last executing test programs:

4.843681373s ago: executing program 3 (id=2703):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9001c2f8db0049d90491ceaebfd26d4eef232480000b7b186001859dbb8a19052b43f80bd", 0x3a}], 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a18010000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000002cd40009800800014000000006c80002"], 0x140}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = epoll_create1(0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000140)={0x10000010})
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r7, 0x84, 0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x2}, 0x10)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
r10 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={0xffffffffffffffff}, 0x4)
setsockopt$sock_attach_bpf(r8, 0x1, 0x32, &(0x7f0000000180)=r10, 0x4)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r11, 0x0, 0xc, 0x0, &(0x7f0000000400))
sendmsg$nl_route_sched(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000440)=@newqdisc={0x50, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0xf}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x24, 0x2, [@TCA_FQ_QUANTUM={0x8, 0x3, 0x7}, @TCA_FQ_ORPHAN_MASK={0x8, 0xa, 0x7ff}, @TCA_FQ_LOW_RATE_THRESHOLD={0x8, 0xb, 0x2}, @TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x1}]}}]}, 0x50}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="840000000002010400000000000000000a00000004000180300003802c00018014000300fc00000000000000000000100000000014004400fe800000001f610000000000000000bb3c0002800c00028005000100000000002c00018014000300fc020000000000000000000000000000140004"], 0x84}}, 0x0)
r12 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [], {0xfffffffffffffef8}}, 0x28}}, 0x4000040)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9)
sendmsg$nl_route(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r13, @ANYBLOB="0200000000008000800012000800010076746936740002"], 0xa0}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

4.216049439s ago: executing program 3 (id=2712):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[], 0xf0)
sendto$inet6(r0, &(0x7f0000000040)='\x00', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c) (fail_nth: 14)

3.693076146s ago: executing program 3 (id=2714):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x8, 0x3, 0x2d8, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {0xff}, 0x0, 0x0, 0x3}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x33, 0x9, 0x1, 'snmp_trap\x00', 'syz0\x00', {0x7}}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @local}, @remote, [], [], 'geneve1\x00', 'gre0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@icmp6={{0x28}, {0xc, 'JQ'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x0, 0x2}, {0x0, 0x1, 0x3}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x338)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xffffffffffffcd8b, 0xac14140c}, 0xff000000}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000200)="8933ccfa85", 0x5}, {&(0x7f00000000c0)='@je', 0x3}], 0x2, 0x0, 0x0, 0x900}, 0x60)
r2 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000f903010000000000000000000000000a14000000e80301"], 0x28}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f00000004c0)={0x5, 0x40000}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000001200375f3fbd7035ede79e01ec49"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x8884)
r4 = socket(0x10, 0x3, 0x0)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f0000000140)={0x1, 'nicvf0\x00', 0x4}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001400000014000000030000000000000001000006040000000100000004000000006100dc2534e298c1dee101ee6ea9b52c148dd3d467eab7e1384e29d96ea377f991676c50ef630bd7e840128ca4a93bba52ba10489328c4a4f7366731dbdafc026fd4740872c7ae19fd29f12aeb"], &(0x7f0000000f40)=""/4088, 0x2f, 0xff8, 0x8}, 0x28)

3.277142381s ago: executing program 3 (id=2717):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @private0}, 0x76)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={<r4=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010103}]}, &(0x7f0000000140)=0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f00000008c0)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000080)={r4, 0x7, 0x7ff, 0x0, 0x6, 0x0, 0x4, 0x3, {r4, @in6={{0xa, 0x4e21, 0x80000001, @local, 0xb}}, 0xe, 0x0, 0x9, 0x10001}}, &(0x7f0000000240)=0xb0)
connect$bt_l2cap(r2, &(0x7f00000002c0)={0x1f, 0x8001, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x2, 0x2}, 0xe)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000200b703000000000000850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a40)={{r1}, &(0x7f0000000140), &(0x7f0000000700)}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r7, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a00)={0x64, r8, 0x1, 0x70bd2d, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0xfffffffffffffe50, 0xb, 0x4}, {0x6, 0x16, 0xb}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x80}, {0x8, 0xb, 0x6}}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a98000000060a0b040000000000000000020000006c000480680001800a000100696e6e65720000005800028008000240000000840800034000000007080004400000000f0800014000000000340005800c0001007061796c6f61640024000280080004400000005608000340000000b9080001400000000a08000240004000010900010073797a30000000000900020073797a32"], 0xc0}}, 0x0)
r9 = bpf$ITER_CREATE(0x21, &(0x7f00000000c0), 0x8)
r10 = socket$packet(0x11, 0x3, 0x300)
r11 = socket(0x10, 0x3, 0x3)
sendmsg$nl_route_sched(r11, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r11, &(0x7f0000000380)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
bind$packet(r10, &(0x7f0000000040)={0x11, 0x0, r12, 0x1, 0x0, 0x6, @remote}, 0x14)
syz_80211_inject_frame(&(0x7f00000001c0), &(0x7f0000000500)=ANY=[@ANYBLOB="e824ed00ffffffffffffffffffffffffffffffffffff9a00230f658bf23ca84fee6849c5584bc70b9656be4997567c13e395e68322558b40aa7053af652de403c21558ef429d6c7ff111cd5ce1aca99ae7e88ee4035aead9cb42aef121ae6bcbee86112ff015271271008f9b67b3012c027b2771233edf2cbfcfca0ab208f9bc513b8848b66375386ebb447bc8f7ef4905d0bcfd96116aa84b97d53e5b4e12ca8962cb1c2d8097d25b5a920bb22062f297dcde4c3d04842ef74e1e0c0f3be7cdcfd0ff11034e33f982bb872026c33cd4646495c6621e2ac4223516d79706b29ec38ebb97d0a83e91385b77cc2de42a0cb881bfe81cb4bf2f0d8fd858d8a1363aae25dd1eff9c383c735ef5038e3a65439226b23ab7fc9b6f05e065203143b4829f07a9f092de22a27c0f9d224aa88e1be8e8819ff5027504a009045a9bd3b55fd6a44224db78a097d1b0af44c6b46665421ef5b95e0770bae1ee9af36081d7f8dbd9dfe248a457726d41144fb4616d4b11c2c7190f290480c65d73421362ea9076f332197e03903d9a94e0cd96fda23eff01222508fbbe5b4698d161153ed73a23a7319f8134354809283b9aaef3d041fd84740bee8ac89612c44e6a6d3897084cdd559d3011b7e35e974f2af31fb41959c764cdb7f998f9a016c14496e1a5032a4387dc27af6d564802b4ef35b5ae08ae2b278c15bf1d39b855df8078e7cb9aa20c2cee7f4534eb20f0c20fd8997bc46d8b7c497edb7167dd9eeb1c9d7b7b00fd2e5ffe0cbd1ab255b51bb8e8bff5e3ce1a8cacb53ceb106edd565d8fabec2f4bb76da55fac55647363cd3fd2665549777c88dbe61aa6edd703253bdaf8e41d547d99cab8e27b745a7dd1f7b9626db0d2b0dfe41d608b6d52d2cc078b5db15bb45a881f65d7349bd684a60b989075cd255d76556e09433badee4345fb7a00645458f164c3757baf6d13f5b20ebfd9be23b18b35fa6c0d008ab71a5c481abebec80fb36520159d3a96a260b61e6f659a84744e79db103e76b3292153a20133ecdb0555e10f1a302d3106b4e491893c862aabd3e7411dee9257b9ed1e400f3e487f386b7947540cad9279944b6092a1dada627780596af304742c3a3ffdd24bbf674a956c9d8097b1d4f32365be11e0d950df6493f4c21d37813de76c8db2be9b5db8728ab15c54f3cd246be5aa8442b9b7a4b10aa08a591fdb62f44cbba5e009a0036f549b88781e56194bcc06b3753f3b774406b751c754528054bf9e023b6ee50cb77ba072"], 0x386)
bind$can_j1939(r9, &(0x7f0000000100)={0x1d, r12, 0x3, {0x1, 0xff, 0x3}, 0x1}, 0x18)

3.08013003s ago: executing program 0 (id=2719):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000080)=0xc)
syz_open_procfs$namespace(r1, &(0x7f0000000180)='ns/pid\x00')
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000b80)='n', 0x1}], 0x1}, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000040)={0x0, 0x9, 0x7a8, 0x6}, 0x14)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "db57cda808852139", "252432e72844858a068b92a5a810f4dc", "11802ff5", "5aee41448c84afb7"}, 0x28)
ppoll(&(0x7f0000000100)=[{r2, 0x8010}], 0x1, 0x0, 0x0, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r3, &(0x7f00000000c0)={0x1d, 0x0, 0x2, {0x1, 0xff, 0x3}, 0x1}, 0x18)
close(r0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000240)='tegra_dma_tx_status\x00', r4, 0x0, 0x4}, 0x18)
r5 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_int(r5, 0x29, 0x4b, &(0x7f0000000100)=0xc, 0x4)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x33}, 0x4}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
recvmmsg(r6, &(0x7f0000001700)=[{{0x0, 0x0, 0x0}, 0xa}], 0x1, 0x2061, 0x0)
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000100)=0x730)

2.619966345s ago: executing program 2 (id=2721):
r0 = socket$key(0xf, 0x3, 0x2) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18085100000000090000000000000000851000000600000018100000", @ANYRES32, @ANYBLOB="00d0ff0000000000660000000000000018000000f8ffffff00000000000000009500000000000000360a00000000000018010000202078250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222}, 0x94)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x2, 0x400000000000003, 0x20, 0x0, 0x13, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3, 0x0, 0x0, 0x100000000000000}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @rand_addr=0x64010100}}, @sadb_lifetime={0x4, 0x4, 0x0, 0xfffffffffffffffe}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @broadcast}}, @sadb_x_sec_ctx={0x1, 0x18, 0x5, 0x5f}]}, 0x98}}, 0x0)

2.619347355s ago: executing program 1 (id=2722):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x21, 0x10, 0x0, 0x0, 0x336c}, 0x48) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="b40000001500010000000000000000000a000000", @ANYRES32=0x0, @ANYBLOB="0800040000e40000140001000000000000000000cc0c3ae27f00000114000100fe8000000000000000000000000000aa2c0002"], 0xb4}}, 0x0) (async)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) (async, rerun: 32)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (rerun: 32)
r3 = openat$cgroup_devices(r2, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r3, &(0x7f0000000280)={'b', ' *:* ', 'rm\x00'}, 0x9) (async, rerun: 32)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 32)
r5 = socket$tipc(0x1e, 0x4, 0x0)
connect$tipc(r5, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x5}}, 0x10)
sendmmsg$inet(r5, &(0x7f0000006740)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000004c0)="80349c0d9e8fcc9f44658138dc4a3c4ad42f918348474a5bc38ff0e0571fc22c8eb5cb22fdf30c6d1a4c1ccb5e5b35fed7db48c1a8a7132adc5623d146ddfe2254dd2579b4284b53d1cea6206864473d31bdb00c9d1462458b678827e80c94d88099e7471a58b1463086f9cdd1ccc19fa2fc4a9dd5a56fe782d15e66648c7630f1aaa7e9820460c46e292dbb8fa6f6701048ff17f40e2ab1ee0750ed038f18b81b2ba014bf866062c9a6f88b5d07e13b7eddd968ba9c7a53609c7b61471a51fd85bceebc0a92b2cd7c45a7f4571e693abebc3c5ff16c81106db988096bba7772e6acc5956344eaa64fea7c6319a37312ad57490dd2ebcb9bdf2815aae851bbd55317b4fcdaa8b06d30ed3db8a117424fed41f68979ac996e7fcd4549daf29bff6a2643e184580eb0b0bf81046975ea8d5e06e7124790dfca059217a34f4120feb2bb", 0x14d}, {&(0x7f0000000280)="5b4ea80f20d7212327afde5e7a457cde2dff9073f71979", 0x17}, {&(0x7f00000002c0)="851d8a90d516f218f839a7c48edfe734b2490c90a2fbf5be3383f1c9f5be8e55148723ac0258ef4f8af1f5e0b0a86885f018523d60072c7d9c1568700b3abe208fbd5dad2daf18b5150a530d816bf4cc6e43da4f2793611b38009e8c0970268cf5836926fd1223f4f8bec6a4a68b2aaff7af151a661793a04cd9b936da8f53eae22356781c580df817f3168269eaeeae014fa9b1878bd89e2acb4853ffd7b9a06d7f5ff090c605f5d343e6d93c80d747365d21acea325c44fbb87f6271a2d9333e9b9dd1d36dfea61641d34fd54cd2970ac14acdadd04357bdd44bc926d0adef887b2e25c2f435ce79bac1d1f473c3a49a12aa5c5cfa4bfa4fd2470308ed259e62c218aee67006a3ca187c9aa13a806d99b2275341fd6022940537b1cb1fd2389f417ea92c6e77a09a9d09a98c4e2f0912d36b47588ff991aa98c3c650055bacb669aaf68dd4f8a7b43569c9af62e7cee6ba05278fe8642feafa5c436cb13fa45b3cdf750f8956c493acf7c561b12259331a363c74fb5f2947652ced415b0986b673680e8ad7bad823ff84c30681cbe45114510d9aa6f423f212bcdf1c244178ae31474d9f176707e9c481057f72d489372f7daeba51e3ea86895c8eed109566ad19f3957d0df21a671fce2d674c207d8643c85a018834f4e8e3992e6991d815", 0x1e0}, {&(0x7f0000001440)="f0e266805aba28ca0c0d67b3479e1c7cb90d64b8ba8093c11696a92981d4fdd1f40043ce52efdea3f8d7b9ba23840df17c5a35207d6fc677263be310a063adb7b1528b8a04ec5b50d2cfa0df73c57f16a94941e8fb22f429a1f34b5b01514fefc4bd79a2cb936cf2eae82bd7b628431ae2d7b61059b35abc6ee24fd40e3c1bd6106af177bc4670395df7238a420fecf1e6ed3fe8906c3a2843215618fcb72ae77c6d36feefb4d45157e5d35fb4bf297d15ca042520f08e85ad2d7c5045fc7c4a2a8b6e149fc755d70437b3835083ee9fc662afbf840ab97f0adcdde20099bb22e909b937696e9d950ca0a361dfa8f5453454696927ae5a2401340264bdcdcd86941c18b536bdccb964461679d1b62855dadee9b66e5d494183283808c706247cdf83b45c44178775fc957483923b717724549dbe2f9a092fa07e93a7772d16bfbff9a0dd14d48d30b1e4f8206f92cf2fe08a7702f73404b79e77dec1b694e8a7c588a7bb2d770122291b10b456c4419dda49da0433a0aa5f0be221d29b45082b4f9521c2a1fbae507aa2652123619b78f340f01523bf9e6089e8e8186af2b85476d7059226f07467a6e036bf8808f2e9070b2a94ac1c64ec066def276c362a1d4a830edf754783f0a1e52e1adc4f6ca2d7200fd73b9cda79ccfcf57a27f60e184ebe12c4daeb214c2057b69719db280e0dcc2d10b085c7ab8e2394bae44893e3f335a3121bae3a33c32b004ab7bca48726029b77a6c784d2af3789fd520e37009d103c0a63598fa5857ee1b86a38a9feaf1d1f512d1884861c13d647d26888430e2f15e78cdd6a4c875e52de709dfdc4af4775ce03d7c8c3ff2b9fbae82dbabf11460bd1bc1ffe10c5062a265fd211a2b52a41613cc03917b8d34591885396369d1d172df31244a236c49d4457a936848684b59e326872d58c5db20684d1194ccb7ecbf5017f0f702f29c75cdeea09619db8bf00b41b1a165af13b3810d7f7b6a681aef628190f4fd53244a650b0500df500946792d003f2d2f0ba3c57f8257c0cc897cb1dabd63870ef86378a14e7f5068ea6a2311414656d766fb24e43c2a57b44cb1dc584d71e91628348790dc6a9adf85bc403a934e7603f7b45473407cf1395163b3efc9e880963bbd98140adfd624ccfc1141cd899826261e152265b9307695488c0cbad9027bf74b6f0c7adbc9878983d96e6026c818ac30fac3e2392e1c8fdab8ccf902d0915a471701083949efafc7a2e05608139fd0ef22d834ff02569878579c43635ad2d56d7cdfacaba8a3adc47c7fd42e521ca6b14726e68f67e2662c972bf9824ba847e22985400fad74280c22a0636aee80eeb7ef0c691cee94573ec78b53d43316ba691fd5274d1ff8085e297d2781a31f704dfeb58db9fa216c3356341207e953712de9ef27018bdfdddba8abc0c5f205908f12a42685ecc0c20cd92a57bba45a435f7bb412ccab1a6d877392971de8b808af07ea32b102dbcd7d00c869ad5cd8f5a5895b3d6dfef226d51d819756a85ffdde3d08f59fbbb7510a9ac3568f8f039fa7abc7b34685f3579050e88773cb4bb7958ff83aba1f23c8ab4ecd019c59781d47bcc50c64a957c3fa37311a240649313f77fa81020a5da0560d3bdabe6001ab6792ad782fe0e44bbb59efd4a524984742940563dd9e9a0226925324ac94373a9dcb16f32183ef3f465a13b83974f593e664f53131241e2133ce22917fbb412354a51026847f92aa7afadb1cdf51677fc2fe5938812ef17ae79f4db75afdfce3c5b8822dd612457b5f59dd616acdc473e97afb83f3c9789f3df399a2c3c89e8b5e6db33a306168b0cd4e8acbbd6ac81dd46cfb2f7d24b609d009049784611d027daa0cfb12111c1236aa010796cc687cbb151ba30e3a786ee8bfdae51e65a0c3667f7b8856089621742bdc19ad66f60eb48bd7f20b0ac2a523e89e6a7089e3704f266c52c58994e018e5d20b77a0413c71cafd420d9e0abb77e9f1199aca31f6d94372ca5736c749c197cac572e4962fc089f866a896763cd7b804c8e7211bd3a64f1ed12d65182deb850279ecb530683551bd50214e03b9f813431688dadf4caaf77d2e8b20d3e5c424243ab50f9c20462cea0f38eb080b02074e3e77a236d4ec929b04d134dcc5f767736c096794be3aec9f1195b87862128b436fbd0305a6ad6ebb0b2167e184c1de57048144b7567a6ad6c028c4b8a78858925f0ed415313da984484f753d14234d30964aa3d15af13337b6e5338d4f787abc18e0ea4d9656aa3c1d3eee0854078470a0e724062fd61a95f17516ca92faae8397ce07ba558a689ea49d25685a28c68fbc533892827829692d65a15711f0d14f7f685095f6c5dd085b30ffc4dfd9097157c1fab80023d24912861e87d1e484fe5a4476743dcb983d3eecabfe168db03f888432d8b1639e89c8f0513dc36ca8969ec364d28814fa6e21f979020df1292d772cd20c0eb4a5888f38d8d129e30ffee29ab6baf3b2f3a509e02d26b354f1ebe3531fe97968f1f678937b36f3684a8c100030a2328941dfc09574f7cebc26337cd4b2a6fc0b92affc3f3f892542e46fd6cfc2780c0b8a916b3fbb7f33a2537571b06643d82f86e2156740e024b360f48b844797971383610dc93abedc9945ec26d6a56e2701522e3fd6b77d4647a137346985af549d8944c652ddd797e1856a30f296258eb275981bc9432f38532d6e141d603b002c75247b3e71b39dbc01e8e64bc0cd510bd1700685a95ead8fb3fe8fbd72be2e8f9f5a9f1b2c400bfdc0aeabb14a7538c9a38a4839bf41120f2c2aa00277a327d7dff15f52854146a94ea41e4f14a15443124c6bcff43489e7e242c8315ed8d542377fefb6002292c1adc571c730d67b8dab5a4da06659fe7b69bac3147ef39fc877c323edbb9912886ab468c530a8d7844692010ea93effd20f4ccc47b3ff51f378c12b1d03155d49772f14d65bf2ce38f589ca4647b6713ae081fd13e74b307aba8bc34a4406d78c26ccfdf328f5c273b294f6c6419cc157eca59939ec4c0b95cc6d5f97c83c3f14aeb5b88910ec29cf64496d9b1b855fe073d4791507c7533846cdd7810667427583b3a8b7febb2c43643c09bebbb12c08781ac9d0995723fb47febef49e0d6631f054e5b3b3a284391590cfb5d5cf4aaa71586cb37b9fffa15848176da20969e88ed87dd8a4fa2b5140fd56f0a9973217f8ce0c6ee50b67214b6d7d6b84d41d83694a14b2e96f0cb79b49f5fe4dd21727c00819e83b6ea203bada46e9ae8ce7bebaf24f05fd20672e4230b3851b8f05bb2f0977dda7c8cdd1f2689b7a10a72018ff76699e53b2a3f77bf7fa03fe3cf85d4859c9db915fa5c1ddff79e77d0b1b6316d3e50d0d60a42271332f3e81376f120836cd3ea55b7f1453833a7bce0058f79b698a4bd0e857ae35b8ac8f20ed8f238475757af11ce7b450cf89191a4f27a365f594ef68efe6ea1a5c3518712b1aa37a1f47e05f85debfa461f5346d985a71e49ef17f4eb068862977d56671d445176934be6b5318300d7debf3ad8d7da0c014b25af2d8fa52753974116a8cea6c974692f5de03b526a075cc3bc8a4375333f0ef09dd3c361738a151f326ba3253c171f8f7876107eeac122a65124e59dfe7c66bb9546d6428559df314063ac08c03d96b04b6a91508371fa18348c65238546f3d489c7efc1bd01e6e389fbeaa8f125bc7b7c8673904eb676bbdfa3680fea612ba20fab20cdd411c2bafe0417b76852de9e863f09d291bf59510ead793cfd9d6710c0de77cefb5b65481d3aabde2683457b13e3b32ebc06f60d5afa47e36f652a95bd16dcf55dd3e1b05d0df9b8a183553097c2aa95aa175eda6792f58a74170781260e6120981549b3836d13ef037178dd8ddcb5a5624f3790f9d92b0f8f3cd11bddf478cd79456db871f32dd6e24948dd762ba2c22a94300f527c1df5ff05aef5ae4893ff88adc8f7af779d03fcb4ecabfa32460315f27505681242064541657acbb29f531043ce1d04ad189045140232f24f46d0580ada560c61fa4a90aec4743a9a0d466493476923cdff87a21127bac3da7d61d674d8bc9bd63cc3df85c707a912773e090256d5a0bdc5da8ceae2ca25c596410982b63055e6d292a31776cefe58457cb6b5cb92a2c69ed5eeed35e4ea3d6b54ee22e41dea28adac6e1eeadf604f0ef3a67c86974c3ecacdb7f502c74ed31138123dcb80282dbfb0ea0fc2a6016dccecbcbe4952c27b09e7abf784db6b7cc55366d048f16f6473a268b90a1c9b9c612f88bed9008308b11e47d79329cbefc3f313863eff4a16e6a70c41a296d3042a1164d0578297642ec82da1f92dfaa6a67ff9cfcd1b3e88fc442246a303a0e539ce65ad6fcb6d8657937cd88d4c30fd369f2bef0308f5db8824919139b25f82f56e24ef4cf1feda07c3bef9dd215575ed774dc05603f4664332c7b002c48d873bf1ebec930a273efc78dafe153f7eba9161002ca9a8fa855bc357f3a67810fc081b9ae9b4f69401ef93d039c7c1398fa8c9eeb1ce001e08e9231ce2c2beacdafe2955d4056e18d4d09ed22a996666d4df5ca91c37663bb54eb42fe39712736fa0e64ad4f8ca843fe52702c9ae48e60a3f5eac160f58ff3cb80684120845b9e34bc1aecb19662b1a429926ae351d004eca1d367fcb34facbeb2184716c5140a7e420c7f4379b0c43ce872b62723a587d9ad528c2aabf158cefa2df3422203b5cc73e9443825089527700b69a2331e0558a9b1e9d3e69a59896e6cf4df46b41a8cbb0e598a874fc23b16a6eda6eafde02451f0255ff9e6d1bd007c86dee8b6ae875752415b8057b916a3fe7b35cfcf7d38a50e461f1fc1d6a4541ba4079e1f21d0ea2a5ce4aad561215a1d75a2599c757cd6025753fc0578e4b7f4195ad025c46d50c5c351af1ce1e8f8c35439c8598293cd59d2e90a1445497b0249a314379dd13e95f00f2d8240190da9e12adbdd809b1a96900054db156d2893f7998aca02c86f61478a9b21e9e11a6f4b9f7f382243739e492e9048ed9c7b0b8118d966c0f41709abd171873c498a3168639bb2451e0f65e93755fc9cbf3b996ed0873a8256a579372146c3a1e749a9a640f8e9c01af2d0fdd34f2b5fcf4e0bac0b7becd41851359f89dc17156b6ddbd6377c05a059cde362397f28ae2cbbdac107142b40913aaf059d897039ce3fda8c29ae93210676e44f131f78e78d68d858bb7fde230a2f0fd542c5e8374fdc11a488da9de28bc3992a8d74089de36a732110c841bbdc5f24f71663d9a5f5209791fb7027749be23cdb3380f581151563d3707290cd31b28c13139b8e041cd72af3ad9b0fd0b3f131608a8ec5d80c4e7cd458abebae0244c921ef69a4ea0e9a2c2073bd13b49f574a7e278c7ba08c22d89b678a3cd814e8d0dea0101d95f789ada5178f46a4c6beb8dd12352cec179c886ae98ac2bc4382acb565df99eaff3f6824536ef7de884176ea3ca14a9f225f8ada2aac871e7c35df92943600cf7961b8eefdeb70d985fbc93252c978c5c773b4f2ab4b7683e2563d36ebfa4355969f6201e4bcac04ede3c6c9a18ed23f23ec331cbe2d645fa4ffcb2c742ba4905788c27a9bc97536dcbc08d3cbdd2f7195acc0f0eb3cf52aad9a1d23a1dd3633a49a482a1c1eb8761dcc7474f0fd4596a661b7668ab22ebecbfe33886b9b4a0c250380a9a34fefd9724ff89b32e5622258287b3281bcccd0bade4e260b6fefe73219c41f2de521587404ac1d2de4e2999202b3870099718115552aac2d446e649", 0x1000}, {&(0x7f0000000080)="253c10cd0a56ebbb9e8b465670109c340c95f1d27d36cbeb7fa948545e9b18da346b70b5dc78a12ad1a30e4f7038336f1af1d61b0409988f1755e9b3ba9919b2a4952ceda920f5f0e22dd247d4a74f2d1c854bc64f09f979aa3e9f5c25ff8ec189e5d809483583f648cd8870691200e428d5dcae697fa5a1e48df472ebb098aeb32e4049eba9f92be1ef1b6609f2b91c449dca240f", 0x95}, {&(0x7f00000024c0)="2ba671ae8107530b978dd82841597ed8f4275ed9e6b9f7b73ee6324ddf688ad9d88125b82afd2e28aef7183086ce0dd4ee880fc56a2ca8b52ef8f5b5f3e475f49b0bcd201fe612703d680fdd1151dd32535b04d4697d472c7750d6c4c197162e9f872253b611b1ca20e79dcf40d1faf58a453f8db9a03fdd351b54ad4e77fa0fda7990bb281079ae7ba3994aef7380e1d6342305e2d12c57379fd12e784f48e4e832171df4576c8724e3bfd70ebc92fc11914cd4", 0xb4}, {&(0x7f00000025c0)="96cb9dfd0c61d5ed863c5a35109d427201da53416c37631f95451a170fdb734214157996b04630903a7ad20aca669b5120871c47c6ef4e5975222b9676223895144ae5c2898ba0e94642e43e374bf9515c7e840e62021f25181401bda4c4d2d77867390c0a05af019adabfe896d7824f0dcb1724c64da40478808059ea83fa60145e108809ca25edf6ab820f23a5ce2b1779aa8c037a26d99df56f39ff5beca1c1e0cbfd69e415971a02f5115f6da0ba6da9be9772efa870aa6b62774ce009e7bcca4b4a7a910aab97e7f3da899eaaf573ac8a926a7be9b5875b3bb707ae9124ead39e70948bcf654b6b4342043f756323494e4ec559866c5a480c3b156c0427f1cc1d373b77424ea38e3697e36dcefd261575e5516bfcedc7baa8cbebed0ce49dd27e6291dd6f968eaf37f13313ba0bd22b6a63496be04a42df10fef87386434103b5ef819a969e8792a7765dc52c310fbe89851eaf8b2eabcf27bd487f817d48a54b0c7e8b151f0941a6f4adcf6a4486f96f8d18a2928829db333ec08bffe029f4840fdc0433d75157e80b33c3041f193e5c3fb1b7c13d1d7d7a8fe3122ddef181a6534232731c8f91dae42d9a66b9c2e0c6de6da74c24752b53d344b3c9a48ed62705c3e93f7e346c0379a6ec672b3a73dcfc159a79a77bd7b9edd013e3e9832d4dca6f9f973d63d5d235c7e22822e012e4181e102e68b03bdec323db739968061a7ba6fcf9589bd2975520fe9f1b44e52489bf5f5b0125b14bc894f4ff1ad2ba817dad6ab1654a2cacce1cc5160ea4bf3d7011cbf16ad0389b6511448c4186da0a7a55be54031a6d2773ac33aab5d533e7bb213309193f2ca3970e8fffc2fdacbc96e6f49c116b0505385a8bf282589be6b844e2aaaa652459b5d021127f59009020d34932cd03fbe5fea45bdc1f68463c4afe2b5ea8f97dee5e2e6b58196aff00e5ca51a0087f02bcb1dbdd638a5c7590095561578c30904f7ea80072de21fcedd0e41da8e7fe3514eaabc603d770a6fbed5367edb7feb5c5edfda04c7b8a4bfce5c73b876f52fde7dc929f3ffa632eb9514596793533d20fd191b484e902ab104dfc34a8486ba64d3e31c495e043279d8d6b4e6ca3c3fd4ae43529e55be690309e1bc90af2e9188cd5673eea73c75d4decf8972039c086e4b47caee900e1422fd2fbe0303dd5147a9fa487a7b08ad529d0d3db2bae4b26a83de0b15b9b82f26b23336481aca875c48605dc8d25d872920d01e2e163cc13d1f026666f8f54d6fe7895b47939599d168dc98a2de4aac463d98cb39375ac13fadd722b9f1e221d35bde594c9e53aa0f34b235a9d68d8f4841f9455804cd8a7bf05315c5bab2fa8820e956a8161cdd685fc4e1344f9d89189057376a5d1c23273d475aaa72ccbf4b5d8f2863f3f0fe7c0f8b001c065bae68aad9d8878a5edcd8dcbeec07d317c0a81fc84b8b208c60db73c6cf86d46cac98a7df449581d74be7991f1fa6924b76a2d6077aacca10fc777f0d09c5420cfc38c4638957086c9a2065ce94a286da01527bd8b8fd5830f93bcab97a4d0ca13c55b4ee32a49e078b4d79e7b17200fb6a550cfcccd33c681e37bc83c7fcda081a67c2a828e65a75df33e587a05f75fe05aef4078b3482c9078e2edb63c74134f92461044871e4a71f40228d156cbb3beb53eb898e0b6ade2d486a7111ce074510ad957f0eeae0812dd3802db231d9a15948a6b133167eb51dde0199023dfb3471661c7f13f14e786278c551d60929ef969b15d4ea544a9cda830183052ca1072083fb304502f38bcfd46ef64091a2a64bacc55ff3e91f8a7a97f69a9524bdaa60c14d75ddb44e399158c603cded78f42b79a6e9b9c30575289a92558f4d1d9cbb35780c86462cb56d5b474901c17df6ccba95481c004c384b17f99fb29458c9c59666c5305c508561e654d5f1b8ed375231358828b73b487c5f3096211f863375333bb1d3970f7c4cbc7b0f122dbb330b24498f38d804ec0e9c8a5976578bfbc2e46e8d898ec08b3742d5f9ba03d56567f6541f075c4f45eec94a6af78065689e8851294c48f02d48b1266586db86266bd2d0cbb729b567ed7643edf6849f50ca7a28b4ef59433ff22ce0680ffb3348a458ff77b6a796e849cb456df4b443d625d423d10e21bf0bcc785a243cf70ed2ea7c52548cd366ad9af486a4a0171f21ee9d961aa808a69a066aeb0c605fe7a83291ba942df3d11ba1e12da7381d7af20ccbd0de5416ef389c65d1fd0ff209dce808c490707a371b317ce65765082d1c5f67846ddfa65f291117d6e5a795ac2961d56eb24060d8b160d5bd146cd61589c00a108a1dba9e8730157e403cc35b0cd64b3aa66eada80be3bbb974d4642aa76bdf87c2d63134af1c646b1f0bfd218d4e4ebd277ad1cfc9b6f20c4036c6a511cb1ce486c3a563ca9368b10bed088bcfcdab752e0c78a10e550544ee6250d3908e3e7b09b2119f94abc2fdf43d7c82a4ffce81a3f962124ace1108443f41202c6d055d37e99b4eb6287c485acabff03f3a115db1ec790fdc5436e97bf2443c2f707ffb513f6d6494812b2238d679c8787a854ec92126bdc4681803ed4a5b84590e4f00ce956c6c3394773303b0620d118d2290cb229ea3b9bb9de8d719a0f92a50d34909a363f5f6ff906326f917be78c914c78846ef30c9b107b26c0a55401ceabf5b3c669eaa7a1a36d97b01d5da410366e3da5d232fb711d26afd9d4a5016425e47c0ec9b6305673af4cb46526af752011793c322797fb706042da364b6e723b513fd73db6721b00bd80e0923fe075300951d4dfefdd029c3fed21b734bf102f96d58b50bf4edcad014670c2d93eeb4d7bda3d1b70d9e21262c644bb96855895e4c0b32c9ed599d940ac24814b69812c124648428e13d7f72d74feb30288eb78b4a99fadc96589d8a9c7047787aa802514ba28af4d5520ac50928cd75ca92e2934a2e126456bfe1587003e87d9428b1fdb6b7662c44a5fee9d537b7f43822e5b103aeece1aa603215c215de2873e3a6b327c5ed0a0190fb7645034e1839ad165f3f7f80fd793734ac1412bbe20d82aea543792047ba5c5b37ee11988cd7e71cd43547e13c6bbc1ce3cf6aff9727381f06feb83b23b694724d9259d3736eba6ee66ee73a224b8a978debbbc35f8e28cc8267646e5c8cd8076d2044d41eadce01738ab2c7dc763de5a8042b957680223c4d9fdbf65d17e8998444e8db36c50fbe3c9a83e506661a029c4538617d46b6a43675c6dcf283a45b99e44188fd2681a50747e819e7f37496207ec448670fe62a3cb94712abeafb5dd2690ec12b18f8d67d5b0db41a897124f8b94695501aba517447338034bf14d0f99cbf5518aa013e1f35a052b4d27d1247349ff7a83362444372f017fcbdfe972b91c46a0a57f4639204673341ae92bc2dbf2b8d1680b432552850964eb1e14f38995e7e404b1bd1bf63d8d58c7b4ec38e3b9e73959e6509ad9f67d684f62759f5cae90bf8c1781b5800922c312aa634e5748b6181fc37df267eb5c66afc0c9249f9f601136c78d817beddf308c6970ee0e8221abe6fa124f55de7e5e78398004095a175f58cc270840e8c6759627f139e4f9b3b362e2700c5d06da66e862d1016c9f89d18646a6bb823f992342433b03397ed7586f489824a1495d707c81d3885029a47845802ef97856e530789a5cb7239752c6509cdd094212cb4b1b8baa7416cf5000db59418ad7f7a0d7d8e4cb8ebbbe4c40ba0ccc25283b9c933e251fff9871fc01026fafd8eed7ddcbe454b79339be93cd4b25a55af449f5c0893a957c5468c9147a973478c834ac4ecfea339cf3", 0xa9b}], 0x7}}], 0x4000000000001f4, 0x81) (async)
getsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, &(0x7f0000000000), &(0x7f0000000900)=0x4)
sendmsg$NFT_MSG_GETTABLE(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)=ANY=[@ANYBLOB="14200000010a010300"/20], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x4014) (async)
recvmmsg(r4, &(0x7f000000a900)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x4002, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syz_tun\x00', <r6=>0x0}) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0)

