last executing test programs:

13m9.316136544s ago: executing program 1 (id=3330):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x80000001, 0x7, 0x6, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
close(0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e37200c11802f2ff4072f00", 0x33fe0}], 0x1, 0x0, 0x0, 0x35}, 0x0)

13m8.189781609s ago: executing program 1 (id=3334):
close(0xffffffffffffffff)
getpid()
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x19)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907a56675f37538ec86dd6317ce22667f1100db5b686158bbcfe8875a65969ff57b03000000000000000000000000ac1414aa"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

13m8.105621413s ago: executing program 1 (id=3337):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{r0}, &(0x7f00000001c0), &(0x7f0000000180)='%pK    \x00'}, 0x20)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x16, 0xf, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="00ff03076003008cb89e08f088a8", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

13m7.804287279s ago: executing program 1 (id=3341):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x2000000000000216, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000002300001801000025786c2500000000072020207b1af8ff00000000bfa100000000000007010000f8ff"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x50)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
bpf$OBJ_PIN_MAP(0x9, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x36, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x9}, 0x28)
perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0x5, 0xfe, 0x0, 0x0, 0x0, 0x2, 0x19000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xe8, 0x401}, 0x0, 0x40000006, 0xffffffff, 0x0, 0x2}, 0x0, 0x4, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000000c0)="10", 0x33880}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c00000000000000010000146cf44300", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014003e80000000000100000001000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x8841)
r3 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x84, 0x6e, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0, 0xf}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000000), 0x8)
r6 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)

13m7.545835501s ago: executing program 1 (id=3345):
close(0xffffffffffffffff)
getpid()
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x19)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907a56675f37538ec86dd6317ce22667f1100db5b686158bbcfe8875a65969ff57b03000000000000000000000000ac1414aa"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

13m7.491181254s ago: executing program 1 (id=3347):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="140000000000"], 0x18}, 0x0)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x10, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xf}, 0x90208, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x7400}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091ef04e9befbbd"], 0xfe33)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000039c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/233, 0xe9}, {&(0x7f00000005c0)=""/194, 0xc2}, {&(0x7f00000006c0)=""/87, 0x57}, {&(0x7f0000000400)=""/211, 0xd3}, {0x0}, {&(0x7f00000008c0)=""/210, 0xd2}, {&(0x7f0000000280)=""/209, 0xd1}], 0x8}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x42)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
close(r4)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0xa7, 0x1, 0x0, 0x0, 0x0, 0x8, 0x8280, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x2, @perf_config_ext={0x1fc, 0xfffffffffffffff8}, 0x1c3ca, 0x30, 0xfffffbff, 0x5, 0x83, 0x0, 0xfff7, 0x0, 0x0, 0x0, 0x2007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0x37}], 0x1}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00004a00530c8e5e"], 0xfe33)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480))
ioctl$SIOCSIFHWADDR(r4, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_freezer_state(r6, &(0x7f0000000140), 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
write$cgroup_freezer_state(r7, &(0x7f0000000040)='FROZEN\x00', 0x7)
r8 = openat$cgroup_procs(r6, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r8, &(0x7f0000000180)=r9, 0x12)
write$cgroup_freezer_state(r7, &(0x7f0000000240)='FROZEN\x00', 0xfdf9)
r10 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r10, &(0x7f0000000600)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000000)=[{&(0x7f00000000c0)="80", 0x1}], 0x1, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000008400000000000000"], 0x18}, 0x41)

