last executing test programs:

2.483487998s ago: executing program 0 (id=1285):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000007c0)={0x209d, 0x9, 0x2008, 0x7ffffff9}, 0x10)
write(r0, &(0x7f00000000c0)="1800000016005f0214fffffffffffff8070000000e0000", 0x17)

2.362768424s ago: executing program 0 (id=1288):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}, 0xfd}, {{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x4001}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/192, 0xc0}, {&(0x7f0000000d80)=""/246, 0xf6}, {&(0x7f0000000e80)=""/4067, 0xfe3}, {&(0x7f0000000940)=""/239, 0xef}], 0x4}, 0x80000003}], 0x4, 0x10100, 0x0)

1.740315669s ago: executing program 2 (id=1298):
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0400000000000000000000000000000500000000020000000000000802000000000000000000000a0300000000005f0061"], 0x0, 0x52}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.690348513s ago: executing program 3 (id=1300):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x200000}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f00000000c0), &(0x7f0000000240)=r0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, 0x0, 0x0}, 0x20)

1.575943512s ago: executing program 3 (id=1303):
unshare(0x20000400)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x400}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})
r1 = socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {0xf000, 0xffff}, {}, {0x6}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x4}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1.53052182s ago: executing program 2 (id=1304):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
sendmmsg(r0, &(0x7f0000003e00)=[{{&(0x7f00000002c0)=@can={0x1d, 0x0, 0xee}, 0x80, &(0x7f0000000340)=[{&(0x7f0000001640)="06910864e1", 0x5}, {0x0}], 0x2}}], 0x1, 0x8084)

1.454461041s ago: executing program 4 (id=1305):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="5400000010000100000000000020000000000000", @ANYRES32=0x0, @ANYBLOB="0c73040000000000140003006e657464657673696d300000"], 0x54}}, 0x0)

1.434516019s ago: executing program 3 (id=1306):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8)
sendto$inet6(r0, &(0x7f00000004c0)='W', 0x1, 0x4, &(0x7f0000000100)={0xa, 0x0, 0x3, @loopback, 0x8}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x31, 0x0, 0x0)

1.350583363s ago: executing program 0 (id=1307):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e9"], 0x66)
ioctl$SIOCSIFHWADDR(r0, 0x8b1b, &(0x7f0000000000)={'wlan1\x00'})

1.236504047s ago: executing program 4 (id=1309):
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e6400000000"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r6], 0x54}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@dellink={0x20, 0x11, 0x1, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, 0x8010, 0x602a1}}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.16928774s ago: executing program 0 (id=1310):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000004700)=""/4113, 0x1011}, {&(0x7f0000000300)=""/4088, 0xff8}], 0x2}, 0x40012022)

1.16906251s ago: executing program 2 (id=1311):
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'tunl0\x00', &(0x7f0000000180)={'sit0\x00', 0x0, 0x7800, 0x8000, 0x80000001, 0x5, {{0x5, 0x4, 0x3, 0x0, 0x14, 0x64, 0x0, 0x4, 0x29, 0x0, @empty, @loopback}}}})
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xa, 0x4)
sendto$packet(r0, &(0x7f0000000180)="0b036812e0ff64000200475400f6a13bb10000000800894f4820", 0x1fffe, 0x0, &(0x7f0000000140), 0x14)

1.073522007s ago: executing program 2 (id=1313):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x200000}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f00000000c0), &(0x7f0000000240)=r0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, 0x0, 0x0}, 0x20)

961.354942ms ago: executing program 2 (id=1314):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x60000009, 0x5979f5f9aa0e54f5, 0x0, 0x0, 0x0}, 0x50)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

769.811162ms ago: executing program 1 (id=1317):
r0 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

712.289118ms ago: executing program 4 (id=1318):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}}, 0x14}}, 0x8081)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9232f2b8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000200)="c67f0d7df9", 0x49}], 0x2)

711.111517ms ago: executing program 1 (id=1319):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x3c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x3c}}, 0x0)

597.357799ms ago: executing program 1 (id=1320):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, 0x0, 0x4800)

573.819423ms ago: executing program 1 (id=1321):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000012c0), r1)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NLBL_MGMT_A_DOMAIN={0xc, 0x1, '\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8800}, 0x40000)

470.340528ms ago: executing program 1 (id=1322):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000e80)=@raw={'raw\x00', 0x8, 0x3, 0xa50, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x9d8, 0xffffffff, 0xffffffff, 0x9d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x73, 0x0, 0x0, 0x45}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x43}}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1}}, [], [0x0, 0xffffffff, 0xff000000], 'wg1\x00', 'gre0\x00'}, 0x0, 0x888, 0x8b0, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x7fff, 0x1}, {0x8, 0x3}, {0xfffff7ec, 0x1}, {0xfff, 0xbd3626e1c8b1df09}, {0x5, 0x2}, {0xb34c, 0x3}, {0x2}, {0xe48b, 0x2}, {0x101, 0x2}, {0x5, 0x2}, {0x5}], [{0x400}, {0x6, 0x8001}, {0x401, 0x40}, {0x7fff}, {0xffffc1b1, 0x32de}, {0xfff, 0x8}, {0x2, 0x9}, {0x1, 0xbbca}, {0x83, 0x1}, {0x5, 0x7}, {0x3}], 0x1, 0x7}, {[{0x9, 0x3}, {0x6, 0x3}, {0x4, 0x3}, {0x1, 0x2}, {0x9, 0x1}, {0xfffffffa}, {0x0, 0x2}, {0x80000000, 0x3}, {0x80000001}, {0x8001, 0x2}, {0xff, 0x3}], [{0x7, 0x5}, {0x3, 0x6b6}, {0x4, 0x400}, {0x3}, {0x4, 0xfff}, {0x3ff, 0xe5d7}, {0x6, 0x3ff}, {0xa78, 0xffffffff}, {0xa9e1, 0x3}, {0x8, 0x1000}, {0xc7, 0xf385}], 0x6, 0x3}, {[{0x101, 0x2}, {0x9}, {0x3, 0x3}, {0x2, 0x3}, {0x48}, {0x9, 0x2}, {0x1, 0x2}, {0x7, 0x2}, {0x9}, {0x7, 0x1}, {0x0, 0x3}], [{0xfffffffb, 0x5}, {0x8, 0xa17}, {0x80, 0x4}, {0x8}, {0x3, 0x7}, {0x5e18, 0x7}, {0x4, 0x101}, {0x7, 0xfff}, {0xd, 0x7f}, {0x2, 0x2}, {0xfb3, 0xa94}], 0xb, 0x4}, {[{0x8, 0x1}, {0x4, 0x2}, {0x4e, 0xc781c4f1f9c1fa4f}, {0x8, 0x1}, {0x4e5, 0x2}, {0x3, 0x3}, {0x6, 0x1}, {0x7, 0x1}, {0x5, 0x2}, {0xfff}, {0x4}], [{0x9, 0x8001}, {0xffff, 0x4}, {0x7fff, 0xf}, {0x66d, 0x9}, {0x92, 0xb}, {0x3, 0x6}, {0x7, 0xfff}, {0x1, 0xff}, {0x1, 0x1}, {0x0, 0x8}, {0x1, 0xff}], 0xa}, {[{0x5, 0x2}, {0x7a3, 0x2}, {0x1, 0x3}, {0x100, 0x3}, {0x40}, {0x8d, 0x1}, {0x8, 0x3}, {0x9, 0x3}, {0x8, 0x2}, {0x1, 0x1}, {0x7}], [{0x854f, 0x6b}, {0x7, 0x7}, {0x6, 0x80}, {0x3, 0xffc00000}, {0x7}, {0x3, 0x6}, {0x2, 0xf17}, {0x25, 0x401}, {0x200, 0x84b}, {0x7fff, 0x80}, {0x3, 0x1}], 0x4, 0x8}, {[{0xc3d, 0x147d12363fe5c40a}, {0x64, 0x1}, {0xf, 0x3}, {0x5, 0x1}, {0x7fffffff, 0x2}, {0x5}, {0x2af0, 0x2}, {0x1bd6, 0x2}, {0x1, 0x2}, {0x7, 0x1}, {0x7, 0x2}], [{0x92b, 0x1ff}, {0x1, 0xf458}, {0x5, 0x3}, {0x84, 0x1}, {0xe923, 0x7fff}, {0x4, 0xe}, {0x3, 0x6}, {0xad3f, 0x59f}, {0x4, 0xfffffffc}, {0x6}, {0x5, 0x6f}], 0x9}, {[{0x8}, {0x2f, 0x1}, {0x7, 0x1}, {0x0, 0x2}, {0x3, 0x3}, {0x0, 0x1}, {0x1, 0x3}, {0x8, 0x3}, {0x7}, {0x2}, {0x2, 0x3}], [{0x101, 0x80000000}, {0x1, 0x9}, {0x40, 0xff}, {0x4, 0x2}, {0x5, 0x6}, {0x2, 0x5}, {0x0, 0x3}, {0xe, 0x5}, {0x6, 0x1ff}, {0xc, 0x7}, {0x1, 0x4}], 0xb, 0x7}, {[{0x8c, 0x1}, {0xd}, {0x10000, 0x2}, {0x8, 0x2}, {0x3, 0x3}, {0x0, 0x3}, {0x1ff, 0x1}, {}, {0xc, 0x1}, {0xf0f}, {0xf629}], [{0x4, 0x5}, {0x35f7, 0x1}, {0x401, 0xf6}, {0x94, 0xd16}, {0x8, 0x5}, {0x35, 0x4929}, {0x8001, 0x5}, {0x1000, 0x9}, {0x9f, 0x65}, {0x9, 0x4}, {0x9, 0xf0a9}], 0x1, 0x4}, {[{0x9, 0x1}, {0x9, 0x2}, {0x7, 0x1}, {0x4, 0x4adbb8db8b6f3087}, {0x3}, {0x3, 0x3}, {0x7ff}, {0x7, 0x1}, {0x10000, 0x3}, {0x0, 0x2}, {0x80000000, 0x1}], [{0xf767, 0x8}, {0xc, 0x5}, {0x9, 0x8}, {0x6, 0xb23}, {0x101, 0x4}, {0xfffffff7, 0xb98}, {0x10001, 0x8f}, {0x9, 0xa83}, {0xd, 0x1}, {0x4, 0xe00}, {0x7, 0x444}], 0x6, 0x4}, {[{0x2, 0x3}, {0x2}, {0x26914786, 0x3}, {0x3}, {0xd7f, 0x1}, {0x7fffffff}, {0xf}, {0x4, 0x2}, {0x8, 0x1}, {0x4, 0x3}, {0xe, 0x1}], [{0xb59, 0x6}, {0x4, 0x70c063f5}, {0x2, 0xfffffffe}, {0x5, 0x6}, {0x10000, 0x872}, {0x6, 0x8}, {0xffff, 0x7}, {0x7, 0x4}, {0x6, 0x10}, {0xfff, 0xa}, {0x81, 0x4}], 0xb, 0x4}, {[{0x200, 0x1}, {0x2, 0x3}, {0xa, 0x1}, {0x3ff, 0x1}, {0x7}, {0x1, 0x2}, {0x6, 0x3}, {0x7}, {0x92, 0x3}, {0x6, 0x1}, {0x7fffffff, 0x2}], [{0x3, 0xbbb9}, {0x4, 0x400}, {0xdec, 0x9}, {0x7, 0x1d}, {0x0, 0x9a}, {0x1, 0x7}, {0x1, 0xf580}, {0x4, 0x9f}, {0x2, 0x4}, {0x5, 0x7}, {0xfff, 0x1}], 0x5, 0x7}], 0x4, 0x1}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x8, 0xff}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0xab0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a72601"], 0x26c0}}, 0x4010)

421.323058ms ago: executing program 4 (id=1323):
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'tunl0\x00', &(0x7f0000000180)={'sit0\x00', 0x0, 0x7800, 0x8000, 0x80000001, 0x5, {{0x5, 0x4, 0x3, 0x0, 0x14, 0x64, 0x0, 0x4, 0x29, 0x0, @empty, @loopback}}}})
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xa, 0x4)
sendto$packet(r0, &(0x7f0000000180)="0b036812e0ff64000200475400f6a13bb10000000800894f4820", 0x1fffe, 0x0, &(0x7f0000000140), 0x14)

353.096672ms ago: executing program 3 (id=1324):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0xffffff92, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xe0000000, 0x5, 0xb7, 0x2, 0x1, 0x1, 0x4, 0x3, 0x1}}}}]}, 0x58}}, 0x4000)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtfilter={0x7c, 0x2c, 0xd2b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xb, 0xc}, {}, {0x2, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x7, 0x6, 0x0, 0x9, 0x401, 0x1000, 0x8a0, 0xd5, [{0x3, 0x1, 0x340c, 0x3}, {0x5, 0x9a7, 0x9, 0x2}, {0x5, 0x3, 0x4d}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xfff3, 0x5}}]}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x81}, 0x800)

307.83329ms ago: executing program 4 (id=1325):
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f00000006c0)={0x0, 'bridge0\x00', {0x101}, 0x2})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000900006440000008001b00000000000500100004"], 0x30}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x70bd25, 0xfffffffc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0x12}, {0xe, 0x10}}, [@TCA_RATE={0x2}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)

239.57506ms ago: executing program 0 (id=1326):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r0, 0x0, 0x0)

193.225499ms ago: executing program 3 (id=1327):
unshare(0x20000400)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x400}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})
r1 = socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {0xf000, 0xffff}, {}, {0x6}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x4}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

192.720562ms ago: executing program 1 (id=1328):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7be", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba12", 0x11}], 0x1}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/71, 0x47}], 0x1}, 0x0)

107.143622ms ago: executing program 3 (id=1329):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x34, r1, 0x431, 0x70bd2b, 0xfffffffd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x40)

45.642303ms ago: executing program 2 (id=1330):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000007b0000000000000000000004d30000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x94)

1.45276ms ago: executing program 0 (id=1331):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48}, 0x4800)

0s ago: executing program 4 (id=1332):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r0}, 0x10)
socket(0x2a, 0x2, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x20, r2, 0x9c3fa077fa966179, 0x70bd29, 0x0, {{0x7e}, {@void, @val={0xc, 0x99, {0x916d, 0x15}}}}}, 0x20}}, 0x4000054)

kernel console output (not intermixed with test programs):