2.423847934s ago: executing program 2 (id=2725):
socket$kcm(0xa, 0x3, 0x87)
unshare(0x6020400)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6)
write(r0, &(0x7f00000002c0)="03feba85", 0x4)
r1 = socket$inet(0x2, 0x80002, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000140a01020000000000000000000000060c00064000000000000000040800034000ffff08140000001000010000000000000000000084000a"], 0x50}}, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @broadcast}, 0x10)
syz_emit_ethernet(0xde, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000010486dd6000000000a887000000000000000100000000000000000000000000013b1416000000008cd70000ec245d081e243e6485e83942812d"], 0x0)

2.24403979s ago: executing program 3 (id=2726):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[], 0xf0)
sendto$inet6(r0, &(0x7f0000000040)='\x00', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c) (fail_nth: 15)

2.241947804s ago: executing program 1 (id=2727):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f00000002c0)='\a', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xe0ffffff00000000}, 0xa}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newtaction={0x18, 0x30, 0x1, 0x70bd28, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x68, r4, 0x400, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x800, @media='udp\x00'}}}, ["", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x44841}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000080)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd0af4adf700102c00fe800000000000000000000000000000ff0200000000000000000000000000013c40"], 0x0)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x1, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x24000050)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

2.201002111s ago: executing program 2 (id=2728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e00000000000000005b0e1e496db61415478eed08f3729cb917af9a1b22a6099b8fc8d616bc655a5f1191a6a33f1ad6b3c2ffbc8fd6884400dc3941f6e4cc7eee4fb3a4b8d90a3bfc0eac7e0cdec6cb37a25f0ddd38436cad0d9e0d0eeacefd0ff873cfd28e8dc227831f019cf269558c8ba0565caf1e2cab66d996410a4c277256d75f93bad74cc663f014e99b2ad307f9e57be07af8032fb919a79f80bcdb152be6a57008e6cf0be8edf1a1851f05a9c89eb5ec6feeebadcd11244c34e727e10af3d18508fa9945da32ac24cf678d150a5d73c6b7107eb4595f71cab6a6602f693f2f442115999d310b614898051fc6c408dc81032300"/258, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000918110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, 0x0, 0x43)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "89b06aff130000fd"}, 0x38)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000019600)=[@ip_tos_int={{0x14, 0x11a, 0x1, 0x2}}], 0x28}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x10, 0x5, 0x0, 0x1, @payload={{0xc}, @void}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x9c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x5c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME={0x3e, 0x33, @reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, {0x5}, @broadcast, @device_a, @initial, {0x5, 0x2}}, 0x1000, 0xf, @default, @void, @val={0x2d, 0x1a, {0x8000, 0x3, 0x0, 0x0, {0x10000, 0x1fff, 0x0, 0x19e, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x400, 0xfffff800, 0x4}}}}]}, 0x5c}}, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x3c, r5, 0x4, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x29}, @val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'rose0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000001800010000000000fddbdf251d01050008000a00", @ANYRES32, @ANYBLOB='\b\x00\t\x00', @ANYRES16=r4], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x400c010)
recvmsg(r4, &(0x7f0000000200)={&(0x7f0000000000)=@isdn, 0x80, &(0x7f0000000080)=[{&(0x7f0000000280)=""/180, 0xb4}], 0x1}, 0x21a0)

2.103022833s ago: executing program 4 (id=2729):
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58) (async)
r2 = accept4(r1, 0x0, 0x0, 0x800)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
pipe(&(0x7f0000000140))
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0x29e9c934, 0x3, 0x0, 0x4}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x40, 0x7, 0x48, 0x1}, {0x28, 0x4, 0x76, 0xfffff038}, {0x6, 0x25, 0x3, 0x207}]}, 0x10) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r4)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="2605b82816edff5b5d91980f1200010a00000000000010000a0000d5f9c7b560e9f6f628094796f4510a29379c24cddebd9f5400f000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x200c0801}, 0x0) (async)
unshare(0x2040400) (async)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @any, 0xfffe, 0x2}, 0xe) (async)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x2, &(0x7f00000000c0)=[{0x40, 0x8, 0xfe, 0x9}, {0x6, 0x0, 0x0, 0x8eb6}]}) (async)
writev(r0, &(0x7f0000000380)=[{&(0x7f00000001c0)="3414", 0x2}], 0x1) (async)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000280), &(0x7f0000000200)=0x10) (async)
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000028c0)={0x0, 0x28}}, 0x0) (async)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_udplite(0xa, 0x2, 0x88)

1.995960229s ago: executing program 0 (id=2730):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x34, r1, 0x431, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0x34}}, 0x0)

1.704357013s ago: executing program 3 (id=2731):
unshare(0x2a020400)
socket$xdp(0x2c, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x139042, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000000c0)={'wlan1\x00', &(0x7f0000000080)=@ethtool_stats})
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$sock(r5, &(0x7f0000003640), 0x0, 0x20040059)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000000c0)={<r6=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x14)
socket(0x1d, 0x2, 0x6)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x85, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x3}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000840)={r6, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

1.673448782s ago: executing program 0 (id=2732):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000004c40)=ANY=[@ANYRESDEC], 0x14}, 0x1, 0x0, 0x0, 0x20008004}, 0x20004000)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x303, 0x36}, "f1ff5ef2fe010017", "9e8ecc7bb5352776725e1047711330ff2bb17b5508000000000000009bc400", "dc5d3f00", "46b0dc72b7b1d30e"}, 0x38)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa, 0x490}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0xa7c, r1}, 0x38)
unshare(0x4a020000)

1.587677697s ago: executing program 2 (id=2733):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@fallback=r0, r0, 0x2f}, 0x20)
close(r0)
close(0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000325bd7000fbdbdf25050000000c000980080002000300000028000280080001"], 0x46}}, 0x4004)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0xa0, 0x30, 0x51b, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x7fffffff, 0x0, 0x0, 0xfffffffd}}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x6}]}, {0x4, 0x14}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x6}}}, @m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0xa0}}, 0x14008004)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100002e00010000000000fcdbdf250801f2800c00180008ac0f0000000000140001"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1.520134161s ago: executing program 4 (id=2734):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0, 0xfffffffc}, 0x1c, &(0x7f0000000300)=[{&(0x7f00000006c0)="b3", 0x1}], 0x1}}], 0x1, 0x44)
listen(r0, 0x100101)
unshare(0x20000400)
r1 = accept(r0, 0x0, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000003540)={'nat\x00', 0x0, 0x0, 0x0, [0x6, 0x12900, 0x100000001, 0x9, 0x2, 0x26], 0x0, 0x0}, 0x78)

1.364411675s ago: executing program 4 (id=2735):
r0 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2717, 0x0, &(0x7f0000000080)=0xf0ff7f)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@typedef={0x3}]}, {0x0, [0x30, 0x0, 0x5f]}}, 0x0, 0x29}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f0000000580)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x8, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x9, &(0x7f0000000000)={0xfffffffe}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)

1.261435139s ago: executing program 2 (id=2736):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00000068000100293d7000003d004d7e2a36000000000000000000"], 0x1c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYRES64=r1], 0x7c}}, 0x0)
r3 = socket(0x28, 0x1, 0x0)
connect$packet(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014008000008080002"], 0x1ec}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)={0x40, r5, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}]}]]}, 0x40}}, 0x40048a4)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000400)=[{0x2d, 0x0, 0x0, 0x6}]}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'veth1_to_hsr\x00'})

1.260434551s ago: executing program 1 (id=2737):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) (async)
sendmsg$SOCK_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="280100001500000428bd7000fcdbdf2506041900010002d0d127491a75a47477a1f34d628637506263f6b7000000290001009f5ce2486d2c74bcbcaf108e9d697b6b6cd28e2c4f637698d8a401494ad41e0ca099f703670000000900010001e3ea955e000000be000100bafe5df468f0a5aafe2659c02f4866ac9721c5cac1958ca5ee2d98ddff2643f651dd2d5873b590a5c215226c2715377390b43baf6deb6c5a260242fafcdc08bfc192040cd7f4ab90d163120e317489b37376df4954503445276870f24e2c8a131da9416fa22f76032e597311d56e7f570eb414c9f65c4f462df35e536bf5bcf180657827972efd4c537dd291a12c7200d02c2df87c68fef57ac57f850a9c221dd92f0360382ae3e37d0e632a25442b5dad44ff3e9097ac2bce5600000000"], 0x128}}, 0x80c0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async, rerun: 64)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0) (rerun: 64)
syz_emit_ethernet(0x68, &(0x7f0000000480)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa0008004520005a00640000972f90cc"], 0x0) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c0000000104e95463160000000000000000000f0500010001"], 0x1c}}, 0x54) (async)
close(r2)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x10, 0x5, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x47}, [@cb_func={0x18, 0x7, 0x4, 0x0, 0x6}]}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
ioctl$sock_rose_SIOCRSCLRRT(0xffffffffffffffff, 0x89e4)

1.135913849s ago: executing program 4 (id=2738):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, &(0x7f0000000340)=0x62)
socket$kcm(0xa, 0x3, 0x87)
syz_emit_ethernet(0xde, &(0x7f0000000880)=ANY=[@ANYRES8=r0], 0x0)

1.065372691s ago: executing program 1 (id=2739):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth0_to_bond\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x9}})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80000001b0001002dbd7000fddbdf25ffffffff000000000000000000000000000000000000000000000000000000004e2200004e2300010a00008032000000", @ANYRES32=0x0, @ANYRES64=r1, @ANYBLOB="00080000000000000500000000000000f8ffffffffffffffff010000f2ff00000100000000000000010000000000008009000000000000000000000080000000010000000051a100010100000000000004000000000080000700000000000000000002030000000029"], 0xd8}, 0x1, 0x0, 0x0, 0xc040}, 0x8010)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x0)

909.069853ms ago: executing program 4 (id=2740):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="600000000206050000000000000000000000000105000100070000000900020073797a300000000014000700080006000000000008001340000000000500050002000000050004000000000011000300"], 0x60}}, 0x0)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x34}}, 0xc800)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r0, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)

