last executing test programs:

31.820333883s ago: executing program 3 (id=1717):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22052, r0, 0x0)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4)

31.567257582s ago: executing program 3 (id=1719):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, 0x0, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYRESOCT=0x0, @ANYRES16, @ANYRES8], 0x38}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r2)

31.438429534s ago: executing program 3 (id=1722):
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000100)=[{&(0x7f0000001500)="6e80000000000100000000000000000000000c81", 0x14}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000)={0x6, 0x40, 0xfff8}, 0x8)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="280100001700250c26bd7000ffdbdf2500000000000000000000000000000001000004d433000000e0000001000000000000000000000000ff020000000000000000000000000001ac1414bb0000000000000000000000004e2100044e2000040a00a0a088000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0a010100000000000000000000000000fc0100000000000000000000000000004e2200074e2400ff0a0020202f000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00040000000000007f00000000000000001000000000000002000000020000000059000000000000fc0b00000000000000000000000000009266a2140000000009000000000000000900000000000000fcffffffffffffff030000000000000001000080b26b6e000300020000000000040f0000d00000000d00000026bd7000"], 0x128}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000b00)=ANY=[@ANYBLOB="140100002e000100000000000000000001"], 0x114}], 0x1}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000840)=@newtfilter={0x5c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x30, 0x2, [@TCA_U32_CLASSID={0x8, 0x1, {0x2, 0x4}}, @TCA_U32_SEL={0x24, 0x5, {0x8, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x6, 0x9, 0x1, 0x5}]}}]}}]}, 0x5c}}, 0x24040084)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0x70, r6, 0x300, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@crypto_settings=[@NL80211_ATTR_PMK={0x42, 0xfe, "0b3972cefb561f2105d2b63382a01e2148069a6ba7c73dfbf802ff4ea84ed00c08cc45e8f10e3dae40afa7bec83d6b2554f8c666062ef89283753ea1e480"}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x10, 0x49, [0x3, 0xfac0b, 0xfac0b]}]]}, 0x70}, 0x1, 0x0, 0x0, 0x41001}, 0xbeceb0d5be396ee0)
vmsplice(r2, &(0x7f0000000200), 0x0, 0x8)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000600142603600e1208000f0000000401a80016002000034004000200035c0461c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a1a83", 0xd4}, {&(0x7f00000014c0)="dc9ebe30", 0x4}], 0x2}, 0x0)

31.272464438s ago: executing program 3 (id=1725):
socket$inet6(0xa, 0x3, 0xff)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000c40)={'wg2\x00', <r3=>0x0})
sendmmsg(r0, &(0x7f0000001800)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000ec0)='O', 0x1}], 0x1}}, {{&(0x7f0000000c80)=@ll={0x11, 0x19, r3, 0x1, 0x81, 0x6, @broadcast}, 0x80, &(0x7f0000000e80)=[{&(0x7f0000000d00)="c3dfe1aa2599aecaaeb8da01", 0xc}, {&(0x7f0000000d40)="4261273ad586cc6dbe6750ab3913ee1a", 0x10}], 0x2, &(0x7f0000001900)=[{0x108, 0x111, 0x3c3, "04855f1978ae7adf5f93e5b5ee28895622c6abe3ca1c2c9447a1ccf402e7df806e6816f23741fd52b1ed98f96f33e6ef4132beef5c21aad3eef446f67a03a706c0b06d3b8e55d0cdb48c7b311d7502858fb185a98c46ba0cc3945fd806c36a0f30bfc6c391f9ded532ded7b0f10a9ff87979c8fef4e944a63db9821494c34b67cc70a7a83323e5f5f5651f62820f40c8da4692780d66c77995119713ee62752060b8a379ce48afe1584fe4dbb2a030d562d8f709f9394a6bc48fb8fb00d792008c3fa96c361557b8a97ecd3f5d3afce5d67dbd150407a9188a91993049e628ead3dc232467d312c145ab5b4d99e6566ec4f1f4d0060a"}, {0x80, 0x38, 0x3ff, "7f6ab7cd3132d5f1f0d080c5b7aecebb6cb19a0fd48231845173b9aeb6fcefdc062a5c9b672d42faddee9a4c8272c4eb98defd986ee9bab242892ca8f91168831c916ee5c3a01251492b3209615dadd3fc3dbe3498d2fe84dd5621eb6ad26a490847dfab9ed97febb7394cc15a3da228"}], 0x188}}], 0x2, 0x1)

31.183255556s ago: executing program 3 (id=1727):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

31.049571307s ago: executing program 3 (id=1730):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x31, 0xffffffffffffffff, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000000c0)=ANY=[@ANYBLOB="39ffffffffffffec"], 0x8)
getsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000015c0)=""/4096, &(0x7f0000000040)=0x1000)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000000a14010025bd7000fedbdf2505000900"], 0x28}, 0x1, 0x0, 0x0, 0x4024}, 0x480c0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000000)=<r4=>0x0)
bind$nfc_llcp(r0, &(0x7f0000001040)={0x27, r4, 0xffffffffffffffff, 0x5, 0x2, 0x0, "d32984bd1ca44c066af5160e961701a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000001200000000001900", 0x3c}, 0x60)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$nfc_llcp(r5, &(0x7f00000000c0)={0x27, r4, 0x1, 0x4, 0x0, 0xff, "bac5115c7dad488702b535116fad55baf63cdd52fc30106310abb622a1c3c01c13c04df6b906288e64e96754059e65c39c5759b069d6e6d9589e5f2348878c", 0x24}, 0x60)
r6 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f00000002c0), 0x4)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000bb76921b00000000030000008500000027000000850000002a00000095"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000100)=@qipcrtr={0x2a, 0x4, 0x1}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000280)="27031c12160014000000002f1eafacf706e105000000894f00050005ee0b80558ddbba9b37242d37a518fc9c5be50eaf07c3650596", 0xfc66}], 0x1}, 0x4)
close(r1)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000ffffffff180800002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000400008500000006000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r10}, 0xc)
setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x41, &(0x7f0000000000)=0x991, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r11=>0x0})
sendmsg$can_raw(r8, &(0x7f0000000440)={&(0x7f0000000780)={0x1d, r11}, 0xfffffdcd, &(0x7f0000000200)={&(0x7f0000000300)=@canfd={{0x2, 0x1, 0x1}, 0x23, 0x3, 0x0, 0x0, "7319501f64143bd79cba2b4d7e31261d4d65fa71b4e1df669eada3783dd6d5611b7b2bf8b6f01444e1223928b5a6814c8acf7429de2c09867c0d6f601660bd2b"}, 0x10}, 0x1, 0x0, 0x0, 0x4008040}, 0x44001)
recvmmsg(r8, &(0x7f0000000cc0), 0x2f, 0x2001, 0x0)
pipe(&(0x7f0000000140))
openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

28.783520136s ago: executing program 2 (id=1768):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x34, r4, 0x1, 0x0, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'nicvf0\x00'}]}, 0x34}, 0x1, 0x40030000000000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001708000640ffffff000800034000000038380000000c0a01010000000000000000070000000900020073010031000000000900010073797a30000000000c0003800800008004000184140000001000010000000000000000000084000a734f8b120ef5a17089939c0cfc9faccec3bdc0755ddd5fd09f2b83f02f7678e066318ad69754b5de9be19b6e24001da93f20931793012c464f3fb9e424fc29ce34f59db3f8e1e1db2a77100e1d94590f8108157d649c9e134b0748555c6d60184e6970004f8f9eb147590b3f3b6a50daf4108bcdd3fc3ffc5ee68e94c1f057cc1a471d501779b465488256a22eed31e3a8ebcfe32458356a0b43853630dc83e9ee89a5b99bdd1e2e961e38171042a346945db53282d23bb52582e1479bdae69c76ca244b82d4321dafaa9519ee3fa28646bee2a02efa22dce52d2889483c1ae84cfe0d0de6ad"], 0xcc}}, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r9)
sendmsg$IPVS_CMD_ZERO(r8, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)={0x80, r10, 0x10, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x400}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xe}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xa}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1747}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}]}, 0x80}, 0x1, 0x0, 0x0, 0x488c0}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00'], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r12, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
r13 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r13, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r14=>0x0}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r12, 0x84, 0x9, &(0x7f00000000c0)={r14, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c)
r15 = socket$unix(0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000000100)={'veth1\x00', <r16=>0x0})
r17 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r17, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB="400000001000370400000000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="01b505edff0000002000128008000100687372001400028008000100", @ANYRES32=r16, @ANYBLOB="08000200", @ANYRES32=r11, @ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x11}, 0x800)
sendto$packet(r6, &(0x7f00000004c0)="f3b017bad93f264e9a341ff217ce5384f9b7076a38125c6d1b49c52e09b2987d55804ba6d652a5b517eeb012bf888ad250313c6c0b9493a3dfb684e8ef60cf360e04e07ff5f75d6e01f9c39eebf1f59a527642ce2c03c65b7702023d3033ea42482c263ccf09a3cd8e6274dda0b03a63eaf63b5ad1945593f8062cef7c975f33e4df46d889d9de67d3cec97f6bdfe552a614e29af31c58118b9520419bbcffdfefcd29659a1200"/177, 0xb1, 0x24048104, 0x0, 0x0)

28.378762725s ago: executing program 0 (id=1773):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)

28.275691624s ago: executing program 0 (id=1774):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0x806000)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, 0x0, 0x40000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8937, &(0x7f0000000000)={'veth1_virt_wifi\x00', @random="010000201000"})
r2 = epoll_create1(0x0)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$X25_QBITINCL(r3, 0x106, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
epoll_pwait(r2, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r5, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r2, &(0x7f0000000000)={0xa0000001})
getpeername$unix(r4, &(0x7f0000000240)=@abs, &(0x7f00000000c0)=0x6e)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x14, 0x11, 0x0, 0x1, @target={{0xb}, @val={0x4}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}}, 0x98}}, 0x0)
ppoll(&(0x7f0000000200)=[{r6, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_wait(r2, &(0x7f0000000040)=[{}], 0x1, 0x400)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000180))
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x9ffffc})

27.822800648s ago: executing program 2 (id=1779):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fcdbdf25090000000c000600379bca807cbc316bc0dfb64a2c20ff6f8e7bb1da50140e281ce4e81d49a09f0310ec730311d8568427b090355481fc76415a08b66fc18e077f33585b3da6d9f4abf2ff067285c98f5dfab0679a34b0e3efd452ac9be0660ceb8486fcd9a4b678b3246dbda7ebb3f0f60cbc0050c3eb2443a864243d91efb700cba19faf01ec68f2ef9ac30f8c3266bb2187d678d097a751954308b9d3b4fa97637f46346e508cd736f43e77267005fb64e6a7cc61d9a29b75e5aa4a848185305bf632f5fdeac1303b"], 0x20}, 0x1, 0x0, 0x0, 0x10000000}, 0x800)

27.024800849s ago: executing program 0 (id=1780):
r0 = socket(0x10, 0x80003, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000001400000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000080)=""/4096, &(0x7f0000001200)=0x1000)

26.143207283s ago: executing program 0 (id=1782):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000200)={0x1f, 0x0, @any, 0x2}, 0xe)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80001, 0x0)
close(0x3)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r2, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)='8', 0x1}], 0x1}}], 0x2, 0x20008050)
getsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000000)={@initdev, <r3=>0x0}, &(0x7f0000000040)=0xfffffffffffffe1a)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)={'syztnl2\x00', <r4=>r3, 0x0, 0x6, 0x6, 0x7, 0x1, @loopback, @empty, 0x20, 0x7, 0x8000, 0x9}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000740)={'vxcan0\x00'})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'rose0\x00', <r6=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={0xffffffffffffffff, 0xe0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000440)=[0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000640)=[0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0], 0x0, 0xdd, &(0x7f0000000700)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000007c0), &(0x7f0000000800), 0x8, 0xd0, 0x8, 0x8, &(0x7f0000000840)}}, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r5, &(0x7f0000000c40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="f0010000", @ANYRES16, @ANYBLOB="00082dbd7000fddbdf25070000000c00018008000100", @ANYRES32=r4, @ANYBLOB="1c00018008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="5800018008000100", @ANYRES32=r4, @ANYBLOB="0800030002000000140002006e72300000000000000000000000000008000100", @ANYRES32=r4, @ANYBLOB="08000300010000000800030002000000080003000100000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB="3400018014000200766c616e30000000000000000000000014000200776732000000000000000000000000000800030000000000340001801400020070696d3672656730000000000000000008000100", @ANYRES32=r3, @ANYBLOB="140002006e6963766630000000000000000000007800018008000300000000001400020076657468305f766972745f7769666900080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="0800c7a9", @ANYRES32=r7, @ANYBLOB="0800030002000000080003000200000008000300010000001400020067726574617030000000000000000000140002000000000000000000000000000000000024000180080003000300000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="08000300020000005800018008000100", @ANYRES32=r4, @ANYBLOB="080003000200000014000200776c616e30000000000000000000000008000100", @ANYRES32=r4, @ANYBLOB="14000200626f6e645f736c6176655f3000000000140002006e657470636930000000000000000000"], 0x1f0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00'}, 0x10)
close(0x3)

26.143014478s ago: executing program 2 (id=1783):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f00000099c0)=[{{0x0, 0x0, &(0x7f0000000480)=[{0x0}, {&(0x7f0000000340)=""/97, 0x38}], 0x2}, 0x7f}], 0x1, 0x10002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000740)={0x0, 0x5}, 0x8)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES16], 0x48}, 0x1, 0x0, 0x0, 0x8000010}, 0x20004801)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000000)='wg0\x00', 0x4)
sendmsg(r0, &(0x7f0000000700)={&(0x7f0000000040)=@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x80, &(0x7f0000000400)=[{&(0x7f00000000c0)="5a924dccf4308eb99a820bf41b8bd448128a635fb5d46a1ad8faab029ff573c3236e65bcb429dcf5bc576adb3401589786fc585f0b546ba87e2c85edb45a94a7e51919951600bed74d6d364c62d8433da7ef071ce5e210f18f699be876c0d8f902110cb9a1a8a1d4ac682f5d902af85e", 0x70}, {&(0x7f0000000140)="b0a51d44e756d761b554bd501974cdedf36ba5268a2421d51a1ee709380183a0c7958fa1ee440ed2f66baf50dc", 0x2d}, {&(0x7f00000004c0)="47299e70ea1e07fd5d49fa889db287b95c601d13d5e54fe524dc210327f46fbff0442b5e5f9dbc3a1a8098acf2e28cf2e1ad4c17b017e75e8ad5a1ff7cc9f355d1f5197ee230acb5c0d58648f4a8ccf0a5a261649372c47929cd23d07ea4b945c079fe4f0d58a7a437b80e84b4ec61871298f396f70567f7557f09ab95011ff1dc54e2d55bff5ddaedbf1000b00e2167da84200eb0b7500a7e01dc9bfbe19d241dbaf75b52a362d4f9ae1b751dc589b08fb37de8452f814b017128ed5a1971964339e75b7c99b35c27f70f63831496d4e29e62d9853b07ac6990561652a36ec58ae938b0c1e85eed3f9fedf208b79474e49f172ecf", 0xf5}, {&(0x7f0000000180)="383627a7750149cb043a7193a67f37241a134342691bb664bef05029f237a800262faf33991a6978bec4201ad97f66dbc56d6331cf927575e3683e52b972d0235f390625cdde8596208e30c16a9aa26245353b12e787f6f1ba88c902b716beed2bd58314f7d52ad8659d922f9e1329e6129c720e7dfd082951f152f5844e051deaaf72533d1f8a5af1ca06e18efda88db324e0b8e21ff9cdf6a4a555274fdf8edafb2cf59485b49f72b50a38a5e6ca", 0xaf}, {&(0x7f0000000280)="88f16249d80347d645300d173bf1130ca98bd0b01356a4c0413782c83a75678d", 0x20}, {&(0x7f0000000600)="e47cd04c18a301337645b6fc1d6bd387f17a52890c7b5795dda5e2e16ae9ee9d4efcced0de54e12fed6d4ba19a3495d822d1298ae45dee7b3c0ffb12117a644f640865b1e64b6223101a209adaec3d457b276f05669124d55a67059051270deed248191edb080870b1e11c3082bd7ca59d7f68e1898ec976da47eb4146433e27517f4c2cb02f1e05796c98cef5851855847c3d1a59f8b320bf141b37265e21c67e8f873982b16715edf94dc234a09902ecbdf96d7c4fb1934089209d825c6436ca116c083de2b6f9755c326255245c82d675cac210238785d304a0636043209d60755a41d31a9dab695ff3d4f4f006951b8e997d45255388b4bb73a922905d", 0xff}, {&(0x7f00000003c0)="25ee9856393ceabf90f47038da711ed559242eedff01905032760c1d1be2a85955d7aa1a2b0fe6e724e4bd06e4d03a731a88c739a78492c2", 0x38}], 0x7}, 0x4c000)

25.895667054s ago: executing program 2 (id=1786):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$MRT(r0, 0x0, 0xd0, &(0x7f0000000000), &(0x7f0000000080)=0x4) (async)
sendmmsg$inet(r0, &(0x7f00000053c0)=[{{&(0x7f0000000180)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="5800000000000000000000000700000086160000000305"], 0x70}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x4)
r1 = socket$inet6(0xa, 0x1000080002, 0x100000000000088)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @rand_addr, 0x3}, 0x1c) (async)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x100000000a, &(0x7f0000000040)=0x800000001, 0x4) (async)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0xcc08, @mcast1}, 0x1c) (async)
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)='~', 0x1, 0x40000, 0x0, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000600)=""/232, 0xe8, 0x0, 0x0, 0x0)

25.831618911s ago: executing program 0 (id=1788):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x24, r2, 0x5, 0x4000, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0x4}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x4}]]}, 0x24}}, 0x0)

25.732660254s ago: executing program 0 (id=1790):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$int_in(r1, 0x5421, &(0x7f0000000000)=0x3)
connect$bt_rfcomm(r1, &(0x7f00000001c0)={0x1f, @any, 0xb}, 0xa)
close(r1)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x6, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000f00)=0x196, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001740)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c", 0x15)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$nl_route_sched_retired(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000004280)=@newtaction={0x14, 0x30, 0x800, 0x70bd25, 0x25dfdbfb}, 0x14}}, 0x4000000)
read$alg(r3, &(0x7f0000000a00)=""/4087, 0xff7)
syz_emit_ethernet(0x56, &(0x7f0000000400)={@local, @random="df00004000", @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x11}, {[@ssrr={0x89, 0x7, 0xa2, [@broadcast]}, @timestamp={0x44, 0x10, 0x5, 0x3, 0x0, [0x0, 0x0, 0x0]}, @cipso={0x86, 0x6, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmmsg(r0, &(0x7f0000001b80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/60, 0x51}, 0x12b}], 0x1, 0x12000, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002d00010000000000fcdbdf250401f280080018000bac0f"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

25.555847088s ago: executing program 1 (id=1792):
r0 = socket(0x10, 0x80003, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000001400000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000080)=""/4096, &(0x7f0000001200)=0x1000)