4.179936][ T6714] netlink: 12 bytes leftover after parsing attributes in process `syz.0.245'.
[  104.232715][ T6708] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  104.403660][ T6709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.564949][ T6723] FAULT_INJECTION: forcing a failure.
[  104.564949][ T6723] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.594421][ T6723] CPU: 0 UID: 0 PID: 6723 Comm: syz.1.248 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  104.594448][ T6723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.594459][ T6723] Call Trace:
[  104.594465][ T6723]  <TASK>
[  104.594473][ T6723]  dump_stack_lvl+0x189/0x250
[  104.594502][ T6723]  ? __pfx____ratelimit+0x10/0x10
[  104.594523][ T6723]  ? __pfx_dump_stack_lvl+0x10/0x10
[  104.594547][ T6723]  ? __pfx__printk+0x10/0x10
[  104.594580][ T6723]  should_fail_ex+0x414/0x560
[  104.594604][ T6723]  _copy_to_user+0x31/0xb0
[  104.594621][ T6723]  simple_read_from_buffer+0xe1/0x170
[  104.594645][ T6723]  proc_fail_nth_read+0x1df/0x250
[  104.594669][ T6723]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  104.594693][ T6723]  ? rw_verify_area+0x258/0x650
[  104.594716][ T6723]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  104.594737][ T6723]  vfs_read+0x200/0x980
[  104.594767][ T6723]  ? __pfx___mutex_lock+0x10/0x10
[  104.594788][ T6723]  ? __pfx_vfs_read+0x10/0x10
[  104.594814][ T6723]  ? __fget_files+0x2a/0x420
[  104.594835][ T6723]  ? __fget_files+0x3a0/0x420
[  104.594852][ T6723]  ? __fget_files+0x2a/0x420
[  104.594880][ T6723]  ksys_read+0x145/0x250
[  104.594906][ T6723]  ? __pfx_ksys_read+0x10/0x10
[  104.594927][ T6723]  ? rcu_is_watching+0x15/0xb0
[  104.594954][ T6723]  ? do_syscall_64+0xbe/0x3b0
[  104.594978][ T6723]  do_syscall_64+0xfa/0x3b0
[  104.594996][ T6723]  ? lockdep_hardirqs_on+0x9c/0x150
[  104.595012][ T6723]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.595028][ T6723]  ? clear_bhb_loop+0x60/0xb0
[  104.595049][ T6723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.595065][ T6723] RIP: 0033:0x7f42f6f8d33c
[  104.595089][ T6723] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  104.595102][ T6723] RSP: 002b:00007f42f7eb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  104.595120][ T6723] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8d33c
[  104.595131][ T6723] RDX: 000000000000000f RSI: 00007f42f7eb70a0 RDI: 0000000000000005
[  104.595141][ T6723] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  104.595151][ T6723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.595161][ T6723] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  104.595188][ T6723]  </TASK>
[  104.891909][ T5919] IPVS: starting estimator thread 0...
[  104.986837][ T6737] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.997312][ T6734] IPVS: using max 28 ests per chain, 67200 per kthread
[  105.120156][ T6746] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  105.205914][ T6707] dummy0 speed is unknown, defaulting to 1000
[  105.476045][ T6756] FAULT_INJECTION: forcing a failure.
[  105.476045][ T6756] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.549126][ T6756] CPU: 0 UID: 0 PID: 6756 Comm: syz.1.259 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  105.549152][ T6756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.549162][ T6756] Call Trace:
[  105.549169][ T6756]  <TASK>
[  105.549176][ T6756]  dump_stack_lvl+0x189/0x250
[  105.549205][ T6756]  ? __pfx____ratelimit+0x10/0x10
[  105.549225][ T6756]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.549250][ T6756]  ? __pfx__printk+0x10/0x10
[  105.549268][ T6756]  ? __might_fault+0xb0/0x130
[  105.549295][ T6756]  should_fail_ex+0x414/0x560
[  105.549318][ T6756]  _copy_from_iter+0x1db/0x16f0
[  105.549344][ T6756]  ? rcu_is_watching+0x15/0xb0
[  105.549369][ T6756]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  105.549388][ T6756]  ? __pfx__copy_from_iter+0x10/0x10
[  105.549412][ T6756]  ? __build_skb_around+0x257/0x3e0
[  105.549436][ T6756]  ? netlink_sendmsg+0x642/0xb30
[  105.549455][ T6756]  ? skb_put+0x11b/0x210
[  105.549480][ T6756]  netlink_sendmsg+0x6b2/0xb30
[  105.549510][ T6756]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.549533][ T6756]  ? aa_sock_msg_perm+0x94/0x160
[  105.549556][ T6756]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  105.549575][ T6756]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.549597][ T6756]  __sock_sendmsg+0x219/0x270
[  105.549618][ T6756]  ____sys_sendmsg+0x52d/0x830
[  105.549646][ T6756]  ? __pfx_____sys_sendmsg+0x10/0x10
[  105.549678][ T6756]  ? import_iovec+0x74/0xa0
[  105.549698][ T6756]  ___sys_sendmsg+0x21f/0x2a0
[  105.549723][ T6756]  ? __pfx____sys_sendmsg+0x10/0x10
[  105.549795][ T6756]  ? __might_fault+0xb0/0x130
[  105.549815][ T6756]  __sys_sendmmsg+0x227/0x430
[  105.549844][ T6756]  ? __pfx___sys_sendmmsg+0x10/0x10
[  105.549864][ T6756]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  105.549910][ T6756]  ? ksys_write+0x22a/0x250
[  105.549928][ T6756]  ? __pfx_ksys_write+0x10/0x10
[  105.549941][ T6756]  ? rcu_is_watching+0x15/0xb0
[  105.549971][ T6756]  __x64_sys_sendmmsg+0xa0/0xc0
[  105.549996][ T6756]  do_syscall_64+0xfa/0x3b0
[  105.550014][ T6756]  ? lockdep_hardirqs_on+0x9c/0x150
[  105.550032][ T6756]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.550049][ T6756]  ? clear_bhb_loop+0x60/0xb0
[  105.550069][ T6756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.550086][ T6756] RIP: 0033:0x7f42f6f8e929
[  105.550101][ T6756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.550114][ T6756] RSP: 002b:00007f42f7eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  105.550133][ T6756] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8e929
[  105.550145][ T6756] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  105.550156][ T6756] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  105.550167][ T6756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  105.550177][ T6756] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  105.550204][ T6756]  </TASK>
[  106.332509][ T6768] netlink: 12 bytes leftover after parsing attributes in process `syz.4.265'.
[  106.343109][ T6768] tipc: Started in network mode
[  106.357991][ T6768] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  106.378082][ T6768] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[  106.393502][ T6768] tipc: Enabled bearer <udp:syz1>, priority 10
[  106.479708][ T6770] 8021q: adding VLAN 0 to HW filter on device bond3
[  106.499274][ T6714] dummy0 speed is unknown, defaulting to 1000
[  106.505082][ T6787] FAULT_INJECTION: forcing a failure.
[  106.505082][ T6787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.518927][ T6787] CPU: 0 UID: 0 PID: 6787 Comm: syz.4.268 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  106.518951][ T6787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.518961][ T6787] Call Trace:
[  106.518969][ T6787]  <TASK>
[  106.518976][ T6787]  dump_stack_lvl+0x189/0x250
[  106.519003][ T6787]  ? __pfx____ratelimit+0x10/0x10
[  106.519023][ T6787]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.519046][ T6787]  ? __pfx__printk+0x10/0x10
[  106.519063][ T6787]  ? __might_fault+0xb0/0x130
[  106.519088][ T6787]  should_fail_ex+0x414/0x560
[  106.519112][ T6787]  _copy_from_user+0x2d/0xb0
[  106.519128][ T6787]  ___sys_sendmsg+0x158/0x2a0
[  106.519155][ T6787]  ? __pfx____sys_sendmsg+0x10/0x10
[  106.519213][ T6787]  ? __fget_files+0x2a/0x420
[  106.519230][ T6787]  ? __fget_files+0x3a0/0x420
[  106.519259][ T6787]  __x64_sys_sendmsg+0x19b/0x260
[  106.519285][ T6787]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  106.519319][ T6787]  ? __pfx_ksys_write+0x10/0x10
[  106.519332][ T6787]  ? rcu_is_watching+0x15/0xb0
[  106.519362][ T6787]  ? do_syscall_64+0xbe/0x3b0
[  106.519385][ T6787]  do_syscall_64+0xfa/0x3b0
[  106.519403][ T6787]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.519422][ T6787]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.519437][ T6787]  ? clear_bhb_loop+0x60/0xb0
[  106.519458][ T6787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.519474][ T6787] RIP: 0033:0x7ff3e3f8e929
[  106.519490][ T6787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.519503][ T6787] RSP: 002b:00007ff3e4ecd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  106.519521][ T6787] RAX: ffffffffffffffda RBX: 00007ff3e41b5fa0 RCX: 00007ff3e3f8e929
[  106.519534][ T6787] RDX: 0000000020004010 RSI: 0000200000000280 RDI: 0000000000000003
[  106.519545][ T6787] RBP: 00007ff3e4ecd090 R08: 0000000000000000 R09: 0000000000000000
[  106.519556][ T6787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.519566][ T6787] R13: 0000000000000000 R14: 00007ff3e41b5fa0 R15: 00007fff786e1188
[  106.519593][ T6787]  </TASK>
[  106.910945][ T6791] netlink: 36 bytes leftover after parsing attributes in process `syz.4.270'.
[  106.920538][ T6791] netlink: 8 bytes leftover after parsing attributes in process `syz.4.270'.
[  106.988755][ T6793] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  107.342889][ T6799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.273'.
[  107.393895][  T924] tipc: Node number set to 1
[  107.444419][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.3.276'.
[  108.596306][ T6800] dummy0 speed is unknown, defaulting to 1000
[  108.731845][ T6840] netlink: 14 bytes leftover after parsing attributes in process `syz.0.289'.
[  108.754110][ T6841] netlink: 8 bytes leftover after parsing attributes in process `syz.2.288'.
[  108.779364][ T6843] bridge0: port 3(macvlan3) entered blocking state
[  108.786012][ T6843] bridge0: port 3(macvlan3) entered disabled state
[  108.825361][ T6843] macvlan3: entered allmulticast mode
[  108.883175][ T6843] bridge0: entered allmulticast mode
[  108.894255][ T6847] __nla_validate_parse: 1 callbacks suppressed
[  108.894273][ T6847] netlink: 4 bytes leftover after parsing attributes in process `syz.3.290'.
[  108.911058][ T6843] macvlan3: left allmulticast mode
[  108.916200][ T6843] bridge0: left allmulticast mode
[  108.995005][ T6846] ip6gretap0: entered promiscuous mode
[  109.013725][ T6848] netlink: 8 bytes leftover after parsing attributes in process `syz.2.291'.
[  109.048289][ T6846] ip6gretap0: left promiscuous mode
[  109.086631][ T6849] ip6tnl1: entered promiscuous mode
[  109.104062][ T6849] ip6tnl1: entered allmulticast mode
[  109.112778][ T6849] team0: Device ip6tnl1 is of different type
[  109.231823][ T6848] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  109.345792][ T5941] IPVS: starting estimator thread 0...
[  109.359136][ T6863] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  109.478434][ T6865] IPVS: using max 31 ests per chain, 74400 per kthread
[  110.138201][ T6886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.304'.
[  110.167235][ T6888] netlink: 24 bytes leftover after parsing attributes in process `syz.3.306'.
[  110.190948][ T6890] netlink: 4 bytes leftover after parsing attributes in process `syz.0.304'.
[  110.194771][ T6886] bridge0: port 1(macvlan3) entered blocking state
[  110.211073][ T6891] validate_nla: 2 callbacks suppressed
[  110.211090][ T6891] netlink: 'syz.2.305': attribute type 15 has an invalid length.
[  110.239168][ T6886] bridge0: port 1(macvlan3) entered disabled state
[  110.246255][ T6886] macvlan3: entered allmulticast mode
[  110.254902][ T6886] bridge0: entered allmulticast mode
[  110.271577][ T6886] macvlan3: left allmulticast mode
[  110.276726][ T6886] bridge0: left allmulticast mode
[  110.607266][ T6907] netlink: 64 bytes leftover after parsing attributes in process `syz.0.313'.
[  110.624734][ T6909] netlink: 44 bytes leftover after parsing attributes in process `syz.1.311'.
[  110.724718][ T6913] netlink: 'syz.2.312': attribute type 4 has an invalid length.
[  110.876404][ T6916] syz.3.317 uses obsolete (PF_INET,SOCK_PACKET)
[  110.906678][ T6918] netlink: 20 bytes leftover after parsing attributes in process `syz.0.315'.
[  110.994108][ T6918] netlink: 8 bytes leftover after parsing attributes in process `syz.0.315'.
[  110.994648][ T6923] netlink: 'syz.1.318': attribute type 15 has an invalid length.
[  111.096434][ T6929] FAULT_INJECTION: forcing a failure.
[  111.096434][ T6929] name failslab, interval 1, probability 0, space 0, times 0
[  111.141955][ T6929] CPU: 1 UID: 0 PID: 6929 Comm: syz.3.320 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  111.141980][ T6929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.141990][ T6929] Call Trace:
[  111.141997][ T6929]  <TASK>
[  111.142005][ T6929]  dump_stack_lvl+0x189/0x250
[  111.142035][ T6929]  ? __pfx____ratelimit+0x10/0x10
[  111.142055][ T6929]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.142079][ T6929]  ? __pfx__printk+0x10/0x10
[  111.142102][ T6929]  ? __pfx___might_resched+0x10/0x10
[  111.142131][ T6929]  should_fail_ex+0x414/0x560
[  111.142156][ T6929]  should_failslab+0xa8/0x100
[  111.142176][ T6929]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  111.142194][ T6929]  ? __alloc_skb+0x112/0x2d0
[  111.142219][ T6929]  __alloc_skb+0x112/0x2d0
[  111.142244][ T6929]  netlink_sendmsg+0x5c6/0xb30
[  111.142275][ T6929]  ? __pfx_netlink_sendmsg+0x10/0x10
[  111.142303][ T6929]  ? aa_sock_msg_perm+0x94/0x160
[  111.142325][ T6929]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  111.142346][ T6929]  ? __pfx_netlink_sendmsg+0x10/0x10
[  111.142367][ T6929]  __sock_sendmsg+0x219/0x270
[  111.142389][ T6929]  ____sys_sendmsg+0x505/0x830
[  111.142419][ T6929]  ? __pfx_____sys_sendmsg+0x10/0x10
[  111.142457][ T6929]  ? import_iovec+0x74/0xa0
[  111.142478][ T6929]  ___sys_sendmsg+0x21f/0x2a0
[  111.142504][ T6929]  ? __pfx____sys_sendmsg+0x10/0x10
[  111.142563][ T6929]  ? __fget_files+0x2a/0x420
[  111.142581][ T6929]  ? __fget_files+0x3a0/0x420
[  111.142610][ T6929]  __x64_sys_sendmsg+0x19b/0x260
[  111.142636][ T6929]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  111.142669][ T6929]  ? __pfx_ksys_write+0x10/0x10
[  111.142682][ T6929]  ? rcu_is_watching+0x15/0xb0
[  111.142711][ T6929]  ? do_syscall_64+0xbe/0x3b0
[  111.142735][ T6929]  do_syscall_64+0xfa/0x3b0
[  111.142753][ T6929]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.142771][ T6929]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.142788][ T6929]  ? clear_bhb_loop+0x60/0xb0
[  111.142809][ T6929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.142826][ T6929] RIP: 0033:0x7f4aee18e929
[  111.142842][ T6929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.142855][ T6929] RSP: 002b:00007f4aeef79038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  111.142874][ T6929] RAX: ffffffffffffffda RBX: 00007f4aee3b5fa0 RCX: 00007f4aee18e929
[  111.142886][ T6929] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  111.142897][ T6929] RBP: 00007f4aeef79090 R08: 0000000000000000 R09: 0000000000000000
[  111.142907][ T6929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.142917][ T6929] R13: 0000000000000000 R14: 00007f4aee3b5fa0 R15: 00007ffe4b33cd88
[  111.142945][ T6929]  </TASK>
[  111.557008][ T6933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  111.622250][ T6940] netlink: 12 bytes leftover after parsing attributes in process `syz.2.324'.
[  112.524200][ T6974] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  112.906659][ T7000] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  113.031702][ T7007] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  113.075007][ T7009] bridge0: entered promiscuous mode
[  113.094218][ T7009] bridge0: left promiscuous mode
[  113.197167][ T7014] FAULT_INJECTION: forcing a failure.
[  113.197167][ T7014] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  113.219023][ T7014] CPU: 1 UID: 0 PID: 7014 Comm: syz.2.353 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  113.219050][ T7014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  113.219060][ T7014] Call Trace:
[  113.219067][ T7014]  <TASK>
[  113.219075][ T7014]  dump_stack_lvl+0x189/0x250
[  113.219106][ T7014]  ? __pfx____ratelimit+0x10/0x10
[  113.219126][ T7014]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.219151][ T7014]  ? __pfx__printk+0x10/0x10
[  113.219172][ T7014]  ? fs_reclaim_acquire+0x7d/0x100
[  113.219202][ T7014]  should_fail_ex+0x414/0x560
[  113.219228][ T7014]  prepare_alloc_pages+0x213/0x610
[  113.219256][ T7014]  __alloc_frozen_pages_noprof+0x123/0x370
[  113.219290][ T7014]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  113.219330][ T7014]  alloc_pages_mpol+0x232/0x4a0
[  113.219354][ T7014]  alloc_pages_noprof+0xa9/0x190
[  113.219373][ T7014]  pte_alloc_one+0x21/0x170
[  113.219400][ T7014]  __pte_alloc+0x25/0x1a0
[  113.219425][ T7014]  __handle_mm_fault+0x4b8a/0x5620
[  113.219469][ T7014]  ? __pfx___handle_mm_fault+0x10/0x10
[  113.219514][ T7014]  ? __pfx___might_resched+0x10/0x10
[  113.219543][ T7014]  handle_mm_fault+0x40a/0x8e0
[  113.219579][ T7014]  __get_user_pages+0x1af4/0x30b0
[  113.219637][ T7014]  ? __pfx___get_user_pages+0x10/0x10
[  113.219660][ T7014]  ? __gup_longterm_locked+0xbf7/0x15b0
[  113.219682][ T7014]  ? down_read_killable+0x1d1/0x350
[  113.219709][ T7014]  __gup_longterm_locked+0xd66/0x15b0
[  113.219745][ T7014]  ? sanity_check_pinned_pages+0x11cf/0x12c0
[  113.219770][ T7014]  ? gup_fast_fallback+0x1afc/0x2260
[  113.219797][ T7014]  gup_fast_fallback+0x1cd4/0x2260
[  113.219857][ T7014]  ? __pfx_gup_fast_fallback+0x10/0x10
[  113.219889][ T7014]  ? rcu_is_watching+0x15/0xb0
[  113.219913][ T7014]  ? is_valid_gup_args+0x11f/0x200
[  113.219938][ T7014]  ? pin_user_pages_fast+0x4d/0xb0
[  113.219964][ T7014]  rds_info_getsockopt+0x1fb/0x470
[  113.219989][ T7014]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  113.220010][ T7014]  ? __might_fault+0xb0/0x130
[  113.220030][ T7014]  ? rds_getsockopt+0x2b4/0x500
[  113.220057][ T7014]  do_sock_getsockopt+0x35d/0x650
[  113.220084][ T7014]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  113.220105][ T7014]  ? do_syscall_64+0x40/0x3b0
[  113.220124][ T7014]  ? __fget_files+0x3a0/0x420
[  113.220141][ T7014]  ? __fget_files+0x2a/0x420
[  113.220166][ T7014]  __x64_sys_getsockopt+0x1a5/0x250
[  113.220188][ T7014]  ? do_syscall_64+0x40/0x3b0
[  113.220208][ T7014]  ? do_syscall_64+0x40/0x3b0
[  113.220231][ T7014]  do_syscall_64+0xfa/0x3b0
[  113.220248][ T7014]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.220273][ T7014]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.220290][ T7014]  ? clear_bhb_loop+0x60/0xb0