908.385875ms ago: executing program 1 (id=2741):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_WIPHY(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x2c, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x6}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x6}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15e0}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x1800)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x8, @loopback, 0x6}, 0x1c)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000240), &(0x7f0000000380), 0x500}, 0x20)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000200)=0x8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c00000044000701fcffffff00000000017c000038000480312d", @ANYBLOB="4595d27c", @ANYBLOB='Djw@'], 0x4c}, 0x1, 0x0, 0x0, 0x4c0c0}, 0x8090)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000440)={r5}, &(0x7f0000000240)=0x8)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r9=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0620", @ANYRES32=r9, @ANYBLOB="24002f800c000200000000000000000008000100000000000c0003800800010000000000"], 0x40}}, 0x44040)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="2e00000010008188040f80ec51acbc0413a1810039000000000bf0ffff2101000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x4)

836.631824ms ago: executing program 0 (id=2742):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x9b69}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x600}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000007, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f0000001cc0)) (async)
pipe(&(0x7f0000000480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x11000) (async)
pselect6(0x40, &(0x7f0000000100)={0x2, 0x0, 0xfffffffffffffff8, 0x0, 0x1, 0x10}, 0x0, &(0x7f0000000240)={0x1f, 0xc, 0x715, 0x8000000000000000, 0x0, 0x80000000000000, 0x800, 0x20000}, 0x0, 0x0) (async)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) (async)
r4 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x1412, 0x8, 0x70bd26, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x8851}, 0x40000) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x20043, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, r5}, 0x38) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x440}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

651.843388ms ago: executing program 4 (id=2743):
socket$inet6(0xa, 0x80003, 0xff) (async)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000), 0x0) (async)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$alg(r1, &(0x7f0000000040), 0x1, 0x48004)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) (async)
bind$unix(0xffffffffffffffff, 0x0, 0x0) (async)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)=@o_path={&(0x7f0000000080)='./file0\x00', r0, 0x4000, r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="500000000102010800000000000000000a0000003c0001802c0001761400030000000000000000000000ffffac1e000114000400fc0200000000000000000000000000000c0002800500010000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) (async)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty, 0x36}, 0x1c) (async)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4) (async)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ffffffffffffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28) (async)
shutdown(r5, 0x1) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000000), 0xffffff6a) (async)
sendfile(r5, r6, 0x0, 0xffffffff004)
close(0x3)

552.044487ms ago: executing program 0 (id=2744):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f00000000c0)={'b', ' *:* ', 'rm\x00'}, 0x9) (fail_nth: 1)

202.782025ms ago: executing program 0 (id=2745):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0, 0xfffffffc}, 0x1c, &(0x7f0000000300)=[{&(0x7f00000006c0)="b3", 0x1}], 0x1}}], 0x1, 0x44)
listen(r0, 0x100101)
unshare(0x20000400)
r1 = accept(r0, 0x0, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000003540)={'nat\x00', 0x0, 0x0, 0x0, [0x6, 0x10000, 0x100000001, 0x9, 0x2, 0x26], 0x29, 0x0}, 0x78)

194.206195ms ago: executing program 1 (id=2746):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee9, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000001180), r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000011c0)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000001200)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xc}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x44000000)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r4, &(0x7f0000000040)={0x1f, @fixed}, 0x8)

0s ago: executing program 2 (id=2747):
unshare(0x20000400)
unshare(0x52040800)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x82, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES64=0x0], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9451d33767d3dfcd, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000000)={0x400, 0x1}, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r4 = socket$inet6(0xa, 0x80002, 0x88)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000200), 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)=@un=@file={0x0, './file0\x00'}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x28}, 0x20008000)
connect$inet6(r4, &(0x7f0000000380)={0xa, 0x4e22, 0x3, @empty}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r4, 0x29, 0x1, &(0x7f0000000140), 0x4)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r5, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
getpid()
sendmsg$netlink(r6, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r7, &(0x7f0000000800)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000680)={&(0x7f0000000780)={0x44, 0x4, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0xc080}, 0xe821651e0a1b45fc)

kernel console output (not intermixed with test programs):