25.55556068s ago: executing program 1 (id=1793):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$nl_route_sched_retired(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f00000027c0)=@newchain={0x15c4, 0x64, 0x400, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xa, 0xfff1}, {0x6, 0x9}, {0x2, 0xc}}, [@f_rsvp={{0x9}, {0x1584, 0x2, [@TCA_RSVP_SRC={0x8, 0x3, @broadcast}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x1, 0x7, 0x8}, {0x3ff, 0x7, 0x40}, 0x4, 0x40}}, @TCA_RSVP_POLICE={0x418, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x9, 0x0, 0xc37e, 0x4, 0x1e07, 0x1, 0x0, 0xd, 0x6, 0x45d6, 0x0, 0x101, 0xfff, 0x8, 0x6886, 0x0, 0x40, 0xebca, 0x6, 0x35, 0x4, 0x1, 0x1, 0x4, 0x4, 0x5, 0xa2ad, 0x200, 0xf, 0x3, 0xb, 0x1400, 0x2, 0x7f, 0x8, 0x97, 0x0, 0x100, 0x1, 0x7, 0x80, 0x81, 0x0, 0x80000000, 0x80000000, 0x6, 0x3, 0x4, 0x4, 0x7, 0x80000000, 0x2e, 0x6, 0xffffffff, 0x0, 0x1, 0xd72, 0x7, 0x7, 0x0, 0x3, 0x0, 0x809, 0xe, 0x8, 0xfffffffc, 0x8, 0x8a, 0x7, 0x8, 0x2096dfea, 0x5, 0xb, 0x8c, 0x5, 0x5, 0x1ff, 0xffffffff, 0x3, 0x10001, 0xffff, 0x9, 0x400, 0x3, 0x2, 0x4, 0x7, 0x200, 0xb8b, 0x5, 0x0, 0x80000001, 0x7, 0x219f, 0x1, 0xa4, 0x0, 0x9, 0x4, 0x80000000, 0x6, 0x13f, 0x7, 0x3fff800, 0x1d23, 0x5000, 0x38fe76b5, 0x101, 0x7fffffff, 0x7fff, 0x3, 0xffff0000, 0x7, 0x10000, 0xa2, 0x10000000, 0xfff, 0x7, 0x76, 0x99b8, 0x9, 0xf8, 0x4f, 0x1c000, 0xffffe000, 0xfffffffd, 0x6, 0x3, 0x4, 0x4, 0x0, 0x39, 0x4, 0x5c, 0xc, 0x7fff, 0x1f01ffc1, 0x0, 0x513a, 0x5, 0x400, 0x5, 0x1000, 0x86, 0x870, 0x6, 0x2, 0x9c5d, 0x7fffffff, 0x1, 0xab17, 0x6, 0x80, 0x7fff, 0x81, 0xc0, 0x55fd, 0x10001, 0x7f, 0x7, 0x2, 0x7, 0x0, 0x3ff, 0xfffffffd, 0x62, 0xffffff5c, 0x6, 0xffffffff, 0x8, 0x1, 0x2, 0x7fff, 0xa, 0x5, 0xad32, 0x3d60, 0x33a, 0x2, 0x2, 0x300000, 0xffffffff, 0x5, 0x40000000, 0x6, 0x1, 0x9, 0x1, 0x9, 0xba6, 0x9, 0x80000000, 0x10000, 0x2ca, 0x4, 0x8, 0x6, 0x6, 0x81, 0x8, 0x10000, 0x1423, 0x8000, 0x6, 0x1000, 0x9, 0xffffffff, 0x58, 0x26a0, 0x80, 0x8000, 0x7fffffff, 0x84f6, 0x1ff, 0x9, 0x7, 0x3c3, 0x101, 0x3fc32dff, 0x0, 0x7f, 0x8, 0x0, 0x5, 0x1, 0x6, 0x80000001, 0x4c, 0x3, 0x8, 0x9, 0x3, 0x2, 0x400, 0xfffff800, 0x401, 0x8, 0x3499ec15, 0x10001, 0x6, 0x3, 0x0, 0xef8e0000, 0x1, 0x800, 0x607, 0x7, 0x3, 0x9, 0x400, 0x6, 0xffffffff, 0x1, 0x230, 0x1]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x81}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x40}]}, @TCA_RSVP_ACT={0x1140, 0x6, [@m_police={0x100, 0xe, 0x0, 0x0, {{0xb}, {0x4}, {0xd4, 0x6, "02aa5a7ad9f3f5f124a09216011ad6ccbf5fd74a1d1bab0fdc98d1d2947ba5b7e5628fb90873b05f20d07785a0f44cb00dce901b88d80d37cc85e76b6ece1488394a64cdc03722c54add387a538994b1bd9f3aa13d6a4ee8bc57e9e9e53e01906d806fd8b30298967bf53d930e04ff1905473da4afa0f0ceed059abc65721b0894ee79b935694f01b5dd8279bd11fd529e9cc6e4b6ce778205a644db732d1e2f04fc35031410527e574d6171559015902098fdbb11b4c58cdaa53485223a1494f8a0a09364bf2a5485ef55c0b9f97f5f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_sample={0xfc4, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0xf96, 0x6, "ef7761d06ba37dc43054c2cde3fdf8c36123810f50f7d2f6de7262a59b6bbb481bbfd4aecf0fc67d6b480f84409d872ef242bd5a53393f876ba89be02282fcfa1b78b4324b4a92c8bb353b77d22f44f1b5726d8ffcea02110eef7171989ba23ffff6cca5a68a9f63fd9262fb8be2e875dac04f4fc031ec16df8e4a1fc0ebf01c2e597449680749edbd0c4b39b432fbf58a1e16afc2eb5b4df3a2fbba5692db2fb782f2a223b1b9971ddc2254a51d48b98bd2429f55d6cd447882975bac92c2fb04e925e57a4d2c432ba7ecfb154cfc3e2e7fd9cff16c2000fe47a50b00a43a3fa3e3b5c079e3bb14fe3307e9879c000d48053fa5749f5be483a5db5430af9f963a8993f68816313203e0e8b4d892ca0016083a8678eea90c21c545723704c9b775bfa35b71602a7718ae740dff1644af3d0de37541e610e15437086e5b8bbaa3da011f552b26cdbb2d228dfd6fdc8a70ab7b9984a9d1eb87146c430a07edb71dfeec3ff3776758d1259628bbd6655bda62c540a9dd21de28f7ae5001352d1f52c4c37da638a9172a176ffccb8e999ff2b5c4d56a86fb154decd712927658e29be6590c1c497e51cd68fb36e9330fc8447fb938cf249c6eca95707bbf1b89d316300dd8e9e43149fb62a7879391afa7d34d83417347eba2bc58bbc784f9d15eb104bb5a7e04768f5a15923f46ab9309fa6af768a4153a9db4935db324a0207f7c1b15a05c47eb7a384637173598bfa6b2593668d4b19f6269f9956d035c6fe4634d6f2a653ba6cbaab430ad60def3edceb60b6a894ab4c7777ec8e7ef830b00d6761e40616b3f27040387ab05374734694c6df9e588f46851b6159e4426bdc279e70c4c042827951bdcd7392607ffb1194080fc90ea495e3643883bc42691ad7799367310b9a49f49710732909ebd5c1295821dd1df783182d2b3501f4d8a93ba6b69f721b419c3d182284ee4c1bb4a970e54e908064c905fbdda6cce84d64ec73b4b5ede5ac3006c5df76b06a103ffadd7805c991bd0472889adc7477f81cbd52dc2cca97a90d860c9a4f47cb7f4c7e9d01b6b1d6a60c482fd104c96d887c2c07c5c998b55cfd2ba91b6b25841e8da0b4f5eb5f632152ff2badd93c3c85abbab9c7e1ce222dee38d11e691835059ae13e3273f1cd25ba7c9f15a3cae05193290b16bcce46d06c8c5ab85b16e8c831949dbb6c3b500c724aba9dfdbdcb4d7dd6ff3e06381fcba266c329fca76d6f1bed9822192c4f3d234b7e1224a712bd0b626d8e4dc6df015c176e5b7953bda6b41eb847dabb4f6c985f38079768e1c59603613b4d749f7ad335fa560b0c0fbd7fb3f3504eea1f29fa1d83dc53256d279d848844d48616f5e1db6f5e6954234e0b0b18d7bf53b0038ebf71aaef9a134c156c4705426954232fa5f98867955e11e74819a022c53a48fddc537db366bd49990ad42dc37b59bbb2e2d7d33fa80a5a0cc417ab42cbd28c49a672b0c76cde215ff0b18274899287c10929a417024726f2d092eddf163cec59a3b49d96a8b54ae0ab3cf3da6439361b6bd5c31a0e7410e139c871910e21e0abb5c235ea9528f0c00355e7c120ba07bff6ae3c014749b5b8937a65bb415215e232001a0a227e6bb540c48ad87ce6bbe7ce8e78e822864189f6d32436e2621b78d3f3fcda61847db41b80ac5de16f41dce897a2c7fadd550c3ada30d99603d60fee97443a5d77ebd51e24c820917c888bb7daf77ec3956849219c980dd32aace95603e31aabcd4e15849e7018caee09f815dff4d3e975e90d3eb468e25060d74b4cd12e9a5c6e074d9dfeb9123e16d686060ed86c0f8261e309e022ce43e012c1beb07e9027e56f468078dd89386812830f75f971317d0e2c2d68c75c064696fa49a406289efa63e455acbfb876bf3a72564e03d55227f1b98dbce3a5a10a457e3b3cea8c7786f04cf90f921a566b1f0c54c12d5b7eb3a6a174f9313724420cf6eb9477683dcce560626b5c23ed7f304ec35069323f38095cf383388c95a2913886e42233d874297a950d9ff27db2dea7d38c5f13c329c60241d6ece7adfde19c9776856083384b3c0b68d078f961a63cc31883fba7bc83d97d404df46fce9fc3f9ca0f9e8170a0dab6bfda5edcd486c447b17d36c852815cdddc693b58278659302d675dc5bf1bfc7e79f1ed71db340d35a2dc3a9a09edbb40ee3d93316800f409e2620dd9372ff67b5eb4a8d549d1ee210d19d2c365f07a5f683821494be6d204ba5583847d926a7332ab20a039764cf3d20b9b86a0e1abfe05df84e2cfad06c5d4016a929bb10c9dab706eff6ccd28561e7c8286d193b46494526dece2a4b58f15888a39a0039763077dcac9ac0306209fbb89bf64cfc5f3503a6260c9c8e40350e711e77a28b489e76d9cc5cbbdfd1e4a0e30b7e965534306aeae145e6e846a0966f43cb3e9c96839a80d91a5add83ad387dcaa38f0eea6612421db0f53e83ced12b66a1371d49df818cadb2bb66e5272b22224d30a97bdeae6ccc0f84d5ac8449beecb4606acdd7a2a5aaaaa046ef0e2f5623b1acb56d6bf4397f147db22a489ed29b275ef0be0191edf0fb9e3b8cf015125a331704183035c87d3722337e20417c590018b7508df70f30f43440ca1f99e4f097d8ac12eec150b817784b31e226c67f98dfe7faaa7281d9bc945b315ae4000fd048ecaecb069c45f023e7be8c4ae9477f628242d322d8ac60f65b43b7886ba0737dc31002a53840160a65cba26b84a7413491572a318b1119b4c2f3207363939e923a6617d9d1e970b49f939f8d685b7b8365e52d520f509236ac3459764e5a7e3655ec2a960cc5faeac996cb23bc5999f996359f28501911b5e1738a61f41fe63707557c684ae6d7c643d5284b68aa64e4d9fa54ddd647f9f9010d717585f1881585873ba61d8488c36abe5765388aa8656c6bfb7384cf997849e3b387594e6464f5c4c3e0d8e9daf8ded82ce9fe2a6441c37016d52396c5a467af96f4ae018116e5941720ad91a95ac743a1957540e1569f93b10c986d6c584ba65fa6d0671d7493f6dd84a5975acbd4f9577ac19381cfafa1991693f0e20f06f78f297720a6860778c655366d6bcd17a7e90fc0b3799a24f63ab4af3cd77adaa3ec5b23eeb65cf471b52380b70cea202033371c8d4faf5c151d1dc9c8b64339007a67b6d575b6c9af2a5430de7bde8e9d8de119e85bb8ac85640642a7862b4cd29283bfb2a69659cb39464e5db6a0f61681fb806cc1717fa6cb5534a7a2b69728750b56e741ba180a643fbe1c2ee13fa2a4e0b9512f24ab0822bc7f37df654717f6d42fdb19b74fd27d3d9034c4d7fc17b5deedfa8681add5454f8e8aa440dd05034f0c4b5b0ebca11f82a2321a9a50ebf855e06362ebe3bd37bccb5732ef4ad673f7b827ec96c40b88ea8cadea1e8293443241f8c50d339587cb75a1369658c50f69d4f5ab86e8dfd76293cb13168e26390c8377385ed7956fd5862ba1ac973640ce00578c26ac12b88a6dc7b423abbccab2dbbcce9d569ee336fd3c4b681b7b043446edd53b5d271cb962baeb9d01c54b64af3537f7f99dd1030090d4d7214625f9828d651ec8ae2b9d4759b2ecf6ee3d162b00e738ee83fdc458681179931689e58f1ffffcd7977f9d3fa45b414a36b5dd67d16aa79f465c74905152da169819f23b37888511d59f2f817a21a8fc133ab22ec9d5afeceffbce57a1eaa64b8679aafdd3328dd72a3d90366551e81506516cfa71303508117ef5ca9c2c1ca8c2617e466978e8731f635441531b9cada13bab81608c5902bf7e0cba25253402351a9d80a55cbbd2f6755fb44f99156e85ae0e9439366ef6feb5faf858707ac5251be80d048e1df3eeb61d672f8669f038cbb60ee1ae2cba5e1f51f8d92000c90a639a19f8306193342389cd5708206272f6c6c8c7bc84ddf73eb0a945c9f19591efc28455bc3f70bff208706c5eeb7e0b56e6acfc288a150363dbd91fd38d8fe24a6005e15cdba9a3a77d7b64533299c74ea672dece5b11f4b44965f6e79442c49e6bb3dd883456ca9a8d520c30e178a37a33db97f0340b75dce2d608a56e7a8e96f965d55f2e7b25354a2b0d42e0bccc82fa16bf45b233a3807237d81be8108b11a7533c2b483f6d503d11f87e6bbe4ca31ad0768e23f095dce38c20b863b3a4766b879b17db2c80fc0e417ffd214cb714089807270a91174603ea5990771b72d5bb5af048f2101681582d13f3c166be7afc4b70f071da2aab8174991ed03f633084ddfb7872374349abfee3f8a3940e3ca493df0664f71aff982a04ed60e571dccabb734ea564b45ad17cbd5b5718cf9d723abcb393d5e09479331218f522bfd9563e3923d49dce8ed1a28e437f4a5a94251cd37fb27a8dd9a4b9c7cd6fad9efb9493471a2c832dae17035093e9598d294da1ebd481d127ce9b1e27e352279d9cfdc041b6b9e33613233b89f49b5cb7a5c2fa4c0d4db278e98db33d86d5f746b2111915bb1c49b340c016921a661fc5697979bee3cb8f9ce1e08f64d39404d83fdf5258fb9ff98fc45e5dadc8b576ee56a5345c4a03cb284e54b02c2548a7c56212dbca95ff35cfa87d693b41a67d6cded02c8a2551038e0c4bf4592f9b83c73cc165c35863913d7eecd49035cc727b0eb1e469557a32b65004d12417fbd9aeabbd4aef9ad85b6c7ab4e8c3195ce694807104f1e244a31aaf522aec38207d34b7ab77c8daa7828bfdfca8b97b082eee75e837ec65dd33bd1f86abc28e0d8aadf5ae1e4d3512e79d17a7fbc1e72fe1a364c45c50ccf723c1dd585dcd42297a4950ada35e2b4541c42f3e077c12625d7d8449f9e9ccccbc4711ec430e16847ea718aaa35727b7f159f665f2066f209d46ec24efe870cd11fdfca5b6fe265c2abe311c5602f33995292a33edbf464b387f0b1b76428c0615d5719b66021c43440ce8bc7a948bc62801727a61f20de21529bf78d2207cc8a3b541df55852451318f14320c58d365be54cc1e4372c4eee826e20c37f4e749f96e210a0c8df3e971e8e6954dfc4581fb2fc49183cf4663b3edb643c572fa2cf0a270640d783b34cfbb50da614de4f35a2572dc661dad9edef730031b673ab5d12d0c7295c78abb6c5e7252e4b05f9d207c691e69a466221bc751888d25b22c2de63641abe922cda1be6e2037aaf530ac7d925915b8255af817bc8a6a57f20025d63d63512072352137d4c2831cbd699a4a18b47b868e60de13cc357d220aa245cafeaf2cc0751dbe99db806c0a14f3fbbf1500f649e780ea540bd3082b84c56163c4495ad0116de9d57ccc5d2cfb703d28f9ad255b9e79fae9cfe20888e23e3f128e25b7e8c80428c73bd98d8d3dc57ce37558726feb43179a098df1ef2362029f355b821607c9c7280634643293e0d9bdcc7eb8d4426ad7c88e1bf298ff10a9498375bea918ee291500920d5a7130fb981fd99f4e1eb9a0ae8b7c65879ee8826670663696b930661bb896c673cbccf35019e002cb94fc367a1056bc392b925370803a43819f3fd1c7849c7828fd0d99a79a1e05c4460862213073121aef994b5cd0bc464dd9a28eafc2335344fe748b23d2e51dcd29a02396200cafe8faf127bad1c3770a94180ed3c1eb83b235f1405c71f971"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_mpls={0x30, 0xd, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_sample={0x48, 0x1f, 0x0, 0x0, {{0xb}, {0x4}, {0x1c, 0x6, "9ae8da322b2c18f44c0ce45cd9f37516bdc139faceda17b9"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}, @f_rsvp6={{0xa}, {0x4}}]}, 0x15c4}}, 0x800)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000906010200120000000c0000000000000900020073797a310000000005000100070000001c0007800c00018008000140fffffffe0c00028008000140"], 0x44}, 0x1, 0x0, 0x0, 0x10008086}, 0x9050)

25.539156089s ago: executing program 1 (id=1794):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) (async, rerun: 64)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 64)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="a800000000010104000000000000000002000001240001801400018008000100e000000108000200e00000010c00028005000100000000000800084000009503040010800800154000000000200004"], 0xa8}, 0x1, 0x0, 0x0, 0x400d0}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02}) (async, rerun: 64)
readv(0xffffffffffffffff, &(0x7f0000000080), 0x0) (async, rerun: 64)
socket$kcm(0x2, 0xa, 0x2) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='xprt_reserve\x00', r2}, 0x18) (async, rerun: 64)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff}) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async, rerun: 64)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (rerun: 64)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) (async, rerun: 64)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) (async, rerun: 32)
ioctl$sock_netdev_private(r4, 0x8914, &(0x7f0000000000)) (async, rerun: 32)
syz_init_net_socket$rose(0xb, 0x5, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, 0x0) (async, rerun: 32)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) (rerun: 32)
socket$netlink(0x10, 0x3, 0x8) (async)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) (async)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r5, 0x890b, &(0x7f00000007c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x6, @bcast, @bpq0, 0x5, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}) (async)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) (async)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r7, 0x4) (async)
accept(r7, 0x0, 0x0)
socket(0x1d, 0x800, 0x6)

25.405676455s ago: executing program 1 (id=1795):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000000240)=0x8001, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='dctcp-reno\x00', 0xb)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0xf, 0x0, 0x9, 0x3ff})
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
pselect6(0x40, &(0x7f0000000080)={0xfefc, 0x2, 0x1fac, 0x7ff, 0x47e, 0x3, 0x950b, 0x1}, &(0x7f00000000c0)={0x8000, 0x1, 0x10, 0x5, 0x53, 0x8, 0x6, 0xad1}, &(0x7f0000000100)={0xd6, 0x4, 0x3, 0x0, 0x1000000000, 0x80, 0x2, 0x9}, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180), 0x8})
recvmsg(r0, 0x0, 0x700)

25.299700208s ago: executing program 1 (id=1796):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
getsockname$packet(r1, 0x0, 0x0)
r2 = socket(0x8, 0x0, 0x8000)
ioctl$sock_netrom_SIOCADDRT(r2, 0x6180, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003740)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="b8261912ddc34d7e", 0x8}, {0x0}, {0x0}, {0x0, 0x57}, {&(0x7f00000000c0)="55242684a208746812522e1bc4d3c93fe32ccf8cc373a4cec308148b4b72e5948b65c94c93a287bbf98d08721ae656d7beee2707ae0a0f048d86612522fc180f874e53266e6232fbe8cb1b37c98293912ecea8c841fdd10f2a9eb095107b1d9edaedb15d3edb56caeba84cc9a5e2290381cd39b4fa757cc8cec34346e7004ff96846b3876001cb2e65cf44c845073423230886cd0613964596c4b001790e70fa82033bb2f58087986513f47ed7889d45e95f7b16f46fb1b5e383a4208fe40b5e56a2f61221b0a309bbfa35f0bc68b38d0ee06c15bcdafcb84e06b3cab16acee7a3a2b45b977d8b169dc8b0e096802f66644e5f"}, {&(0x7f0000000000)="ce39bddc48194a2bf8184ac0"}], 0x4}}, {{&(0x7f0000003600)={0xa, 0x4e21, 0x3, @private2, 0x8}, 0x1c, 0x0}}], 0x2, 0x20088880)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000200)={r1, r2, 0x4, 0xaa, &(0x7f0000000140)="dcbeb6dd4854dcbbe8ef617f85b160cb1c4786f8154439534e12626fc1dd4a237188066428c6ea70fece4bf2dcf46395dedfe2e7f480435cb590e3137d0f7616fdb61df530e6654bc74eb2ad7d26458324c46fe9216ec1e8b840a0ea839e77596ce042bc6f727c3d9559f310fbf1b995ee515230919cb4cb035bf1fa962caf5861a6cfe87e3add76ac32cd47f5ad62d0ad74bf400a04acb6d5532ef75b60b5042c7cdbff270b8348df96", 0xc8, 0x42, 0x9, 0x6, 0xf15, 0x1, 0x7, 'syz1\x00'})
r3 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r3, &(0x7f0000000540)=[{{&(0x7f00000001c0)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x1, 0x4004040)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="54000000100001040000000000005057e0eb316e", @ANYRES32=0x0, @ANYBLOB="0106000000000000340012800e00010069703665727370616e0000002000028008000d000d000000040012000500160001000000080015"], 0x54}, 0x1, 0x0, 0x0, 0xcbf2b2b85a7692bb}, 0x40)

25.299357865s ago: executing program 1 (id=1797):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) (async)
setsockopt$sock_timeval(r5, 0x1, 0x43, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2) (async, rerun: 32)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0900006565d9e51189373e004100000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (rerun: 32)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r6}, 0x38) (async)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r7, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xa}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) (async)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003640)=[{{0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}}], 0x1, 0x4040005)
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r8, &(0x7f0000000300)={{0x6, @rose, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]}, 0x48) (async, rerun: 64)
listen(r7, 0x1ad72f7) (async, rerun: 64)
r9 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_opts(r9, 0x29, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="3a080404f7400400fc00000000000000000000a948df6294183b65b3c70000000001fc020000000000000000000000000001fe880000000000000000000000000101fe8100000000"], 0x48)
accept4(r7, 0x0, 0x0, 0x80000) (async, rerun: 64)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000200000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000004fb2a7a609531e2c20f2b71b64f98f887d09cb9833bacefbd138b1be5e0a65c7e20369364a3920172fbaf5fdcf8fff1ae302bdd2cad7ca378de77db42cd483c8d5d985fd0489d32b63f50efb45851b0124c71930dedeecf332d5db003f0ce6d8b6fa5bef815daa6c38c819632449d7172dd12", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000040000000200"/28], 0x50) (async, rerun: 64)
sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000000}, 0x40880) (async)
r10 = accept4$netrom(r7, 0x0, 0x0, 0x80000)
writev(r10, &(0x7f00000001c0), 0x7) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r6, &(0x7f0000000280), &(0x7f0000000600)=""/98}, 0x20) (async)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) (async)
sendmsg$NFT_BATCH(r3, 0x0, 0x0) (async)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x7, 0x0, 0x25dfdbfd, {{0x8}, {@void, @val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)

25.060582972s ago: executing program 2 (id=1798):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000200)={0x1f, 0x0, @any, 0x2}, 0xe)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80001, 0x0)
close(0x3)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r2, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)='8', 0x1}], 0x1}}], 0x2, 0x20008050)
getsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000000)={@initdev, <r3=>0x0}, &(0x7f0000000040)=0xfffffffffffffe1a)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)={'syztnl2\x00', <r4=>r3, 0x0, 0x6, 0x6, 0x7, 0x1, @loopback, @empty, 0x20, 0x7, 0x8000, 0x9}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000740)={'vxcan0\x00'})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'rose0\x00', <r6=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={0xffffffffffffffff, 0xe0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000440)=[0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000640)=[0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0], 0x0, 0xdd, &(0x7f0000000700)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000007c0), &(0x7f0000000800), 0x8, 0xd0, 0x8, 0x8, &(0x7f0000000840)}}, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r5, &(0x7f0000000c40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="f0010000", @ANYRES16, @ANYBLOB="00082dbd7000fddbdf25070000000c00018008000100", @ANYRES32=r4, @ANYBLOB="1c00018008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="5800018008000100", @ANYRES32=r4, @ANYBLOB="0800030002000000140002006e72300000000000000000000000000008000100", @ANYRES32=r4, @ANYBLOB="08000300010000000800030002000000080003000100000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB="3400018014000200766c616e30000000000000000000000014000200776732000000000000000000000000000800030000000000340001801400020070696d3672656730000000000000000008000100", @ANYRES32=r3, @ANYBLOB="140002006e6963766630000000000000000000007800018008000300000000001400020076657468305f766972745f7769666900080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="0800c7a9", @ANYRES32=r7, @ANYBLOB="0800030002000000080003000200000008000300010000001400020067726574617030000000000000000000140002000000000000000000000000000000000024000180080003000300000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="08000300020000005800018008000100", @ANYRES32=r4, @ANYBLOB="080003000200000014000200776c616e30000000000000000000000008000100", @ANYRES32=r4, @ANYBLOB="14000200626f6e645f736c6176655f3000000000140002006e657470636930000000000000000000"], 0x1f0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00'}, 0x10)
close(0x3)

24.961127626s ago: executing program 2 (id=1799):
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1d, 0x2, 0x6)
socket(0x1d, 0x2, 0x6)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000100)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [<r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff]}}], 0x80}, 0x40000041)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, 0x0, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r2)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
r9 = socket$rds(0x15, 0x5, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="77ba00000000000000001f000000080001000000000008000300", @ANYRES32=r11], 0x48}}, 0x0)
bind$rds(r9, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r9, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
sendmsg$inet(r9, &(0x7f00000005c0)={&(0x7f0000000000)={0x2, 0x4e23, @private=0xa110102}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="96ad3ce5f115986e4e90551e35807c", 0xf}], 0x1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000003c0)=@newqdisc={0x4c, 0x24, 0xf0b, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x1c, 0x2, [@TCA_CAKE_AUTORATE={0x8}, @TCA_CAKE_RAW={0x8, 0xc, 0x1}, @TCA_CAKE_INGRESS={0x8}]}}]}, 0x4c}}, 0x4090)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8001}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x240440d8}, 0x0)
sendmsg$rds(r1, &(0x7f0000000ac0)={&(0x7f0000000440)={0x2, 0x4e21, @rand_addr=0x64010102}, 0x10, &(0x7f00000009c0)=[{&(0x7f0000000480)=""/145, 0x91}, {&(0x7f0000000600)=""/164, 0xa4}, {&(0x7f0000000800)=""/140, 0x8c}, {&(0x7f0000000f40)=""/4096, 0x1000}, {&(0x7f00000008c0)=""/251, 0xfb}, {&(0x7f0000000540)=""/92, 0x5c}, {&(0x7f00000006c0)=""/59, 0x3b}], 0x7, &(0x7f0000000a40)=[@mask_fadd={0x58, 0x114, 0x8, {{0x3ff, 0xd}, &(0x7f0000000700)=0x8, &(0x7f0000000780)=0x4, 0x1, 0x5, 0x9, 0x2, 0x0, 0x3}}], 0x58, 0x40800}, 0x48800)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r4}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

24.86376895s ago: executing program 4 (id=1800):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)

24.795688119s ago: executing program 4 (id=1801):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22052, r0, 0x0)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, 0x0, 0x0)

24.795495603s ago: executing program 4 (id=1802):
epoll_create1(0x0)
getpid()
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, <r1=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)={0x2c, 0x2e, 0x1, 0x70bd2a, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r1}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x109, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}]}, @nested={0x5, 0x1, 0x0, 0x1, [@generic="99"]}]}, 0x2c}], 0x1}, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000014c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)

15.316186511s ago: executing program 32 (id=1730):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x31, 0xffffffffffffffff, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000000c0)=ANY=[@ANYBLOB="39ffffffffffffec"], 0x8)
getsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f00000015c0)=""/4096, &(0x7f0000000040)=0x1000)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000000a14010025bd7000fedbdf2505000900"], 0x28}, 0x1, 0x0, 0x0, 0x4024}, 0x480c0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000000)=<r4=>0x0)
bind$nfc_llcp(r0, &(0x7f0000001040)={0x27, r4, 0xffffffffffffffff, 0x5, 0x2, 0x0, "d32984bd1ca44c066af5160e961701a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000001200000000001900", 0x3c}, 0x60)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$nfc_llcp(r5, &(0x7f00000000c0)={0x27, r4, 0x1, 0x4, 0x0, 0xff, "bac5115c7dad488702b535116fad55baf63cdd52fc30106310abb622a1c3c01c13c04df6b906288e64e96754059e65c39c5759b069d6e6d9589e5f2348878c", 0x24}, 0x60)
r6 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f00000002c0), 0x4)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000bb76921b00000000030000008500000027000000850000002a00000095"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000100)=@qipcrtr={0x2a, 0x4, 0x1}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000280)="27031c12160014000000002f1eafacf706e105000000894f00050005ee0b80558ddbba9b37242d37a518fc9c5be50eaf07c3650596", 0xfc66}], 0x1}, 0x4)
close(r1)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000ffffffff180800002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000400008500000006000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r10}, 0xc)
setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x41, &(0x7f0000000000)=0x991, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r11=>0x0})
sendmsg$can_raw(r8, &(0x7f0000000440)={&(0x7f0000000780)={0x1d, r11}, 0xfffffdcd, &(0x7f0000000200)={&(0x7f0000000300)=@canfd={{0x2, 0x1, 0x1}, 0x23, 0x3, 0x0, 0x0, "7319501f64143bd79cba2b4d7e31261d4d65fa71b4e1df669eada3783dd6d5611b7b2bf8b6f01444e1223928b5a6814c8acf7429de2c09867c0d6f601660bd2b"}, 0x10}, 0x1, 0x0, 0x0, 0x4008040}, 0x44001)
recvmmsg(r8, &(0x7f0000000cc0), 0x2f, 0x2001, 0x0)
pipe(&(0x7f0000000140))
openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

15.303197922s ago: executing program 4 (id=1804):
r0 = socket(0x10, 0x80003, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000001400000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000080)=""/4096, &(0x7f0000001200)=0x1000)

