11, 0xff}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x2}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x9}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xd4}, {0x6, 0x11, 0x2}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0xfe00}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x1000}, {0x6, 0x11, 0x3}}]}, 0x1f8}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000) (async, rerun: 32)
r11 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002680), r8)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000026c0)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_DISASSOCIATE(r11, &(0x7f0000002780)={&(0x7f0000002640)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000002740)={&(0x7f0000002700)={0x28, r12, 0x200, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}, 0x1, 0x0, 0x0, 0x20044004}, 0x1) (async, rerun: 64)
r14 = ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0) (async, rerun: 64)
r15 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f00000028c0)={&(0x7f00000027c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002880)={&(0x7f0000002800)={0x58, r6, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_NET_NS_FD={0x8, 0x7, r14}, @GTPA_FAMILY={0x5, 0xd, 0x25}, @GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_NET_NS_FD={0x8, 0x7, r15}, @GTPA_MS_ADDR6={0x14, 0xc, @private0={0xfc, 0x0, '\x00', 0x1}}, @GTPA_O_TEI={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x24000051) (async, rerun: 32)
r16 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002940), r3) (async, rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000002a00)={'syztnl0\x00', &(0x7f0000002980)={'ip6tnl0\x00', <r17=>r7, 0x2f, 0x1, 0x78, 0x6, 0x10, @remote, @private2, 0x1, 0x8000, 0x7fff, 0xfffff103}})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000002c00)={&(0x7f0000002900)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002bc0)={&(0x7f0000002ac0)={0x100, r16, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r17}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x80}, 0xc800)

974.191979ms ago: executing program 3 (id=1897):
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff00000000000000114242"], 0x0)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x11}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x8000000, 0x0, 0x0, 0x8000000}, 0x90)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000680)=""/234, 0xea}], 0x1}, 0x101}], 0x1, 0x60, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1c, 0x9, 0x6, 0x801, 0x0, 0x0, {0x1, 0x0, 0x7}, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40844}, 0x800)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x1)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x8607}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x20, 0x16, 0xa01, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x8, 0xa, 0x0, 0x0, @ipv4=@broadcast}]}, 0x20}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'lo\x00', &(0x7f0000000440)=@ethtool_eeprom={0xb, 0xff, 0xaa2}})
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), r2)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)={0x4c, r6, 0x300, 0x70bd27, 0x25dfdbff, {}, [@DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x9}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x4}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2}, 0x4)

889.35939ms ago: executing program 1 (id=1898):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_udp_int(r0, 0x11, 0xb, 0x0, &(0x7f0000000100))
syz_emit_ethernet(0x9d, &(0x7f0000000000)={@local, @random="0074d47f4800", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1800", 0x13dceca7f49629c4, 0x3a, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x38}, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x0, "ceb21659a0196f43d70080f11faca763f011771a3cbed2afe11af2ac6a56b6873e609e83a568851e028e7fdf820716176402581745e806f6f2d4843095498cc8f2c8bb29a02dd9d50167ee4ff30000000000005ad9e2a848a1b45400d4e90b"}}}}}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x40083, 0x715cb}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e00000085000000a000000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

813.875542ms ago: executing program 0 (id=1899):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c00068004"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r0)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x98, r4, 0x20, 0x70bd29, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xfd}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x9}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x81}]}, 0x98}, 0x1, 0x0, 0x0, 0x4000}, 0x4008000)
bind(r2, &(0x7f0000000000)=@in6={0xa, 0x4e22, 0x6, @private2, 0x13cf}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x40, 0x41}, 0x48)
sendmsg$nl_route(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001900)=@bridge_delneigh={0x28, 0x1e, 0x1, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x7}]}, 0x28}}, 0x0)

760.731235ms ago: executing program 1 (id=1900):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x2, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @empty}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfb}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @loopback}}, @sadb_key={0x1, 0x8}]}, 0x58}, 0x1, 0x7}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000006c0)=@updsa={0x148, 0x1a, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x6c}, @in6=@private2, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @replay_val={0x10}]}, 0x148}}, 0x0)

660.640631ms ago: executing program 2 (id=1901):
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
pipe(&(0x7f0000000080))
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$igmp(0x2, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xb)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
socket$pppoe(0x18, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x30000)

660.233513ms ago: executing program 3 (id=1902):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10)
recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x9}], 0x2, 0x40000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xe, &(0x7f0000000740)=ANY=[], 0x0}, 0x94)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000240)={&(0x7f0000000180)=@can={{0x3, 0x0, 0x0, 0x1}, 0x0, 0x2, 0x0, 0x0, "cc8aa50a78eb7ef9"}, 0x10}, 0x1, 0x0, 0x0, 0x2400a000}, 0x4000080)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x20000000)

617.385761ms ago: executing program 0 (id=1903):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r2, &(0x7f0000001480)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x14, r1, 0x300, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004095}, 0x40009)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r4, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x68, r5, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_FRAME={0x42, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, {0x10}, @broadcast, @device_a, @initial, {0xc, 0x9}, @value=@ver_80211n={0x0, 0x62, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1}}, 0x0, 0x2, {}, @void, @val={0x2d, 0x1a, {0x80, 0x2, 0x2, 0x0, {0xf, 0x9, 0x0, 0x9, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x8, 0x3, 0x5}}}}]}, 0x68}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-384-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56", 0x2)
pipe(&(0x7f0000000300)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x80, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0)
ioctl$FIDEDUPERANGE(r7, 0xc0189436, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
sendmsg$nl_route_sched_retired(r7, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x410040}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)=@deltclass={0xea0, 0x29, 0x10, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r9, {0xc, 0xb}, {0x9, 0x9}, {0x9, 0xb}}, [@c_atm={{0x8}, {0x68, 0x2, [@TCA_ATM_HDR={0x1a, 0x3, "6b83b2c4af40e3edd55adfd9f76cf40e1f670a19470f"}, @TCA_ATM_HDR={0x1b, 0x3, "e4a489d7f585e70a459e3ae4c1025541551233267e4877"}, @TCA_ATM_HDR={0x1d, 0x3, "de094f653e826bf86557b6f51cc9840d9aa09b1874af659dcf"}, @TCA_ATM_HDR={0xc, 0x3, "f6ff35b2a9f72754"}]}}, @c_cbq={{0x8}, {0x440, 0x2, [@TCA_CBQ_LSSOPT={0x18, 0x1, {0x2f, 0x0, 0x4, 0x5, 0x6, 0x3ff, 0x3e, 0x9d}}, @TCA_CBQ_RTAB={0x404, 0x6, [0x4, 0x80, 0xcda, 0xe0a, 0xff, 0x5, 0x5, 0x1, 0xffffff01, 0x1, 0x0, 0x9, 0x3ff, 0x3, 0x2, 0x101, 0x0, 0x9, 0x7f, 0x2, 0x0, 0x0, 0x8, 0xfff, 0x400, 0x2, 0x4, 0x80000001, 0x9, 0x7, 0x3, 0x1, 0x5, 0x8a, 0xfffffffc, 0x8, 0x1ff, 0x7, 0x0, 0x8, 0x3, 0x8, 0x2, 0x1, 0x7f80000, 0x0, 0x40, 0xbc6, 0x9, 0x7, 0x6, 0x9, 0x7, 0x0, 0x6, 0x2, 0x4, 0xf8000000, 0xfffffffd, 0x100, 0x2, 0x4, 0x1, 0x1, 0x0, 0x3, 0x6, 0x9, 0x80000000, 0xe, 0x6, 0x2, 0x3, 0x8001, 0xfffffffb, 0x4, 0x24000000, 0x4, 0x0, 0x1, 0x26a, 0x6, 0x0, 0x8513, 0x6, 0x2000000, 0x6, 0x2, 0x8, 0x1, 0x7, 0xee3, 0x101, 0x40, 0x74, 0x1, 0x5, 0x3, 0x16, 0x7, 0xe, 0x81, 0x600, 0x1000, 0xfffffffa, 0x3, 0x7, 0x9, 0x5, 0x9, 0x9, 0x6c, 0x4, 0x584a1f27, 0x8000, 0x5, 0x0, 0x6, 0x1c15, 0x4, 0xe, 0x5, 0x2, 0x6, 0x2, 0x3, 0x2, 0x100, 0xa8, 0x7, 0x8, 0x6, 0x5, 0x4, 0x1, 0x0, 0x9, 0x260, 0x8000, 0x7, 0x5, 0x8, 0x0, 0xfffffff7, 0x200, 0xe, 0x0, 0x67f, 0x1, 0x6a09c75c, 0x6, 0x75, 0xdb3, 0x8, 0x9, 0x9, 0x80000000, 0x9, 0x1, 0x453b, 0x0, 0x1000, 0x1, 0xc, 0x0, 0x6, 0x7, 0x10, 0x80000001, 0x3062, 0x9, 0x4, 0xa73, 0x2f, 0xfffffb25, 0x5, 0xa, 0x3, 0x3, 0x9d, 0xd997, 0x4, 0x5, 0x3, 0x9, 0xc2c, 0x101, 0xfffffff9, 0x6, 0x0, 0x6, 0x8, 0x5, 0x9, 0x7, 0x400, 0x8000, 0xd, 0x6b1, 0x1d0ea0, 0x8b1c, 0x4, 0x8000, 0x3ff, 0x9, 0x3, 0x0, 0x4, 0x2, 0xfffffffc, 0x8, 0x5, 0x0, 0x40, 0xf9, 0x1, 0xf, 0x5, 0x101, 0x2, 0x2400000, 0xfff, 0x6, 0x9, 0x4, 0x7fffffff, 0x8, 0x4713e586, 0x9, 0x4, 0x1, 0x50f, 0x5, 0x0, 0x7, 0x7fff, 0x8, 0x200, 0x2, 0x82, 0x8, 0x6, 0x100, 0x6, 0x4, 0x80000000, 0x2, 0x7, 0x400, 0x4, 0xfffffff8, 0x9, 0x9, 0x2, 0x6acc40e8, 0x1]}, @TCA_CBQ_RATE={0x10, 0x5, {0x7f, 0x0, 0x10, 0x1, 0x1}}, @TCA_CBQ_FOPT={0x10, 0x3, {{0xc, 0x3}, 0x9, 0xffff}}]}}, @c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_MASK={0x5, 0x4, 0x6}}}, @c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x5, 0x5, 0xd0}}}, @c_atm={{0x8}, {0xdc, 0x2, [@TCA_ATM_HDR={0x2f, 0x3, "623f16b5737392a4d522f2b97a83da6b6c1314ed83d6e33aec58ed4a6ee0548007ed1a8e4229a61e1b8665"}, @TCA_ATM_HDR={0x34, 0x3, "5086a5eead4129f09d96abd2c0e27dea37dde8deae28907f29978065ff5130717140b9ff3d3ca62b510d336e8766f67e"}, @TCA_ATM_EXCESS={0x8, 0x4, {0x8, 0x4}}, @TCA_ATM_FD={0x8, 0x1, r0}, @TCA_ATM_HDR={0x2f, 0x3, "15e8c7126df8140e1cf220c150bcf0e808fe95c2b028917f871c1a2388d602b4d17b98acdf985dbfce1e09"}, @TCA_ATM_EXCESS={0x8, 0x4, {0xe, 0x7}}, @TCA_ATM_EXCESS={0x8, 0x4, {0x1, 0xd}}, @TCA_ATM_HDR={0x19, 0x3, "e1bd4afcca6ad46503aab2ea76cbf2028c0bd53205"}, @TCA_ATM_FD={0x8, 0x1, r0}]}}, @c_cbq={{0x8}, {0x44, 0x2, [@TCA_CBQ_RATE={0x10, 0x5, {0x2, 0x0, 0x4, 0x8001, 0x9}}, @TCA_CBQ_FOPT={0x10, 0x3, {{0xb, 0xffff}, 0xc6d, 0x101}}, @TCA_CBQ_WRROPT={0x10, 0x2, {0xe, 0x8, 0x4, 0x8, 0x3}}, @TCA_CBQ_WRROPT={0x10, 0x2, {0x1, 0x7, 0xa1, 0x0, 0x3ff, 0x5}}]}}, @c_cbq={{0x8}, {0x85c, 0x2, [@TCA_CBQ_WRROPT={0x10, 0x2, {0x9, 0x8, 0x0, 0xbd, 0x2, 0x787}}, @TCA_CBQ_LSSOPT={0x18, 0x1, {0x1e, 0x0, 0x1, 0x23, 0x6, 0x8, 0x8000, 0x2}}, @TCA_CBQ_LSSOPT={0x18, 0x1, {0x9, 0x2, 0x15, 0x8, 0x2, 0x9, 0x80, 0x1}}, @TCA_CBQ_RATE={0x10, 0x5, {0x6e, 0x1, 0x401, 0x5, 0x4, 0x4b8c}}, @TCA_CBQ_RTAB={0x404, 0x6, [0x9, 0x2ad, 0xfffffff8, 0x8, 0x245d, 0xf, 0x1000, 0x6, 0x2, 0xd, 0xa3, 0x6, 0xfffffffc, 0xe9, 0x1, 0xdd8, 0x40, 0xb2d, 0xf04f, 0x8, 0x6000000, 0x7, 0x5, 0x4, 0xfff, 0x9, 0x7, 0x2, 0x4, 0x7, 0xff, 0x1, 0x7, 0x2, 0x5, 0x7, 0x81, 0xfffffff9, 0x9, 0x6, 0x3, 0x7, 0x6, 0x9, 0x50, 0x4, 0x80, 0x6, 0x1, 0x3, 0x5, 0xff, 0xffffffff, 0x1, 0xff, 0xca6, 0x7, 0x10000, 0x7, 0x1, 0x31, 0xc, 0x4, 0x6, 0x0, 0x7f, 0x2, 0x1, 0x240000, 0x5, 0x9, 0x8, 0x3ff, 0x73ce, 0x8001, 0x3, 0x6, 0xd, 0xea, 0x8, 0x5, 0xfffffff3, 0x2, 0x0, 0x7ce0, 0x5000000, 0x7f, 0x8001, 0x1, 0x80, 0x101, 0x7, 0xe, 0xe, 0x0, 0x3, 0xff, 0x5, 0xa, 0x51, 0x10, 0x1ff, 0x2ae, 0x38, 0x0, 0x0, 0x2, 0x8, 0x3, 0x4a1c91c5, 0x9, 0x3, 0x5b4, 0x246, 0x9, 0x6, 0x2, 0x8, 0x5, 0x0, 0x6, 0x7fff, 0x80000001, 0x91f, 0x120, 0xc, 0x5, 0xc912, 0x7, 0xeb, 0x6, 0x7ff, 0x0, 0x6, 0xca, 0x7, 0x1, 0x0, 0x0, 0x0, 0x1, 0x6, 0x5, 0x6f, 0x48, 0x6, 0x80, 0x9, 0x2, 0x6, 0x76, 0x62192e1, 0x3, 0x2, 0x0, 0x0, 0x2, 0xfffffffd, 0x7, 0xfffffff4, 0xe0000, 0x9, 0x4, 0x1, 0xcd5, 0x8, 0x6, 0x2, 0x81, 0x7, 0xa, 0x67f6, 0x3a6d, 0xff, 0xf, 0x2, 0x7, 0x401, 0x8, 0x0, 0xc, 0x5, 0x7, 0x7fffffff, 0x3, 0x400, 0x4, 0x2, 0x4, 0x401, 0x1, 0x5, 0x401, 0x1, 0x7fffffff, 0x5, 0x5e91, 0x4, 0x0, 0xa0, 0xb1, 0x0, 0x3, 0x6, 0x6, 0x1, 0xfffffff7, 0x0, 0x3, 0x0, 0x1, 0xfffffffa, 0x1c000000, 0x5, 0x1d1f, 0x3, 0xffffffff, 0x7, 0x6, 0xd97, 0x2, 0x3ff, 0xc6, 0x1, 0x8, 0x80000000, 0xca, 0x9, 0x7, 0x7fff, 0xe232, 0x2, 0x6, 0x7, 0x3, 0xe, 0x2, 0x8, 0x100, 0x9, 0x7, 0x3, 0xe, 0xebf, 0xfffffff1, 0x66db, 0x2, 0xac, 0x1, 0x8001, 0x8, 0x1, 0xff, 0x9, 0x2, 0x3ff]}, @TCA_CBQ_RTAB={0x404, 0x6, [0x1, 0x3, 0x8, 0x1, 0x5, 0xffffffff, 0x9, 0x10001, 0x3b7, 0xa1, 0x0, 0x9, 0xe1, 0x0, 0x0, 0xa9b8, 0x106, 0x1ee2, 0xe5, 0x81, 0x22, 0x400, 0x5b9dee0c, 0x1, 0x49, 0x8139, 0x2, 0xfffffffd, 0x8, 0x1, 0x8, 0xdc, 0x608e, 0x3, 0x3ff, 0x3, 0x2, 0x4, 0x5, 0xffffff7e, 0xc5c3, 0x1ad, 0x5, 0x1, 0x2, 0x7, 0x101, 0x5, 0x1, 0x74882be4, 0x4, 0x5, 0x9, 0x3, 0x4, 0x8001, 0x80, 0x7fff, 0x9, 0x9, 0x8d, 0x10001, 0xb, 0x100, 0x2, 0x1, 0x6, 0xb, 0x4, 0x8, 0x1, 0x0, 0x1000, 0x3, 0x200, 0x4, 0x1ff, 0x0, 0xf2f, 0x3ff, 0xe, 0x8000, 0x8001, 0xc, 0x8, 0x1, 0x9, 0x65, 0xfffffff9, 0x8d, 0x4, 0x85, 0xd72, 0x1ff, 0x15, 0x200, 0x8, 0x0, 0x1000, 0x2, 0x0, 0xffffffff, 0x8, 0x2, 0x4, 0x7f, 0x4, 0x3, 0x5, 0x0, 0x1, 0x1, 0x6, 0x2, 0xa85, 0x2, 0x5, 0x3, 0x800, 0x7, 0x6, 0x5, 0xfff, 0x8, 0xffffffff, 0x401, 0x7, 0xd, 0x1, 0x8, 0xcf, 0xfffffffa, 0x1ffe000, 0xfffffffa, 0x6, 0x9, 0x4, 0x1, 0x1, 0x400, 0xec4e, 0xf21, 0x958, 0x6, 0x2, 0x7, 0x81, 0x7ff, 0x94, 0x8, 0xc, 0x8000, 0xb, 0x1, 0x3, 0x9, 0x6, 0x7, 0x80, 0x8, 0x5, 0xcb19, 0x6, 0x10001, 0x6, 0xfffffffc, 0x1, 0x0, 0x800, 0x3, 0x3, 0x6, 0x0, 0x3, 0x0, 0xffffffff, 0x400, 0xf55, 0x5f6794ba, 0x5, 0x4, 0xfff, 0x4, 0x7f, 0x3, 0x5, 0xfffffffa, 0xf67f, 0x8, 0x100, 0x49, 0xdf, 0x10001, 0x302, 0x8, 0x2, 0x6, 0xf, 0x71f3, 0xdce, 0x1, 0x959, 0x6, 0x80, 0x0, 0x5, 0x20000000, 0x9ce7, 0x4, 0x43cd, 0x4, 0x4, 0x3, 0xfff, 0x13123f52, 0x6, 0x7d, 0x5, 0x61d, 0x4fd80000, 0x8, 0x8, 0x6b96, 0x5, 0x8, 0x2, 0x3, 0x1, 0x7, 0x80000000, 0x8, 0x5, 0x1f5, 0x8, 0x8001, 0xffff, 0xaffc, 0x6df, 0x5, 0xfffffffe, 0x4, 0xfffffff9, 0xffffffff, 0x5, 0x7, 0xc, 0x4, 0x9, 0x6, 0x6, 0xd623, 0x8000, 0x39b, 0x5596, 0x6, 0x1000]}]}}]}, 0xea0}, 0x1, 0x0, 0x0, 0x15}, 0x4000040)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r10, 0x8914, &(0x7f0000001380)={'tunl0\x00', 0x100})
sendmsg$NFT_MSG_GETTABLE(r6, &(0x7f0000001340)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001300)={&(0x7f00000012c0)={0x3c, 0x1, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_FLAGS={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x4000)
r11 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x28, r11, 0x50dc85624ea6cf59, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x28}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="d60a5bb5f7771199489b2600000000000061110000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80)

549.742481ms ago: executing program 2 (id=1904):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1896d99092202cbd7000240000210a780200", @ANYRES32=0x0], 0x18}}, 0x0)

483.212376ms ago: executing program 3 (id=1905):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000240)={0xfffb, 0x5, 0x4, 0x6, 0x9, 0x8001, 0x0, 0x4, r3}, 0x20)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000100)={r3, 0x5}, 0x8)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="90000000", @ANYRES16=r4, @ANYBLOB="050200000024000000000f00000008000300", @ANYRES32=r5, @ANYRES32=r4], 0x90}}, 0x0)