easing backup interface
[  330.030405][T13368] team_slave_0: left promiscuous mode
[  330.075650][T13368] team0: Port device team_slave_0 removed
[  330.082848][T13368] team_slave_1: left promiscuous mode
[  330.099956][T13368] team0: Port device team_slave_1 removed
[  330.146356][T13375] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  330.285451][T13384] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  330.376610][T13386] siw: device registration error -23
[  331.766849][T13419] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  331.785768][T13422] netlink: 'syz.1.1788': attribute type 1 has an invalid length.
[  331.904013][T13422] smc: adding net device bond0 with user defined pnetid SYZ2
[  332.088473][T13426] bond0: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  332.193229][T13422] bond0: (slave ip6gretap1): Releasing backup interface
[  332.426794][T13437] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  332.815420][T13448] bridge6: entered promiscuous mode
[  333.425001][T13461] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1798'.
[  334.848082][T13478] netlink: 452 bytes leftover after parsing attributes in process `syz.2.1801'.
[  334.975688][T13479] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  334.989699][T13479] batman_adv: batadv0: Adding interface: ip6gretap1
[  334.996646][T13479] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.061159][T13479] batman_adv: batadv0: Interface activated: ip6gretap1
[  335.069598][T13482] netlink: 'syz.4.1803': attribute type 1 has an invalid length.
[  335.112071][T13472] Cannot find del_set index 4 as target
[  335.380335][T13485] 8021q: adding VLAN 0 to HW filter on device bond2
[  335.424220][T13485] bond1: (slave bond2): Enslaving as an active interface with a down link
[  335.892350][T13500] 
@ÿ: renamed from veth0_vlan
[  335.959980][T13499] bridge0: entered promiscuous mode
[  336.254452][T13504] syzkaller0: entered promiscuous mode
[  336.268248][T13504] syzkaller0: entered allmulticast mode
[  337.353890][T13522] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1812'.
[  337.363747][T13522] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1812'.
[  340.435432][T13469] Set syz1 is full, maxelem 65536 reached
[  340.526575][T13524] !
: renamed from dummy0 (while UP)
[  340.769862][T13554] netlink: 'syz.1.1818': attribute type 1 has an invalid length.
[  340.910886][T13559] 8021q: adding VLAN 0 to HW filter on device bond3
[  340.930474][T13559] bond2: (slave bond3): Enslaving as an active interface with a down link
[  341.951922][T13583] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  341.979192][T13583] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.991457][T13583] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  342.034543][T13586] pimreg: entered allmulticast mode
[  342.042459][T13586] pimreg: left allmulticast mode
[  342.334251][T13583] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  342.355306][T13583] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.371217][T13583] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  342.543206][T13583] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  342.554419][T13583] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.571860][T13583] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  342.704182][T13583] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  342.715999][T13583] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.730652][T13583] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  342.931984][T11525] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  342.943093][T11525] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  342.991050][T11525] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  343.025179][T13599] netlink: 'syz.3.1828': attribute type 1 has an invalid length.
[  343.034088][T13599] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1828'.
[  343.061140][T11521] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  343.076431][T11521] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  343.093233][T11521] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  343.153198][T11521] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  343.165403][T11521] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  343.174596][T11521] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  343.254845][T11521] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  343.267852][T11521] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  343.276246][T11521] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  343.659079][T13618] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1835'.
[  343.728493][T13618] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.1835'.
[  343.915007][T13622] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1836'.
[  343.973408][T13621] smc: removing ib device syz2
[  344.237147][T13639] FAULT_INJECTION: forcing a failure.
[  344.237147][T13639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.370195][T13639] CPU: 0 UID: 0 PID: 13639 Comm: syz.3.1841 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  344.370245][T13639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  344.370268][T13639] Call Trace:
[  344.370282][T13639]  <TASK>
[  344.370298][T13639]  dump_stack_lvl+0x189/0x250
[  344.370343][T13639]  ? __pfx____ratelimit+0x10/0x10
[  344.370367][T13639]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.370393][T13639]  ? __pfx__printk+0x10/0x10
[  344.370423][T13639]  ? __might_fault+0xb0/0x130
[  344.370467][T13639]  should_fail_ex+0x414/0x560
[  344.370496][T13639]  _copy_from_iter+0x1db/0x16f0
[  344.370528][T13639]  ? rcu_is_watching+0x15/0xb0
[  344.370556][T13639]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  344.370589][T13639]  ? __pfx__copy_from_iter+0x10/0x10
[  344.370619][T13639]  ? __build_skb_around+0x257/0x3e0
[  344.370646][T13639]  ? netlink_sendmsg+0x642/0xb30
[  344.370661][T13639]  ? skb_put+0x11b/0x210
[  344.370681][T13639]  netlink_sendmsg+0x6b2/0xb30
[  344.370712][T13639]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.370731][T13639]  ? aa_sock_msg_perm+0x94/0x160
[  344.370749][T13639]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  344.370766][T13639]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.370783][T13639]  __sock_sendmsg+0x21c/0x270
[  344.370809][T13639]  ____sys_sendmsg+0x505/0x830
[  344.370833][T13639]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.370860][T13639]  ? import_iovec+0x74/0xa0
[  344.370884][T13639]  ___sys_sendmsg+0x21f/0x2a0
[  344.370911][T13639]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.370981][T13639]  ? __fget_files+0x2a/0x420
[  344.370999][T13639]  ? __fget_files+0x3a0/0x420
[  344.371030][T13639]  __x64_sys_sendmsg+0x19b/0x260
[  344.371052][T13639]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  344.371079][T13639]  ? __pfx_ksys_write+0x10/0x10
[  344.371104][T13639]  ? do_syscall_64+0xbe/0x3b0
[  344.371126][T13639]  do_syscall_64+0xfa/0x3b0
[  344.371143][T13639]  ? lockdep_hardirqs_on+0x9c/0x150
[  344.371159][T13639]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.371174][T13639]  ? clear_bhb_loop+0x60/0xb0
[  344.371192][T13639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.371207][T13639] RIP: 0033:0x7f08a7f8e9a9
[  344.371220][T13639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.371233][T13639] RSP: 002b:00007f08a8e3d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  344.371250][T13639] RAX: ffffffffffffffda RBX: 00007f08a81b6080 RCX: 00007f08a7f8e9a9
[  344.371261][T13639] RDX: 0000000020040040 RSI: 0000200000000580 RDI: 0000000000000004
[  344.371271][T13639] RBP: 00007f08a8e3d090 R08: 0000000000000000 R09: 0000000000000000
[  344.371280][T13639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  344.371289][T13639] R13: 0000000000000001 R14: 00007f08a81b6080 R15: 00007ffc506af458
[  344.371313][T13639]  </TASK>
[  345.066224][T13644] syzkaller1: entered promiscuous mode
[  345.072858][T13644] syzkaller1: entered allmulticast mode
[  345.356005][T13656] 8021q: VLANs not supported on wlan1
[  345.505239][T13665] !
: entered promiscuous mode
[  345.521211][T13665] macsec0: entered promiscuous mode
[  345.526691][T13665] macsec0: entered allmulticast mode
[  345.537094][T13665] !
: entered allmulticast mode
[  345.572818][T13665] !
: left allmulticast mode
[  345.585393][T13665] !
: left promiscuous mode
[  345.808431][T13666] !
: entered promiscuous mode
[  345.835824][T13666] macsec0: entered promiscuous mode
[  345.873499][T13666] macsec0: entered allmulticast mode
[  345.883068][T13666] !
: entered allmulticast mode
[  345.936382][T13666] !
: left allmulticast mode
[  345.942144][T13666] !
: left promiscuous mode
[  347.134796][T13702] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1853'.
[  347.209049][T13702] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1853'.
[  347.342520][T13709] FAULT_INJECTION: forcing a failure.
[  347.342520][T13709] name failslab, interval 1, probability 0, space 0, times 0
[  347.394030][T13709] CPU: 0 UID: 0 PID: 13709 Comm: syz.1.1854 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  347.394063][T13709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  347.394076][T13709] Call Trace:
[  347.394085][T13709]  <TASK>
[  347.394095][T13709]  dump_stack_lvl+0x189/0x250
[  347.394127][T13709]  ? __pfx____ratelimit+0x10/0x10
[  347.394152][T13709]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.394178][T13709]  ? __pfx__printk+0x10/0x10
[  347.394211][T13709]  ? __pfx___might_resched+0x10/0x10
[  347.394237][T13709]  ? fs_reclaim_acquire+0x7d/0x100
[  347.394263][T13709]  should_fail_ex+0x414/0x560
[  347.394292][T13709]  should_failslab+0xa8/0x100
[  347.394326][T13709]  __kmalloc_noprof+0xcb/0x4f0
[  347.394357][T13709]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  347.394396][T13709]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  347.394437][T13709]  genl_family_rcv_msg_doit+0xb8/0x300
[  347.394476][T13709]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  347.394510][T13709]  ? rcu_is_watching+0x15/0xb0
[  347.394540][T13709]  ? apparmor_capable+0x137/0x1b0
[  347.394573][T13709]  ? bpf_lsm_capable+0x9/0x20
[  347.394608][T13709]  ? security_capable+0x7e/0x2e0
[  347.394640][T13709]  genl_rcv_msg+0x60e/0x790
[  347.394678][T13709]  ? __pfx_genl_rcv_msg+0x10/0x10
[  347.394706][T13709]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  347.394728][T13709]  ? __pfx_nl802154_add_llsec_devkey+0x10/0x10
[  347.394754][T13709]  ? __pfx_nl802154_post_doit+0x10/0x10
[  347.394794][T13709]  netlink_rcv_skb+0x208/0x470
[  347.394815][T13709]  ? __lock_acquire+0xab9/0xd20
[  347.394838][T13709]  ? __pfx_genl_rcv_msg+0x10/0x10
[  347.394870][T13709]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  347.394918][T13709]  ? down_read+0x1ad/0x2e0
[  347.394949][T13709]  genl_rcv+0x28/0x40
[  347.394981][T13709]  netlink_unicast+0x82f/0x9e0
[  347.395026][T13709]  ? __pfx_netlink_unicast+0x10/0x10
[  347.395063][T13709]  ? netlink_sendmsg+0x642/0xb30
[  347.395084][T13709]  ? skb_put+0x11b/0x210
[  347.395115][T13709]  netlink_sendmsg+0x805/0xb30
[  347.395150][T13709]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.395179][T13709]  ? aa_sock_msg_perm+0x94/0x160
[  347.395205][T13709]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  347.395228][T13709]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.395253][T13709]  __sock_sendmsg+0x21c/0x270
[  347.395291][T13709]  ____sys_sendmsg+0x505/0x830
[  347.395351][T13709]  ? __pfx_____sys_sendmsg+0x10/0x10
[  347.395391][T13709]  ? import_iovec+0x74/0xa0
[  347.395427][T13709]  ___sys_sendmsg+0x21f/0x2a0
[  347.395459][T13709]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.395532][T13709]  ? __fget_files+0x2a/0x420
[  347.395551][T13709]  ? __fget_files+0x3a0/0x420
[  347.395585][T13709]  __x64_sys_sendmsg+0x19b/0x260
[  347.395623][T13709]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  347.395663][T13709]  ? __pfx_ksys_write+0x10/0x10
[  347.395700][T13709]  ? do_syscall_64+0xbe/0x3b0
[  347.395731][T13709]  do_syscall_64+0xfa/0x3b0
[  347.395755][T13709]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.395779][T13709]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.395801][T13709]  ? clear_bhb_loop+0x60/0xb0
[  347.395828][T13709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.395849][T13709] RIP: 0033:0x7f967c58e9a9
[  347.395869][T13709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.395889][T13709] RSP: 002b:00007f967d433038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.395912][T13709] RAX: ffffffffffffffda RBX: 00007f967c7b6080 RCX: 00007f967c58e9a9
[  347.395927][T13709] RDX: 0000000020040040 RSI: 0000200000000580 RDI: 0000000000000004
[  347.395942][T13709] RBP: 00007f967d433090 R08: 0000000000000000 R09: 0000000000000000
[  347.395956][T13709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.395968][T13709] R13: 0000000000000001 R14: 00007f967c7b6080 R15: 00007ffdb2554888
[  347.396003][T13709]  </TASK>
[  349.269227][T13751] netlink: 'syz.2.1865': attribute type 39 has an invalid length.
[  349.724238][T13774] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1870'.
[  349.734127][T13774] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1870'.
[  349.745003][T13774] netlink: 'syz.4.1870': attribute type 15 has an invalid length.
[  349.764451][T13774] netlink: 'syz.4.1870': attribute type 18 has an invalid length.
[  349.883423][T13778] FAULT_INJECTION: forcing a failure.
[  349.883423][T13778] name failslab, interval 1, probability 0, space 0, times 0
[  349.899182][T13777] xt_hashlimit: max too large, truncated to 1048576
[  349.906174][T13777] No such timeout policy "syz1"
[  349.963114][T13778] CPU: 0 UID: 0 PID: 13778 Comm: syz.0.1871 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  349.963146][T13778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  349.963160][T13778] Call Trace:
[  349.963168][T13778]  <TASK>
[  349.963178][T13778]  dump_stack_lvl+0x189/0x250
[  349.963210][T13778]  ? __pfx____ratelimit+0x10/0x10
[  349.963236][T13778]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.963262][T13778]  ? __pfx__printk+0x10/0x10
[  349.963299][T13778]  ? __pfx___might_resched+0x10/0x10
[  349.963323][T13778]  ? fs_reclaim_acquire+0x7d/0x100
[  349.963357][T13778]  should_fail_ex+0x414/0x560
[  349.963397][T13778]  should_failslab+0xa8/0x100
[  349.963431][T13778]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  349.963461][T13778]  ? __alloc_skb+0x112/0x2d0
[  349.963489][T13778]  __alloc_skb+0x112/0x2d0
[  349.963536][T13778]  netlink_ack+0x146/0xa50
[  349.963556][T13778]  ? __pfx_genl_rcv_msg+0x10/0x10
[  349.963583][T13778]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  349.963605][T13778]  ? __pfx_nl802154_post_doit+0x10/0x10
[  349.963645][T13778]  netlink_rcv_skb+0x28c/0x470
[  349.963664][T13778]  ? __lock_acquire+0xab9/0xd20
[  349.963687][T13778]  ? __pfx_genl_rcv_msg+0x10/0x10
[  349.963718][T13778]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  349.963763][T13778]  ? down_read+0x1ad/0x2e0
[  349.963793][T13778]  genl_rcv+0x28/0x40
[  349.963820][T13778]  netlink_unicast+0x82f/0x9e0
[  349.963863][T13778]  ? __pfx_netlink_unicast+0x10/0x10
[  349.963899][T13778]  ? netlink_sendmsg+0x642/0xb30
[  349.963921][T13778]  ? skb_put+0x11b/0x210
[  349.963951][T13778]  netlink_sendmsg+0x805/0xb30
[  349.963987][T13778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.964015][T13778]  ? aa_sock_msg_perm+0x94/0x160
[  349.964042][T13778]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  349.964066][T13778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.964091][T13778]  __sock_sendmsg+0x21c/0x270
[  349.964129][T13778]  ____sys_sendmsg+0x505/0x830
[  349.964164][T13778]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.964203][T13778]  ? import_iovec+0x74/0xa0
[  349.964238][T13778]  ___sys_sendmsg+0x21f/0x2a0
[  349.964268][T13778]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.964343][T13778]  ? __fget_files+0x2a/0x420
[  349.964362][T13778]  ? __fget_files+0x3a0/0x420
[  349.964394][T13778]  __x64_sys_sendmsg+0x19b/0x260
[  349.964426][T13778]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  349.964465][T13778]  ? __pfx_ksys_write+0x10/0x10
[  349.964502][T13778]  ? do_syscall_64+0xbe/0x3b0
[  349.964531][T13778]  do_syscall_64+0xfa/0x3b0
[  349.964554][T13778]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.964576][T13778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.964597][T13778]  ? clear_bhb_loop+0x60/0xb0
[  349.964622][T13778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.964641][T13778] RIP: 0033:0x7f501658e9a9
[  349.964659][T13778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.964678][T13778] RSP: 002b:00007f501738a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.964701][T13778] RAX: ffffffffffffffda RBX: 00007f50167b6080 RCX: 00007f501658e9a9
[  349.964716][T13778] RDX: 0000000020040040 RSI: 0000200000000580 RDI: 0000000000000004
[  349.964730][T13778] RBP: 00007f501738a090 R08: 0000000000000000 R09: 0000000000000000
[  349.964742][T13778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.964754][T13778] R13: 0000000000000001 R14: 00007f50167b6080 R15: 00007ffe68103468
[  349.964788][T13778]  </TASK>
[  350.495360][T13785] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  350.506201][T13785] syzkaller0: entered promiscuous mode
[  350.521669][T13785] syzkaller0: entered allmulticast mode
[  350.629037][T13785] tipc: Resetting bearer <eth:syzkaller0>
[  350.674151][T13797] tipc: Resetting bearer <eth:syzkaller0>
[  350.781858][T13797] tipc: Disabling bearer <eth:syzkaller0>
[  351.029591][T13817] netlink: 'syz.3.1886': attribute type 2 has an invalid length.
[  351.060468][T13817] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1886'.
[  351.079222][T13821] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1887'.
[  351.090248][T13823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1884'.
[  351.119391][T13823] netlink: 'syz.0.1884': attribute type 1 has an invalid length.
[  351.136229][T13823] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1884'.
[  351.164886][T13823] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1884'.
[  351.414809][T13835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1891'.
[  351.455582][T13835] geneve2: entered promiscuous mode
[  351.464602][T13835] geneve2: entered allmulticast mode
[  351.513398][   T13] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  351.535083][   T13] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  351.561077][   T13] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  351.601296][   T13] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.640097][T13844] netlink: 'syz.3.1894': attribute type 3 has an invalid length.
[  351.844898][T13849] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1896'.
[  352.194897][T13865] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  352.253174][T13875] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  352.261558][T13872] IPVS: stopping backup sync thread 13875 ...
[  352.286542][T13874] macsec0: entered promiscuous mode
[  352.293072][T13874] macsec0: entered allmulticast mode
[  352.375503][T13865] tipc: Disabling bearer <eth:syzkaller0>
[  352.935149][T13900] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1908'.
[  353.394410][T13920] delete_channel: no stack
[  353.593967][T13930] macsec1: entered allmulticast mode
[  353.628282][T13930] macsec0: entered allmulticast mode
[  354.395007][T13968] netlink: 'syz.2.1923': attribute type 1 has an invalid length.
[  354.481234][T13962] macsec0 (unregistering): left allmulticast mode
[  354.770152][T13971] bond7: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  354.786611][T13972] bond0: (slave wlan1): Releasing backup interface
[  354.800713][T13972] bond3: (slave bridge1): Releasing active interface
[  354.821720][T13972] bond4: (slave bridge2): Releasing backup interface
[  354.832543][T13972] bridge2: left promiscuous mode
[  354.844492][T13972] bond7: (slave ip6gretap2): Releasing backup interface
[  355.041062][T13990] __nla_validate_parse: 3 callbacks suppressed
[  355.041082][T13990] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1927'.
[  355.332806][T13998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1928'.
[  355.445227][T14002] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1931'.
[  355.470682][T14002] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1931'.
[  355.667014][T14014] bridge4: entered allmulticast mode
[  356.748344][T14055] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1943'.
[  356.908268][T14063] netlink: 'syz.0.1944': attribute type 10 has an invalid length.
[  357.143516][T14063] 8021q: adding VLAN 0 to HW filter on device team0
[  357.177234][T14063] team0: entered promiscuous mode
[  357.450019][T14080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1950'.
[  357.514095][T14079] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1949'.
[  357.525673][T14079] IPVS: length: 8 != 446622349272
[  357.797223][T14086] bond1: (slave bond2): Releasing active interface
[  358.348987][T14098] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  358.379197][T14098] syzkaller0: entered promiscuous mode
[  358.384729][T14098] syzkaller0: entered allmulticast mode
[  358.440616][T14098] tipc: Resetting bearer <eth:syzkaller0>
[  358.462289][T14097] tipc: Resetting bearer <eth:syzkaller0>
[  358.519523][T14097] tipc: Disabling bearer <eth:syzkaller0>
[  358.895722][T14117] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1960'.
[  359.212473][T14128] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1963'.
[  360.199492][T14161] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1975'.
[  360.232168][T14161] veth1: entered promiscuous mode
[  360.238877][T14161] bridge0: entered promiscuous mode
[  360.245570][T14161] hsr1: Slave A (veth1) is not up; please bring it up to get a fully working HSR network
[  360.256398][T14161] hsr1: entered promiscuous mode
[  360.335322][T14164] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1976'.
[  361.204132][T14181] xt_CT: You must specify a L4 protocol and not use inversions on it
[  361.315044][T14183] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1983'.
[  361.596935][T14196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1986'.
[  361.849369][T14205] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1989'.
[  362.191615][T14216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1993'.
[  362.490486][T14225] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  362.735355][T14242] netlink: 'syz.4.2001': attribute type 21 has an invalid length.
[  362.756370][T14242] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2001'.
[  362.846555][T14242] netlink: 'syz.4.2001': attribute type 4 has an invalid length.
[  362.893113][T14242] netlink: 'syz.4.2001': attribute type 5 has an invalid length.
[  362.916156][T14242] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2001'.
[  363.235335][T14261] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2004'.
[  363.712982][T14288] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2010'.
[  363.931402][T14295] netlink: 'syz.0.2013': attribute type 1 has an invalid length.
[  364.534605][T14318] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  364.594336][T14318] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  364.766612][T14323] netlink: 'syz.1.2022': attribute type 13 has an invalid length.
[  364.775872][T14323] netlink: 'syz.1.2022': attribute type 17 has an invalid length.
[  364.821402][   T24] IPVS: starting estimator thread 0...
[  364.908339][T14334] IPVS: using max 27 ests per chain, 64800 per kthread
[  365.227816][T14347] netlink: 'syz.0.2024': attribute type 10 has an invalid length.
[  365.539796][T14323] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  365.591493][T14347] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  366.343171][T14385] __nla_validate_parse: 3 callbacks suppressed
[  366.343192][T14385] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2036'.
[  366.449504][T14389] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2037'.
[  366.665041][T14396] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.2039'.
[  366.700272][T14362] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  367.610429][T14438] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  367.633717][T14438] syzkaller0: entered promiscuous mode
[  367.643477][T14438] syzkaller0: entered allmulticast mode
[  367.701866][T14438] tipc: Resetting bearer <eth:syzkaller0>
[  367.731950][T14445] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  367.757693][T14445] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  367.803823][T14445] netdevsim netdevsim1 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  368.010669][T14437] tipc: Resetting bearer <eth:syzkaller0>
[  368.104802][T14437] tipc: Disabling bearer <eth:syzkaller0>
[  368.139652][T14445] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.150629][T14445] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  368.161623][T14445] netdevsim netdevsim1 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  368.275751][T14445] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.308968][T14445] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  368.348176][T14445] netdevsim netdevsim1 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  368.428785][T14445] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.447929][T14445] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  368.468728][T14445] netdevsim netdevsim1 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  368.575725][T14475] netlink: 'syz.0.2066': attribute type 1 has an invalid length.
[  368.588738][T14475] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  368.613882][T14478] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2067'.
[  368.643095][T11525] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  368.659667][T11525] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  368.670404][T11525] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  368.682741][T14478] tipc: Enabled bearer <eth:syzkaller0>, priority 10
[  368.761242][T14478] tipc: Resetting bearer <eth:syzkaller0>
[  368.782449][T11521] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  368.791511][T11521] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  368.799769][T11521] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  368.824172][T14477] tipc: Resetting bearer <eth:syzkaller0>