15.241300972s ago: executing program 4 (id=1805):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x8c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_cake={{0x9, 0x1f}, {0x4}}, @qdisc_kind_options=@q_hhf={{0x1}, {0x2c, 0x2, [@TCA_HHF_BACKLOG_LIMIT={0x8, 0x1, 0xfffffff7}, @TCA_HHF_RESET_TIMEOUT={0x8, 0x4, 0x4}, @TCA_HHF_QUANTUM={0x8, 0x2, 0x1}, @TCA_HHF_ADMIT_BYTES={0x8, 0x5, 0x39}, @TCA_HHF_NON_HH_WEIGHT={0x8, 0x7, 0xfffffff9}]}}, @qdisc_kind_options=@q_hhf={{0x8}, {0x1c, 0x2, [@TCA_HHF_EVICT_TIMEOUT={0x8, 0x6, 0x2}, @TCA_HHF_EVICT_TIMEOUT={0x8, 0x6, 0x68}, @TCA_HHF_EVICT_TIMEOUT={0x8, 0x6, 0x5}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='dctcp-reno\x00', 0xb)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)

15.095771659s ago: executing program 4 (id=1806):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f0000000080), 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x80000, {0x0, 0x0, 0x0, r6, {0x0, 0x11}, {0xffe6, 0xb}, {0xfff2, 0xc}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c0e0}, 0x4000804)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

10.080060543s ago: executing program 33 (id=1790):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$int_in(r1, 0x5421, &(0x7f0000000000)=0x3)
connect$bt_rfcomm(r1, &(0x7f00000001c0)={0x1f, @any, 0xb}, 0xa)
close(r1)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x6, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000f00)=0x196, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001740)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c", 0x15)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$nl_route_sched_retired(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000004280)=@newtaction={0x14, 0x30, 0x800, 0x70bd25, 0x25dfdbfb}, 0x14}}, 0x4000000)
read$alg(r3, &(0x7f0000000a00)=""/4087, 0xff7)
syz_emit_ethernet(0x56, &(0x7f0000000400)={@local, @random="df00004000", @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x11}, {[@ssrr={0x89, 0x7, 0xa2, [@broadcast]}, @timestamp={0x44, 0x10, 0x5, 0x3, 0x0, [0x0, 0x0, 0x0]}, @cipso={0x86, 0x6, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmmsg(r0, &(0x7f0000001b80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/60, 0x51}, 0x12b}], 0x1, 0x12000, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002d00010000000000fcdbdf250401f280080018000bac0f"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

10.049704172s ago: executing program 34 (id=1797):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) (async)
setsockopt$sock_timeval(r5, 0x1, 0x43, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2) (async, rerun: 32)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0900006565d9e51189373e004100000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (rerun: 32)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r6}, 0x38) (async)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r7, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xa}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) (async)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003640)=[{{0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}}], 0x1, 0x4040005)
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r8, &(0x7f0000000300)={{0x6, @rose, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]}, 0x48) (async, rerun: 64)
listen(r7, 0x1ad72f7) (async, rerun: 64)
r9 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_opts(r9, 0x29, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="3a080404f7400400fc00000000000000000000a948df6294183b65b3c70000000001fc020000000000000000000000000001fe880000000000000000000000000101fe8100000000"], 0x48)
accept4(r7, 0x0, 0x0, 0x80000) (async, rerun: 64)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000200000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000004fb2a7a609531e2c20f2b71b64f98f887d09cb9833bacefbd138b1be5e0a65c7e20369364a3920172fbaf5fdcf8fff1ae302bdd2cad7ca378de77db42cd483c8d5d985fd0489d32b63f50efb45851b0124c71930dedeecf332d5db003f0ce6d8b6fa5bef815daa6c38c819632449d7172dd12", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000040000000200"/28], 0x50) (async, rerun: 64)
sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000000}, 0x40880) (async)
r10 = accept4$netrom(r7, 0x0, 0x0, 0x80000)
writev(r10, &(0x7f00000001c0), 0x7) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r6, &(0x7f0000000280), &(0x7f0000000600)=""/98}, 0x20) (async)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) (async)
sendmsg$NFT_BATCH(r3, 0x0, 0x0) (async)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x7, 0x0, 0x25dfdbfd, {{0x8}, {@void, @val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)

9.025980873s ago: executing program 35 (id=1799):
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1d, 0x2, 0x6)
socket(0x1d, 0x2, 0x6)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000100)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [<r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff]}}], 0x80}, 0x40000041)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, 0x0, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r2)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
r9 = socket$rds(0x15, 0x5, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="77ba00000000000000001f000000080001000000000008000300", @ANYRES32=r11], 0x48}}, 0x0)
bind$rds(r9, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r9, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
sendmsg$inet(r9, &(0x7f00000005c0)={&(0x7f0000000000)={0x2, 0x4e23, @private=0xa110102}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="96ad3ce5f115986e4e90551e35807c", 0xf}], 0x1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000003c0)=@newqdisc={0x4c, 0x24, 0xf0b, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x1c, 0x2, [@TCA_CAKE_AUTORATE={0x8}, @TCA_CAKE_RAW={0x8, 0xc, 0x1}, @TCA_CAKE_INGRESS={0x8}]}}]}, 0x4c}}, 0x4090)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8001}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x240440d8}, 0x0)
sendmsg$rds(r1, &(0x7f0000000ac0)={&(0x7f0000000440)={0x2, 0x4e21, @rand_addr=0x64010102}, 0x10, &(0x7f00000009c0)=[{&(0x7f0000000480)=""/145, 0x91}, {&(0x7f0000000600)=""/164, 0xa4}, {&(0x7f0000000800)=""/140, 0x8c}, {&(0x7f0000000f40)=""/4096, 0x1000}, {&(0x7f00000008c0)=""/251, 0xfb}, {&(0x7f0000000540)=""/92, 0x5c}, {&(0x7f00000006c0)=""/59, 0x3b}], 0x7, &(0x7f0000000a40)=[@mask_fadd={0x58, 0x114, 0x8, {{0x3ff, 0xd}, &(0x7f0000000700)=0x8, &(0x7f0000000780)=0x4, 0x1, 0x5, 0x9, 0x2, 0x0, 0x3}}], 0x58, 0x40800}, 0x48800)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r4}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

0s ago: executing program 36 (id=1806):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f0000000080), 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x80000, {0x0, 0x0, 0x0, r6, {0x0, 0x11}, {0xffe6, 0xb}, {0xfff2, 0xc}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c0e0}, 0x4000804)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

kernel console output (not intermixed with test programs):