[  113.220312][ T7014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.220328][ T7014] RIP: 0033:0x7fac4118e929
[  113.220344][ T7014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.220358][ T7014] RSP: 002b:00007fac42060038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  113.220376][ T7014] RAX: ffffffffffffffda RBX: 00007fac413b5fa0 RCX: 00007fac4118e929
[  113.220388][ T7014] RDX: 0000000000002711 RSI: 0000200000000114 RDI: 0000000000000003
[  113.220399][ T7014] RBP: 00007fac42060090 R08: 0000200000000000 R09: 0000000000000000
[  113.220409][ T7014] R10: 0000200000c35fff R11: 0000000000000246 R12: 0000000000000001
[  113.220419][ T7014] R13: 0000000000000000 R14: 00007fac413b5fa0 R15: 00007ffdb3e0aa18
[  113.220447][ T7014]  </TASK>
[  113.737599][ T7019] geneve1: entered promiscuous mode
[  113.744021][ T7019] geneve1: entered allmulticast mode
[  113.755306][ T7021] netlink: 'syz.1.356': attribute type 13 has an invalid length.
[  113.763800][ T7021] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (6)
[  114.043992][ T7029] __nla_validate_parse: 37 callbacks suppressed
[  114.044011][ T7029] netlink: 16 bytes leftover after parsing attributes in process `syz.3.360'.
[  114.062230][ T7029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.360'.
[  114.093267][ T7033] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  114.170872][ T7037] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  114.189867][ T7038] netlink: 32 bytes leftover after parsing attributes in process `syz.2.361'.
[  114.414524][ T7049] netlink: 4 bytes leftover after parsing attributes in process `syz.2.364'.
[  114.661300][ T7055] Bluetooth: MGMT ver 1.23
[  114.697125][ T7059] ip6tnl1: entered promiscuous mode
[  114.725529][ T7059] ip6tnl1: entered allmulticast mode
[  114.751344][ T7059] team0: Device ip6tnl1 is of different type
[  114.752721][ T7060] netlink: 8 bytes leftover after parsing attributes in process `syz.3.368'.
[  114.815740][ T7060] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  115.095814][ T7069] netlink: 'syz.4.372': attribute type 11 has an invalid length.
[  115.385982][ T7074] netlink: 32 bytes leftover after parsing attributes in process `syz.1.374'.
[  115.456886][ T7072] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  115.710743][ T7080] netlink: 4 bytes leftover after parsing attributes in process `syz.1.376'.
[  115.765932][ T7085] netlink: 8 bytes leftover after parsing attributes in process `syz.3.378'.
[  116.611259][ T7124] netlink: 12 bytes leftover after parsing attributes in process `syz.3.393'.
[  116.835669][ T7136] netlink: 'syz.0.400': attribute type 15 has an invalid length.
[  116.976820][ T7140] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'.
[  117.044238][ T7140] bridge0: port 3(macvlan3) entered blocking state
[  117.079666][ T7140] bridge0: port 3(macvlan3) entered disabled state
[  117.098620][ T7140] macvlan3: entered allmulticast mode
[  117.120079][ T7140] bridge0: entered allmulticast mode
[  117.129289][ T7140] macvlan3: left allmulticast mode
[  117.139359][ T7140] bridge0: left allmulticast mode
[  117.371372][ T7161] FAULT_INJECTION: forcing a failure.
[  117.371372][ T7161] name failslab, interval 1, probability 0, space 0, times 0
[  117.391669][ T7161] CPU: 0 UID: 0 PID: 7161 Comm: syz.3.409 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  117.391696][ T7161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.391707][ T7161] Call Trace:
[  117.391714][ T7161]  <TASK>
[  117.391722][ T7161]  dump_stack_lvl+0x189/0x250
[  117.391753][ T7161]  ? __pfx____ratelimit+0x10/0x10
[  117.391773][ T7161]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.391797][ T7161]  ? __pfx__printk+0x10/0x10
[  117.391823][ T7161]  ? ref_tracker_alloc+0x318/0x460
[  117.391856][ T7161]  should_fail_ex+0x414/0x560
[  117.391882][ T7161]  should_failslab+0xa8/0x100
[  117.391903][ T7161]  kmem_cache_alloc_noprof+0x73/0x3c0
[  117.391927][ T7161]  ? skb_clone+0x212/0x3a0
[  117.391956][ T7161]  skb_clone+0x212/0x3a0
[  117.391997][ T7161]  __netlink_deliver_tap+0x404/0x850
[  117.392031][ T7161]  ? netlink_deliver_tap+0x2e/0x1b0
[  117.392053][ T7161]  netlink_deliver_tap+0x19c/0x1b0
[  117.392074][ T7161]  netlink_unicast+0x72f/0x8d0
[  117.392105][ T7161]  netlink_sendmsg+0x805/0xb30
[  117.392136][ T7161]  ? __pfx_netlink_sendmsg+0x10/0x10
[  117.392160][ T7161]  ? aa_sock_msg_perm+0x94/0x160
[  117.392184][ T7161]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  117.392205][ T7161]  ? __pfx_netlink_sendmsg+0x10/0x10
[  117.392226][ T7161]  __sock_sendmsg+0x219/0x270
[  117.392248][ T7161]  ____sys_sendmsg+0x505/0x830
[  117.392278][ T7161]  ? __pfx_____sys_sendmsg+0x10/0x10
[  117.392312][ T7161]  ? import_iovec+0x74/0xa0
[  117.392333][ T7161]  ___sys_sendmsg+0x21f/0x2a0
[  117.392359][ T7161]  ? __pfx____sys_sendmsg+0x10/0x10
[  117.392419][ T7161]  ? __fget_files+0x2a/0x420
[  117.392437][ T7161]  ? __fget_files+0x3a0/0x420
[  117.392467][ T7161]  __x64_sys_sendmsg+0x19b/0x260
[  117.392494][ T7161]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  117.392528][ T7161]  ? __pfx_ksys_write+0x10/0x10
[  117.392542][ T7161]  ? rcu_is_watching+0x15/0xb0
[  117.392572][ T7161]  ? do_syscall_64+0xbe/0x3b0
[  117.392594][ T7161]  do_syscall_64+0xfa/0x3b0
[  117.392612][ T7161]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.392631][ T7161]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.392648][ T7161]  ? clear_bhb_loop+0x60/0xb0
[  117.392669][ T7161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.392686][ T7161] RIP: 0033:0x7f4aee18e929
[  117.392703][ T7161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.392716][ T7161] RSP: 002b:00007f4aeef79038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  117.392735][ T7161] RAX: ffffffffffffffda RBX: 00007f4aee3b5fa0 RCX: 00007f4aee18e929
[  117.392748][ T7161] RDX: 0000000040000000 RSI: 0000200000000680 RDI: 0000000000000003
[  117.392759][ T7161] RBP: 00007f4aeef79090 R08: 0000000000000000 R09: 0000000000000000
[  117.392770][ T7161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.392780][ T7161] R13: 0000000000000000 R14: 00007f4aee3b5fa0 R15: 00007ffe4b33cd88
[  117.392809][ T7161]  </TASK>
[  117.761003][ T7169] netlink: 'syz.4.414': attribute type 15 has an invalid length.
[  118.546445][ T7208] netlink: 'syz.4.428': attribute type 15 has an invalid length.
[  118.729796][ T7212] ip6tnl1: entered promiscuous mode
[  118.735039][ T7212] ip6tnl1: entered allmulticast mode
[  118.800266][ T7212] team0: Device ip6tnl1 is of different type
[  118.844604][ T7217] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  118.912823][ T7219] tipc: Started in network mode
[  118.926186][ T7219] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  118.957106][ T7219] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[  118.985854][ T7219] tipc: Enabled bearer <udp:syz1>, priority 10
[  119.321791][ T7237] netlink: 'syz.4.439': attribute type 13 has an invalid length.
[  119.372827][ T7237] netlink: 'syz.4.439': attribute type 17 has an invalid length.
[  119.473729][ T7237] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  119.506990][ T7245] geneve1: entered promiscuous mode
[  119.522032][ T7245] geneve1: entered allmulticast mode
[  119.632802][ T7248] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  119.718484][ T7250] __nla_validate_parse: 9 callbacks suppressed
[  119.718500][ T7250] netlink: 28 bytes leftover after parsing attributes in process `syz.1.444'.
[  119.766451][ T7237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  119.823690][ T7253] netlink: 'syz.0.443': attribute type 15 has an invalid length.
[  119.876683][ T7255] netlink: 24 bytes leftover after parsing attributes in process `syz.2.446'.
[  119.899310][ T7237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  119.940167][ T7255] netlink: 24 bytes leftover after parsing attributes in process `syz.2.446'.
[  120.023494][ T7260] pimreg: entered allmulticast mode
[  120.107874][  T924] tipc: Node number set to 1
[  120.165241][ T7262] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  120.253541][ T7267] netlink: 48 bytes leftover after parsing attributes in process `syz.3.450'.
[  120.483247][ T7277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.453'.
[  120.491642][ T7279] openvswitch: netlink: IP tunnel dst address not specified
[  120.525508][ T7281] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  120.529734][ T7282] netlink: 36 bytes leftover after parsing attributes in process `syz.3.456'.
[  120.543896][ T7239] dummy0 speed is unknown, defaulting to 1000
[  120.567408][ T7282] netlink: 8 bytes leftover after parsing attributes in process `syz.3.456'.
[  120.743418][ T7237] syz.4.439 (7237) used greatest stack depth: 18832 bytes left
[  120.903649][ T7293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.455'.
[  120.982373][ T7298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.458'.
[  121.467579][ T7311] netlink: 'syz.1.463': attribute type 1 has an invalid length.
[  121.494621][ T7311] netlink: 208 bytes leftover after parsing attributes in process `syz.1.463'.
[  121.514059][ T7311] netlink: 'syz.1.463': attribute type 1 has an invalid length.
[  121.530222][ T7311] netlink: 'syz.1.463': attribute type 2 has an invalid length.
[  121.706861][ T7322] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  121.745648][ T7286] dummy0 speed is unknown, defaulting to 1000
[  121.963905][ T5919] IPVS: starting estimator thread 0...
[  121.993156][ T7326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  121.994035][ T7329] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  122.067801][ T7331] IPVS: using max 30 ests per chain, 72000 per kthread
[  122.902485][ T7363] ip6tnl1: entered promiscuous mode
[  122.931154][ T7363] ip6tnl1: entered allmulticast mode
[  122.939128][ T7363] team0: Device ip6tnl1 is of different type
[  122.995375][ T7369] netlink: 'syz.4.485': attribute type 10 has an invalid length.
[  123.014947][ T7367] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  123.040678][ T7369] team0: entered promiscuous mode
[  123.045736][ T7369] team_slave_0: entered promiscuous mode
[  123.068025][ T7369] team_slave_1: entered promiscuous mode
[  123.090919][ T7369] team0: entered allmulticast mode
[  123.096169][ T7369] team_slave_0: entered allmulticast mode
[  123.156814][ T7369] team_slave_1: entered allmulticast mode
[  123.165870][ T7369] bridge0: port 3(team0) entered blocking state
[  123.173971][ T7369] bridge0: port 3(team0) entered disabled state
[  123.186405][ T7369] bridge0: port 3(team0) entered blocking state
[  123.192843][ T7369] bridge0: port 3(team0) entered forwarding state
[  123.271961][ T7378] bridge0: port 3(macvlan0) entered blocking state
[  123.280501][ T7377] xt_CT: You must specify a L4 protocol and not use inversions on it
[  123.303387][ T7378] bridge0: port 3(macvlan0) entered disabled state
[  123.311546][ T7378] macvlan0: entered allmulticast mode
[  123.317079][ T7378] bridge0: entered allmulticast mode
[  123.331130][ T7378] macvlan0: left allmulticast mode
[  123.342942][ T7378] bridge0: left allmulticast mode
[  124.042812][ T7413] ip6tnl1: entered promiscuous mode
[  124.067863][ T7413] ip6tnl1: entered allmulticast mode
[  124.079767][ T7413] team0: Device ip6tnl1 is of different type
[  124.143405][ T7412] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  124.288273][ T7424] netlink: zone id is out of range
[  124.299128][ T7424] netlink: zone id is out of range
[  124.304880][ T7424] netlink: zone id is out of range
[  124.313214][ T7424] netlink: zone id is out of range
[  124.320285][ T7424] netlink: zone id is out of range
[  124.330148][ T7424] netlink: zone id is out of range
[  124.335405][ T7424] netlink: zone id is out of range
[  124.341143][ T7424] netlink: zone id is out of range
[  124.963841][ T7450] ip6tnl1: entered promiscuous mode
[  124.978788][ T7450] ip6tnl1: entered allmulticast mode
[  124.990280][ T7450] team0: Device ip6tnl1 is of different type
[  125.017552][ T7454] __nla_validate_parse: 13 callbacks suppressed
[  125.017569][ T7454] netlink: 8 bytes leftover after parsing attributes in process `syz.2.514'.
[  125.121142][ T7454] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  125.178871][ T7453] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  125.280087][ T7462] netlink: 52 bytes leftover after parsing attributes in process `syz.3.516'.
[  125.340776][ T7465] siw: device registration error -23
[  125.381997][ T7467] netlink: 'syz.4.518': attribute type 6 has an invalid length.
[  125.407983][ T7467] netlink: 20 bytes leftover after parsing attributes in process `syz.4.518'.
[  125.419664][ T7467] netlink: 4 bytes leftover after parsing attributes in process `syz.4.518'.
[  125.474982][ T7473] netlink: 12 bytes leftover after parsing attributes in process `syz.4.518'.
[  125.517105][ T7477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.521'.
[  125.660668][ T7483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.520'.
[  125.966024][ T7502] netlink: 20 bytes leftover after parsing attributes in process `syz.4.526'.
[  126.089159][ T7502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.526'.
[  126.188436][ T7511] ip6tnl1: entered promiscuous mode
[  126.193787][ T7511] ip6tnl1: entered allmulticast mode
[  126.203261][ T7511] team0: Device ip6tnl1 is of different type
[  126.236277][ T7513] netlink: 8 bytes leftover after parsing attributes in process `syz.4.527'.
[  126.251944][ T7513] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  126.949389][ T7550] netlink: 'syz.4.530': attribute type 13 has an invalid length.
[  126.998080][ T7550] netlink: 'syz.4.530': attribute type 17 has an invalid length.
[  127.171416][ T7550] net_ratelimit: 13 callbacks suppressed
[  127.171426][ T7550] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  127.310716][ T7550] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.466626][ T7565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.618172][ T7550] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.659995][ T7579] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  127.863306][ T7585] ip6tnl1: entered promiscuous mode
[  127.880134][ T7585] ip6tnl1: entered allmulticast mode
[  127.903641][ T7585] team0: Device ip6tnl1 is of different type
[  127.927179][ T7561] dummy0 speed is unknown, defaulting to 1000
[  127.927553][ T7587] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  128.263698][ T7600] tipc: Started in network mode
[  128.268839][ T7600] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  128.281135][ T7600] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  128.700392][ T7610] netlink: 'syz.1.545': attribute type 13 has an invalid length.
[  128.743903][ T7610] netlink: 'syz.1.545': attribute type 17 has an invalid length.
[  129.072752][ T7610] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  129.250031][ T7610] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.331775][ T7610] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.393544][ T7634] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  129.468069][ T7619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.663488][ T7643] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  129.814606][ T7607] dummy0 speed is unknown, defaulting to 1000
[  130.012955][ T7657] rdma_rxe: rxe_newlink: failed to add team0
[  130.350131][ T7671] __nla_validate_parse: 13 callbacks suppressed
[  130.350149][ T7671] netlink: 4 bytes leftover after parsing attributes in process `syz.2.567'.
[  130.818055][ T7688] netlink: 20 bytes leftover after parsing attributes in process `syz.1.572'.
[  130.932600][ T7688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.572'.
[  131.054875][ T7692] netlink: 'syz.4.573': attribute type 13 has an invalid length.
[  131.075908][ T7692] netlink: 'syz.4.573': attribute type 17 has an invalid length.
[  131.258353][ T7692] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  131.438342][ T7692] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.609259][ T7699] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.689771][ T7711] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  131.710410][ T7692] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.956780][ T7724] FAULT_INJECTION: forcing a failure.
[  131.956780][ T7724] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.018950][ T7724] CPU: 0 UID: 0 PID: 7724 Comm: syz.1.582 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  132.018975][ T7724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.018985][ T7724] Call Trace:
[  132.018992][ T7724]  <TASK>
[  132.019000][ T7724]  dump_stack_lvl+0x189/0x250
[  132.019029][ T7724]  ? __pfx____ratelimit+0x10/0x10
[  132.019048][ T7724]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.019072][ T7724]  ? __pfx__printk+0x10/0x10
[  132.019091][ T7724]  ? __might_fault+0xb0/0x130
[  132.019119][ T7724]  should_fail_ex+0x414/0x560
[  132.019152][ T7724]  _copy_from_user+0x2d/0xb0
[  132.019170][ T7724]  ___sys_sendmsg+0x158/0x2a0
[  132.019197][ T7724]  ? __pfx____sys_sendmsg+0x10/0x10
[  132.019260][ T7724]  ? __fget_files+0x2a/0x420
[  132.019277][ T7724]  ? __fget_files+0x3a0/0x420
[  132.019306][ T7724]  __sys_sendmmsg+0x227/0x430
[  132.019335][ T7724]  ? __pfx___sys_sendmmsg+0x10/0x10
[  132.019356][ T7724]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  132.019402][ T7724]  ? ksys_write+0x22a/0x250
[  132.019420][ T7724]  ? __pfx_ksys_write+0x10/0x10
[  132.019433][ T7724]  ? rcu_is_watching+0x15/0xb0
[  132.019464][ T7724]  __x64_sys_sendmmsg+0xa0/0xc0
[  132.019489][ T7724]  do_syscall_64+0xfa/0x3b0
[  132.019507][ T7724]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.019525][ T7724]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.019542][ T7724]  ? clear_bhb_loop+0x60/0xb0
[  132.019562][ T7724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.019579][ T7724] RIP: 0033:0x7f42f6f8e929
[  132.019594][ T7724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.019608][ T7724] RSP: 002b:00007f42f7eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  132.019626][ T7724] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8e929
[  132.019639][ T7724] RDX: 0000000000000001 RSI: 0000200000000740 RDI: 0000000000000003
[  132.019649][ T7724] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  132.019659][ T7724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.019669][ T7724] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  132.019697][ T7724]  </TASK>