[  368.889000][T14484] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2068'.
[  369.103722][T14489] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2069'.
[  369.121913][T14489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2069'.
[  369.139289][T14489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2069'.
[  369.521441][T14501] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  370.581403][T14477] tipc: Disabling bearer <eth:syzkaller0>
[  370.592352][T11521] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  370.603643][T11521] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  370.612406][T11521] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  370.668493][T11521] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  370.695347][T11521] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  370.751145][T11521] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  370.806874][T14510] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2075'.
[  370.830949][T14510] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2075'.
[  370.863247][   T13] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  370.894933][   T13] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  370.944975][   T13] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  370.964835][   T13] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  371.391480][T14538] __nla_validate_parse: 2 callbacks suppressed
[  371.391502][T14538] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2082'.
[  371.518537][T14538] erspan0: entered promiscuous mode
[  371.546015][T14538] erspan0: left promiscuous mode
[  371.843142][T14554] IPVS: Scheduler module ip_vs_ not found
[  372.113502][T14575] vti2: entered promiscuous mode
[  373.113552][T14621] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2105'.
[  373.366928][T14637] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2111'.
[  373.389872][T14637] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2111'.
[  373.401285][T14637] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2111'.
[  373.482413][T14643] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2112'.
[  373.817726][T14658] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2117'.
[  373.929841][T14670] netlink: 'syz.2.2120': attribute type 3 has an invalid length.
[  373.999120][T14670] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2120'.
[  374.059019][T14673] IPVS: length: 148 != 24
[  374.421337][T14691] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2125'.
[  375.292913][T14723] pim6reg1: entered promiscuous mode
[  375.312007][T14723] pim6reg1: entered allmulticast mode
[  375.370920][T14733] ip6t_srh: unknown srh invflags 4449
[  375.390226][T14737] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  375.518725][T14740] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2136'.
[  375.987994][T14760] Cannot find add_set index 3 as target
[  376.011762][T14760] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  377.142705][T12511] IPVS: starting estimator thread 0...
[  377.277611][T14813] IPVS: using max 23 ests per chain, 55200 per kthread
[  377.701990][T14825] veth7: entered promiscuous mode
[  377.713037][T14825] bond0: (slave veth7): Enslaving as an active interface with an up link
[  378.105687][T14843] gre3: entered promiscuous mode
[  378.433841][T14853] veth5: entered promiscuous mode
[  378.964265][T14895] __nla_validate_parse: 2 callbacks suppressed
[  378.964287][T14895] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2178'.
[  379.004208][T14895] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2178'.
[  379.108542][T14903] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2178'.
[  379.148764][T14903] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2178'.
[  379.343031][T14911] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2181'.
[  379.404472][T14913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2180'.
[  379.506372][T14913] netlink: 'syz.0.2180': attribute type 1 has an invalid length.
[  379.532189][T14913] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2180'.
[  380.409727][T14957] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2191'.
[  381.139210][T14973] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2196'.
[  381.163852][T14971] netlink: 120 bytes leftover after parsing attributes in process `syz.0.2195'.
[  381.223218][T14971] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  381.653595][T14986] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  381.662077][T14986] syzkaller0: entered promiscuous mode
[  381.668599][T14986] syzkaller0: entered allmulticast mode
[  381.711289][ T5865] page_pool_release_retry() stalled pool shutdown: id 80, 1 inflight 60 sec
[  382.774890][T14985] tipc: Resetting bearer <eth:syzkaller0>
[  382.826232][T14985] tipc: Disabling bearer <eth:syzkaller0>
[  383.462950][T15046] FAULT_INJECTION: forcing a failure.
[  383.462950][T15046] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.522869][T15046] CPU: 0 UID: 0 PID: 15046 Comm: syz.1.2215 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  383.522901][T15046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  383.522913][T15046] Call Trace:
[  383.522922][T15046]  <TASK>
[  383.522931][T15046]  dump_stack_lvl+0x189/0x250
[  383.522961][T15046]  ? __pfx____ratelimit+0x10/0x10
[  383.522984][T15046]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.523007][T15046]  ? __pfx__printk+0x10/0x10
[  383.523032][T15046]  ? __might_fault+0xb0/0x130
[  383.523069][T15046]  should_fail_ex+0x414/0x560
[  383.523092][T15046]  _copy_from_user+0x2d/0xb0
[  383.523119][T15046]  __sys_bpf+0x1ed/0x860
[  383.523150][T15046]  ? __pfx___sys_bpf+0x10/0x10
[  383.523190][T15046]  ? ksys_write+0x22a/0x250
[  383.523216][T15046]  ? __pfx_ksys_write+0x10/0x10
[  383.523238][T15046]  ? rcu_is_watching+0x15/0xb0
[  383.523266][T15046]  __x64_sys_bpf+0x7c/0x90
[  383.523295][T15046]  do_syscall_64+0xfa/0x3b0
[  383.523318][T15046]  ? lockdep_hardirqs_on+0x9c/0x150
[  383.523342][T15046]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.523362][T15046]  ? clear_bhb_loop+0x60/0xb0
[  383.523387][T15046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.523407][T15046] RIP: 0033:0x7f967c58e9a9
[  383.523426][T15046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.523456][T15046] RSP: 002b:00007f967d454038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  383.523479][T15046] RAX: ffffffffffffffda RBX: 00007f967c7b5fa0 RCX: 00007f967c58e9a9
[  383.523495][T15046] RDX: 0000000000000094 RSI: 0000200000002c40 RDI: 0000000000000005
[  383.523508][T15046] RBP: 00007f967d454090 R08: 0000000000000000 R09: 0000000000000000
[  383.523521][T15046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.523534][T15046] R13: 0000000000000000 R14: 00007f967c7b5fa0 R15: 00007ffdb2554888
[  383.523568][T15046]  </TASK>
[  385.084936][T15064] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  385.106813][T15099] FAULT_INJECTION: forcing a failure.
[  385.106813][T15099] name failslab, interval 1, probability 0, space 0, times 0
[  385.121318][T15099] CPU: 0 UID: 0 PID: 15099 Comm: syz.3.2229 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  385.121351][T15099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  385.121364][T15099] Call Trace:
[  385.121373][T15099]  <TASK>
[  385.121382][T15099]  dump_stack_lvl+0x189/0x250
[  385.121413][T15099]  ? __pfx____ratelimit+0x10/0x10
[  385.121437][T15099]  ? __pfx_dump_stack_lvl+0x10/0x10
[  385.121463][T15099]  ? __pfx__printk+0x10/0x10
[  385.121499][T15099]  ? __pfx___might_resched+0x10/0x10
[  385.121530][T15099]  should_fail_ex+0x414/0x560
[  385.121557][T15099]  should_failslab+0xa8/0x100
[  385.121591][T15099]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  385.121623][T15099]  ? __get_vm_area_node+0x13f/0x300
[  385.121657][T15099]  __get_vm_area_node+0x13f/0x300
[  385.121694][T15099]  __vmalloc_node_range_noprof+0x301/0x12f0
[  385.121727][T15099]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  385.121751][T15099]  ? is_bpf_text_address+0x26/0x2b0
[  385.121802][T15099]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  385.121833][T15099]  ? __might_fault+0xb0/0x130
[  385.121861][T15099]  ? __pfx_aa_get_newest_label+0x10/0x10
[  385.121884][T15099]  ? _parse_integer_limit+0x1ae/0x1f0
[  385.121914][T15099]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  385.121934][T15099]  __vmalloc_noprof+0xb1/0xf0
[  385.121965][T15099]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  385.121990][T15099]  bpf_prog_alloc_no_stats+0x4a/0x4b0
[  385.122018][T15099]  bpf_prog_alloc+0x3c/0x1a0
[  385.122042][T15099]  bpf_prog_load+0x735/0x1930
[  385.122077][T15099]  ? __pfx_bpf_prog_load+0x10/0x10
[  385.122122][T15099]  ? bpf_lsm_bpf+0x9/0x20
[  385.122171][T15099]  ? security_bpf+0x7e/0x300
[  385.122195][T15099]  __sys_bpf+0x5f1/0x860
[  385.122231][T15099]  ? __pfx___sys_bpf+0x10/0x10
[  385.122287][T15099]  ? ksys_write+0x22a/0x250
[  385.122321][T15099]  ? __pfx_ksys_write+0x10/0x10
[  385.122347][T15099]  ? rcu_is_watching+0x15/0xb0
[  385.122381][T15099]  __x64_sys_bpf+0x7c/0x90
[  385.122413][T15099]  do_syscall_64+0xfa/0x3b0
[  385.122438][T15099]  ? lockdep_hardirqs_on+0x9c/0x150
[  385.122461][T15099]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.122483][T15099]  ? clear_bhb_loop+0x60/0xb0
[  385.122510][T15099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.122532][T15099] RIP: 0033:0x7f08a7f8e9a9
[  385.122551][T15099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.122570][T15099] RSP: 002b:00007f08a8e5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  385.122593][T15099] RAX: ffffffffffffffda RBX: 00007f08a81b5fa0 RCX: 00007f08a7f8e9a9
[  385.122610][T15099] RDX: 0000000000000094 RSI: 0000200000002c40 RDI: 0000000000000005
[  385.122624][T15099] RBP: 00007f08a8e5e090 R08: 0000000000000000 R09: 0000000000000000
[  385.122637][T15099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.122650][T15099] R13: 0000000000000000 R14: 00007f08a81b5fa0 R15: 00007ffc506af458
[  385.122696][T15099]  </TASK>
[  385.122773][T15099] warn_alloc: 3 callbacks suppressed
[  385.122785][T15099] syz.3.2229: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  385.596215][T15099] CPU: 0 UID: 0 PID: 15099 Comm: syz.3.2229 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  385.596246][T15099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  385.596260][T15099] Call Trace:
[  385.596268][T15099]  <TASK>
[  385.596278][T15099]  dump_stack_lvl+0x189/0x250
[  385.596311][T15099]  ? __pfx_dump_stack_lvl+0x10/0x10
[  385.596338][T15099]  ? __pfx__printk+0x10/0x10
[  385.596369][T15099]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  385.596398][T15099]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  385.596429][T15099]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  385.596469][T15099]  warn_alloc+0x214/0x310
[  385.596495][T15099]  ? __pfx_warn_alloc+0x10/0x10
[  385.596518][T15099]  ? __get_vm_area_node+0x13f/0x300
[  385.596555][T15099]  ? __get_vm_area_node+0x2b5/0x300
[  385.596594][T15099]  __vmalloc_node_range_noprof+0x326/0x12f0
[  385.596630][T15099]  ? is_bpf_text_address+0x26/0x2b0
[  385.596683][T15099]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  385.596721][T15099]  ? __might_fault+0xb0/0x130
[  385.596749][T15099]  ? __pfx_aa_get_newest_label+0x10/0x10
[  385.596772][T15099]  ? _parse_integer_limit+0x1ae/0x1f0
[  385.596803][T15099]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  385.596824][T15099]  __vmalloc_noprof+0xb1/0xf0
[  385.596855][T15099]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  385.596881][T15099]  bpf_prog_alloc_no_stats+0x4a/0x4b0
[  385.596910][T15099]  bpf_prog_alloc+0x3c/0x1a0
[  385.596935][T15099]  bpf_prog_load+0x735/0x1930
[  385.596970][T15099]  ? __pfx_bpf_prog_load+0x10/0x10
[  385.597018][T15099]  ? bpf_lsm_bpf+0x9/0x20
[  385.597045][T15099]  ? security_bpf+0x7e/0x300
[  385.597069][T15099]  __sys_bpf+0x5f1/0x860
[  385.597105][T15099]  ? __pfx___sys_bpf+0x10/0x10
[  385.597155][T15099]  ? ksys_write+0x22a/0x250
[  385.597187][T15099]  ? __pfx_ksys_write+0x10/0x10
[  385.597213][T15099]  ? rcu_is_watching+0x15/0xb0
[  385.597247][T15099]  __x64_sys_bpf+0x7c/0x90
[  385.597278][T15099]  do_syscall_64+0xfa/0x3b0
[  385.597303][T15099]  ? lockdep_hardirqs_on+0x9c/0x150
[  385.597327][T15099]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.597349][T15099]  ? clear_bhb_loop+0x60/0xb0
[  385.597377][T15099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.597398][T15099] RIP: 0033:0x7f08a7f8e9a9
[  385.597418][T15099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.597438][T15099] RSP: 002b:00007f08a8e5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  385.597468][T15099] RAX: ffffffffffffffda RBX: 00007f08a81b5fa0 RCX: 00007f08a7f8e9a9
[  385.597485][T15099] RDX: 0000000000000094 RSI: 0000200000002c40 RDI: 0000000000000005
[  385.597500][T15099] RBP: 00007f08a8e5e090 R08: 0000000000000000 R09: 0000000000000000
[  385.597514][T15099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.597527][T15099] R13: 0000000000000000 R14: 00007f08a81b5fa0 R15: 00007ffc506af458
[  385.597563][T15099]  </TASK>
[  385.907819][T15099] Mem-Info:
[  385.913895][T15099] active_anon:7660 inactive_anon:0 isolated_anon:0
[  385.913895][T15099]  active_file:1775 inactive_file:39977 isolated_file:0
[  385.913895][T15099]  unevictable:768 dirty:240 writeback:0
[  385.913895][T15099]  slab_reclaimable:11521 slab_unreclaimable:155647
[  385.913895][T15099]  mapped:29507 shmem:1406 pagetables:971
[  385.913895][T15099]  sec_pagetables:0 bounce:0
[  385.913895][T15099]  kernel_misc_reclaimable:0
[  385.913895][T15099]  free:1265144 free_pcp:17636 free_cma:0
[  385.997245][T15106] netlink: 'syz.4.2232': attribute type 1 has an invalid length.
[  386.106995][T15110] netlink: 'syz.1.2233': attribute type 14 has an invalid length.
[  386.207159][T15099] Node 0 active_anon:31208kB inactive_anon:0kB active_file:7200kB inactive_file:159704kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122524kB dirty:1016kB writeback:0kB shmem:4000kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12948kB pagetables:4016kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  386.310293][T15099] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  386.347150][T15126] __nla_validate_parse: 2 callbacks suppressed
[  386.347169][T15126] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2236'.
[  386.370294][T15099] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  386.406654][T15115] bond3: (slave bridge0): making interface the new active one
[  386.416394][T15115] bond3: (slave bridge0): Enslaving as an active interface with an up link
[  386.426292][T15099] lowmem_reserve[]: 0 2498 2499 2499 2499
[  386.426848][T15128] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2237'.
[  386.434241][T15099] Node 0 DMA32 free:1151252kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31060kB inactive_anon:0kB active_file:7200kB inactive_file:158140kB unevictable:1536kB writepending:1016kB present:3129332kB managed:2558296kB mlocked:0kB bounce:0kB free_pcp:42332kB local_pcp:19384kB free_cma:0kB
[  386.481027][T15099] lowmem_reserve[]: 0 0 1 1 1
[  386.485923][T15099] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1564kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  386.569207][T15128] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2237'.
[  386.581885][T15099] lowmem_reserve[]: 0 0 0 0 0
[  386.586685][T15099] Node 1 Normal free:3900860kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:20884kB local_pcp:7040kB free_cma:0kB
[  386.634831][T15110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2233'.
[  386.641967][T15099] lowmem_reserve[]: 0 0 0 0 0
[  386.667721][T15133] pimreg: entered allmulticast mode
[  386.713230][T15133] dvmrp0: left allmulticast mode
[  386.725138][T15133] pimreg: left allmulticast mode
[  386.726657][T15099] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  386.794904][T15099] Node 0 DMA32: 3076*4kB (UME) 1564*8kB (UME) 753*16kB (UM) 230*32kB (UM) 185*64kB (UM) 121*128kB (UME) 74*256kB (UME) 28*512kB (UM) 15*1024kB (UM) 7*2048kB (UM) 248*4096kB (UM) = 1150336kB
[  386.857179][T15099] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[  386.907935][T15099] Node 1 Normal: 227*4kB (UE) 66*8kB (UME) 42*16kB (UME) 70*32kB (UME) 23*64kB (UME) 12*128kB (UME) 3*256kB (ME) 3*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 949*4096kB (UM) = 3900860kB
[  386.999544][T15099] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  387.058329][T15099] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  387.089895][T15099] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  387.218272][T15099] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  387.251552][T15099] 43159 total pagecache pages
[  387.256326][T15099] 0 pages in swap cache
[  387.312131][T15099] Free swap  = 124996kB
[  387.316365][T15099] Total swap = 124996kB
[  387.370283][T15099] 2097051 pages RAM
[  387.374152][T15099] 0 pages HighMem/MovableOnly
[  387.378885][T15099] 425435 pages reserved
[  387.429345][T15099] 0 pages cma reserved
[  387.442943][T15154] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2242'.
[  387.491080][T15154] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2242'.
[  387.645713][T15165] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[  388.051774][T15184] syzkaller1: entered promiscuous mode
[  388.060570][T15184] syzkaller1: entered allmulticast mode
[  388.256172][T15195] delete_channel: no stack
[  388.493431][T15205] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  389.510357][T15248] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2267'.
[  390.784538][T15286] netlink: 'syz.0.2273': attribute type 2 has an invalid length.
[  391.099903][T15292] netlink: 'syz.0.2275': attribute type 58 has an invalid length.
[  391.141878][T15292] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2275'.
[  391.376286][T15303] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2279'.
[  391.407091][T15303] netlink: 'syz.1.2279': attribute type 14 has an invalid length.
[  391.448125][T15303] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2279'.
[  391.841558][T15327] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  391.938243][T15333] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2284'.
[  391.963297][T15327] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  392.084716][T15327] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  392.165560][T15327] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  392.253023][T15344] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2290'.
[  392.295693][T15343] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2290'.
[  392.325380][T11525] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  392.349289][T11525] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  392.387126][T11525] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  392.413570][ T1152] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  392.554865][T15349] netlink: 'syz.3.2291': attribute type 2 has an invalid length.
[  392.576142][T15349] netlink: 'syz.3.2291': attribute type 9 has an invalid length.
[  392.640140][T15354] lo speed is unknown, defaulting to 1000
[  392.646787][T15354] lo speed is unknown, defaulting to 1000
[  392.671122][T15354] lo speed is unknown, defaulting to 1000
[  392.748753][T15354] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  392.911291][T15354] lo speed is unknown, defaulting to 1000
[  392.939488][T15354] lo speed is unknown, defaulting to 1000
[  392.947321][T15354] lo speed is unknown, defaulting to 1000
[  392.984231][T15354] lo speed is unknown, defaulting to 1000
[  393.009641][T15354] lo speed is unknown, defaulting to 1000
[  393.110220][T15377] xt_hashlimit: invalid rate
[  393.445691][T15402] netlink: 'syz.4.2301': attribute type 8 has an invalid length.
[  393.689546][T15410] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2307'.
[  393.730772][T15402] xt_CT: No such helper "snmp"
[  394.192936][T15434] (unnamed net_device) (uninitialized): option mode: invalid value (254)
[  394.893530][T15469] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2321'.
[  394.924625][T15469] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  394.950918][T15430] DRBG: could not allocate digest TFM handle: hmac(sha512)
[  394.952044][T15473] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  395.219571][T15489] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2323'.
[  395.274296][T15490] syzkaller1: entered promiscuous mode
[  395.305965][T15490] syzkaller1: entered allmulticast mode
[  511.263766][T15498] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2327'.
[  511.341801][T15508] netlink: 'syz.0.2327': attribute type 1 has an invalid length.
[  511.382445][T15506] mac80211_hwsim hwsim4 wlan0: left promiscuous mode
[  511.402417][T15508] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2327'.
[  511.525476][T15517] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2329'.
[  511.739426][T15523] netlink: 'syz.0.2332': attribute type 28 has an invalid length.
[  511.889361][T15528] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2334'.
[  511.910234][T15529] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2335'.
[  511.988024][T15531] 8021q: adding VLAN 0 to HW filter on device bond8
[  512.044981][T15535] lo speed is unknown, defaulting to 1000
[  512.122902][T15537] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2335'.
[  512.296703][T15543] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2337'.
[  512.722220][T15559] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2341'.
[  513.062582][T15568] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2343'.
[  513.175512][T15569] bpq0: entered promiscuous mode
[  513.190485][T15569] bpq0: entered allmulticast mode
[  513.202997][T15573] netlink: 'syz.2.2347': attribute type 1 has an invalid length.
[  513.207207][T15569] netlink: 'syz.0.2345': attribute type 1 has an invalid length.
[  513.264306][T15569] bond5: entered promiscuous mode
[  513.272544][T15569] 8021q: adding VLAN 0 to HW filter on device bond5
[  513.400072][T15581] 8021q: adding VLAN 0 to HW filter on device bond9
[  513.453404][T11521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.502774][T11521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.653472][T15589] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2350'.
[  514.021605][T15599] RDS: rds_bind could not find a transport for ::4000:0:20:0, load rds_tcp or rds_rdma?
[  514.350984][T15608] lo speed is unknown, defaulting to 1000
[  514.400981][T15614] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap3
[  514.414741][T15614] batman_adv: batadv0: Adding interface: ip6gretap3
[  514.421702][T15614] batman_adv: batadv0: The MTU of interface ip6gretap3 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.448382][T15614] batman_adv: batadv0: Interface activated: ip6gretap3
[  514.704433][T15622] lo speed is unknown, defaulting to 1000
[  515.181975][T15637] xt_ecn: cannot match TCP bits for non-tcp packets
[  515.426334][T15642] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  515.446036][T15642] syzkaller0: entered promiscuous mode
[  515.453228][T15642] syzkaller0: entered allmulticast mode
[  515.502570][T15642] tipc: Resetting bearer <eth:syzkaller0>
[  515.524690][T15641] tipc: Resetting bearer <eth:syzkaller0>
[  515.571061][T15641] tipc: Disabling bearer <eth:syzkaller0>
[  515.954493][T15661] netlink: 'syz.1.2374': attribute type 1 has an invalid length.
[  515.983216][T15661] netlink: 'syz.1.2374': attribute type 2 has an invalid length.
[  516.000929][T15661] netlink: 'syz.1.2374': attribute type 1 has an invalid length.
[  516.334895][T15676] __nla_validate_parse: 5 callbacks suppressed
[  516.334917][T15676] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2377'.
[  516.474033][T15681] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  516.483630][T15676] 8021q: VLANs not supported on caif0
[  516.553273][T15685] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2382'.
[  516.585511][T15681] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[  516.601139][T15681] CPU: 0 UID: 0 PID: 15681 Comm: syz.3.2379 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  516.601173][T15681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  516.601192][T15681] Call Trace:
[  516.601202][T15681]  <TASK>
[  516.601212][T15681]  dump_stack_lvl+0x189/0x250
[  516.601250][T15681]  ? __pfx_dump_stack_lvl+0x10/0x10
[  516.601278][T15681]  ? __pfx__printk+0x10/0x10
[  516.601308][T15681]  ? kernfs_path_from_node+0x2c/0x260
[  516.601331][T15681]  ? kernfs_path_from_node+0x2c/0x260
[  516.601355][T15681]  ? kernfs_path_from_node+0x2c/0x260
[  516.601378][T15681]  ? kernfs_path_from_node+0x22c/0x260
[  516.601397][T15681]  ? kernfs_path_from_node+0x2c/0x260
[  516.601421][T15681]  sysfs_warn_dup+0x8e/0xa0
[  516.601456][T15681]  sysfs_do_create_link_sd+0xc0/0x110
[  516.601494][T15681]  device_add_class_symlinks+0x1cf/0x240
[  516.601533][T15681]  device_add+0x475/0xb50
[  516.601572][T15681]  wiphy_register+0x1ba6/0x28d0
[  516.601617][T15681]  ? __pfx_wiphy_register+0x10/0x10
[  516.601639][T15681]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  516.601680][T15681]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  516.601715][T15681]  ieee80211_register_hw+0x3425/0x4080
[  516.601767][T15681]  ? ieee80211_register_hw+0x1491/0x4080
[  516.601809][T15681]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  516.601846][T15681]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  516.601896][T15681]  ? __hrtimer_setup+0x187/0x210
[  516.601920][T15681]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  516.601952][T15681]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  516.602013][T15681]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  516.602037][T15681]  ? trace_kmalloc+0x1f/0xd0
[  516.602065][T15681]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  516.602096][T15681]  ? kstrndup+0xbf/0x160
[  516.602131][T15681]  hwsim_new_radio_nl+0xea4/0x1b10
[  516.602160][T15681]  ? __pfx___nla_validate_parse+0x10/0x10
[  516.602205][T15681]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  516.602246][T15681]  ? __nla_parse+0x40/0x60
[  516.602279][T15681]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  516.602322][T15681]  genl_family_rcv_msg_doit+0x212/0x300