[  201.261374][T10236] netlink: 'syz.1.1298': attribute type 15 has an invalid length.
[  201.274686][ T6079] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  201.328102][ T6079] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  201.363719][ T6079] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  201.440982][T10241] lo speed is unknown, defaulting to 1000
[  201.509215][T10255] netlink: 'syz.2.1300': attribute type 1 has an invalid length.
[  201.572020][ T5872] Bluetooth: hci4: command 0x0406 tx timeout
[  201.578266][ T5880] Bluetooth: hci2: command 0x0406 tx timeout
[  201.578291][ T5882] Bluetooth: hci1: command 0x0406 tx timeout
[  201.870041][T10270] FAULT_INJECTION: forcing a failure.
[  201.870041][T10270] name failslab, interval 1, probability 0, space 0, times 0
[  201.883333][T10270] CPU: 0 UID: 0 PID: 10270 Comm: syz.4.1311 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  201.883358][T10270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  201.883369][T10270] Call Trace:
[  201.883376][T10270]  <TASK>
[  201.883384][T10270]  dump_stack_lvl+0x189/0x250
[  201.883412][T10270]  ? __pfx____ratelimit+0x10/0x10
[  201.883434][T10270]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.883456][T10270]  ? __pfx__printk+0x10/0x10
[  201.883480][T10270]  ? __lock_acquire+0xab9/0xd20
[  201.883516][T10270]  should_fail_ex+0x414/0x560
[  201.883553][T10270]  should_failslab+0xa8/0x100
[  201.883585][T10270]  kmem_cache_alloc_noprof+0x73/0x3c0
[  201.883608][T10270]  ? skb_clone+0x212/0x3a0
[  201.883631][T10270]  skb_clone+0x212/0x3a0
[  201.883652][T10270]  __netlink_deliver_tap+0x404/0x850
[  201.883689][T10270]  ? netlink_deliver_tap+0x2e/0x1b0
[  201.883714][T10270]  netlink_deliver_tap+0x19c/0x1b0
[  201.883738][T10270]  netlink_unicast+0x7fa/0x9e0
[  201.883769][T10270]  ? __pfx_netlink_unicast+0x10/0x10
[  201.883792][T10270]  ? netlink_sendmsg+0x642/0xb30
[  201.883812][T10270]  ? skb_put+0x11b/0x210
[  201.883840][T10270]  netlink_sendmsg+0x805/0xb30
[  201.883873][T10270]  ? __pfx_netlink_sendmsg+0x10/0x10
[  201.883900][T10270]  ? aa_sock_msg_perm+0xf1/0x1d0
[  201.883926][T10270]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  201.883946][T10270]  ? __pfx_netlink_sendmsg+0x10/0x10
[  201.883971][T10270]  __sock_sendmsg+0x219/0x270
[  201.884002][T10270]  ____sys_sendmsg+0x505/0x830
[  201.884038][T10270]  ? __pfx_____sys_sendmsg+0x10/0x10
[  201.884073][T10270]  ? import_iovec+0x74/0xa0
[  201.884096][T10270]  ___sys_sendmsg+0x21f/0x2a0
[  201.884124][T10270]  ? __pfx____sys_sendmsg+0x10/0x10
[  201.884190][T10270]  ? __fget_files+0x2a/0x420
[  201.884213][T10270]  ? __fget_files+0x3a0/0x420
[  201.884250][T10270]  __x64_sys_sendmsg+0x19b/0x260
[  201.884278][T10270]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  201.884315][T10270]  ? __pfx_ksys_write+0x10/0x10
[  201.884340][T10270]  ? rcu_is_watching+0x15/0xb0
[  201.884364][T10270]  ? do_syscall_64+0xbe/0x3b0
[  201.884391][T10270]  do_syscall_64+0xfa/0x3b0
[  201.884415][T10270]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.884433][T10270]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  201.884452][T10270]  ? clear_bhb_loop+0x60/0xb0
[  201.884475][T10270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.884493][T10270] RIP: 0033:0x7f46de98ebe9
[  201.884510][T10270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.884532][T10270] RSP: 002b:00007f46df774038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  201.884551][T10270] RAX: ffffffffffffffda RBX: 00007f46debb5fa0 RCX: 00007f46de98ebe9
[  201.884564][T10270] RDX: 0000000004000054 RSI: 0000200000000480 RDI: 0000000000000009
[  201.884576][T10270] RBP: 00007f46df774090 R08: 0000000000000000 R09: 0000000000000000
[  201.884587][T10270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.884597][T10270] R13: 00007f46debb6038 R14: 00007f46debb5fa0 R15: 00007ffebba340f8
[  201.884626][T10270]  </TASK>
[  202.202149][ T5920] tipc: Node number set to 744533427
[  202.232452][T10241] wg1 speed is unknown, defaulting to 1000
[  202.279480][T10270] syz.4.1311 (10270) used greatest stack depth: 17896 bytes left
[  202.586465][T10284] FAULT_INJECTION: forcing a failure.
[  202.586465][T10284] name failslab, interval 1, probability 0, space 0, times 0
[  202.599538][T10284] CPU: 1 UID: 0 PID: 10284 Comm: syz.3.1314 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  202.599565][T10284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  202.599576][T10284] Call Trace:
[  202.599583][T10284]  <TASK>
[  202.599592][T10284]  dump_stack_lvl+0x189/0x250
[  202.599620][T10284]  ? __pfx____ratelimit+0x10/0x10
[  202.599643][T10284]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.599665][T10284]  ? __pfx__printk+0x10/0x10
[  202.599692][T10284]  ? __pfx___might_resched+0x10/0x10
[  202.599710][T10284]  ? fs_reclaim_acquire+0x7d/0x100
[  202.599742][T10284]  should_fail_ex+0x414/0x560
[  202.599769][T10284]  should_failslab+0xa8/0x100
[  202.599795][T10284]  kmem_cache_alloc_noprof+0x73/0x3c0
[  202.599818][T10284]  ? ovs_flow_alloc+0x24/0x1f0
[  202.599842][T10284]  ovs_flow_alloc+0x24/0x1f0
[  202.599862][T10284]  ovs_flow_cmd_new+0x1ee/0xd80
[  202.599883][T10284]  ? stack_depot_save_flags+0x40/0x860
[  202.599927][T10284]  ? netlink_unicast+0x7d1/0x9e0
[  202.599954][T10284]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  202.600040][T10284]  ? __nla_parse+0x40/0x60
[  202.600067][T10284]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  202.600094][T10284]  genl_family_rcv_msg_doit+0x212/0x300
[  202.600121][T10284]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  202.600155][T10284]  ? bpf_lsm_capable+0x9/0x20
[  202.600177][T10284]  ? security_capable+0x7e/0x2e0
[  202.600208][T10284]  genl_rcv_msg+0x60e/0x790
[  202.600233][T10284]  ? __pfx_genl_rcv_msg+0x10/0x10
[  202.600250][T10284]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  202.600274][T10284]  ? __asan_memcpy+0x40/0x70
[  202.600294][T10284]  ? __pfx_ref_tracker_free+0x10/0x10
[  202.600324][T10284]  netlink_rcv_skb+0x208/0x470
[  202.600344][T10284]  ? __lock_acquire+0xab9/0xd20
[  202.600370][T10284]  ? __pfx_genl_rcv_msg+0x10/0x10
[  202.600389][T10284]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  202.600435][T10284]  ? down_read+0x1ad/0x2e0
[  202.600462][T10284]  genl_rcv+0x28/0x40
[  202.600486][T10284]  netlink_unicast+0x82f/0x9e0
[  202.600523][T10284]  ? __pfx_netlink_unicast+0x10/0x10
[  202.600547][T10284]  ? netlink_sendmsg+0x642/0xb30
[  202.600567][T10284]  ? skb_put+0x11b/0x210
[  202.600595][T10284]  netlink_sendmsg+0x805/0xb30
[  202.600628][T10284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.600655][T10284]  ? aa_sock_msg_perm+0xf1/0x1d0
[  202.600682][T10284]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  202.600701][T10284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.600726][T10284]  __sock_sendmsg+0x219/0x270
[  202.600750][T10284]  ____sys_sendmsg+0x505/0x830
[  202.600781][T10284]  ? __pfx_____sys_sendmsg+0x10/0x10
[  202.600818][T10284]  ? import_iovec+0x74/0xa0
[  202.600840][T10284]  ___sys_sendmsg+0x21f/0x2a0
[  202.600868][T10284]  ? __pfx____sys_sendmsg+0x10/0x10
[  202.600935][T10284]  ? __fget_files+0x2a/0x420
[  202.600959][T10284]  ? __fget_files+0x3a0/0x420
[  202.600996][T10284]  __x64_sys_sendmsg+0x19b/0x260
[  202.601025][T10284]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  202.601062][T10284]  ? __pfx_ksys_write+0x10/0x10
[  202.601082][T10284]  ? rcu_is_watching+0x15/0xb0
[  202.601107][T10284]  ? do_syscall_64+0xbe/0x3b0
[  202.601134][T10284]  do_syscall_64+0xfa/0x3b0
[  202.601155][T10284]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.601176][T10284]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.601195][T10284]  ? clear_bhb_loop+0x60/0xb0
[  202.601217][T10284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.601236][T10284] RIP: 0033:0x7f743898ebe9
[  202.601254][T10284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.601267][T10284] RSP: 002b:00007f7436bee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.601286][T10284] RAX: ffffffffffffffda RBX: 00007f7438bb5fa0 RCX: 00007f743898ebe9
[  202.601300][T10284] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000006
[  202.601311][T10284] RBP: 00007f7436bee090 R08: 0000000000000000 R09: 0000000000000000
[  202.601323][T10284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.601334][T10284] R13: 00007f7438bb6038 R14: 00007f7438bb5fa0 R15: 00007ffee2bd7d18
[  202.601365][T10284]  </TASK>
[  203.321507][T10310] FAULT_INJECTION: forcing a failure.
[  203.321507][T10310] name failslab, interval 1, probability 0, space 0, times 0
[  203.344142][T10305] netlink: 'syz.3.1319': attribute type 10 has an invalid length.
[  203.407070][T10310] CPU: 0 UID: 0 PID: 10310 Comm: syz.0.1321 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  203.407099][T10310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  203.407110][T10310] Call Trace:
[  203.407117][T10310]  <TASK>
[  203.407126][T10310]  dump_stack_lvl+0x189/0x250
[  203.407152][T10310]  ? __pfx____ratelimit+0x10/0x10
[  203.407176][T10310]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.407204][T10310]  ? __pfx__printk+0x10/0x10
[  203.407229][T10310]  ? __pfx___might_resched+0x10/0x10
[  203.407248][T10310]  ? fs_reclaim_acquire+0x7d/0x100
[  203.407279][T10310]  should_fail_ex+0x414/0x560
[  203.407305][T10310]  should_failslab+0xa8/0x100
[  203.407332][T10310]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  203.407357][T10310]  ? __alloc_skb+0x112/0x2d0
[  203.407386][T10310]  __alloc_skb+0x112/0x2d0
[  203.407414][T10310]  alloc_skb_with_frags+0xca/0x890
[  203.407447][T10310]  ? is_bpf_text_address+0x26/0x2b0
[  203.407474][T10310]  sock_alloc_send_pskb+0x857/0x990
[  203.407489][T10310]  ? __lock_acquire+0xab9/0xd20
[  203.407524][T10310]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  203.407543][T10310]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  203.407562][T10310]  ? lockdep_hardirqs_on+0x9c/0x150
[  203.407581][T10310]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  203.407600][T10310]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  203.407622][T10310]  __ip_append_data+0x2ce8/0x40c0
[  203.407659][T10310]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  203.407698][T10310]  ? __pfx___ip_append_data+0x10/0x10
[  203.407714][T10310]  ? ipv4_mtu+0x4b2/0x5c0
[  203.407740][T10310]  ? ip_setup_cork+0x577/0x9a0
[  203.407759][T10310]  ip_make_skb+0x1de/0x3f0
[  203.407781][T10310]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  203.407797][T10310]  ? __pfx_ip_make_skb+0x10/0x10
[  203.407832][T10310]  udp_sendmsg+0x1925/0x2170
[  203.407869][T10310]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  203.407888][T10310]  ? __pfx_udp_sendmsg+0x10/0x10
[  203.407936][T10310]  ? __local_bh_enable_ip+0x12d/0x1c0
[  203.407965][T10310]  ? inet_sendmsg+0x14f/0x370
[  203.407986][T10310]  ? inet_sendmsg+0x29c/0x370
[  203.408007][T10310]  __sock_sendmsg+0x19c/0x270
[  203.408031][T10310]  ____sys_sendmsg+0x505/0x830
[  203.408063][T10310]  ? __pfx_____sys_sendmsg+0x10/0x10
[  203.408097][T10310]  ? import_iovec+0x74/0xa0
[  203.408117][T10310]  ___sys_sendmsg+0x21f/0x2a0
[  203.408143][T10310]  ? __pfx____sys_sendmsg+0x10/0x10
[  203.408206][T10310]  ? __fget_files+0x2a/0x420
[  203.408230][T10310]  ? __fget_files+0x3a0/0x420
[  203.408263][T10310]  __x64_sys_sendmsg+0x19b/0x260
[  203.408288][T10310]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  203.408320][T10310]  ? __pfx_ksys_write+0x10/0x10
[  203.408339][T10310]  ? rcu_is_watching+0x15/0xb0
[  203.408361][T10310]  ? do_syscall_64+0xbe/0x3b0
[  203.408386][T10310]  do_syscall_64+0xfa/0x3b0
[  203.408405][T10310]  ? lockdep_hardirqs_on+0x9c/0x150
[  203.408424][T10310]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.408441][T10310]  ? clear_bhb_loop+0x60/0xb0
[  203.408461][T10310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.408479][T10310] RIP: 0033:0x7fab2738ebe9
[  203.408495][T10310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.408511][T10310] RSP: 002b:00007fab282a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.408531][T10310] RAX: ffffffffffffffda RBX: 00007fab275b5fa0 RCX: 00007fab2738ebe9
[  203.408544][T10310] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[  203.408555][T10310] RBP: 00007fab282a8090 R08: 0000000000000000 R09: 0000000000000000
[  203.408565][T10310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.408575][T10310] R13: 00007fab275b6038 R14: 00007fab275b5fa0 R15: 00007ffca99b4908
[  203.408604][T10310]  </TASK>
[  203.849527][T10312] __nla_validate_parse: 6 callbacks suppressed
[  203.849545][T10312] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1322'.
[  204.027652][T10307] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1322'.
[  204.126011][T10334] FAULT_INJECTION: forcing a failure.
[  204.126011][T10334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.183182][T10334] CPU: 1 UID: 0 PID: 10334 Comm: syz.0.1327 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  204.183216][T10334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  204.183227][T10334] Call Trace:
[  204.183234][T10334]  <TASK>
[  204.183243][T10334]  dump_stack_lvl+0x189/0x250
[  204.183269][T10334]  ? __pfx____ratelimit+0x10/0x10
[  204.183291][T10334]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.183313][T10334]  ? __pfx__printk+0x10/0x10
[  204.183350][T10334]  should_fail_ex+0x414/0x560
[  204.183386][T10334]  _copy_to_user+0x31/0xb0
[  204.183407][T10334]  simple_read_from_buffer+0xe1/0x170
[  204.183438][T10334]  proc_fail_nth_read+0x1b3/0x220
[  204.183462][T10334]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  204.183486][T10334]  ? rw_verify_area+0x2a6/0x4d0
[  204.183508][T10334]  ? __lock_acquire+0xab9/0xd20
[  204.183531][T10334]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  204.183553][T10334]  vfs_read+0x200/0x980
[  204.183575][T10334]  ? fdget_pos+0x247/0x320
[  204.183595][T10334]  ? __pfx___mutex_lock+0x10/0x10
[  204.183619][T10334]  ? __pfx_vfs_read+0x10/0x10
[  204.183643][T10334]  ? __fget_files+0x2a/0x420
[  204.183672][T10334]  ? __fget_files+0x3a0/0x420
[  204.183695][T10334]  ? __fget_files+0x2a/0x420
[  204.183729][T10334]  ksys_read+0x145/0x250
[  204.183755][T10334]  ? __pfx_ksys_read+0x10/0x10
[  204.183775][T10334]  ? rcu_is_watching+0x15/0xb0
[  204.183799][T10334]  ? do_syscall_64+0xbe/0x3b0
[  204.183825][T10334]  do_syscall_64+0xfa/0x3b0
[  204.183845][T10334]  ? lockdep_hardirqs_on+0x9c/0x150
[  204.183866][T10334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.183884][T10334]  ? clear_bhb_loop+0x60/0xb0
[  204.183907][T10334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.183925][T10334] RIP: 0033:0x7fab2738d5fc
[  204.183942][T10334] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  204.183957][T10334] RSP: 002b:00007fab282a8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  204.183977][T10334] RAX: ffffffffffffffda RBX: 00007fab275b5fa0 RCX: 00007fab2738d5fc
[  204.183993][T10334] RDX: 000000000000000f RSI: 00007fab282a80a0 RDI: 0000000000000004
[  204.184005][T10334] RBP: 00007fab282a8090 R08: 0000000000000000 R09: 0000000000000000
[  204.184015][T10334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.184025][T10334] R13: 00007fab275b6038 R14: 00007fab275b5fa0 R15: 00007ffca99b4908
[  204.184056][T10334]  </TASK>
[  204.609537][T10345] lo speed is unknown, defaulting to 1000
[  204.993803][T10356] netlink: 724 bytes leftover after parsing attributes in process `syz.4.1333'.
[  205.031945][T10356] netlink: 83 bytes leftover after parsing attributes in process `syz.4.1333'.
[  205.368102][T10345] wg1 speed is unknown, defaulting to 1000
[  205.552825][T10372] FAULT_INJECTION: forcing a failure.
[  205.552825][T10372] name failslab, interval 1, probability 0, space 0, times 0
[  205.579981][T10372] CPU: 0 UID: 0 PID: 10372 Comm: syz.2.1338 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  205.580009][T10372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  205.580021][T10372] Call Trace:
[  205.580029][T10372]  <TASK>
[  205.580038][T10372]  dump_stack_lvl+0x189/0x250
[  205.580065][T10372]  ? __pfx____ratelimit+0x10/0x10
[  205.580088][T10372]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.580111][T10372]  ? __pfx__printk+0x10/0x10
[  205.580137][T10372]  ? __lock_acquire+0xab9/0xd20
[  205.580173][T10372]  should_fail_ex+0x414/0x560
[  205.580199][T10372]  should_failslab+0xa8/0x100
[  205.580233][T10372]  kmem_cache_alloc_noprof+0x73/0x3c0
[  205.580257][T10372]  ? skb_clone+0x212/0x3a0
[  205.580279][T10372]  skb_clone+0x212/0x3a0
[  205.580300][T10372]  __netlink_deliver_tap+0x404/0x850
[  205.580337][T10372]  ? netlink_deliver_tap+0x2e/0x1b0
[  205.580361][T10372]  netlink_deliver_tap+0x19c/0x1b0
[  205.580385][T10372]  netlink_unicast+0x7fa/0x9e0
[  205.580415][T10372]  ? __pfx_netlink_unicast+0x10/0x10
[  205.580438][T10372]  ? netlink_sendmsg+0x642/0xb30
[  205.580466][T10372]  netlink_sendmsg+0x805/0xb30
[  205.580499][T10372]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.580524][T10372]  ? __lock_acquire+0xab9/0xd20
[  205.580546][T10372]  ? aa_sock_msg_perm+0xf1/0x1d0
[  205.580572][T10372]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  205.580591][T10372]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.580614][T10372]  __sock_sendmsg+0x219/0x270
[  205.580638][T10372]  ____sys_sendmsg+0x505/0x830
[  205.580669][T10372]  ? __pfx_____sys_sendmsg+0x10/0x10
[  205.580704][T10372]  ? import_iovec+0x74/0xa0
[  205.580726][T10372]  ___sys_sendmsg+0x21f/0x2a0
[  205.580754][T10372]  ? __pfx____sys_sendmsg+0x10/0x10
[  205.580817][T10372]  ? __fget_files+0x2a/0x420
[  205.580842][T10372]  ? __fget_files+0x3a0/0x420
[  205.580878][T10372]  __x64_sys_sendmsg+0x19b/0x260
[  205.580907][T10372]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  205.580943][T10372]  ? __pfx_ksys_write+0x10/0x10
[  205.580964][T10372]  ? rcu_is_watching+0x15/0xb0
[  205.580988][T10372]  ? do_syscall_64+0xbe/0x3b0
[  205.581014][T10372]  do_syscall_64+0xfa/0x3b0
[  205.581034][T10372]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.581055][T10372]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.581074][T10372]  ? clear_bhb_loop+0x60/0xb0
[  205.581097][T10372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.581114][T10372] RIP: 0033:0x7fe30638ebe9
[  205.581131][T10372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.581145][T10372] RSP: 002b:00007fe3072b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.581165][T10372] RAX: ffffffffffffffda RBX: 00007fe3065b5fa0 RCX: 00007fe30638ebe9
[  205.581177][T10372] RDX: 0000000000000084 RSI: 0000200000000140 RDI: 0000000000000004
[  205.581189][T10372] RBP: 00007fe3072b7090 R08: 0000000000000000 R09: 0000000000000000
[  205.581200][T10372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.581216][T10372] R13: 00007fe3065b6038 R14: 00007fe3065b5fa0 R15: 00007ffe25d282d8
[  205.581247][T10372]  </TASK>
[  205.892346][T10374] FAULT_INJECTION: forcing a failure.
[  205.892346][T10374] name failslab, interval 1, probability 0, space 0, times 0
[  205.905066][T10374] CPU: 0 UID: 0 PID: 10374 Comm: syz.4.1339 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  205.905092][T10374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  205.905103][T10374] Call Trace:
[  205.905110][T10374]  <TASK>
[  205.905118][T10374]  dump_stack_lvl+0x189/0x250
[  205.905144][T10374]  ? __pfx____ratelimit+0x10/0x10
[  205.905163][T10374]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.905183][T10374]  ? __pfx__printk+0x10/0x10
[  205.905219][T10374]  ? __pfx___might_resched+0x10/0x10
[  205.905235][T10374]  ? fs_reclaim_acquire+0x7d/0x100
[  205.905267][T10374]  should_fail_ex+0x414/0x560
[  205.905292][T10374]  should_failslab+0xa8/0x100
[  205.905320][T10374]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  205.905344][T10374]  ? __alloc_skb+0x112/0x2d0
[  205.905372][T10374]  __alloc_skb+0x112/0x2d0
[  205.905396][T10374]  netlink_ack+0x146/0xa50
[  205.905414][T10374]  ? __pfx_genl_rcv_msg+0x10/0x10
[  205.905434][T10374]  ? __asan_memcpy+0x40/0x70
[  205.905453][T10374]  ? __pfx_ref_tracker_free+0x10/0x10
[  205.905480][T10374]  netlink_rcv_skb+0x28c/0x470
[  205.905499][T10374]  ? __lock_acquire+0xab9/0xd20
[  205.905523][T10374]  ? __pfx_genl_rcv_msg+0x10/0x10
[  205.905542][T10374]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  205.905583][T10374]  ? down_read+0x1ad/0x2e0
[  205.905610][T10374]  genl_rcv+0x28/0x40
[  205.905633][T10374]  netlink_unicast+0x82f/0x9e0
[  205.905664][T10374]  ? __pfx_netlink_unicast+0x10/0x10
[  205.905686][T10374]  ? netlink_sendmsg+0x642/0xb30
[  205.905706][T10374]  ? skb_put+0x11b/0x210
[  205.905731][T10374]  netlink_sendmsg+0x805/0xb30
[  205.905760][T10374]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.905785][T10374]  ? aa_sock_msg_perm+0xf1/0x1d0
[  205.905809][T10374]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  205.905827][T10374]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.905850][T10374]  __sock_sendmsg+0x219/0x270
[  205.905874][T10374]  ____sys_sendmsg+0x505/0x830
[  205.905905][T10374]  ? __pfx_____sys_sendmsg+0x10/0x10
[  205.905941][T10374]  ? import_iovec+0x74/0xa0
[  205.905962][T10374]  ___sys_sendmsg+0x21f/0x2a0
[  205.905990][T10374]  ? __pfx____sys_sendmsg+0x10/0x10
[  205.906054][T10374]  ? __fget_files+0x2a/0x420
[  205.906077][T10374]  ? __fget_files+0x3a0/0x420
[  205.906111][T10374]  __x64_sys_sendmsg+0x19b/0x260
[  205.906139][T10374]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  205.906174][T10374]  ? __pfx_ksys_write+0x10/0x10
[  205.906200][T10374]  ? rcu_is_watching+0x15/0xb0
[  205.906224][T10374]  ? do_syscall_64+0xbe/0x3b0
[  205.906249][T10374]  do_syscall_64+0xfa/0x3b0
[  205.906270][T10374]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.906291][T10374]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.906310][T10374]  ? clear_bhb_loop+0x60/0xb0
[  205.906332][T10374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.906350][T10374] RIP: 0033:0x7f46de98ebe9
[  205.906366][T10374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.906381][T10374] RSP: 002b:00007f46df774038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.906400][T10374] RAX: ffffffffffffffda RBX: 00007f46debb5fa0 RCX: 00007f46de98ebe9
[  205.906413][T10374] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000003
[  205.906424][T10374] RBP: 00007f46df774090 R08: 0000000000000000 R09: 0000000000000000
[  205.906435][T10374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.906445][T10374] R13: 00007f46debb6038 R14: 00007f46debb5fa0 R15: 00007ffebba340f8
[  205.906476][T10374]  </TASK>
[  206.308838][T10378] netlink: 'syz.4.1341': attribute type 1 has an invalid length.
[  206.317236][T10378] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1341'.
[  206.326532][T10378] netlink: 'syz.4.1341': attribute type 1 has an invalid length.
[  206.561977][T10387] block nbd1: server does not support multiple connections per device.
[  206.583011][T10387] block nbd1: shutting down sockets
[  206.698278][T10394] FAULT_INJECTION: forcing a failure.
[  206.698278][T10394] name failslab, interval 1, probability 0, space 0, times 0
[  206.715729][T10394] CPU: 0 UID: 0 PID: 10394 Comm: syz.1.1347 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  206.715757][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  206.715769][T10394] Call Trace:
[  206.715776][T10394]  <TASK>
[  206.715783][T10394]  dump_stack_lvl+0x189/0x250
[  206.715807][T10394]  ? __pfx____ratelimit+0x10/0x10
[  206.715825][T10394]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.715842][T10394]  ? __pfx__printk+0x10/0x10
[  206.715866][T10394]  ? __pfx___might_resched+0x10/0x10
[  206.715884][T10394]  ? fs_reclaim_acquire+0x7d/0x100
[  206.715914][T10394]  should_fail_ex+0x414/0x560
[  206.715940][T10394]  should_failslab+0xa8/0x100
[  206.715967][T10394]  __kmalloc_cache_noprof+0x70/0x3d0
[  206.715989][T10394]  ? xfrm_policy_alloc+0x78/0x2b0
[  206.716019][T10394]  xfrm_policy_alloc+0x78/0x2b0
[  206.716053][T10394]  xfrm_policy_construct+0x39/0x6b0
[  206.716074][T10394]  ? __raw_spin_lock_init+0x45/0x100
[  206.716098][T10394]  ? verify_newpolicy_info+0x343/0x4c0
[  206.716120][T10394]  xfrm_add_acquire+0x3b9/0xb20
[  206.716161][T10394]  ? __pfx_xfrm_add_acquire+0x10/0x10
[  206.716184][T10394]  ? __nla_parse+0x40/0x60
[  206.716211][T10394]  xfrm_user_rcv_msg+0x7a3/0xab0
[  206.716237][T10394]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  206.716297][T10394]  ? __pfx___mutex_trylock_common+0x10/0x10
[  206.716323][T10394]  ? rcu_is_watching+0x15/0xb0
[  206.716342][T10394]  ? trace_contention_end+0x39/0x120
[  206.716363][T10394]  ? __mutex_lock+0x335/0x1360
[  206.716393][T10394]  netlink_rcv_skb+0x208/0x470
[  206.716418][T10394]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  206.716440][T10394]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  206.716479][T10394]  ? netlink_deliver_tap+0x2e/0x1b0
[  206.716501][T10394]  ? netlink_deliver_tap+0x2e/0x1b0
[  206.716526][T10394]  xfrm_netlink_rcv+0x79/0x90
[  206.716546][T10394]  netlink_unicast+0x82f/0x9e0
[  206.716576][T10394]  ? __pfx_netlink_unicast+0x10/0x10
[  206.716600][T10394]  ? netlink_sendmsg+0x642/0xb30
[  206.716620][T10394]  ? skb_put+0x11b/0x210
[  206.716648][T10394]  netlink_sendmsg+0x805/0xb30
[  206.716682][T10394]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.716709][T10394]  ? aa_sock_msg_perm+0xf1/0x1d0
[  206.716735][T10394]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  206.716755][T10394]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.716779][T10394]  __sock_sendmsg+0x219/0x270
[  206.716803][T10394]  ____sys_sendmsg+0x505/0x830
[  206.716835][T10394]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.716871][T10394]  ? import_iovec+0x74/0xa0
[  206.716894][T10394]  ___sys_sendmsg+0x21f/0x2a0
[  206.716922][T10394]  ? __pfx____sys_sendmsg+0x10/0x10
[  206.716989][T10394]  ? __fget_files+0x2a/0x420
[  206.717013][T10394]  ? __fget_files+0x3a0/0x420
[  206.717051][T10394]  __x64_sys_sendmsg+0x19b/0x260
[  206.717081][T10394]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  206.717117][T10394]  ? __pfx_ksys_write+0x10/0x10
[  206.717147][T10394]  ? do_syscall_64+0xbe/0x3b0
[  206.717174][T10394]  do_syscall_64+0xfa/0x3b0
[  206.717194][T10394]  ? lockdep_hardirqs_on+0x9c/0x150
[  206.717215][T10394]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.717234][T10394]  ? clear_bhb_loop+0x60/0xb0
[  206.717257][T10394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.717276][T10394] RIP: 0033:0x7ff215f8ebe9
[  206.717294][T10394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.717313][T10394] RSP: 002b:00007ff216e93038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.717333][T10394] RAX: ffffffffffffffda RBX: 00007ff2161b5fa0 RCX: 00007ff215f8ebe9
[  206.717346][T10394] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  206.717358][T10394] RBP: 00007ff216e93090 R08: 0000000000000000 R09: 0000000000000000
[  206.717369][T10394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.717380][T10394] R13: 00007ff2161b6038 R14: 00007ff2161b5fa0 R15: 00007ffdaa922988
[  206.717412][T10394]  </TASK>
[  207.165501][T10398] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1349'.
[  207.262513][T10401] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1350'.
[  207.308479][T10403] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  207.470249][T10413] netlink: 'syz.4.1351': attribute type 10 has an invalid length.
[  207.503391][T10413] mac80211_hwsim hwsim8 wlan1: left allmulticast mode
[  207.518001][T10413] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  207.600364][T10419] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1356'.
[  207.625479][T10419] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1356'.
[  207.796285][T10420] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1356'.
[  208.065940][T10433] netlink: 'syz.0.1359': attribute type 10 has an invalid length.
[  208.082499][T10433] veth0_vlan: left promiscuous mode
[  208.093997][T10433] veth0_vlan: entered promiscuous mode