413.051604ms ago: executing program 4 (id=1906):
socketpair(0x22, 0xa, 0x1ff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000002000000000000000008500000061000000850000000700000095"], &(0x7f0000000200)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x1f2f, 0x22, 0x0, &(0x7f0000000440)="9f44947021919559684010a408002d7a5d4153f0226dcacf36a548ab01b5cb16afce", 0x0, 0x0, 0x0, 0x0, 0xc0, 0x0, &(0x7f0000000580)="06000000e163a1e841f40df2cd0bf7059fa3e938181322c860b54b1365fdcf07b3b6cee510ae46cb0900001000000000f8d81d246c7ce9e66f813f64f1df9ff13a660358ca101ac28ae055fa04fa324e3a45ede8471c652ee3804f1c95fbb6f8d89dc0517ad21e3b517c0d343f47b91fe7bcea724fe3656487a7925a1c71daf5e46b870cfd506007fdba7370fd0054b201b8750b15ddffff77f438e2aa32c8fe6314ee831756f39012683df6ceb8e449ea96f260d17dd86ec4ac553a5b92bd84"}, 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f000001a100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@setlink={0x44, 0x13, 0x800, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x48283}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0x7f}, @IFLA_TXQLEN={0x8, 0xd, 0x5}, @IFLA_NET_NS_FD={0x8}, @IFLA_ADDRESS={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f8c0000000c0a01080000000000000000010000000900020073797a3200000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c0001400000000000000000140001800c000100636f756e74657200000000000000058011e70000666c6f775f6f66666c6f6164000000000900010073797a30"], 0x110}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="30000000190001000000000000"], 0x30}}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2)
socket$packet(0x11, 0x3, 0x300)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f00000001c0)={@empty, @local, 0x0, "450cfa4b8ba6c8f11d937340c577c969d205dc0fce67830da210d707c86aa133", 0x10000, 0xffff, 0x3ff, 0xfffffe01}, 0x3c)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x40, r6, 0x4, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x1000}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x2}, @L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x40}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x54184}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}}], {0x14, 0x10}}, 0x5c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)

386.325228ms ago: executing program 2 (id=1907):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
socket(0x1d, 0x2, 0x6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
accept4$x25(0xffffffffffffffff, 0x0, 0x0, 0x101000)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3000000010000108000000000000000001000000", @ANYRES32=0x0, @ANYBLOB="000000000000000008000400699b000008001b"], 0x30}}, 0x0)
socket$unix(0x1, 0x2, 0x0)

379.630737ms ago: executing program 1 (id=1908):
r0 = socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
bind$tipc(r1, 0x0, 0x0)
close(r0)

313.117184ms ago: executing program 0 (id=1909):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000d00000095"], &(0x7f0000000700)='GPL\x00'}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r1, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8a85009a10d943a, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffff81, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x64)
ppoll(&(0x7f0000000040)=[{r1, 0x4040}], 0x1, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000100)={[0x100]}, 0x8)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

183.46105ms ago: executing program 1 (id=1910):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000000000000002000000020000000200000000000000000000010500000008009000000000000100000500000000000000000100009541433b000000"], 0x0, 0x5a}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x10002, 0x0, 0x1}, 0x48)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r4)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x1c, r5, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x2000c001)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x2, &(0x7f0000000000)=""/31, &(0x7f0000000040)=0x1f)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100165749b4454ceee6736168c22f15000080000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="040000000100"/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r6, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
r9 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f00000004c0), &(0x7f0000000600)=0x10, 0x100800)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000680)={'wg2\x00', &(0x7f0000000640)=@ethtool_sfeatures={0x3b, 0x2, [{0x1, 0xbb}, {0x6941}]}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r8, 0x20, &(0x7f0000000100)={0x0, 0x0, <r10=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001840)=r10, 0x4)
r11 = openat$cgroup_ro(r6, &(0x7f0000000440)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1a, 0x5, &(0x7f0000000300)=@raw=[@map_fd={0x18, 0x3, 0x1, 0x0, r7}, @alu={0x7, 0x0, 0xd, 0x7, 0x9, 0xfffffffffffffff0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0xdf}], &(0x7f0000000340)='GPL\x00', 0x1b97b0e1, 0x5c, &(0x7f0000000380)=""/92, 0x1f00, 0x1, '\x00', r2, @tracing=0x1c, r0, 0x8, &(0x7f0000000400)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, r10, r11, 0x2, 0x0, &(0x7f0000000480)=[{0x1, 0x5, 0x5, 0x3}, {0x0, 0x3, 0xf, 0x9}], 0x10, 0x5}, 0x94)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=r10, 0xfffffffffffffe25)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="030000000400ff0704000000020000000000800002a1a72c174ee167f5c1fc3c35358d692a697b100500000000000000b5c2cac42ebc938b7e48f75d4b09a9376dedae93754c7e54211ac16841671c02f084a2", @ANYRES32=0x1, @ANYBLOB='\b\x00'/20, @ANYRES32=r2, @ANYRES32=r12, @ANYBLOB="04000000010000000200"/28], 0x50)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000210a0108fdffffff0000000000000000630003"], 0x2cc}}, 0x0)

172.347909ms ago: executing program 2 (id=1911):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000004700)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, 0x0}, 0x80000001}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000240)}, 0x80000000}, {{&(0x7f0000000180)=@nfc_llcp, 0x80, &(0x7f0000000100)=[{&(0x7f00000003c0)=""/79, 0x4f}, {&(0x7f0000000500)=""/96, 0x60}, {&(0x7f00000009c0)=""/74, 0x4a}], 0x3, &(0x7f0000000a40)=""/111, 0x6f}, 0x2}, {{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000000240)=""/41, 0x29}, {&(0x7f0000001ac0)=""/4096, 0x1000}, {&(0x7f00000005c0)=""/32, 0x20}, {&(0x7f0000000e40)=""/227, 0xe3}, {&(0x7f0000000880)=""/5, 0x5}, {&(0x7f0000000ac0)=""/55, 0x37}, {&(0x7f0000000f40)=""/1, 0x1}, {&(0x7f0000001740)=""/169, 0xa9}, {&(0x7f0000000f80)=""/46, 0x2e}], 0x9, &(0x7f0000002ac0)=""/170, 0xaa}, 0x4}, {{0x0, 0x0, &(0x7f0000004000)}, 0x6}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}}], 0x9, 0x4022, 0x0)

93.259973ms ago: executing program 0 (id=1912):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000000f80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002740)=""/4090, 0xffa}, {&(0x7f0000000300)=""/130, 0x82}], 0x2}}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000680)=""/96, 0x60}, {&(0x7f0000000700)=""/104, 0x68}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000003740)=""/4083, 0xff3}], 0x4}, 0x8}], 0x3, 0x2, 0x0)

92.743445ms ago: executing program 3 (id=1913):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x406f413, 0x700) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r1 = socket(0x10, 0x803, 0x0) (rerun: 32)
sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async, rerun: 64)
recvmmsg(r1, &(0x7f00000037c0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x2, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6_vti0\x00', <r3=>0x0}) (async)
r4 = socket(0x10, 0x3, 0x6)
socket(0x10, 0x3, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000040)) (async)
r5 = gettid() (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r6 = socket(0x10, 0x803, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) (async, rerun: 32)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c00000010000304f9ffbffffedbdf2500007400", @ANYRES32=r3, @ANYBLOB="049c01000750050008001300", @ANYRES32=r5, @ANYBLOB="1400030076"], 0x3c}, 0x1, 0x0, 0x0, 0x4802}, 0x0) (rerun: 32)

4.366375ms ago: executing program 4 (id=1914):
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
pipe(&(0x7f0000000080))
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$igmp(0x2, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xb)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
socket$pppoe(0x18, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0xfcffff)

0s ago: executing program 1 (id=1915):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10)
recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x9}], 0x2, 0x40000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xe, &(0x7f0000000740)=ANY=[], 0x0}, 0x94)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000240)={&(0x7f0000000180)=@can={{0x3, 0x0, 0x0, 0x1}, 0x0, 0x2, 0x0, 0x0, "cc8aa50a78eb7ef9"}, 0x10}, 0x1, 0x0, 0x0, 0x2400a000}, 0x4000080)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x20000000)

kernel console output (not intermixed with test programs):