[  516.602370][T15681]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  516.602418][T15681]  ? bpf_lsm_capable+0x9/0x20
[  516.602447][T15681]  ? security_capable+0x7e/0x2e0
[  516.602479][T15681]  genl_rcv_msg+0x60e/0x790
[  516.602518][T15681]  ? __pfx_genl_rcv_msg+0x10/0x10
[  516.602547][T15681]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  516.602589][T15681]  netlink_rcv_skb+0x208/0x470
[  516.602609][T15681]  ? __lock_acquire+0xab9/0xd20
[  516.602633][T15681]  ? __pfx_genl_rcv_msg+0x10/0x10
[  516.602665][T15681]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  516.602714][T15681]  ? down_read+0x1ad/0x2e0
[  516.602746][T15681]  genl_rcv+0x28/0x40
[  516.602773][T15681]  netlink_unicast+0x82f/0x9e0
[  516.602821][T15681]  ? __pfx_netlink_unicast+0x10/0x10
[  516.602859][T15681]  ? netlink_sendmsg+0x642/0xb30
[  516.602880][T15681]  ? skb_put+0x11b/0x210
[  516.602911][T15681]  netlink_sendmsg+0x805/0xb30
[  516.602948][T15681]  ? __pfx_netlink_sendmsg+0x10/0x10
[  516.602977][T15681]  ? aa_sock_msg_perm+0x94/0x160
[  516.603003][T15681]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  516.603026][T15681]  ? __pfx_netlink_sendmsg+0x10/0x10
[  516.603051][T15681]  __sock_sendmsg+0x21c/0x270
[  516.603090][T15681]  ____sys_sendmsg+0x505/0x830
[  516.603126][T15681]  ? __pfx_____sys_sendmsg+0x10/0x10
[  516.603167][T15681]  ? import_iovec+0x74/0xa0
[  516.603203][T15681]  ___sys_sendmsg+0x21f/0x2a0
[  516.603235][T15681]  ? __pfx____sys_sendmsg+0x10/0x10
[  516.603311][T15681]  ? __fget_files+0x2a/0x420
[  516.603330][T15681]  ? __fget_files+0x3a0/0x420
[  516.603371][T15681]  __x64_sys_sendmsg+0x19b/0x260
[  516.603403][T15681]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  516.603446][T15681]  ? rcu_is_watching+0x15/0xb0
[  516.603480][T15681]  ? do_syscall_64+0xbe/0x3b0
[  516.603512][T15681]  do_syscall_64+0xfa/0x3b0
[  516.603537][T15681]  ? lockdep_hardirqs_on+0x9c/0x150
[  516.603561][T15681]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.603584][T15681]  ? clear_bhb_loop+0x60/0xb0
[  516.603612][T15681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.603640][T15681] RIP: 0033:0x7f08a7f8e9a9
[  516.603662][T15681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.603683][T15681] RSP: 002b:00007f08a8e5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  516.603708][T15681] RAX: ffffffffffffffda RBX: 00007f08a81b5fa0 RCX: 00007f08a7f8e9a9
[  516.603724][T15681] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  516.603738][T15681] RBP: 00007f08a8010d69 R08: 0000000000000000 R09: 0000000000000000
[  516.603752][T15681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  516.603765][T15681] R13: 0000000000000000 R14: 00007f08a81b5fa0 R15: 00007ffc506af458
[  516.603803][T15681]  </TASK>
[  517.141992][T15690] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2383'.
[  517.221841][T15695] xt_hashlimit: size too large, truncated to 1048576
[  517.572114][T15708] netlink: 'syz.4.2387': attribute type 1 has an invalid length.
[  517.608723][T15708] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2387'.
[  517.620687][T15708] netlink: 'syz.4.2387': attribute type 2 has an invalid length.
[  517.629342][T15708] netlink: 'syz.4.2387': attribute type 1 has an invalid length.
[  517.930506][T15720] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2392'.
[  518.370382][T15740] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2398'.
[  518.419612][T15740] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2398'.
[  518.510146][T15740] geneve3: entered promiscuous mode
[  518.523200][T15740] geneve3: entered allmulticast mode
[  518.789502][T15758] netlink: 'syz.2.2403': attribute type 11 has an invalid length.
[  518.843387][T15764] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2403'.
[  519.041596][T15772] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  519.074584][T15774] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2406'.
[  519.132978][T15776] siw: device registration error -23
[  519.410536][T15787] lo speed is unknown, defaulting to 1000
[  519.615208][T15794] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2415'.
[  519.962885][T15808] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0)
[  521.015110][T15838] !
: renamed from dummy0 (while UP)
[  521.141123][T15844] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[  521.253849][T15849] lo speed is unknown, defaulting to 1000
[  521.650732][T15874] __nla_validate_parse: 6 callbacks suppressed
[  521.650763][T15874] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2438'.
[  521.728575][T15874] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2438'.
[  521.804882][T15874] netlink: 31 bytes leftover after parsing attributes in process `syz.3.2438'.
[  521.884079][T15874] netlink: 'syz.3.2438': attribute type 3 has an invalid length.
[  521.915335][T15885] bridge0: port 1(erspan0) entered blocking state
[  521.935086][T15874] netlink: 'syz.3.2438': attribute type 2 has an invalid length.
[  521.998158][T15885] bridge0: port 1(erspan0) entered disabled state
[  522.008869][T15874] netlink: 31 bytes leftover after parsing attributes in process `syz.3.2438'.
[  522.034464][T15885] erspan0: entered allmulticast mode
[  522.065624][T15885] erspan0: entered promiscuous mode
[  522.096951][T15886] erspan0: left allmulticast mode
[  522.151061][T15886] erspan0: left promiscuous mode
[  522.191962][T15886] bridge0: port 1(erspan0) entered disabled state
[  522.387242][T15874] lo speed is unknown, defaulting to 1000
[  522.864140][T15904] lo speed is unknown, defaulting to 1000
[  523.418452][T15931] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2449'.
[  523.500101][T15924] bridge0: entered allmulticast mode
[  523.596230][T15909] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2443'.
[  524.355310][T15972] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2457'.
[  525.418289][T16016] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2472'.
[  525.661691][T16021] netlink: 'syz.3.2474': attribute type 8 has an invalid length.
[  525.669891][T16021] netlink: 248 bytes leftover after parsing attributes in process `syz.3.2474'.
[  525.874294][T16038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2477'.
[  526.301183][T16053] netlink: 'syz.3.2483': attribute type 21 has an invalid length.
[  526.949403][T16090] FAULT_INJECTION: forcing a failure.
[  526.949403][T16090] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  527.000083][T16090] CPU: 1 UID: 0 PID: 16090 Comm: syz.2.2491 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  527.000117][T16090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  527.000132][T16090] Call Trace:
[  527.000141][T16090]  <TASK>
[  527.000151][T16090]  dump_stack_lvl+0x189/0x250
[  527.000184][T16090]  ? __pfx____ratelimit+0x10/0x10
[  527.000209][T16090]  ? __pfx_dump_stack_lvl+0x10/0x10
[  527.000236][T16090]  ? __pfx__printk+0x10/0x10
[  527.000266][T16090]  ? __might_fault+0xb0/0x130
[  527.000310][T16090]  should_fail_ex+0x414/0x560
[  527.000339][T16090]  _copy_from_user+0x2d/0xb0
[  527.000372][T16090]  __sys_sendto+0x25c/0x520
[  527.000401][T16090]  ? __pfx___sys_sendto+0x10/0x10
[  527.000423][T16090]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  527.000465][T16090]  ? __fget_files+0x3a0/0x420
[  527.000497][T16090]  ? ksys_write+0x22a/0x250
[  527.000530][T16090]  ? __pfx_ksys_write+0x10/0x10
[  527.000560][T16090]  ? rcu_is_watching+0x15/0xb0
[  527.000592][T16090]  __x64_sys_sendto+0xde/0x100
[  527.000622][T16090]  do_syscall_64+0xfa/0x3b0
[  527.000647][T16090]  ? lockdep_hardirqs_on+0x9c/0x150
[  527.000670][T16090]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.000692][T16090]  ? clear_bhb_loop+0x60/0xb0
[  527.000719][T16090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.000740][T16090] RIP: 0033:0x7f7f3078e9a9
[  527.000760][T16090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.000779][T16090] RSP: 002b:00007f7f315bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  527.000802][T16090] RAX: ffffffffffffffda RBX: 00007f7f309b5fa0 RCX: 00007f7f3078e9a9
[  527.000818][T16090] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  527.000832][T16090] RBP: 00007f7f315bf090 R08: 0000200000000100 R09: 000000000000001c
[  527.000846][T16090] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000001
[  527.000859][T16090] R13: 0000000000000000 R14: 00007f7f309b5fa0 R15: 00007ffc66268fd8
[  527.000894][T16090]  </TASK>
[  527.487071][T16106] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2492'.
[  527.686964][T16112] netlink: 'syz.0.2498': attribute type 1 has an invalid length.
[  527.714624][T16112] netlink: 5624 bytes leftover after parsing attributes in process `syz.0.2498'.
[  527.789996][T16120] lo: entered promiscuous mode
[  527.799554][T16120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2498'.
[  527.914921][T16127] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2499'.
[  528.301291][T16139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2504'.
[  528.330739][T16139] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2504'.
[  528.340042][T16139] netlink: 'syz.1.2504': attribute type 5 has an invalid length.
[  528.354371][T16142] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2504'.
[  528.365440][T16139] netlink: 'syz.1.2504': attribute type 6 has an invalid length.
[  528.377125][T16111] lo: left promiscuous mode
[  528.611746][T16147] syzkaller0: entered promiscuous mode
[  528.621283][T16147] syzkaller0: entered allmulticast mode
[  529.240432][T16177] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2516'.
[  529.423273][T16176] lo speed is unknown, defaulting to 1000
[  529.482271][T16183] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2517'.
[  529.570404][T16177] lo speed is unknown, defaulting to 1000
[  529.924659][T16198] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2522'.
[  529.941389][T16198] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  530.205243][T16211] netlink: 'syz.1.2525': attribute type 13 has an invalid length.
[  530.246086][T16211] netlink: 'syz.1.2525': attribute type 17 has an invalid length.
[  530.329884][T16215] FAULT_INJECTION: forcing a failure.
[  530.329884][T16215] name failslab, interval 1, probability 0, space 0, times 0
[  530.380177][T16215] CPU: 1 UID: 0 PID: 16215 Comm: syz.2.2527 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  530.380210][T16215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  530.380224][T16215] Call Trace:
[  530.380233][T16215]  <TASK>
[  530.380242][T16215]  dump_stack_lvl+0x189/0x250
[  530.380274][T16215]  ? __pfx____ratelimit+0x10/0x10
[  530.380299][T16215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  530.380324][T16215]  ? __pfx__printk+0x10/0x10
[  530.380350][T16215]  ? __local_bh_enable_ip+0x12d/0x1c0
[  530.380384][T16215]  ? sctp_get_port_local+0xe5d/0x1680
[  530.380419][T16215]  should_fail_ex+0x414/0x560
[  530.380447][T16215]  should_failslab+0xa8/0x100
[  530.380482][T16215]  __kmalloc_cache_noprof+0x70/0x3d0
[  530.380512][T16215]  ? sctp_add_bind_addr+0x8c/0x370
[  530.380538][T16215]  sctp_add_bind_addr+0x8c/0x370
[  530.380558][T16215]  ? sctp_auto_asconf_init+0x15c/0x1e0
[  530.380591][T16215]  sctp_do_bind+0x5ab/0x940
[  530.380633][T16215]  sctp_connect_new_asoc+0x25c/0x690
[  530.380665][T16215]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  530.380691][T16215]  ? __local_bh_enable_ip+0x12d/0x1c0
[  530.380723][T16215]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  530.380748][T16215]  ? security_sctp_bind_connect+0x7e/0x2e0
[  530.380784][T16215]  sctp_sendmsg+0x155c/0x2810
[  530.380825][T16215]  ? __pfx_sctp_sendmsg+0x10/0x10
[  530.380863][T16215]  ? aa_sk_perm+0x81e/0x950
[  530.380890][T16215]  ? __pfx_aa_sk_perm+0x10/0x10
[  530.380914][T16215]  ? sock_rps_record_flow+0x19/0x410
[  530.380950][T16215]  ? inet_sendmsg+0x2f4/0x370
[  530.380986][T16215]  __sock_sendmsg+0x19c/0x270
[  530.381023][T16215]  __sys_sendto+0x3bd/0x520
[  530.381051][T16215]  ? __pfx___sys_sendto+0x10/0x10
[  530.381072][T16215]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  530.381113][T16215]  ? __fget_files+0x3a0/0x420
[  530.381146][T16215]  ? ksys_write+0x22a/0x250
[  530.381180][T16215]  ? __pfx_ksys_write+0x10/0x10
[  530.381205][T16215]  ? rcu_is_watching+0x15/0xb0
[  530.381236][T16215]  __x64_sys_sendto+0xde/0x100
[  530.381264][T16215]  do_syscall_64+0xfa/0x3b0
[  530.381288][T16215]  ? lockdep_hardirqs_on+0x9c/0x150
[  530.381310][T16215]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.381330][T16215]  ? clear_bhb_loop+0x60/0xb0
[  530.381356][T16215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.381376][T16215] RIP: 0033:0x7f7f3078e9a9
[  530.381395][T16215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  530.381413][T16215] RSP: 002b:00007f7f315bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  530.381454][T16215] RAX: ffffffffffffffda RBX: 00007f7f309b5fa0 RCX: 00007f7f3078e9a9
[  530.381470][T16215] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  530.381484][T16215] RBP: 00007f7f315bf090 R08: 0000200000000100 R09: 000000000000001c
[  530.381497][T16215] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000001
[  530.381510][T16215] R13: 0000000000000000 R14: 00007f7f309b5fa0 R15: 00007ffc66268fd8
[  530.381546][T16215]  </TASK>
[  530.743921][T16211] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  530.893290][T16213] lo speed is unknown, defaulting to 1000
[  531.433374][T16242] FAULT_INJECTION: forcing a failure.
[  531.433374][T16242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  531.463622][T16242] CPU: 0 UID: 0 PID: 16242 Comm: syz.0.2535 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  531.463655][T16242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  531.463669][T16242] Call Trace:
[  531.463678][T16242]  <TASK>
[  531.463688][T16242]  dump_stack_lvl+0x189/0x250
[  531.463720][T16242]  ? __pfx____ratelimit+0x10/0x10
[  531.463753][T16242]  ? __pfx_dump_stack_lvl+0x10/0x10
[  531.463780][T16242]  ? __pfx__printk+0x10/0x10
[  531.463825][T16242]  should_fail_ex+0x414/0x560
[  531.463855][T16242]  _copy_to_user+0x31/0xb0
[  531.463890][T16242]  simple_read_from_buffer+0xe1/0x170
[  531.463928][T16242]  proc_fail_nth_read+0x1df/0x250
[  531.463955][T16242]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  531.463981][T16242]  ? rw_verify_area+0x258/0x650
[  531.464008][T16242]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  531.464031][T16242]  vfs_read+0x200/0x980
[  531.464066][T16242]  ? __pfx___mutex_lock+0x10/0x10
[  531.464094][T16242]  ? __pfx_vfs_read+0x10/0x10
[  531.464124][T16242]  ? __fget_files+0x2a/0x420
[  531.464149][T16242]  ? __fget_files+0x3a0/0x420
[  531.464166][T16242]  ? __fget_files+0x2a/0x420
[  531.464197][T16242]  ksys_read+0x145/0x250
[  531.464228][T16242]  ? __pfx_ksys_read+0x10/0x10
[  531.464254][T16242]  ? rcu_is_watching+0x15/0xb0
[  531.464287][T16242]  ? do_syscall_64+0xbe/0x3b0
[  531.464318][T16242]  do_syscall_64+0xfa/0x3b0
[  531.464342][T16242]  ? lockdep_hardirqs_on+0x9c/0x150
[  531.464366][T16242]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.464388][T16242]  ? clear_bhb_loop+0x60/0xb0
[  531.464415][T16242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.464436][T16242] RIP: 0033:0x7f501658d3bc
[  531.464456][T16242] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  531.464475][T16242] RSP: 002b:00007f50173ab030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  531.464499][T16242] RAX: ffffffffffffffda RBX: 00007f50167b5fa0 RCX: 00007f501658d3bc
[  531.464515][T16242] RDX: 000000000000000f RSI: 00007f50173ab0a0 RDI: 0000000000000004
[  531.464529][T16242] RBP: 00007f50173ab090 R08: 0000000000000000 R09: 0000000000000000
[  531.464542][T16242] R10: 00000000000000de R11: 0000000000000246 R12: 0000000000000001
[  531.464555][T16242] R13: 0000000000000000 R14: 00007f50167b5fa0 R15: 00007ffe68103468
[  531.464596][T16242]  </TASK>
[  532.543825][T16271] syzkaller1: entered promiscuous mode
[  532.566777][T16271] syzkaller1: entered allmulticast mode
[  532.588641][T16277] netlink: 'syz.3.2545': attribute type 15 has an invalid length.
[  533.553426][T16316] __nla_validate_parse: 3 callbacks suppressed
[  533.553445][T16316] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2561'.
[  533.772658][T16324] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048)
[  533.801717][T16326] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2564'.
[  533.814945][T16326] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2564'.
[  534.147488][T16343] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2568'.
[  534.174449][T16346] tap0: tun_chr_ioctl cmd 1074025675
[  534.207379][T16346] tap0: persist disabled
[  534.229712][T16343] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2568'.
[  534.277924][T16343] netlink: 'syz.4.2568': attribute type 14 has an invalid length.
[  534.314071][T16343] netlink: 'syz.4.2568': attribute type 13 has an invalid length.
[  534.427079][T16351] netlink: 'syz.2.2570': attribute type 1 has an invalid length.
[  534.456920][T16351] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2570'.
[  534.511839][T16351] netlink: 'syz.2.2570': attribute type 2 has an invalid length.
[  534.534019][T16351] netlink: 'syz.2.2570': attribute type 1 has an invalid length.
[  534.567545][T16351] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2570'.
[  534.685560][T16365] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2572'.
[  534.733847][T16365] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2572'.
[  534.786305][T16367] netlink: 'syz.3.2573': attribute type 1 has an invalid length.
[  534.925720][T16351] lo speed is unknown, defaulting to 1000
[  534.959057][T16365] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2572'.
[  535.012248][T16370] bond6: (slave geneve3): making interface the new active one
[  535.024783][T16370] bond6: (slave geneve3): Enslaving as an active interface with an up link
[  535.242777][T11518] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  535.263184][T11518] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  535.311108][T16367] 8021q: adding VLAN 0 to HW filter on device bond6
[  535.375173][T11518] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  535.392227][T11518] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  535.544400][T16386] netlink: 'syz.1.2576': attribute type 10 has an invalid length.
[  535.685268][T16386] team0: Device veth0_vlan failed to register rx_handler
[  535.983752][T16399] sctp: [Deprecated]: syz.0.2579 (pid 16399) Use of struct sctp_assoc_value in delayed_ack socket option.
[  535.983752][T16399] Use struct sctp_sack_info instead
[  536.419046][T16410] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  536.948321][T16431] netlink: 'syz.0.2586': attribute type 13 has an invalid length.
[  536.981071][T16431] netlink: 'syz.0.2586': attribute type 17 has an invalid length.
[  537.029650][T16431] 8021q: adding VLAN 0 to HW filter on device team0
[  537.117518][T16431] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  537.171683][T16434] vlan0: entered promiscuous mode
[  537.272879][T16435] lo speed is unknown, defaulting to 1000
[  537.371196][T16443] FAULT_INJECTION: forcing a failure.
[  537.371196][T16443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  537.394523][T16443] CPU: 1 UID: 0 PID: 16443 Comm: syz.1.2592 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  537.394556][T16443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  537.394569][T16443] Call Trace:
[  537.394578][T16443]  <TASK>
[  537.394587][T16443]  dump_stack_lvl+0x189/0x250
[  537.394619][T16443]  ? __pfx____ratelimit+0x10/0x10
[  537.394644][T16443]  ? __pfx_dump_stack_lvl+0x10/0x10
[  537.394670][T16443]  ? __pfx__printk+0x10/0x10
[  537.394701][T16443]  ? __might_fault+0xb0/0x130
[  537.394780][T16443]  should_fail_ex+0x414/0x560
[  537.394810][T16443]  _copy_from_iter+0x1db/0x16f0
[  537.394843][T16443]  ? rcu_is_watching+0x15/0xb0
[  537.394871][T16443]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  537.394904][T16443]  ? __pfx__copy_from_iter+0x10/0x10
[  537.394934][T16443]  ? __build_skb_around+0x257/0x3e0
[  537.394963][T16443]  ? netlink_sendmsg+0x642/0xb30
[  537.394984][T16443]  ? skb_put+0x11b/0x210
[  537.395014][T16443]  netlink_sendmsg+0x6b2/0xb30
[  537.395047][T16443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  537.395075][T16443]  ? aa_sock_msg_perm+0x94/0x160
[  537.395100][T16443]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  537.395122][T16443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  537.395145][T16443]  __sock_sendmsg+0x21c/0x270
[  537.395182][T16443]  ____sys_sendmsg+0x505/0x830
[  537.395216][T16443]  ? __pfx_____sys_sendmsg+0x10/0x10
[  537.395253][T16443]  ? import_iovec+0x74/0xa0
[  537.395288][T16443]  ___sys_sendmsg+0x21f/0x2a0
[  537.395317][T16443]  ? __pfx____sys_sendmsg+0x10/0x10
[  537.395383][T16443]  ? __fget_files+0x2a/0x420
[  537.395402][T16443]  ? __fget_files+0x3a0/0x420
[  537.395433][T16443]  __x64_sys_sendmsg+0x19b/0x260
[  537.395465][T16443]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  537.395504][T16443]  ? __pfx_ksys_write+0x10/0x10
[  537.395530][T16443]  ? rcu_is_watching+0x15/0xb0
[  537.395559][T16443]  ? do_syscall_64+0xbe/0x3b0
[  537.395590][T16443]  do_syscall_64+0xfa/0x3b0
[  537.395614][T16443]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.395636][T16443]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.395656][T16443]  ? clear_bhb_loop+0x60/0xb0
[  537.395681][T16443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.395702][T16443] RIP: 0033:0x7f967c58e9a9
[  537.395722][T16443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.395740][T16443] RSP: 002b:00007f967d454038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  537.395779][T16443] RAX: ffffffffffffffda RBX: 00007f967c7b5fa0 RCX: 00007f967c58e9a9
[  537.395794][T16443] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  537.395806][T16443] RBP: 00007f967d454090 R08: 0000000000000000 R09: 0000000000000000
[  537.395819][T16443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  537.395832][T16443] R13: 0000000000000000 R14: 00007f967c7b5fa0 R15: 00007ffdb2554888
[  537.395867][T16443]  </TASK>
[  538.622096][T16480] bridge0: entered promiscuous mode
[  538.694967][T16485] validate_nla: 1 callbacks suppressed
[  538.694989][T16485] netlink: 'syz.1.2605': attribute type 1 has an invalid length.
[  538.745864][T16486] __nla_validate_parse: 10 callbacks suppressed
[  538.745885][T16486] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2605'.
[  538.749312][T16487] netlink: 'syz.2.2603': attribute type 5 has an invalid length.
[  538.759772][T16485] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  538.762154][T16487] netlink: 'syz.2.2603': attribute type 5 has an invalid length.
[  538.861036][T16487] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  538.874640][T16487] tipc: Resetting bearer <eth:syzkaller0>
[  538.887249][T16483] tipc: Disabling bearer <eth:syzkaller0>
[  538.930054][T16494] lo speed is unknown, defaulting to 1000
[  539.025338][T16502] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  539.119396][T16504] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2608'.
[  539.160702][T16510] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2610'.
[  539.164435][T16502] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  539.171381][T16510] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2610'.
[  539.191297][T16510] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2610'.
[  539.222180][T16510] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2610'.
[  539.270351][T16502] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  539.412748][T16502] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  539.589056][T16524] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2615'.
[  539.600536][T11527] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  539.622520][T11527] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  539.657227][T11527] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  539.681251][T16527] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7
[  539.702541][T11527] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  540.134095][T16552] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2619'.
[  540.361452][T16562] FAULT_INJECTION: forcing a failure.
[  540.361452][T16562] name failslab, interval 1, probability 0, space 0, times 0
[  540.395217][T16562] CPU: 0 UID: 0 PID: 16562 Comm: syz.4.2625 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  540.395252][T16562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  540.395266][T16562] Call Trace:
[  540.395275][T16562]  <TASK>
[  540.395285][T16562]  dump_stack_lvl+0x189/0x250
[  540.395317][T16562]  ? __pfx____ratelimit+0x10/0x10
[  540.395343][T16562]  ? __pfx_dump_stack_lvl+0x10/0x10
[  540.395369][T16562]  ? __pfx__printk+0x10/0x10
[  540.395415][T16562]  should_fail_ex+0x414/0x560
[  540.395445][T16562]  should_failslab+0xa8/0x100
[  540.395491][T16562]  __kmalloc_cache_noprof+0x70/0x3d0
[  540.395523][T16562]  ? sctp_add_bind_addr+0x8c/0x370
[  540.395551][T16562]  sctp_add_bind_addr+0x8c/0x370
[  540.395579][T16562]  sctp_copy_local_addr_list+0x30b/0x4e0
[  540.395607][T16562]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  540.395630][T16562]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  540.395656][T16562]  ? sctp_v6_is_any+0x64/0x80
[  540.395682][T16562]  ? sctp_copy_one_addr+0x93/0x360
[  540.395710][T16562]  sctp_bind_addr_copy+0xb3/0x3c0
[  540.395734][T16562]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  540.395771][T16562]  sctp_connect_new_asoc+0x2e0/0x690
[  540.395805][T16562]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  540.395831][T16562]  ? __local_bh_enable_ip+0x12d/0x1c0
[  540.395865][T16562]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  540.395890][T16562]  ? security_sctp_bind_connect+0x7e/0x2e0
[  540.395928][T16562]  sctp_sendmsg+0x155c/0x2810
[  540.395972][T16562]  ? __pfx_sctp_sendmsg+0x10/0x10
[  540.396004][T16562]  ? aa_sk_perm+0x81e/0x950
[  540.396032][T16562]  ? __pfx_aa_sk_perm+0x10/0x10
[  540.396057][T16562]  ? sock_rps_record_flow+0x19/0x410
[  540.396095][T16562]  ? inet_sendmsg+0x2f4/0x370
[  540.396133][T16562]  __sock_sendmsg+0x19c/0x270
[  540.396172][T16562]  __sys_sendto+0x3bd/0x520
[  540.396200][T16562]  ? __pfx___sys_sendto+0x10/0x10