[  208.099505][T10433] veth0_vlan: entered allmulticast mode
[  208.120961][T10433] bridge0: port 1(veth0_vlan) entered blocking state
[  208.154666][T10433] bridge0: port 1(veth0_vlan) entered disabled state
[  208.181552][T10433] net_ratelimit: 4 callbacks suppressed
[  208.181572][T10433] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  208.290878][T10439] syzkaller0: entered promiscuous mode
[  208.318768][T10439] syzkaller0: entered allmulticast mode
[  208.524089][T10454] FAULT_INJECTION: forcing a failure.
[  208.524089][T10454] name failslab, interval 1, probability 0, space 0, times 0
[  208.547650][T10454] CPU: 0 UID: 0 PID: 10454 Comm: syz.1.1368 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  208.547681][T10454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  208.547691][T10454] Call Trace:
[  208.547698][T10454]  <TASK>
[  208.547706][T10454]  dump_stack_lvl+0x189/0x250
[  208.547731][T10454]  ? __pfx____ratelimit+0x10/0x10
[  208.547751][T10454]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.547771][T10454]  ? __pfx__printk+0x10/0x10
[  208.547795][T10454]  ? __pfx___might_resched+0x10/0x10
[  208.547813][T10454]  ? fs_reclaim_acquire+0x7d/0x100
[  208.547843][T10454]  should_fail_ex+0x414/0x560
[  208.547876][T10454]  should_failslab+0xa8/0x100
[  208.547903][T10454]  kmem_cache_alloc_noprof+0x73/0x3c0
[  208.547925][T10454]  ? security_file_alloc+0x34/0x330
[  208.547949][T10454]  security_file_alloc+0x34/0x330
[  208.547971][T10454]  init_file+0x93/0x2f0
[  208.547993][T10454]  alloc_empty_file+0x6e/0x1d0
[  208.548013][T10454]  alloc_file_pseudo+0x13d/0x210
[  208.548035][T10454]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  208.548053][T10454]  ? __local_bh_enable_ip+0x12d/0x1c0
[  208.548085][T10454]  anon_inode_getfile+0xc5/0x1a0
[  208.548109][T10454]  bpf_link_prime+0xfc/0x220
[  208.548132][T10454]  bpf_nf_link_attach+0x4fd/0x850
[  208.548160][T10454]  ? __pfx_bpf_nf_link_attach+0x10/0x10
[  208.548180][T10454]  ? __fget_files+0x3a0/0x420
[  208.548204][T10454]  ? __fget_files+0x2a/0x420
[  208.548231][T10454]  ? bpf_prog_attach_check_attach_type+0x1ad/0x540
[  208.548262][T10454]  link_create+0x3ab/0x850
[  208.548291][T10454]  __sys_bpf+0x6dc/0x870
[  208.548314][T10454]  ? __pfx___sys_bpf+0x10/0x10
[  208.548351][T10454]  ? ksys_write+0x22a/0x250
[  208.548375][T10454]  ? __pfx_ksys_write+0x10/0x10
[  208.548393][T10454]  ? rcu_is_watching+0x15/0xb0
[  208.548415][T10454]  __x64_sys_bpf+0x7c/0x90
[  208.548435][T10454]  do_syscall_64+0xfa/0x3b0
[  208.548455][T10454]  ? lockdep_hardirqs_on+0x9c/0x150
[  208.548475][T10454]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.548490][T10454]  ? clear_bhb_loop+0x60/0xb0
[  208.548508][T10454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.548521][T10454] RIP: 0033:0x7ff215f8ebe9
[  208.548535][T10454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.548550][T10454] RSP: 002b:00007ff216e93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  208.548568][T10454] RAX: ffffffffffffffda RBX: 00007ff2161b5fa0 RCX: 00007ff215f8ebe9
[  208.548580][T10454] RDX: 0000000000000020 RSI: 0000200000002380 RDI: 000000000000001c
[  208.548591][T10454] RBP: 00007ff216e93090 R08: 0000000000000000 R09: 0000000000000000
[  208.548602][T10454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.548611][T10454] R13: 00007ff2161b6038 R14: 00007ff2161b5fa0 R15: 00007ffdaa922988
[  208.548636][T10454]  </TASK>
[  208.980767][T10460] syzkaller0: entered promiscuous mode
[  208.986373][T10460] syzkaller0: entered allmulticast mode
[  209.073627][T10474] __nla_validate_parse: 4 callbacks suppressed
[  209.073645][T10474] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1376'.
[  209.427647][T10490] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  209.442694][T10490] syzkaller0: entered promiscuous mode
[  209.454029][T10490] syzkaller0: entered allmulticast mode
[  209.564254][T10500] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1386'.
[  209.608540][T10506] tipc: Resetting bearer <eth:syzkaller0>
[  209.745210][T10511] syzkaller0: entered promiscuous mode
[  209.751168][T10511] syzkaller0: entered allmulticast mode
[  209.784954][T10512] netlink: 'syz.1.1389': attribute type 10 has an invalid length.
[  209.788968][T10514] netlink: 248 bytes leftover after parsing attributes in process `syz.3.1392'.
[  209.843116][T10512] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  210.041431][T10520] FAULT_INJECTION: forcing a failure.
[  210.041431][T10520] name failslab, interval 1, probability 0, space 0, times 0
[  210.075680][T10520] CPU: 1 UID: 0 PID: 10520 Comm: syz.4.1394 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  210.075707][T10520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  210.075717][T10520] Call Trace:
[  210.075724][T10520]  <TASK>
[  210.075731][T10520]  dump_stack_lvl+0x189/0x250
[  210.075763][T10520]  ? __pfx____ratelimit+0x10/0x10
[  210.075784][T10520]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.075804][T10520]  ? __pfx__printk+0x10/0x10
[  210.075829][T10520]  ? __pfx___might_resched+0x10/0x10
[  210.075852][T10520]  should_fail_ex+0x414/0x560
[  210.075874][T10520]  should_failslab+0xa8/0x100
[  210.075898][T10520]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  210.075922][T10520]  ? __alloc_skb+0x112/0x2d0
[  210.075947][T10520]  __alloc_skb+0x112/0x2d0
[  210.075972][T10520]  netlink_sendmsg+0x5c6/0xb30
[  210.076003][T10520]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.076028][T10520]  ? aa_sock_msg_perm+0xf1/0x1d0
[  210.076053][T10520]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  210.076073][T10520]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.076096][T10520]  __sock_sendmsg+0x219/0x270
[  210.076120][T10520]  ____sys_sendmsg+0x505/0x830
[  210.076151][T10520]  ? __pfx_____sys_sendmsg+0x10/0x10
[  210.076187][T10520]  ? import_iovec+0x74/0xa0
[  210.076209][T10520]  ___sys_sendmsg+0x21f/0x2a0
[  210.076237][T10520]  ? __pfx____sys_sendmsg+0x10/0x10
[  210.076308][T10520]  ? __fget_files+0x2a/0x420
[  210.076332][T10520]  ? __fget_files+0x3a0/0x420
[  210.076367][T10520]  __x64_sys_sendmsg+0x19b/0x260
[  210.076412][T10520]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  210.076448][T10520]  ? __pfx_ksys_write+0x10/0x10
[  210.076469][T10520]  ? rcu_is_watching+0x15/0xb0
[  210.076491][T10520]  ? do_syscall_64+0xbe/0x3b0
[  210.076518][T10520]  do_syscall_64+0xfa/0x3b0
[  210.076538][T10520]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.076560][T10520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.076578][T10520]  ? clear_bhb_loop+0x60/0xb0
[  210.076601][T10520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.076619][T10520] RIP: 0033:0x7f46de98ebe9
[  210.076636][T10520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.076652][T10520] RSP: 002b:00007f46df774038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.076672][T10520] RAX: ffffffffffffffda RBX: 00007f46debb5fa0 RCX: 00007f46de98ebe9
[  210.076685][T10520] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[  210.076697][T10520] RBP: 00007f46df774090 R08: 0000000000000000 R09: 0000000000000000
[  210.076708][T10520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.076719][T10520] R13: 00007f46debb6038 R14: 00007f46debb5fa0 R15: 00007ffebba340f8
[  210.076756][T10520]  </TASK>
[  210.360599][T10527] netlink: 'syz.0.1399': attribute type 83 has an invalid length.
[  210.417827][T10489] tipc: Resetting bearer <eth:syzkaller0>
[  210.536137][T10489] tipc: Disabling bearer <eth:syzkaller0>
[  210.565750][T10536] syzkaller1: entered promiscuous mode
[  210.573376][T10536] syzkaller1: entered allmulticast mode
[  210.637024][T10545] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1403'.
[  210.710640][T10547] netlink: 248 bytes leftover after parsing attributes in process `syz.0.1406'.
[  210.971167][T10564] FAULT_INJECTION: forcing a failure.
[  210.971167][T10564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.027715][T10564] CPU: 0 UID: 0 PID: 10564 Comm: syz.2.1410 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  211.027742][T10564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  211.027752][T10564] Call Trace:
[  211.027759][T10564]  <TASK>
[  211.027767][T10564]  dump_stack_lvl+0x189/0x250
[  211.027795][T10564]  ? __pfx____ratelimit+0x10/0x10
[  211.027819][T10564]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.027840][T10564]  ? __pfx__printk+0x10/0x10
[  211.027878][T10564]  should_fail_ex+0x414/0x560
[  211.027905][T10564]  _copy_to_user+0x31/0xb0
[  211.027925][T10564]  simple_read_from_buffer+0xe1/0x170
[  211.027957][T10564]  proc_fail_nth_read+0x1b3/0x220
[  211.027981][T10564]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  211.028006][T10564]  ? rw_verify_area+0x2a6/0x4d0
[  211.028026][T10564]  ? __lock_acquire+0xab9/0xd20
[  211.028049][T10564]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  211.028071][T10564]  vfs_read+0x200/0x980
[  211.028093][T10564]  ? fdget_pos+0x247/0x320
[  211.028114][T10564]  ? __pfx___mutex_lock+0x10/0x10
[  211.028137][T10564]  ? __pfx_vfs_read+0x10/0x10
[  211.028162][T10564]  ? __fget_files+0x2a/0x420
[  211.028192][T10564]  ? __fget_files+0x3a0/0x420
[  211.028215][T10564]  ? __fget_files+0x2a/0x420
[  211.028249][T10564]  ksys_read+0x145/0x250
[  211.028274][T10564]  ? __pfx_ksys_read+0x10/0x10
[  211.028293][T10564]  ? rcu_is_watching+0x15/0xb0
[  211.028318][T10564]  ? do_syscall_64+0xbe/0x3b0
[  211.028344][T10564]  do_syscall_64+0xfa/0x3b0
[  211.028368][T10564]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.028385][T10564]  ? asm_sysvec_call_function_single+0x1a/0x20
[  211.028411][T10564]  ? clear_bhb_loop+0x60/0xb0
[  211.028434][T10564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.028452][T10564] RIP: 0033:0x7fe30638d5fc
[  211.028473][T10564] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  211.028490][T10564] RSP: 002b:00007fe3072b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  211.028509][T10564] RAX: ffffffffffffffda RBX: 00007fe3065b5fa0 RCX: 00007fe30638d5fc
[  211.028522][T10564] RDX: 000000000000000f RSI: 00007fe3072b70a0 RDI: 0000000000000004
[  211.028533][T10564] RBP: 00007fe3072b7090 R08: 0000000000000000 R09: 0000000000000000
[  211.028545][T10564] R10: 00000000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  211.028556][T10564] R13: 00007fe3065b6038 R14: 00007fe3065b5fa0 R15: 00007ffe25d282d8
[  211.028587][T10564]  </TASK>
[  211.484615][T10579] netlink: 'syz.3.1417': attribute type 39 has an invalid length.
[  211.548163][T10586] netlink: 248 bytes leftover after parsing attributes in process `syz.4.1421'.
[  211.804321][T10595] netlink: 'syz.1.1423': attribute type 10 has an invalid length.
[  211.845295][T10595] team0: Port device dummy0 added
[  211.850984][T10599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1426'.
[  211.855795][T10605] netlink: 'syz.1.1423': attribute type 10 has an invalid length.
[  211.861314][T10599] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1426'.
[  211.900458][T10605] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  211.905258][T10599] netlink: 'syz.3.1426': attribute type 15 has an invalid length.
[  211.921412][T10605] team0: Failed to send options change via netlink (err -105)
[  211.933786][T10599] netlink: 'syz.3.1426': attribute type 18 has an invalid length.
[  211.947401][T10605] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  211.971569][T10605] team0: Port device dummy0 removed
[  211.986409][T10605] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  212.077889][T10613] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1430'.
[  212.298574][T10617] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  212.321629][T10617] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.347381][T10626] netlink: 248 bytes leftover after parsing attributes in process `syz.3.1435'.
[  212.468403][T10617] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  212.479751][T10617] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.598988][T10617] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  212.610414][T10617] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.736281][T10617] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  212.746934][T10617] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.934511][T10648] netlink: 'syz.1.1441': attribute type 1 has an invalid length.
[  213.074343][T10654] bond2: (slave bridge0): making interface the new active one
[  213.083328][T10654] bond2: (slave bridge0): Enslaving as an active interface with an up link
[  213.098485][ T6079] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  213.126237][ T6079] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.163625][ T6090] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  213.175076][ T6090] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.221222][ T6079] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  213.248759][ T6079] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.294171][T10669] bridge0: entered allmulticast mode
[  213.308406][ T6090] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  213.321605][ T6090] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.323417][T10673] FAULT_INJECTION: forcing a failure.
[  213.323417][T10673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.375385][T10673] CPU: 0 UID: 0 PID: 10673 Comm: syz.3.1450 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  213.375420][T10673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  213.375431][T10673] Call Trace:
[  213.375438][T10673]  <TASK>
[  213.375446][T10673]  dump_stack_lvl+0x189/0x250
[  213.375472][T10673]  ? __pfx____ratelimit+0x10/0x10
[  213.375494][T10673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.375513][T10673]  ? __pfx__printk+0x10/0x10
[  213.375550][T10673]  should_fail_ex+0x414/0x560
[  213.375576][T10673]  _copy_to_user+0x31/0xb0
[  213.375596][T10673]  simple_read_from_buffer+0xe1/0x170
[  213.375627][T10673]  proc_fail_nth_read+0x1b3/0x220
[  213.375651][T10673]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.375674][T10673]  ? rw_verify_area+0x2a6/0x4d0
[  213.375694][T10673]  ? __lock_acquire+0xab9/0xd20
[  213.375715][T10673]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.375738][T10673]  vfs_read+0x200/0x980
[  213.375758][T10673]  ? fdget_pos+0x247/0x320
[  213.375777][T10673]  ? __pfx___mutex_lock+0x10/0x10
[  213.375799][T10673]  ? __pfx_vfs_read+0x10/0x10
[  213.375821][T10673]  ? __fget_files+0x2a/0x420
[  213.375850][T10673]  ? __fget_files+0x3a0/0x420
[  213.375873][T10673]  ? __fget_files+0x2a/0x420
[  213.375906][T10673]  ksys_read+0x145/0x250
[  213.375931][T10673]  ? __pfx_ksys_read+0x10/0x10
[  213.375951][T10673]  ? rcu_is_watching+0x15/0xb0
[  213.375974][T10673]  ? do_syscall_64+0xbe/0x3b0
[  213.376002][T10673]  do_syscall_64+0xfa/0x3b0
[  213.376022][T10673]  ? lockdep_hardirqs_on+0x9c/0x150
[  213.376042][T10673]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.376060][T10673]  ? clear_bhb_loop+0x60/0xb0
[  213.376082][T10673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.376100][T10673] RIP: 0033:0x7f743898d5fc
[  213.376117][T10673] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  213.376133][T10673] RSP: 002b:00007f7436bee030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  213.376151][T10673] RAX: ffffffffffffffda RBX: 00007f7438bb5fa0 RCX: 00007f743898d5fc
[  213.376162][T10673] RDX: 000000000000000f RSI: 00007f7436bee0a0 RDI: 0000000000000004
[  213.376171][T10673] RBP: 00007f7436bee090 R08: 0000000000000000 R09: 0000000000000000
[  213.376181][T10673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.376190][T10673] R13: 00007f7438bb6038 R14: 00007f7438bb5fa0 R15: 00007ffee2bd7d18
[  213.376220][T10673]  </TASK>
[  213.378665][T10669] pim6reg: entered allmulticast mode
[  214.129949][T10704] __nla_validate_parse: 4 callbacks suppressed
[  214.129970][T10704] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1459'.
[  214.197342][T10708] netlink: 'syz.2.1460': attribute type 6 has an invalid length.
[  214.234382][T10707] ip6gre2: entered allmulticast mode
[  214.308404][T10715] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1464'.
[  214.554659][T10732] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1473'.
[  214.586145][T10732] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1473'.
[  214.600550][T10732] FAULT_INJECTION: forcing a failure.
[  214.600550][T10732] name failslab, interval 1, probability 0, space 0, times 0
[  214.620188][T10732] CPU: 1 UID: 0 PID: 10732 Comm: syz.1.1473 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  214.620216][T10732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  214.620227][T10732] Call Trace:
[  214.620235][T10732]  <TASK>
[  214.620243][T10732]  dump_stack_lvl+0x189/0x250
[  214.620270][T10732]  ? __pfx____ratelimit+0x10/0x10
[  214.620299][T10732]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.620319][T10732]  ? __pfx__printk+0x10/0x10
[  214.620350][T10732]  ? __pfx___might_resched+0x10/0x10
[  214.620373][T10732]  should_fail_ex+0x414/0x560
[  214.620399][T10732]  should_failslab+0xa8/0x100
[  214.620426][T10732]  __kmalloc_noprof+0xcb/0x4f0
[  214.620449][T10732]  ? tcf_idr_check_alloc+0x637/0x7b0
[  214.620465][T10732]  ? tcf_idr_create+0x5d/0x6c0
[  214.620487][T10732]  tcf_idr_create+0x5d/0x6c0
[  214.620505][T10732]  ? __nla_parse+0x40/0x60
[  214.620531][T10732]  tcf_bpf_init+0x2ee/0x8a0
[  214.620566][T10732]  ? __pfx_tcf_bpf_init+0x10/0x10
[  214.620598][T10732]  ? __lock_acquire+0xab9/0xd20
[  214.620631][T10732]  ? __nla_parse+0x40/0x60
[  214.620655][T10732]  tcf_action_init_1+0x463/0x6d0
[  214.620679][T10732]  ? __pfx_tcf_action_init_1+0x10/0x10
[  214.620697][T10732]  ? _raw_read_unlock+0x28/0x50
[  214.620717][T10732]  ? tc_action_load_ops+0x214/0x4e0
[  214.620752][T10732]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  214.620779][T10732]  ? __nla_parse+0x40/0x60
[  214.620801][T10732]  tcf_action_init+0x2cf/0xab0
[  214.620823][T10732]  ? __pfx_stack_trace_save+0x10/0x10
[  214.620848][T10732]  ? __pfx_tcf_action_init+0x10/0x10
[  214.620894][T10732]  ? __pfx___nla_validate_parse+0x10/0x10
[  214.620958][T10732]  tc_ctl_action+0x430/0xbd0
[  214.620988][T10732]  ? __pfx_tc_ctl_action+0x10/0x10
[  214.621012][T10732]  ? rcu_is_watching+0x15/0xb0
[  214.621030][T10732]  ? trace_contention_end+0x39/0x120
[  214.621095][T10732]  ? __pfx_tc_ctl_action+0x10/0x10
[  214.621114][T10732]  rtnetlink_rcv_msg+0x779/0xb70
[  214.621141][T10732]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  214.621162][T10732]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  214.621184][T10732]  ? ref_tracker_free+0x63a/0x7d0
[  214.621205][T10732]  ? __asan_memcpy+0x40/0x70
[  214.621224][T10732]  ? __pfx_ref_tracker_free+0x10/0x10
[  214.621255][T10732]  netlink_rcv_skb+0x208/0x470
[  214.621286][T10732]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  214.621309][T10732]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  214.621344][T10732]  ? netlink_deliver_tap+0x2e/0x1b0
[  214.621376][T10732]  netlink_unicast+0x82f/0x9e0
[  214.621405][T10732]  ? __pfx_netlink_unicast+0x10/0x10
[  214.621427][T10732]  ? netlink_sendmsg+0x642/0xb30
[  214.621447][T10732]  ? skb_put+0x11b/0x210
[  214.621472][T10732]  netlink_sendmsg+0x805/0xb30
[  214.621504][T10732]  ? __pfx_netlink_sendmsg+0x10/0x10
[  214.621530][T10732]  ? aa_sock_msg_perm+0xf1/0x1d0
[  214.621556][T10732]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  214.621575][T10732]  ? __pfx_netlink_sendmsg+0x10/0x10
[  214.621598][T10732]  __sock_sendmsg+0x219/0x270
[  214.621621][T10732]  ____sys_sendmsg+0x505/0x830
[  214.621652][T10732]  ? __pfx_____sys_sendmsg+0x10/0x10
[  214.621686][T10732]  ? import_iovec+0x74/0xa0
[  214.621704][T10732]  ___sys_sendmsg+0x21f/0x2a0
[  214.621729][T10732]  ? __pfx____sys_sendmsg+0x10/0x10
[  214.621793][T10732]  ? __fget_files+0x2a/0x420
[  214.621817][T10732]  ? __fget_files+0x3a0/0x420
[  214.621854][T10732]  __x64_sys_sendmsg+0x19b/0x260
[  214.621882][T10732]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  214.621918][T10732]  ? __pfx_ksys_write+0x10/0x10
[  214.621939][T10732]  ? rcu_is_watching+0x15/0xb0
[  214.621963][T10732]  ? do_syscall_64+0xbe/0x3b0
[  214.621991][T10732]  do_syscall_64+0xfa/0x3b0
[  214.622012][T10732]  ? lockdep_hardirqs_on+0x9c/0x150
[  214.622033][T10732]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.622051][T10732]  ? clear_bhb_loop+0x60/0xb0
[  214.622074][T10732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.622092][T10732] RIP: 0033:0x7ff215f8ebe9
[  214.622109][T10732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.622126][T10732] RSP: 002b:00007ff216e93038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  214.622145][T10732] RAX: ffffffffffffffda RBX: 00007ff2161b5fa0 RCX: 00007ff215f8ebe9
[  214.622159][T10732] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  214.622170][T10732] RBP: 00007ff216e93090 R08: 0000000000000000 R09: 0000000000000000
[  214.622181][T10732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.622192][T10732] R13: 00007ff2161b6038 R14: 00007ff2161b5fa0 R15: 00007ffdaa922988
[  214.622224][T10732]  </TASK>
[  214.673281][T10740] FAULT_INJECTION: forcing a failure.
[  214.673281][T10740] name failslab, interval 1, probability 0, space 0, times 0
[  215.108153][T10740] CPU: 1 UID: 0 PID: 10740 Comm: syz.2.1476 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  215.108178][T10740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  215.108188][T10740] Call Trace:
[  215.108195][T10740]  <TASK>
[  215.108203][T10740]  dump_stack_lvl+0x189/0x250
[  215.108235][T10740]  ? __pfx____ratelimit+0x10/0x10
[  215.108257][T10740]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.108277][T10740]  ? __pfx__printk+0x10/0x10
[  215.108304][T10740]  ? __local_bh_enable_ip+0x12d/0x1c0
[  215.108322][T10740]  ? lockdep_hardirqs_on+0x9c/0x150
[  215.108346][T10740]  should_fail_ex+0x414/0x560
[  215.108371][T10740]  should_failslab+0xa8/0x100
[  215.108398][T10740]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  215.108419][T10740]  ? __alloc_skb+0x112/0x2d0
[  215.108435][T10740]  ? xfrm_alloc_spi+0x2a0/0xf30
[  215.108451][T10740]  __alloc_skb+0x112/0x2d0
[  215.108472][T10740]  __pfkey_xfrm_state2msg+0x495/0x3d30
[  215.108506][T10740]  pfkey_getspi+0x7f6/0xee0
[  215.108534][T10740]  pfkey_sendmsg+0xbfb/0x1090
[  215.108565][T10740]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  215.108605][T10740]  ? aa_sock_msg_perm+0xf1/0x1d0
[  215.108625][T10740]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  215.108641][T10740]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  215.108664][T10740]  __sock_sendmsg+0x219/0x270
[  215.108684][T10740]  ____sys_sendmsg+0x505/0x830
[  215.108709][T10740]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.108737][T10740]  ? import_iovec+0x74/0xa0
[  215.108754][T10740]  ___sys_sendmsg+0x21f/0x2a0
[  215.108775][T10740]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.108842][T10740]  ? __fget_files+0x2a/0x420
[  215.108862][T10740]  ? __fget_files+0x3a0/0x420
[  215.108891][T10740]  __x64_sys_sendmsg+0x19b/0x260
[  215.108915][T10740]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  215.108944][T10740]  ? __pfx_ksys_write+0x10/0x10
[  215.108962][T10740]  ? rcu_is_watching+0x15/0xb0
[  215.108982][T10740]  ? do_syscall_64+0xbe/0x3b0
[  215.109004][T10740]  do_syscall_64+0xfa/0x3b0
[  215.109022][T10740]  ? lockdep_hardirqs_on+0x9c/0x150
[  215.109039][T10740]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.109055][T10740]  ? clear_bhb_loop+0x60/0xb0
[  215.109074][T10740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.109087][T10740] RIP: 0033:0x7fe30638ebe9
[  215.109102][T10740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.109115][T10740] RSP: 002b:00007fe3072b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.109130][T10740] RAX: ffffffffffffffda RBX: 00007fe3065b5fa0 RCX: 00007fe30638ebe9
[  215.109140][T10740] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  215.109149][T10740] RBP: 00007fe3072b7090 R08: 0000000000000000 R09: 0000000000000000
[  215.109158][T10740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.109166][T10740] R13: 00007fe3065b6038 R14: 00007fe3065b5fa0 R15: 00007ffe25d282d8
[  215.109190][T10740]  </TASK>
[  215.493963][  T123] block nbd0: Possible stuck request ffff888025605080: control (read@0,4096B). Runtime 90 seconds
[  215.596227][T10749] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  215.714767][T10763] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1479'.
[  215.795776][T10763] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1479'.
[  215.880763][T10747] tipc: Disabling bearer <eth:syzkaller0>
[  215.905246][T10776] FAULT_INJECTION: forcing a failure.
[  215.905246][T10776] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.919315][T10776] CPU: 1 UID: 0 PID: 10776 Comm: syz.0.1485 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  215.919340][T10776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  215.919351][T10776] Call Trace:
[  215.919358][T10776]  <TASK>
[  215.919366][T10776]  dump_stack_lvl+0x189/0x250
[  215.919391][T10776]  ? __pfx____ratelimit+0x10/0x10
[  215.919414][T10776]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.919435][T10776]  ? __pfx__printk+0x10/0x10
[  215.919460][T10776]  ? __might_fault+0xb0/0x130
[  215.919495][T10776]  should_fail_ex+0x414/0x560
[  215.919521][T10776]  _copy_from_user+0x2d/0xb0
[  215.919540][T10776]  ___sys_sendmsg+0x158/0x2a0
[  215.919569][T10776]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.919625][T10776]  ? __fget_files+0x2a/0x420
[  215.919647][T10776]  ? __fget_files+0x3a0/0x420
[  215.919681][T10776]  __x64_sys_sendmsg+0x19b/0x260
[  215.919709][T10776]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  215.919742][T10776]  ? __pfx_ksys_write+0x10/0x10
[  215.919762][T10776]  ? rcu_is_watching+0x15/0xb0
[  215.919785][T10776]  ? do_syscall_64+0xbe/0x3b0
[  215.919810][T10776]  do_syscall_64+0xfa/0x3b0
[  215.919829][T10776]  ? lockdep_hardirqs_on+0x9c/0x150
[  215.919849][T10776]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.919868][T10776]  ? clear_bhb_loop+0x60/0xb0
[  215.919889][T10776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.919915][T10776] RIP: 0033:0x7fab2738ebe9
[  215.919931][T10776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.919947][T10776] RSP: 002b:00007fab282a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.919966][T10776] RAX: ffffffffffffffda RBX: 00007fab275b5fa0 RCX: 00007fab2738ebe9
[  215.919978][T10776] RDX: 0000000024044044 RSI: 0000200000000840 RDI: 0000000000000004
[  215.919990][T10776] RBP: 00007fab282a8090 R08: 0000000000000000 R09: 0000000000000000
[  215.920001][T10776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.920011][T10776] R13: 00007fab275b6038 R14: 00007fab275b5fa0 R15: 00007ffca99b4908
[  215.920040][T10776]  </TASK>
[  216.134386][T10774] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1483'.
[  216.286181][T10783] IPVS: set_ctl: invalid protocol: 58 100.1.1.1:20004
[  216.295056][T10783] ieee802154 phy1 wpan1: encryption failed: -22
[  216.310636][T10780] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.310753][T10785] FAULT_INJECTION: forcing a failure.
[  216.310753][T10785] name failslab, interval 1, probability 0, space 0, times 0
[  216.336349][T10785] CPU: 1 UID: 0 PID: 10785 Comm: syz.2.1490 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  216.336376][T10785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.336386][T10785] Call Trace:
[  216.336393][T10785]  <TASK>
[  216.336401][T10785]  dump_stack_lvl+0x189/0x250
[  216.336428][T10785]  ? __pfx____ratelimit+0x10/0x10
[  216.336450][T10785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.336472][T10785]  ? __pfx__printk+0x10/0x10
[  216.336503][T10785]  ? __pfx___might_resched+0x10/0x10
[  216.336519][T10785]  ? fs_reclaim_acquire+0x7d/0x100
[  216.336550][T10785]  should_fail_ex+0x414/0x560
[  216.336576][T10785]  should_failslab+0xa8/0x100
[  216.336603][T10785]  __kmalloc_noprof+0xcb/0x4f0