190][ T8454]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.726217][ T8454]  ? __pfx__printk+0x10/0x10
[  162.726253][ T8454]  ? __pfx___might_resched+0x10/0x10
[  162.726278][ T8454]  ? fs_reclaim_acquire+0x7d/0x100
[  162.726314][ T8454]  should_fail_ex+0x414/0x560
[  162.726360][ T8454]  should_failslab+0xa8/0x100
[  162.726390][ T8454]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  162.726418][ T8454]  ? __alloc_skb+0x112/0x2d0
[  162.726448][ T8454]  __alloc_skb+0x112/0x2d0
[  162.726478][ T8454]  netlink_ack+0x146/0xa50
[  162.726510][ T8454]  ? __pfx_genl_rcv_msg+0x10/0x10
[  162.726562][ T8454]  netlink_rcv_skb+0x28c/0x470
[  162.726590][ T8454]  ? __pfx_genl_rcv_msg+0x10/0x10
[  162.726624][ T8454]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  162.726670][ T8454]  ? down_read+0x1ad/0x2e0
[  162.726697][ T8454]  genl_rcv+0x28/0x40
[  162.726727][ T8454]  netlink_unicast+0x759/0x8e0
[  162.726763][ T8454]  netlink_sendmsg+0x805/0xb30
[  162.726801][ T8454]  ? __pfx_netlink_sendmsg+0x10/0x10
[  162.726832][ T8454]  ? aa_sock_msg_perm+0x94/0x160
[  162.726866][ T8454]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  162.726898][ T8454]  ? __pfx_netlink_sendmsg+0x10/0x10
[  162.726927][ T8454]  __sock_sendmsg+0x21c/0x270
[  162.726952][ T8454]  ____sys_sendmsg+0x505/0x830
[  162.726988][ T8454]  ? __pfx_____sys_sendmsg+0x10/0x10
[  162.727027][ T8454]  ? import_iovec+0x74/0xa0
[  162.727075][ T8454]  ___sys_sendmsg+0x21f/0x2a0
[  162.727112][ T8454]  ? __pfx____sys_sendmsg+0x10/0x10
[  162.727179][ T8454]  ? __fget_files+0x2a/0x420
[  162.727207][ T8454]  ? __fget_files+0x3a0/0x420
[  162.727247][ T8454]  __x64_sys_sendmsg+0x19b/0x260
[  162.727280][ T8454]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  162.727320][ T8454]  ? __pfx_ksys_write+0x10/0x10
[  162.727356][ T8454]  ? rcu_is_watching+0x15/0xb0
[  162.727388][ T8454]  ? do_syscall_64+0xbe/0x3b0
[  162.727414][ T8454]  do_syscall_64+0xfa/0x3b0
[  162.727434][ T8454]  ? lockdep_hardirqs_on+0x9c/0x150
[  162.727467][ T8454]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.727488][ T8454]  ? clear_bhb_loop+0x60/0xb0
[  162.727514][ T8454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.727533][ T8454] RIP: 0033:0x7f950858e929
[  162.727551][ T8454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.727567][ T8454] RSP: 002b:00007f95093eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  162.727589][ T8454] RAX: ffffffffffffffda RBX: 00007f95087b5fa0 RCX: 00007f950858e929
[  162.727668][ T8454] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000005
[  162.727684][ T8454] RBP: 00007f95093eb090 R08: 0000000000000000 R09: 0000000000000000
[  162.727697][ T8454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.727709][ T8454] R13: 0000000000000000 R14: 00007f95087b5fa0 R15: 00007ffc46dfce28
[  162.727741][ T8454]  </TASK>
[  163.403041][ T8476] FAULT_INJECTION: forcing a failure.
[  163.403041][ T8476] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.477534][ T8476] CPU: 0 UID: 0 PID: 8476 Comm: syz.0.816 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  163.477567][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.477582][ T8476] Call Trace:
[  163.477591][ T8476]  <TASK>
[  163.477600][ T8476]  dump_stack_lvl+0x189/0x250
[  163.477635][ T8476]  ? __pfx____ratelimit+0x10/0x10
[  163.477673][ T8476]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.477702][ T8476]  ? __pfx__printk+0x10/0x10
[  163.477736][ T8476]  ? __might_fault+0xb0/0x130
[  163.477778][ T8476]  should_fail_ex+0x414/0x560
[  163.477819][ T8476]  _copy_from_iter+0x1db/0x16f0
[  163.477848][ T8476]  ? rcu_is_watching+0x15/0xb0
[  163.477879][ T8476]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  163.477910][ T8476]  ? __pfx__copy_from_iter+0x10/0x10
[  163.477937][ T8476]  ? __build_skb_around+0x257/0x3e0
[  163.477969][ T8476]  ? netlink_sendmsg+0x642/0xb30
[  163.478002][ T8476]  ? skb_put+0x11b/0x210
[  163.478035][ T8476]  netlink_sendmsg+0x6b2/0xb30
[  163.478076][ T8476]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.478110][ T8476]  ? aa_sock_msg_perm+0x94/0x160
[  163.478149][ T8476]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  163.478186][ T8476]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.478215][ T8476]  __sock_sendmsg+0x21c/0x270
[  163.478241][ T8476]  ____sys_sendmsg+0x505/0x830
[  163.478280][ T8476]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.478323][ T8476]  ? import_iovec+0x74/0xa0
[  163.478356][ T8476]  ___sys_sendmsg+0x21f/0x2a0
[  163.478390][ T8476]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.478473][ T8476]  ? __fget_files+0x2a/0x420
[  163.478504][ T8476]  ? __fget_files+0x3a0/0x420
[  163.478549][ T8476]  __x64_sys_sendmsg+0x19b/0x260
[  163.478584][ T8476]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  163.478628][ T8476]  ? __pfx_ksys_write+0x10/0x10
[  163.478661][ T8476]  ? do_syscall_64+0xbe/0x3b0
[  163.478690][ T8476]  do_syscall_64+0xfa/0x3b0
[  163.478712][ T8476]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.478748][ T8476]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.478772][ T8476]  ? clear_bhb_loop+0x60/0xb0
[  163.478801][ T8476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.478823][ T8476] RIP: 0033:0x7f20d0f8e929
[  163.478845][ T8476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.478864][ T8476] RSP: 002b:00007f20d1d1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.478889][ T8476] RAX: ffffffffffffffda RBX: 00007f20d11b6080 RCX: 00007f20d0f8e929
[  163.478906][ T8476] RDX: 0000000020004004 RSI: 0000200000000bc0 RDI: 0000000000000004
[  163.478921][ T8476] RBP: 00007f20d1d1e090 R08: 0000000000000000 R09: 0000000000000000
[  163.478935][ T8476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.478948][ T8476] R13: 0000000000000001 R14: 00007f20d11b6080 R15: 00007ffc4ee26e88
[  163.478984][ T8476]  </TASK>
[  164.019237][ T8463] syz.2.814 (8463) used greatest stack depth: 16184 bytes left
[  164.272621][ T8498] sock: sock_set_timeout: `syz.3.820' (pid 8498) tries to set negative timeout
[  164.525146][ T8509] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  164.542929][ T8514] netlink: 'syz.3.826': attribute type 1 has an invalid length.
[  165.277029][ T8537] FAULT_INJECTION: forcing a failure.
[  165.277029][ T8537] name failslab, interval 1, probability 0, space 0, times 0
[  165.363330][ T8537] CPU: 0 UID: 0 PID: 8537 Comm: syz.4.833 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  165.363359][ T8537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  165.363372][ T8537] Call Trace:
[  165.363380][ T8537]  <TASK>
[  165.363389][ T8537]  dump_stack_lvl+0x189/0x250
[  165.363420][ T8537]  ? __pfx____ratelimit+0x10/0x10
[  165.363455][ T8537]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.363481][ T8537]  ? __pfx__printk+0x10/0x10
[  165.363514][ T8537]  ? __pfx___might_resched+0x10/0x10
[  165.363540][ T8537]  ? fs_reclaim_acquire+0x7d/0x100
[  165.363576][ T8537]  should_fail_ex+0x414/0x560
[  165.363614][ T8537]  should_failslab+0xa8/0x100
[  165.363644][ T8537]  __kmalloc_noprof+0xcb/0x4f0
[  165.363668][ T8537]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  165.363710][ T8537]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  165.363761][ T8537]  genl_family_rcv_msg_doit+0xb8/0x300
[  165.363804][ T8537]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  165.363840][ T8537]  ? rcu_is_watching+0x15/0xb0
[  165.363870][ T8537]  ? apparmor_capable+0x137/0x1b0
[  165.363897][ T8537]  ? bpf_lsm_capable+0x9/0x20
[  165.363922][ T8537]  ? security_capable+0x7e/0x2e0
[  165.363962][ T8537]  genl_rcv_msg+0x60e/0x790
[  165.364009][ T8537]  ? __pfx_genl_rcv_msg+0x10/0x10
[  165.364040][ T8537]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  165.364070][ T8537]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[  165.364103][ T8537]  ? __pfx_nl802154_post_doit+0x10/0x10
[  165.364153][ T8537]  netlink_rcv_skb+0x205/0x470
[  165.364180][ T8537]  ? __pfx_genl_rcv_msg+0x10/0x10
[  165.364215][ T8537]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  165.364271][ T8537]  ? down_read+0x1ad/0x2e0
[  165.364296][ T8537]  genl_rcv+0x28/0x40
[  165.364325][ T8537]  netlink_unicast+0x759/0x8e0
[  165.364362][ T8537]  netlink_sendmsg+0x805/0xb30
[  165.364399][ T8537]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.364429][ T8537]  ? aa_sock_msg_perm+0x94/0x160
[  165.364464][ T8537]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  165.364495][ T8537]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.364522][ T8537]  __sock_sendmsg+0x21c/0x270
[  165.364547][ T8537]  ____sys_sendmsg+0x505/0x830
[  165.364582][ T8537]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.364620][ T8537]  ? import_iovec+0x74/0xa0
[  165.364650][ T8537]  ___sys_sendmsg+0x21f/0x2a0
[  165.364679][ T8537]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.364749][ T8537]  ? __fget_files+0x2a/0x420
[  165.364777][ T8537]  ? __fget_files+0x3a0/0x420
[  165.364818][ T8537]  __x64_sys_sendmsg+0x19b/0x260
[  165.364848][ T8537]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  165.364909][ T8537]  ? __pfx_ksys_write+0x10/0x10
[  165.364941][ T8537]  ? do_syscall_64+0xbe/0x3b0
[  165.364968][ T8537]  do_syscall_64+0xfa/0x3b0
[  165.364987][ T8537]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.365027][ T8537]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.365048][ T8537]  ? clear_bhb_loop+0x60/0xb0
[  165.365075][ T8537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.365094][ T8537] RIP: 0033:0x7f5608b8e929
[  165.365113][ T8537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.365130][ T8537] RSP: 002b:00007f5609a36038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.365152][ T8537] RAX: ffffffffffffffda RBX: 00007f5608db6080 RCX: 00007f5608b8e929
[  165.365167][ T8537] RDX: 0000000020004004 RSI: 0000200000000bc0 RDI: 0000000000000004
[  165.365180][ T8537] RBP: 00007f5609a36090 R08: 0000000000000000 R09: 0000000000000000
[  165.365192][ T8537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.365204][ T8537] R13: 0000000000000001 R14: 00007f5608db6080 R15: 00007fff06158bd8
[  165.365239][ T8537]  </TASK>
[  166.228161][ T8560] __nla_validate_parse: 20 callbacks suppressed
[  166.228188][ T8560] netlink: 248 bytes leftover after parsing attributes in process `syz.4.840'.
[  166.380002][ T8571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.844'.
[  166.389696][ T8563] delete_channel: no stack
[  166.423823][ T8571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.844'.
[  166.476690][ T8571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.844'.
[  166.506389][ T8576] netlink: 4 bytes leftover after parsing attributes in process `syz.3.844'.
[  166.617712][ T8580] netlink: 'syz.4.847': attribute type 1 has an invalid length.
[  166.648804][ T8580] netlink: 224 bytes leftover after parsing attributes in process `syz.4.847'.
[  166.718527][ T8589] netlink: 'syz.3.849': attribute type 29 has an invalid length.
[  166.785948][ T8589] netlink: 596 bytes leftover after parsing attributes in process `syz.3.849'.
[  167.060031][ T8601] netlink: 'syz.3.854': attribute type 1 has an invalid length.
[  167.102724][ T8601] netlink: 20 bytes leftover after parsing attributes in process `syz.3.854'.
[  167.170859][ T8604] FAULT_INJECTION: forcing a failure.
[  167.170859][ T8604] name failslab, interval 1, probability 0, space 0, times 0
[  167.243401][ T8604] CPU: 1 UID: 0 PID: 8604 Comm: syz.0.853 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  167.243432][ T8604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  167.243444][ T8604] Call Trace:
[  167.243453][ T8604]  <TASK>
[  167.243462][ T8604]  dump_stack_lvl+0x189/0x250
[  167.243494][ T8604]  ? __pfx____ratelimit+0x10/0x10
[  167.243529][ T8604]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.243554][ T8604]  ? __pfx__printk+0x10/0x10
[  167.243591][ T8604]  ? __pfx___might_resched+0x10/0x10
[  167.243615][ T8604]  ? fs_reclaim_acquire+0x7d/0x100
[  167.243651][ T8604]  should_fail_ex+0x414/0x560
[  167.243688][ T8604]  should_failslab+0xa8/0x100
[  167.243718][ T8604]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  167.243745][ T8604]  ? __alloc_skb+0x112/0x2d0
[  167.243775][ T8604]  __alloc_skb+0x112/0x2d0
[  167.243805][ T8604]  netlink_ack+0x146/0xa50
[  167.243827][ T8604]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.243857][ T8604]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  167.243889][ T8604]  ? __pfx_nl802154_post_doit+0x10/0x10
[  167.243945][ T8604]  netlink_rcv_skb+0x28c/0x470
[  167.243972][ T8604]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.244006][ T8604]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  167.244052][ T8604]  ? down_read+0x1ad/0x2e0
[  167.244079][ T8604]  genl_rcv+0x28/0x40
[  167.244109][ T8604]  netlink_unicast+0x759/0x8e0
[  167.244146][ T8604]  netlink_sendmsg+0x805/0xb30
[  167.244184][ T8604]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.244215][ T8604]  ? aa_sock_msg_perm+0x94/0x160
[  167.244250][ T8604]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  167.244282][ T8604]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.244309][ T8604]  __sock_sendmsg+0x21c/0x270
[  167.244334][ T8604]  ____sys_sendmsg+0x505/0x830
[  167.244368][ T8604]  ? __pfx_____sys_sendmsg+0x10/0x10
[  167.244407][ T8604]  ? import_iovec+0x74/0xa0
[  167.244442][ T8604]  ___sys_sendmsg+0x21f/0x2a0
[  167.244473][ T8604]  ? __pfx____sys_sendmsg+0x10/0x10
[  167.244544][ T8604]  ? __fget_files+0x2a/0x420
[  167.244571][ T8604]  ? __fget_files+0x3a0/0x420
[  167.244612][ T8604]  __x64_sys_sendmsg+0x19b/0x260
[  167.244643][ T8604]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  167.244702][ T8604]  ? __pfx_ksys_write+0x10/0x10
[  167.244733][ T8604]  ? do_syscall_64+0xbe/0x3b0
[  167.244759][ T8604]  do_syscall_64+0xfa/0x3b0
[  167.244778][ T8604]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.244811][ T8604]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.244832][ T8604]  ? clear_bhb_loop+0x60/0xb0
[  167.244858][ T8604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.244878][ T8604] RIP: 0033:0x7f20d0f8e929
[  167.244897][ T8604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.244914][ T8604] RSP: 002b:00007f20d1d1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  167.244948][ T8604] RAX: ffffffffffffffda RBX: 00007f20d11b6080 RCX: 00007f20d0f8e929
[  167.244963][ T8604] RDX: 0000000020004004 RSI: 0000200000000bc0 RDI: 0000000000000004
[  167.244976][ T8604] RBP: 00007f20d1d1e090 R08: 0000000000000000 R09: 0000000000000000
[  167.244989][ T8604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.245001][ T8604] R13: 0000000000000001 R14: 00007f20d11b6080 R15: 00007ffc4ee26e88
[  167.245044][ T8604]  </TASK>
[  167.645588][ T8614] sch_tbf: burst 8 is lower than device ip6tnl0 mtu (39785) !
[  168.002021][ T8628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.859'.
[  168.030710][ T8634] netlink: 'syz.3.862': attribute type 1 has an invalid length.
[  168.053904][ T8628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.859'.
[  168.319835][ T8646] netlink: 'syz.2.865': attribute type 29 has an invalid length.
[  168.521699][ T8652] FAULT_INJECTION: forcing a failure.
[  168.521699][ T8652] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.564933][ T8652] CPU: 1 UID: 0 PID: 8652 Comm: syz.0.867 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  168.564964][ T8652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  168.564977][ T8652] Call Trace:
[  168.564986][ T8652]  <TASK>
[  168.564995][ T8652]  dump_stack_lvl+0x189/0x250
[  168.565027][ T8652]  ? __pfx____ratelimit+0x10/0x10
[  168.565062][ T8652]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.565088][ T8652]  ? __pfx__printk+0x10/0x10
[  168.565117][ T8652]  ? __might_fault+0xb0/0x130
[  168.565155][ T8652]  should_fail_ex+0x414/0x560
[  168.565192][ T8652]  _copy_from_iter+0x1db/0x16f0
[  168.565228][ T8652]  ? __pfx__copy_from_iter+0x10/0x10
[  168.565254][ T8652]  ? dev_get_by_index+0x22/0x2e0
[  168.565287][ T8652]  ? dev_get_by_index+0x22/0x2e0
[  168.565319][ T8652]  ? skb_put+0x11b/0x210
[  168.565348][ T8652]  raw_sendmsg+0x399/0x1180
[  168.565389][ T8652]  ? __pfx_raw_sendmsg+0x10/0x10
[  168.565426][ T8652]  ? aa_sock_msg_perm+0x94/0x160
[  168.565460][ T8652]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  168.565492][ T8652]  ? __pfx_raw_sendmsg+0x10/0x10
[  168.565522][ T8652]  __sock_sendmsg+0x21c/0x270
[  168.565546][ T8652]  ____sys_sendmsg+0x505/0x830
[  168.565581][ T8652]  ? __pfx_____sys_sendmsg+0x10/0x10
[  168.565619][ T8652]  ? import_iovec+0x74/0xa0
[  168.565648][ T8652]  ___sys_sendmsg+0x21f/0x2a0
[  168.565679][ T8652]  ? __pfx____sys_sendmsg+0x10/0x10
[  168.565754][ T8652]  ? __fget_files+0x2a/0x420
[  168.565782][ T8652]  ? __fget_files+0x3a0/0x420
[  168.565823][ T8652]  __x64_sys_sendmsg+0x19b/0x260
[  168.565860][ T8652]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  168.565899][ T8652]  ? __pfx_ksys_write+0x10/0x10
[  168.565921][ T8652]  ? rcu_is_watching+0x15/0xb0
[  168.565952][ T8652]  ? do_syscall_64+0xbe/0x3b0
[  168.565978][ T8652]  do_syscall_64+0xfa/0x3b0
[  168.565997][ T8652]  ? lockdep_hardirqs_on+0x9c/0x150
[  168.566030][ T8652]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.566051][ T8652]  ? clear_bhb_loop+0x60/0xb0
[  168.566077][ T8652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.566098][ T8652] RIP: 0033:0x7f20d0f8e929
[  168.566116][ T8652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.566134][ T8652] RSP: 002b:00007f20d1d3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  168.566156][ T8652] RAX: ffffffffffffffda RBX: 00007f20d11b5fa0 RCX: 00007f20d0f8e929
[  168.566171][ T8652] RDX: 0000000020000000 RSI: 0000200000000440 RDI: 0000000000000003
[  168.566185][ T8652] RBP: 00007f20d1d3f090 R08: 0000000000000000 R09: 0000000000000000
[  168.566198][ T8652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.566210][ T8652] R13: 0000000000000000 R14: 00007f20d11b5fa0 R15: 00007ffc4ee26e88
[  168.566242][ T8652]  </TASK>
[  168.926295][ T8657] netlink: 'syz.4.869': attribute type 1 has an invalid length.
[  169.344542][ T8680] netlink: 'syz.2.876': attribute type 1 has an invalid length.
[  169.373020][ T8680] netlink: 'syz.2.876': attribute type 10 has an invalid length.
[  169.408457][ T8684] netlink: 'syz.2.876': attribute type 1 has an invalid length.
[  169.727807][ T8699] netlink: 'syz.3.880': attribute type 29 has an invalid length.
[  169.918048][ T8701] netlink: 'syz.2.882': attribute type 1 has an invalid length.
[  169.973767][ T5860] Bluetooth: hci4: command 0x0405 tx timeout
[  170.153504][ T8715] netlink: 'syz.1.888': attribute type 9 has an invalid length.
[  170.274807][ T8722] FAULT_INJECTION: forcing a failure.
[  170.274807][ T8722] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.316942][ T8722] CPU: 1 UID: 0 PID: 8722 Comm: syz.2.887 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  170.316975][ T8722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  170.316989][ T8722] Call Trace:
[  170.316996][ T8722]  <TASK>
[  170.317005][ T8722]  dump_stack_lvl+0x189/0x250
[  170.317036][ T8722]  ? __pfx____ratelimit+0x10/0x10
[  170.317069][ T8722]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.317094][ T8722]  ? __pfx__printk+0x10/0x10
[  170.317137][ T8722]  should_fail_ex+0x414/0x560
[  170.317176][ T8722]  _copy_to_user+0x31/0xb0
[  170.317204][ T8722]  simple_read_from_buffer+0xe1/0x170
[  170.317237][ T8722]  proc_fail_nth_read+0x1df/0x250
[  170.317271][ T8722]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  170.317307][ T8722]  ? rw_verify_area+0x258/0x650
[  170.317330][ T8722]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  170.317364][ T8722]  vfs_read+0x200/0x980
[  170.317394][ T8722]  ? __pfx___mutex_lock+0x10/0x10
[  170.317418][ T8722]  ? __pfx_vfs_read+0x10/0x10
[  170.317444][ T8722]  ? __fget_files+0x2a/0x420
[  170.317478][ T8722]  ? __fget_files+0x3a0/0x420
[  170.317505][ T8722]  ? __fget_files+0x2a/0x420
[  170.317545][ T8722]  ksys_read+0x145/0x250
[  170.317581][ T8722]  ? __pfx_ksys_read+0x10/0x10
[  170.317613][ T8722]  ? do_syscall_64+0xbe/0x3b0
[  170.317639][ T8722]  do_syscall_64+0xfa/0x3b0
[  170.317659][ T8722]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.317692][ T8722]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.317713][ T8722]  ? clear_bhb_loop+0x60/0xb0
[  170.317738][ T8722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.317758][ T8722] RIP: 0033:0x7fcc49d8d33c
[  170.317777][ T8722] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  170.317795][ T8722] RSP: 002b:00007fcc4ac8a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  170.317818][ T8722] RAX: ffffffffffffffda RBX: 00007fcc49fb6080 RCX: 00007fcc49d8d33c
[  170.317833][ T8722] RDX: 000000000000000f RSI: 00007fcc4ac8a0a0 RDI: 0000000000000003
[  170.317846][ T8722] RBP: 00007fcc4ac8a090 R08: 0000000000000000 R09: 0000000000000000
[  170.317859][ T8722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.317872][ T8722] R13: 0000000000000001 R14: 00007fcc49fb6080 R15: 00007ffdd115e548
[  170.317904][ T8722]  </TASK>
[  171.428056][ T8768] __nla_validate_parse: 23 callbacks suppressed
[  171.428077][ T8768] netlink: 8 bytes leftover after parsing attributes in process `syz.2.902'.
[  171.662875][ T8782] ÿ
: renamed from bond0
[  171.998641][ T8795] FAULT_INJECTION: forcing a failure.