[  132.267284][ T7728] ip6tnl1: entered promiscuous mode
[  132.273534][ T7728] ip6tnl1: entered allmulticast mode
[  132.280468][ T7728] team0: Device ip6tnl1 is of different type
[  132.318886][ T7734] netlink: 20 bytes leftover after parsing attributes in process `syz.3.585'.
[  132.349126][ T7735] netlink: 8 bytes leftover after parsing attributes in process `syz.2.581'.
[  132.369093][ T7736] FAULT_INJECTION: forcing a failure.
[  132.369093][ T7736] name failslab, interval 1, probability 0, space 0, times 0
[  132.408355][ T7736] CPU: 0 UID: 0 PID: 7736 Comm: syz.0.586 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  132.408379][ T7736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.408389][ T7736] Call Trace:
[  132.408396][ T7736]  <TASK>
[  132.408404][ T7736]  dump_stack_lvl+0x189/0x250
[  132.408433][ T7736]  ? __pfx____ratelimit+0x10/0x10
[  132.408453][ T7736]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.408478][ T7736]  ? __pfx__printk+0x10/0x10
[  132.408503][ T7736]  ? __pfx___might_resched+0x10/0x10
[  132.408526][ T7736]  ? fs_reclaim_acquire+0x7d/0x100
[  132.408551][ T7736]  should_fail_ex+0x414/0x560
[  132.408578][ T7736]  should_failslab+0xa8/0x100
[  132.408599][ T7736]  kmem_cache_alloc_noprof+0x73/0x3c0
[  132.408624][ T7736]  ? ep_insert+0x272/0x1a00
[  132.408653][ T7736]  ep_insert+0x272/0x1a00
[  132.408691][ T7736]  ? do_epoll_ctl+0x3c9/0xe90
[  132.408714][ T7736]  ? __pfx_ep_insert+0x10/0x10
[  132.408737][ T7736]  ? __pfx___mutex_lock+0x10/0x10
[  132.408757][ T7736]  ? __fget_files+0x2a/0x420
[  132.408778][ T7736]  ? __fget_files+0x2a/0x420
[  132.408795][ T7736]  ? __fget_files+0x3a0/0x420
[  132.408811][ T7736]  ? __fget_files+0x2a/0x420
[  132.408839][ T7736]  do_epoll_ctl+0x7f4/0xe90
[  132.408874][ T7736]  __x64_sys_epoll_ctl+0x163/0x1a0
[  132.408894][ T7736]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  132.408909][ T7736]  ? rcu_is_watching+0x15/0xb0
[  132.408939][ T7736]  ? do_syscall_64+0xbe/0x3b0
[  132.408963][ T7736]  do_syscall_64+0xfa/0x3b0
[  132.408981][ T7736]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.409000][ T7736]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.409017][ T7736]  ? clear_bhb_loop+0x60/0xb0
[  132.409038][ T7736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.409054][ T7736] RIP: 0033:0x7fcc8bb8e929
[  132.409070][ T7736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.409084][ T7736] RSP: 002b:00007fcc8ca83038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  132.409109][ T7736] RAX: ffffffffffffffda RBX: 00007fcc8bdb6080 RCX: 00007fcc8bb8e929
[  132.409121][ T7736] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  132.409132][ T7736] RBP: 00007fcc8ca83090 R08: 0000000000000000 R09: 0000000000000000
[  132.409142][ T7736] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  132.409152][ T7736] R13: 0000000000000000 R14: 00007fcc8bdb6080 R15: 00007ffd85d32bb8
[  132.409182][ T7736]  </TASK>
[  132.718965][ T7735] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  132.740127][ T7707] dummy0 speed is unknown, defaulting to 1000
[  132.756300][ T7734] netlink: 8 bytes leftover after parsing attributes in process `syz.3.585'.
[  132.851558][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  133.018126][ T7745] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  133.053119][ T7751] bridge0: entered promiscuous mode
[  133.095986][ T7751] bridge0: left promiscuous mode
[  133.211351][ T7759] netlink: 52 bytes leftover after parsing attributes in process `syz.2.592'.
[  133.375657][ T7764] netlink: 8 bytes leftover after parsing attributes in process `syz.3.593'.
[  133.429032][ T7769] netlink: 4 bytes leftover after parsing attributes in process `syz.3.593'.
[  133.493952][ T7764] bridge0: port 3(macvlan0) entered blocking state
[  133.502762][ T7764] bridge0: port 3(macvlan0) entered disabled state
[  133.511871][ T7764] macvlan0: entered allmulticast mode
[  133.517434][ T7764] bridge0: entered allmulticast mode
[  133.534747][ T7764] macvlan0: left allmulticast mode
[  133.540155][ T7764] bridge0: left allmulticast mode
[  133.878647][ T7781] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  133.972128][ T7783] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  133.985692][ T7788] syz.4.603: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  133.988548][ T7786] netlink: 'syz.1.602': attribute type 13 has an invalid length.
[  134.009560][ T7788] CPU: 1 UID: 0 PID: 7788 Comm: syz.4.603 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  134.009584][ T7788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  134.009593][ T7788] Call Trace:
[  134.009599][ T7788]  <TASK>
[  134.009606][ T7788]  dump_stack_lvl+0x189/0x250
[  134.009639][ T7788]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.009664][ T7788]  ? __pfx__printk+0x10/0x10
[  134.009680][ T7788]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  134.009698][ T7788]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  134.009717][ T7788]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  134.009736][ T7788]  warn_alloc+0x214/0x310
[  134.009755][ T7788]  ? stack_depot_save_flags+0x429/0x900
[  134.009779][ T7788]  ? __pfx_warn_alloc+0x10/0x10
[  134.009798][ T7788]  ? kasan_save_track+0x4f/0x80
[  134.009821][ T7788]  ? xskq_create+0x56/0x170
[  134.009838][ T7788]  ? xsk_init_queue+0xb0/0x110
[  134.009853][ T7788]  ? xsk_setsockopt+0x43f/0x710
[  134.009866][ T7788]  ? do_sock_setsockopt+0x257/0x3e0
[  134.009886][ T7788]  ? __x64_sys_setsockopt+0x18b/0x220
[  134.009905][ T7788]  ? do_syscall_64+0xfa/0x3b0
[  134.009923][ T7788]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.009947][ T7788]  __vmalloc_node_range_noprof+0x125/0x12f0
[  134.010004][ T7788]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  134.010030][ T7788]  ? __kasan_kmalloc+0x93/0xb0
[  134.010049][ T7788]  vmalloc_user_noprof+0xad/0xf0
[  134.010066][ T7788]  ? xskq_create+0xbf/0x170
[  134.010085][ T7788]  xskq_create+0xbf/0x170
[  134.010105][ T7788]  xsk_init_queue+0xb0/0x110
[  134.010126][ T7788]  xsk_setsockopt+0x43f/0x710
[  134.010148][ T7788]  ? __pfx_xsk_setsockopt+0x10/0x10
[  134.010162][ T7788]  ? __lock_acquire+0xab9/0xd20
[  134.010194][ T7788]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  134.010213][ T7788]  ? __pfx_xsk_setsockopt+0x10/0x10
[  134.010230][ T7788]  do_sock_setsockopt+0x257/0x3e0
[  134.010255][ T7788]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  134.010280][ T7788]  ? __fget_files+0x2a/0x420
[  134.010307][ T7788]  __x64_sys_setsockopt+0x18b/0x220
[  134.010336][ T7788]  do_syscall_64+0xfa/0x3b0
[  134.010353][ T7788]  ? lockdep_hardirqs_on+0x9c/0x150
[  134.010372][ T7788]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.010387][ T7788]  ? clear_bhb_loop+0x60/0xb0
[  134.010408][ T7788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.010425][ T7788] RIP: 0033:0x7ff3e3f8e929
[  134.010440][ T7788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.010454][ T7788] RSP: 002b:00007ff3e4ecd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  134.010472][ T7788] RAX: ffffffffffffffda RBX: 00007ff3e41b5fa0 RCX: 00007ff3e3f8e929
[  134.010485][ T7788] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[  134.010495][ T7788] RBP: 00007ff3e4010b39 R08: 0000000000000004 R09: 0000000000000000
[  134.010505][ T7788] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  134.010516][ T7788] R13: 0000000000000000 R14: 00007ff3e41b5fa0 R15: 00007fff786e1188
[  134.010545][ T7788]  </TASK>
[  134.011303][ T7788] Mem-Info:
[  134.222715][ T7786] netlink: 'syz.1.602': attribute type 17 has an invalid length.
[  134.247908][ T7788] active_anon:5387 inactive_anon:0 isolated_anon:0
[  134.247908][ T7788]  active_file:1884 inactive_file:39848 isolated_file:0
[  134.247908][ T7788]  unevictable:768 dirty:458 writeback:0
[  134.247908][ T7788]  slab_reclaimable:10556 slab_unreclaimable:150442
[  134.247908][ T7788]  mapped:29785 shmem:1359 pagetables:1176
[  134.247908][ T7788]  sec_pagetables:0 bounce:0
[  134.247908][ T7788]  kernel_misc_reclaimable:0
[  134.247908][ T7788]  free:1279418 free_pcp:16443 free_cma:0
[  134.379518][ T7788] Node 0 active_anon:21548kB inactive_anon:0kB active_file:7536kB inactive_file:159188kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119140kB dirty:1832kB writeback:0kB shmem:3900kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12248kB pagetables:4556kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  134.414150][ T7788] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  134.467370][ T7788] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  134.511839][ T7793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  134.557281][ T7788] lowmem_reserve[]: 0 2500 2502 2502 2502
[  134.564216][ T7786] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  134.569511][ T7788] Node 0 DMA32 free:1201672kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:21400kB inactive_anon:0kB active_file:7536kB inactive_file:157348kB unevictable:1536kB writepending:1832kB present:3129332kB managed:2560932kB mlocked:0kB bounce:0kB free_pcp:37832kB local_pcp:17320kB free_cma:0kB
[  134.643653][ T7786] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  134.700686][ T7788] lowmem_reserve[]: 0 0 1 1 1
[  134.705455][ T7788] Node 0 Normal free:4kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1840kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  134.768055][ T7788] lowmem_reserve[]: 0 0 0 0 0
[  134.772869][ T7788] Node 1 Normal free:3896540kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:24032kB local_pcp:8352kB free_cma:0kB
[  134.805910][ T7786] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  134.821224][ T7788] lowmem_reserve[]: 0 0 0 0 0
[  134.825985][ T7788] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  134.840807][ T7788] Node 0 DMA32: 550*4kB (UME) 610*8kB (UME) 180*16kB (UME) 361*32kB (UME) 199*64kB (UME) 111*128kB (UME) 62*256kB (UME) 41*512kB (UME) 14*1024kB (UME) 4*2048kB (UME) 267*4096kB (UM) = 1201480kB
[  134.860647][ T7788] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  134.873896][ T7788] Node 1 Normal: 209*4kB (UE) 37*8kB (UME) 35*16kB (UME) 48*32kB (UME) 23*64kB (UME) 5*128kB (UME) 4*256kB (UME) 4*512kB (UM) 1*1024kB (M) 0*2048kB 949*4096kB (ME) = 3896540kB
[  134.892189][ T7788] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  134.912324][ T7788] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB
[  134.930845][ T7788] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  134.950619][ T7788] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  134.973551][ T7788] 43087 total pagecache pages
[  134.981917][ T7788] 0 pages in swap cache
[  134.992225][ T7788] Free swap  = 124996kB
[  134.996403][ T7788] Total swap = 124996kB
[  135.014920][ T7788] 2097051 pages RAM
[  135.019557][ T7788] 0 pages HighMem/MovableOnly
[  135.024339][ T7788] 424712 pages reserved
[  135.042682][ T7788] 0 pages cma reserved
[  135.121869][ T7794] dummy0 speed is unknown, defaulting to 1000
[  135.186268][ T7803] netlink: 52 bytes leftover after parsing attributes in process `syz.4.605'.
[  135.275759][ T7805] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  135.747556][ T7831] netlink: 8 bytes leftover after parsing attributes in process `syz.4.616'.
[  135.808437][ T7833] netlink: 4 bytes leftover after parsing attributes in process `syz.4.616'.
[  135.962678][ T7831] bridge0: port 4(macvlan0) entered blocking state
[  135.971199][ T7831] bridge0: port 4(macvlan0) entered disabled state
[  135.991531][ T7831] macvlan0: entered allmulticast mode
[  136.006852][ T7831] bridge0: entered allmulticast mode
[  136.023104][ T7839] netlink: 8 bytes leftover after parsing attributes in process `syz.1.617'.
[  136.055964][ T7831] macvlan0: left allmulticast mode
[  136.068507][ T7831] bridge0: left allmulticast mode
[  136.196832][ T7838] ip6tnl1: entered promiscuous mode
[  136.210003][ T7838] ip6tnl1: entered allmulticast mode
[  136.226551][ T7838] team0: Device ip6tnl1 is of different type
[  136.356764][ T7839] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  136.414339][ T7844] ip6tnl2: entered promiscuous mode
[  136.449353][ T7844] ip6tnl2: entered allmulticast mode
[  136.466197][ T7844] team0: Device ip6tnl2 is up. Set it down before adding it as a team port
[  136.495730][ T7846] netlink: 8 bytes leftover after parsing attributes in process `syz.0.618'.
[  136.580535][ T7846] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  136.647392][ T7848] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  137.406942][ T7875] netlink: 4 bytes leftover after parsing attributes in process `syz.3.626'.
[  137.494660][ T7873] netlink: 'syz.0.627': attribute type 13 has an invalid length.
[  137.528115][ T7873] netlink: 'syz.0.627': attribute type 17 has an invalid length.
[  137.568803][ T7873] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  137.584365][ T7879] netlink: 8 bytes leftover after parsing attributes in process `syz.1.628'.
[  137.584387][ T7879] netlink: 4 bytes leftover after parsing attributes in process `syz.1.628'.
[  137.584411][ T7879] netlink: 'syz.1.628': attribute type 12 has an invalid length.
[  137.584434][ T7879] netlink: 'syz.1.628': attribute type 11 has an invalid length.
[  137.742576][ T7873] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.833306][ T7886] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.848873][ T7885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.629'.
[  137.919526][ T7885] bridge0: port 3(macvlan0) entered blocking state
[  137.934341][ T7873] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.952524][ T7888] netlink: 4 bytes leftover after parsing attributes in process `syz.1.629'.
[  137.974066][ T7885] bridge0: port 3(macvlan0) entered disabled state
[  137.983773][ T7885] macvlan0: entered allmulticast mode
[  138.080505][ T7885] bridge0: entered allmulticast mode
[  138.105531][ T7885] macvlan0: left allmulticast mode
[  138.120270][ T7885] bridge0: left allmulticast mode
[  138.454134][ T7876] dummy0 speed is unknown, defaulting to 1000
[  138.473444][ T7891] ip6gretap0: entered promiscuous mode
[  138.497387][ T7891] ip6gretap0: left promiscuous mode
[  139.046635][ T7913] netlink: 48 bytes leftover after parsing attributes in process `syz.4.635'.
[  139.592749][ T7934] ip6tnl1: entered promiscuous mode
[  139.617311][ T7934] ip6tnl1: entered allmulticast mode
[  139.690097][ T7934] team0: Device ip6tnl1 is of different type
[  139.789621][ T7939] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  139.851673][ T7936] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  140.325646][ T7956] netlink: 'syz.4.647': attribute type 12 has an invalid length.
[  140.385438][ T7955] netlink: 'syz.3.648': attribute type 13 has an invalid length.
[  140.401990][ T7955] netlink: 'syz.3.648': attribute type 17 has an invalid length.
[  140.723427][ T7955] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  140.832518][ T7963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  141.048640][ T7955] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  141.342965][ T7974] ip6gretap0: entered promiscuous mode
[  141.382950][ T7974] ip6gretap0: left promiscuous mode
[  141.630018][ T7960] dummy0 speed is unknown, defaulting to 1000
[  141.867108][ T7983] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  141.924055][ T7985] __nla_validate_parse: 3 callbacks suppressed
[  141.924074][ T7985] netlink: 8 bytes leftover after parsing attributes in process `syz.4.655'.
[  142.145818][ T7987] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  142.184622][ T7824] Set syz1 is full, maxelem 65536 reached
[  142.424754][ T7996] netlink: 48 bytes leftover after parsing attributes in process `syz.3.660'.
[  142.647581][ T8004] netlink: 52 bytes leftover after parsing attributes in process `syz.3.662'.
[  142.664569][ T8005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.661'.
[  142.885374][ T8007] bridge_slave_0: left allmulticast mode
[  142.909666][ T8007] bridge_slave_0: left promiscuous mode
[  142.933198][ T8007] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.971901][ T8007] bridge_slave_1: left allmulticast mode
[  142.993297][ T8007] bridge_slave_1: left promiscuous mode
[  143.020968][ T8007] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.050649][ T8007] bond0: (slave bond_slave_0): Releasing backup interface
[  143.072256][ T8007] bond0: (slave bond_slave_1): Releasing backup interface
[  143.132665][ T8007] team_slave_0: left promiscuous mode
[  143.162557][ T8007] team0: Port device team_slave_0 removed
[  143.183092][ T8007] team_slave_1: left promiscuous mode
[  143.203631][ T8007] team0: Port device team_slave_1 removed
[  143.218966][ T8007] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.245887][ T8007] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.256249][ T8007] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.417016][ T8033] ip6gretap0: entered promiscuous mode
[  143.459326][ T8033] ip6gretap0: left promiscuous mode
[  143.579544][ T8039] siw: device registration error -23
[  143.663299][ T8035] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  143.687566][ T8040] ip6tnl2: entered promiscuous mode
[  143.714531][ T8040] ip6tnl2: entered allmulticast mode
[  143.714676][ T8044] netlink: 8 bytes leftover after parsing attributes in process `syz.0.673'.
[  143.737288][ T8040] team0: Device ip6tnl2 is up. Set it down before adding it as a team port
[  143.992721][ T8046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  144.013363][ T8044] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  144.033139][ T8061] netlink: 4 bytes leftover after parsing attributes in process `syz.3.676'.
[  144.516969][ T5834] Bluetooth: hci4: link tx timeout
[  144.523532][ T5834] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  144.688073][ T8090] FAULT_INJECTION: forcing a failure.
[  144.688073][ T8090] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.796091][ T8090] CPU: 1 UID: 0 PID: 8090 Comm: syz.1.683 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  144.796119][ T8090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.796136][ T8090] Call Trace:
[  144.796143][ T8090]  <TASK>
[  144.796152][ T8090]  dump_stack_lvl+0x189/0x250
[  144.796181][ T8090]  ? __pfx____ratelimit+0x10/0x10