[  216.336626][T10785]  ? bpf_sk_storage_diag_alloc+0x22a/0x6b0
[  216.336653][T10785]  bpf_sk_storage_diag_alloc+0x22a/0x6b0
[  216.336683][T10785]  __inet_diag_dump_start+0x35c/0xa10
[  216.336709][T10785]  ? netlink_lookup+0x30/0x200
[  216.336737][T10785]  __netlink_dump_start+0x466/0x7e0
[  216.336769][T10785]  inet_diag_rcv_msg_compat+0x1ea/0x3b0
[  216.336797][T10785]  ? __pfx_inet_diag_rcv_msg_compat+0x10/0x10
[  216.336832][T10785]  ? __pfx_inet_diag_dump_start_compat+0x10/0x10
[  216.336864][T10785]  ? __pfx_inet_diag_dump_compat+0x10/0x10
[  216.336886][T10785]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  216.336916][T10785]  ? sock_diag_rcv_msg+0x188/0x600
[  216.336943][T10785]  sock_diag_rcv_msg+0x4c9/0x600
[  216.336970][T10785]  netlink_rcv_skb+0x208/0x470
[  216.336994][T10785]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  216.337017][T10785]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  216.337053][T10785]  ? netlink_deliver_tap+0x2e/0x1b0
[  216.337084][T10785]  netlink_unicast+0x82f/0x9e0
[  216.337116][T10785]  ? __pfx_netlink_unicast+0x10/0x10
[  216.337138][T10785]  ? netlink_sendmsg+0x642/0xb30
[  216.337158][T10785]  ? skb_put+0x11b/0x210
[  216.337186][T10785]  netlink_sendmsg+0x805/0xb30
[  216.337219][T10785]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.337246][T10785]  ? aa_sock_msg_perm+0xf1/0x1d0
[  216.337272][T10785]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  216.337291][T10785]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.337315][T10785]  __sock_sendmsg+0x219/0x270
[  216.337339][T10785]  ____sys_sendmsg+0x505/0x830
[  216.337371][T10785]  ? __pfx_____sys_sendmsg+0x10/0x10
[  216.337407][T10785]  ? import_iovec+0x74/0xa0
[  216.337429][T10785]  ___sys_sendmsg+0x21f/0x2a0
[  216.337456][T10785]  ? __pfx____sys_sendmsg+0x10/0x10
[  216.337521][T10785]  ? __fget_files+0x2a/0x420
[  216.337546][T10785]  ? __fget_files+0x3a0/0x420
[  216.337582][T10785]  __x64_sys_sendmsg+0x19b/0x260
[  216.337610][T10785]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  216.337646][T10785]  ? __pfx_ksys_write+0x10/0x10
[  216.337666][T10785]  ? rcu_is_watching+0x15/0xb0
[  216.337691][T10785]  ? do_syscall_64+0xbe/0x3b0
[  216.337717][T10785]  do_syscall_64+0xfa/0x3b0
[  216.337737][T10785]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.337758][T10785]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.337777][T10785]  ? clear_bhb_loop+0x60/0xb0
[  216.337799][T10785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.337817][T10785] RIP: 0033:0x7fe30638ebe9
[  216.337844][T10785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.337865][T10785] RSP: 002b:00007fe3072b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  216.337885][T10785] RAX: ffffffffffffffda RBX: 00007fe3065b5fa0 RCX: 00007fe30638ebe9
[  216.337899][T10785] RDX: 0000000020040040 RSI: 0000200000000000 RDI: 0000000000000003
[  216.337910][T10785] RBP: 00007fe3072b7090 R08: 0000000000000000 R09: 0000000000000000
[  216.337922][T10785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.337933][T10785] R13: 00007fe3065b6038 R14: 00007fe3065b5fa0 R15: 00007ffe25d282d8
[  216.337965][T10785]  </TASK>
[  216.758133][T10791] FAULT_INJECTION: forcing a failure.
[  216.758133][T10791] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.773655][T10791] CPU: 1 UID: 0 PID: 10791 Comm: syz.4.1491 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  216.773683][T10791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.773694][T10791] Call Trace:
[  216.773702][T10791]  <TASK>
[  216.773710][T10791]  dump_stack_lvl+0x189/0x250
[  216.773733][T10791]  ? __pfx____ratelimit+0x10/0x10
[  216.773751][T10791]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.773769][T10791]  ? __pfx__printk+0x10/0x10
[  216.773796][T10791]  should_fail_ex+0x414/0x560
[  216.773817][T10791]  _copy_to_user+0x31/0xb0
[  216.773835][T10791]  bpf_test_finish+0x1ab/0x700
[  216.773862][T10791]  ? __pfx_bpf_test_finish+0x10/0x10
[  216.773883][T10791]  ? slab_build_skb+0x273/0x3e0
[  216.773904][T10791]  bpf_prog_test_run_skb+0xed5/0x1560
[  216.773934][T10791]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  216.773953][T10791]  bpf_prog_test_run+0x2c7/0x340
[  216.773976][T10791]  __sys_bpf+0x581/0x870
[  216.773994][T10791]  ? __pfx___sys_bpf+0x10/0x10
[  216.774022][T10791]  ? ksys_write+0x22a/0x250
[  216.774043][T10791]  ? __pfx_ksys_write+0x10/0x10
[  216.774058][T10791]  ? rcu_is_watching+0x15/0xb0
[  216.774086][T10791]  __x64_sys_bpf+0x7c/0x90
[  216.774104][T10791]  do_syscall_64+0xfa/0x3b0
[  216.774122][T10791]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.774140][T10791]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.774154][T10791]  ? clear_bhb_loop+0x60/0xb0
[  216.774171][T10791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.774185][T10791] RIP: 0033:0x7f46de98ebe9
[  216.774198][T10791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.774211][T10791] RSP: 002b:00007f46df774038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  216.774226][T10791] RAX: ffffffffffffffda RBX: 00007f46debb5fa0 RCX: 00007f46de98ebe9
[  216.774236][T10791] RDX: 0000000000000050 RSI: 00002000000011c0 RDI: 000000000000000a
[  216.774245][T10791] RBP: 00007f46df774090 R08: 0000000000000000 R09: 0000000000000000
[  216.774253][T10791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.774260][T10791] R13: 00007f46debb6038 R14: 00007f46debb5fa0 R15: 00007ffebba340f8
[  216.774284][T10791]  </TASK>
[  217.018818][T10793] FAULT_INJECTION: forcing a failure.
[  217.018818][T10793] name failslab, interval 1, probability 0, space 0, times 0
[  217.031926][T10793] CPU: 1 UID: 0 PID: 10793 Comm: syz.2.1492 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  217.031954][T10793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  217.031965][T10793] Call Trace:
[  217.031973][T10793]  <TASK>
[  217.031981][T10793]  dump_stack_lvl+0x189/0x250
[  217.032009][T10793]  ? __pfx____ratelimit+0x10/0x10
[  217.032032][T10793]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.032053][T10793]  ? __pfx__printk+0x10/0x10
[  217.032083][T10793]  ? __pfx___might_resched+0x10/0x10
[  217.032101][T10793]  ? fs_reclaim_acquire+0x7d/0x100
[  217.032132][T10793]  should_fail_ex+0x414/0x560
[  217.032158][T10793]  should_failslab+0xa8/0x100
[  217.032185][T10793]  __kmalloc_noprof+0xcb/0x4f0
[  217.032207][T10793]  ? fib6_info_alloc+0x30/0xf0
[  217.032235][T10793]  fib6_info_alloc+0x30/0xf0
[  217.032259][T10793]  ip6_route_info_create+0x142/0x860
[  217.032278][T10793]  ? nla_find+0x12a/0x150
[  217.032299][T10793]  inet6_rtm_newroute+0x47e/0x18c0
[  217.032328][T10793]  ? nlmon_xmit+0xb0/0x100
[  217.032348][T10793]  ? kmem_cache_free+0x18f/0x400
[  217.032371][T10793]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  217.032394][T10793]  ? __local_bh_enable_ip+0x12d/0x1c0
[  217.032427][T10793]  ? __dev_queue_xmit+0x27b/0x3b50
[  217.032447][T10793]  ? __dev_queue_xmit+0x1d79/0x3b50
[  217.032497][T10793]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  217.032520][T10793]  rtnetlink_rcv_msg+0x7cf/0xb70
[  217.032547][T10793]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  217.032568][T10793]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  217.032589][T10793]  ? ref_tracker_free+0x63a/0x7d0
[  217.032611][T10793]  ? __asan_memcpy+0x40/0x70
[  217.032630][T10793]  ? __pfx_ref_tracker_free+0x10/0x10
[  217.032661][T10793]  netlink_rcv_skb+0x208/0x470
[  217.032684][T10793]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  217.032711][T10793]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  217.032739][T10793]  ? netlink_deliver_tap+0x2e/0x1b0
[  217.032775][T10793]  netlink_unicast+0x82f/0x9e0
[  217.032799][T10793]  ? __pfx_netlink_unicast+0x10/0x10
[  217.032817][T10793]  ? netlink_sendmsg+0x642/0xb30
[  217.032833][T10793]  ? skb_put+0x11b/0x210
[  217.032855][T10793]  netlink_sendmsg+0x805/0xb30
[  217.032880][T10793]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.032900][T10793]  ? aa_sock_msg_perm+0xf1/0x1d0
[  217.032920][T10793]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  217.032936][T10793]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.032954][T10793]  __sock_sendmsg+0x219/0x270
[  217.032972][T10793]  ____sys_sendmsg+0x505/0x830
[  217.032998][T10793]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.033025][T10793]  ? import_iovec+0x74/0xa0
[  217.033042][T10793]  ___sys_sendmsg+0x21f/0x2a0
[  217.033064][T10793]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.033111][T10793]  ? __fget_files+0x2a/0x420
[  217.033131][T10793]  ? __fget_files+0x3a0/0x420
[  217.033158][T10793]  __x64_sys_sendmsg+0x19b/0x260
[  217.033180][T10793]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  217.033214][T10793]  ? __pfx_ksys_write+0x10/0x10
[  217.033230][T10793]  ? rcu_is_watching+0x15/0xb0
[  217.033248][T10793]  ? do_syscall_64+0xbe/0x3b0
[  217.033270][T10793]  do_syscall_64+0xfa/0x3b0
[  217.033286][T10793]  ? lockdep_hardirqs_on+0x9c/0x150
[  217.033303][T10793]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.033317][T10793]  ? clear_bhb_loop+0x60/0xb0
[  217.033335][T10793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.033349][T10793] RIP: 0033:0x7fe30638ebe9
[  217.033364][T10793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.033377][T10793] RSP: 002b:00007fe3072b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.033392][T10793] RAX: ffffffffffffffda RBX: 00007fe3065b5fa0 RCX: 00007fe30638ebe9
[  217.033402][T10793] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003
[  217.033411][T10793] RBP: 00007fe3072b7090 R08: 0000000000000000 R09: 0000000000000000
[  217.033419][T10793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.033427][T10793] R13: 00007fe3065b6038 R14: 00007fe3065b5fa0 R15: 00007ffe25d282d8
[  217.033450][T10793]  </TASK>
[  217.741167][T10808] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  217.790280][T10808] tipc: Resetting bearer <eth:syzkaller0>
[  217.826215][T10807] tipc: Disabling bearer <eth:syzkaller0>
[  217.946242][T10816] sctp: [Deprecated]: syz.2.1502 (pid 10816) Use of int in max_burst socket option.
[  217.946242][T10816] Use struct sctp_assoc_value instead
[  218.002761][T10824] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1504'.
[  218.026469][T10824] sch_tbf: burst 6 is lower than device team_slave_0 mtu (1514) !
[  218.037544][T10816] tipc: Can't bind to reserved service type 2
[  218.144678][T10832] netlink: 'syz.3.1507': attribute type 1 has an invalid length.
[  218.227072][T10832] bond3: entered promiscuous mode
[  218.232668][T10832] bond3: entered allmulticast mode
[  218.238338][T10832] 8021q: adding VLAN 0 to HW filter on device bond3
[  218.263202][T10832] bridge2: entered promiscuous mode
[  218.268881][T10832] bridge2: entered allmulticast mode
[  218.275665][T10832] bond3: (slave bridge2): Enslaving as a backup interface with an up link
[  218.292073][ T5883] Bluetooth: hci3: command 0x0405 tx timeout
[  218.342796][ T6079] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  218.342988][T10835] FAULT_INJECTION: forcing a failure.
[  218.342988][T10835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.401324][T10835] CPU: 1 UID: 0 PID: 10835 Comm: syz.1.1508 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  218.401350][T10835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  218.401360][T10835] Call Trace:
[  218.401368][T10835]  <TASK>
[  218.401376][T10835]  dump_stack_lvl+0x189/0x250
[  218.401402][T10835]  ? __pfx____ratelimit+0x10/0x10
[  218.401424][T10835]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.401444][T10835]  ? __pfx__printk+0x10/0x10
[  218.401480][T10835]  should_fail_ex+0x414/0x560
[  218.401507][T10835]  _copy_to_user+0x31/0xb0
[  218.401527][T10835]  bpf_test_finish+0x1ab/0x700
[  218.401560][T10835]  ? __pfx_bpf_test_finish+0x10/0x10
[  218.401589][T10835]  bpf_prog_test_run_skb+0xed5/0x1560
[  218.401621][T10835]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  218.401642][T10835]  bpf_prog_test_run+0x2c7/0x340
[  218.401668][T10835]  __sys_bpf+0x581/0x870
[  218.401694][T10835]  ? __pfx___sys_bpf+0x10/0x10
[  218.401726][T10835]  ? ksys_write+0x22a/0x250
[  218.401751][T10835]  ? __pfx_ksys_write+0x10/0x10
[  218.401772][T10835]  ? rcu_is_watching+0x15/0xb0
[  218.401799][T10835]  __x64_sys_bpf+0x7c/0x90
[  218.401821][T10835]  do_syscall_64+0xfa/0x3b0
[  218.401842][T10835]  ? lockdep_hardirqs_on+0x9c/0x150
[  218.401863][T10835]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.401883][T10835]  ? clear_bhb_loop+0x60/0xb0
[  218.401905][T10835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.401924][T10835] RIP: 0033:0x7ff215f8ebe9
[  218.401940][T10835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.401963][T10835] RSP: 002b:00007ff216e93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  218.401982][T10835] RAX: ffffffffffffffda RBX: 00007ff2161b5fa0 RCX: 00007ff215f8ebe9
[  218.401996][T10835] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  218.402007][T10835] RBP: 00007ff216e93090 R08: 0000000000000000 R09: 0000000000000000
[  218.402019][T10835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.402029][T10835] R13: 00007ff2161b6038 R14: 00007ff2161b5fa0 R15: 00007ffdaa922988
[  218.402061][T10835]  </TASK>
[  218.496686][T10847] FAULT_INJECTION: forcing a failure.
[  218.496686][T10847] name failslab, interval 1, probability 0, space 0, times 0
[  218.500200][ T6090] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  218.545548][T10847] CPU: 0 UID: 0 PID: 10847 Comm: syz.4.1513 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  218.545574][T10847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  218.545586][T10847] Call Trace:
[  218.545593][T10847]  <TASK>
[  218.545600][T10847]  dump_stack_lvl+0x189/0x250
[  218.545626][T10847]  ? __pfx____ratelimit+0x10/0x10
[  218.545649][T10847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.545670][T10847]  ? __pfx__printk+0x10/0x10
[  218.545707][T10847]  ? __pfx___might_resched+0x10/0x10
[  218.545730][T10847]  should_fail_ex+0x414/0x560
[  218.545756][T10847]  should_failslab+0xa8/0x100
[  218.545782][T10847]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  218.545807][T10847]  ? xfrm_add_sa+0x22c1/0x4070
[  218.545832][T10847]  kmemdup_noprof+0x2b/0x70
[  218.545853][T10847]  xfrm_add_sa+0x22c1/0x4070
[  218.545881][T10847]  ? __pfx_xfrm_add_sa+0x10/0x10
[  218.545896][T10847]  ? apparmor_capable+0x137/0x1b0
[  218.545920][T10847]  ? __nla_parse+0x40/0x60
[  218.545945][T10847]  xfrm_user_rcv_msg+0x7a3/0xab0
[  218.545969][T10847]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  218.546025][T10847]  ? __pfx___mutex_trylock_common+0x10/0x10
[  218.546050][T10847]  ? rcu_is_watching+0x15/0xb0
[  218.546069][T10847]  ? trace_contention_end+0x39/0x120
[  218.546088][T10847]  ? __mutex_lock+0x335/0x1360
[  218.546120][T10847]  netlink_rcv_skb+0x208/0x470
[  218.546145][T10847]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  218.546167][T10847]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  218.546204][T10847]  ? netlink_deliver_tap+0x2e/0x1b0
[  218.546225][T10847]  ? netlink_deliver_tap+0x2e/0x1b0
[  218.546250][T10847]  xfrm_netlink_rcv+0x79/0x90
[  218.546269][T10847]  netlink_unicast+0x82f/0x9e0
[  218.546299][T10847]  ? __pfx_netlink_unicast+0x10/0x10
[  218.546321][T10847]  ? netlink_sendmsg+0x642/0xb30
[  218.546341][T10847]  ? skb_put+0x11b/0x210
[  218.546368][T10847]  netlink_sendmsg+0x805/0xb30
[  218.546400][T10847]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.546426][T10847]  ? aa_sock_msg_perm+0xf1/0x1d0
[  218.546450][T10847]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  218.546469][T10847]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.546492][T10847]  __sock_sendmsg+0x219/0x270
[  218.546515][T10847]  ____sys_sendmsg+0x505/0x830
[  218.546546][T10847]  ? __pfx_____sys_sendmsg+0x10/0x10
[  218.546581][T10847]  ? import_iovec+0x74/0xa0
[  218.546602][T10847]  ___sys_sendmsg+0x21f/0x2a0
[  218.546630][T10847]  ? __pfx____sys_sendmsg+0x10/0x10
[  218.546698][T10847]  ? __fget_files+0x2a/0x420
[  218.546721][T10847]  ? __fget_files+0x3a0/0x420
[  218.546757][T10847]  __x64_sys_sendmsg+0x19b/0x260
[  218.546784][T10847]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  218.546820][T10847]  ? __pfx_ksys_write+0x10/0x10
[  218.546840][T10847]  ? rcu_is_watching+0x15/0xb0
[  218.546863][T10847]  ? do_syscall_64+0xbe/0x3b0
[  218.546889][T10847]  do_syscall_64+0xfa/0x3b0
[  218.546909][T10847]  ? lockdep_hardirqs_on+0x9c/0x150
[  218.546930][T10847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.546949][T10847]  ? clear_bhb_loop+0x60/0xb0
[  218.546970][T10847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.546988][T10847] RIP: 0033:0x7f46de98ebe9
[  218.547005][T10847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.547021][T10847] RSP: 002b:00007f46df774038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.547040][T10847] RAX: ffffffffffffffda RBX: 00007f46debb5fa0 RCX: 00007f46de98ebe9
[  218.547053][T10847] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  218.547064][T10847] RBP: 00007f46df774090 R08: 0000000000000000 R09: 0000000000000000
[  218.547074][T10847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.547084][T10847] R13: 00007f46debb6038 R14: 00007f46debb5fa0 R15: 00007ffebba340f8
[  218.547114][T10847]  </TASK>
[  219.317763][T10841] bond0: entered promiscuous mode
[  219.330784][T10841] bond_slave_0: entered promiscuous mode
[  219.340934][T10841] bond_slave_1: entered promiscuous mode
[  219.356460][T10841] batadv0: entered promiscuous mode
[  219.364967][T10841] hsr1: entered allmulticast mode
[  219.370132][T10841] bond0: entered allmulticast mode
[  219.376261][T10841] bond_slave_0: entered allmulticast mode
[  219.382762][T10841] bond_slave_1: entered allmulticast mode
[  219.388904][T10841] batadv0: entered allmulticast mode
[  219.397249][T10870] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1517'.
[  219.399546][T10841] 8021q: adding VLAN 0 to HW filter on device hsr1
[  219.417818][T10841] bond0: left promiscuous mode
[  219.423307][T10841] bond_slave_0: left promiscuous mode
[  219.428862][T10841] bond_slave_1: left promiscuous mode
[  219.435761][T10841] batadv0: left promiscuous mode
[  219.456826][T10849] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  219.621602][T10879] FAULT_INJECTION: forcing a failure.
[  219.621602][T10879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.667846][T10879] CPU: 1 UID: 0 PID: 10879 Comm: syz.1.1520 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  219.667875][T10879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  219.667887][T10879] Call Trace:
[  219.667894][T10879]  <TASK>
[  219.667903][T10879]  dump_stack_lvl+0x189/0x250
[  219.667930][T10879]  ? __pfx____ratelimit+0x10/0x10
[  219.667953][T10879]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.667975][T10879]  ? __pfx__printk+0x10/0x10
[  219.667999][T10879]  ? __might_fault+0xb0/0x130
[  219.668034][T10879]  should_fail_ex+0x414/0x560
[  219.668062][T10879]  _copy_from_user+0x2d/0xb0
[  219.668081][T10879]  do_sock_getsockopt+0x17d/0x450
[  219.668112][T10879]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  219.668136][T10879]  ? write_ibpb+0x30/0x40
[  219.668157][T10879]  ? __fget_files+0x3a0/0x420
[  219.668182][T10879]  ? __fget_files+0x2a/0x420
[  219.668214][T10879]  __x64_sys_getsockopt+0x1a5/0x250
[  219.668238][T10879]  ? write_ibpb+0x30/0x40
[  219.668261][T10879]  ? write_ibpb+0x30/0x40
[  219.668286][T10879]  do_syscall_64+0xfa/0x3b0
[  219.668307][T10879]  ? lockdep_hardirqs_on+0x9c/0x150
[  219.668328][T10879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.668346][T10879]  ? clear_bhb_loop+0x60/0xb0
[  219.668391][T10879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.668409][T10879] RIP: 0033:0x7ff215f8ebe9
[  219.668426][T10879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.668441][T10879] RSP: 002b:00007ff216e93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  219.668460][T10879] RAX: ffffffffffffffda RBX: 00007ff2161b5fa0 RCX: 00007ff215f8ebe9
[  219.668474][T10879] RDX: 0000000000000020 RSI: 0000000000000084 RDI: 0000000000000003
[  219.668485][T10879] RBP: 00007ff216e93090 R08: 0000200000003780 R09: 0000000000000000
[  219.668497][T10879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.668508][T10879] R13: 00007ff2161b6038 R14: 00007ff2161b5fa0 R15: 00007ffdaa922988
[  219.668538][T10879]  </TASK>
[  220.090572][T10900] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1527'.
[  220.293901][T10911] netlink: 'syz.2.1532': attribute type 1 has an invalid length.
[  220.367097][T10917] netlink: 38400 bytes leftover after parsing attributes in process `syz.3.1534'.
[  220.394630][T10911] 8021q: adding VLAN 0 to HW filter on device bond2
[  220.440828][T10915] bond2: (slave gretap1): making interface the new active one
[  220.457419][T10915] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  220.478527][T10927] netlink: 'syz.1.1537': attribute type 1 has an invalid length.
[  220.496356][T10929] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1536'.
[  220.594362][T10936] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  220.602238][T10936] IPv6: NLM_F_CREATE should be set when creating new route
[  220.610350][T10936] IPv6: NLM_F_CREATE should be set when creating new route
[  220.639807][T10936] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  220.672808][T10929] bond1: entered promiscuous mode
[  220.691239][T10929] bond1: entered allmulticast mode
[  220.699526][T10929] 8021q: adding VLAN 0 to HW filter on device bond1
[  220.708470][T10925] netlink: 'syz.4.1536': attribute type 14 has an invalid length.
[  220.873750][T10927] bond3: entered promiscuous mode
[  220.879426][T10927] 8021q: adding VLAN 0 to HW filter on device bond3
[  220.924077][T10932] 8021q: adding VLAN 0 to HW filter on device bond3
[  220.932952][T10932] bond3: (slave wireguard0): The slave device specified does not support setting the MAC address
[  220.945440][T10932] bond3: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  220.948029][T10953] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  220.970234][T10932] bond3: (slave wireguard0): making interface the new active one
[  220.979234][T10932] wireguard0: entered promiscuous mode
[  220.991137][T10932] bond3: (slave wireguard0): Enslaving as an active interface with an up link
[  221.190245][T10964] C: renamed from team_slave_0 (while UP)
[  221.208968][T10964] netlink: 'syz.4.1548': attribute type 4 has an invalid length.
[  221.216904][T10964] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1548'.
[  221.227470][T10964] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  221.268644][T10966] netlink: 'syz.4.1548': attribute type 29 has an invalid length.
[  221.281177][T10966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1548'.
[  221.297194][T10964] netlink: 'syz.4.1548': attribute type 10 has an invalid length.
[  221.538762][T10983] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1553'.
[  221.547232][T10980] lo speed is unknown, defaulting to 1000
[  221.555529][T10977] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1553'.
[  221.846774][T10994] netlink: 596 bytes leftover after parsing attributes in process `syz.3.1555'.
[  222.103657][T10980] wg1 speed is unknown, defaulting to 1000
[  222.175760][T11006] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1560'.
[  222.755259][T11029] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  222.779424][T11029] syzkaller0: entered promiscuous mode
[  222.798554][T11029] syzkaller0: entered allmulticast mode
[  222.870522][T11029] unsupported nlmsg_type 40
[  222.877165][T11041] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  222.900655][T11029] tipc: Resetting bearer <eth:syzkaller0>
[  222.928938][T11041] syzkaller0: entered promiscuous mode
[  222.962312][T11041] syzkaller0: entered allmulticast mode
[  222.965061][T11048] FAULT_INJECTION: forcing a failure.
[  222.965061][T11048] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  222.982941][T11048] CPU: 0 UID: 0 PID: 11048 Comm: syz.1.1574 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  222.982968][T11048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  222.982979][T11048] Call Trace:
[  222.982986][T11048]  <TASK>
[  222.982994][T11048]  dump_stack_lvl+0x189/0x250
[  222.983021][T11048]  ? __pfx____ratelimit+0x10/0x10
[  222.983044][T11048]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.983066][T11048]  ? __pfx__printk+0x10/0x10
[  222.983092][T11048]  ? fs_reclaim_acquire+0x7d/0x100
[  222.983127][T11048]  should_fail_ex+0x414/0x560
[  222.983154][T11048]  prepare_alloc_pages+0x213/0x610
[  222.983181][T11048]  __alloc_frozen_pages_noprof+0x123/0x370
[  222.983212][T11048]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  222.983243][T11048]  ? __lock_acquire+0xab9/0xd20
[  222.983271][T11048]  alloc_pages_mpol+0x232/0x4a0
[  222.983302][T11048]  ___kmalloc_large_node+0x5f/0x1b0
[  222.983328][T11048]  __kmalloc_large_node_noprof+0x18/0x90
[  222.983349][T11048]  __kmalloc_noprof+0x36f/0x4f0
[  222.983365][T11048]  ? wiphy_new_nm+0x625/0x19e0
[  222.983387][T11048]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  222.983411][T11048]  wiphy_new_nm+0x625/0x19e0
[  222.983428][T11048]  ? ieee80211_alloc_hw_nm+0x8ea/0x1f20
[  222.983454][T11048]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  222.983479][T11048]  ieee80211_alloc_hw_nm+0x3f3/0x1f20
[  222.983503][T11048]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  222.983533][T11048]  mac80211_hwsim_new_radio+0x1ee/0x5340
[  222.983560][T11048]  ? __pfx_stack_trace_save+0x10/0x10
[  222.983581][T11048]  ? stack_depot_save_flags+0x40/0x860
[  222.983597][T11048]  ? netlink_deliver_tap+0x19c/0x1b0
[  222.983615][T11048]  ? netlink_unicast+0x7d1/0x9e0
[  222.983629][T11048]  ? netlink_sendmsg+0x805/0xb30
[  222.983647][T11048]  ? __sock_sendmsg+0x219/0x270
[  222.983676][T11048]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  222.983694][T11048]  ? __nla_validate_parse+0x2400/0x2d40
[  222.983715][T11048]  ? __sock_sendmsg+0x219/0x270
[  222.983732][T11048]  ? ____sys_sendmsg+0x505/0x830
[  222.983765][T11048]  hwsim_new_radio_nl+0xea4/0x1b10
[  222.983789][T11048]  ? __pfx___nla_validate_parse+0x10/0x10
[  222.983827][T11048]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  222.983861][T11048]  ? __nla_parse+0x40/0x60
[  222.983887][T11048]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  222.983916][T11048]  genl_family_rcv_msg_doit+0x212/0x300
[  222.983941][T11048]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  222.983971][T11048]  ? bpf_lsm_capable+0x9/0x20
[  222.983992][T11048]  ? security_capable+0x7e/0x2e0
[  222.984021][T11048]  genl_rcv_msg+0x60e/0x790
[  222.984045][T11048]  ? __pfx_genl_rcv_msg+0x10/0x10
[  222.984061][T11048]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  222.984081][T11048]  ? __asan_memcpy+0x40/0x70
[  222.984100][T11048]  ? __pfx_ref_tracker_free+0x10/0x10
[  222.984127][T11048]  netlink_rcv_skb+0x208/0x470
[  222.984146][T11048]  ? __lock_acquire+0xab9/0xd20
[  222.984169][T11048]  ? __pfx_genl_rcv_msg+0x10/0x10
[  222.984187][T11048]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  222.984241][T11048]  ? down_read+0x1ad/0x2e0
[  222.984268][T11048]  genl_rcv+0x28/0x40
[  222.984291][T11048]  netlink_unicast+0x82f/0x9e0
[  222.984322][T11048]  ? __pfx_netlink_unicast+0x10/0x10
[  222.984345][T11048]  ? netlink_sendmsg+0x642/0xb30
[  222.984365][T11048]  ? skb_put+0x11b/0x210
[  222.984393][T11048]  netlink_sendmsg+0x805/0xb30
[  222.984426][T11048]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.984452][T11048]  ? aa_sock_msg_perm+0xf1/0x1d0
[  222.984479][T11048]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  222.984498][T11048]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.984521][T11048]  __sock_sendmsg+0x219/0x270
[  222.984546][T11048]  ____sys_sendmsg+0x505/0x830
[  222.984578][T11048]  ? __pfx_____sys_sendmsg+0x10/0x10
[  222.984613][T11048]  ? import_iovec+0x74/0xa0