[  171.998641][ T8795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.047508][ T8795] CPU: 1 UID: 0 PID: 8795 Comm: syz.3.909 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  172.047541][ T8795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  172.047554][ T8795] Call Trace:
[  172.047563][ T8795]  <TASK>
[  172.047572][ T8795]  dump_stack_lvl+0x189/0x250
[  172.047605][ T8795]  ? __pfx____ratelimit+0x10/0x10
[  172.047639][ T8795]  ? __pfx_dump_stack_lvl+0x10/0x10
[  172.047674][ T8795]  ? __pfx__printk+0x10/0x10
[  172.047716][ T8795]  should_fail_ex+0x414/0x560
[  172.047755][ T8795]  _copy_to_user+0x31/0xb0
[  172.047784][ T8795]  simple_read_from_buffer+0xe1/0x170
[  172.047817][ T8795]  proc_fail_nth_read+0x1df/0x250
[  172.047853][ T8795]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.047888][ T8795]  ? rw_verify_area+0x258/0x650
[  172.047912][ T8795]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.047945][ T8795]  vfs_read+0x200/0x980
[  172.047975][ T8795]  ? __pfx___mutex_lock+0x10/0x10
[  172.048003][ T8795]  ? __pfx_vfs_read+0x10/0x10
[  172.048029][ T8795]  ? __fget_files+0x2a/0x420
[  172.048063][ T8795]  ? __fget_files+0x3a0/0x420
[  172.048090][ T8795]  ? __fget_files+0x2a/0x420
[  172.048129][ T8795]  ksys_read+0x145/0x250
[  172.048157][ T8795]  ? __pfx_ksys_read+0x10/0x10
[  172.048178][ T8795]  ? rcu_is_watching+0x15/0xb0
[  172.048211][ T8795]  ? do_syscall_64+0xbe/0x3b0
[  172.048237][ T8795]  do_syscall_64+0xfa/0x3b0
[  172.048257][ T8795]  ? lockdep_hardirqs_on+0x9c/0x150
[  172.048289][ T8795]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.048311][ T8795]  ? clear_bhb_loop+0x60/0xb0
[  172.048338][ T8795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.048359][ T8795] RIP: 0033:0x7f950858d33c
[  172.048378][ T8795] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  172.048398][ T8795] RSP: 002b:00007f95093eb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  172.048420][ T8795] RAX: ffffffffffffffda RBX: 00007f95087b5fa0 RCX: 00007f950858d33c
[  172.048434][ T8795] RDX: 000000000000000f RSI: 00007f95093eb0a0 RDI: 0000000000000004
[  172.048445][ T8795] RBP: 00007f95093eb090 R08: 0000000000000000 R09: 0000000000000000
[  172.048459][ T8795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.048471][ T8795] R13: 0000000000000000 R14: 00007f95087b5fa0 R15: 00007ffc46dfce28
[  172.048505][ T8795]  </TASK>
[  172.124070][ T8801] validate_nla: 3 callbacks suppressed
[  172.124094][ T8801] netlink: 'syz.0.911': attribute type 29 has an invalid length.
[  172.345290][ T8807] netlink: 596 bytes leftover after parsing attributes in process `syz.0.911'.
[  172.390317][ T8806] netlink: 'syz.0.911': attribute type 29 has an invalid length.
[  172.451658][ T8811] netlink: 20 bytes leftover after parsing attributes in process `syz.3.913'.
[  172.641981][ T8817] netlink: 4 bytes leftover after parsing attributes in process `syz.2.915'.
[  172.671498][ T8817] netlink: 4 bytes leftover after parsing attributes in process `syz.2.915'.
[  172.683986][ T8822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.916'.
[  172.700314][ T8817] netlink: 4 bytes leftover after parsing attributes in process `syz.2.915'.
[  172.711544][ T8824] netlink: 596 bytes leftover after parsing attributes in process `syz.4.914'.
[  172.721193][ T8822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.916'.
[  172.730686][ T8823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.915'.
[  172.923801][ T8836] xt_socket: unknown flags 0x50
[  172.971855][ T8841] netlink: 'syz.0.919': attribute type 1 has an invalid length.
[  173.508259][ T8860] netlink: 'syz.2.926': attribute type 29 has an invalid length.
[  173.547556][ T8860] netlink: 'syz.2.926': attribute type 29 has an invalid length.
[  173.849178][ T8876] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  174.171879][ T8891] netlink: 'syz.3.938': attribute type 1 has an invalid length.
[  174.437538][ T8904] netlink: 'syz.3.942': attribute type 4 has an invalid length.
[  174.475661][ T8908] netlink: 'syz.4.943': attribute type 29 has an invalid length.
[  174.504258][ T8908] netlink: 'syz.4.943': attribute type 29 has an invalid length.
[  174.886886][ T8936] netlink: 'syz.0.952': attribute type 1 has an invalid length.
[  175.397302][ T8963] xt_TPROXY: Can be used only with -p tcp or -p udp
[  175.486123][ T8958] 8021q: adding VLAN 0 to HW filter on device bond3
[  175.500349][ T8958] bond2: (slave bond3): making interface the new active one
[  175.516329][ T8958] bond2: (slave bond3): Enslaving as an active interface with an up link
[  178.300277][ T8975] validate_nla: 4 callbacks suppressed
[  178.300302][ T8975] netlink: 'syz.3.967': attribute type 29 has an invalid length.
[  178.339401][ T8975] __nla_validate_parse: 27 callbacks suppressed
[  178.339425][ T8975] netlink: 596 bytes leftover after parsing attributes in process `syz.3.967'.
[  178.371932][ T8980] netlink: 168 bytes leftover after parsing attributes in process `syz.2.966'.
[  178.402223][ T8980] netlink: 40 bytes leftover after parsing attributes in process `syz.2.966'.
[  178.639546][ T8996] netlink: 'syz.4.969': attribute type 1 has an invalid length.
[  178.656014][ T8996] netlink: 224 bytes leftover after parsing attributes in process `syz.4.969'.
[  178.765661][ T9001] netlink: 'syz.3.971': attribute type 29 has an invalid length.
[  178.809451][ T9002] netlink: 'syz.2.970': attribute type 11 has an invalid length.
[  178.844408][ T9002] netlink: 224 bytes leftover after parsing attributes in process `syz.2.970'.
[  178.853994][ T9001] netlink: 'syz.3.971': attribute type 29 has an invalid length.
[  179.060705][ T9011] netlink: 4 bytes leftover after parsing attributes in process `syz.2.974'.
[  179.099830][ T9011] netlink: 4 bytes leftover after parsing attributes in process `syz.2.974'.
[  179.154129][ T9011] netlink: 4 bytes leftover after parsing attributes in process `syz.2.974'.
[  179.454917][ T9031] netlink: 'syz.3.981': attribute type 29 has an invalid length.
[  179.512641][ T9031] netlink: 596 bytes leftover after parsing attributes in process `syz.3.981'.
[  179.568830][ T9036] netlink: 'syz.0.983': attribute type 1 has an invalid length.
[  179.609421][ T9036] netlink: 224 bytes leftover after parsing attributes in process `syz.0.983'.
[  179.820121][ T9043] netlink: 'syz.3.986': attribute type 29 has an invalid length.
[  179.856985][ T9043] netlink: 'syz.3.986': attribute type 29 has an invalid length.
[  180.504277][ T9079] netlink: 'syz.1.998': attribute type 29 has an invalid length.
[  180.536676][ T9077] netlink: 'syz.2.997': attribute type 1 has an invalid length.
[  180.748187][ T9077] 8021q: adding VLAN 0 to HW filter on device bond4
[  180.775017][ T9077] bond4: entered promiscuous mode
[  180.780498][ T9077] bond4: entered allmulticast mode
[  180.787441][ T9077] bond0: (slave bond4): Enslaving as an active interface with an up link
[  180.975118][ T9077] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.017937][ T9094] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  181.095818][ T9077] bridge_slave_0 (unregistering): left allmulticast mode
[  181.113183][ T9077] bridge_slave_0 (unregistering): left promiscuous mode
[  181.121487][ T9077] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.419209][ T9131] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  181.594783][ T9138] hsr_slave_0: left promiscuous mode
[  181.616170][ T9138] hsr_slave_1: left promiscuous mode
[  182.292135][ T9156] 8021q: adding VLAN 0 to HW filter on device bond1
[  182.305104][ T9156] bond0: (slave bond1): Enslaving as an active interface with an up link
[  182.423668][ T9156] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.465237][ T9165] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  182.584480][ T9156] bridge_slave_0 (unregistering): left allmulticast mode
[  182.592636][ T9156] bridge_slave_0 (unregistering): left promiscuous mode
[  182.604698][ T9156] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.045622][ T9200] sctp: [Deprecated]: syz.4.1038 (pid 9200) Use of int in maxseg socket option.
[  183.045622][ T9200] Use struct sctp_assoc_value instead
[  183.407522][ T9215] validate_nla: 18 callbacks suppressed
[  183.407553][ T9215] netlink: 'syz.2.1043': attribute type 29 has an invalid length.
[  183.484961][ T9221] netlink: 'syz.2.1043': attribute type 29 has an invalid length.
[  183.524760][ T9220] __nla_validate_parse: 38 callbacks suppressed
[  183.524783][ T9220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1045'.
[  183.537886][ T9215] netlink: 596 bytes leftover after parsing attributes in process `syz.2.1043'.
[  183.576011][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1045'.
[  183.650793][ T9228] delete_channel: no stack
[  183.678632][ T9219] lo: entered allmulticast mode
[  183.694868][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1045'.
[  183.714110][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1045'.
[  183.761669][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1045'.
[  183.807406][ T9230] netlink: 'syz.1.1048': attribute type 29 has an invalid length.
[  183.830036][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1045'.
[  183.846610][ T9230] netlink: 'syz.1.1048': attribute type 29 has an invalid length.
[  183.872143][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1045'.
[  183.884440][ T9230] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1048'.
[  183.925067][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1045'.
[  184.116345][ T9247] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  184.247429][ T9249] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  184.711418][ T9277] netlink: 'syz.4.1062': attribute type 29 has an invalid length.
[  184.725135][ T9277] netlink: 'syz.4.1062': attribute type 29 has an invalid length.
[  184.861492][ T9281] netlink: 'syz.0.1066': attribute type 29 has an invalid length.
[  184.877056][ T9281] netlink: 'syz.0.1066': attribute type 29 has an invalid length.
[  184.922048][ T9284] netlink: 'syz.3.1068': attribute type 1 has an invalid length.
[  185.029357][ T9284] 8021q: adding VLAN 0 to HW filter on device bond2
[  185.041108][ T9284] bond0: (slave bond2): Enslaving as an active interface with an up link
[  185.224500][ T9299] netlink: 'syz.0.1073': attribute type 1 has an invalid length.
[  185.274101][ T9300] __sock_release: fasync list not empty!
[  185.731533][ T9324] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  186.405731][ T9360] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  187.238960][ T9406] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  187.254111][ T9410] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  187.753780][ T9438] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  188.387268][ T9477] FAULT_INJECTION: forcing a failure.
[  188.387268][ T9477] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.402826][ T9477] CPU: 0 UID: 0 PID: 9477 Comm: syz.3.1150 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  188.402857][ T9477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  188.402872][ T9477] Call Trace:
[  188.402880][ T9477]  <TASK>
[  188.402889][ T9477]  dump_stack_lvl+0x189/0x250
[  188.402923][ T9477]  ? __pfx____ratelimit+0x10/0x10
[  188.402958][ T9477]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.402985][ T9477]  ? __pfx__printk+0x10/0x10
[  188.403015][ T9477]  ? __might_fault+0xb0/0x130
[  188.403053][ T9477]  should_fail_ex+0x414/0x560
[  188.403091][ T9477]  _copy_from_user+0x2d/0xb0
[  188.403118][ T9477]  ___sys_sendmsg+0x158/0x2a0
[  188.403151][ T9477]  ? __pfx____sys_sendmsg+0x10/0x10
[  188.403221][ T9477]  ? __fget_files+0x2a/0x420
[  188.403249][ T9477]  ? __fget_files+0x3a0/0x420
[  188.403288][ T9477]  __x64_sys_sendmsg+0x19b/0x260
[  188.403319][ T9477]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  188.403358][ T9477]  ? __pfx_ksys_write+0x10/0x10
[  188.403380][ T9477]  ? rcu_is_watching+0x15/0xb0
[  188.403412][ T9477]  ? do_syscall_64+0xbe/0x3b0
[  188.403438][ T9477]  do_syscall_64+0xfa/0x3b0
[  188.403458][ T9477]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.403491][ T9477]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.403512][ T9477]  ? clear_bhb_loop+0x60/0xb0
[  188.403538][ T9477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.403559][ T9477] RIP: 0033:0x7f950858e929
[  188.403579][ T9477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.403598][ T9477] RSP: 002b:00007f95093eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  188.403622][ T9477] RAX: ffffffffffffffda RBX: 00007f95087b5fa0 RCX: 00007f950858e929
[  188.403638][ T9477] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  188.403652][ T9477] RBP: 00007f95093eb090 R08: 0000000000000000 R09: 0000000000000000
[  188.403665][ T9477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.403679][ T9477] R13: 0000000000000000 R14: 00007f95087b5fa0 R15: 00007ffc46dfce28
[  188.403712][ T9477]  </TASK>
[  188.559305][ T9482] validate_nla: 22 callbacks suppressed
[  188.559331][ T9482] netlink: 'syz.2.1153': attribute type 29 has an invalid length.
[  188.681371][ T9484] netlink: 'syz.2.1153': attribute type 29 has an invalid length.
[  188.714236][ T9486] netlink: 'syz.4.1155': attribute type 29 has an invalid length.
[  188.752927][ T9486] netlink: 'syz.4.1155': attribute type 29 has an invalid length.
[  188.792783][ T9486] __nla_validate_parse: 79 callbacks suppressed
[  188.792806][ T9486] netlink: 500 bytes leftover after parsing attributes in process `syz.4.1155'.
[  188.824749][ T9489] netlink: 'syz.3.1156': attribute type 1 has an invalid length.
[  188.833686][ T9486] unsupported nla_type 58
[  188.846828][ T9489] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1156'.
[  188.883109][ T9491] IPv6: NLM_F_CREATE should be specified when creating new route
[  188.958013][ T9498] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.1160'.
[  189.212544][ T9515] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1165'.
[  189.406083][ T9523] netlink: 'syz.4.1168': attribute type 29 has an invalid length.
[  189.418012][ T9524] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  189.432822][ T9523] netlink: 'syz.4.1168': attribute type 29 has an invalid length.
[  189.596640][ T9532] FAULT_INJECTION: forcing a failure.
[  189.596640][ T9532] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.633586][ T9532] CPU: 1 UID: 0 PID: 9532 Comm: syz.1.1171 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  189.633618][ T9532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.633631][ T9532] Call Trace:
[  189.633640][ T9532]  <TASK>
[  189.633649][ T9532]  dump_stack_lvl+0x189/0x250
[  189.633680][ T9532]  ? __pfx____ratelimit+0x10/0x10
[  189.633715][ T9532]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.633741][ T9532]  ? __pfx__printk+0x10/0x10
[  189.633771][ T9532]  ? __might_fault+0xb0/0x130
[  189.633810][ T9532]  should_fail_ex+0x414/0x560
[  189.633847][ T9532]  _copy_from_iter+0x1db/0x16f0
[  189.633881][ T9532]  ? policy_nodemask+0x27c/0x720
[  189.633917][ T9532]  ? __pfx__copy_from_iter+0x10/0x10
[  189.633946][ T9532]  ? set_page_refcounted+0xa0/0x1e0
[  189.633973][ T9532]  ? page_copy_sane+0x4e/0x280
[  189.633997][ T9532]  copy_page_from_iter+0xdd/0x170
[  189.634024][ T9532]  tun_get_user+0x1c4d/0x3ce0
[  189.634071][ T9532]  ? tun_get_user+0x693/0x3ce0
[  189.634109][ T9532]  ? aa_file_perm+0x11f/0xed0
[  189.634130][ T9532]  ? __pfx_tun_get_user+0x10/0x10
[  189.634150][ T9532]  ? aa_file_perm+0x11f/0xed0
[  189.634169][ T9532]  ? aa_file_perm+0x3e7/0xed0
[  189.634203][ T9532]  ? ref_tracker_alloc+0x318/0x460
[  189.634233][ T9532]  ? __lock_acquire+0xab9/0xd20
[  189.634257][ T9532]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  189.634296][ T9532]  ? tun_get+0x1c/0x2f0
[  189.634324][ T9532]  ? tun_get+0x1c/0x2f0
[  189.634346][ T9532]  ? tun_get+0x1c/0x2f0
[  189.634372][ T9532]  tun_chr_write_iter+0x113/0x200
[  189.634399][ T9532]  vfs_write+0x54b/0xa90
[  189.634428][ T9532]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  189.634452][ T9532]  ? __pfx_vfs_write+0x10/0x10
[  189.634488][ T9532]  ? __fget_files+0x2a/0x420
[  189.634526][ T9532]  ksys_write+0x145/0x250
[  189.634554][ T9532]  ? __pfx_ksys_write+0x10/0x10
[  189.634584][ T9532]  ? do_syscall_64+0xbe/0x3b0
[  189.634609][ T9532]  do_syscall_64+0xfa/0x3b0
[  189.634629][ T9532]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.634663][ T9532]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.634684][ T9532]  ? clear_bhb_loop+0x60/0xb0
[  189.634726][ T9532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.634747][ T9532] RIP: 0033:0x7fb9e858d3df
[  189.634767][ T9532] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  189.634786][ T9532] RSP: 002b:00007fb9e93ff000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  189.634808][ T9532] RAX: ffffffffffffffda RBX: 00007fb9e87b5fa0 RCX: 00007fb9e858d3df
[  189.634824][ T9532] RDX: 000000000000009e RSI: 0000200000000180 RDI: 00000000000000c8
[  189.634838][ T9532] RBP: 00007fb9e93ff090 R08: 0000000000000000 R09: 0000000000000000
[  189.634852][ T9532] R10: 000000000000009e R11: 0000000000000293 R12: 0000000000000001
[  189.634866][ T9532] R13: 0000000000000000 R14: 00007fb9e87b5fa0 R15: 00007ffe221c5c48
[  189.634904][ T9532]  </TASK>
[  189.649263][ T9534] netlink: 'syz.4.1172': attribute type 29 has an invalid length.
[  189.874009][ T9537] netlink: 596 bytes leftover after parsing attributes in process `syz.4.1172'.
[  189.907030][ T9535] netlink: 'syz.4.1172': attribute type 29 has an invalid length.
[  190.024774][ T9520] infiniband syz0: set down
[  190.029824][ T9520] infiniband syz0: added ipvlan1
[  190.136450][ T9520] RDS/IB: syz0: added
[  190.143998][ T9520] smc: adding ib device syz0 with port count 1
[  190.185096][ T9520] smc:    ib device syz0 port 1 has pnetid 
[  190.437642][ T9556] netlink: 'syz.0.1180': attribute type 29 has an invalid length.
[  190.527185][ T9558] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1181'.
[  190.744644][ T9568] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1186'.
[  190.760390][ T9565] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  190.916675][ T9575] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  191.030818][ T9580] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1190'.
[  191.287166][ T9588] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1194'.
[  191.345263][ T9592] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1196'.
[  191.641199][ T9603] FAULT_INJECTION: forcing a failure.
[  191.641199][ T9603] name failslab, interval 1, probability 0, space 0, times 0
[  191.668919][ T9603] CPU: 1 UID: 0 PID: 9603 Comm: syz.3.1201 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  191.668952][ T9603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  191.668966][ T9603] Call Trace:
[  191.668975][ T9603]  <TASK>
[  191.668985][ T9603]  dump_stack_lvl+0x189/0x250
[  191.669016][ T9603]  ? __pfx____ratelimit+0x10/0x10
[  191.669052][ T9603]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.669077][ T9603]  ? __pfx__printk+0x10/0x10
[  191.669114][ T9603]  ? __pfx___might_resched+0x10/0x10
[  191.669145][ T9603]  should_fail_ex+0x414/0x560
[  191.669182][ T9603]  should_failslab+0xa8/0x100
[  191.669212][ T9603]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  191.669239][ T9603]  ? __alloc_skb+0x112/0x2d0
[  191.669263][ T9603]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  191.669296][ T9603]  __alloc_skb+0x112/0x2d0
[  191.669326][ T9603]  pfkey_sendmsg+0x1dd/0x1090
[  191.669359][ T9603]  ? __pfx___might_resched+0x10/0x10
[  191.669382][ T9603]  ? __lock_acquire+0xab9/0xd20
[  191.669411][ T9603]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  191.669443][ T9603]  ? aa_sk_perm+0x81e/0x950
[  191.669472][ T9603]  ? is_bpf_text_address+0x26/0x2b0
[  191.669499][ T9603]  ? __pfx_aa_sk_perm+0x10/0x10
[  191.669525][ T9603]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  191.669561][ T9603]  ? aa_sock_msg_perm+0x94/0x160
[  191.669595][ T9603]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  191.669628][ T9603]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  191.669653][ T9603]  __sock_sendmsg+0x21c/0x270
[  191.669676][ T9603]  ____sys_sendmsg+0x505/0x830
[  191.669711][ T9603]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.669750][ T9603]  ? import_iovec+0x74/0xa0
[  191.669779][ T9603]  ___sys_sendmsg+0x21f/0x2a0
[  191.669811][ T9603]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.669879][ T9603]  ? __fget_files+0x2a/0x420
[  191.669907][ T9603]  ? __fget_files+0x3a0/0x420
[  191.669951][ T9603]  __x64_sys_sendmsg+0x19b/0x260
[  191.669984][ T9603]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  191.670023][ T9603]  ? __pfx_ksys_write+0x10/0x10
[  191.670045][ T9603]  ? rcu_is_watching+0x15/0xb0
[  191.670076][ T9603]  ? do_syscall_64+0xbe/0x3b0
[  191.670102][ T9603]  do_syscall_64+0xfa/0x3b0
[  191.670122][ T9603]  ? lockdep_hardirqs_on+0x9c/0x150
[  191.670155][ T9603]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.670176][ T9603]  ? clear_bhb_loop+0x60/0xb0
[  191.670202][ T9603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.670223][ T9603] RIP: 0033:0x7f950858e929
[  191.670243][ T9603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.670262][ T9603] RSP: 002b:00007f95093eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.670286][ T9603] RAX: ffffffffffffffda RBX: 00007f95087b5fa0 RCX: 00007f950858e929
[  191.670302][ T9603] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  191.670316][ T9603] RBP: 00007f95093eb090 R08: 0000000000000000 R09: 0000000000000000