[  144.796202][ T8090]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.796226][ T8090]  ? __pfx__printk+0x10/0x10
[  144.796258][ T8090]  should_fail_ex+0x414/0x560
[  144.796284][ T8090]  _copy_to_user+0x31/0xb0
[  144.796304][ T8090]  btf_new_fd+0x562/0xc90
[  144.796322][ T8090]  ? apparmor_capable+0x137/0x1b0
[  144.796354][ T8090]  ? __pfx_btf_new_fd+0x10/0x10
[  144.796374][ T8090]  ? bpf_token_put+0x143/0x160
[  144.796395][ T8090]  ? bpf_btf_load+0x126/0x190
[  144.796421][ T8090]  __sys_bpf+0x635/0x860
[  144.796445][ T8090]  ? __pfx___sys_bpf+0x10/0x10
[  144.796480][ T8090]  ? ksys_write+0x22a/0x250
[  144.796499][ T8090]  ? __pfx_ksys_write+0x10/0x10
[  144.796523][ T8090]  __x64_sys_bpf+0x7c/0x90
[  144.796543][ T8090]  do_syscall_64+0xfa/0x3b0
[  144.796565][ T8090]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.796579][ T8090]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  144.796596][ T8090]  ? clear_bhb_loop+0x60/0xb0
[  144.796617][ T8090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.796633][ T8090] RIP: 0033:0x7f42f6f8e929
[  144.796649][ T8090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.796663][ T8090] RSP: 002b:00007f42f7eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  144.796682][ T8090] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8e929
[  144.796695][ T8090] RDX: 0000000000000028 RSI: 0000200000000140 RDI: 0000000000000012
[  144.796706][ T8090] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  144.796717][ T8090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.796727][ T8090] R13: 0000000000000001 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  144.796756][ T8090]  </TASK>
[  145.224247][ T8096] ip6gretap0: entered promiscuous mode
[  145.286316][ T8096] ip6gretap0: left promiscuous mode
[  145.302067][ T8101] netlink: 'syz.2.686': attribute type 13 has an invalid length.
[  145.327420][ T8101] netlink: 'syz.2.686': attribute type 17 has an invalid length.
[  145.369614][ T8095] netlink: 'syz.3.685': attribute type 13 has an invalid length.
[  145.403965][ T8095] netlink: 'syz.3.685': attribute type 17 has an invalid length.
[  145.451099][ T8101] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  145.560900][ T8095] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  145.647931][ T8113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.684770][ T8094] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.751552][ T8121] ip6tnl2: entered promiscuous mode
[  145.756797][ T8121] ip6tnl2: entered allmulticast mode
[  145.763279][ T8101] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.776391][ T8121] team0: Device ip6tnl2 is up. Set it down before adding it as a team port
[  145.789011][ T8124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.692'.
[  145.836428][ T8101] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.851865][ T8124] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  145.865475][ T5834] Bluetooth: hci4: link tx timeout
[  145.871967][ T5834] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  146.014013][ T8133] FAULT_INJECTION: forcing a failure.
[  146.014013][ T8133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.050741][ T8133] CPU: 0 UID: 0 PID: 8133 Comm: syz.1.696 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  146.050765][ T8133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.050775][ T8133] Call Trace:
[  146.050781][ T8133]  <TASK>
[  146.050789][ T8133]  dump_stack_lvl+0x189/0x250
[  146.050817][ T8133]  ? __pfx____ratelimit+0x10/0x10
[  146.050838][ T8133]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.050863][ T8133]  ? __pfx__printk+0x10/0x10
[  146.050893][ T8133]  should_fail_ex+0x414/0x560
[  146.050919][ T8133]  _copy_to_user+0x31/0xb0
[  146.050939][ T8133]  simple_read_from_buffer+0xe1/0x170
[  146.050963][ T8133]  proc_fail_nth_read+0x1df/0x250
[  146.050987][ T8133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.051015][ T8133]  ? rw_verify_area+0x258/0x650
[  146.051046][ T8133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.051067][ T8133]  vfs_read+0x200/0x980
[  146.051093][ T8133]  ? __pfx___mutex_lock+0x10/0x10
[  146.051111][ T8133]  ? __pfx_vfs_read+0x10/0x10
[  146.051132][ T8133]  ? __fget_files+0x2a/0x420
[  146.051151][ T8133]  ? __fget_files+0x3a0/0x420
[  146.051164][ T8133]  ? __fget_files+0x2a/0x420
[  146.051187][ T8133]  ksys_read+0x145/0x250
[  146.051209][ T8133]  ? __pfx_ksys_read+0x10/0x10
[  146.051227][ T8133]  ? fput+0xa0/0xd0
[  146.051247][ T8133]  ? do_syscall_64+0xbe/0x3b0
[  146.051267][ T8133]  do_syscall_64+0xfa/0x3b0
[  146.051282][ T8133]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.051297][ T8133]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.051311][ T8133]  ? clear_bhb_loop+0x60/0xb0
[  146.051328][ T8133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.051341][ T8133] RIP: 0033:0x7f42f6f8d33c
[  146.051355][ T8133] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  146.051367][ T8133] RSP: 002b:00007f42f7eb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  146.051382][ T8133] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8d33c
[  146.051393][ T8133] RDX: 000000000000000f RSI: 00007f42f7eb70a0 RDI: 0000000000000005
[  146.051402][ T8133] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  146.051410][ T8133] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  146.051419][ T8133] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  146.051443][ T8133]  </TASK>
[  146.531884][ T8152] ip6gretap0: entered promiscuous mode
[  146.540425][ T8152] ip6gretap0: left promiscuous mode
[  146.573942][ T8151] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  146.600078][ T5834] Bluetooth: hci4: command 0x0406 tx timeout
[  147.050536][ T8163] ip6tnl2: entered promiscuous mode
[  147.056091][ T8163] ip6tnl2: entered allmulticast mode
[  147.072160][ T8163] team0: Device ip6tnl2 is up. Set it down before adding it as a team port
[  147.090977][ T8164] netlink: 8 bytes leftover after parsing attributes in process `syz.0.707'.
[  147.155179][ T8164] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  147.356316][ T8171] netlink: 8 bytes leftover after parsing attributes in process `syz.3.709'.
[  147.398322][ T8171] netlink: 8 bytes leftover after parsing attributes in process `syz.3.709'.
[  147.479105][ T8176] netlink: 'syz.0.712': attribute type 12 has an invalid length.
[  147.498339][ T8176] netlink: 9472 bytes leftover after parsing attributes in process `syz.0.712'.
[  147.639988][ T8180] FAULT_INJECTION: forcing a failure.
[  147.639988][ T8180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.685606][ T8180] CPU: 1 UID: 0 PID: 8180 Comm: syz.1.713 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  147.685650][ T8180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  147.685659][ T8180] Call Trace:
[  147.685666][ T8180]  <TASK>
[  147.685674][ T8180]  dump_stack_lvl+0x189/0x250
[  147.685703][ T8180]  ? __pfx____ratelimit+0x10/0x10
[  147.685723][ T8180]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.685745][ T8180]  ? __pfx__printk+0x10/0x10
[  147.685775][ T8180]  should_fail_ex+0x414/0x560
[  147.685800][ T8180]  _copy_to_user+0x31/0xb0
[  147.685819][ T8180]  simple_read_from_buffer+0xe1/0x170
[  147.685842][ T8180]  proc_fail_nth_read+0x1df/0x250
[  147.685866][ T8180]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  147.685888][ T8180]  ? rw_verify_area+0x258/0x650
[  147.685919][ T8180]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  147.685940][ T8180]  vfs_read+0x200/0x980
[  147.685970][ T8180]  ? __pfx___mutex_lock+0x10/0x10
[  147.685991][ T8180]  ? __pfx_vfs_read+0x10/0x10
[  147.686017][ T8180]  ? __fget_files+0x2a/0x420
[  147.686040][ T8180]  ? __fget_files+0x3a0/0x420
[  147.686057][ T8180]  ? __fget_files+0x2a/0x420
[  147.686083][ T8180]  ksys_read+0x145/0x250
[  147.686103][ T8180]  ? __fget_files+0x3a0/0x420
[  147.686122][ T8180]  ? __pfx_ksys_read+0x10/0x10
[  147.686149][ T8180]  ? do_syscall_64+0xbe/0x3b0
[  147.686173][ T8180]  do_syscall_64+0xfa/0x3b0
[  147.686190][ T8180]  ? lockdep_hardirqs_on+0x9c/0x150
[  147.686209][ T8180]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.686227][ T8180]  ? clear_bhb_loop+0x60/0xb0
[  147.686249][ T8180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.686266][ T8180] RIP: 0033:0x7f42f6f8d33c
[  147.686281][ T8180] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  147.686295][ T8180] RSP: 002b:00007f42f7eb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  147.686314][ T8180] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8d33c
[  147.686328][ T8180] RDX: 000000000000000f RSI: 00007f42f7eb70a0 RDI: 0000000000000004
[  147.686338][ T8180] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  147.686348][ T8180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.686359][ T8180] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  147.686386][ T8180]  </TASK>
[  147.771271][ T8183] netlink: 'syz.2.714': attribute type 2 has an invalid length.
[  147.947754][ T8183] netlink: 24 bytes leftover after parsing attributes in process `syz.2.714'.
[  147.970695][   T13] wlan0: Trigger new scan to find an IBSS to join
[  148.647058][ T8197] netlink: 8 bytes leftover after parsing attributes in process `syz.4.719'.
[  148.720881][ T8197] bridge0: port 4(macvlan0) entered blocking state
[  148.727967][ T8197] bridge0: port 4(macvlan0) entered disabled state
[  148.734904][ T8197] macvlan0: entered allmulticast mode
[  148.747845][ T8197] bridge0: entered allmulticast mode
[  148.844228][ T8207] netlink: 4 bytes leftover after parsing attributes in process `syz.0.720'.
[  148.886658][ T8197] macvlan0: left allmulticast mode
[  148.892205][ T8197] bridge0: left allmulticast mode
[  148.944903][ T8173] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  148.963522][ T8171] dummy0 speed is unknown, defaulting to 1000
[  148.975047][ T8207] geneve2: entered promiscuous mode
[  148.989926][ T8207] geneve2: entered allmulticast mode
[  149.000540][   T13] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 42573 - 0
[  149.058047][   T13] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 42573 - 0
[  149.115775][   T13] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 42573 - 0
[  149.162249][   T13] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 42573 - 0
[  149.442528][ T8216] netlink: 308 bytes leftover after parsing attributes in process `syz.4.722'.
[  149.507530][ T8190] dummy0 speed is unknown, defaulting to 1000
[  149.783664][ T8221] netlink: 12 bytes leftover after parsing attributes in process `syz.2.725'.
[  149.803210][ T8221] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  149.883559][ T8224] netlink: 'syz.4.726': attribute type 13 has an invalid length.
[  149.914846][ T8224] netlink: 'syz.4.726': attribute type 17 has an invalid length.
[  149.966825][ T8224] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  150.181836][ T8227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.295999][ T8230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.381442][ T8227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.607250][ T8224] dummy0 speed is unknown, defaulting to 1000
[  150.918266][   T49] wlan0: Trigger new scan to find an IBSS to join
[  151.799870][ T7533] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.976669][ T8251] netlink: 12 bytes leftover after parsing attributes in process `syz.3.732'.
[  179.007955][ T8254] FAULT_INJECTION: forcing a failure.
[  179.007955][ T8254] name failslab, interval 1, probability 0, space 0, times 0
[  179.037834][ T8254] CPU: 0 UID: 0 PID: 8254 Comm: syz.1.730 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  179.037860][ T8254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  179.037895][ T8254] Call Trace:
[  179.037902][ T8254]  <TASK>
[  179.037910][ T8254]  dump_stack_lvl+0x189/0x250
[  179.037942][ T8254]  ? __pfx____ratelimit+0x10/0x10
[  179.037962][ T8254]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.037987][ T8254]  ? __pfx__printk+0x10/0x10
[  179.038013][ T8254]  ? __pfx___might_resched+0x10/0x10
[  179.038036][ T8254]  ? fs_reclaim_acquire+0x7d/0x100
[  179.038062][ T8254]  should_fail_ex+0x414/0x560
[  179.038090][ T8254]  should_failslab+0xa8/0x100
[  179.038111][ T8254]  __kmalloc_cache_noprof+0x70/0x3d0
[  179.038128][ T8254]  ? flow_indr_dev_setup_offload+0x255/0x670
[  179.038156][ T8254]  flow_indr_dev_setup_offload+0x255/0x670
[  179.038179][ T8254]  ? __pfx_tc_block_indr_cleanup+0x10/0x10
[  179.038206][ T8254]  tcf_block_offload_cmd+0x273/0x370
[  179.038237][ T8254]  ? __pfx_tcf_block_offload_cmd+0x10/0x10
[  179.038268][ T8254]  ? __pfx_down_write+0x10/0x10
[  179.038290][ T8254]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  179.038315][ T8254]  tcf_block_get_ext+0xfce/0x17d0
[  179.038339][ T8254]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  179.038368][ T8254]  tcf_block_get+0x67/0xa0
[  179.038387][ T8254]  ? __pfx_tcf_chain_head_change_dflt+0x10/0x10
[  179.038412][ T8254]  sfq_init+0xa0/0x2530
[  179.038443][ T8254]  ? __sock_sendmsg+0x219/0x270
[  179.038464][ T8254]  ? ____sys_sendmsg+0x505/0x830
[  179.038489][ T8254]  ? ___sys_sendmsg+0x21f/0x2a0
[  179.038509][ T8254]  ? __x64_sys_sendmsg+0x19b/0x260
[  179.038530][ T8254]  ? do_syscall_64+0xfa/0x3b0
[  179.038548][ T8254]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.038573][ T8254]  ? __raw_spin_lock_init+0x45/0x100
[  179.038597][ T8254]  ? qdisc_alloc+0x7a1/0xaa0
[  179.038622][ T8254]  ? __pfx_sfq_init+0x10/0x10
[  179.038644][ T8254]  qdisc_create+0x7ac/0xea0
[  179.038673][ T8254]  tc_modify_qdisc+0x1426/0x2010
[  179.038706][ T8254]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  179.038759][ T8254]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  179.038775][ T8254]  rtnetlink_rcv_msg+0x77c/0xb70
[  179.038801][ T8254]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  179.038820][ T8254]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  179.038838][ T8254]  ? ref_tracker_free+0x63a/0x7d0
[  179.038858][ T8254]  ? __copy_skb_header+0xa7/0x550
[  179.038889][ T8254]  ? __pfx_ref_tracker_free+0x10/0x10
[  179.038910][ T8254]  ? __skb_clone+0x63/0x7a0
[  179.038940][ T8254]  netlink_rcv_skb+0x208/0x470
[  179.038962][ T8254]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  179.038984][ T8254]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  179.039020][ T8254]  ? netlink_deliver_tap+0x2e/0x1b0
[  179.039039][ T8254]  ? netlink_deliver_tap+0x2e/0x1b0
[  179.039064][ T8254]  netlink_unicast+0x75b/0x8d0
[  179.039095][ T8254]  netlink_sendmsg+0x805/0xb30
[  179.039126][ T8254]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.039151][ T8254]  ? aa_sock_msg_perm+0x94/0x160
[  179.039174][ T8254]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  179.039195][ T8254]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.039218][ T8254]  __sock_sendmsg+0x219/0x270
[  179.039241][ T8254]  ____sys_sendmsg+0x505/0x830
[  179.039271][ T8254]  ? __pfx_____sys_sendmsg+0x10/0x10
[  179.039306][ T8254]  ? import_iovec+0x74/0xa0
[  179.039327][ T8254]  ___sys_sendmsg+0x21f/0x2a0
[  179.039354][ T8254]  ? __pfx____sys_sendmsg+0x10/0x10
[  179.039425][ T8254]  ? __fget_files+0x2a/0x420
[  179.039442][ T8254]  ? __fget_files+0x3a0/0x420
[  179.039473][ T8254]  __x64_sys_sendmsg+0x19b/0x260
[  179.039501][ T8254]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  179.039535][ T8254]  ? __pfx_ksys_write+0x10/0x10
[  179.039550][ T8254]  ? rcu_is_watching+0x15/0xb0
[  179.039580][ T8254]  ? do_syscall_64+0xbe/0x3b0
[  179.039605][ T8254]  do_syscall_64+0xfa/0x3b0
[  179.039623][ T8254]  ? lockdep_hardirqs_on+0x9c/0x150
[  179.039642][ T8254]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.039659][ T8254]  ? clear_bhb_loop+0x60/0xb0
[  179.039680][ T8254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.039697][ T8254] RIP: 0033:0x7f42f6f8e929
[  179.039714][ T8254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.039729][ T8254] RSP: 002b:00007f42f7eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.039748][ T8254] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8e929
[  179.039761][ T8254] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000004
[  179.039772][ T8254] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  179.039784][ T8254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  179.039794][ T8254] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  179.039825][ T8254]  </TASK>
[  179.631737][ T8266] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  179.910760][ T8260] dummy0 speed is unknown, defaulting to 1000
[  179.968716][ T8282] siw: device registration error -23
[  180.203941][ T8286] netlink: 'syz.0.739': attribute type 13 has an invalid length.
[  180.212155][ T8286] netlink: 'syz.0.739': attribute type 17 has an invalid length.
[  180.234520][ T8286] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  180.496891][ T8295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.601301][ T8295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.702355][ T8295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.947498][ T8303] netlink: 'syz.2.744': attribute type 13 has an invalid length.
[  180.967412][ T8303] netlink: 'syz.2.744': attribute type 17 has an invalid length.
[  180.985908][ T8305] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  181.033705][ T8303] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  181.055910][ T8286] dummy0 speed is unknown, defaulting to 1000
[  181.111628][ T8307] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  181.140119][ T8303] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  181.214562][ T8303] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  181.349817][ T8303] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  181.380314][ T8292] dummy0 speed is unknown, defaulting to 1000
[  181.385035][ T8315] netlink: 'syz.3.748': attribute type 10 has an invalid length.
[  181.416737][ T8315] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.748'.
[  181.761909][ T8319] netlink: 8 bytes leftover after parsing attributes in process `syz.0.750'.
[  181.793715][ T8319] bridge0: port 1(macvlan0) entered blocking state
[  181.801130][ T8319] bridge0: port 1(macvlan0) entered disabled state
[  181.810041][ T8319] macvlan0: entered allmulticast mode
[  181.816282][ T8319] bridge0: entered allmulticast mode
[  181.852421][ T8319] macvlan0: left allmulticast mode