[  222.984635][T11048]  ___sys_sendmsg+0x21f/0x2a0
[  222.984663][T11048]  ? __pfx____sys_sendmsg+0x10/0x10
[  222.984729][T11048]  ? __fget_files+0x2a/0x420
[  222.984754][T11048]  ? __fget_files+0x3a0/0x420
[  222.984790][T11048]  __x64_sys_sendmsg+0x19b/0x260
[  222.984819][T11048]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  222.984856][T11048]  ? __pfx_ksys_write+0x10/0x10
[  222.984876][T11048]  ? rcu_is_watching+0x15/0xb0
[  222.984900][T11048]  ? do_syscall_64+0xbe/0x3b0
[  222.984928][T11048]  do_syscall_64+0xfa/0x3b0
[  222.984948][T11048]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.984970][T11048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.984989][T11048]  ? clear_bhb_loop+0x60/0xb0
[  222.985012][T11048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.985031][T11048] RIP: 0033:0x7ff215f8ebe9
[  222.985049][T11048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.985065][T11048] RSP: 002b:00007ff216e93038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  222.985085][T11048] RAX: ffffffffffffffda RBX: 00007ff2161b5fa0 RCX: 00007ff215f8ebe9
[  222.985099][T11048] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000003
[  222.985109][T11048] RBP: 00007ff216e93090 R08: 0000000000000000 R09: 0000000000000000
[  222.985121][T11048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.985132][T11048] R13: 00007ff2161b6038 R14: 00007ff2161b5fa0 R15: 00007ffdaa922988
[  222.985165][T11048]  </TASK>
[  223.597302][T11024] tipc: Resetting bearer <eth:syzkaller0>
[  223.618396][T11024] tipc: Disabling bearer <eth:syzkaller0>
[  223.652157][T11053] tipc: Resetting bearer <eth:syzkaller0>
[  223.666470][T11040] tipc: Resetting bearer <eth:syzkaller0>
[  223.687275][T11040] tipc: Disabling bearer <eth:syzkaller0>
[  223.716510][T11052] lo speed is unknown, defaulting to 1000
[  223.728284][T11055] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  223.832364][T11058] syzkaller0: entered promiscuous mode
[  223.898464][T11058] syzkaller0: entered allmulticast mode
[  223.977115][T11052] wg1 speed is unknown, defaulting to 1000
[  224.019482][T11055] tipc: Resetting bearer <eth:syzkaller0>
[  224.064656][T11054] tipc: Resetting bearer <eth:syzkaller0>
[  224.099072][T11054] tipc: Disabling bearer <eth:syzkaller0>
[  224.498719][T11091] FAULT_INJECTION: forcing a failure.
[  224.498719][T11091] name failslab, interval 1, probability 0, space 0, times 0
[  224.515828][T11091] CPU: 1 UID: 0 PID: 11091 Comm: syz.1.1589 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  224.515856][T11091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  224.515867][T11091] Call Trace:
[  224.515874][T11091]  <TASK>
[  224.515882][T11091]  dump_stack_lvl+0x189/0x250
[  224.515908][T11091]  ? __pfx____ratelimit+0x10/0x10
[  224.515930][T11091]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.515951][T11091]  ? __pfx__printk+0x10/0x10
[  224.515978][T11091]  ? __pfx___might_resched+0x10/0x10
[  224.515996][T11091]  ? fs_reclaim_acquire+0x7d/0x100
[  224.516027][T11091]  should_fail_ex+0x414/0x560
[  224.516053][T11091]  should_failslab+0xa8/0x100
[  224.516076][T11091]  kmem_cache_alloc_noprof+0x73/0x3c0
[  224.516095][T11091]  ? security_file_alloc+0x34/0x330
[  224.516116][T11091]  security_file_alloc+0x34/0x330
[  224.516139][T11091]  init_file+0x93/0x2f0
[  224.516161][T11091]  alloc_empty_file+0x6e/0x1d0
[  224.516181][T11091]  alloc_file_pseudo+0x13d/0x210
[  224.516204][T11091]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  224.516238][T11091]  anon_inode_getfd+0xca/0x1b0
[  224.516261][T11091]  map_create+0x10a2/0x14d0
[  224.516290][T11091]  ? security_bpf+0x7e/0x300
[  224.516320][T11091]  __sys_bpf+0x60f/0x870
[  224.516346][T11091]  ? __pfx___sys_bpf+0x10/0x10
[  224.516382][T11091]  ? ksys_write+0x22a/0x250
[  224.516407][T11091]  ? __pfx_ksys_write+0x10/0x10
[  224.516437][T11091]  __x64_sys_bpf+0x7c/0x90
[  224.516459][T11091]  do_syscall_64+0xfa/0x3b0
[  224.516480][T11091]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.516501][T11091]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.516518][T11091]  ? clear_bhb_loop+0x60/0xb0
[  224.516538][T11091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.516555][T11091] RIP: 0033:0x7ff215f8ebe9
[  224.516571][T11091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.516586][T11091] RSP: 002b:00007ff216e93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  224.516603][T11091] RAX: ffffffffffffffda RBX: 00007ff2161b5fa0 RCX: 00007ff215f8ebe9
[  224.516615][T11091] RDX: 0000000000000050 RSI: 0000200000000100 RDI: 0000000000000000
[  224.516625][T11091] RBP: 00007ff216e93090 R08: 0000000000000000 R09: 0000000000000000
[  224.516635][T11091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.516645][T11091] R13: 00007ff2161b6038 R14: 00007ff2161b5fa0 R15: 00007ffdaa922988
[  224.516672][T11091]  </TASK>
[  224.781492][T11092] __nla_validate_parse: 4 callbacks suppressed
[  224.781512][T11092] netlink: 592 bytes leftover after parsing attributes in process `syz.3.1588'.
[  225.087957][T11096] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1590'.
[  225.152440][T11100] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1590'.
[  225.501998][T11132] FAULT_INJECTION: forcing a failure.
[  225.501998][T11132] name failslab, interval 1, probability 0, space 0, times 0
[  225.537061][T11132] CPU: 1 UID: 0 PID: 11132 Comm: syz.2.1604 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  225.537089][T11132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  225.537100][T11132] Call Trace:
[  225.537108][T11132]  <TASK>
[  225.537116][T11132]  dump_stack_lvl+0x189/0x250
[  225.537142][T11132]  ? __pfx____ratelimit+0x10/0x10
[  225.537165][T11132]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.537186][T11132]  ? __pfx__printk+0x10/0x10
[  225.537213][T11132]  ? __pfx___might_resched+0x10/0x10
[  225.537229][T11132]  ? fs_reclaim_acquire+0x7d/0x100
[  225.537258][T11132]  should_fail_ex+0x414/0x560
[  225.537281][T11132]  ? page_pool_create_percpu+0x32a/0xbe0
[  225.537298][T11132]  should_failslab+0xa8/0x100
[  225.537324][T11132]  __kvmalloc_node_noprof+0x161/0x5f0
[  225.537349][T11132]  ? page_pool_create_percpu+0x32a/0xbe0
[  225.537373][T11132]  page_pool_create_percpu+0x32a/0xbe0
[  225.537392][T11132]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  225.537421][T11132]  bpf_test_run_xdp_live+0x1ca/0x1b10
[  225.537452][T11132]  ? stack_trace_save+0x9c/0xe0
[  225.537475][T11132]  ? stack_depot_save_flags+0x40/0x860
[  225.537505][T11132]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  225.537527][T11132]  ? bpf_prog_test_run_xdp+0x37c/0x1000
[  225.537547][T11132]  ? bpf_prog_test_run+0x2c7/0x340
[  225.537574][T11132]  ? __sys_bpf+0x581/0x870
[  225.537593][T11132]  ? __x64_sys_bpf+0x7c/0x90
[  225.537634][T11132]  ? __lock_acquire+0xab9/0xd20
[  225.537669][T11132]  ? __might_fault+0xb0/0x130
[  225.537702][T11132]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  225.537732][T11132]  ? _copy_from_user+0x94/0xb0
[  225.537750][T11132]  ? bpf_test_init+0x133/0x170
[  225.537768][T11132]  ? xdp_convert_md_to_buff+0x5b/0x330
[  225.537793][T11132]  bpf_prog_test_run_xdp+0x713/0x1000
[  225.537831][T11132]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  225.537859][T11132]  ? __fget_files+0x2a/0x420
[  225.537889][T11132]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  225.537913][T11132]  bpf_prog_test_run+0x2c7/0x340
[  225.537940][T11132]  __sys_bpf+0x581/0x870
[  225.537975][T11132]  ? __pfx___sys_bpf+0x10/0x10
[  225.538011][T11132]  ? ksys_write+0x22a/0x250
[  225.538037][T11132]  ? __pfx_ksys_write+0x10/0x10
[  225.538056][T11132]  ? rcu_is_watching+0x15/0xb0
[  225.538085][T11132]  __x64_sys_bpf+0x7c/0x90
[  225.538107][T11132]  do_syscall_64+0xfa/0x3b0
[  225.538128][T11132]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.538150][T11132]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.538168][T11132]  ? clear_bhb_loop+0x60/0xb0
[  225.538190][T11132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.538207][T11132] RIP: 0033:0x7fe30638ebe9
[  225.538224][T11132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.538240][T11132] RSP: 002b:00007fe3072b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  225.538259][T11132] RAX: ffffffffffffffda RBX: 00007fe3065b5fa0 RCX: 00007fe30638ebe9
[  225.538272][T11132] RDX: 0000000000000050 RSI: 0000200000000340 RDI: 000000000000000a
[  225.538283][T11132] RBP: 00007fe3072b7090 R08: 0000000000000000 R09: 0000000000000000
[  225.538294][T11132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.538303][T11132] R13: 00007fe3065b6038 R14: 00007fe3065b5fa0 R15: 00007ffe25d282d8
[  225.538333][T11132]  </TASK>
[  225.539513][T11132] page_pool_create_percpu() gave up with errno -12
[  226.294220][T11165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1618'.
[  226.336590][T11156] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.386268][T11156] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.655347][T11156] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.681947][T11156] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.774921][T11156] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.785541][T11156] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.797613][T11190] FAULT_INJECTION: forcing a failure.
[  226.797613][T11190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.814205][T11190] CPU: 1 UID: 0 PID: 11190 Comm: syz.3.1625 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  226.814232][T11190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  226.814242][T11190] Call Trace:
[  226.814250][T11190]  <TASK>
[  226.814257][T11190]  dump_stack_lvl+0x189/0x250
[  226.814283][T11190]  ? __pfx____ratelimit+0x10/0x10
[  226.814306][T11190]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.814327][T11190]  ? __pfx__printk+0x10/0x10
[  226.814349][T11190]  ? __might_fault+0xb0/0x130
[  226.814377][T11190]  should_fail_ex+0x414/0x560
[  226.814402][T11190]  _copy_from_user+0x2d/0xb0
[  226.814421][T11190]  ___sys_recvmsg+0x12e/0x510
[  226.814454][T11190]  ? __pfx____sys_recvmsg+0x10/0x10
[  226.814503][T11190]  ? __might_fault+0xb0/0x130
[  226.814529][T11190]  do_recvmmsg+0x307/0x770
[  226.814564][T11190]  ? __pfx_do_recvmmsg+0x10/0x10
[  226.814602][T11190]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  226.814644][T11190]  __x64_sys_recvmmsg+0x190/0x240
[  226.814673][T11190]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  226.814697][T11190]  ? rcu_is_watching+0x15/0xb0
[  226.814722][T11190]  ? do_syscall_64+0xbe/0x3b0
[  226.814747][T11190]  do_syscall_64+0xfa/0x3b0
[  226.814767][T11190]  ? lockdep_hardirqs_on+0x9c/0x150
[  226.814788][T11190]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.814806][T11190]  ? clear_bhb_loop+0x60/0xb0
[  226.814828][T11190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.814847][T11190] RIP: 0033:0x7f743898ebe9
[  226.814869][T11190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.814885][T11190] RSP: 002b:00007f7436bee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  226.814904][T11190] RAX: ffffffffffffffda RBX: 00007f7438bb5fa0 RCX: 00007f743898ebe9
[  226.814917][T11190] RDX: 0000000000000f00 RSI: 0000200000003300 RDI: 0000000000000004
[  226.814928][T11190] RBP: 00007f7436bee090 R08: 0000000000000000 R09: 0000000000000000
[  226.814939][T11190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.814950][T11190] R13: 00007f7438bb6038 R14: 00007f7438bb5fa0 R15: 00007ffee2bd7d18
[  226.814979][T11190]  </TASK>
[  227.175344][T11200] FAULT_INJECTION: forcing a failure.
[  227.175344][T11200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.196561][T11200] CPU: 1 UID: 0 PID: 11200 Comm: syz.3.1626 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  227.196586][T11200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  227.196596][T11200] Call Trace:
[  227.196602][T11200]  <TASK>
[  227.196610][T11200]  dump_stack_lvl+0x189/0x250
[  227.196633][T11200]  ? __pfx____ratelimit+0x10/0x10
[  227.196651][T11200]  ? __pfx_dump_stack_lvl+0x10/0x10
[  227.196668][T11200]  ? __pfx__printk+0x10/0x10
[  227.196700][T11200]  should_fail_ex+0x414/0x560
[  227.196722][T11200]  _copy_from_user+0x2d/0xb0
[  227.196749][T11200]  bpf_test_init+0xf8/0x170
[  227.196774][T11200]  bpf_prog_test_run_xdp+0x37c/0x1000
[  227.196809][T11200]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  227.196834][T11200]  ? __fget_files+0x2a/0x420
[  227.196860][T11200]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  227.196882][T11200]  bpf_prog_test_run+0x2c7/0x340
[  227.196909][T11200]  __sys_bpf+0x581/0x870
[  227.196932][T11200]  ? __pfx___sys_bpf+0x10/0x10
[  227.196965][T11200]  ? ksys_write+0x22a/0x250
[  227.196989][T11200]  ? __pfx_ksys_write+0x10/0x10
[  227.197008][T11200]  ? rcu_is_watching+0x15/0xb0
[  227.197033][T11200]  __x64_sys_bpf+0x7c/0x90
[  227.197055][T11200]  do_syscall_64+0xfa/0x3b0
[  227.197076][T11200]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.197096][T11200]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.197115][T11200]  ? clear_bhb_loop+0x60/0xb0
[  227.197137][T11200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.197154][T11200] RIP: 0033:0x7f743898ebe9
[  227.197171][T11200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.197187][T11200] RSP: 002b:00007f7436bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  227.197206][T11200] RAX: ffffffffffffffda RBX: 00007f7438bb5fa0 RCX: 00007f743898ebe9
[  227.197220][T11200] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 000000000000000a
[  227.197231][T11200] RBP: 00007f7436bee090 R08: 0000000000000000 R09: 0000000000000000
[  227.197242][T11200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.197252][T11200] R13: 00007f7438bb6038 R14: 00007f7438bb5fa0 R15: 00007ffee2bd7d18
[  227.197283][T11200]  </TASK>
[  227.197800][T11156] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  227.446837][T11156] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.541594][T11208] FAULT_INJECTION: forcing a failure.
[  227.541594][T11208] name failslab, interval 1, probability 0, space 0, times 0
[  227.558498][T11208] CPU: 1 UID: 0 PID: 11208 Comm: syz.3.1631 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  227.558524][T11208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  227.558534][T11208] Call Trace:
[  227.558542][T11208]  <TASK>
[  227.558550][T11208]  dump_stack_lvl+0x189/0x250
[  227.558573][T11208]  ? __pfx____ratelimit+0x10/0x10
[  227.558593][T11208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  227.558611][T11208]  ? __pfx__printk+0x10/0x10
[  227.558637][T11208]  ? __pfx___might_resched+0x10/0x10
[  227.558659][T11208]  should_fail_ex+0x414/0x560
[  227.558682][T11208]  ? bpf_test_run_xdp_live+0x18e/0x1b10
[  227.558702][T11208]  should_failslab+0xa8/0x100
[  227.558727][T11208]  __kvmalloc_node_noprof+0x161/0x5f0
[  227.558750][T11208]  ? bpf_test_run_xdp_live+0x18e/0x1b10
[  227.558775][T11208]  bpf_test_run_xdp_live+0x18e/0x1b10
[  227.558802][T11208]  ? stack_trace_save+0x9c/0xe0
[  227.558821][T11208]  ? stack_depot_save_flags+0x40/0x860
[  227.558848][T11208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  227.558865][T11208]  ? bpf_prog_test_run_xdp+0x37c/0x1000
[  227.558884][T11208]  ? bpf_prog_test_run+0x2c7/0x340
[  227.558906][T11208]  ? __sys_bpf+0x581/0x870
[  227.558923][T11208]  ? __x64_sys_bpf+0x7c/0x90
[  227.558961][T11208]  ? __lock_acquire+0xab9/0xd20
[  227.559006][T11208]  ? __might_fault+0xb0/0x130
[  227.559037][T11208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  227.559065][T11208]  ? _copy_from_user+0x94/0xb0
[  227.559082][T11208]  ? bpf_test_init+0x133/0x170
[  227.559098][T11208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  227.559122][T11208]  bpf_prog_test_run_xdp+0x713/0x1000
[  227.559162][T11208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  227.559190][T11208]  ? __fget_files+0x2a/0x420
[  227.559220][T11208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  227.559245][T11208]  bpf_prog_test_run+0x2c7/0x340
[  227.559274][T11208]  __sys_bpf+0x581/0x870
[  227.559299][T11208]  ? __pfx___sys_bpf+0x10/0x10
[  227.559332][T11208]  ? ksys_write+0x22a/0x250
[  227.559354][T11208]  ? __pfx_ksys_write+0x10/0x10
[  227.559373][T11208]  ? rcu_is_watching+0x15/0xb0
[  227.559395][T11208]  __x64_sys_bpf+0x7c/0x90
[  227.559416][T11208]  do_syscall_64+0xfa/0x3b0
[  227.559437][T11208]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.559457][T11208]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.559476][T11208]  ? clear_bhb_loop+0x60/0xb0
[  227.559497][T11208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.559514][T11208] RIP: 0033:0x7f743898ebe9
[  227.559531][T11208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.559545][T11208] RSP: 002b:00007f7436bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  227.559564][T11208] RAX: ffffffffffffffda RBX: 00007f7438bb5fa0 RCX: 00007f743898ebe9
[  227.559576][T11208] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  227.559587][T11208] RBP: 00007f7436bee090 R08: 0000000000000000 R09: 0000000000000000
[  227.559597][T11208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.559608][T11208] R13: 00007f7438bb6038 R14: 00007f7438bb5fa0 R15: 00007ffee2bd7d18
[  227.559637][T11208]  </TASK>
[  227.943214][ T6077] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  227.978795][ T6077] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.988604][ T6084] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  228.007034][ T6084] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.019856][ T6084] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  228.029303][ T6084] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.040598][ T6084] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  228.049686][ T6084] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.284974][ T5883] Bluetooth: hci3: link tx timeout
[  228.287157][T11229] FAULT_INJECTION: forcing a failure.
[  228.287157][T11229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.290638][ T5883] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  228.313937][ T5883] Bluetooth: hci3: link tx timeout
[  228.319083][ T5883] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  228.327532][ T5883] Bluetooth: hci3: link tx timeout
[  228.333697][ T5883] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  228.341349][ T5883] Bluetooth: hci3: link tx timeout
[  228.346548][ T5883] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  228.354515][T11229] CPU: 1 UID: 0 PID: 11229 Comm: syz.3.1640 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  228.354541][T11229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  228.354552][T11229] Call Trace:
[  228.354561][T11229]  <TASK>
[  228.354570][T11229]  dump_stack_lvl+0x189/0x250
[  228.354598][T11229]  ? __pfx____ratelimit+0x10/0x10
[  228.354621][T11229]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.354716][T11229]  ? __pfx__printk+0x10/0x10
[  228.354740][T11229]  ? __might_fault+0xb0/0x130
[  228.354777][T11229]  should_fail_ex+0x414/0x560
[  228.354804][T11229]  _copy_from_user+0x2d/0xb0
[  228.354823][T11229]  kstrtouint_from_user+0xc4/0x170
[  228.354850][T11229]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  228.354890][T11229]  proc_fail_nth_write+0x88/0x200
[  228.354912][T11229]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  228.354940][T11229]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  228.354963][T11229]  vfs_write+0x27e/0xa90
[  228.354997][T11229]  ? __pfx_vfs_write+0x10/0x10
[  228.355022][T11229]  ? __fget_files+0x2a/0x420
[  228.355052][T11229]  ? __fget_files+0x3a0/0x420
[  228.355075][T11229]  ? __fget_files+0x2a/0x420
[  228.355110][T11229]  ksys_write+0x145/0x250
[  228.355136][T11229]  ? __pfx_ksys_write+0x10/0x10
[  228.355156][T11229]  ? rcu_is_watching+0x15/0xb0
[  228.355181][T11229]  ? do_syscall_64+0xbe/0x3b0
[  228.355208][T11229]  do_syscall_64+0xfa/0x3b0
[  228.355229][T11229]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.355250][T11229]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.355269][T11229]  ? clear_bhb_loop+0x60/0xb0
[  228.355293][T11229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.355311][T11229] RIP: 0033:0x7f743898d69f
[  228.355329][T11229] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  228.355345][T11229] RSP: 002b:00007f7436bee030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  228.355365][T11229] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f743898d69f
[  228.355378][T11229] RDX: 0000000000000001 RSI: 00007f7436bee0a0 RDI: 0000000000000006
[  228.355389][T11229] RBP: 00007f7436bee090 R08: 0000000000000000 R09: 0000000000000000
[  228.355401][T11229] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  228.355412][T11229] R13: 00007f7438bb6038 R14: 00007f7438bb5fa0 R15: 00007ffee2bd7d18
[  228.355443][T11229]  </TASK>
[  228.358450][T11220] lo speed is unknown, defaulting to 1000
[  228.879101][T11247] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  228.903539][T11248] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1647'.
[  228.914744][T11220] wg1 speed is unknown, defaulting to 1000
[  228.918758][T11247] syzkaller0: entered promiscuous mode
[  228.949829][T11247] syzkaller0: entered allmulticast mode
[  228.961233][T11253] delete_channel: no stack
[  229.120145][T11247] tipc: Resetting bearer <eth:syzkaller0>
[  229.148551][T11245] tipc: Resetting bearer <eth:syzkaller0>
[  229.266979][T11245] tipc: Disabling bearer <eth:syzkaller0>
[  229.365460][T11266] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.472571][T11266] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.609092][T11266] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.737665][T11266] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.770418][T11278] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  229.782862][T11278] tipc: Resetting bearer <eth:syzkaller0>
[  229.805571][T11277] tipc: Disabling bearer <eth:syzkaller0>
[  229.967295][ T6077] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.001368][ T6090] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.031539][ T6090] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.060537][ T6090] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.225185][T11304] FAULT_INJECTION: forcing a failure.
[  230.225185][T11304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.259423][T11304] CPU: 0 UID: 0 PID: 11304 Comm: syz.4.1669 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  230.259467][T11304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  230.259478][T11304] Call Trace:
[  230.259486][T11304]  <TASK>
[  230.259494][T11304]  dump_stack_lvl+0x189/0x250
[  230.259524][T11304]  ? __pfx____ratelimit+0x10/0x10
[  230.259547][T11304]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.259567][T11304]  ? __pfx__printk+0x10/0x10
[  230.259592][T11304]  ? __might_fault+0xb0/0x130
[  230.259628][T11304]  should_fail_ex+0x414/0x560
[  230.259653][T11304]  _copy_from_iter+0x1db/0x16f0
[  230.259683][T11304]  ? rcu_is_watching+0x15/0xb0
[  230.259703][T11304]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  230.259729][T11304]  ? __pfx__copy_from_iter+0x10/0x10
[  230.259756][T11304]  ? __build_skb_around+0x257/0x3e0
[  230.259790][T11304]  ? netlink_sendmsg+0x642/0xb30
[  230.259812][T11304]  ? skb_put+0x11b/0x210
[  230.259839][T11304]  netlink_sendmsg+0x6b2/0xb30
[  230.259872][T11304]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.259899][T11304]  ? aa_sock_msg_perm+0xf1/0x1d0
[  230.259925][T11304]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  230.259945][T11304]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.259969][T11304]  __sock_sendmsg+0x219/0x270
[  230.259993][T11304]  ____sys_sendmsg+0x505/0x830
[  230.260026][T11304]  ? __pfx_____sys_sendmsg+0x10/0x10
[  230.260061][T11304]  ? import_iovec+0x74/0xa0
[  230.260083][T11304]  ___sys_sendmsg+0x21f/0x2a0
[  230.260111][T11304]  ? __pfx____sys_sendmsg+0x10/0x10
[  230.260172][T11304]  ? __fget_files+0x2a/0x420
[  230.260195][T11304]  ? __fget_files+0x3a0/0x420
[  230.260230][T11304]  __x64_sys_sendmsg+0x19b/0x260
[  230.260257][T11304]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  230.260293][T11304]  ? __pfx_ksys_write+0x10/0x10
[  230.260313][T11304]  ? rcu_is_watching+0x15/0xb0
[  230.260337][T11304]  ? do_syscall_64+0xbe/0x3b0
[  230.260364][T11304]  do_syscall_64+0xfa/0x3b0
[  230.260385][T11304]  ? lockdep_hardirqs_on+0x9c/0x150
[  230.260405][T11304]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.260422][T11304]  ? clear_bhb_loop+0x60/0xb0
[  230.260444][T11304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.260461][T11304] RIP: 0033:0x7f46de98ebe9
[  230.260477][T11304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.260493][T11304] RSP: 002b:00007f46df774038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  230.260513][T11304] RAX: ffffffffffffffda RBX: 00007f46debb5fa0 RCX: 00007f46de98ebe9
[  230.260526][T11304] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  230.260536][T11304] RBP: 00007f46df774090 R08: 0000000000000000 R09: 0000000000000000
[  230.260546][T11304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.260555][T11304] R13: 00007f46debb6038 R14: 00007f46debb5fa0 R15: 00007ffebba340f8
[  230.260584][T11304]  </TASK>
[  230.354283][T11312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1671'.
[  230.450012][ T5883] Bluetooth: hci3: command 0x0405 tx timeout
[  230.588329][T11318] nftables ruleset with unbound set
[  230.638533][T11318] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  230.666970][T11320] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  230.675416][T11320] syzkaller0: entered promiscuous mode
[  230.681192][T11320] syzkaller0: entered allmulticast mode
[  230.740400][T11318] syzkaller0: entered promiscuous mode
[  230.750188][T11318] syzkaller0: entered allmulticast mode
[  230.780397][T11318] tipc: Resetting bearer <eth:syzkaller0>
[  230.790998][T11317] tipc: Resetting bearer <eth:syzkaller0>
[  230.824064][T11317] tipc: Disabling bearer <eth:syzkaller0>
[  230.854029][T11332] tipc: Resetting bearer <eth:syzkaller0>
[  230.960340][T11338] ip6erspan0: entered allmulticast mode
[  231.437787][T11363] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1689'.
[  231.465506][T11319] tipc: Resetting bearer <eth:syzkaller0>
[  231.485966][T11319] tipc: Disabling bearer <eth:syzkaller0>
[  231.639296][T11373] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1693'.
[  231.740111][T11379] netlink: 'syz.4.1696': attribute type 13 has an invalid length.
[  231.754791][T11379] netlink: 'syz.4.1696': attribute type 17 has an invalid length.
[  231.808039][T11379] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  231.866739][T11387] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  231.889332][T11391] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  231.904382][T11379] netlink: 'syz.4.1696': attribute type 10 has an invalid length.
[  231.914824][T11385] syzkaller0: entered promiscuous mode
[  231.925606][T11385] syzkaller0: entered allmulticast mode
[  231.933747][T11379] mac80211_hwsim hwsim8 wlan1: left allmulticast mode
[  231.967346][T11387] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1696'.
[  231.973014][T11385] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  232.045935][T11383] tipc: Resetting bearer <eth:syzkaller0>
[  232.120412][T11383] tipc: Disabling bearer <eth:syzkaller0>
[  232.218169][T11363] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  232.238674][T11363] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  232.311359][T11363] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  232.338244][T11363] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  232.355658][T11404] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.363463][T11404] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.374019][T11363] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  232.389321][T11412] netlink: 248 bytes leftover after parsing attributes in process `syz.3.1704'.
[  232.404355][T11363] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  232.438786][T11415] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1705'.