[  191.670329][ T9603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.670342][ T9603] R13: 0000000000000000 R14: 00007f95087b5fa0 R15: 00007ffc46dfce28
[  191.670375][ T9603]  </TASK>
[  192.710240][ T9631] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  193.849756][ T9686] validate_nla: 17 callbacks suppressed
[  193.849777][ T9686] netlink: 'syz.3.1235': attribute type 29 has an invalid length.
[  193.889775][ T9691] __nla_validate_parse: 12 callbacks suppressed
[  193.889797][ T9691] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1239'.
[  193.899757][ T9692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1238'.
[  193.906767][ T9686] netlink: 'syz.3.1235': attribute type 29 has an invalid length.
[  193.941358][ T9686] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1235'.
[  194.105902][ T9698] netlink: 'syz.4.1241': attribute type 29 has an invalid length.
[  194.124824][ T9698] netlink: 'syz.4.1241': attribute type 29 has an invalid length.
[  194.174681][ T9704] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  194.296183][ T9709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1248'.
[  194.307580][ T9711] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1246'.
[  194.412823][ T9719] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1246'.
[  194.599199][ T9727] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1254'.
[  194.686574][ T9731] netlink: 'syz.1.1255': attribute type 29 has an invalid length.
[  194.716357][ T9731] netlink: 'syz.1.1255': attribute type 29 has an invalid length.
[  194.741428][ T9731] netlink: 508 bytes leftover after parsing attributes in process `syz.1.1255'.
[  194.829884][ T9737] netlink: 'syz.0.1259': attribute type 1 has an invalid length.
[  194.838610][ T9737] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1259'.
[  194.918088][ T9741] netlink: 'syz.1.1260': attribute type 29 has an invalid length.
[  194.957030][ T9741] netlink: 'syz.1.1260': attribute type 29 has an invalid length.
[  195.126867][ T9750] FAULT_INJECTION: forcing a failure.
[  195.126867][ T9750] name failslab, interval 1, probability 0, space 0, times 0
[  195.140184][ T9750] CPU: 0 UID: 0 PID: 9750 Comm: syz.0.1264 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  195.140214][ T9750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.140227][ T9750] Call Trace:
[  195.140236][ T9750]  <TASK>
[  195.140245][ T9750]  dump_stack_lvl+0x189/0x250
[  195.140277][ T9750]  ? __pfx____ratelimit+0x10/0x10
[  195.140312][ T9750]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.140339][ T9750]  ? __pfx__printk+0x10/0x10
[  195.140384][ T9750]  should_fail_ex+0x414/0x560
[  195.140423][ T9750]  should_failslab+0xa8/0x100
[  195.140455][ T9750]  kmem_cache_alloc_noprof+0x73/0x3c0
[  195.140480][ T9750]  ? dst_alloc+0x105/0x170
[  195.140508][ T9750]  ? __kernel_text_address+0xd/0x40
[  195.140535][ T9750]  dst_alloc+0x105/0x170
[  195.140570][ T9750]  ip_route_input_rcu+0x1ed5/0x2ff0
[  195.140619][ T9750]  ? __pfx_ip_route_input_rcu+0x10/0x10
[  195.140678][ T9750]  ? ipt_do_table+0x13dd/0x1640
[  195.140709][ T9750]  ? ip_route_input_noref+0x98/0x250
[  195.140743][ T9750]  ip_route_input_noref+0x167/0x250
[  195.140780][ T9750]  ? __pfx_ip_route_input_noref+0x10/0x10
[  195.140818][ T9750]  ? __pfx_udp_v4_early_demux+0x10/0x10
[  195.140847][ T9750]  ? ipt_do_table+0x2a3/0x1640
[  195.140871][ T9750]  ? __pfx_ipt_do_table+0x10/0x10
[  195.140901][ T9750]  ip_rcv_finish_core+0x5af/0x1c00
[  195.140942][ T9750]  ip_rcv_finish+0x14c/0x2f0
[  195.140971][ T9750]  NF_HOOK+0x309/0x3a0
[  195.140999][ T9750]  ? __pfx_ip_rcv_finish+0x10/0x10
[  195.141023][ T9750]  ? NF_HOOK+0x9a/0x3a0
[  195.141045][ T9750]  ? __pfx_NF_HOOK+0x10/0x10
[  195.141068][ T9750]  ? ip_rcv_core+0x7f7/0xd00
[  195.141095][ T9750]  ? __pfx_ip_rcv_finish+0x10/0x10
[  195.141141][ T9750]  ? __pfx_ip_rcv+0x10/0x10
[  195.141165][ T9750]  __netif_receive_skb+0x143/0x380
[  195.141194][ T9750]  ? netif_receive_skb+0x115/0x790
[  195.141227][ T9750]  netif_receive_skb+0x1cb/0x790
[  195.141261][ T9750]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  195.141288][ T9750]  ? __pfx_netif_receive_skb+0x10/0x10
[  195.141329][ T9750]  ? tun_rx_batched+0x160/0x730
[  195.141356][ T9750]  tun_rx_batched+0x1b9/0x730
[  195.141378][ T9750]  ? __lock_acquire+0xab9/0xd20
[  195.141406][ T9750]  ? __pfx_tun_rx_batched+0x10/0x10
[  195.141434][ T9750]  ? tun_get_user+0x2549/0x3ce0
[  195.141474][ T9750]  tun_get_user+0x298e/0x3ce0
[  195.141500][ T9750]  ? tun_get_user+0x693/0x3ce0
[  195.141521][ T9750]  ? tun_get_user+0x2549/0x3ce0
[  195.141558][ T9750]  ? aa_file_perm+0x11f/0xed0
[  195.141579][ T9750]  ? __pfx_tun_get_user+0x10/0x10
[  195.141603][ T9750]  ? aa_file_perm+0x3e7/0xed0
[  195.141638][ T9750]  ? ref_tracker_alloc+0x318/0x460
[  195.141670][ T9750]  ? __lock_acquire+0xab9/0xd20
[  195.141695][ T9750]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  195.141736][ T9750]  ? tun_get+0x1c/0x2f0
[  195.141765][ T9750]  ? tun_get+0x1c/0x2f0
[  195.141787][ T9750]  ? tun_get+0x1c/0x2f0
[  195.141815][ T9750]  tun_chr_write_iter+0x113/0x200
[  195.141841][ T9750]  vfs_write+0x54b/0xa90
[  195.141869][ T9750]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  195.141893][ T9750]  ? __pfx_vfs_write+0x10/0x10
[  195.141930][ T9750]  ? __fget_files+0x2a/0x420
[  195.141997][ T9750]  ksys_write+0x145/0x250
[  195.142026][ T9750]  ? __pfx_ksys_write+0x10/0x10
[  195.142048][ T9750]  ? rcu_is_watching+0x15/0xb0
[  195.142080][ T9750]  ? do_syscall_64+0xbe/0x3b0
[  195.142115][ T9750]  do_syscall_64+0xfa/0x3b0
[  195.142135][ T9750]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.142168][ T9750]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.142190][ T9750]  ? clear_bhb_loop+0x60/0xb0
[  195.142217][ T9750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.142238][ T9750] RIP: 0033:0x7f20d0f8d3df
[  195.142258][ T9750] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  195.142277][ T9750] RSP: 002b:00007f20d1d3f000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  195.142301][ T9750] RAX: ffffffffffffffda RBX: 00007f20d11b5fa0 RCX: 00007f20d0f8d3df
[  195.142317][ T9750] RDX: 000000000000009e RSI: 0000200000000180 RDI: 00000000000000c8
[  195.142331][ T9750] RBP: 00007f20d1d3f090 R08: 0000000000000000 R09: 0000000000000000
[  195.142345][ T9750] R10: 000000000000009e R11: 0000000000000293 R12: 0000000000000001
[  195.142358][ T9750] R13: 0000000000000000 R14: 00007f20d11b5fa0 R15: 00007ffc4ee26e88
[  195.142393][ T9750]  </TASK>
[  195.697964][ T9759] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1268'.
[  195.768031][ T9762] netlink: 'syz.4.1270': attribute type 29 has an invalid length.
[  196.002755][ T9776] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  196.012210][ T9777] FAULT_INJECTION: forcing a failure.
[  196.012210][ T9777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.031088][ T9777] CPU: 0 UID: 0 PID: 9777 Comm: syz.0.1274 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  196.031120][ T9777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.031132][ T9777] Call Trace:
[  196.031141][ T9777]  <TASK>
[  196.031150][ T9777]  dump_stack_lvl+0x189/0x250
[  196.031181][ T9777]  ? __pfx____ratelimit+0x10/0x10
[  196.031215][ T9777]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.031239][ T9777]  ? __pfx__printk+0x10/0x10
[  196.031267][ T9777]  ? __might_fault+0xb0/0x130
[  196.031304][ T9777]  should_fail_ex+0x414/0x560
[  196.031340][ T9777]  _copy_from_iter+0x1db/0x16f0
[  196.031376][ T9777]  ? rcu_is_watching+0x15/0xb0
[  196.031403][ T9777]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  196.031431][ T9777]  ? __pfx__copy_from_iter+0x10/0x10
[  196.031455][ T9777]  ? __build_skb_around+0x257/0x3e0
[  196.031485][ T9777]  ? skb_put+0x11b/0x210
[  196.031515][ T9777]  pfkey_sendmsg+0x230/0x1090
[  196.031546][ T9777]  ? __pfx___might_resched+0x10/0x10
[  196.031569][ T9777]  ? __lock_acquire+0xab9/0xd20
[  196.031596][ T9777]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  196.031629][ T9777]  ? aa_sk_perm+0x81e/0x950
[  196.031657][ T9777]  ? is_bpf_text_address+0x26/0x2b0
[  196.031684][ T9777]  ? __pfx_aa_sk_perm+0x10/0x10
[  196.031709][ T9777]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  196.031738][ T9777]  ? aa_sock_msg_perm+0x94/0x160
[  196.031772][ T9777]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  196.031804][ T9777]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  196.031829][ T9777]  __sock_sendmsg+0x21c/0x270
[  196.031853][ T9777]  ____sys_sendmsg+0x505/0x830
[  196.031888][ T9777]  ? __pfx_____sys_sendmsg+0x10/0x10
[  196.031926][ T9777]  ? import_iovec+0x74/0xa0
[  196.031955][ T9777]  ___sys_sendmsg+0x21f/0x2a0
[  196.031985][ T9777]  ? __pfx____sys_sendmsg+0x10/0x10
[  196.032050][ T9777]  ? __fget_files+0x2a/0x420
[  196.032077][ T9777]  ? __fget_files+0x3a0/0x420
[  196.032115][ T9777]  __x64_sys_sendmsg+0x19b/0x260
[  196.032148][ T9777]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  196.032187][ T9777]  ? __pfx_ksys_write+0x10/0x10
[  196.032209][ T9777]  ? rcu_is_watching+0x15/0xb0
[  196.032239][ T9777]  ? do_syscall_64+0xbe/0x3b0
[  196.032265][ T9777]  do_syscall_64+0xfa/0x3b0
[  196.032285][ T9777]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.032318][ T9777]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.032339][ T9777]  ? clear_bhb_loop+0x60/0xb0
[  196.032392][ T9777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.032412][ T9777] RIP: 0033:0x7f20d0f8e929
[  196.032432][ T9777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.032450][ T9777] RSP: 002b:00007f20d1d3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.032474][ T9777] RAX: ffffffffffffffda RBX: 00007f20d11b5fa0 RCX: 00007f20d0f8e929
[  196.032490][ T9777] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  196.032504][ T9777] RBP: 00007f20d1d3f090 R08: 0000000000000000 R09: 0000000000000000
[  196.032518][ T9777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.032531][ T9777] R13: 0000000000000000 R14: 00007f20d11b5fa0 R15: 00007ffc4ee26e88
[  196.032564][ T9777]  </TASK>
[  196.562710][ T9790] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  196.809658][ T9806] ip6t_rpfilter: unknown options
[  196.958741][ T9814] FAULT_INJECTION: forcing a failure.
[  196.958741][ T9814] name failslab, interval 1, probability 0, space 0, times 0
[  196.972224][ T9814] CPU: 0 UID: 0 PID: 9814 Comm: syz.1.1290 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  196.972252][ T9814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.972265][ T9814] Call Trace:
[  196.972282][ T9814]  <TASK>
[  196.972291][ T9814]  dump_stack_lvl+0x189/0x250
[  196.972322][ T9814]  ? __pfx____ratelimit+0x10/0x10
[  196.972357][ T9814]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.972383][ T9814]  ? __pfx__printk+0x10/0x10
[  196.972419][ T9814]  ? __pfx___might_resched+0x10/0x10
[  196.972444][ T9814]  ? fs_reclaim_acquire+0x7d/0x100
[  196.972479][ T9814]  should_fail_ex+0x414/0x560
[  196.972517][ T9814]  should_failslab+0xa8/0x100
[  196.972549][ T9814]  kmem_cache_alloc_noprof+0x73/0x3c0
[  196.972574][ T9814]  ? skb_clone+0x212/0x3a0
[  196.972609][ T9814]  skb_clone+0x212/0x3a0
[  196.972645][ T9814]  pfkey_sendmsg+0x44b/0x1090
[  196.972678][ T9814]  ? __lock_acquire+0xab9/0xd20
[  196.972707][ T9814]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  196.972761][ T9814]  ? aa_sock_msg_perm+0x94/0x160
[  196.972795][ T9814]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  196.972826][ T9814]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  196.972851][ T9814]  __sock_sendmsg+0x21c/0x270
[  196.972876][ T9814]  ____sys_sendmsg+0x505/0x830
[  196.972911][ T9814]  ? __pfx_____sys_sendmsg+0x10/0x10
[  196.972950][ T9814]  ? import_iovec+0x74/0xa0
[  196.972980][ T9814]  ___sys_sendmsg+0x21f/0x2a0
[  196.973012][ T9814]  ? __pfx____sys_sendmsg+0x10/0x10
[  196.973241][ T9814]  ? __fget_files+0x2a/0x420
[  196.973277][ T9814]  ? __fget_files+0x3a0/0x420
[  196.973319][ T9814]  __x64_sys_sendmsg+0x19b/0x260
[  196.973355][ T9814]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  196.973396][ T9814]  ? __pfx_ksys_write+0x10/0x10
[  196.973419][ T9814]  ? rcu_is_watching+0x15/0xb0
[  196.973455][ T9814]  ? do_syscall_64+0xbe/0x3b0
[  196.973481][ T9814]  do_syscall_64+0xfa/0x3b0
[  196.973501][ T9814]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.973542][ T9814]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.973565][ T9814]  ? clear_bhb_loop+0x60/0xb0
[  196.973593][ T9814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.973614][ T9814] RIP: 0033:0x7fb9e858e929
[  196.973635][ T9814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.973654][ T9814] RSP: 002b:00007fb9e93ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.973678][ T9814] RAX: ffffffffffffffda RBX: 00007fb9e87b5fa0 RCX: 00007fb9e858e929
[  196.973694][ T9814] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  196.973708][ T9814] RBP: 00007fb9e93ff090 R08: 0000000000000000 R09: 0000000000000000
[  196.973722][ T9814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.973735][ T9814] R13: 0000000000000000 R14: 00007fb9e87b5fa0 R15: 00007ffe221c5c48
[  196.973775][ T9814]  </TASK>
[  197.437273][ T9827] FAULT_INJECTION: forcing a failure.
[  197.437273][ T9827] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.465044][ T9827] CPU: 0 UID: 0 PID: 9827 Comm: syz.1.1296 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  197.465075][ T9827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  197.465089][ T9827] Call Trace:
[  197.465098][ T9827]  <TASK>
[  197.465107][ T9827]  dump_stack_lvl+0x189/0x250
[  197.465139][ T9827]  ? __pfx____ratelimit+0x10/0x10
[  197.465174][ T9827]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.465201][ T9827]  ? __pfx__printk+0x10/0x10
[  197.465244][ T9827]  should_fail_ex+0x414/0x560
[  197.465281][ T9827]  _copy_to_user+0x31/0xb0
[  197.465310][ T9827]  simple_read_from_buffer+0xe1/0x170
[  197.465344][ T9827]  proc_fail_nth_read+0x1df/0x250
[  197.465379][ T9827]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.465414][ T9827]  ? rw_verify_area+0x258/0x650
[  197.465438][ T9827]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.465470][ T9827]  vfs_read+0x200/0x980
[  197.465498][ T9827]  ? __pfx___mutex_lock+0x10/0x10
[  197.465521][ T9827]  ? __pfx_vfs_read+0x10/0x10
[  197.465547][ T9827]  ? __fget_files+0x2a/0x420
[  197.465580][ T9827]  ? __fget_files+0x3a0/0x420
[  197.465606][ T9827]  ? __fget_files+0x2a/0x420
[  197.465644][ T9827]  ksys_read+0x145/0x250
[  197.465672][ T9827]  ? __pfx_ksys_read+0x10/0x10
[  197.465693][ T9827]  ? rcu_is_watching+0x15/0xb0
[  197.465722][ T9827]  ? do_syscall_64+0xbe/0x3b0
[  197.465748][ T9827]  do_syscall_64+0xfa/0x3b0
[  197.465767][ T9827]  ? lockdep_hardirqs_on+0x9c/0x150
[  197.465802][ T9827]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.465827][ T9827]  ? clear_bhb_loop+0x60/0xb0
[  197.465854][ T9827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.465875][ T9827] RIP: 0033:0x7fb9e858d33c
[  197.465894][ T9827] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  197.465913][ T9827] RSP: 002b:00007fb9e93ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  197.465943][ T9827] RAX: ffffffffffffffda RBX: 00007fb9e87b5fa0 RCX: 00007fb9e858d33c
[  197.465959][ T9827] RDX: 000000000000000f RSI: 00007fb9e93ff0a0 RDI: 0000000000000007
[  197.465972][ T9827] RBP: 00007fb9e93ff090 R08: 0000000000000000 R09: 0000000000000000
[  197.465985][ T9827] R10: 000000000000009e R11: 0000000000000246 R12: 0000000000000001
[  197.465998][ T9827] R13: 0000000000000000 R14: 00007fb9e87b5fa0 R15: 00007ffe221c5c48
[  197.466030][ T9827]  </TASK>
[  197.929548][ T9841] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  198.040996][ T9850] FAULT_INJECTION: forcing a failure.
[  198.040996][ T9850] name failslab, interval 1, probability 0, space 0, times 0
[  198.082050][ T9849] geneve2: entered promiscuous mode
[  198.088294][ T9850] CPU: 0 UID: 0 PID: 9850 Comm: syz.0.1307 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  198.088325][ T9850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.088338][ T9850] Call Trace:
[  198.088347][ T9850]  <TASK>
[  198.088356][ T9850]  dump_stack_lvl+0x189/0x250
[  198.088387][ T9850]  ? __pfx____ratelimit+0x10/0x10
[  198.088423][ T9850]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.088450][ T9850]  ? __pfx__printk+0x10/0x10
[  198.088480][ T9850]  ? __lock_acquire+0xab9/0xd20
[  198.088516][ T9850]  should_fail_ex+0x414/0x560
[  198.088554][ T9850]  should_failslab+0xa8/0x100
[  198.088585][ T9850]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  198.088611][ T9850]  ? xfrm_state_flush+0x813/0x830
[  198.088630][ T9850]  ? __alloc_skb+0x112/0x2d0
[  198.088660][ T9850]  __alloc_skb+0x112/0x2d0
[  198.088690][ T9850]  unicast_flush_resp+0x2a/0x170
[  198.088722][ T9850]  pfkey_flush+0x14f/0x340
[  198.088749][ T9850]  ? __pfx_pfkey_flush+0x10/0x10
[  198.088771][ T9850]  ? kmem_cache_free+0x18f/0x400
[  198.088813][ T9850]  pfkey_sendmsg+0xbfe/0x1090
[  198.088846][ T9850]  ? __lock_acquire+0xab9/0xd20
[  198.088875][ T9850]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  198.088929][ T9850]  ? aa_sock_msg_perm+0x94/0x160
[  198.088963][ T9850]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  198.088995][ T9850]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  198.089020][ T9850]  __sock_sendmsg+0x21c/0x270
[  198.089045][ T9850]  ____sys_sendmsg+0x505/0x830
[  198.089080][ T9850]  ? __pfx_____sys_sendmsg+0x10/0x10
[  198.089120][ T9850]  ? import_iovec+0x74/0xa0
[  198.089158][ T9850]  ___sys_sendmsg+0x21f/0x2a0
[  198.089189][ T9850]  ? __pfx____sys_sendmsg+0x10/0x10
[  198.089261][ T9850]  ? __fget_files+0x2a/0x420
[  198.089290][ T9850]  ? __fget_files+0x3a0/0x420
[  198.089331][ T9850]  __x64_sys_sendmsg+0x19b/0x260
[  198.089363][ T9850]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  198.089403][ T9850]  ? __pfx_ksys_write+0x10/0x10
[  198.089426][ T9850]  ? rcu_is_watching+0x15/0xb0
[  198.089458][ T9850]  ? do_syscall_64+0xbe/0x3b0
[  198.089484][ T9850]  do_syscall_64+0xfa/0x3b0
[  198.089504][ T9850]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.089538][ T9850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.089559][ T9850]  ? clear_bhb_loop+0x60/0xb0
[  198.089585][ T9850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.089606][ T9850] RIP: 0033:0x7f20d0f8e929
[  198.089626][ T9850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.089644][ T9850] RSP: 002b:00007f20d1d3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.089667][ T9850] RAX: ffffffffffffffda RBX: 00007f20d11b5fa0 RCX: 00007f20d0f8e929
[  198.089683][ T9850] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  198.089697][ T9850] RBP: 00007f20d1d3f090 R08: 0000000000000000 R09: 0000000000000000
[  198.089710][ T9850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.089723][ T9850] R13: 0000000000000000 R14: 00007f20d11b5fa0 R15: 00007ffc4ee26e88
[  198.089757][ T9850]  </TASK>
[  198.090194][ T9849] geneve2: entered allmulticast mode
[  198.479089][ T9867] netem: incorrect ge model size
[  198.486496][ T9867] netem: change failed
[  198.824029][ T9887] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  198.968923][ T9890] __nla_validate_parse: 13 callbacks suppressed
[  198.968944][ T9890] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1320'.
[  199.007481][ T9890] validate_nla: 18 callbacks suppressed
[  199.007501][ T9890] netlink: 'syz.2.1320': attribute type 30 has an invalid length.
[  199.036888][ T9890] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  199.046680][ T9890] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  199.055664][ T9890] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  199.065090][ T9890] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  199.079698][ T9901] netlink: 'syz.0.1324': attribute type 1 has an invalid length.
[  199.082892][ T9890] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1320'.
[  199.089554][ T9901] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1324'.
[  199.115475][ T9890] netlink: 'syz.2.1320': attribute type 30 has an invalid length.
[  199.119466][ T9903] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1325'.
[  199.334106][ T9911] netlink: 'syz.3.1327': attribute type 29 has an invalid length.
[  199.355590][ T9915] netlink: 'syz.1.1329': attribute type 29 has an invalid length.
[  199.397609][ T9915] netlink: 'syz.1.1329': attribute type 29 has an invalid length.
[  199.422205][ T9911] netlink: 'syz.3.1327': attribute type 29 has an invalid length.
[  199.432873][ T9915] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1329'.
[  199.435233][ T9918] netlink: 508 bytes leftover after parsing attributes in process `syz.3.1327'.
[  199.464263][ T9919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1330'.
[  199.483388][ T9919] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1330'.
[  199.730563][ T9931] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  199.778645][ T9933] FAULT_INJECTION: forcing a failure.
[  199.778645][ T9933] name failslab, interval 1, probability 0, space 0, times 0
[  199.807153][ T9933] CPU: 1 UID: 0 PID: 9933 Comm: syz.3.1336 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  199.807186][ T9933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.807200][ T9933] Call Trace:
[  199.807209][ T9933]  <TASK>