[  181.857792][ T8319] bridge0: left allmulticast mode
[  182.213241][ T8308] dummy0 speed is unknown, defaulting to 1000
[  182.245615][ T8293] dummy0 speed is unknown, defaulting to 1000
[  182.733497][ T8335] bridge0: entered allmulticast mode
[  183.064006][ T8338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  183.143861][ T8342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.757'.
[  183.163081][ T8344] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  183.322430][ T8347] gretap0: entered promiscuous mode
[  183.386726][ T8347] gretap0: left promiscuous mode
[  183.742737][ T8352] ip6gretap0: entered promiscuous mode
[  183.772784][ T8352] ip6gretap0: left promiscuous mode
[  183.991070][ T8337] dummy0 speed is unknown, defaulting to 1000
[  184.038635][   T13] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  184.187513][ T8366] netlink: 56 bytes leftover after parsing attributes in process `syz.0.762'.
[  184.225422][ T8370] netlink: 52 bytes leftover after parsing attributes in process `syz.3.763'.
[  184.242956][ T8366] netlink: 212364 bytes leftover after parsing attributes in process `syz.0.762'.
[  184.260140][ T8366] openvswitch: netlink: Message has 5 unknown bytes.
[  184.672471][ T8373] netlink: 'syz.0.765': attribute type 13 has an invalid length.
[  184.711986][ T8373] netlink: 'syz.0.765': attribute type 17 has an invalid length.
[  184.795504][ T8373] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  184.828298][ T8384] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  184.849334][ T8384] batadv_slave_1: entered promiscuous mode
[  184.876840][ T8384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.768'.
[  184.896466][ T8356] dummy0 speed is unknown, defaulting to 1000
[  184.899008][ T8378] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  184.914194][ T8390] bond0: entered promiscuous mode
[  184.931641][ T8390] bond_slave_0: entered promiscuous mode
[  184.945697][ T8390] bond_slave_1: entered promiscuous mode
[  184.956676][ T8390] bond0: entered allmulticast mode
[  184.963369][ T8390] bond_slave_0: entered allmulticast mode
[  184.980736][ T8390] bond_slave_1: entered allmulticast mode
[  185.069439][ T8396] FAULT_INJECTION: forcing a failure.
[  185.069439][ T8396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.109284][ T8396] CPU: 0 UID: 0 PID: 8396 Comm: syz.3.771 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  185.109313][ T8396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  185.109323][ T8396] Call Trace:
[  185.109331][ T8396]  <TASK>
[  185.109339][ T8396]  dump_stack_lvl+0x189/0x250
[  185.109379][ T8396]  ? __pfx____ratelimit+0x10/0x10
[  185.109400][ T8396]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.109425][ T8396]  ? __pfx__printk+0x10/0x10
[  185.109458][ T8396]  should_fail_ex+0x414/0x560
[  185.109484][ T8396]  _copy_from_user+0x2d/0xb0
[  185.109502][ T8396]  __copy_msghdr+0x3c5/0x5b0
[  185.109531][ T8396]  ___sys_sendmsg+0x1a5/0x2a0
[  185.109557][ T8396]  ? __pfx____sys_sendmsg+0x10/0x10
[  185.109618][ T8396]  ? __fget_files+0x2a/0x420
[  185.109636][ T8396]  ? __fget_files+0x3a0/0x420
[  185.109666][ T8396]  __sys_sendmmsg+0x227/0x430
[  185.109695][ T8396]  ? __pfx___sys_sendmmsg+0x10/0x10
[  185.109716][ T8396]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  185.109765][ T8396]  ? ksys_write+0x22a/0x250
[  185.109783][ T8396]  ? __pfx_ksys_write+0x10/0x10
[  185.109796][ T8396]  ? rcu_is_watching+0x15/0xb0
[  185.109828][ T8396]  __x64_sys_sendmmsg+0xa0/0xc0
[  185.109854][ T8396]  do_syscall_64+0xfa/0x3b0
[  185.109873][ T8396]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.109891][ T8396]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.109908][ T8396]  ? clear_bhb_loop+0x60/0xb0
[  185.109930][ T8396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.109952][ T8396] RIP: 0033:0x7f4aee18e929
[  185.109972][ T8396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.109987][ T8396] RSP: 002b:00007f4aeef79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  185.110009][ T8396] RAX: ffffffffffffffda RBX: 00007f4aee3b5fa0 RCX: 00007f4aee18e929
[  185.110022][ T8396] RDX: 0000000000000001 RSI: 0000200000000740 RDI: 0000000000000003
[  185.110033][ T8396] RBP: 00007f4aeef79090 R08: 0000000000000000 R09: 0000000000000000
[  185.110044][ T8396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.110054][ T8396] R13: 0000000000000000 R14: 00007f4aee3b5fa0 R15: 00007ffe4b33cd88
[  185.110084][ T8396]  </TASK>
[  185.111145][ T8388] netlink: 12 bytes leftover after parsing attributes in process `syz.2.769'.
[  185.357980][ T8388] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  185.671392][ T8409] netlink: 52 bytes leftover after parsing attributes in process `syz.4.774'.
[  185.746502][ T8414] FAULT_INJECTION: forcing a failure.
[  185.746502][ T8414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.787378][ T8414] CPU: 0 UID: 0 PID: 8414 Comm: syz.2.776 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  185.787406][ T8414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  185.787418][ T8414] Call Trace:
[  185.787426][ T8414]  <TASK>
[  185.787434][ T8414]  dump_stack_lvl+0x189/0x250
[  185.787465][ T8414]  ? __pfx____ratelimit+0x10/0x10
[  185.787485][ T8414]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.787510][ T8414]  ? __pfx__printk+0x10/0x10
[  185.787530][ T8414]  ? __might_fault+0xb0/0x130
[  185.787558][ T8414]  should_fail_ex+0x414/0x560
[  185.787584][ T8414]  _copy_to_iter+0x575/0x16f0
[  185.787616][ T8414]  ? __pfx__copy_to_iter+0x10/0x10
[  185.787635][ T8414]  ? __skb_try_recv_from_queue+0x2b2/0x730
[  185.787665][ T8414]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  185.787696][ T8414]  __skb_datagram_iter+0xf8/0x990
[  185.787723][ T8414]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  185.787750][ T8414]  skb_copy_datagram_iter+0xc5/0x230
[  185.787771][ T8414]  netlink_recvmsg+0x2ab/0xa30
[  185.787803][ T8414]  ? __pfx_netlink_recvmsg+0x10/0x10
[  185.787829][ T8414]  ? __lock_acquire+0xab9/0xd20
[  185.787849][ T8414]  ? aa_sock_msg_perm+0x94/0x160
[  185.787872][ T8414]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  185.787895][ T8414]  ? __pfx_netlink_recvmsg+0x10/0x10
[  185.787917][ T8414]  sock_recvmsg_nosec+0x186/0x1c0
[  185.787941][ T8414]  ____sys_recvmsg+0x3aa/0x460
[  185.787970][ T8414]  ? __pfx_____sys_recvmsg+0x10/0x10
[  185.788009][ T8414]  ? import_iovec+0x74/0xa0
[  185.788030][ T8414]  ___sys_recvmsg+0x1b5/0x510
[  185.788061][ T8414]  ? __pfx____sys_recvmsg+0x10/0x10
[  185.788118][ T8414]  ? __might_fault+0xb0/0x130
[  185.788136][ T8414]  do_recvmmsg+0x307/0x770
[  185.788169][ T8414]  ? __pfx_do_recvmmsg+0x10/0x10
[  185.788215][ T8414]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  185.788254][ T8414]  __x64_sys_recvmmsg+0x190/0x240
[  185.788281][ T8414]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  185.788303][ T8414]  ? rcu_is_watching+0x15/0xb0
[  185.788334][ T8414]  ? do_syscall_64+0xbe/0x3b0
[  185.788359][ T8414]  do_syscall_64+0xfa/0x3b0
[  185.788376][ T8414]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.788395][ T8414]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.788412][ T8414]  ? clear_bhb_loop+0x60/0xb0
[  185.788434][ T8414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.788451][ T8414] RIP: 0033:0x7fac4118e929
[  185.788467][ T8414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.788482][ T8414] RSP: 002b:00007fac4203f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  185.788502][ T8414] RAX: ffffffffffffffda RBX: 00007fac413b6080 RCX: 00007fac4118e929
[  185.788515][ T8414] RDX: 0000000000000009 RSI: 0000200000000c80 RDI: 0000000000000003
[  185.788527][ T8414] RBP: 00007fac4203f090 R08: 0000000000000000 R09: 0000000000000000
[  185.788538][ T8414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  185.788549][ T8414] R13: 0000000000000001 R14: 00007fac413b6080 R15: 00007ffdb3e0aa18
[  185.788578][ T8414]  </TASK>
[  185.832881][ T8373] dummy0 speed is unknown, defaulting to 1000
[  185.846809][ T8416] netlink: 4 bytes leftover after parsing attributes in process `syz.3.775'.
[  186.653218][ T8438] sctp: [Deprecated]: syz.4.779 (pid 8438) Use of int in max_burst socket option.
[  186.653218][ T8438] Use struct sctp_assoc_value instead
[  186.685731][ T8441] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  186.700685][ T8440] IPVS: set_ctl: invalid protocol: 50 10.1.1.0:20003
[  186.753370][ T8445] siw: device registration error -23
[  186.882423][ T8451] sctp: [Deprecated]: syz.2.783 (pid 8451) Use of struct sctp_assoc_value in delayed_ack socket option.
[  186.882423][ T8451] Use struct sctp_sack_info instead
[  186.891716][ T8438] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  186.938650][ T8438] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.064972][ T8438] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  187.089040][ T8438] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.256230][ T8438] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  187.297380][ T8438] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.354392][ T8460] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (34)
[  187.450015][ T8438] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  187.469412][ T8438] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.511383][ T8465] netlink: 8 bytes leftover after parsing attributes in process `syz.1.788'.
[  187.635203][ T7535] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  187.646311][ T7535] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.688344][ T7524] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  187.703187][ T8473] netlink: 52 bytes leftover after parsing attributes in process `syz.1.790'.
[  187.712773][ T7524] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.761605][ T2219] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  187.803302][ T2219] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.876782][ T2219] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  187.926950][ T2219] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.168993][ T8496] FAULT_INJECTION: forcing a failure.
[  188.168993][ T8496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.204337][ T8491] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  188.212496][ T8496] CPU: 1 UID: 0 PID: 8496 Comm: syz.4.799 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  188.212522][ T8496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  188.212532][ T8496] Call Trace:
[  188.212539][ T8496]  <TASK>
[  188.212547][ T8496]  dump_stack_lvl+0x189/0x250
[  188.212577][ T8496]  ? __pfx____ratelimit+0x10/0x10
[  188.212597][ T8496]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.212622][ T8496]  ? __pfx__printk+0x10/0x10
[  188.212642][ T8496]  ? __might_fault+0xb0/0x130
[  188.212670][ T8496]  should_fail_ex+0x414/0x560
[  188.212697][ T8496]  _copy_from_iter+0x1db/0x16f0
[  188.212734][ T8496]  ? rcu_is_watching+0x15/0xb0
[  188.212759][ T8496]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  188.212780][ T8496]  ? __pfx__copy_from_iter+0x10/0x10
[  188.212805][ T8496]  ? __build_skb_around+0x257/0x3e0
[  188.212836][ T8496]  ? netlink_sendmsg+0x642/0xb30
[  188.212855][ T8496]  ? skb_put+0x11b/0x210
[  188.212881][ T8496]  netlink_sendmsg+0x6b2/0xb30
[  188.212911][ T8496]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.212934][ T8496]  ? aa_sock_msg_perm+0x94/0x160
[  188.212957][ T8496]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  188.212978][ T8496]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.212999][ T8496]  __sock_sendmsg+0x219/0x270
[  188.213021][ T8496]  ____sys_sendmsg+0x505/0x830
[  188.213051][ T8496]  ? __pfx_____sys_sendmsg+0x10/0x10
[  188.213084][ T8496]  ? import_iovec+0x74/0xa0
[  188.213104][ T8496]  ___sys_sendmsg+0x21f/0x2a0
[  188.213130][ T8496]  ? __pfx____sys_sendmsg+0x10/0x10
[  188.213191][ T8496]  ? __fget_files+0x2a/0x420
[  188.213209][ T8496]  ? __fget_files+0x3a0/0x420
[  188.213239][ T8496]  __x64_sys_sendmsg+0x19b/0x260
[  188.213265][ T8496]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  188.213300][ T8496]  ? __pfx_ksys_write+0x10/0x10
[  188.213314][ T8496]  ? rcu_is_watching+0x15/0xb0
[  188.213343][ T8496]  ? do_syscall_64+0xbe/0x3b0
[  188.213367][ T8496]  do_syscall_64+0xfa/0x3b0
[  188.213386][ T8496]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.213403][ T8496]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.213420][ T8496]  ? clear_bhb_loop+0x60/0xb0
[  188.213439][ T8496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.213454][ T8496] RIP: 0033:0x7ff3e3f8e929
[  188.213468][ T8496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.213481][ T8496] RSP: 002b:00007ff3e4ecd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  188.213499][ T8496] RAX: ffffffffffffffda RBX: 00007ff3e41b5fa0 RCX: 00007ff3e3f8e929
[  188.213510][ T8496] RDX: 0000000000000000 RSI: 0000200000001940 RDI: 0000000000000003
[  188.213520][ T8496] RBP: 00007ff3e4ecd090 R08: 0000000000000000 R09: 0000000000000000
[  188.213530][ T8496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.213540][ T8496] R13: 0000000000000000 R14: 00007ff3e41b5fa0 R15: 00007fff786e1188
[  188.213568][ T8496]  </TASK>
[  188.753970][ T8484] dummy0 speed is unknown, defaulting to 1000
[  188.768429][ T8510] FAULT_INJECTION: forcing a failure.
[  188.768429][ T8510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.830082][ T8510] CPU: 1 UID: 0 PID: 8510 Comm: syz.2.803 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  188.830111][ T8510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  188.830122][ T8510] Call Trace:
[  188.830129][ T8510]  <TASK>
[  188.830136][ T8510]  dump_stack_lvl+0x189/0x250
[  188.830167][ T8510]  ? __pfx____ratelimit+0x10/0x10
[  188.830188][ T8510]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.830212][ T8510]  ? __pfx__printk+0x10/0x10
[  188.830246][ T8510]  should_fail_ex+0x414/0x560
[  188.830272][ T8510]  _copy_from_user+0x2d/0xb0
[  188.830291][ T8510]  __copy_msghdr+0x3c5/0x5b0
[  188.830320][ T8510]  ___sys_sendmsg+0x1a5/0x2a0
[  188.830345][ T8510]  ? __pfx____sys_sendmsg+0x10/0x10
[  188.830407][ T8510]  ? __fget_files+0x2a/0x420
[  188.830425][ T8510]  ? __fget_files+0x3a0/0x420
[  188.830480][ T8510]  __sys_sendmmsg+0x227/0x430
[  188.830510][ T8510]  ? __pfx___sys_sendmmsg+0x10/0x10
[  188.830531][ T8510]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  188.830580][ T8510]  ? ksys_write+0x22a/0x250
[  188.830599][ T8510]  ? __pfx_ksys_write+0x10/0x10
[  188.830612][ T8510]  ? rcu_is_watching+0x15/0xb0
[  188.830644][ T8510]  __x64_sys_sendmmsg+0xa0/0xc0
[  188.830676][ T8510]  do_syscall_64+0xfa/0x3b0
[  188.830696][ T8510]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.830714][ T8510]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.830732][ T8510]  ? clear_bhb_loop+0x60/0xb0
[  188.830753][ T8510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.830775][ T8510] RIP: 0033:0x7fac4118e929
[  188.830791][ T8510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.830807][ T8510] RSP: 002b:00007fac42060038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  188.830826][ T8510] RAX: ffffffffffffffda RBX: 00007fac413b5fa0 RCX: 00007fac4118e929
[  188.830839][ T8510] RDX: 0000000000000002 RSI: 0000200000001500 RDI: 0000000000000003
[  188.830851][ T8510] RBP: 00007fac42060090 R08: 0000000000000000 R09: 0000000000000000
[  188.830861][ T8510] R10: 000000000600c802 R11: 0000000000000246 R12: 0000000000000001
[  188.830873][ T8510] R13: 0000000000000000 R14: 00007fac413b5fa0 R15: 00007ffdb3e0aa18
[  188.830900][ T8510]  </TASK>
[  189.120001][ T8513] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  189.135363][ T8513] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.314753][ T8520] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.435351][ T8527] netlink: 'syz.1.806': attribute type 34 has an invalid length.
[  189.445741][ T8529] netlink: 52 bytes leftover after parsing attributes in process `syz.2.805'.
[  189.481740][ T8528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.806'.
[  189.502505][ T8527] netlink: 8 bytes leftover after parsing attributes in process `syz.1.806'.
[  189.530589][ T8528] netlink: 48 bytes leftover after parsing attributes in process `syz.1.806'.
[  189.550131][ T8513] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  189.554792][ T8527] netlink: 48 bytes leftover after parsing attributes in process `syz.1.806'.
[  189.587520][ T8513] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.728532][ T8513] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  189.771804][ T8513] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.813653][ T8537] netlink: 'syz.2.809': attribute type 15 has an invalid length.
[  189.915744][ T8513] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  189.929712][ T8513] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.124576][ T8548] netlink: 8 bytes leftover after parsing attributes in process `syz.3.814'.
[  190.166188][ T8548] bridge0: port 3(macvlan0) entered blocking state
[  190.189101][ T8548] bridge0: port 3(macvlan0) entered disabled state
[  190.202174][ T8548] macvlan0: entered allmulticast mode
[  190.212646][ T8548] bridge0: entered allmulticast mode
[  190.241422][ T8548] macvlan0: left allmulticast mode
[  190.246576][ T8548] bridge0: left allmulticast mode
[  190.315104][ T8553] netlink: 16 bytes leftover after parsing attributes in process `syz.1.816'.
[  190.331048][ T8553] dvmrp8: entered allmulticast mode
[  190.339644][ T8552] dvmrp8: left allmulticast mode
[  190.471331][ T8560] xt_HMARK: spi-set and port-set can't be combined
[  190.488855][ T8560] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  190.616665][ T8566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.822'.
[  190.775741][ T8576] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.823'.
[  190.889268][ T8581] netlink: 4 bytes leftover after parsing attributes in process `syz.3.825'.
[  190.904165][ T8580] FAULT_INJECTION: forcing a failure.
[  190.904165][ T8580] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.933681][ T8580] CPU: 0 UID: 0 PID: 8580 Comm: syz.0.826 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  190.933708][ T8580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  190.933718][ T8580] Call Trace:
[  190.933726][ T8580]  <TASK>
[  190.933734][ T8580]  dump_stack_lvl+0x189/0x250