12m52.43627843s ago: executing program 32 (id=3347):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="140000000000"], 0x18}, 0x0)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x10, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xf}, 0x90208, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x7400}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091ef04e9befbbd"], 0xfe33)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000039c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/233, 0xe9}, {&(0x7f00000005c0)=""/194, 0xc2}, {&(0x7f00000006c0)=""/87, 0x57}, {&(0x7f0000000400)=""/211, 0xd3}, {0x0}, {&(0x7f00000008c0)=""/210, 0xd2}, {&(0x7f0000000280)=""/209, 0xd1}], 0x8}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x42)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
close(r4)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0xa7, 0x1, 0x0, 0x0, 0x0, 0x8, 0x8280, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x2, @perf_config_ext={0x1fc, 0xfffffffffffffff8}, 0x1c3ca, 0x30, 0xfffffbff, 0x5, 0x83, 0x0, 0xfff7, 0x0, 0x0, 0x0, 0x2007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0x37}], 0x1}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00004a00530c8e5e"], 0xfe33)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480))
ioctl$SIOCSIFHWADDR(r4, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_freezer_state(r6, &(0x7f0000000140), 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
write$cgroup_freezer_state(r7, &(0x7f0000000040)='FROZEN\x00', 0x7)
r8 = openat$cgroup_procs(r6, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r8, &(0x7f0000000180)=r9, 0x12)
write$cgroup_freezer_state(r7, &(0x7f0000000240)='FROZEN\x00', 0xfdf9)
r10 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r10, &(0x7f0000000600)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000000)=[{&(0x7f00000000c0)="80", 0x1}], 0x1, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000008400000000000000"], 0x18}, 0x41)

2.374359052s ago: executing program 0 (id=7800):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r2, &(0x7f0000002700)=ANY=[], 0xffdd)
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r3=>0x0, <r4=>0x0})
close(r3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180), 0x48)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r5=>0x0, <r6=>0x0})
close(r5)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00000000ffffff7f00"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000001800"/28], 0x48)
setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={<r7=>0x0, <r8=>0x0})
close(r7)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(r8, 0x10f, 0x87, &(0x7f0000000180), 0x127)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r9=>0x0, <r10=>0x0})
close(r9)
r11 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000c00)="1400000037000b0f925a2a22feab3c3d06a2c2e4", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40001)
setsockopt$sock_attach_bpf(r10, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
close(r6)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'veth1_to_batadv\x00', 0x12})
r12 = socket$kcm(0x29, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r12, 0x89e2, &(0x7f0000000100))

2.103517805s ago: executing program 3 (id=7804):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x3, 0x10) (async)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003d000b12d25a80648c2594f90124fc60100c024002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x0, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)='%ps    \x00'}, 0x20)
socket$kcm(0x21, 0x2, 0x2) (async)
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72e, 0x1, @perf_config_ext={0xffffffffffffff00, 0x3}, 0x8180, 0x7, 0x3, 0x4, 0x1, 0x0, 0xfffd, 0x0, 0x2}, 0x0, 0xb, 0xffffffffffffffff, 0x8) (async)
perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72e, 0x1, @perf_config_ext={0xffffffffffffff00, 0x3}, 0x8180, 0x7, 0x3, 0x4, 0x1, 0x0, 0xfffd, 0x0, 0x2}, 0x0, 0xb, 0xffffffffffffffff, 0x8)
openat$tun(0xffffffffffffff9c, 0x0, 0x10000, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYBLOB="00000000000000000000bd231ecfa5af2eb0b8bece9fcec49658dc1be956724c08717c43fb630efc0dde0b37d04e63b01c431f9a2c9de3e989a6e7a4166af23e687c5ec0a8b8e2d75e17f56344662b7f165f479a5a19bce16023ee533a25", @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="000000000001ff0f00000000000000002a00cd3b6a"], 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYBLOB="00000000000000000000bd231ecfa5af2eb0b8bece9fcec49658dc1be956724c08717c43fb630efc0dde0b37d04e63b01c431f9a2c9de3e989a6e7a4166af23e687c5ec0a8b8e2d75e17f56344662b7f165f479a5a19bce16023ee533a25", @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="000000000001ff0f00000000000000002a00cd3b6a"], 0x48)
socket$kcm(0x10, 0x2, 0x0) (async)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)}, 0x40c4)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60) (async)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r4, &(0x7f00000003c0)={&(0x7f0000000040)=@in6={0xa, 0x4e23, 0xd, @local, 0x7}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000000)="f1", 0x1}], 0x1}, 0x40040)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff229, 0x1, @perf_config_ext={0x80000001, 0x1}, 0x8041, 0x7, 0x0, 0x0, 0x0, 0x7, 0x200, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d000a847ea622fb564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000001c0)={r1}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000001c0)={r1}, 0x4)
socket$kcm(0x2f, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$kcm(0x28, 0x5, 0x0)
sendmsg$inet(r6, &(0x7f0000001000)={&(0x7f0000000280)={0x2, 0x4e23, @private=0xa010100}, 0x10, 0x0}, 0x40) (async)
sendmsg$inet(r6, &(0x7f0000001000)={&(0x7f0000000280)={0x2, 0x4e23, @private=0xa010100}, 0x10, 0x0}, 0x40)