[  199.807218][ T9933]  dump_stack_lvl+0x189/0x250
[  199.807249][ T9933]  ? __pfx____ratelimit+0x10/0x10
[  199.807285][ T9933]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.807331][ T9933]  ? __pfx__printk+0x10/0x10
[  199.807376][ T9933]  should_fail_ex+0x414/0x560
[  199.807413][ T9933]  should_failslab+0xa8/0x100
[  199.807460][ T9933]  kmem_cache_alloc_noprof+0x73/0x3c0
[  199.807485][ T9933]  ? skb_clone+0x212/0x3a0
[  199.807525][ T9933]  skb_clone+0x212/0x3a0
[  199.807553][ T9933]  ? pfkey_broadcast_one+0x7d/0x360
[  199.807580][ T9933]  pfkey_broadcast_one+0x9b/0x360
[  199.807602][ T9933]  ? pfkey_broadcast+0x39c/0x3e0
[  199.807627][ T9933]  pfkey_broadcast+0x3a9/0x3e0
[  199.807649][ T9933]  ? pfkey_broadcast+0x48/0x3e0
[  199.807675][ T9933]  pfkey_flush+0x14f/0x340
[  199.807704][ T9933]  ? __pfx_pfkey_flush+0x10/0x10
[  199.807726][ T9933]  ? kmem_cache_free+0x18f/0x400
[  199.807767][ T9933]  pfkey_sendmsg+0xbfe/0x1090
[  199.807800][ T9933]  ? __lock_acquire+0xab9/0xd20
[  199.807829][ T9933]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  199.807883][ T9933]  ? aa_sock_msg_perm+0x94/0x160
[  199.807918][ T9933]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  199.807950][ T9933]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  199.807983][ T9933]  __sock_sendmsg+0x21c/0x270
[  199.808007][ T9933]  ____sys_sendmsg+0x505/0x830
[  199.808043][ T9933]  ? __pfx_____sys_sendmsg+0x10/0x10
[  199.808083][ T9933]  ? import_iovec+0x74/0xa0
[  199.808125][ T9933]  ___sys_sendmsg+0x21f/0x2a0
[  199.808157][ T9933]  ? __pfx____sys_sendmsg+0x10/0x10
[  199.808230][ T9933]  ? __fget_files+0x2a/0x420
[  199.808258][ T9933]  ? __fget_files+0x3a0/0x420
[  199.808299][ T9933]  __x64_sys_sendmsg+0x19b/0x260
[  199.808332][ T9933]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  199.808373][ T9933]  ? __pfx_ksys_write+0x10/0x10
[  199.808396][ T9933]  ? rcu_is_watching+0x15/0xb0
[  199.808428][ T9933]  ? do_syscall_64+0xbe/0x3b0
[  199.808455][ T9933]  do_syscall_64+0xfa/0x3b0
[  199.808474][ T9933]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.808506][ T9933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.808526][ T9933]  ? clear_bhb_loop+0x60/0xb0
[  199.808552][ T9933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.808573][ T9933] RIP: 0033:0x7f950858e929
[  199.808594][ T9933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.808613][ T9933] RSP: 002b:00007f95093eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  199.808636][ T9933] RAX: ffffffffffffffda RBX: 00007f95087b5fa0 RCX: 00007f950858e929
[  199.808652][ T9933] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  199.808665][ T9933] RBP: 00007f95093eb090 R08: 0000000000000000 R09: 0000000000000000
[  199.808679][ T9933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.808692][ T9933] R13: 0000000000000000 R14: 00007f95087b5fa0 R15: 00007ffc46dfce28
[  199.808726][ T9933]  </TASK>
[  200.151667][ T9936] netlink: 'syz.1.1338': attribute type 1 has an invalid length.
[  200.159967][ T9936] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1338'.
[  200.174056][ T9937] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1337'.
[  200.351749][ T9948] netlink: 'syz.1.1342': attribute type 29 has an invalid length.
[  200.372066][ T9948] netlink: 'syz.1.1342': attribute type 29 has an invalid length.
[  200.649206][ T9967] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  200.799416][ T9975] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  200.855580][ T9975] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  200.864747][ T9975] gretap1: entered promiscuous mode
[  200.887475][ T9975] gretap1: entered allmulticast mode
[  201.382843][T10000] batadv_slave_0: entered promiscuous mode
[  201.711670][T10018] IPVS: Error connecting to the multicast addr
[  202.868786][T10073] pimreg: entered allmulticast mode
[  202.886463][T10078] pimreg: left allmulticast mode
[  203.976829][T10144] __nla_validate_parse: 27 callbacks suppressed
[  203.976853][T10144] netlink: 500 bytes leftover after parsing attributes in process `syz.4.1416'.
[  204.000806][T10145] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1415'.
[  204.141703][T10151] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1418'.
[  204.164896][T10152] validate_nla: 20 callbacks suppressed
[  204.164918][T10152] netlink: 'syz.4.1419': attribute type 1 has an invalid length.
[  204.198924][T10152] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1419'.
[  204.774885][T10178] netlink: 'syz.4.1425': attribute type 29 has an invalid length.
[  204.795173][T10178] netlink: 'syz.4.1425': attribute type 29 has an invalid length.
[  204.810368][T10178] netlink: 508 bytes leftover after parsing attributes in process `syz.4.1425'.
[  204.973667][T10186] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1426'.
[  205.038094][T10181] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.107451][T10189] FAULT_INJECTION: forcing a failure.
[  205.107451][T10189] name failslab, interval 1, probability 0, space 0, times 0
[  205.147658][T10189] CPU: 1 UID: 0 PID: 10189 Comm: syz.0.1430 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  205.147687][T10189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  205.147700][T10189] Call Trace:
[  205.147708][T10189]  <TASK>
[  205.147717][T10189]  dump_stack_lvl+0x189/0x250
[  205.147746][T10189]  ? __pfx____ratelimit+0x10/0x10
[  205.147777][T10189]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.147807][T10189]  ? __pfx__printk+0x10/0x10
[  205.147841][T10189]  ? __pfx___might_resched+0x10/0x10
[  205.147871][T10189]  should_fail_ex+0x414/0x560
[  205.147907][T10189]  should_failslab+0xa8/0x100
[  205.147936][T10189]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  205.147964][T10189]  ? __alloc_skb+0x112/0x2d0
[  205.147994][T10189]  __alloc_skb+0x112/0x2d0
[  205.148024][T10189]  netlink_sendmsg+0x5c6/0xb30
[  205.148061][T10189]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.148092][T10189]  ? aa_sock_msg_perm+0x94/0x160
[  205.148126][T10189]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  205.148158][T10189]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.148238][T10189]  __sock_sendmsg+0x21c/0x270
[  205.148262][T10189]  ____sys_sendmsg+0x505/0x830
[  205.148296][T10189]  ? __pfx_____sys_sendmsg+0x10/0x10
[  205.148336][T10189]  ? import_iovec+0x74/0xa0
[  205.148365][T10189]  ___sys_sendmsg+0x21f/0x2a0
[  205.148396][T10189]  ? __pfx____sys_sendmsg+0x10/0x10
[  205.148464][T10189]  ? __fget_files+0x2a/0x420
[  205.148492][T10189]  ? __fget_files+0x3a0/0x420
[  205.148532][T10189]  __x64_sys_sendmsg+0x19b/0x260
[  205.148563][T10189]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  205.148603][T10189]  ? __pfx_ksys_write+0x10/0x10
[  205.148626][T10189]  ? rcu_is_watching+0x15/0xb0
[  205.148657][T10189]  ? do_syscall_64+0xbe/0x3b0
[  205.148683][T10189]  do_syscall_64+0xfa/0x3b0
[  205.148704][T10189]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.148736][T10189]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.148763][T10189]  ? clear_bhb_loop+0x60/0xb0
[  205.148788][T10189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.148809][T10189] RIP: 0033:0x7f20d0f8e929
[  205.148829][T10189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.148848][T10189] RSP: 002b:00007f20d1d3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.148870][T10189] RAX: ffffffffffffffda RBX: 00007f20d11b5fa0 RCX: 00007f20d0f8e929
[  205.148886][T10189] RDX: 0000000000004000 RSI: 0000200000000200 RDI: 0000000000000004
[  205.148900][T10189] RBP: 00007f20d1d3f090 R08: 0000000000000000 R09: 0000000000000000
[  205.148914][T10189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.148926][T10189] R13: 0000000000000000 R14: 00007f20d11b5fa0 R15: 00007ffc4ee26e88
[  205.148960][T10189]  </TASK>
[  205.150446][T10191] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1432'.
[  205.252414][T10196] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1431'.
[  205.461995][T10196] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1431'.
[  205.497210][T10193] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1431'.
[  205.708738][T10209] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  205.718908][T10210] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  205.746412][T10213] netlink: 'syz.2.1439': attribute type 29 has an invalid length.
[  205.757989][T10213] netlink: 'syz.2.1439': attribute type 29 has an invalid length.
[  206.454774][T10247] tipc: Failed to obtain node identity
[  206.460354][T10247] tipc: Enabling of bearer <ib:gretap0> rejected, failed to enable media
[  206.701722][T10262] netlink: 'syz.0.1455': attribute type 29 has an invalid length.
[  206.718201][T10262] netlink: 'syz.0.1455': attribute type 29 has an invalid length.
[  206.805895][T10266] FAULT_INJECTION: forcing a failure.
[  206.805895][T10266] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.824514][T10266] CPU: 1 UID: 0 PID: 10266 Comm: syz.4.1458 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  206.824548][T10266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  206.824562][T10266] Call Trace:
[  206.824571][T10266]  <TASK>
[  206.824581][T10266]  dump_stack_lvl+0x189/0x250
[  206.824613][T10266]  ? __pfx____ratelimit+0x10/0x10
[  206.824648][T10266]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.824675][T10266]  ? __pfx__printk+0x10/0x10
[  206.824705][T10266]  ? __might_fault+0xb0/0x130
[  206.824743][T10266]  should_fail_ex+0x414/0x560
[  206.824780][T10266]  _copy_from_iter+0x1db/0x16f0
[  206.824807][T10266]  ? rcu_is_watching+0x15/0xb0
[  206.824834][T10266]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  206.824863][T10266]  ? __pfx__copy_from_iter+0x10/0x10
[  206.824887][T10266]  ? __build_skb_around+0x257/0x3e0
[  206.824917][T10266]  ? netlink_sendmsg+0x642/0xb30
[  206.824942][T10266]  ? skb_put+0x11b/0x210
[  206.824971][T10266]  netlink_sendmsg+0x6b2/0xb30
[  206.825008][T10266]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.825038][T10266]  ? aa_sock_msg_perm+0x94/0x160
[  206.825079][T10266]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  206.825111][T10266]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.825139][T10266]  __sock_sendmsg+0x21c/0x270
[  206.825164][T10266]  ____sys_sendmsg+0x505/0x830
[  206.825198][T10266]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.825236][T10266]  ? import_iovec+0x74/0xa0
[  206.825265][T10266]  ___sys_sendmsg+0x21f/0x2a0
[  206.825296][T10266]  ? __pfx____sys_sendmsg+0x10/0x10
[  206.825364][T10266]  ? __fget_files+0x2a/0x420
[  206.825391][T10266]  ? __fget_files+0x3a0/0x420
[  206.825431][T10266]  __x64_sys_sendmsg+0x19b/0x260
[  206.825462][T10266]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  206.825500][T10266]  ? __pfx_ksys_write+0x10/0x10
[  206.825523][T10266]  ? rcu_is_watching+0x15/0xb0
[  206.825553][T10266]  ? do_syscall_64+0xbe/0x3b0
[  206.825579][T10266]  do_syscall_64+0xfa/0x3b0
[  206.825598][T10266]  ? lockdep_hardirqs_on+0x9c/0x150
[  206.825631][T10266]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.825651][T10266]  ? clear_bhb_loop+0x60/0xb0
[  206.825677][T10266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.825698][T10266] RIP: 0033:0x7f5608b8e929
[  206.825716][T10266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.825735][T10266] RSP: 002b:00007f5609a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.825759][T10266] RAX: ffffffffffffffda RBX: 00007f5608db5fa0 RCX: 00007f5608b8e929
[  206.825775][T10266] RDX: 0000000000004000 RSI: 0000200000000200 RDI: 0000000000000004
[  206.825788][T10266] RBP: 00007f5609a57090 R08: 0000000000000000 R09: 0000000000000000
[  206.825801][T10266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.825814][T10266] R13: 0000000000000000 R14: 00007f5608db5fa0 R15: 00007fff06158bd8
[  206.825847][T10266]  </TASK>
[  207.139978][T10273] vlan2: entered promiscuous mode
[  207.145311][T10273] bridge0: entered promiscuous mode
[  207.150832][T10273] vlan2: entered allmulticast mode
[  207.156178][T10273] bridge0: entered allmulticast mode
[  207.378600][T10289] xt_hashlimit: Unknown mode mask 115, kernel too old?
[  207.386689][T10289] netlink: 'syz.3.1464': attribute type 75 has an invalid length.
[  207.609889][T10302] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  207.651129][T10300] openvswitch: netlink: Missing key (keys=40, expected=80)
[  207.813113][T10308] netlink: 'syz.2.1470': attribute type 29 has an invalid length.
[  207.840047][T10308] netlink: 'syz.2.1470': attribute type 29 has an invalid length.
[  207.938574][T10315] FAULT_INJECTION: forcing a failure.
[  207.938574][T10315] name failslab, interval 1, probability 0, space 0, times 0
[  207.978613][T10315] CPU: 1 UID: 0 PID: 10315 Comm: syz.2.1474 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  207.978645][T10315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  207.978665][T10315] Call Trace:
[  207.978673][T10315]  <TASK>
[  207.978683][T10315]  dump_stack_lvl+0x189/0x250
[  207.978720][T10315]  ? __pfx____ratelimit+0x10/0x10
[  207.978761][T10315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.978788][T10315]  ? __pfx__printk+0x10/0x10
[  207.978826][T10315]  ? ref_tracker_alloc+0x318/0x460
[  207.978864][T10315]  should_fail_ex+0x414/0x560
[  207.978901][T10315]  should_failslab+0xa8/0x100
[  207.978932][T10315]  kmem_cache_alloc_noprof+0x73/0x3c0
[  207.978965][T10315]  ? skb_clone+0x212/0x3a0
[  207.979001][T10315]  skb_clone+0x212/0x3a0
[  207.979036][T10315]  __netlink_deliver_tap+0x404/0x850
[  207.979077][T10315]  ? netlink_deliver_tap+0x2e/0x1b0
[  207.979106][T10315]  netlink_deliver_tap+0x19c/0x1b0
[  207.979134][T10315]  netlink_unicast+0x730/0x8e0
[  207.979170][T10315]  netlink_sendmsg+0x805/0xb30
[  207.979208][T10315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.979238][T10315]  ? aa_sock_msg_perm+0x94/0x160
[  207.979272][T10315]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  207.979305][T10315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.979332][T10315]  __sock_sendmsg+0x21c/0x270
[  207.979356][T10315]  ____sys_sendmsg+0x505/0x830
[  207.979391][T10315]  ? __pfx_____sys_sendmsg+0x10/0x10
[  207.979431][T10315]  ? import_iovec+0x74/0xa0
[  207.979460][T10315]  ___sys_sendmsg+0x21f/0x2a0
[  207.979491][T10315]  ? __pfx____sys_sendmsg+0x10/0x10
[  207.979560][T10315]  ? __fget_files+0x2a/0x420
[  207.979587][T10315]  ? __fget_files+0x3a0/0x420
[  207.979628][T10315]  __x64_sys_sendmsg+0x19b/0x260
[  207.979661][T10315]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  207.979701][T10315]  ? __pfx_ksys_write+0x10/0x10
[  207.979723][T10315]  ? rcu_is_watching+0x15/0xb0
[  207.979755][T10315]  ? do_syscall_64+0xbe/0x3b0
[  207.979782][T10315]  do_syscall_64+0xfa/0x3b0
[  207.979801][T10315]  ? lockdep_hardirqs_on+0x9c/0x150
[  207.979835][T10315]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.979856][T10315]  ? clear_bhb_loop+0x60/0xb0
[  207.979883][T10315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.979904][T10315] RIP: 0033:0x7fcc49d8e929
[  207.979924][T10315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.979942][T10315] RSP: 002b:00007fcc4acab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  207.979973][T10315] RAX: ffffffffffffffda RBX: 00007fcc49fb5fa0 RCX: 00007fcc49d8e929
[  207.979988][T10315] RDX: 0000000000004000 RSI: 0000200000000200 RDI: 0000000000000004
[  207.980002][T10315] RBP: 00007fcc4acab090 R08: 0000000000000000 R09: 0000000000000000
[  207.980016][T10315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.980029][T10315] R13: 0000000000000000 R14: 00007fcc49fb5fa0 R15: 00007ffdd115e548
[  207.980062][T10315]  </TASK>
[  208.394592][T10325] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  208.407609][T10325] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  208.468351][T10322] Bluetooth: MGMT ver 1.23
[  208.602155][T10333] team0: Port device geneve0 added
[  209.013903][T10359] FAULT_INJECTION: forcing a failure.
[  209.013903][T10359] name failslab, interval 1, probability 0, space 0, times 0
[  209.028234][T10359] CPU: 1 UID: 0 PID: 10359 Comm: syz.3.1492 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  209.028265][T10359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  209.028278][T10359] Call Trace:
[  209.028286][T10359]  <TASK>
[  209.028296][T10359]  dump_stack_lvl+0x189/0x250
[  209.028326][T10359]  ? irqentry_exit+0x74/0x90
[  209.028349][T10359]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.028403][T10359]  should_fail_ex+0x414/0x560
[  209.028436][T10359]  should_failslab+0xa8/0x100
[  209.028465][T10359]  kmem_cache_alloc_noprof+0x73/0x3c0
[  209.028490][T10359]  ? skb_clone+0x212/0x3a0
[  209.028523][T10359]  skb_clone+0x212/0x3a0
[  209.028548][T10359]  ? nfnetlink_rcv+0x486/0x2520
[  209.028585][T10359]  nfnetlink_rcv+0x4b4/0x2520
[  209.028622][T10359]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  209.028656][T10359]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  209.028686][T10359]  ? __dev_queue_xmit+0x27e/0x3a70
[  209.028717][T10359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.028762][T10359]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  209.028813][T10359]  ? ref_tracker_free+0x63a/0x7d0
[  209.028849][T10359]  ? __copy_skb_header+0xa7/0x550
[  209.028880][T10359]  ? __pfx_ref_tracker_free+0x10/0x10
[  209.028931][T10359]  ? skb_clone+0x246/0x3a0
[  209.028963][T10359]  ? __netlink_deliver_tap+0x807/0x850
[  209.028990][T10359]  ? netlink_deliver_tap+0x2e/0x1b0
[  209.029023][T10359]  ? netlink_deliver_tap+0x2e/0x1b0
[  209.029048][T10359]  ? netlink_deliver_tap+0x2e/0x1b0
[  209.029080][T10359]  netlink_unicast+0x759/0x8e0
[  209.029115][T10359]  netlink_sendmsg+0x805/0xb30
[  209.029153][T10359]  ? __pfx_netlink_sendmsg+0x10/0x10
[  209.029183][T10359]  ? aa_sock_msg_perm+0x94/0x160
[  209.029218][T10359]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  209.029250][T10359]  ? __pfx_netlink_sendmsg+0x10/0x10
[  209.029278][T10359]  __sock_sendmsg+0x21c/0x270
[  209.029302][T10359]  ____sys_sendmsg+0x505/0x830
[  209.029336][T10359]  ? __pfx_____sys_sendmsg+0x10/0x10
[  209.029375][T10359]  ? import_iovec+0x74/0xa0
[  209.029403][T10359]  ___sys_sendmsg+0x21f/0x2a0
[  209.029433][T10359]  ? __pfx____sys_sendmsg+0x10/0x10
[  209.029499][T10359]  ? __fget_files+0x2a/0x420
[  209.029526][T10359]  ? __fget_files+0x3a0/0x420
[  209.029564][T10359]  __x64_sys_sendmsg+0x19b/0x260
[  209.029596][T10359]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  209.029635][T10359]  ? __pfx_ksys_write+0x10/0x10
[  209.029666][T10359]  ? do_syscall_64+0xbe/0x3b0
[  209.029692][T10359]  do_syscall_64+0xfa/0x3b0
[  209.029715][T10359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.029735][T10359]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  209.029766][T10359]  ? clear_bhb_loop+0x60/0xb0
[  209.029792][T10359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.029812][T10359] RIP: 0033:0x7f950858e929
[  209.029832][T10359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.029851][T10359] RSP: 002b:00007f95093eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  209.029874][T10359] RAX: ffffffffffffffda RBX: 00007f95087b5fa0 RCX: 00007f950858e929
[  209.029889][T10359] RDX: 0000000000004000 RSI: 0000200000000200 RDI: 0000000000000004
[  209.029902][T10359] RBP: 00007f95093eb090 R08: 0000000000000000 R09: 0000000000000000
[  209.029915][T10359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.029926][T10358] __nla_validate_parse: 21 callbacks suppressed
[  209.029927][T10359] R13: 0000000000000000 R14: 00007f95087b5fa0 R15: 00007ffc46dfce28
[  209.029945][T10358] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1490'.
[  209.029960][T10359]  </TASK>
[  209.105415][T10360] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.161128][T10363] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1490'.
[  209.189213][T10365] validate_nla: 5 callbacks suppressed
[  209.189236][T10365] netlink: 'syz.3.1493': attribute type 29 has an invalid length.
[  209.515843][T10366] netlink: 'syz.3.1493': attribute type 29 has an invalid length.
[  209.671510][T10372] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1495'.
[  209.677007][T10373] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1496'.
[  209.914323][T10380] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1500'.
[  209.939823][T10380] netlink: 10 bytes leftover after parsing attributes in process `syz.4.1500'.
[  210.188031][T10407] netlink: 'syz.1.1507': attribute type 29 has an invalid length.
[  210.243393][T10407] netlink: 'syz.1.1507': attribute type 29 has an invalid length.
[  210.374675][T10414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1510'.
[  210.436225][T10417] bond0: (slave syz_tun): Releasing backup interface
[  210.517948][T10417] bridge_slave_1: left allmulticast mode
[  210.532929][T10417] bridge_slave_1: left promiscuous mode
[  210.537106][T10421] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1514'.
[  210.559688][T10417] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.571637][T10421] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  210.578562][T10421] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  210.623797][T10423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1511'.
[  210.645873][T10417] bond0: (slave bond_slave_0): Releasing backup interface
[  210.693163][T10417] bond0: (slave bond_slave_1): Releasing backup interface
[  210.731879][T10432] netlink: 'syz.3.1511': attribute type 21 has an invalid length.