[  190.933763][ T8580]  ? __pfx____ratelimit+0x10/0x10
[  190.933783][ T8580]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.933807][ T8580]  ? __pfx__printk+0x10/0x10
[  190.933824][ T8580]  ? __might_fault+0xb0/0x130
[  190.933850][ T8580]  should_fail_ex+0x414/0x560
[  190.933875][ T8580]  _copy_from_user+0x2d/0xb0
[  190.933890][ T8580]  ___sys_sendmsg+0x158/0x2a0
[  190.933917][ T8580]  ? __pfx____sys_sendmsg+0x10/0x10
[  190.933968][ T8580]  ? __fget_files+0x2a/0x420
[  190.933984][ T8580]  ? __fget_files+0x3a0/0x420
[  190.934010][ T8580]  __x64_sys_sendmsg+0x19b/0x260
[  190.934037][ T8580]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  190.934069][ T8580]  ? __pfx_ksys_write+0x10/0x10
[  190.934083][ T8580]  ? rcu_is_watching+0x15/0xb0
[  190.934112][ T8580]  ? do_syscall_64+0xbe/0x3b0
[  190.934136][ T8580]  do_syscall_64+0xfa/0x3b0
[  190.934155][ T8580]  ? lockdep_hardirqs_on+0x9c/0x150
[  190.934174][ T8580]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.934191][ T8580]  ? clear_bhb_loop+0x60/0xb0
[  190.934211][ T8580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.934226][ T8580] RIP: 0033:0x7fcc8bb8e929
[  190.934242][ T8580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.934257][ T8580] RSP: 002b:00007fcc8caa4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.934277][ T8580] RAX: ffffffffffffffda RBX: 00007fcc8bdb5fa0 RCX: 00007fcc8bb8e929
[  190.934289][ T8580] RDX: 0000000000000040 RSI: 00002000005f5000 RDI: 0000000000000003
[  190.934300][ T8580] RBP: 00007fcc8caa4090 R08: 0000000000000000 R09: 0000000000000000
[  190.934311][ T8580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.934321][ T8580] R13: 0000000000000000 R14: 00007fcc8bdb5fa0 R15: 00007ffd85d32bb8
[  190.934350][ T8580]  </TASK>
[  191.343363][ T8587] FAULT_INJECTION: forcing a failure.
[  191.343363][ T8587] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.357095][ T8587] CPU: 1 UID: 0 PID: 8587 Comm: syz.1.830 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  191.357121][ T8587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  191.357140][ T8587] Call Trace:
[  191.357147][ T8587]  <TASK>
[  191.357155][ T8587]  dump_stack_lvl+0x189/0x250
[  191.357185][ T8587]  ? __pfx____ratelimit+0x10/0x10
[  191.357205][ T8587]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.357230][ T8587]  ? __pfx__printk+0x10/0x10
[  191.357250][ T8587]  ? __might_fault+0xb0/0x130
[  191.357279][ T8587]  should_fail_ex+0x414/0x560
[  191.357306][ T8587]  _copy_from_iter+0x1db/0x16f0
[  191.357333][ T8587]  ? rcu_is_watching+0x15/0xb0
[  191.357359][ T8587]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  191.357377][ T8587]  ? __pfx__copy_from_iter+0x10/0x10
[  191.357402][ T8587]  ? __build_skb_around+0x257/0x3e0
[  191.357427][ T8587]  ? netlink_sendmsg+0x642/0xb30
[  191.357447][ T8587]  ? skb_put+0x11b/0x210
[  191.357472][ T8587]  netlink_sendmsg+0x6b2/0xb30
[  191.357502][ T8587]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.357527][ T8587]  ? aa_sock_msg_perm+0x94/0x160
[  191.357549][ T8587]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  191.357570][ T8587]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.357591][ T8587]  __sock_sendmsg+0x219/0x270
[  191.357620][ T8587]  ____sys_sendmsg+0x505/0x830
[  191.357648][ T8587]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.357678][ T8587]  ? import_iovec+0x74/0xa0
[  191.357699][ T8587]  ___sys_sendmsg+0x21f/0x2a0
[  191.357724][ T8587]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.357780][ T8587]  ? __fget_files+0x2a/0x420
[  191.357798][ T8587]  ? __fget_files+0x3a0/0x420
[  191.357825][ T8587]  __x64_sys_sendmsg+0x19b/0x260
[  191.357852][ T8587]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  191.357885][ T8587]  ? __pfx_ksys_write+0x10/0x10
[  191.357899][ T8587]  ? rcu_is_watching+0x15/0xb0
[  191.357928][ T8587]  ? do_syscall_64+0xbe/0x3b0
[  191.357953][ T8587]  do_syscall_64+0xfa/0x3b0
[  191.357971][ T8587]  ? lockdep_hardirqs_on+0x9c/0x150
[  191.357990][ T8587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.358008][ T8587]  ? clear_bhb_loop+0x60/0xb0
[  191.358030][ T8587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.358047][ T8587] RIP: 0033:0x7f42f6f8e929
[  191.358062][ T8587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.358078][ T8587] RSP: 002b:00007f42f7eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.358096][ T8587] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8e929
[  191.358110][ T8587] RDX: 0000000020000000 RSI: 0000200000000100 RDI: 0000000000000003
[  191.358122][ T8587] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  191.358133][ T8587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.358144][ T8587] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  191.358173][ T8587]  </TASK>
[  192.423368][ T8627] FAULT_INJECTION: forcing a failure.
[  192.423368][ T8627] name failslab, interval 1, probability 0, space 0, times 0
[  192.474470][ T8627] CPU: 1 UID: 0 PID: 8627 Comm: syz.2.840 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  192.474499][ T8627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.474509][ T8627] Call Trace:
[  192.474516][ T8627]  <TASK>
[  192.474524][ T8627]  dump_stack_lvl+0x189/0x250
[  192.474563][ T8627]  ? __pfx____ratelimit+0x10/0x10
[  192.474583][ T8627]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.474609][ T8627]  ? __pfx__printk+0x10/0x10
[  192.474634][ T8627]  ? __pfx___might_resched+0x10/0x10
[  192.474657][ T8627]  ? fs_reclaim_acquire+0x7d/0x100
[  192.474685][ T8627]  should_fail_ex+0x414/0x560
[  192.474711][ T8627]  should_failslab+0xa8/0x100
[  192.474732][ T8627]  kmem_cache_alloc_noprof+0x73/0x3c0
[  192.474757][ T8627]  ? alloc_empty_file+0x55/0x1d0
[  192.474782][ T8627]  alloc_empty_file+0x55/0x1d0
[  192.474804][ T8627]  alloc_file_pseudo+0x13d/0x210
[  192.474828][ T8627]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  192.474860][ T8627]  anon_inode_getfd+0xca/0x1b0
[  192.474883][ T8627]  btf_new_fd+0x9a5/0xc90
[  192.474901][ T8627]  ? apparmor_capable+0x137/0x1b0
[  192.474934][ T8627]  ? __pfx_btf_new_fd+0x10/0x10
[  192.474954][ T8627]  ? bpf_token_put+0x143/0x160
[  192.474975][ T8627]  ? bpf_btf_load+0x126/0x190
[  192.475000][ T8627]  __sys_bpf+0x635/0x860
[  192.475025][ T8627]  ? __pfx___sys_bpf+0x10/0x10
[  192.475060][ T8627]  ? ksys_write+0x22a/0x250
[  192.475079][ T8627]  ? __pfx_ksys_write+0x10/0x10
[  192.475103][ T8627]  __x64_sys_bpf+0x7c/0x90
[  192.475124][ T8627]  do_syscall_64+0xfa/0x3b0
[  192.475143][ T8627]  ? lockdep_hardirqs_on+0x9c/0x150
[  192.475162][ T8627]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.475179][ T8627]  ? clear_bhb_loop+0x60/0xb0
[  192.475201][ T8627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.475218][ T8627] RIP: 0033:0x7fac4118e929
[  192.475234][ T8627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.475249][ T8627] RSP: 002b:00007fac42060038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  192.475268][ T8627] RAX: ffffffffffffffda RBX: 00007fac413b5fa0 RCX: 00007fac4118e929
[  192.475281][ T8627] RDX: 0000000000000028 RSI: 0000200000000240 RDI: 0000000000000012
[  192.475293][ T8627] RBP: 00007fac42060090 R08: 0000000000000000 R09: 0000000000000000
[  192.475304][ T8627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  192.475314][ T8627] R13: 0000000000000001 R14: 00007fac413b5fa0 R15: 00007ffdb3e0aa18
[  192.475343][ T8627]  </TASK>
[  192.837008][ T8635] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  192.906569][ T3430] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  192.926821][ T3430] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.004121][ T5150] Bluetooth: hci4: link tx timeout
[  193.011079][ T5150] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  193.121488][ T7535] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  193.145156][ T7535] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.173717][ T7535] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  193.185738][ T7535] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.280488][ T7535] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  193.307696][ T7535] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.645932][ T8672] FAULT_INJECTION: forcing a failure.
[  193.645932][ T8672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.660967][ T8672] CPU: 0 UID: 0 PID: 8672 Comm: syz.1.857 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  193.660993][ T8672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  193.661003][ T8672] Call Trace:
[  193.661010][ T8672]  <TASK>
[  193.661018][ T8672]  dump_stack_lvl+0x189/0x250
[  193.661047][ T8672]  ? __pfx____ratelimit+0x10/0x10
[  193.661067][ T8672]  ? __pfx_dump_stack_lvl+0x10/0x10
[  193.661090][ T8672]  ? __pfx__printk+0x10/0x10
[  193.661109][ T8672]  ? __might_fault+0xb0/0x130
[  193.661134][ T8672]  should_fail_ex+0x414/0x560
[  193.661160][ T8672]  _copy_from_iter+0x1db/0x16f0
[  193.661188][ T8672]  ? rcu_is_watching+0x15/0xb0
[  193.661212][ T8672]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  193.661230][ T8672]  ? __pfx__copy_from_iter+0x10/0x10
[  193.661254][ T8672]  ? __build_skb_around+0x257/0x3e0
[  193.661276][ T8672]  ? netlink_sendmsg+0x642/0xb30
[  193.661295][ T8672]  ? skb_put+0x11b/0x210
[  193.661319][ T8672]  netlink_sendmsg+0x6b2/0xb30
[  193.661348][ T8672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  193.661381][ T8672]  ? aa_sock_msg_perm+0x94/0x160
[  193.661404][ T8672]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  193.661424][ T8672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  193.661445][ T8672]  __sock_sendmsg+0x219/0x270
[  193.661468][ T8672]  ____sys_sendmsg+0x505/0x830
[  193.661493][ T8672]  ? __pfx_____sys_sendmsg+0x10/0x10
[  193.661525][ T8672]  ? import_iovec+0x74/0xa0
[  193.661545][ T8672]  ___sys_sendmsg+0x21f/0x2a0
[  193.661568][ T8672]  ? __pfx____sys_sendmsg+0x10/0x10
[  193.661627][ T8672]  ? __fget_files+0x2a/0x420
[  193.661645][ T8672]  ? __fget_files+0x3a0/0x420
[  193.661674][ T8672]  __x64_sys_sendmsg+0x19b/0x260
[  193.661701][ T8672]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  193.661734][ T8672]  ? __pfx_ksys_write+0x10/0x10
[  193.661748][ T8672]  ? rcu_is_watching+0x15/0xb0
[  193.661777][ T8672]  ? do_syscall_64+0xbe/0x3b0
[  193.661801][ T8672]  do_syscall_64+0xfa/0x3b0
[  193.661819][ T8672]  ? lockdep_hardirqs_on+0x9c/0x150
[  193.661838][ T8672]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.661855][ T8672]  ? clear_bhb_loop+0x60/0xb0
[  193.661876][ T8672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.661892][ T8672] RIP: 0033:0x7f42f6f8e929
[  193.661909][ T8672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.661923][ T8672] RSP: 002b:00007f42f7eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  193.661942][ T8672] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8e929
[  193.661955][ T8672] RDX: 0000000020000000 RSI: 0000200000000200 RDI: 0000000000000006
[  193.661967][ T8672] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  193.661978][ T8672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.661988][ T8672] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  193.662017][ T8672]  </TASK>
[  194.101587][ T5834] Bluetooth: hci4: link tx timeout
[  194.106782][ T5834] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  194.268769][ T8691] netlink: 'syz.1.861': attribute type 1 has an invalid length.
[  194.289589][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  194.637565][ T8706] __nla_validate_parse: 4 callbacks suppressed
[  194.637585][ T8706] netlink: 40 bytes leftover after parsing attributes in process `syz.0.863'.
[  195.063518][ T8724] netlink: 36 bytes leftover after parsing attributes in process `syz.3.871'.
[  195.072124][ T5836] Bluetooth: hci4: link tx timeout
[  195.124634][ T5836] Bluetooth: hci4: command 0x0406 tx timeout
[  195.147314][ T8732] netlink: 'syz.2.875': attribute type 13 has an invalid length.
[  195.198605][ T8732] netlink: 'syz.2.875': attribute type 17 has an invalid length.
[  195.231734][ T8739] netlink: 12 bytes leftover after parsing attributes in process `syz.0.877'.
[  195.300510][ T8733] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  195.367312][ T8732] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  195.522165][ T8732] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.599586][ T8743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.722335][ T8732] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.780443][ T8756] netlink: 'syz.4.882': attribute type 1 has an invalid length.
[  195.790173][ T8756] netlink: 'syz.4.882': attribute type 10 has an invalid length.
[  195.802199][ T8756] netlink: 236 bytes leftover after parsing attributes in process `syz.4.882'.
[  195.982939][ T8762] FAULT_INJECTION: forcing a failure.
[  195.982939][ T8762] name failslab, interval 1, probability 0, space 0, times 0
[  196.001518][ T8762] CPU: 0 UID: 0 PID: 8762 Comm: syz.1.884 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  196.001546][ T8762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.001557][ T8762] Call Trace:
[  196.001565][ T8762]  <TASK>
[  196.001574][ T8762]  dump_stack_lvl+0x189/0x250
[  196.001604][ T8762]  ? __pfx____ratelimit+0x10/0x10
[  196.001625][ T8762]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.001649][ T8762]  ? __pfx__printk+0x10/0x10
[  196.001673][ T8762]  ? __pfx___might_resched+0x10/0x10
[  196.001697][ T8762]  ? fs_reclaim_acquire+0x7d/0x100
[  196.001722][ T8762]  should_fail_ex+0x414/0x560
[  196.001748][ T8762]  should_failslab+0xa8/0x100
[  196.001768][ T8762]  __kmalloc_noprof+0xcb/0x4f0
[  196.001784][ T8762]  ? nf_tables_newrule+0x1506/0x2890
[  196.001812][ T8762]  nf_tables_newrule+0x1506/0x2890
[  196.001852][ T8762]  ? __pfx_nf_tables_newrule+0x10/0x10
[  196.001876][ T8762]  ? nfnl_pernet+0x23/0x240
[  196.001911][ T8762]  ? __nla_parse+0x40/0x60
[  196.001939][ T8762]  nfnetlink_rcv+0x1132/0x2520
[  196.001996][ T8762]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  196.002030][ T8762]  ? ref_tracker_free+0x63a/0x7d0
[  196.002084][ T8762]  ? __netlink_deliver_tap+0x807/0x850
[  196.002115][ T8762]  ? netlink_deliver_tap+0x2e/0x1b0
[  196.002134][ T8762]  ? netlink_deliver_tap+0x2e/0x1b0
[  196.002160][ T8762]  netlink_unicast+0x75b/0x8d0
[  196.002192][ T8762]  netlink_sendmsg+0x805/0xb30
[  196.002223][ T8762]  ? __pfx_netlink_sendmsg+0x10/0x10
[  196.002247][ T8762]  ? aa_sock_msg_perm+0x94/0x160
[  196.002270][ T8762]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  196.002290][ T8762]  ? __pfx_netlink_sendmsg+0x10/0x10
[  196.002311][ T8762]  __sock_sendmsg+0x219/0x270
[  196.002334][ T8762]  ____sys_sendmsg+0x505/0x830
[  196.002365][ T8762]  ? __pfx_____sys_sendmsg+0x10/0x10
[  196.002400][ T8762]  ? import_iovec+0x74/0xa0
[  196.002421][ T8762]  ___sys_sendmsg+0x21f/0x2a0
[  196.002447][ T8762]  ? __pfx____sys_sendmsg+0x10/0x10
[  196.002511][ T8762]  ? __fget_files+0x2a/0x420
[  196.002528][ T8762]  ? __fget_files+0x3a0/0x420
[  196.002558][ T8762]  __x64_sys_sendmsg+0x19b/0x260
[  196.002584][ T8762]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  196.002618][ T8762]  ? __pfx_ksys_write+0x10/0x10
[  196.002633][ T8762]  ? rcu_is_watching+0x15/0xb0
[  196.002662][ T8762]  ? do_syscall_64+0xbe/0x3b0
[  196.002687][ T8762]  do_syscall_64+0xfa/0x3b0
[  196.002706][ T8762]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.002724][ T8762]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.002741][ T8762]  ? clear_bhb_loop+0x60/0xb0
[  196.002763][ T8762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.002780][ T8762] RIP: 0033:0x7f42f6f8e929
[  196.002797][ T8762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.002812][ T8762] RSP: 002b:00007f42f7eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.002832][ T8762] RAX: ffffffffffffffda RBX: 00007f42f71b5fa0 RCX: 00007f42f6f8e929
[  196.002844][ T8762] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  196.002855][ T8762] RBP: 00007f42f7eb7090 R08: 0000000000000000 R09: 0000000000000000
[  196.002866][ T8762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  196.002876][ T8762] R13: 0000000000000000 R14: 00007f42f71b5fa0 R15: 00007ffd4f4d4888
[  196.002905][ T8762]  </TASK>
[  196.016854][ T8738] dummy0 speed is unknown, defaulting to 1000
[  196.206143][ T8765] netlink: 165 bytes leftover after parsing attributes in process `syz.4.886'.
[  196.368043][ T5150] Bluetooth: hci1: command 0x0406 tx timeout
[  196.374550][ T5150] Bluetooth: hci2: command 0x0406 tx timeout
[  196.378156][ T5838] Bluetooth: hci3: command 0x0406 tx timeout
[  196.476333][ T8771] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'.
[  196.562061][ T8773] ip6gretap0: entered promiscuous mode
[  196.570315][ T8773] ip6gretap0: left promiscuous mode
[  196.582392][ T8778] netlink: 12 bytes leftover after parsing attributes in process `syz.4.890'.
[  196.613033][ T8776] netlink: 'syz.1.887': attribute type 39 has an invalid length.
[  196.979764][ T8792] netlink: 4 bytes leftover after parsing attributes in process `syz.4.897'.
[  197.797716][   T51] Bluetooth: hci4: command 0x0406 tx timeout
[  198.003699][ T8822] netlink: 'syz.1.911': attribute type 1 has an invalid length.
[  198.018997][ T8822] netlink: 12 bytes leftover after parsing attributes in process `syz.1.911'.
[  198.040922][ T8822] nbd: illegal input index 393224
[  199.084435][ T8867] netlink: 8 bytes leftover after parsing attributes in process `syz.4.931'.
[  199.382183][ T8882] netlink: 'syz.1.938': attribute type 10 has an invalid length.
[  199.882622][ T8905] IPVS: Unknown mcast interface: macvlan0
[  199.913966][ T8910] netlink: 'syz.4.952': attribute type 5 has an invalid length.
[  200.074564][ T8917] syzkaller1: entered promiscuous mode
[  200.087744][ T8917] syzkaller1: entered allmulticast mode
[  200.235439][ T8923] __nla_validate_parse: 3 callbacks suppressed
[  200.235457][ T8923] netlink: 16 bytes leftover after parsing attributes in process `syz.1.958'.
[  200.452377][ T8930] raw_sendmsg: syz.1.961 forgot to set AF_INET. Fix it!
[  201.064615][ T8962] netlink: 'syz.0.975': attribute type 10 has an invalid length.
[  201.224667][ T8962] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  201.449445][ T8966] dummy0 speed is unknown, defaulting to 1000
[  201.770150][ T8991] netlink: 44 bytes leftover after parsing attributes in process `syz.4.989'.