2.037498849s ago: executing program 0 (id=7805):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000007c0)=@bpf_tracing={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1af06, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000540), 0x10, 0x8}, 0x94)
socket$kcm(0x11, 0x2, 0x0)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, r1, 0x0, 0x0, 0x0}, 0x30)
getpid()
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000000080))
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x719f, 0x0, 0x0, 0xfffffffffffffc92, 0x0, 0x0}, 0x18)
write$cgroup_devices(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f0000000280)={'wlan0\x00', @multicast})
r5 = socket$kcm(0xa, 0x1, 0x106)
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000340))
sendmsg$kcm(r5, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0xfffffffd, @empty}, 0x80, 0x0}, 0x20000001)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
sendmsg$sock(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000840), 0x28}, 0x400c0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r8)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f, 0x5f, 0x61, 0x2e]}}, 0x0, 0x37}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed={{}, [], {0x95, 0x0, 0x13}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)

2.00417837s ago: executing program 4 (id=7807):
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x180, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x3fffffffffffe, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x5}, 0x100904, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x10040)
write$cgroup_subtree(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce818d036c00fe08fff500000200875a65969ff57b00000000000000ffea00000000ac1414aa"], 0xfdef)

1.850931138s ago: executing program 2 (id=7808):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50)

1.729551314s ago: executing program 4 (id=7809):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x80000001, 0x7, 0x6, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
close(0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e37000c11802f2ff4072f00", 0x33fe0}], 0x1, 0x0, 0x0, 0x35}, 0x0)

1.656678768s ago: executing program 2 (id=7810):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e281ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014006040400060404009bbc7a46e3988285dcdf12f213e6f768fec601955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0xffffffff}, 0x0)

1.562886093s ago: executing program 3 (id=7811):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0xc48}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r1 = gettid()
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000bf0000000000000000008500000020000000850000007d00000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000680)="e0b9547ed387dbe9abc89b6f5bff", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x184104, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x4}, 0x100600, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfdd9}, r1, 0x0, 0xffffffffffffffff, 0x9) (async)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x6, 0x20, 0x2, 0x40, 0x0, 0x7fffffffffffffff, 0x8, 0x6, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x2ee8, 0x4}, 0x108208, 0x4, 0x4, 0x4, 0x7, 0x1, 0x6, 0x0, 0x5, 0x0, 0x7fffffffffffffff}, r1, 0x4, r0, 0x9) (async)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)="5c00000011006bec9e3be35c6e17aa31076b876c1d0000007ea20864160af3653c001ac00400020208000200030001001400000007b556a737c160f9555b4755bb05251e618200000051f60a84c9f4d4938037e786a6", 0x56}, {&(0x7f0000000140)="7e3f15d6d2ee", 0x6}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000014c0)={{r5}, &(0x7f0000001440), &(0x7f0000001480)='%pB    \x00'}, 0x20)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x8982, 0x20000000)
r6 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r6, 0x89e1, &(0x7f0000000080)) (async)
r7 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x3, &(0x7f0000000040)=@framed={{}, [], {0x95, 0x0, 0x700}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22}, 0x94) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, 0xffffffffffffffff) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1ff, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xaffffffffffffffc, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07276702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

893.762685ms ago: executing program 2 (id=7812):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8000006, 0x0, 0x0, 0x0, 0x80000}, [@call={0x85, 0x0, 0x0, 0xf}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000500)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

893.562825ms ago: executing program 3 (id=7813):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x4, &(0x7f00000006c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0x27}], {0x95, 0x0, 0x0, 0x1000000}}, &(0x7f0000000680)='GPL\x00'}, 0x94)