[  540.396227][T16562]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  540.396270][T16562]  ? __fget_files+0x3a0/0x420
[  540.396302][T16562]  ? ksys_write+0x22a/0x250
[  540.396335][T16562]  ? __pfx_ksys_write+0x10/0x10
[  540.396360][T16562]  ? rcu_is_watching+0x15/0xb0
[  540.396393][T16562]  __x64_sys_sendto+0xde/0x100
[  540.396423][T16562]  do_syscall_64+0xfa/0x3b0
[  540.396448][T16562]  ? lockdep_hardirqs_on+0x9c/0x150
[  540.396481][T16562]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.396503][T16562]  ? clear_bhb_loop+0x60/0xb0
[  540.396531][T16562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.396552][T16562] RIP: 0033:0x7f66b258e9a9
[  540.396573][T16562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.396591][T16562] RSP: 002b:00007f66b34b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  540.396614][T16562] RAX: ffffffffffffffda RBX: 00007f66b27b5fa0 RCX: 00007f66b258e9a9
[  540.396631][T16562] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  540.396657][T16562] RBP: 00007f66b34b7090 R08: 0000200000000100 R09: 000000000000001c
[  540.396672][T16562] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000001
[  540.396685][T16562] R13: 0000000000000000 R14: 00007f66b27b5fa0 R15: 00007ffe8c6ed428
[  540.396720][T16562]  </TASK>
[  540.883618][T16575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2627'.
[  541.182153][T16582] netlink: 'syz.2.2631': attribute type 10 has an invalid length.
[  541.254100][T16581] netlink: 88 bytes leftover after parsing attributes in process `syz.0.2630'.
[  541.270753][T16588] netlink: 'syz.2.2631': attribute type 12 has an invalid length.
[  541.384703][T16591] gtp0: entered promiscuous mode
[  541.427555][T16591] gtp0: entered allmulticast mode
[  541.633862][T16599] netlink: 'syz.3.2636': attribute type 10 has an invalid length.
[  541.695181][T16599] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  541.752140][T16607] FAULT_INJECTION: forcing a failure.
[  541.752140][T16607] name failslab, interval 1, probability 0, space 0, times 0
[  541.794367][T16607] CPU: 1 UID: 0 PID: 16607 Comm: syz.4.2639 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  541.794402][T16607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  541.794417][T16607] Call Trace:
[  541.794425][T16607]  <TASK>
[  541.794435][T16607]  dump_stack_lvl+0x189/0x250
[  541.794467][T16607]  ? __pfx____ratelimit+0x10/0x10
[  541.794492][T16607]  ? __pfx_dump_stack_lvl+0x10/0x10
[  541.794517][T16607]  ? __pfx__printk+0x10/0x10
[  541.794565][T16607]  should_fail_ex+0x414/0x560
[  541.794595][T16607]  should_failslab+0xa8/0x100
[  541.794631][T16607]  __kmalloc_cache_noprof+0x70/0x3d0
[  541.794662][T16607]  ? sctp_add_bind_addr+0x8c/0x370
[  541.794690][T16607]  sctp_add_bind_addr+0x8c/0x370
[  541.794718][T16607]  sctp_copy_local_addr_list+0x30b/0x4e0
[  541.794746][T16607]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  541.794769][T16607]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  541.794795][T16607]  ? sctp_v6_is_any+0x64/0x80
[  541.794821][T16607]  ? sctp_copy_one_addr+0x93/0x360
[  541.794848][T16607]  sctp_bind_addr_copy+0xb3/0x3c0
[  541.794872][T16607]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  541.794910][T16607]  sctp_connect_new_asoc+0x2e0/0x690
[  541.794943][T16607]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  541.794969][T16607]  ? __local_bh_enable_ip+0x12d/0x1c0
[  541.795003][T16607]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  541.795029][T16607]  ? security_sctp_bind_connect+0x7e/0x2e0
[  541.795066][T16607]  sctp_sendmsg+0x155c/0x2810
[  541.795109][T16607]  ? __pfx_sctp_sendmsg+0x10/0x10
[  541.795141][T16607]  ? aa_sk_perm+0x81e/0x950
[  541.795169][T16607]  ? __pfx_aa_sk_perm+0x10/0x10
[  541.795193][T16607]  ? sock_rps_record_flow+0x19/0x410
[  541.795230][T16607]  ? inet_sendmsg+0x2f4/0x370
[  541.795268][T16607]  __sock_sendmsg+0x19c/0x270
[  541.795307][T16607]  __sys_sendto+0x3bd/0x520
[  541.795336][T16607]  ? __pfx___sys_sendto+0x10/0x10
[  541.795363][T16607]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  541.795404][T16607]  ? __fget_files+0x3a0/0x420
[  541.795437][T16607]  ? ksys_write+0x22a/0x250
[  541.795468][T16607]  ? __pfx_ksys_write+0x10/0x10
[  541.795495][T16607]  ? rcu_is_watching+0x15/0xb0
[  541.795527][T16607]  __x64_sys_sendto+0xde/0x100
[  541.795557][T16607]  do_syscall_64+0xfa/0x3b0
[  541.795581][T16607]  ? lockdep_hardirqs_on+0x9c/0x150
[  541.795605][T16607]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.795627][T16607]  ? clear_bhb_loop+0x60/0xb0
[  541.795654][T16607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.795675][T16607] RIP: 0033:0x7f66b258e9a9
[  541.795695][T16607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.795714][T16607] RSP: 002b:00007f66b34b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  541.795737][T16607] RAX: ffffffffffffffda RBX: 00007f66b27b5fa0 RCX: 00007f66b258e9a9
[  541.795753][T16607] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  541.795767][T16607] RBP: 00007f66b34b7090 R08: 0000200000000100 R09: 000000000000001c
[  541.795781][T16607] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000001
[  541.795794][T16607] R13: 0000000000000000 R14: 00007f66b27b5fa0 R15: 00007ffe8c6ed428
[  541.795830][T16607]  </TASK>
[  541.813643][T16601] lo speed is unknown, defaulting to 1000
[  542.863559][T16637] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  542.876507][T16637] syzkaller0: entered promiscuous mode
[  542.901229][T16637] syzkaller0: entered allmulticast mode
[  543.248327][T16645] tipc: Resetting bearer <eth:syzkaller0>
[  543.432377][T16636] tipc: Resetting bearer <eth:syzkaller0>
[  543.492950][T16636] tipc: Disabling bearer <eth:syzkaller0>
[  543.523619][T16650] FAULT_INJECTION: forcing a failure.
[  543.523619][T16650] name failslab, interval 1, probability 0, space 0, times 0
[  543.539861][T16650] CPU: 0 UID: 0 PID: 16650 Comm: syz.0.2648 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  543.539895][T16650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  543.539908][T16650] Call Trace:
[  543.539917][T16650]  <TASK>
[  543.539927][T16650]  dump_stack_lvl+0x189/0x250
[  543.539960][T16650]  ? __pfx____ratelimit+0x10/0x10
[  543.539985][T16650]  ? __pfx_dump_stack_lvl+0x10/0x10
[  543.540011][T16650]  ? __pfx__printk+0x10/0x10
[  543.540047][T16650]  ? __pfx___might_resched+0x10/0x10
[  543.540073][T16650]  ? fs_reclaim_acquire+0x7d/0x100
[  543.540102][T16650]  should_fail_ex+0x414/0x560
[  543.540131][T16650]  should_failslab+0xa8/0x100
[  543.540167][T16650]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  543.540198][T16650]  ? __alloc_skb+0x112/0x2d0
[  543.540228][T16650]  __alloc_skb+0x112/0x2d0
[  543.540258][T16650]  netlink_ack+0x146/0xa50
[  543.540292][T16650]  ? __pfx_genl_rcv_msg+0x10/0x10
[  543.540320][T16650]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  543.540350][T16650]  ? __pfx_nl80211_post_doit+0x10/0x10
[  543.540390][T16650]  ? __asan_memcpy+0x40/0x70
[  543.540415][T16650]  ? __pfx_ref_tracker_free+0x10/0x10
[  543.540449][T16650]  netlink_rcv_skb+0x28c/0x470
[  543.540470][T16650]  ? __lock_acquire+0xab9/0xd20
[  543.540493][T16650]  ? __pfx_genl_rcv_msg+0x10/0x10
[  543.540524][T16650]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  543.540570][T16650]  ? down_read+0x1ad/0x2e0
[  543.540601][T16650]  genl_rcv+0x28/0x40
[  543.540628][T16650]  netlink_unicast+0x82f/0x9e0
[  543.540672][T16650]  ? __pfx_netlink_unicast+0x10/0x10
[  543.540709][T16650]  ? netlink_sendmsg+0x642/0xb30
[  543.540730][T16650]  ? skb_put+0x11b/0x210
[  543.540759][T16650]  netlink_sendmsg+0x805/0xb30
[  543.540795][T16650]  ? __pfx_netlink_sendmsg+0x10/0x10
[  543.540823][T16650]  ? aa_sock_msg_perm+0x94/0x160
[  543.540853][T16650]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  543.540875][T16650]  ? __pfx_netlink_sendmsg+0x10/0x10
[  543.540900][T16650]  __sock_sendmsg+0x21c/0x270
[  543.540937][T16650]  ____sys_sendmsg+0x505/0x830
[  543.540971][T16650]  ? __pfx_____sys_sendmsg+0x10/0x10
[  543.541009][T16650]  ? import_iovec+0x74/0xa0
[  543.541044][T16650]  ___sys_sendmsg+0x21f/0x2a0
[  543.541075][T16650]  ? __pfx____sys_sendmsg+0x10/0x10
[  543.541147][T16650]  ? __fget_files+0x2a/0x420
[  543.541166][T16650]  ? __fget_files+0x3a0/0x420
[  543.541198][T16650]  __x64_sys_sendmsg+0x19b/0x260
[  543.541230][T16650]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  543.541270][T16650]  ? __pfx_ksys_write+0x10/0x10
[  543.541297][T16650]  ? rcu_is_watching+0x15/0xb0
[  543.541330][T16650]  ? do_syscall_64+0xbe/0x3b0
[  543.541361][T16650]  do_syscall_64+0xfa/0x3b0
[  543.541393][T16650]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.541416][T16650]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.541438][T16650]  ? clear_bhb_loop+0x60/0xb0
[  543.541464][T16650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.541485][T16650] RIP: 0033:0x7f501658e9a9
[  543.541505][T16650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.541523][T16650] RSP: 002b:00007f50173ab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  543.541546][T16650] RAX: ffffffffffffffda RBX: 00007f50167b5fa0 RCX: 00007f501658e9a9
[  543.541562][T16650] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  543.541575][T16650] RBP: 00007f50173ab090 R08: 0000000000000000 R09: 0000000000000000
[  543.541588][T16650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  543.541601][T16650] R13: 0000000000000000 R14: 00007f50167b5fa0 R15: 00007ffe68103468
[  543.541635][T16650]  </TASK>
[  543.956487][T16661] __nla_validate_parse: 6 callbacks suppressed
[  543.956509][T16661] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2646'.
[  544.076479][T16655] bridge0: entered allmulticast mode
[  544.580542][T16687] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0)
[  544.593398][T16688] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan0, syncid = 2, id = 0
[  544.629857][T16687] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535
[  544.645523][T16690] netlink: 'syz.0.2660': attribute type 1 has an invalid length.
[  544.655931][T16690] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2660'.
[  544.668844][T16690] netlink: 'syz.0.2660': attribute type 2 has an invalid length.
[  544.689025][T16690] netlink: 'syz.0.2660': attribute type 1 has an invalid length.
[  544.698715][T16690] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2660'.
[  544.738603][T16697] netlink: 'syz.1.2657': attribute type 1 has an invalid length.
[  544.796172][T16697] 8021q: adding VLAN 0 to HW filter on device bond4
[  544.796782][T16702] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2657'.
[  544.876004][T16705] lo speed is unknown, defaulting to 1000
[  544.954798][T16697] bond4: (slave gretap2): making interface the new active one
[  545.005377][T16697] bond4: (slave gretap2): Enslaving as an active interface with an up link
[  545.039803][T16711] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  545.062344][T16711] mac80211_hwsim hwsim7 syzkaller0: entered promiscuous mode
[  545.075131][T16711] mac80211_hwsim hwsim7 syzkaller0: entered allmulticast mode
[  545.481277][T16721] netlink: 'syz.0.2667': attribute type 32 has an invalid length.
[  545.808107][T16733] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  545.847815][T16733] netlink: 212320 bytes leftover after parsing attributes in process `syz.2.2671'.
[  545.953329][T16738] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2672'.
[  546.050995][T16739] lo speed is unknown, defaulting to 1000
[  546.186204][ T5865] tipc: Node number set to 281937233
[  546.667882][ T5856] Bluetooth: hci4: command 0x0405 tx timeout
[  546.795663][T16757] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  546.829820][T16757] team0: Device ipvlan0 is already an upper device of the team interface
[  547.188726][T16769] FAULT_INJECTION: forcing a failure.
[  547.188726][T16769] name failslab, interval 1, probability 0, space 0, times 0
[  547.231042][T16769] CPU: 0 UID: 0 PID: 16769 Comm: syz.0.2682 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  547.231076][T16769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  547.231089][T16769] Call Trace:
[  547.231098][T16769]  <TASK>
[  547.231108][T16769]  dump_stack_lvl+0x189/0x250
[  547.231140][T16769]  ? __pfx____ratelimit+0x10/0x10
[  547.231165][T16769]  ? __pfx_dump_stack_lvl+0x10/0x10
[  547.231191][T16769]  ? __pfx__printk+0x10/0x10
[  547.231238][T16769]  should_fail_ex+0x414/0x560
[  547.231267][T16769]  should_failslab+0xa8/0x100
[  547.231300][T16769]  __kmalloc_cache_noprof+0x70/0x3d0
[  547.231331][T16769]  ? sctp_add_bind_addr+0x8c/0x370
[  547.231359][T16769]  sctp_add_bind_addr+0x8c/0x370
[  547.231387][T16769]  sctp_copy_local_addr_list+0x30b/0x4e0
[  547.231413][T16769]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  547.231436][T16769]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  547.231459][T16769]  ? sctp_v6_is_any+0x64/0x80
[  547.231485][T16769]  ? sctp_copy_one_addr+0x93/0x360
[  547.231511][T16769]  sctp_bind_addr_copy+0xb3/0x3c0
[  547.231534][T16769]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  547.231571][T16769]  sctp_connect_new_asoc+0x2e0/0x690
[  547.231603][T16769]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  547.231629][T16769]  ? __local_bh_enable_ip+0x12d/0x1c0
[  547.231663][T16769]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  547.231688][T16769]  ? security_sctp_bind_connect+0x7e/0x2e0
[  547.231724][T16769]  sctp_sendmsg+0x155c/0x2810
[  547.231773][T16769]  ? __pfx_sctp_sendmsg+0x10/0x10
[  547.231805][T16769]  ? aa_sk_perm+0x81e/0x950
[  547.231832][T16769]  ? __pfx_aa_sk_perm+0x10/0x10
[  547.231856][T16769]  ? sock_rps_record_flow+0x19/0x410
[  547.231893][T16769]  ? inet_sendmsg+0x2f4/0x370
[  547.231929][T16769]  __sock_sendmsg+0x19c/0x270
[  547.231968][T16769]  __sys_sendto+0x3bd/0x520
[  547.231997][T16769]  ? __pfx___sys_sendto+0x10/0x10
[  547.232019][T16769]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  547.232061][T16769]  ? __fget_files+0x3a0/0x420
[  547.232093][T16769]  ? ksys_write+0x22a/0x250
[  547.232125][T16769]  ? __pfx_ksys_write+0x10/0x10
[  547.232151][T16769]  ? rcu_is_watching+0x15/0xb0
[  547.232184][T16769]  __x64_sys_sendto+0xde/0x100
[  547.232213][T16769]  do_syscall_64+0xfa/0x3b0
[  547.232237][T16769]  ? lockdep_hardirqs_on+0x9c/0x150
[  547.232259][T16769]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.232281][T16769]  ? clear_bhb_loop+0x60/0xb0
[  547.232308][T16769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.232330][T16769] RIP: 0033:0x7f501658e9a9
[  547.232348][T16769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.232367][T16769] RSP: 002b:00007f50173ab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  547.232389][T16769] RAX: ffffffffffffffda RBX: 00007f50167b5fa0 RCX: 00007f501658e9a9
[  547.232403][T16769] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  547.232417][T16769] RBP: 00007f50173ab090 R08: 0000200000000100 R09: 000000000000001c
[  547.232431][T16769] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000002
[  547.232444][T16769] R13: 0000000000000000 R14: 00007f50167b5fa0 R15: 00007ffe68103468
[  547.232479][T16769]  </TASK>
[  547.685357][T16782] netlink: 248 bytes leftover after parsing attributes in process `syz.1.2687'.
[  548.170256][T16793] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  548.209359][T16793] syzkaller0: entered promiscuous mode
[  548.214915][T16793] syzkaller0: entered allmulticast mode
[  548.293539][T16793] tipc: Resetting bearer <eth:syzkaller0>
[  548.312727][T16791] tipc: Resetting bearer <eth:syzkaller0>
[  548.481231][T16791] tipc: Disabling bearer <eth:syzkaller0>
[  548.489885][T16812] FAULT_INJECTION: forcing a failure.
[  548.489885][T16812] name failslab, interval 1, probability 0, space 0, times 0
[  548.516441][T16812] CPU: 1 UID: 0 PID: 16812 Comm: syz.3.2698 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  548.516475][T16812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  548.516489][T16812] Call Trace:
[  548.516497][T16812]  <TASK>
[  548.516507][T16812]  dump_stack_lvl+0x189/0x250
[  548.516538][T16812]  ? __pfx____ratelimit+0x10/0x10
[  548.516563][T16812]  ? __pfx_dump_stack_lvl+0x10/0x10
[  548.516589][T16812]  ? __pfx__printk+0x10/0x10
[  548.516632][T16812]  should_fail_ex+0x414/0x560
[  548.516660][T16812]  should_failslab+0xa8/0x100
[  548.516693][T16812]  __kmalloc_cache_noprof+0x70/0x3d0
[  548.516722][T16812]  ? sctp_add_bind_addr+0x8c/0x370
[  548.516748][T16812]  sctp_add_bind_addr+0x8c/0x370
[  548.516774][T16812]  sctp_copy_local_addr_list+0x30b/0x4e0
[  548.516800][T16812]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  548.516821][T16812]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  548.516853][T16812]  ? sctp_v6_is_any+0x64/0x80
[  548.516877][T16812]  ? sctp_copy_one_addr+0x93/0x360
[  548.516902][T16812]  sctp_bind_addr_copy+0xb3/0x3c0
[  548.516926][T16812]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  548.516962][T16812]  sctp_connect_new_asoc+0x2e0/0x690
[  548.516995][T16812]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  548.517021][T16812]  ? __local_bh_enable_ip+0x12d/0x1c0
[  548.517053][T16812]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  548.517078][T16812]  ? security_sctp_bind_connect+0x7e/0x2e0
[  548.517115][T16812]  sctp_sendmsg+0x155c/0x2810
[  548.517155][T16812]  ? __pfx_sctp_sendmsg+0x10/0x10
[  548.517188][T16812]  ? aa_sk_perm+0x81e/0x950
[  548.517214][T16812]  ? __pfx_aa_sk_perm+0x10/0x10
[  548.517239][T16812]  ? sock_rps_record_flow+0x19/0x410
[  548.517280][T16812]  ? inet_sendmsg+0x2f4/0x370
[  548.517317][T16812]  __sock_sendmsg+0x19c/0x270
[  548.517354][T16812]  __sys_sendto+0x3bd/0x520
[  548.517382][T16812]  ? __pfx___sys_sendto+0x10/0x10
[  548.517404][T16812]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  548.517447][T16812]  ? __fget_files+0x3a0/0x420
[  548.517479][T16812]  ? ksys_write+0x22a/0x250
[  548.517511][T16812]  ? __pfx_ksys_write+0x10/0x10
[  548.517537][T16812]  ? rcu_is_watching+0x15/0xb0
[  548.517569][T16812]  __x64_sys_sendto+0xde/0x100
[  548.517598][T16812]  do_syscall_64+0xfa/0x3b0
[  548.517622][T16812]  ? lockdep_hardirqs_on+0x9c/0x150
[  548.517646][T16812]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.517667][T16812]  ? clear_bhb_loop+0x60/0xb0
[  548.517694][T16812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.517715][T16812] RIP: 0033:0x7f08a7f8e9a9
[  548.517734][T16812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.517752][T16812] RSP: 002b:00007f08a8e5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  548.517775][T16812] RAX: ffffffffffffffda RBX: 00007f08a81b5fa0 RCX: 00007f08a7f8e9a9
[  548.517790][T16812] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  548.517803][T16812] RBP: 00007f08a8e5e090 R08: 0000200000000100 R09: 000000000000001c
[  548.517818][T16812] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000002
[  548.517837][T16812] R13: 0000000000000000 R14: 00007f08a81b5fa0 R15: 00007ffc506af458
[  548.517873][T16812]  </TASK>
[  548.903467][T16820] netlink: 248 bytes leftover after parsing attributes in process `syz.4.2699'.
[  549.196409][T16829] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2703'.
[  549.233255][T16834] netlink: 208 bytes leftover after parsing attributes in process `syz.2.2704'.
[  549.314380][T16829] netlink: 'syz.3.2703': attribute type 1 has an invalid length.
[  549.322425][T16829] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2703'.
[  549.536946][T16844] syz.4.2708: vmalloc error: size 33558528, failed to allocated page array size 65544, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  549.594841][T16844] CPU: 0 UID: 0 PID: 16844 Comm: syz.4.2708 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  549.594875][T16844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  549.594889][T16844] Call Trace:
[  549.594899][T16844]  <TASK>
[  549.594908][T16844]  dump_stack_lvl+0x189/0x250
[  549.594944][T16844]  ? __pfx_dump_stack_lvl+0x10/0x10
[  549.594971][T16844]  ? __pfx__printk+0x10/0x10
[  549.595002][T16844]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  549.595031][T16844]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  549.595062][T16844]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  549.595095][T16844]  warn_alloc+0x214/0x310
[  549.595123][T16844]  ? __pfx_warn_alloc+0x10/0x10
[  549.595154][T16844]  ? __get_vm_area_node+0x28f/0x300
[  549.595187][T16844]  ? xskq_create+0xbf/0x170
[  549.595215][T16844]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  549.595285][T16844]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  549.595328][T16844]  ? __kasan_kmalloc+0x93/0xb0
[  549.595362][T16844]  vmalloc_user_noprof+0xad/0xf0
[  549.595396][T16844]  ? xskq_create+0xbf/0x170
[  549.595420][T16844]  xskq_create+0xbf/0x170
[  549.595447][T16844]  xsk_init_queue+0xb0/0x110
[  549.595474][T16844]  xsk_setsockopt+0x57b/0x8d0
[  549.595499][T16844]  ? __pfx_xsk_setsockopt+0x10/0x10
[  549.595528][T16844]  ? __pfx_aa_sk_perm+0x10/0x10
[  549.595554][T16844]  ? __fget_files+0x2a/0x420
[  549.595573][T16844]  ? aa_sock_opt_perm+0x74/0x110
[  549.595599][T16844]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  549.595622][T16844]  ? __pfx_xsk_setsockopt+0x10/0x10
[  549.595645][T16844]  do_sock_setsockopt+0x17c/0x1b0
[  549.595678][T16844]  __x64_sys_setsockopt+0x13f/0x1b0
[  549.595711][T16844]  do_syscall_64+0xfa/0x3b0
[  549.595735][T16844]  ? lockdep_hardirqs_on+0x9c/0x150
[  549.595759][T16844]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.595781][T16844]  ? clear_bhb_loop+0x60/0xb0
[  549.595809][T16844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.595830][T16844] RIP: 0033:0x7f66b258e9a9
[  549.595848][T16844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.595866][T16844] RSP: 002b:00007f66b34b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  549.595889][T16844] RAX: ffffffffffffffda RBX: 00007f66b27b5fa0 RCX: 00007f66b258e9a9
[  549.595905][T16844] RDX: 0000000000000003 RSI: 000000000000011b RDI: 0000000000000007
[  549.595917][T16844] RBP: 00007f66b2610d69 R08: 0000000000000004 R09: 0000000000000000
[  549.595930][T16844] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000
[  549.595943][T16844] R13: 0000000000000000 R14: 00007f66b27b5fa0 R15: 00007ffe8c6ed428
[  549.595978][T16844]  </TASK>
[  549.596000][T16844] Mem-Info:
[  549.889766][T16866] FAULT_INJECTION: forcing a failure.
[  549.889766][T16866] name failslab, interval 1, probability 0, space 0, times 0
[  549.948044][T16844] active_anon:7829 inactive_anon:0 isolated_anon:0
[  549.948044][T16844]  active_file:1873 inactive_file:40029 isolated_file:0
[  549.948044][T16844]  unevictable:768 dirty:172 writeback:0
[  549.948044][T16844]  slab_reclaimable:11893 slab_unreclaimable:151464
[  549.948044][T16844]  mapped:30777 shmem:1389 pagetables:1075
[  549.948044][T16844]  sec_pagetables:0 bounce:0
[  549.948044][T16844]  kernel_misc_reclaimable:0
[  549.948044][T16844]  free:1268715 free_pcp:14661 free_cma:0
[  549.966497][T16866] CPU: 1 UID: 0 PID: 16866 Comm: syz.3.2712 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  549.966540][T16866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  549.966556][T16866] Call Trace:
[  549.966566][T16866]  <TASK>
[  549.966577][T16866]  dump_stack_lvl+0x189/0x250
[  549.966615][T16866]  ? __pfx____ratelimit+0x10/0x10
[  549.966644][T16866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  549.966675][T16866]  ? __pfx__printk+0x10/0x10
[  549.966726][T16866]  should_fail_ex+0x414/0x560
[  549.966768][T16866]  should_failslab+0xa8/0x100
[  549.966807][T16866]  __kmalloc_cache_noprof+0x70/0x3d0
[  549.966843][T16866]  ? sctp_add_bind_addr+0x8c/0x370
[  549.966876][T16866]  sctp_add_bind_addr+0x8c/0x370
[  549.966907][T16866]  sctp_copy_local_addr_list+0x30b/0x4e0
[  549.966939][T16866]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  549.966965][T16866]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  549.966994][T16866]  ? sctp_v6_is_any+0x64/0x80
[  549.967023][T16866]  ? sctp_copy_one_addr+0x93/0x360
[  549.967052][T16866]  sctp_bind_addr_copy+0xb3/0x3c0
[  549.967079][T16866]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  549.967121][T16866]  sctp_connect_new_asoc+0x2e0/0x690
[  549.967158][T16866]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  549.967189][T16866]  ? __local_bh_enable_ip+0x12d/0x1c0
[  549.967226][T16866]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  549.967255][T16866]  ? security_sctp_bind_connect+0x7e/0x2e0
[  549.967301][T16866]  sctp_sendmsg+0x155c/0x2810
[  549.967348][T16866]  ? __pfx_sctp_sendmsg+0x10/0x10
[  549.967384][T16866]  ? aa_sk_perm+0x81e/0x950
[  549.967417][T16866]  ? __pfx_aa_sk_perm+0x10/0x10
[  549.967445][T16866]  ? sock_rps_record_flow+0x19/0x410
[  549.967486][T16866]  ? inet_sendmsg+0x2f4/0x370
[  549.967528][T16866]  __sock_sendmsg+0x19c/0x270
[  549.967572][T16866]  __sys_sendto+0x3bd/0x520
[  549.967603][T16866]  ? __pfx___sys_sendto+0x10/0x10
[  549.967628][T16866]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  549.967675][T16866]  ? __fget_files+0x3a0/0x420
[  549.967712][T16866]  ? ksys_write+0x22a/0x250
[  549.967766][T16866]  ? __pfx_ksys_write+0x10/0x10
[  549.967794][T16866]  ? rcu_is_watching+0x15/0xb0
[  549.967831][T16866]  __x64_sys_sendto+0xde/0x100
[  549.967866][T16866]  do_syscall_64+0xfa/0x3b0
[  549.967895][T16866]  ? lockdep_hardirqs_on+0x9c/0x150
[  549.967924][T16866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.967947][T16866]  ? clear_bhb_loop+0x60/0xb0
[  549.967979][T16866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.968002][T16866] RIP: 0033:0x7f08a7f8e9a9
[  549.968025][T16866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.968046][T16866] RSP: 002b:00007f08a8e5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  549.968073][T16866] RAX: ffffffffffffffda RBX: 00007f08a81b5fa0 RCX: 00007f08a7f8e9a9
[  549.968091][T16866] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  549.968107][T16866] RBP: 00007f08a8e5e090 R08: 0000200000000100 R09: 000000000000001c
[  549.968123][T16866] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000002
[  549.968138][T16866] R13: 0000000000000000 R14: 00007f08a81b5fa0 R15: 00007ffc506af458
[  549.968178][T16866]  </TASK>
[  550.044371][T16869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2713'.