[  210.768853][T10417] team0: Port device team_slave_0 removed
[  210.790995][T10417] team0: Port device team_slave_1 removed
[  210.801897][T10417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.810611][T10417] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.821492][T10417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.833431][T10417] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.833575][T10436] netlink: 596 bytes leftover after parsing attributes in process `syz.4.1516'.
[  210.859639][T10417] batman_adv: batadv0: Interface deactivated: ipvlan2
[  210.867302][T10417] batman_adv: batadv0: Removing interface: ipvlan2
[  210.878787][T10417] bond0: (slave bond1): Releasing backup interface
[  210.896415][T10417] bond0: (slave bond2): Releasing backup interface
[  210.937310][T10431] netlink: 'syz.4.1516': attribute type 29 has an invalid length.
[  210.974129][T10432] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode broadcast(3)
[  211.025667][T10435] x_tables: duplicate underflow at hook 2
[  211.047151][T10433] netlink: 'syz.4.1516': attribute type 29 has an invalid length.
[  211.899094][T10479] netlink: 'syz.1.1530': attribute type 29 has an invalid length.
[  211.935236][T10483] netlink: 'syz.1.1530': attribute type 29 has an invalid length.
[  212.154752][T10490] netlink: 'syz.1.1534': attribute type 29 has an invalid length.
[  212.410046][ T5860] Bluetooth: hci4: link tx timeout
[  212.416803][ T5860] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  212.440901][T10502] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  212.450535][  T846] IPVS: starting estimator thread 0...
[  212.553345][T10508] IPVS: using max 28 ests per chain, 67200 per kthread
[  213.046480][T10542] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  214.197784][T10602] __nla_validate_parse: 23 callbacks suppressed
[  214.197807][T10602] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1576'.
[  214.421590][T10609] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1580'.
[  214.453927][ T5848] Bluetooth: hci4: command 0x0405 tx timeout
[  214.463620][T10609] veth0: entered promiscuous mode
[  214.495349][T10608] veth0: left promiscuous mode
[  214.639583][T10614] validate_nla: 15 callbacks suppressed
[  214.639606][T10614] netlink: 'syz.3.1582': attribute type 29 has an invalid length.
[  214.659257][T10614] netlink: 'syz.3.1582': attribute type 29 has an invalid length.
[  214.674873][T10614] netlink: 500 bytes leftover after parsing attributes in process `syz.3.1582'.
[  214.774669][T10615] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  214.954647][T10625] netlink: 'syz.0.1585': attribute type 29 has an invalid length.
[  214.986054][T10625] netlink: 'syz.0.1585': attribute type 29 has an invalid length.
[  214.997289][T10625] netlink: 508 bytes leftover after parsing attributes in process `syz.0.1585'.
[  215.050807][T10629] sock: sock_set_timeout: `syz.4.1588' (pid 10629) tries to set negative timeout
[  215.159185][T10629] netlink: 184 bytes leftover after parsing attributes in process `syz.4.1588'.
[  215.174887][T10631] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1589'.
[  215.296323][T10639] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1592'.
[  215.438433][T10646] netlink: 'syz.1.1594': attribute type 29 has an invalid length.
[  215.464659][T10646] netlink: 'syz.1.1594': attribute type 29 has an invalid length.
[  215.484476][T10646] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1594'.
[  215.510751][T10655] netlink: 596 bytes leftover after parsing attributes in process `syz.3.1595'.
[  215.692393][T10662] netlink: 'syz.1.1599': attribute type 29 has an invalid length.
[  215.706691][T10662] netlink: 'syz.1.1599': attribute type 29 has an invalid length.
[  215.730694][T10662] netlink: 508 bytes leftover after parsing attributes in process `syz.1.1599'.
[  216.162382][T10678] x_tables: duplicate underflow at hook 1
[  216.188653][T10682] xt_hashlimit: overflow, try lower: 4294967295/0
[  216.322324][T10686] netlink: 'syz.2.1610': attribute type 29 has an invalid length.
[  216.336075][T10686] netlink: 'syz.2.1610': attribute type 29 has an invalid length.
[  216.470644][T10694] bridge_slave_1: left allmulticast mode
[  216.507659][T10694] bridge_slave_1: left promiscuous mode
[  216.518126][T10694] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.533387][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  216.579210][T10694] ÿ
: (slave bond_slave_0): Releasing backup interface
[  216.631622][T10694] bond_slave_0: left promiscuous mode
[  216.666802][T10694] ÿ
: (slave bond_slave_1): Releasing backup interface
[  216.681015][T10694] bond_slave_1: left promiscuous mode
[  216.687599][  T846] af_packet: tpacket_rcv: packet too big, clamped from 96 to 4294967272. macoff=96
[  216.772723][T10694] team0: Port device team_slave_0 removed
[  216.797209][T10694] team0: Port device team_slave_1 removed
[  216.821154][T10694] ÿ
: (slave bond2): Releasing backup interface
[  216.829992][T10694] bond2: left promiscuous mode
[  216.929361][T10700] mac80211_hwsim hwsim8 : entered promiscuous mode
[  216.948014][T10700] ÿ
: (slave ): Enslaving as an active interface with an up link
[  217.172211][  T978] IPVS: starting estimator thread 0...
[  217.181645][ T5853] Bluetooth: hci3: command 0x0406 tx timeout
[  217.188531][ T5860] Bluetooth: hci2: command 0x0406 tx timeout
[  217.188590][ T5167] Bluetooth: hci1: command 0x0406 tx timeout
[  217.324633][T10723] IPVS: using max 29 ests per chain, 69600 per kthread
[  218.292338][T10786] openvswitch: netlink: Multiple metadata blocks provided
[  218.701779][ T1316] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  218.730986][  T978] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  218.744110][ T1316] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  218.793628][  T978] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  218.813654][T10813] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  218.888244][T10818] chnl_net:caif_netlink_parms(): no params data found
[  218.904172][T10813] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  218.983869][  T978] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  219.061351][T10820] 8021q: adding VLAN 0 to HW filter on device bond2
[  219.320161][T10837] __nla_validate_parse: 27 callbacks suppressed
[  219.320185][T10837] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1664'.
[  219.419789][T10835] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[  219.484349][T10845] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1663'.
[  219.552936][T10849] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1667'.
[  219.648444][T10855] netlink: 596 bytes leftover after parsing attributes in process `syz.0.1670'.
[  219.862213][T10861] validate_nla: 11 callbacks suppressed
[  219.862233][T10861] netlink: 'syz.0.1673': attribute type 29 has an invalid length.
[  219.899291][T10861] netlink: 'syz.0.1673': attribute type 29 has an invalid length.
[  219.942552][T10861] netlink: 508 bytes leftover after parsing attributes in process `syz.0.1673'.
[  220.114901][T10876] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1680'.
[  220.146903][T10877] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1676'.
[  220.259598][T10881] xt_hashlimit: size too large, truncated to 1048576
[  220.353100][T10889] netlink: 'syz.0.1684': attribute type 1 has an invalid length.
[  220.381970][T10889] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1684'.
[  220.517629][T10892] netlink: 596 bytes leftover after parsing attributes in process `syz.2.1685'.
[  220.712424][T10899] netdevsim netdevsim2 ÿÿÿÿÿÿ: renamed from netdevsim0 (while UP)
[  220.773988][T10903] netlink: 'syz.4.1689': attribute type 29 has an invalid length.
[  220.789333][T10903] netlink: 'syz.4.1689': attribute type 29 has an invalid length.
[  220.801438][T10903] netlink: 500 bytes leftover after parsing attributes in process `syz.4.1689'.
[  221.038946][T10917] xt_hashlimit: max too large, truncated to 1048576
[  221.152681][T10925] FAULT_INJECTION: forcing a failure.
[  221.152681][T10925] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.187290][T10925] CPU: 1 UID: 0 PID: 10925 Comm: syz.1.1697 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  221.187324][T10925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  221.187338][T10925] Call Trace:
[  221.187346][T10925]  <TASK>
[  221.187356][T10925]  dump_stack_lvl+0x189/0x250
[  221.187387][T10925]  ? __pfx____ratelimit+0x10/0x10
[  221.187422][T10925]  ? __pfx_dump_stack_lvl+0x10/0x10
[  221.187449][T10925]  ? __pfx__printk+0x10/0x10
[  221.187476][T10925]  ? __might_fault+0xb0/0x130
[  221.187512][T10925]  should_fail_ex+0x414/0x560
[  221.187550][T10925]  _copy_from_user+0x2d/0xb0
[  221.187589][T10925]  ___sys_sendmsg+0x158/0x2a0
[  221.187622][T10925]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.187690][T10925]  ? __fget_files+0x2a/0x420
[  221.187722][T10925]  ? __fget_files+0x3a0/0x420
[  221.187764][T10925]  __x64_sys_sendmsg+0x19b/0x260
[  221.187795][T10925]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  221.187835][T10925]  ? __pfx_ksys_write+0x10/0x10
[  221.187857][T10925]  ? rcu_is_watching+0x15/0xb0
[  221.187890][T10925]  ? do_syscall_64+0xbe/0x3b0
[  221.187915][T10925]  do_syscall_64+0xfa/0x3b0
[  221.187934][T10925]  ? lockdep_hardirqs_on+0x9c/0x150
[  221.187968][T10925]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.187989][T10925]  ? clear_bhb_loop+0x60/0xb0
[  221.188016][T10925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.188036][T10925] RIP: 0033:0x7fb9e858e929
[  221.188056][T10925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.188075][T10925] RSP: 002b:00007fb9e93ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.188098][T10925] RAX: ffffffffffffffda RBX: 00007fb9e87b5fa0 RCX: 00007fb9e858e929
[  221.188114][T10925] RDX: 000000000000c054 RSI: 00002000000006c0 RDI: 0000000000000004
[  221.188128][T10925] RBP: 00007fb9e93ff090 R08: 0000000000000000 R09: 0000000000000000
[  221.188142][T10925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.188154][T10925] R13: 0000000000000000 R14: 00007fb9e87b5fa0 R15: 00007ffe221c5c48
[  221.188187][T10925]  </TASK>
[  221.481383][T10933] netlink: 'syz.1.1699': attribute type 13 has an invalid length.
[  221.482344][T10934] netlink: 'syz.1.1699': attribute type 13 has an invalid length.
[  221.505511][T10934] netlink: 'syz.1.1699': attribute type 58 has an invalid length.
[  221.511314][T10933] netlink: 'syz.1.1699': attribute type 58 has an invalid length.
[  221.640037][T10943] netlink: 'syz.1.1702': attribute type 29 has an invalid length.
[  222.130165][T10965] macvlan2: entered promiscuous mode
[  222.139477][T10965] macvlan2: entered allmulticast mode
[  222.177802][T10970] lo: left allmulticast mode
[  222.266966][T10970] dummy0: left promiscuous mode
[  222.283905][T10970] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  222.533381][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  223.248769][T11012] veth3: entered allmulticast mode
[  224.058841][T11066] netlink: zone id is out of range
[  224.073371][T11066] netlink: zone id is out of range
[  224.099112][T11066] netlink: zone id is out of range
[  224.130836][T11070] Unknown options in mask 1f4
[  224.131641][T11069] FAULT_INJECTION: forcing a failure.
[  224.131641][T11069] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.142509][T11066] netlink: zone id is out of range
[  224.162981][T11066] netlink: zone id is out of range
[  224.197804][T11069] CPU: 1 UID: 0 PID: 11069 Comm: syz.1.1746 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  224.197837][T11069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.197851][T11069] Call Trace:
[  224.197860][T11069]  <TASK>
[  224.197869][T11069]  dump_stack_lvl+0x189/0x250
[  224.197900][T11069]  ? __pfx____ratelimit+0x10/0x10
[  224.197935][T11069]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.197961][T11069]  ? __pfx__printk+0x10/0x10
[  224.197991][T11069]  ? __might_fault+0xb0/0x130
[  224.198030][T11069]  should_fail_ex+0x414/0x560
[  224.198067][T11069]  _copy_from_iter+0x1db/0x16f0
[  224.198094][T11069]  ? rcu_is_watching+0x15/0xb0
[  224.198122][T11069]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  224.198150][T11069]  ? __pfx__copy_from_iter+0x10/0x10
[  224.198175][T11069]  ? __build_skb_around+0x257/0x3e0
[  224.198205][T11069]  ? netlink_sendmsg+0x642/0xb30
[  224.198230][T11069]  ? skb_put+0x11b/0x210
[  224.198260][T11069]  netlink_sendmsg+0x6b2/0xb30
[  224.198297][T11069]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.198328][T11069]  ? aa_sock_msg_perm+0x94/0x160
[  224.198363][T11069]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  224.198395][T11069]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.198422][T11069]  __sock_sendmsg+0x21c/0x270
[  224.198448][T11069]  ____sys_sendmsg+0x505/0x830
[  224.198483][T11069]  ? __pfx_____sys_sendmsg+0x10/0x10
[  224.198523][T11069]  ? import_iovec+0x74/0xa0
[  224.198552][T11069]  ___sys_sendmsg+0x21f/0x2a0
[  224.198591][T11069]  ? __pfx____sys_sendmsg+0x10/0x10
[  224.198660][T11069]  ? __fget_files+0x2a/0x420
[  224.198688][T11069]  ? __fget_files+0x3a0/0x420
[  224.198728][T11069]  __x64_sys_sendmsg+0x19b/0x260
[  224.198765][T11069]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  224.198805][T11069]  ? __pfx_ksys_write+0x10/0x10
[  224.198827][T11069]  ? rcu_is_watching+0x15/0xb0
[  224.198859][T11069]  ? do_syscall_64+0xbe/0x3b0
[  224.198885][T11069]  do_syscall_64+0xfa/0x3b0
[  224.198905][T11069]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.198939][T11069]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.198959][T11069]  ? clear_bhb_loop+0x60/0xb0
[  224.198986][T11069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.199007][T11069] RIP: 0033:0x7fb9e858e929
[  224.199026][T11069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.199045][T11069] RSP: 002b:00007fb9e93ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.199068][T11069] RAX: ffffffffffffffda RBX: 00007fb9e87b5fa0 RCX: 00007fb9e858e929
[  224.199083][T11069] RDX: 000000000000c054 RSI: 00002000000006c0 RDI: 0000000000000004
[  224.199097][T11069] RBP: 00007fb9e93ff090 R08: 0000000000000000 R09: 0000000000000000
[  224.199115][T11069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.199128][T11069] R13: 0000000000000000 R14: 00007fb9e87b5fa0 R15: 00007ffe221c5c48
[  224.199184][T11069]  </TASK>
[  224.199579][T11066] netlink: zone id is out of range
[  224.531244][T11066] netlink: zone id is out of range
[  224.569207][T11066] netlink: zone id is out of range
[  224.579348][T11066] netlink: zone id is out of range
[  224.829889][T11089] __nla_validate_parse: 16 callbacks suppressed
[  224.829911][T11089] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1753'.
[  225.164833][T11097] validate_nla: 8 callbacks suppressed
[  225.164855][T11097] netlink: 'syz.3.1757': attribute type 29 has an invalid length.
[  225.260729][T11097] netlink: 'syz.3.1757': attribute type 29 has an invalid length.
[  225.492863][T11106] netlink: 'syz.0.1760': attribute type 1 has an invalid length.
[  226.032822][T11116] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1764'.
[  226.119076][T11120] netlink: 'syz.3.1767': attribute type 1 has an invalid length.
[  226.161747][T11120] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1767'.
[  226.792747][T11122] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.188701][T11144] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1771'.
[  227.317323][T11149] netlink: 'syz.1.1773': attribute type 29 has an invalid length.
[  227.328649][T11149] netlink: 'syz.1.1773': attribute type 29 has an invalid length.
[  227.587797][T11157] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1777'.
[  227.660978][T11164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1780'.
[  227.679549][T11164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1780'.
[  227.690280][T11164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1780'.
[  227.718186][T11164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1780'.
[  227.751304][T11167] FAULT_INJECTION: forcing a failure.
[  227.751304][T11167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.778769][T11167] CPU: 1 UID: 0 PID: 11167 Comm: syz.4.1781 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  227.778819][T11167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  227.778833][T11167] Call Trace:
[  227.778842][T11167]  <TASK>
[  227.778852][T11167]  dump_stack_lvl+0x189/0x250
[  227.778883][T11167]  ? __pfx____ratelimit+0x10/0x10
[  227.778918][T11167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  227.778951][T11167]  ? __pfx__printk+0x10/0x10
[  227.778981][T11167]  ? __might_fault+0xb0/0x130
[  227.779019][T11167]  should_fail_ex+0x414/0x560
[  227.779056][T11167]  _copy_from_iter+0x1db/0x16f0
[  227.779083][T11167]  ? rcu_is_watching+0x15/0xb0
[  227.779110][T11167]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  227.779139][T11167]  ? __pfx__copy_from_iter+0x10/0x10
[  227.779163][T11167]  ? __build_skb_around+0x257/0x3e0
[  227.779193][T11167]  ? netlink_sendmsg+0x642/0xb30
[  227.779218][T11167]  ? skb_put+0x11b/0x210
[  227.779247][T11167]  netlink_sendmsg+0x6b2/0xb30
[  227.779285][T11167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  227.779316][T11167]  ? aa_sock_msg_perm+0x94/0x160
[  227.779350][T11167]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  227.779382][T11167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  227.779410][T11167]  __sock_sendmsg+0x21c/0x270
[  227.779434][T11167]  ____sys_sendmsg+0x505/0x830
[  227.779468][T11167]  ? __pfx_____sys_sendmsg+0x10/0x10
[  227.779507][T11167]  ? import_iovec+0x74/0xa0
[  227.779535][T11167]  ___sys_sendmsg+0x21f/0x2a0
[  227.779566][T11167]  ? __pfx____sys_sendmsg+0x10/0x10
[  227.779634][T11167]  ? __fget_files+0x2a/0x420
[  227.779661][T11167]  ? __fget_files+0x3a0/0x420
[  227.779701][T11167]  __x64_sys_sendmsg+0x19b/0x260
[  227.779737][T11167]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  227.779773][T11167]  ? __pfx_ksys_write+0x10/0x10
[  227.779795][T11167]  ? rcu_is_watching+0x15/0xb0
[  227.779826][T11167]  ? do_syscall_64+0xbe/0x3b0
[  227.779852][T11167]  do_syscall_64+0xfa/0x3b0
[  227.779871][T11167]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.779904][T11167]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.779931][T11167]  ? clear_bhb_loop+0x60/0xb0
[  227.779958][T11167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.779978][T11167] RIP: 0033:0x7f5608b8e929
[  227.779997][T11167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.780016][T11167] RSP: 002b:00007f5609a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  227.780039][T11167] RAX: ffffffffffffffda RBX: 00007f5608db5fa0 RCX: 00007f5608b8e929
[  227.780055][T11167] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  227.780068][T11167] RBP: 00007f5609a57090 R08: 0000000000000000 R09: 0000000000000000
[  227.780082][T11167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.780094][T11167] R13: 0000000000000000 R14: 00007f5608db5fa0 R15: 00007fff06158bd8
[  227.780127][T11167]  </TASK>
[  228.079327][    C1] vcan0: j1939_tp_rxtimer: 0xffff888034b2a800: rx timeout, send abort
[  228.089296][    C1] vcan0: j1939_tp_rxtimer: 0xffff888034b29400: rx timeout, send abort
[  228.100036][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888034b29400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  228.227467][T11173] netlink: 'syz.0.1783': attribute type 142 has an invalid length.
[  228.269608][T11173] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1783'.
[  228.334496][T11178] netlink: 'syz.3.1786': attribute type 29 has an invalid length.
[  228.344398][T11178] netlink: 'syz.3.1786': attribute type 29 has an invalid length.
[  228.497890][T11182] tipc: Enabling of bearer <eth:vlan1> rejected, failed to enable media
[  228.609894][T11192] netlink: 'syz.3.1792': attribute type 10 has an invalid length.
[  228.673539][T11194] raw_sendmsg: syz.1.1790 forgot to set AF_INET. Fix it!
[  228.819120][T11203] FAULT_INJECTION: forcing a failure.
[  228.819120][T11203] name failslab, interval 1, probability 0, space 0, times 0
[  228.853308][T11203] CPU: 1 UID: 0 PID: 11203 Comm: syz.4.1795 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  228.853352][T11203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  228.853373][T11203] Call Trace:
[  228.853382][T11203]  <TASK>
[  228.853392][T11203]  dump_stack_lvl+0x189/0x250
[  228.853425][T11203]  ? __pfx____ratelimit+0x10/0x10
[  228.853460][T11203]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.853486][T11203]  ? __pfx__printk+0x10/0x10
[  228.853523][T11203]  ? ref_tracker_alloc+0x318/0x460
[  228.853560][T11203]  should_fail_ex+0x414/0x560
[  228.853596][T11203]  should_failslab+0xa8/0x100
[  228.853626][T11203]  kmem_cache_alloc_noprof+0x73/0x3c0
[  228.853651][T11203]  ? skb_clone+0x212/0x3a0
[  228.853685][T11203]  skb_clone+0x212/0x3a0
[  228.853719][T11203]  __netlink_deliver_tap+0x404/0x850
[  228.853765][T11203]  ? netlink_deliver_tap+0x2e/0x1b0
[  228.853792][T11203]  netlink_deliver_tap+0x19c/0x1b0
[  228.853819][T11203]  netlink_unicast+0x730/0x8e0
[  228.853854][T11203]  netlink_sendmsg+0x805/0xb30
[  228.853891][T11203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.853922][T11203]  ? aa_sock_msg_perm+0x94/0x160