859.309347ms ago: executing program 0 (id=7814):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x40, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979e29857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37ceff9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f0800000000000000af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed210d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734f87da3770845cf442d488afdc0e170000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bbf8ab9c691841ab0931d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f080091c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efde0142cf90ff668b9757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c2f56855b18f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a37870000000000000000000000000000000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e357e0cbed29faef19c0082e26fb867bf0ff0099d71bb0d2f443e77a44e8c4b0455d95b19c73ef4c98f775aad9e1b317b3cc48f7ad1d82ea6ad6c3c7d943fb0157c250e2ba56301e25c19a7e37ce880bed8a8e1538560f2be7d4cca6539277505826bd61bad2bcd4914344d4a27b29d2eb89bdc7a702e485d68c04e8f6b05336bf8d8e116605eaf375a592fe2382763c3cba76a0e4029dad5d37dd77abb1b7d2e2de23a4131e45ed81123ad6fa4f8b92c47e00000000000000774c"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0003000000100008877fbac141416e000030a89079f03b180ff83080520e0845013f2325f004408050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xfffffffe}, 0x2c)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd3c0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socket$kcm(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)=[@cred={{0x1c}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x70}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080))

830.963869ms ago: executing program 4 (id=7815):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000580)="02044a00ea0e0000000000001eafbcea06e105000000600000001104ee1606d4b8bf4a8207f0ffff74c43824cee8440000", 0x31}, {&(0x7f0000000100)="126873159fca3fa38fb198e9a6b363ceb3e6d803ab766b7a38e451d14e0b3457474fe6a51671e4124fcea96a873b10996816e100ed8a93b0a9053db57d60973369f58551c3091cb88d3b", 0x4a}, {&(0x7f0000000080)="088d85d1f4f8220aee8de7932b326f8a3164ae439862807a1589836c736d2341f7", 0x21}, {&(0x7f0000000040)="df3b4684cc6d66e1b444340000000000000000f1", 0x14}, {&(0x7f00000005c0)="b72abab9439ca41f5cf14d6435575ba774ee5f5c23ff2f5176f5773d08a15668ec280cfe4ea416cf769dbf978a8191bbe006e0da50029176c0f24e3ff4d3e895a2afbf52cef2fe1ca31edd842b126ec4be67e6e3624b9ddf806fc146c645ec1d37fe7e3b025c156d5d520104b53f7fb2af436201cfd5dca170edea5a190e4786bfaac544b60f514d7ef420526c467f14790dcfa5ab915d7dbcdf2765bbcad014c991f8b829c79f53586de79f0b987ad796f9de4a6e53136a07a39ab1f5a2ce30aded70a9b72d1beff7e8b6405fd6331e5635ee71e809be2d58f412dcd7b2e856d692dbfed19045ff13244acce351b6e450395568063569c71ea80a04f83fbe6ad1d0862fb97f816576c4844da65d751ee1fdc522ae1158670de297cdb2117bc0adc1486e016a6bcc922a162fce6a9ecc8c42b0c44c566004eda037864e5f339bbb0998cdaf2b8e49ae003659bc033668f7c8e550197ed95c420461254ba1883dbd9403672d579cee85c37f103ee9a350a768286017158784baeb063c8c684b91b022b