[  201.816616][ T8994] team_slave_1: entered promiscuous mode
[  202.091322][ T9000] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  202.280897][ T9000] syzkaller0: entered promiscuous mode
[  202.286572][ T9000] syzkaller0: entered allmulticast mode
[  202.292955][ T9000] tipc: Resetting bearer <eth:syzkaller0>
[  202.340892][ T8998] tipc: Resetting bearer <eth:syzkaller0>
[  202.427111][ T9012] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  204.141524][ T8998] tipc: Disabling bearer <eth:syzkaller0>
[  204.154382][ T9017] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1000'.
[  204.272617][ T9034] netlink: 'syz.3.1009': attribute type 10 has an invalid length.
[  204.375772][ T9034] team0: Port device team_slave_0 removed
[  204.606860][ T9049] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1014'.
[  204.977305][ T9068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1023'.
[  205.008385][ T9068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1023'.
[  205.047684][ T9068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1023'.
[  205.292071][ T9079] netlink: 'syz.3.1029': attribute type 11 has an invalid length.
[  207.126305][ T9161] macsec0: entered promiscuous mode
[  207.146923][ T9161] macsec0: entered allmulticast mode
[  207.162592][ T9161] veth1_macvtap: entered allmulticast mode
[  207.342475][ T9166] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1071'.
[  207.364053][ T9166] openvswitch: netlink: Flow key attr not present in new flow.
[  207.526309][ T9174] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1075'.
[  207.600295][ T9176] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1076'.
[  207.942875][ T9193] tipc: Cannot configure node identity twice
[  208.483428][ T9220] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1095'.
[  208.769682][ T9234] openvswitch: netlink: Message has 20 unknown bytes.
[  208.801126][ T9234] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  209.151954][ T9207] dummy0 speed is unknown, defaulting to 1000
[  209.397440][ T9258] syz_tun: entered allmulticast mode
[  209.415294][ T9255] syz_tun: left allmulticast mode
[  209.698558][ T9273] netlink: 'syz.2.1115': attribute type 11 has an invalid length.
[  209.866399][ T9279] IPv6: sit1: Disabled Multicast RS
[  210.605998][ T9312] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1132'.
[  210.622873][ T9315] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1133'.
[  210.722507][ T9318] sctp: [Deprecated]: syz.0.1136 (pid 9318) Use of struct sctp_assoc_value in delayed_ack socket option.
[  210.722507][ T9318] Use struct sctp_sack_info instead
[  212.107137][ T9386] bridge0: port 3(team0) entered disabled state
[  212.136828][ T9386] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.175785][ T9397] netlink: 'syz.4.1158': attribute type 16 has an invalid length.
[  212.213015][ T9386] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.230113][ T9397] netlink: 'syz.4.1158': attribute type 17 has an invalid length.
[  212.770153][ T9422] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1170'.
[  212.881731][ T9424] syz.0.1171 (9424) used greatest stack depth: 17992 bytes left
[  213.074518][ T9438] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1174'.
[  215.001368][ T9538] netlink: 'syz.0.1213': attribute type 10 has an invalid length.
[  216.316025][ T9551] netlink: 264 bytes leftover after parsing attributes in process `syz.3.1218'.
[  216.326706][ T9551] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1218'.
[  216.516360][ T9602] netlink: 'syz.4.1238': attribute type 16 has an invalid length.
[  216.528809][ T9602] netlink: 'syz.4.1238': attribute type 17 has an invalid length.
[  217.614233][ T9547] dummy0 speed is unknown, defaulting to 1000
[  220.152948][ T9715] bond1: entered promiscuous mode
[  220.158919][ T9715] 8021q: adding VLAN 0 to HW filter on device bond1
[  220.192768][ T9719] 8021q: adding VLAN 0 to HW filter on device bond1
[  220.200571][ T9719] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  220.215739][ T9719] bond1: (slave ip6gre1): Error -95 calling set_mac_address
[  220.859695][ T9749] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1305'.
[  220.991561][ T9757] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1308'.
[  221.129697][ T9764] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1309'.
[  221.260028][ T9770] tipc: Can't bind to reserved service type 0
[  221.270280][ T9768] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  221.285650][ T9764] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  221.310177][ T9764] bond1 (unregistering): Released all slaves
[  221.813474][ T9792] netlink: zone id is out of range
[  221.820303][ T9792] netlink: zone id is out of range
[  221.825639][ T9792] netlink: zone id is out of range
[  221.856524][ T9792] netlink: zone id is out of range
[  221.871557][ T9792] netlink: zone id is out of range
[  221.877415][ T9792] netlink: zone id is out of range
[  221.885544][ T9792] netlink: zone id is out of range
[  221.894526][ T9792] netlink: zone id is out of range
[  221.902164][ T9792] netlink: zone id is out of range
[  221.917200][ T9792] netlink: zone id is out of range
[  222.051509][ T9799] netlink: 'syz.4.1325': attribute type 16 has an invalid length.
[  222.080283][ T9799] netlink: 'syz.4.1325': attribute type 17 has an invalid length.
[  222.232794][ T9808] ==================================================================
[  222.240981][ T9808] BUG: KASAN: slab-out-of-bounds in pause_parse_request+0x40/0x160
[  222.248886][ T9808] Read of size 8 at addr ffff88807f4714b0 by task syz.3.1329/9808
[  222.256685][ T9808] 
[  222.259018][ T9808] CPU: 1 UID: 0 PID: 9808 Comm: syz.3.1329 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  222.259038][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  222.259048][ T9808] Call Trace:
[  222.259056][ T9808]  <TASK>
[  222.259064][ T9808]  dump_stack_lvl+0x189/0x250
[  222.259090][ T9808]  ? __virt_addr_valid+0x1c8/0x5c0
[  222.259105][ T9808]  ? rcu_is_watching+0x15/0xb0
[  222.259125][ T9808]  ? __kasan_check_byte+0x12/0x40
[  222.259141][ T9808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.259162][ T9808]  ? rcu_is_watching+0x15/0xb0
[  222.259181][ T9808]  ? lock_release+0x4b/0x3e0
[  222.259202][ T9808]  ? __virt_addr_valid+0x1c8/0x5c0
[  222.259215][ T9808]  ? __virt_addr_valid+0x4a5/0x5c0
[  222.259230][ T9808]  print_report+0xd2/0x2b0
[  222.259250][ T9808]  ? pause_parse_request+0x40/0x160
[  222.259265][ T9808]  kasan_report+0x118/0x150
[  222.259279][ T9808]  ? pause_parse_request+0x40/0x160
[  222.259297][ T9808]  ? __pfx_pause_parse_request+0x10/0x10
[  222.259312][ T9808]  pause_parse_request+0x40/0x160
[  222.259329][ T9808]  ? __pfx_pause_parse_request+0x10/0x10
[  222.259345][ T9808]  ethnl_default_set_doit+0x2c1/0xa40
[  222.259365][ T9808]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  222.259389][ T9808]  genl_family_rcv_msg_doit+0x215/0x300
[  222.259413][ T9808]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  222.259438][ T9808]  ? bpf_lsm_capable+0x9/0x20
[  222.259451][ T9808]  ? security_capable+0x7e/0x2e0
[  222.259470][ T9808]  genl_rcv_msg+0x60e/0x790
[  222.259492][ T9808]  ? __pfx_genl_rcv_msg+0x10/0x10
[  222.259511][ T9808]  ? ref_tracker_free+0x63a/0x7d0
[  222.259529][ T9808]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  222.259549][ T9808]  ? __pfx_ref_tracker_free+0x10/0x10
[  222.259572][ T9808]  netlink_rcv_skb+0x208/0x470
[  222.259589][ T9808]  ? __pfx_genl_rcv_msg+0x10/0x10
[  222.259614][ T9808]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  222.259636][ T9808]  ? down_read+0x1ad/0x2e0
[  222.259655][ T9808]  genl_rcv+0x28/0x40
[  222.259674][ T9808]  netlink_unicast+0x75b/0x8d0
[  222.259693][ T9808]  netlink_sendmsg+0x805/0xb30
[  222.259714][ T9808]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.259732][ T9808]  ? aa_sock_msg_perm+0x94/0x160
[  222.259749][ T9808]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  222.259766][ T9808]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.259782][ T9808]  __sock_sendmsg+0x219/0x270
[  222.259798][ T9808]  ____sys_sendmsg+0x505/0x830
[  222.259819][ T9808]  ? __pfx_____sys_sendmsg+0x10/0x10
[  222.259841][ T9808]  ? import_iovec+0x74/0xa0
[  222.259855][ T9808]  ___sys_sendmsg+0x21f/0x2a0
[  222.259875][ T9808]  ? __pfx____sys_sendmsg+0x10/0x10
[  222.259907][ T9808]  ? __fget_files+0x2a/0x420
[  222.259922][ T9808]  ? __fget_files+0x3a0/0x420
[  222.259940][ T9808]  __x64_sys_sendmsg+0x19b/0x260
[  222.259960][ T9808]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  222.259984][ T9808]  ? rcu_is_watching+0x15/0xb0
[  222.260006][ T9808]  ? do_syscall_64+0xbe/0x3b0
[  222.260024][ T9808]  do_syscall_64+0xfa/0x3b0
[  222.260040][ T9808]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.260054][ T9808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.260074][ T9808]  ? clear_bhb_loop+0x60/0xb0
[  222.260090][ T9808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.260105][ T9808] RIP: 0033:0x7f4aee18e929
[  222.260120][ T9808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.260132][ T9808] RSP: 002b:00007f4aeef79038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  222.260148][ T9808] RAX: ffffffffffffffda RBX: 00007f4aee3b5fa0 RCX: 00007f4aee18e929
[  222.260159][ T9808] RDX: 0000000000000040 RSI: 0000200000000000 RDI: 0000000000000003
[  222.260169][ T9808] RBP: 00007f4aee210b39 R08: 0000000000000000 R09: 0000000000000000
[  222.260179][ T9808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.260188][ T9808] R13: 0000000000000000 R14: 00007f4aee3b5fa0 R15: 00007ffe4b33cd88
[  222.260204][ T9808]  </TASK>
[  222.260210][ T9808] 
[  222.643443][ T9808] Allocated by task 9808:
[  222.647757][ T9808]  kasan_save_track+0x3e/0x80
[  222.652441][ T9808]  __kasan_kmalloc+0x93/0xb0
[  222.657102][ T9808]  __kmalloc_noprof+0x27a/0x4f0
[  222.661937][ T9808]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  222.668001][ T9808]  genl_family_rcv_msg_doit+0xb8/0x300
[  222.673455][ T9808]  genl_rcv_msg+0x60e/0x790
[  222.677949][ T9808]  netlink_rcv_skb+0x208/0x470
[  222.682702][ T9808]  genl_rcv+0x28/0x40
[  222.686731][ T9808]  netlink_unicast+0x75b/0x8d0
[  222.691480][ T9808]  netlink_sendmsg+0x805/0xb30
[  222.696242][ T9808]  __sock_sendmsg+0x219/0x270
[  222.700903][ T9808]  ____sys_sendmsg+0x505/0x830
[  222.705659][ T9808]  ___sys_sendmsg+0x21f/0x2a0
[  222.710413][ T9808]  __x64_sys_sendmsg+0x19b/0x260
[  222.715518][ T9808]  do_syscall_64+0xfa/0x3b0
[  222.720018][ T9808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.725910][ T9808] 
[  222.728236][ T9808] The buggy address belongs to the object at ffff88807f471480
[  222.728236][ T9808]  which belongs to the cache kmalloc-64 of size 64
[  222.742128][ T9808] The buggy address is located 8 bytes to the right of
[  222.742128][ T9808]  allocated 40-byte region [ffff88807f471480, ffff88807f4714a8)
[  222.756621][ T9808] 
[  222.758939][ T9808] The buggy address belongs to the physical page:
[  222.765347][ T9808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f471
[  222.774093][ T9808] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  222.781619][ T9808] page_type: f5(slab)
[  222.785606][ T9808] raw: 00fff00000000000 ffff88801a4418c0 ffffea0001facb40 dead000000000005
[  222.794178][ T9808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[  222.802742][ T9808] page dumped because: kasan: bad access detected
[  222.809151][ T9808] page_owner tracks the page as allocated
[  222.814850][ T9808] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 7824, tgid 7822 (syz.2.613), ts 140483997745, free_ts 125217127729
[  222.834023][ T9808]  post_alloc_hook+0x240/0x2a0
[  222.838778][ T9808]  get_page_from_freelist+0x21e4/0x22c0
[  222.844314][ T9808]  __alloc_frozen_pages_noprof+0x181/0x370
[  222.850120][ T9808]  alloc_pages_mpol+0x232/0x4a0
[  222.854974][ T9808]  allocate_slab+0x8a/0x3b0
[  222.859481][ T9808]  ___slab_alloc+0xbfc/0x1480
[  222.864197][ T9808]  __kmalloc_noprof+0x305/0x4f0
[  222.869041][ T9808]  hash_ipmark4_resize+0xaf4/0x1a50
[  222.874229][ T9808]  call_ad+0x44e/0xb00
[  222.878283][ T9808]  ip_set_ad+0x791/0x930
[  222.882514][ T9808]  nfnetlink_rcv_msg+0xb4a/0x1130
[  222.887525][ T9808]  netlink_rcv_skb+0x208/0x470
[  222.892282][ T9808]  nfnetlink_rcv+0x26a/0x2520
[  222.896946][ T9808]  netlink_unicast+0x75b/0x8d0
[  222.901696][ T9808]  netlink_sendmsg+0x805/0xb30
[  222.906446][ T9808]  __sock_sendmsg+0x219/0x270
[  222.911105][ T9808] page last free pid 5200 tgid 5200 stack trace:
[  222.917436][ T9808]  __free_frozen_pages+0xc71/0xe70
[  222.922558][ T9808]  __put_partials+0x161/0x1c0
[  222.927321][ T9808]  put_cpu_partial+0x17c/0x250
[  222.932076][ T9808]  __slab_free+0x2f7/0x400
[  222.936485][ T9808]  qlist_free_all+0x97/0x140
[  222.941068][ T9808]  kasan_quarantine_reduce+0x148/0x160
[  222.946558][ T9808]  __kasan_slab_alloc+0x22/0x80
[  222.951407][ T9808]  __kmalloc_cache_noprof+0x1be/0x3d0
[  222.956766][ T9808]  kernfs_fop_open+0x397/0xca0
[  222.961522][ T9808]  do_dentry_open+0xdf0/0x1970
[  222.966276][ T9808]  vfs_open+0x3b/0x340
[  222.970338][ T9808]  path_openat+0x2ee5/0x3830
[  222.974918][ T9808]  do_filp_open+0x1fa/0x410
[  222.979411][ T9808]  do_sys_openat2+0x121/0x1c0
[  222.984081][ T9808]  __x64_sys_openat+0x138/0x170
[  222.988923][ T9808]  do_syscall_64+0xfa/0x3b0
[  222.993421][ T9808] 
[  222.995740][ T9808] Memory state around the buggy address:
[  223.001359][ T9808]  ffff88807f471380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  223.009447][ T9808]  ffff88807f471400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  223.017681][ T9808] >ffff88807f471480: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[  223.025726][ T9808]                                      ^
[  223.031343][ T9808]  ffff88807f471500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[  223.039503][ T9808]  ffff88807f471580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  223.047561][ T9808] ==================================================================
[  223.104749][ T9808] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  223.111988][ T9808] CPU: 1 UID: 0 PID: 9808 Comm: syz.3.1329 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  223.123975][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  223.134036][ T9808] Call Trace:
[  223.137313][ T9808]  <TASK>
[  223.140428][ T9808]  dump_stack_lvl+0x99/0x250
[  223.145020][ T9808]  ? __asan_memcpy+0x40/0x70
[  223.149607][ T9808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.154815][ T9808]  ? __pfx__printk+0x10/0x10
[  223.159404][ T9808]  panic+0x2db/0x790
[  223.163407][ T9808]  ? __pfx_panic+0x10/0x10
[  223.167843][ T9808]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  223.173746][ T9808]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  223.180067][ T9808]  ? print_memory_metadata+0x314/0x400
[  223.185525][ T9808]  ? pause_parse_request+0x40/0x160
[  223.190717][ T9808]  check_panic_on_warn+0x89/0xb0
[  223.195649][ T9808]  ? pause_parse_request+0x40/0x160
[  223.200846][ T9808]  end_report+0x78/0x160
[  223.205088][ T9808]  kasan_report+0x129/0x150
[  223.209581][ T9808]  ? pause_parse_request+0x40/0x160
[  223.214787][ T9808]  ? __pfx_pause_parse_request+0x10/0x10
[  223.220408][ T9808]  pause_parse_request+0x40/0x160
[  223.225430][ T9808]  ? __pfx_pause_parse_request+0x10/0x10
[  223.231057][ T9808]  ethnl_default_set_doit+0x2c1/0xa40
[  223.236430][ T9808]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  223.242761][ T9808]  genl_family_rcv_msg_doit+0x215/0x300
[  223.248307][ T9808]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  223.254384][ T9808]  ? bpf_lsm_capable+0x9/0x20
[  223.259049][ T9808]  ? security_capable+0x7e/0x2e0
[  223.263983][ T9808]  genl_rcv_msg+0x60e/0x790
[  223.268482][ T9808]  ? __pfx_genl_rcv_msg+0x10/0x10
[  223.273592][ T9808]  ? ref_tracker_free+0x63a/0x7d0
[  223.278609][ T9808]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  223.284498][ T9808]  ? __pfx_ref_tracker_free+0x10/0x10
[  223.289869][ T9808]  netlink_rcv_skb+0x208/0x470
[  223.294658][ T9808]  ? __pfx_genl_rcv_msg+0x10/0x10
[  223.299679][ T9808]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  223.304965][ T9808]  ? down_read+0x1ad/0x2e0
[  223.309377][ T9808]  genl_rcv+0x28/0x40
[  223.313456][ T9808]  netlink_unicast+0x75b/0x8d0
[  223.318299][ T9808]  netlink_sendmsg+0x805/0xb30
[  223.323063][ T9808]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.328342][ T9808]  ? aa_sock_msg_perm+0x94/0x160
[  223.333277][ T9808]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  223.338556][ T9808]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.343837][ T9808]  __sock_sendmsg+0x219/0x270
[  223.348508][ T9808]  ____sys_sendmsg+0x505/0x830
[  223.353276][ T9808]  ? __pfx_____sys_sendmsg+0x10/0x10
[  223.358563][ T9808]  ? import_iovec+0x74/0xa0
[  223.363058][ T9808]  ___sys_sendmsg+0x21f/0x2a0
[  223.367786][ T9808]  ? __pfx____sys_sendmsg+0x10/0x10
[  223.373014][ T9808]  ? __fget_files+0x2a/0x420
[  223.377611][ T9808]  ? __fget_files+0x3a0/0x420
[  223.382313][ T9808]  __x64_sys_sendmsg+0x19b/0x260
[  223.387267][ T9808]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  223.392986][ T9808]  ? rcu_is_watching+0x15/0xb0
[  223.397782][ T9808]  ? do_syscall_64+0xbe/0x3b0
[  223.402481][ T9808]  do_syscall_64+0xfa/0x3b0
[  223.406979][ T9808]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.412188][ T9808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.418684][ T9808]  ? clear_bhb_loop+0x60/0xb0
[  223.423373][ T9808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.429350][ T9808] RIP: 0033:0x7f4aee18e929
[  223.433764][ T9808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.453360][ T9808] RSP: 002b:00007f4aeef79038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.461773][ T9808] RAX: ffffffffffffffda RBX: 00007f4aee3b5fa0 RCX: 00007f4aee18e929
[  223.469742][ T9808] RDX: 0000000000000040 RSI: 0000200000000000 RDI: 0000000000000003
[  223.477703][ T9808] RBP: 00007f4aee210b39 R08: 0000000000000000 R09: 0000000000000000
[  223.485662][ T9808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  223.493626][ T9808] R13: 0000000000000000 R14: 00007f4aee3b5fa0 R15: 00007ffe4b33cd88
[  223.501602][ T9808]  </TASK>
[  223.504911][ T9808] Kernel Offset: disabled
[  223.509224][ T9808] Rebooting in 86400 seconds..