[  228.853957][T11203]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  228.853991][T11203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.854020][T11203]  __sock_sendmsg+0x21c/0x270
[  228.854044][T11203]  ____sys_sendmsg+0x505/0x830
[  228.854079][T11203]  ? __pfx_____sys_sendmsg+0x10/0x10
[  228.854118][T11203]  ? import_iovec+0x74/0xa0
[  228.854154][T11203]  ___sys_sendmsg+0x21f/0x2a0
[  228.854186][T11203]  ? __pfx____sys_sendmsg+0x10/0x10
[  228.854254][T11203]  ? __fget_files+0x2a/0x420
[  228.854283][T11203]  ? __fget_files+0x3a0/0x420
[  228.854323][T11203]  __x64_sys_sendmsg+0x19b/0x260
[  228.854355][T11203]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  228.854395][T11203]  ? __pfx_ksys_write+0x10/0x10
[  228.854436][T11203]  ? rcu_is_watching+0x15/0xb0
[  228.854468][T11203]  ? do_syscall_64+0xbe/0x3b0
[  228.854496][T11203]  do_syscall_64+0xfa/0x3b0
[  228.854515][T11203]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.854550][T11203]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.854570][T11203]  ? clear_bhb_loop+0x60/0xb0
[  228.854597][T11203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.854618][T11203] RIP: 0033:0x7f5608b8e929
[  228.854639][T11203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.854658][T11203] RSP: 002b:00007f5609a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  228.854682][T11203] RAX: ffffffffffffffda RBX: 00007f5608db5fa0 RCX: 00007f5608b8e929
[  228.854698][T11203] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  228.854711][T11203] RBP: 00007f5609a57090 R08: 0000000000000000 R09: 0000000000000000
[  228.854725][T11203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.854738][T11203] R13: 0000000000000000 R14: 00007f5608db5fa0 R15: 00007fff06158bd8
[  228.854773][T11203]  </TASK>
[  229.829426][T11239] FAULT_INJECTION: forcing a failure.
[  229.829426][T11239] name failslab, interval 1, probability 0, space 0, times 0
[  229.843908][T11239] CPU: 0 UID: 0 PID: 11239 Comm: syz.2.1810 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  229.843938][T11239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.843951][T11239] Call Trace:
[  229.843960][T11239]  <TASK>
[  229.843970][T11239]  dump_stack_lvl+0x189/0x250
[  229.844001][T11239]  ? __pfx____ratelimit+0x10/0x10
[  229.844036][T11239]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.844063][T11239]  ? __pfx__printk+0x10/0x10
[  229.844096][T11239]  ? __pfx___might_resched+0x10/0x10
[  229.844122][T11239]  ? fs_reclaim_acquire+0x7d/0x100
[  229.844159][T11239]  should_fail_ex+0x414/0x560
[  229.844195][T11239]  should_failslab+0xa8/0x100
[  229.844226][T11239]  __kmalloc_noprof+0xcb/0x4f0
[  229.844250][T11239]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  229.844274][T11239]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  229.844315][T11239]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  229.844358][T11239]  genl_family_rcv_msg_doit+0xb8/0x300
[  229.844400][T11239]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  229.844437][T11239]  ? rcu_is_watching+0x15/0xb0
[  229.844466][T11239]  ? apparmor_capable+0x137/0x1b0
[  229.844493][T11239]  ? bpf_lsm_capable+0x9/0x20
[  229.844516][T11239]  ? security_capable+0x7e/0x2e0
[  229.844556][T11239]  genl_rcv_msg+0x60e/0x790
[  229.844596][T11239]  ? __pfx_genl_rcv_msg+0x10/0x10
[  229.844626][T11239]  ? ref_tracker_free+0x63a/0x7d0
[  229.844657][T11239]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  229.844687][T11239]  ? __pfx_nl80211_start_ap+0x10/0x10
[  229.844706][T11239]  ? __pfx_nl80211_post_doit+0x10/0x10
[  229.844738][T11239]  ? __pfx_ref_tracker_free+0x10/0x10
[  229.844784][T11239]  netlink_rcv_skb+0x205/0x470
[  229.844817][T11239]  ? __pfx_genl_rcv_msg+0x10/0x10
[  229.844857][T11239]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  229.844903][T11239]  ? down_read+0x1ad/0x2e0
[  229.844930][T11239]  genl_rcv+0x28/0x40
[  229.844961][T11239]  netlink_unicast+0x759/0x8e0
[  229.844997][T11239]  netlink_sendmsg+0x805/0xb30
[  229.845036][T11239]  ? __pfx_netlink_sendmsg+0x10/0x10
[  229.845067][T11239]  ? aa_sock_msg_perm+0x94/0x160
[  229.845101][T11239]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  229.845133][T11239]  ? __pfx_netlink_sendmsg+0x10/0x10
[  229.845162][T11239]  __sock_sendmsg+0x21c/0x270
[  229.845187][T11239]  ____sys_sendmsg+0x505/0x830
[  229.845221][T11239]  ? __pfx_____sys_sendmsg+0x10/0x10
[  229.845260][T11239]  ? import_iovec+0x74/0xa0
[  229.845290][T11239]  ___sys_sendmsg+0x21f/0x2a0
[  229.845321][T11239]  ? __pfx____sys_sendmsg+0x10/0x10
[  229.845392][T11239]  ? __fget_files+0x2a/0x420
[  229.845419][T11239]  ? __fget_files+0x3a0/0x420
[  229.845461][T11239]  __x64_sys_sendmsg+0x19b/0x260
[  229.845492][T11239]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  229.845533][T11239]  ? __pfx_ksys_write+0x10/0x10
[  229.845564][T11239]  ? do_syscall_64+0xbe/0x3b0
[  229.845591][T11239]  do_syscall_64+0xfa/0x3b0
[  229.845614][T11239]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.845635][T11239]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  229.845657][T11239]  ? clear_bhb_loop+0x60/0xb0
[  229.845683][T11239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.845704][T11239] RIP: 0033:0x7fcc49d8e929
[  229.845723][T11239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.845742][T11239] RSP: 002b:00007fcc4acab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  229.845765][T11239] RAX: ffffffffffffffda RBX: 00007fcc49fb5fa0 RCX: 00007fcc49d8e929
[  229.845781][T11239] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  229.845795][T11239] RBP: 00007fcc4acab090 R08: 0000000000000000 R09: 0000000000000000
[  229.845809][T11239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.845821][T11239] R13: 0000000000000000 R14: 00007fcc49fb5fa0 R15: 00007ffdd115e548
[  229.845862][T11239]  </TASK>
[  230.458450][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  230.542405][T11253] __nla_validate_parse: 13 callbacks suppressed
[  230.542426][T11253] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1813'.
[  230.869700][T11268] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1818'.
[  230.890636][T11270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1819'.
[  230.896380][T11268] netlink: 'syz.2.1818': attribute type 7 has an invalid length.
[  230.901678][T11270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1819'.
[  230.921935][T11268] netlink: 'syz.2.1818': attribute type 8 has an invalid length.
[  230.937627][T11268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1818'.
[  230.952021][T11270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1819'.
[  231.010993][T11276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1819'.
[  231.091471][T11279] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1822'.
[  231.108786][T11279] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1822'.
[  231.139828][T11279] netlink: 648 bytes leftover after parsing attributes in process `syz.1.1822'.
[  231.177643][T11279] net_ratelimit: 41 callbacks suppressed
[  231.177662][T11279] openvswitch: netlink: Flow key attr not present in new flow.
[  231.285142][T11294] netlink: 'syz.4.1826': attribute type 1 has an invalid length.
[  231.317508][T11297] openvswitch: netlink: Duplicate or invalid key (type 0).
[  231.341717][T11297] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  231.571858][T11308] xt_hashlimit: max too large, truncated to 1048576
[  231.574163][T11306] FAULT_INJECTION: forcing a failure.
[  231.574163][T11306] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.597918][T11306] CPU: 0 UID: 0 PID: 11306 Comm: syz.2.1832 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  231.597949][T11306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.597963][T11306] Call Trace:
[  231.597972][T11306]  <TASK>
[  231.597982][T11306]  dump_stack_lvl+0x189/0x250
[  231.598014][T11306]  ? __pfx____ratelimit+0x10/0x10
[  231.598050][T11306]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.598077][T11306]  ? __pfx__printk+0x10/0x10
[  231.598126][T11306]  should_fail_ex+0x414/0x560
[  231.598164][T11306]  _copy_to_user+0x31/0xb0
[  231.598193][T11306]  simple_read_from_buffer+0xe1/0x170
[  231.598227][T11306]  proc_fail_nth_read+0x1df/0x250
[  231.598262][T11306]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  231.598297][T11306]  ? rw_verify_area+0x258/0x650
[  231.598321][T11306]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  231.598354][T11306]  vfs_read+0x200/0x980
[  231.598384][T11306]  ? __pfx___mutex_lock+0x10/0x10
[  231.598407][T11306]  ? __pfx_vfs_read+0x10/0x10
[  231.598454][T11306]  ? __fget_files+0x2a/0x420
[  231.598488][T11306]  ? __fget_files+0x3a0/0x420
[  231.598515][T11306]  ? __fget_files+0x2a/0x420
[  231.598561][T11306]  ksys_read+0x145/0x250
[  231.598588][T11306]  ? __pfx_ksys_read+0x10/0x10
[  231.598610][T11306]  ? rcu_is_watching+0x15/0xb0
[  231.598641][T11306]  ? do_syscall_64+0xbe/0x3b0
[  231.598667][T11306]  do_syscall_64+0xfa/0x3b0
[  231.598687][T11306]  ? lockdep_hardirqs_on+0x9c/0x150
[  231.598719][T11306]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.598746][T11306]  ? clear_bhb_loop+0x60/0xb0
[  231.598772][T11306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.598793][T11306] RIP: 0033:0x7fcc49d8d33c
[  231.598813][T11306] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  231.598831][T11306] RSP: 002b:00007fcc4acab030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  231.598854][T11306] RAX: ffffffffffffffda RBX: 00007fcc49fb5fa0 RCX: 00007fcc49d8d33c
[  231.598869][T11306] RDX: 000000000000000f RSI: 00007fcc4acab0a0 RDI: 0000000000000005
[  231.598882][T11306] RBP: 00007fcc4acab090 R08: 0000000000000000 R09: 0000000000000000
[  231.598894][T11306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  231.598905][T11306] R13: 0000000000000000 R14: 00007fcc49fb5fa0 R15: 00007ffdd115e548
[  231.598938][T11306]  </TASK>
[  233.336403][T11393] FAULT_INJECTION: forcing a failure.
[  233.336403][T11393] name failslab, interval 1, probability 0, space 0, times 0
[  233.359877][T11393] CPU: 1 UID: 0 PID: 11393 Comm: syz.3.1858 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  233.359915][T11393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  233.359929][T11393] Call Trace:
[  233.359938][T11393]  <TASK>
[  233.359947][T11393]  dump_stack_lvl+0x189/0x250
[  233.359981][T11393]  ? __pfx____ratelimit+0x10/0x10
[  233.360015][T11393]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.360040][T11393]  ? __pfx__printk+0x10/0x10
[  233.360087][T11393]  should_fail_ex+0x414/0x560
[  233.360125][T11393]  should_failslab+0xa8/0x100
[  233.360155][T11393]  kmem_cache_alloc_noprof+0x73/0x3c0
[  233.360181][T11393]  ? skb_clone+0x212/0x3a0
[  233.360217][T11393]  skb_clone+0x212/0x3a0
[  233.360252][T11393]  __netlink_deliver_tap+0x404/0x850
[  233.360293][T11393]  ? netlink_deliver_tap+0x2e/0x1b0
[  233.360322][T11393]  netlink_deliver_tap+0x19c/0x1b0
[  233.360351][T11393]  netlink_sendskb+0x68/0x140
[  233.360382][T11393]  netlink_rcv_skb+0x28c/0x470
[  233.360409][T11393]  ? __pfx_genl_rcv_msg+0x10/0x10
[  233.360453][T11393]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  233.360499][T11393]  ? down_read+0x1ad/0x2e0
[  233.360525][T11393]  genl_rcv+0x28/0x40
[  233.360554][T11393]  netlink_unicast+0x759/0x8e0
[  233.360594][T11393]  netlink_sendmsg+0x805/0xb30
[  233.360633][T11393]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.360664][T11393]  ? aa_sock_msg_perm+0x94/0x160
[  233.360699][T11393]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  233.360732][T11393]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.360760][T11393]  __sock_sendmsg+0x21c/0x270
[  233.360785][T11393]  ____sys_sendmsg+0x505/0x830
[  233.360820][T11393]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.360860][T11393]  ? import_iovec+0x74/0xa0
[  233.360891][T11393]  ___sys_sendmsg+0x21f/0x2a0
[  233.360923][T11393]  ? __pfx____sys_sendmsg+0x10/0x10
[  233.360994][T11393]  ? __fget_files+0x2a/0x420
[  233.361023][T11393]  ? __fget_files+0x3a0/0x420
[  233.361065][T11393]  __x64_sys_sendmsg+0x19b/0x260
[  233.361098][T11393]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  233.361138][T11393]  ? __pfx_ksys_write+0x10/0x10
[  233.361161][T11393]  ? rcu_is_watching+0x15/0xb0
[  233.361193][T11393]  ? do_syscall_64+0xbe/0x3b0
[  233.361219][T11393]  do_syscall_64+0xfa/0x3b0
[  233.361238][T11393]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.361272][T11393]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.361294][T11393]  ? clear_bhb_loop+0x60/0xb0
[  233.361320][T11393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.361341][T11393] RIP: 0033:0x7f950858e929
[  233.361362][T11393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.361381][T11393] RSP: 002b:00007f95093eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.361404][T11393] RAX: ffffffffffffffda RBX: 00007f95087b5fa0 RCX: 00007f950858e929
[  233.361435][T11393] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  233.361449][T11393] RBP: 00007f95093eb090 R08: 0000000000000000 R09: 0000000000000000
[  233.361463][T11393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.361476][T11393] R13: 0000000000000000 R14: 00007f95087b5fa0 R15: 00007ffc46dfce28
[  233.361511][T11393]  </TASK>
[  233.757431][T11400] 8021q: VLANs not supported on ip6gre0
[  234.493847][T11436] syz_tun: left promiscuous mode
[  234.544396][T11436] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  234.851709][T11447] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  234.878816][T11447] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  234.900332][T11447] bond0 (unregistering): (slave netdevsim0): Releasing backup interface
[  234.922292][T11447] bond0 (unregistering): Released all slaves
[  235.792513][T11497] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  235.824105][T11497] netlink: 'syz.0.1899': attribute type 7 has an invalid length.
[  236.061098][    C0] Unknown status report in ack skb
[  236.079593][T11510] tunl0: entered promiscuous mode
[  236.116534][   T36] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  236.193754][T11513] __nla_validate_parse: 42 callbacks suppressed
[  236.193783][T11513] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1906'.
[  236.221058][T11515] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1905'.
[  236.232010][ T7053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.232586][T11513] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1906'.
[  236.252296][ T7053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.294341][T11513] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1906'.
[  236.317672][T11522] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1906'.
[  236.344932][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.353013][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.442029][ T7053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.474391][ T7053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.507319][   T13] ------------[ cut here ]------------
[  236.513177][   T13] WARNING: CPU: 0 PID: 13 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x3ca/0x440
[  236.523923][   T13] Modules linked in:
[  236.528164][   T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  236.541012][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.551761][   T13] Workqueue: cfg80211 cfg80211_event_work
[  236.558356][   T13] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440
[  236.564935][   T13] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d e9 98 d8 a2 00 cc e8 62 fc f0 f6 90 0f 0b 90 eb bd e8 57 fc f0 f6 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 47 fc f0 f6 90 0f 0b 90 e9 de fd
[  236.586710][   T13] RSP: 0018:ffffc900001278e0 EFLAGS: 00010293
[  236.593490][   T13] RAX: ffffffff8acf3a19 RBX: dffffc0000000000 RCX: ffff88801d2e0000
[  236.602068][   T13] RDX: 0000000000000000 RSI: ffffffff8d998bbb RDI: ffffffff8be29dc0
[  236.610327][   T13] RBP: ffffc900001279b8 R08: ffffffff8fa1f3f7 R09: 1ffffffff1f43e7e
[  236.619052][   T13] R10: dffffc0000000000 R11: fffffbfff1f43e7f R12: ffff88806b8f4d90
[  236.627223][   T13] R13: 1ffff92000024f24 R14: ffff888026f33338 R15: 0000000000000006
[  236.635895][   T13] FS:  0000000000000000(0000) GS:ffff888125c1b000(0000) knlGS:0000000000000000
[  236.646003][   T13] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  236.653010][   T13] CR2: 000055558a9cd5c8 CR3: 000000000df38000 CR4: 00000000003526f0
[  236.661287][   T13] Call Trace:
[  236.664755][   T13]  <TASK>
[  236.667840][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  236.673807][   T13]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[  236.680333][   T13]  ? cfg80211_event_work+0x24/0x60
[  236.686268][   T13]  ? __pfx___mutex_lock+0x10/0x10
[  236.691548][   T13]  cfg80211_process_wdev_events+0x38a/0x4f0
[  236.697848][   T13]  cfg80211_process_rdev_events+0xa1/0x110
[  236.704681][   T13]  cfg80211_event_work+0x2c/0x60
[  236.709855][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  236.715673][   T13]  process_scheduled_works+0xae1/0x17b0
[  236.721430][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  236.727674][   T13]  worker_thread+0x8a0/0xda0
[  236.732410][   T13]  kthread+0x70e/0x8a0
[  236.737041][   T13]  ? __pfx_worker_thread+0x10/0x10
[  236.742427][   T13]  ? __pfx_kthread+0x10/0x10
[  236.747300][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.752657][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  236.758144][   T13]  ? __pfx_kthread+0x10/0x10
[  236.762891][   T13]  ret_from_fork+0x3fc/0x770
[  236.768030][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  236.773488][   T13]  ? __switch_to_asm+0x39/0x70
[  236.778431][   T13]  ? __switch_to_asm+0x33/0x70
[  236.783823][   T13]  ? __pfx_kthread+0x10/0x10
[  236.788700][   T13]  ret_from_fork_asm+0x1a/0x30
[  236.794654][   T13]  </TASK>
[  236.798097][   T13] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  236.805679][   T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc5-syzkaller-00205-g531d0d32de3e #0 PREEMPT(full) 
[  236.817808][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.827920][   T13] Workqueue: cfg80211 cfg80211_event_work
[  236.833951][   T13] Call Trace:
[  236.837412][   T13]  <TASK>
[  236.840401][   T13]  dump_stack_lvl+0x99/0x250
[  236.845142][   T13]  ? __asan_memcpy+0x40/0x70
[  236.850002][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.855536][   T13]  ? __pfx__printk+0x10/0x10
[  236.860324][   T13]  panic+0x2db/0x790
[  236.864388][   T13]  ? __pfx_panic+0x10/0x10
[  236.869148][   T13]  ? show_trace_log_lvl+0x4fb/0x550
[  236.874428][   T13]  ? ret_from_fork_asm+0x1a/0x30
[  236.880123][   T13]  __warn+0x31b/0x4b0
[  236.884395][   T13]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  236.890250][   T13]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  236.896017][   T13]  report_bug+0x2be/0x4f0
[  236.900621][   T13]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  236.906324][   T13]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  236.912193][   T13]  ? __cfg80211_ibss_joined+0x3cc/0x440
[  236.918115][   T13]  handle_bug+0x84/0x160
[  236.922446][   T13]  exc_invalid_op+0x1a/0x50
[  236.927103][   T13]  asm_exc_invalid_op+0x1a/0x20
[  236.932079][   T13] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440
[  236.938354][   T13] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d e9 98 d8 a2 00 cc e8 62 fc f0 f6 90 0f 0b 90 eb bd e8 57 fc f0 f6 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 47 fc f0 f6 90 0f 0b 90 e9 de fd
[  236.958521][   T13] RSP: 0018:ffffc900001278e0 EFLAGS: 00010293
[  236.964853][   T13] RAX: ffffffff8acf3a19 RBX: dffffc0000000000 RCX: ffff88801d2e0000
[  236.973136][   T13] RDX: 0000000000000000 RSI: ffffffff8d998bbb RDI: ffffffff8be29dc0
[  236.981405][   T13] RBP: ffffc900001279b8 R08: ffffffff8fa1f3f7 R09: 1ffffffff1f43e7e
[  236.990130][   T13] R10: dffffc0000000000 R11: fffffbfff1f43e7f R12: ffff88806b8f4d90
[  236.999056][   T13] R13: 1ffff92000024f24 R14: ffff888026f33338 R15: 0000000000000006
[  237.007265][   T13]  ? __cfg80211_ibss_joined+0x3c9/0x440
[  237.012868][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  237.018209][   T13]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[  237.024300][   T13]  ? cfg80211_event_work+0x24/0x60
[  237.029816][   T13]  ? __pfx___mutex_lock+0x10/0x10
[  237.034984][   T13]  cfg80211_process_wdev_events+0x38a/0x4f0
[  237.041036][   T13]  cfg80211_process_rdev_events+0xa1/0x110
[  237.047139][   T13]  cfg80211_event_work+0x2c/0x60
[  237.052137][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  237.057924][   T13]  process_scheduled_works+0xae1/0x17b0
[  237.063634][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  237.069889][   T13]  worker_thread+0x8a0/0xda0
[  237.074880][   T13]  kthread+0x70e/0x8a0
[  237.079684][   T13]  ? __pfx_worker_thread+0x10/0x10
[  237.085003][   T13]  ? __pfx_kthread+0x10/0x10
[  237.089733][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.095067][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  237.100308][   T13]  ? __pfx_kthread+0x10/0x10
[  237.105283][   T13]  ret_from_fork+0x3fc/0x770
[  237.110437][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  237.115771][   T13]  ? __switch_to_asm+0x39/0x70
[  237.120669][   T13]  ? __switch_to_asm+0x33/0x70
[  237.125463][   T13]  ? __pfx_kthread+0x10/0x10
[  237.130182][   T13]  ret_from_fork_asm+0x1a/0x30
[  237.135175][   T13]  </TASK>
[  237.138641][   T13] Kernel Offset: disabled
[  237.143193][   T13] Rebooting in 86400 seconds..