[  550.336162][T16844] Node 0 active_anon:31452kB inactive_anon:0kB active_file:7492kB inactive_file:159912kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:127116kB dirty:660kB writeback:0kB shmem:4024kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12984kB pagetables:4400kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  550.397499][T16844] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  550.473984][T16877] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  550.493542][T16844] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  550.528237][T16869] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  550.576534][T16844] lowmem_reserve[]: 0 2498 2499 2499 2499
[  550.636237][T16844] Node 0 DMA32 free:1158312kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31204kB inactive_anon:0kB active_file:7492kB inactive_file:158348kB unevictable:1536kB writepending:660kB present:3129332kB managed:2558296kB mlocked:0kB bounce:0kB free_pcp:37808kB local_pcp:22856kB free_cma:0kB
[  550.670555][T16844] lowmem_reserve[]: 0 0 1 1 1
[  550.675373][T16844] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1564kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  550.724981][T16888] netlink: 'syz.2.2716': attribute type 1 has an invalid length.
[  550.737978][T16844] lowmem_reserve[]: 0 0 0 0 0
[  550.742787][T16844] Node 1 Normal free:3900860kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:20884kB local_pcp:7040kB free_cma:0kB
[  550.825046][T16844] lowmem_reserve[]: 0 0 0 0 0
[  550.834431][T16887] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2717'.
[  550.836581][T16888] 8021q: adding VLAN 0 to HW filter on device bond10
[  550.859069][T16844] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  550.901841][T16844] Node 0 DMA32: 2482*4kB (UM) 1972*8kB (UME) 752*16kB (UME) 503*32kB (UM) 107*64kB (UME) 15*128kB (U) 66*256kB (UME) 31*512kB (UM) 18*1024kB (UME) 14*2048kB (UME) 248*4096kB (UM) = 1158280kB
[  550.961349][T16844] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[  550.975822][T16890] 8021q: adding VLAN 0 to HW filter on device bond10
[  550.997230][T16844] Node 1 Normal: 227*4kB (UE) 66*8kB (UME) 42*16kB (UME) 70*32kB (UME) 23*64kB (UME) 12*128kB (UME) 3*256kB (ME) 3*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 949*4096kB (UM) = 3900860kB
[  551.030029][T16890] bond10: (slave vxcan1): The slave device specified does not support setting the MAC address
[  551.044923][T16844] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  551.054757][T16844] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  551.066473][T16890] bond10: (slave vxcan1): Error -95 calling set_mac_address
[  551.067142][T16844] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  551.091516][T16844] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  551.102857][T16844] 43289 total pagecache pages
[  551.111648][T16844] 0 pages in swap cache
[  551.115860][T16844] Free swap  = 124996kB
[  551.122582][T16844] Total swap = 124996kB
[  551.126793][T16844] 2097051 pages RAM
[  551.133782][T16844] 0 pages HighMem/MovableOnly
[  551.139410][T16844] 425435 pages reserved
[  551.143822][T16844] 0 pages cma reserved
[  551.306694][T16907] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2723'.
[  551.326432][T16907] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  551.372552][   T24] lo speed is unknown, defaulting to 1000
[  551.591719][T16922] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8
[  551.769999][T16928] FAULT_INJECTION: forcing a failure.
[  551.769999][T16928] name failslab, interval 1, probability 0, space 0, times 0
[  551.789042][T16928] CPU: 0 UID: 0 PID: 16928 Comm: syz.3.2726 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  551.789075][T16928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  551.789089][T16928] Call Trace:
[  551.789097][T16928]  <TASK>
[  551.789107][T16928]  dump_stack_lvl+0x189/0x250
[  551.789137][T16928]  ? __pfx____ratelimit+0x10/0x10
[  551.789161][T16928]  ? __pfx_dump_stack_lvl+0x10/0x10
[  551.789186][T16928]  ? __pfx__printk+0x10/0x10
[  551.789233][T16928]  should_fail_ex+0x414/0x560
[  551.789263][T16928]  should_failslab+0xa8/0x100
[  551.789299][T16928]  __kmalloc_cache_noprof+0x70/0x3d0
[  551.789331][T16928]  ? sctp_add_bind_addr+0x8c/0x370
[  551.789359][T16928]  sctp_add_bind_addr+0x8c/0x370
[  551.789388][T16928]  sctp_copy_local_addr_list+0x30b/0x4e0
[  551.789414][T16928]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  551.789437][T16928]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  551.789463][T16928]  ? sctp_v6_is_any+0x64/0x80
[  551.789489][T16928]  ? sctp_copy_one_addr+0x93/0x360
[  551.789522][T16928]  sctp_bind_addr_copy+0xb3/0x3c0
[  551.789546][T16928]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  551.789582][T16928]  sctp_connect_new_asoc+0x2e0/0x690
[  551.789616][T16928]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  551.789642][T16928]  ? __local_bh_enable_ip+0x12d/0x1c0
[  551.789674][T16928]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  551.789700][T16928]  ? security_sctp_bind_connect+0x7e/0x2e0
[  551.789737][T16928]  sctp_sendmsg+0x155c/0x2810
[  551.789778][T16928]  ? __pfx_sctp_sendmsg+0x10/0x10
[  551.789811][T16928]  ? aa_sk_perm+0x81e/0x950
[  551.789838][T16928]  ? __pfx_aa_sk_perm+0x10/0x10
[  551.789863][T16928]  ? sock_rps_record_flow+0x19/0x410
[  551.789900][T16928]  ? inet_sendmsg+0x2f4/0x370
[  551.789937][T16928]  __sock_sendmsg+0x19c/0x270
[  551.789976][T16928]  __sys_sendto+0x3bd/0x520
[  551.790005][T16928]  ? __pfx___sys_sendto+0x10/0x10
[  551.790027][T16928]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  551.790070][T16928]  ? __fget_files+0x3a0/0x420
[  551.790102][T16928]  ? ksys_write+0x22a/0x250
[  551.790134][T16928]  ? __pfx_ksys_write+0x10/0x10
[  551.790160][T16928]  ? rcu_is_watching+0x15/0xb0
[  551.790191][T16928]  __x64_sys_sendto+0xde/0x100
[  551.790220][T16928]  do_syscall_64+0xfa/0x3b0
[  551.790244][T16928]  ? lockdep_hardirqs_on+0x9c/0x150
[  551.790268][T16928]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.790291][T16928]  ? clear_bhb_loop+0x60/0xb0
[  551.790325][T16928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.790346][T16928] RIP: 0033:0x7f08a7f8e9a9
[  551.790365][T16928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  551.790384][T16928] RSP: 002b:00007f08a8e5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  551.790406][T16928] RAX: ffffffffffffffda RBX: 00007f08a81b5fa0 RCX: 00007f08a7f8e9a9
[  551.790422][T16928] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  551.790436][T16928] RBP: 00007f08a8e5e090 R08: 0000200000000100 R09: 000000000000001c
[  551.790450][T16928] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000002
[  551.790463][T16928] R13: 0000000000000000 R14: 00007f08a81b5fa0 R15: 00007ffc506af458
[  551.790500][T16928]  </TASK>
[  552.152568][T16936] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  552.181056][T16936] netlink: 212320 bytes leftover after parsing attributes in process `syz.1.2727'.
[  552.452685][T16951] netlink: 'syz.2.2733': attribute type 1 has an invalid length.
[  552.461516][T16951] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2733'.
[  552.475770][T16951] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2733'.
[  552.516687][T16941] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.529403][T16941] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  552.583580][T16946] lo speed is unknown, defaulting to 1000
[  552.722261][T16941] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.746064][T16958] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2736'.
[  552.748346][T16941] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  552.912281][T16941] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.926225][T16941] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  553.039871][T16941] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.055305][T16941] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  553.094463][T16971] smc: net device bond0 applied user defined pnetid SYZ2
[  553.114549][T16975] smc: net device bond0 erased user defined pnetid SYZ2
[  553.183068][T16976] netlink: 'syz.1.2741': attribute type 10 has an invalid length.
[  553.244548][T16976] macvlan0: entered promiscuous mode
[  553.424656][T16989] FAULT_INJECTION: forcing a failure.
[  553.424656][T16989] name failslab, interval 1, probability 0, space 0, times 0
[  553.444002][T16989] CPU: 0 UID: 0 PID: 16989 Comm: syz.0.2744 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  553.444036][T16989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  553.444051][T16989] Call Trace:
[  553.444059][T16989]  <TASK>
[  553.444069][T16989]  dump_stack_lvl+0x189/0x250
[  553.444102][T16989]  ? __pfx____ratelimit+0x10/0x10
[  553.444128][T16989]  ? __pfx_dump_stack_lvl+0x10/0x10
[  553.444154][T16989]  ? __pfx__printk+0x10/0x10
[  553.444192][T16989]  ? __pfx___might_resched+0x10/0x10
[  553.444217][T16989]  ? fs_reclaim_acquire+0x7d/0x100
[  553.444245][T16989]  should_fail_ex+0x414/0x560
[  553.444275][T16989]  should_failslab+0xa8/0x100
[  553.444311][T16989]  __kmalloc_noprof+0xcb/0x4f0
[  553.444357][T16989]  ? kernfs_fop_write_iter+0x158/0x4f0
[  553.444391][T16989]  kernfs_fop_write_iter+0x158/0x4f0
[  553.444429][T16989]  vfs_write+0x54b/0xa90
[  553.444466][T16989]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  553.444493][T16989]  ? __pfx_vfs_write+0x10/0x10
[  553.444531][T16989]  ? __fget_files+0x2a/0x420
[  553.444563][T16989]  ksys_write+0x145/0x250
[  553.444595][T16989]  ? __pfx_ksys_write+0x10/0x10
[  553.444621][T16989]  ? rcu_is_watching+0x15/0xb0
[  553.444652][T16989]  ? do_syscall_64+0xbe/0x3b0
[  553.444683][T16989]  do_syscall_64+0xfa/0x3b0
[  553.444706][T16989]  ? lockdep_hardirqs_on+0x9c/0x150
[  553.444729][T16989]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.444749][T16989]  ? clear_bhb_loop+0x60/0xb0
[  553.444775][T16989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.444795][T16989] RIP: 0033:0x7f501658e9a9
[  553.444813][T16989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.444831][T16989] RSP: 002b:00007f50173ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  553.444853][T16989] RAX: ffffffffffffffda RBX: 00007f50167b5fa0 RCX: 00007f501658e9a9
[  553.444868][T16989] RDX: 0000000000000009 RSI: 00002000000000c0 RDI: 0000000000000004
[  553.444880][T16989] RBP: 00007f50173ab090 R08: 0000000000000000 R09: 0000000000000000
[  553.444893][T16989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.444906][T16989] R13: 0000000000000000 R14: 00007f50167b5fa0 R15: 00007ffe68103468
[  553.444941][T16989]  </TASK>
[  553.804281][T11521] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  553.833206][T11521] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  553.921093][T16941] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  553.933670][T16941] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  553.997346][T11521] ==================================================================
[  554.005481][T11521] BUG: KASAN: slab-use-after-free in __mutex_lock+0x144/0xe80
[  554.013007][T11521] Read of size 8 at addr ffff88807a4c5ab0 by task kworker/u8:20/11521
[  554.021210][T11521] 
[  554.023570][T11521] CPU: 1 UID: 0 PID: 11521 Comm: kworker/u8:20 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  554.023602][T11521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  554.023619][T11521] Workqueue: udp_tunnel_nic udp_tunnel_nic_device_sync_work
[  554.023650][T11521] Call Trace:
[  554.023659][T11521]  <TASK>
[  554.023669][T11521]  dump_stack_lvl+0x189/0x250
[  554.023698][T11521]  ? __kasan_check_byte+0x12/0x40
[  554.023732][T11521]  ? __pfx_dump_stack_lvl+0x10/0x10
[  554.023758][T11521]  ? lock_release+0x4b/0x3e0
[  554.023784][T11521]  ? __virt_addr_valid+0x4a5/0x5c0
[  554.023814][T11521]  print_report+0xca/0x230
[  554.023834][T11521]  ? __mutex_lock+0x144/0xe80
[  554.023859][T11521]  kasan_report+0x118/0x150
[  554.023889][T11521]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  554.023913][T11521]  ? __mutex_lock+0x144/0xe80
[  554.023943][T11521]  __mutex_lock+0x144/0xe80
[  554.023967][T11521]  ? __lock_acquire+0xab9/0xd20
[  554.023989][T11521]  ? __mutex_lock+0x51b/0xe80
[  554.024017][T11521]  ? udp_tunnel_nic_device_sync_work+0x39/0xa50
[  554.024114][T11521]  ? __pfx___mutex_lock+0x10/0x10
[  554.024158][T11521]  ? __lock_acquire+0xab9/0xd20
[  554.024188][T11521]  udp_tunnel_nic_device_sync_work+0x39/0xa50
[  554.024216][T11521]  ? process_scheduled_works+0x9ef/0x17b0
[  554.024241][T11521]  ? process_scheduled_works+0x9ef/0x17b0
[  554.024266][T11521]  process_scheduled_works+0xae1/0x17b0
[  554.024310][T11521]  ? __pfx_process_scheduled_works+0x10/0x10
[  554.024352][T11521]  worker_thread+0x8a0/0xda0
[  554.024395][T11521]  kthread+0x70e/0x8a0
[  554.024429][T11521]  ? __pfx_worker_thread+0x10/0x10
[  554.024455][T11521]  ? __pfx_kthread+0x10/0x10
[  554.024487][T11521]  ? _raw_spin_unlock_irq+0x23/0x50
[  554.024509][T11521]  ? lockdep_hardirqs_on+0x9c/0x150
[  554.024531][T11521]  ? __pfx_kthread+0x10/0x10
[  554.024563][T11521]  ret_from_fork+0x3fc/0x770
[  554.024587][T11521]  ? __pfx_ret_from_fork+0x10/0x10
[  554.024613][T11521]  ? __switch_to_asm+0x39/0x70
[  554.024643][T11521]  ? __switch_to_asm+0x33/0x70
[  554.024671][T11521]  ? __pfx_kthread+0x10/0x10
[  554.024702][T11521]  ret_from_fork_asm+0x1a/0x30
[  554.024740][T11521]  </TASK>
[  554.024747][T11521] 
[  554.237203][T11521] Allocated by task 16941:
[  554.241637][T11521]  kasan_save_track+0x3e/0x80
[  554.246336][T11521]  __kasan_kmalloc+0x93/0xb0
[  554.250943][T11521]  __kmalloc_noprof+0x27a/0x4f0
[  554.255852][T11521]  udp_tunnel_nic_netdevice_event+0x854/0x19f0
[  554.262148][T11521]  notifier_call_chain+0x1b3/0x3e0
[  554.267381][T11521]  register_netdevice+0x1608/0x1ae0
[  554.272605][T11521]  nsim_create+0xae8/0xf10
[  554.277042][T11521]  __nsim_dev_port_add+0x6b6/0xb10
[  554.282166][T11521]  nsim_dev_port_add_all+0x37/0xf0
[  554.287290][T11521]  nsim_dev_reload_up+0x451/0x780
[  554.292335][T11521]  devlink_reload+0x4ec/0x8d0
[  554.297028][T11521]  devlink_nl_reload_doit+0xb35/0xd50
[  554.302414][T11521]  genl_family_rcv_msg_doit+0x212/0x300
[  554.307982][T11521]  genl_rcv_msg+0x60e/0x790
[  554.312510][T11521]  netlink_rcv_skb+0x208/0x470
[  554.317284][T11521]  genl_rcv+0x28/0x40
[  554.321289][T11521]  netlink_unicast+0x82f/0x9e0
[  554.326069][T11521]  netlink_sendmsg+0x805/0xb30
[  554.331013][T11521]  __sock_sendmsg+0x21c/0x270
[  554.335706][T11521]  ____sys_sendmsg+0x505/0x830
[  554.340478][T11521]  ___sys_sendmsg+0x21f/0x2a0
[  554.345163][T11521]  __x64_sys_sendmsg+0x19b/0x260
[  554.350113][T11521]  do_syscall_64+0xfa/0x3b0
[  554.354631][T11521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.360708][T11521] 
[  554.363051][T11521] Freed by task 16941:
[  554.367123][T11521]  kasan_save_track+0x3e/0x80
[  554.371812][T11521]  kasan_save_free_info+0x46/0x50
[  554.376845][T11521]  __kasan_slab_free+0x62/0x70
[  554.381621][T11521]  kfree+0x18e/0x440
[  554.385539][T11521]  udp_tunnel_nic_netdevice_event+0x1332/0x19f0
[  554.391803][T11521]  notifier_call_chain+0x1b3/0x3e0
[  554.397159][T11521]  unregister_netdevice_many_notify+0x14d7/0x1ff0
[  554.403638][T11521]  unregister_netdevice_queue+0x33c/0x380
[  554.409389][T11521]  nsim_destroy+0x1dd/0x670
[  554.413927][T11521]  __nsim_dev_port_del+0x14d/0x1b0
[  554.419086][T11521]  nsim_dev_port_add_all+0xae/0xf0
[  554.424229][T11521]  nsim_dev_reload_up+0x451/0x780
[  554.429279][T11521]  devlink_reload+0x4ec/0x8d0
[  554.433976][T11521]  devlink_nl_reload_doit+0xb35/0xd50
[  554.439459][T11521]  genl_family_rcv_msg_doit+0x212/0x300
[  554.445023][T11521]  genl_rcv_msg+0x60e/0x790
[  554.449539][T11521]  netlink_rcv_skb+0x208/0x470
[  554.454336][T11521]  genl_rcv+0x28/0x40
[  554.458356][T11521]  netlink_unicast+0x82f/0x9e0
[  554.463278][T11521]  netlink_sendmsg+0x805/0xb30
[  554.468094][T11521]  __sock_sendmsg+0x21c/0x270
[  554.472834][T11521]  ____sys_sendmsg+0x505/0x830
[  554.477644][T11521]  ___sys_sendmsg+0x21f/0x2a0
[  554.482344][T11521]  __x64_sys_sendmsg+0x19b/0x260
[  554.487390][T11521]  do_syscall_64+0xfa/0x3b0
[  554.492008][T11521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.497913][T11521] 
[  554.500249][T11521] Last potentially related work creation:
[  554.505965][T11521]  kasan_save_stack+0x3e/0x60
[  554.510700][T11521]  kasan_record_aux_stack+0xbd/0xd0
[  554.515910][T11521]  insert_work+0x3d/0x330
[  554.520251][T11521]  __queue_work+0xbd9/0xfe0
[  554.524781][T11521]  queue_work_on+0x181/0x270
[  554.529397][T11521]  __udp_tunnel_nic_add_port+0xb71/0xd60
[  554.535072][T11521]  udp_tunnel_push_rx_port+0x17d/0x200
[  554.540576][T11521]  geneve_offload_rx_ports+0xd7/0x160
[  554.545981][T11521]  geneve_netdevice_event+0x6a/0x80
[  554.551282][T11521]  notifier_call_chain+0x1b3/0x3e0
[  554.556443][T11521]  call_netdevice_notifiers+0x88/0xc0
[  554.561844][T11521]  udp_tunnel_nic_netdevice_event+0x134d/0x19f0
[  554.568206][T11521]  notifier_call_chain+0x1b3/0x3e0
[  554.573371][T11521]  register_netdevice+0x1608/0x1ae0
[  554.578597][T11521]  nsim_create+0xae8/0xf10
[  554.583042][T11521]  __nsim_dev_port_add+0x6b6/0xb10
[  554.588161][T11521]  nsim_dev_port_add_all+0x37/0xf0
[  554.593296][T11521]  nsim_dev_reload_up+0x451/0x780
[  554.598353][T11521]  devlink_reload+0x4ec/0x8d0
[  554.603071][T11521]  devlink_nl_reload_doit+0xb35/0xd50
[  554.608486][T11521]  genl_family_rcv_msg_doit+0x212/0x300
[  554.614070][T11521]  genl_rcv_msg+0x60e/0x790
[  554.618596][T11521]  netlink_rcv_skb+0x208/0x470
[  554.623377][T11521]  genl_rcv+0x28/0x40
[  554.627378][T11521]  netlink_unicast+0x82f/0x9e0
[  554.632259][T11521]  netlink_sendmsg+0x805/0xb30
[  554.637032][T11521]  __sock_sendmsg+0x21c/0x270
[  554.641723][T11521]  ____sys_sendmsg+0x505/0x830
[  554.646496][T11521]  ___sys_sendmsg+0x21f/0x2a0
[  554.651268][T11521]  __x64_sys_sendmsg+0x19b/0x260
[  554.656219][T11521]  do_syscall_64+0xfa/0x3b0
[  554.660743][T11521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.666656][T11521] 
[  554.669008][T11521] Second to last potentially related work creation:
[  554.675589][T11521]  kasan_save_stack+0x3e/0x60
[  554.680295][T11521]  kasan_record_aux_stack+0xbd/0xd0
[  554.685504][T11521]  insert_work+0x3d/0x330
[  554.689842][T11521]  __queue_work+0xcfc/0xfe0
[  554.694357][T11521]  queue_work_on+0x181/0x270
[  554.699044][T11521]  __udp_tunnel_nic_add_port+0xb71/0xd60
[  554.704695][T11521]  udp_tunnel_push_rx_port+0x17d/0x200
[  554.710172][T11521]  geneve_offload_rx_ports+0xd7/0x160
[  554.715739][T11521]  geneve_netdevice_event+0x6a/0x80
[  554.720976][T11521]  notifier_call_chain+0x1b3/0x3e0
[  554.726112][T11521]  call_netdevice_notifiers+0x88/0xc0
[  554.731497][T11521]  udp_tunnel_nic_netdevice_event+0x134d/0x19f0
[  554.737756][T11521]  notifier_call_chain+0x1b3/0x3e0
[  554.742889][T11521]  register_netdevice+0x1608/0x1ae0
[  554.748155][T11521]  nsim_create+0xae8/0xf10
[  554.752596][T11521]  __nsim_dev_port_add+0x6b6/0xb10
[  554.757731][T11521]  nsim_dev_port_add_all+0x37/0xf0
[  554.762898][T11521]  nsim_dev_reload_up+0x451/0x780
[  554.767950][T11521]  devlink_reload+0x4ec/0x8d0
[  554.772665][T11521]  devlink_nl_reload_doit+0xb35/0xd50
[  554.778148][T11521]  genl_family_rcv_msg_doit+0x212/0x300
[  554.783716][T11521]  genl_rcv_msg+0x60e/0x790
[  554.788232][T11521]  netlink_rcv_skb+0x208/0x470
[  554.793015][T11521]  genl_rcv+0x28/0x40
[  554.797014][T11521]  netlink_unicast+0x82f/0x9e0
[  554.801796][T11521]  netlink_sendmsg+0x805/0xb30
[  554.806574][T11521]  __sock_sendmsg+0x21c/0x270
[  554.811363][T11521]  ____sys_sendmsg+0x505/0x830
[  554.816156][T11521]  ___sys_sendmsg+0x21f/0x2a0
[  554.820862][T11521]  __x64_sys_sendmsg+0x19b/0x260
[  554.825821][T11521]  do_syscall_64+0xfa/0x3b0
[  554.830338][T11521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.836248][T11521] 
[  554.838577][T11521] The buggy address belongs to the object at ffff88807a4c5a00
[  554.838577][T11521]  which belongs to the cache kmalloc-256 of size 256
[  554.852636][T11521] The buggy address is located 176 bytes inside of
[  554.852636][T11521]  freed 256-byte region [ffff88807a4c5a00, ffff88807a4c5b00)
[  554.866444][T11521] 
[  554.868775][T11521] The buggy address belongs to the physical page:
[  554.875548][T11521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a4c4
[  554.884323][T11521] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  554.892844][T11521] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  554.900788][T11521] page_type: f5(slab)
[  554.904786][T11521] raw: 00fff00000000040 ffff88801a441b40 ffffea0000966f00 dead000000000003
[  554.913383][T11521] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  554.921999][T11521] head: 00fff00000000040 ffff88801a441b40 ffffea0000966f00 dead000000000003
[  554.930683][T11521] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  554.939446][T11521] head: 00fff00000000001 ffffea0001e93101 00000000ffffffff 00000000ffffffff
[  554.948133][T11521] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  554.956825][T11521] page dumped because: kasan: bad access detected
[  554.963268][T11521] page_owner tracks the page as allocated
[  554.968996][T11521] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5848, tgid 5848 (syz-executor), ts 96267175710, free_ts 96186133799
[  554.990480][T11521]  post_alloc_hook+0x240/0x2a0
[  554.995280][T11521]  get_page_from_freelist+0x21e4/0x22c0
[  555.000835][T11521]  __alloc_frozen_pages_noprof+0x181/0x370
[  555.006751][T11521]  alloc_pages_mpol+0x232/0x4a0
[  555.011640][T11521]  allocate_slab+0x8a/0x3b0
[  555.016252][T11521]  ___slab_alloc+0xbfc/0x1480
[  555.020971][T11521]  __kmalloc_cache_noprof+0x296/0x3d0
[  555.026385][T11521]  ____ip_mc_inc_group+0x528/0xde0
[  555.031540][T11521]  ip_mc_up+0x125/0x300
[  555.035705][T11521]  inetdev_event+0xfb3/0x15b0
[  555.040394][T11521]  notifier_call_chain+0x1b3/0x3e0
[  555.045519][T11521]  __dev_notify_flags+0x18d/0x2e0
[  555.050559][T11521]  netif_change_flags+0xe8/0x1a0
[  555.055524][T11521]  do_setlink+0xc55/0x41c0
[  555.059962][T11521]  rtnl_newlink+0x160b/0x1c70
[  555.064657][T11521]  rtnetlink_rcv_msg+0x7cf/0xb70
[  555.069647][T11521] page last free pid 3562 tgid 3562 stack trace:
[  555.075978][T11521]  __free_frozen_pages+0xc71/0xe70
[  555.081114][T11521]  __slab_free+0x326/0x400
[  555.085543][T11521]  qlist_free_all+0x97/0x140
[  555.090144][T11521]  kasan_quarantine_reduce+0x148/0x160
[  555.095618][T11521]  __kasan_slab_alloc+0x22/0x80
[  555.100483][T11521]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  555.106404][T11521]  __alloc_skb+0x112/0x2d0
[  555.110919][T11521]  rtmsg_ifinfo_build_skb+0x84/0x260
[  555.116224][T11521]  rtmsg_ifinfo+0x8c/0x1a0
[  555.120657][T11521]  netif_state_change+0x29e/0x3a0
[  555.125688][T11521]  linkwatch_do_dev+0x117/0x170
[  555.130551][T11521]  __linkwatch_run_queue+0x56a/0x7e0
[  555.135849][T11521]  linkwatch_event+0x4c/0x60
[  555.140494][T11521]  process_scheduled_works+0xae1/0x17b0
[  555.146092][T11521]  worker_thread+0x8a0/0xda0
[  555.150735][T11521]  kthread+0x70e/0x8a0
[  555.154863][T11521] 
[  555.157237][T11521] Memory state around the buggy address:
[  555.162882][T11521]  ffff88807a4c5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  555.170959][T11521]  ffff88807a4c5a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  555.179034][T11521] >ffff88807a4c5a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  555.187187][T11521]                                      ^
[  555.192833][T11521]  ffff88807a4c5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  555.200931][T11521]  ffff88807a4c5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  555.208994][T11521] ==================================================================
[  555.305327][T11521] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  555.312595][T11521] CPU: 1 UID: 0 PID: 11521 Comm: kworker/u8:20 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) 
[  555.324953][T11521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  555.335045][T11521] Workqueue: udp_tunnel_nic udp_tunnel_nic_device_sync_work
[  555.342392][T11521] Call Trace:
[  555.345703][T11521]  <TASK>
[  555.348667][T11521]  dump_stack_lvl+0x99/0x250
[  555.353296][T11521]  ? __asan_memcpy+0x40/0x70
[  555.357926][T11521]  ? __pfx_dump_stack_lvl+0x10/0x10
[  555.363167][T11521]  ? __pfx__printk+0x10/0x10
[  555.367814][T11521]  panic+0x2db/0x790
[  555.371747][T11521]  ? __pfx_panic+0x10/0x10
[  555.376210][T11521]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  555.382139][T11521]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  555.388501][T11521]  ? print_memory_metadata+0x314/0x400
[  555.394003][T11521]  ? __mutex_lock+0x144/0xe80
[  555.398736][T11521]  check_panic_on_warn+0x89/0xb0
[  555.403733][T11521]  ? __mutex_lock+0x144/0xe80
[  555.408461][T11521]  end_report+0x78/0x160
[  555.412742][T11521]  kasan_report+0x129/0x150
[  555.417308][T11521]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  555.423237][T11521]  ? __mutex_lock+0x144/0xe80
[  555.427957][T11521]  __mutex_lock+0x144/0xe80
[  555.432495][T11521]  ? __lock_acquire+0xab9/0xd20
[  555.437398][T11521]  ? __mutex_lock+0x51b/0xe80
[  555.442110][T11521]  ? udp_tunnel_nic_device_sync_work+0x39/0xa50
[  555.448389][T11521]  ? __pfx___mutex_lock+0x10/0x10
[  555.453453][T11521]  ? __lock_acquire+0xab9/0xd20
[  555.458347][T11521]  udp_tunnel_nic_device_sync_work+0x39/0xa50
[  555.464544][T11521]  ? process_scheduled_works+0x9ef/0x17b0
[  555.470307][T11521]  ? process_scheduled_works+0x9ef/0x17b0
[  555.476076][T11521]  process_scheduled_works+0xae1/0x17b0
[  555.481691][T11521]  ? __pfx_process_scheduled_works+0x10/0x10
[  555.487725][T11521]  worker_thread+0x8a0/0xda0
[  555.492378][T11521]  kthread+0x70e/0x8a0
[  555.496502][T11521]  ? __pfx_worker_thread+0x10/0x10
[  555.501658][T11521]  ? __pfx_kthread+0x10/0x10
[  555.506294][T11521]  ? _raw_spin_unlock_irq+0x23/0x50
[  555.511541][T11521]  ? lockdep_hardirqs_on+0x9c/0x150
[  555.516777][T11521]  ? __pfx_kthread+0x10/0x10
[  555.521466][T11521]  ret_from_fork+0x3fc/0x770
[  555.526107][T11521]  ? __pfx_ret_from_fork+0x10/0x10
[  555.531264][T11521]  ? __switch_to_asm+0x39/0x70
[  555.536246][T11521]  ? __switch_to_asm+0x33/0x70
[  555.541052][T11521]  ? __pfx_kthread+0x10/0x10
[  555.545690][T11521]  ret_from_fork_asm+0x1a/0x30
[  555.550507][T11521]  </TASK>
[  555.553913][T11521] Kernel Offset: disabled
[  555.558248][T11521] Rebooting in 86400 seconds..