[  232.512563][T11404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  232.528367][T11404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.612043][ T5883] Bluetooth: hci3: command 0x0405 tx timeout
[  232.626558][T11363] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  232.649423][T11363] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  232.900971][ T5956] wg1 speed is unknown, defaulting to 1000
[  232.913622][ T5956] syz2: Port: 1 Link DOWN
[  232.933667][ T6079] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.944727][T11419] syzkaller0: entered promiscuous mode
[  232.950239][T11419] syzkaller0: entered allmulticast mode
[  232.978158][ T6079] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.986977][ T6079] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.997358][ T6079] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.202864][T11438] netlink: 'syz.3.1708': attribute type 10 has an invalid length.
[  233.215852][T11438] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1708'.
[  233.282306][T11447] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1711'.
[  233.536292][T11459] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1715'.
[  233.536455][T11460] FAULT_INJECTION: forcing a failure.
[  233.536455][T11460] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.548504][T11459] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1715'.
[  233.568457][T11460] CPU: 1 UID: 0 PID: 11460 Comm: syz.1.1716 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  233.568483][T11460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  233.568493][T11460] Call Trace:
[  233.568501][T11460]  <TASK>
[  233.568508][T11460]  dump_stack_lvl+0x189/0x250
[  233.568536][T11460]  ? __pfx____ratelimit+0x10/0x10
[  233.568561][T11460]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.568583][T11460]  ? __pfx__printk+0x10/0x10
[  233.568623][T11460]  should_fail_ex+0x414/0x560
[  233.568651][T11460]  _copy_to_user+0x31/0xb0
[  233.568672][T11460]  llc_ui_getsockopt+0x451/0x500
[  233.568702][T11460]  ? __pfx_llc_ui_getsockopt+0x10/0x10
[  233.568734][T11460]  ? __pfx_llc_ui_getsockopt+0x10/0x10
[  233.568760][T11460]  do_sock_getsockopt+0x372/0x450
[  233.568790][T11460]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  233.568815][T11460]  ? write_ibpb+0x30/0x40
[  233.568836][T11460]  ? __fget_files+0x3a0/0x420
[  233.568861][T11460]  ? __fget_files+0x2a/0x420
[  233.568895][T11460]  __x64_sys_getsockopt+0x1a5/0x250
[  233.568920][T11460]  ? write_ibpb+0x30/0x40
[  233.568945][T11460]  ? write_ibpb+0x30/0x40
[  233.568971][T11460]  do_syscall_64+0xfa/0x3b0
[  233.568993][T11460]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.569015][T11460]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.569034][T11460]  ? clear_bhb_loop+0x60/0xb0
[  233.569054][T11460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.569071][T11460] RIP: 0033:0x7ff215f8ebe9
[  233.569088][T11460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.569104][T11460] RSP: 002b:00007ff216e93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  233.569122][T11460] RAX: ffffffffffffffda RBX: 00007ff2161b5fa0 RCX: 00007ff215f8ebe9
[  233.569135][T11460] RDX: 0000000000000009 RSI: 000000000000010c RDI: 0000000000000004
[  233.569145][T11460] RBP: 00007ff216e93090 R08: 0000200000000080 R09: 0000000000000000
[  233.569158][T11460] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  233.569170][T11460] R13: 00007ff2161b6038 R14: 00007ff2161b5fa0 R15: 00007ffdaa922988
[  233.569201][T11460]  </TASK>
[  234.085102][T11478] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  234.095080][T11476] netlink: 'syz.3.1722': attribute type 21 has an invalid length.
[  234.097402][T11478] syzkaller0: entered promiscuous mode
[  234.120334][T11478] syzkaller0: entered allmulticast mode
[  234.271466][T11488] tipc: Resetting bearer <eth:syzkaller0>
[  234.410665][T11491] lo speed is unknown, defaulting to 1000
[  234.464641][T11496] netlink: 'syz.3.1730': attribute type 9 has an invalid length.
[  234.578808][T11506] FAULT_INJECTION: forcing a failure.
[  234.578808][T11506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.599280][T11506] CPU: 1 UID: 0 PID: 11506 Comm: syz.0.1732 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  234.599334][T11506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  234.599346][T11506] Call Trace:
[  234.599354][T11506]  <TASK>
[  234.599363][T11506]  dump_stack_lvl+0x189/0x250
[  234.599392][T11506]  ? __pfx____ratelimit+0x10/0x10
[  234.599415][T11506]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.599444][T11506]  ? __pfx__printk+0x10/0x10
[  234.599469][T11506]  ? __might_fault+0xb0/0x130
[  234.599503][T11506]  should_fail_ex+0x414/0x560
[  234.599528][T11506]  _copy_from_user+0x2d/0xb0
[  234.599547][T11506]  ___sys_recvmsg+0x12e/0x510
[  234.599581][T11506]  ? __pfx____sys_recvmsg+0x10/0x10
[  234.599634][T11506]  ? __might_fault+0xb0/0x130
[  234.599661][T11506]  do_recvmmsg+0x307/0x770
[  234.599693][T11506]  ? __pfx_do_recvmmsg+0x10/0x10
[  234.599729][T11506]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  234.599770][T11506]  __x64_sys_recvmmsg+0x190/0x240
[  234.599800][T11506]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  234.599824][T11506]  ? rcu_is_watching+0x15/0xb0
[  234.599849][T11506]  ? do_syscall_64+0xbe/0x3b0
[  234.599876][T11506]  do_syscall_64+0xfa/0x3b0
[  234.599895][T11506]  ? lockdep_hardirqs_on+0x9c/0x150
[  234.599917][T11506]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.599936][T11506]  ? clear_bhb_loop+0x60/0xb0
[  234.599959][T11506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.599976][T11506] RIP: 0033:0x7fab2738ebe9
[  234.599992][T11506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.600008][T11506] RSP: 002b:00007fab282a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  234.600026][T11506] RAX: ffffffffffffffda RBX: 00007fab275b5fa0 RCX: 00007fab2738ebe9
[  234.600039][T11506] RDX: 040000000000049e RSI: 0000200000000300 RDI: 0000000000000003
[  234.600051][T11506] RBP: 00007fab282a8090 R08: 0000000000000000 R09: 0000000000000000
[  234.600063][T11506] R10: 00001000000000fe R11: 0000000000000246 R12: 0000000000000002
[  234.600075][T11506] R13: 00007fab275b6038 R14: 00007fab275b5fa0 R15: 00007ffca99b4908
[  234.600106][T11506]  </TASK>
[  234.917072][T11491] wg1 speed is unknown, defaulting to 1000
[  234.949125][T11477] tipc: Resetting bearer <eth:syzkaller0>
[  234.997923][T11477] tipc: Disabling bearer <eth:syzkaller0>
[  235.855777][T11548] syz_tun: entered promiscuous mode
[  235.980272][T11554] __nla_validate_parse: 6 callbacks suppressed
[  235.980291][T11554] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1749'.
[  236.018509][T11554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1749'.
[  236.330817][T11572] sctp: [Deprecated]: syz.4.1757 (pid 11572) Use of struct sctp_assoc_value in delayed_ack socket option.
[  236.330817][T11572] Use struct sctp_sack_info instead
[  236.398813][T11569] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1757'.
[  236.429288][T11569] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  236.695829][T11594] trusted_key: syz.0.1769 sent an empty control message without MSG_MORE.
[  236.717506][T11592] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1768'.
[  237.224306][T11613] syzkaller0: entered promiscuous mode
[  237.229921][T11613] syzkaller0: entered allmulticast mode
[  239.413776][T11647] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1784'.
[  239.435994][T11647] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1784'.
[  239.659999][T11657] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  239.671018][T11657] syzkaller0: entered promiscuous mode
[  239.677007][T11657] syzkaller0: entered allmulticast mode
[  239.726689][T11663] netlink: 248 bytes leftover after parsing attributes in process `syz.0.1790'.
[  239.733024][T11664] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1789'.
[  239.764742][T11660] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1789'.
[  239.811241][T11667] tipc: Resetting bearer <eth:syzkaller0>
[  239.928602][T11674] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1794'.
[  240.464220][T11656] tipc: Resetting bearer <eth:syzkaller0>
[  240.486931][T11656] tipc: Disabling bearer <eth:syzkaller0>
[  245.573784][  T123] block nbd0: Possible stuck request ffff888025605080: control (read@0,4096B). Runtime 120 seconds
[  250.220306][T11708] __nla_validate_parse: 2 callbacks suppressed
[  250.220327][T11708] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1805'.
[  255.816927][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  275.652736][  T123] block nbd0: Possible stuck request ffff888025605080: control (read@0,4096B). Runtime 150 seconds
[  305.732410][  T123] block nbd0: Possible stuck request ffff888025605080: control (read@0,4096B). Runtime 180 seconds
[  317.255580][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  335.812376][  T123] block nbd0: Possible stuck request ffff888025605080: control (read@0,4096B). Runtime 210 seconds
[  365.892473][  T123] block nbd0: Possible stuck request ffff888025605080: control (read@0,4096B). Runtime 240 seconds
[  378.706632][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  379.332120][   T31] INFO: task kworker/1:4:5935 blocked for more than 143 seconds.
[  379.339873][   T31]       Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0
[  379.347599][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  379.356680][   T31] task:kworker/1:4     state:D stack:20424 pid:5935  tgid:5935  ppid:2      task_flags:0x4208060 flags:0x00004000
[  379.369687][   T31] Workqueue: events rfkill_sync_work
[  379.375429][   T31] Call Trace:
[  379.378728][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  379.382097][   T31]  __schedule+0x1798/0x4cc0
[  379.386991][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  379.393050][   T31]  ? __pfx___schedule+0x10/0x10
[  379.398039][   T31]  ? schedule+0x91/0x360
[  379.403078][   T31]  schedule+0x165/0x360
[  379.407265][   T31]  schedule_preempt_disabled+0x13/0x30
[  379.442219][   T31]  __mutex_lock+0x7e6/0x1360
[  379.446878][   T31]  ? __mutex_lock+0x5b6/0x1360
[  379.475580][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[  379.480937][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  379.486214][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  379.491433][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  379.497383][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  379.503803][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  379.509615][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[  379.515294][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  379.521010][   T31]  rfkill_set_block+0x1cf/0x440
[  379.526204][   T31]  rfkill_sync_work+0x114/0x200
[  379.531048][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  379.537055][   T31]  process_scheduled_works+0xade/0x17b0
[  379.542974][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  379.548971][   T31]  worker_thread+0x8a0/0xda0
[  379.554297][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  379.560679][   T31]  ? __kthread_parkme+0x7b/0x200
[  379.565986][   T31]  kthread+0x70e/0x8a0
[  379.570078][   T31]  ? __pfx_worker_thread+0x10/0x10
[  379.575595][   T31]  ? __pfx_kthread+0x10/0x10
[  379.580213][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  379.586094][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  379.591322][   T31]  ? __pfx_kthread+0x10/0x10
[  379.596518][   T31]  ret_from_fork+0x3fc/0x770
[  379.601119][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  379.606564][   T31]  ? __switch_to_asm+0x39/0x70
[  379.611322][   T31]  ? __switch_to_asm+0x33/0x70
[  379.616369][   T31]  ? __pfx_kthread+0x10/0x10
[  379.620951][   T31]  ret_from_fork_asm+0x1a/0x30
[  379.626063][   T31]  </TASK>
[  379.629132][   T31] INFO: task kworker/1:11:6668 blocked for more than 143 seconds.
[  379.637279][   T31]       Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0
[  379.644879][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  379.654078][   T31] task:kworker/1:11    state:D stack:22736 pid:6668  tgid:6668  ppid:2      task_flags:0x4208060 flags:0x00004000
[  379.666431][   T31] Workqueue: events rfkill_global_led_trigger_worker
[  379.673453][   T31] Call Trace:
[  379.676742][   T31]  <TASK>
[  379.679694][   T31]  __schedule+0x1798/0x4cc0
[  379.684607][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  379.690001][   T31]  ? __pfx___schedule+0x10/0x10
[  379.695153][   T31]  ? schedule+0x91/0x360
[  379.699390][   T31]  schedule+0x165/0x360
[  379.704192][   T31]  schedule_preempt_disabled+0x13/0x30
[  379.709681][   T31]  __mutex_lock+0x7e6/0x1360
[  379.714912][   T31]  ? __mutex_lock+0x5b6/0x1360
[  379.719716][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  379.726657][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  379.732714][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  379.738462][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  379.744533][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[  379.750597][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  379.756671][   T31]  process_scheduled_works+0xade/0x17b0
[  379.762900][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  379.768907][   T31]  worker_thread+0x8a0/0xda0
[  379.773765][   T31]  ? __kthread_parkme+0x7b/0x200
[  379.778719][   T31]  kthread+0x70e/0x8a0
[  379.782867][   T31]  ? __pfx_worker_thread+0x10/0x10
[  379.787968][   T31]  ? __pfx_kthread+0x10/0x10
[  379.792747][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  379.797955][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  379.803496][   T31]  ? __pfx_kthread+0x10/0x10
[  379.808174][   T31]  ret_from_fork+0x3fc/0x770
[  379.813155][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  379.818284][   T31]  ? __switch_to_asm+0x39/0x70
[  379.823705][   T31]  ? __switch_to_asm+0x33/0x70
[  379.828539][   T31]  ? __pfx_kthread+0x10/0x10
[  379.833461][   T31]  ret_from_fork_asm+0x1a/0x30
[  379.838236][   T31]  </TASK>
[  379.841274][   T31] INFO: task syz.3.1730:11496 blocked for more than 143 seconds.
[  379.849664][   T31]       Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0
[  379.857574][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  379.866653][   T31] task:syz.3.1730      state:D stack:25384 pid:11496 tgid:11495 ppid:5865   task_flags:0x400140 flags:0x00004004
[  379.878882][   T31] Call Trace:
[  379.882931][   T31]  <TASK>
[  379.885879][   T31]  __schedule+0x1798/0x4cc0
[  379.890379][   T31]  ? validate_chain+0x897/0x2140
[  379.896025][   T31]  ? __lock_acquire+0xab9/0xd20
[  379.900909][   T31]  ? __pfx___schedule+0x10/0x10
[  379.906229][   T31]  ? schedule+0x91/0x360
[  379.910467][   T31]  schedule+0x165/0x360
[  379.915188][   T31]  schedule_timeout+0x9a/0x270
[  379.919949][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  379.925692][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  379.930883][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  379.936376][   T31]  ? wait_for_completion+0x267/0x5d0
[  379.942251][   T31]  wait_for_completion+0x2bf/0x5d0
[  379.947474][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  379.953406][   T31]  ? __flush_work+0xd2/0xbc0
[  379.958016][   T31]  ? __flush_work+0xd2/0xbc0
[  379.963002][   T31]  __flush_work+0x9b9/0xbc0
[  379.967510][   T31]  ? __flush_work+0xd2/0xbc0
[  379.973442][   T31]  ? __pfx___flush_work+0x10/0x10
[  379.978502][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[  379.984167][   T31]  ? __pfx___cancel_work+0x10/0x10
[  379.989280][   T31]  ? nfc_genl_device_removed+0x23c/0x330
[  379.995309][   T31]  __cancel_work_sync+0xbe/0x110
[  380.000263][   T31]  rfkill_unregister+0x92/0x220
[  380.005495][   T31]  nfc_unregister_device+0x96/0x2a0
[  380.010710][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  380.016856][   T31]  virtual_ncidev_close+0x56/0x90
[  380.022506][   T31]  __fput+0x44c/0xa70
[  380.026597][   T31]  fput_close_sync+0x119/0x200
[  380.031393][   T31]  ? __pfx_fput_close_sync+0x10/0x10
[  380.037000][   T31]  __x64_sys_close+0x7f/0x110
[  380.042302][   T31]  do_syscall_64+0xfa/0x3b0
[  380.046839][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  380.052603][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.058706][   T31]  ? clear_bhb_loop+0x60/0xb0
[  380.063568][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.069524][   T31] RIP: 0033:0x7f743898ebe9
[  380.074012][   T31] RSP: 002b:00007f7436bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  380.082789][   T31] RAX: ffffffffffffffda RBX: 00007f7438bb5fa0 RCX: 00007f743898ebe9
[  380.090752][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  380.099109][   T31] RBP: 00007f7438a11e19 R08: 0000000000000000 R09: 0000000000000000
[  380.107543][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  380.115972][   T31] R13: 00007f7438bb6038 R14: 00007f7438bb5fa0 R15: 00007ffee2bd7d18
[  380.124365][   T31]  </TASK>
[  380.127426][   T31] 
[  380.127426][   T31] Showing all locks held in the system:
[  380.137261][   T31] 1 lock held by ksoftirqd/0/15:
[  380.145776][   T31]  #0: ffff8880b8639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  380.156177][   T31] 1 lock held by khungtaskd/31:
[  380.161012][   T31]  #0: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  380.171314][   T31] 2 locks held by getty/5626:
[  380.176306][   T31]  #0: ffff88814db7d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  380.186415][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  380.196898][   T31] 1 lock held by udevd/5919:
[  380.201473][   T31]  #0: ffff888024fde358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  380.211232][   T31] 4 locks held by kworker/1:4/5935:
[  380.216884][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  380.228147][   T31]  #1: ffffc90004dffbc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  380.240920][   T31]  #2: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200
[  380.251220][   T31]  #3: ffff88806a9b9100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[  380.261233][   T31] 3 locks held by kworker/1:11/6668:
[  380.266840][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  380.278269][   T31]  #1: ffffc9000398fbc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  380.292115][   T31]  #2: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  380.304039][   T31] 1 lock held by syz.3.1730/11496:
[  380.309172][   T31]  #0: ffff88806a9b9100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[  380.319284][   T31] 3 locks held by syz.0.1790/11663:
[  380.325160][   T31]  #0: ffffffff8f599ff0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  380.334051][   T31]  #1: ffffffff8f599e08 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  380.343423][   T31]  #2: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.353950][   T31] 2 locks held by syz.1.1797/11685:
[  380.359133][   T31]  #0: ffffffff8f599ff0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  380.367600][   T31]  #1: ffffffff8f599e08 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  380.376684][   T31] 2 locks held by syz.2.1799/11694:
[  380.381897][   T31]  #0: ffffffff8f599ff0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  380.390106][   T31]  #1: ffffffff8f599e08 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  380.399395][   T31] 2 locks held by syz.2.1799/11695:
[  380.404870][   T31]  #0: ffffffff8f599ff0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  380.413722][   T31]  #1: ffffffff8f599e08 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  380.423019][   T31] 2 locks held by syz.4.1806/11711:
[  380.428201][   T31]  #0: ffffffff8f599ff0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  380.436768][   T31]  #1: ffffffff8f599e08 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  380.446019][   T31] 2 locks held by syz-executor/11714:
[  380.451372][   T31]  #0: ffff888032320918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.462020][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.472271][   T31] 2 locks held by syz-executor/11723:
[  380.477624][   T31]  #0: ffff88807d69b118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.487962][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.498167][   T31] 2 locks held by syz-executor/11724:
[  380.503885][   T31]  #0: ffff88807d69e918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.514464][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.524789][   T31] 2 locks held by syz-executor/11726:
[  380.530145][   T31]  #0: ffff8880269d3918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.540564][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.550974][   T31] 2 locks held by syz-executor/11728:
[  380.556657][   T31]  #0: ffff888027d65918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.567035][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.577708][   T31] 2 locks held by syz-executor/11730:
[  380.583455][   T31]  #0: ffff8880695cf918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.593805][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.604402][   T31] 2 locks held by syz-executor/11733:
[  380.609776][   T31]  #0: ffff888055eca118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.620238][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.630912][   T31] 2 locks held by syz-executor/11734:
[  380.636585][   T31]  #0: ffff88807aba0918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.646927][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.657240][   T31] 2 locks held by syz-executor/11736:
[  380.662820][   T31]  #0: ffff888055ab9918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.672936][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.683125][   T31] 2 locks held by syz-executor/11738:
[  380.688500][   T31]  #0: ffff88807a476918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.698815][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.709109][   T31] 2 locks held by syz-executor/11740:
[  380.714788][   T31]  #0: ffff888057ec4118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.725151][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.735378][   T31] 2 locks held by syz-executor/11743:
[  380.740827][   T31]  #0: ffff88806a4f2118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.751505][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.762102][   T31] 2 locks held by syz-executor/11744:
[  380.767493][   T31]  #0: ffff88806a4f1118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.778152][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.788441][   T31] 2 locks held by syz-executor/11746:
[  380.794537][   T31]  #0: ffff88807d2c1918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  380.805002][   T31]  #1: ffffffff8f80e528 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  380.815230][   T31] 
[  380.817556][   T31] =============================================
[  380.817556][   T31] 
[  380.826360][   T31] NMI backtrace for cpu 0
[  380.826381][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  380.826393][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  380.826400][   T31] Call Trace:
[  380.826405][   T31]  <TASK>
[  380.826411][   T31]  dump_stack_lvl+0x189/0x250
[  380.826430][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  380.826443][   T31]  ? __pfx__printk+0x10/0x10
[  380.826463][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  380.826477][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  380.826490][   T31]  ? __pfx__printk+0x10/0x10
[  380.826508][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  380.826525][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  380.826539][   T31]  watchdog+0xf93/0xfe0
[  380.826556][   T31]  ? watchdog+0x1de/0xfe0
[  380.826573][   T31]  kthread+0x70e/0x8a0
[  380.826587][   T31]  ? __pfx_watchdog+0x10/0x10
[  380.826601][   T31]  ? __pfx_kthread+0x10/0x10
[  380.826614][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  380.826626][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  380.826638][   T31]  ? __pfx_kthread+0x10/0x10
[  380.826652][   T31]  ret_from_fork+0x3fc/0x770
[  380.826664][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  380.826678][   T31]  ? __switch_to_asm+0x39/0x70
[  380.826691][   T31]  ? __switch_to_asm+0x33/0x70
[  380.826703][   T31]  ? __pfx_kthread+0x10/0x10
[  380.826716][   T31]  ret_from_fork_asm+0x1a/0x30
[  380.826737][   T31]  </TASK>
[  380.826741][   T31] Sending NMI from CPU 0 to CPUs 1:
[  380.978501][    C1] NMI backtrace for cpu 1
[  380.978519][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  380.978538][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  380.978549][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  380.978575][    C1] Code: 13 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 53 77 0f 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  380.978591][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c2
[  380.978606][    C1] RAX: fa03d107a38d1800 RBX: ffffffff81968308 RCX: fa03d107a38d1800
[  380.978619][    C1] RDX: 0000000000000001 RSI: ffffffff8d9b49fa RDI: ffffffff8be32680
[  380.978631][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f9b R09: 1ffff110170e65f3
[  380.978643][    C1] R10: dffffc0000000000 R11: ffffed10170e65f4 R12: ffffffff8fa34730
[  380.978655][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110039d5b40
[  380.978666][    C1] FS:  0000000000000000(0000) GS:ffff888125d21000(0000) knlGS:0000000000000000
[  380.978679][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  380.978690][    C1] CR2: 000056174f4d2000 CR3: 000000000df36000 CR4: 00000000003526f0
[  380.978705][    C1] Call Trace:
[  380.978713][    C1]  <TASK>
[  380.978720][    C1]  default_idle+0x13/0x20
[  380.978741][    C1]  default_idle_call+0x74/0xb0
[  380.978771][    C1]  do_idle+0x1e8/0x510
[  380.978790][    C1]  ? __pfx_do_idle+0x10/0x10
[  380.978804][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  380.978831][    C1]  cpu_startup_entry+0x44/0x60
[  380.978846][    C1]  start_secondary+0x101/0x110
[  380.978868][    C1]  common_startup_64+0x13e/0x147
[  380.978895][    C1]  </TASK>
[  380.979563][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  381.153505][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-12108-gfdbe93b7f0f8 #0 PREEMPT(full) 
[  381.164944][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  381.174998][   T31] Call Trace:
[  381.178283][   T31]  <TASK>
[  381.181220][   T31]  dump_stack_lvl+0x99/0x250
[  381.185824][   T31]  ? __asan_memcpy+0x40/0x70
[  381.190435][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  381.195663][   T31]  ? __pfx__printk+0x10/0x10
[  381.200285][   T31]  vpanic+0x281/0x750
[  381.204267][   T31]  ? __pfx_vpanic+0x10/0x10
[  381.208759][   T31]  ? preempt_schedule+0xae/0xc0
[  381.213695][   T31]  ? preempt_schedule_common+0x83/0xd0
[  381.219146][   T31]  panic+0xb9/0xc0
[  381.222872][   T31]  ? __pfx_panic+0x10/0x10
[  381.227300][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  381.232673][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  381.238909][   T31]  watchdog+0xfd2/0xfe0
[  381.243062][   T31]  ? watchdog+0x1de/0xfe0
[  381.247384][   T31]  kthread+0x70e/0x8a0
[  381.251530][   T31]  ? __pfx_watchdog+0x10/0x10
[  381.256196][   T31]  ? __pfx_kthread+0x10/0x10
[  381.260777][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  381.265959][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  381.271143][   T31]  ? __pfx_kthread+0x10/0x10
[  381.275723][   T31]  ret_from_fork+0x3fc/0x770
[  381.280301][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  381.285400][   T31]  ? __switch_to_asm+0x39/0x70
[  381.290159][   T31]  ? __switch_to_asm+0x33/0x70
[  381.294908][   T31]  ? __pfx_kthread+0x10/0x10
[  381.299496][   T31]  ret_from_fork_asm+0x1a/0x30
[  381.304273][   T31]  </TASK>
[  381.307638][   T31] Kernel Offset: disabled
[  381.312031][   T31] Rebooting in 86400 seconds..