0db2238b679092a1f6909f0cd9228500e088f5cc7bac4c0dc56e80fedac93554aec79715ce02e8bf3fcbd70382f619bfe3dcf06890d8542022ee58bdfb075d319c9fc8474cadc8de5c3dd3f682d3f68324d0af7a727064053ad84c94643eef190783c616467628f84620044c084b80e3e57bfcdf293c9c36b4474a52398b35e49e2ad4a4ac090bffc5cd27d3c69b4ae5f841d5b0766ccd36d25eb58d8f01621a05744b79ede39019ab9d7a1946353d8f3b7f833ce1a102a8c97a9e3f32138ffafd305448f2518ccdb7eef594a890eaeaff3f876f742fec22669a97085ed93b18228ecbe9e354e8f69967ca749fd2b1cf026665ca912e3fc0188b294519078b46676052de4fe22798290bd1e232c9791fc01ddb4ae776b5769143df2867042e8a3ddfa8e786bd8a244076956d4ab137939ad381650dd4fefd2b942a98d6f2edfd7019ae473e7608647b86d643e8ff3d7d4e89ed826e4b8c6e8fed224c528d805ade85c5b45261b2692c0f403dec050bd973b0999df214689f4402dd1598a16b0c7671e5e204a00b06376ddee7cb99292a8b835c0b451642b71f2ffa1aeea56255817b2384bfe4f8213ccfc1f762f250592896102e5f6d34cdd726bc0f86af52fd7c4483d32e23e5af770e960c7445b8e67b6086f0cadcd22d0d4bdadc31b5a94dd687379dc6e078210ccc71f8e67eb58d330394425ab17e55d1ca8f868f6bf738af291d2293c3dfa2ccff25061ded22878b3cc6532d19e5a00d1f0f1b9de35305fac2c6cfd5d77a2b02618735b7d392738bd5cd3eabb7039c790a9f193913f16e06605d405d6a0cf0011a2e5f935d8563fef1722692dd266c3d320b9f5eeb2a4b2f72155522f0ed72ff1efa0b6ee78e70d3d45241609e7f87d7bcfe1af71159baa11ad667a0ead3986b2b06500ba2615ee966ea86ca68d02de4802bd9ef18dac5ba53ca98b90df49ef4e3268ceee538973620e5a60513ea330989642626420b67dceebc569478657aedeb62c45b079348796923ad1fba5a99e6b150cf97ba2a570150053309c6dca7fa352fa1678c9b919fbc47ae0a84175a7fc25a00fa5888cb017e8d8225fadb29e34bd3c5bbccfb22a83255fec3967c991d5b3e6719ade82fb7ef85c8a4b9e7ad8ef2a3a7bc78de424572224affb1f9e0c5a969e61ee2ebb4f247bfa09384bdad04438f2efbfae303d47c3afe7e8d3a157b2a6f37572ea3ecc441dfb208ba755f781f144e58d80aea590abcfccbe8678ec6de47511f9d61cc408cbbe90eeab2cffe6d1a48dc3eb4e48e228fd43cafd7ff2c85c3ed52e99fe16887be28fcd2cd4ba4cac414c92c96294fa7d628e4356c748c173f790a7f30071d0bd53817c78d163249c7402b222b8f28668cae7afd17b97dbaf10b75b61409ca6f5b285d1ab09207c5a91c68b0d4b5da6d6b5a495c8debd7f4400e56d9e22d1cc330f782f2b5441a31b9ccf35aa1a151219cdcff5ab8b240af5b5a751eca67773c057412a935e3a7a367b2bcd28463904ee040a586d6f4f969cee56d55b6b4d97d1fe93b67e2f6bd47925054c4702ec8969a1a6211ea8f6783ca0e8ae333922ce19eceb24e2ff714a0208d2489a62f299aa50cdbfe5a826e872ab231bbddf5bd2fca92d4460379e05e13ff34a200fd921dcb67a002873bda8d86536cddaccb54eb72dd4e399fe9195ad5574ad85d9ed2eaae4106234f0a8db05a230ff377b59b54fd0919d1b86b938622ae6098f003db7f4d45d6874f54c33064ce6184dccc99fece2d994e9572d4840b0cbdd704fd70b4f625912d48a512339f883533768f09a4f614583dfb72defe713ee38f61184df279461b7d35becd8e67d01f0ec27e901d88215554d5a69db373a662085733d09ad9153e7d432c94f872ff7cd72995b3a581ea17722ed13a191b366208f75661112b1a7d42c252c907488ca8dd8f819d4618b0053d4bcddb3b5975cb8615ebc472e052552ee74d5253174a2b0cb96e1eaf6349b6c39be975123ee72b0ffe1367df7aba54de26c9135a3422d21067034551be5efc5daf8b8f59bc725e4fd171378fd9f16a785f1b0378823c85eec521e0b2aca70b7b72b719a20eb2fb0addc0b05851c8e181607f49dad7323bc255309097584c2099574db1ed7940fd16796aef19d30acd714dc1f898716df64db87d852eddf2f86e78fd7fd64868b4cb6cc626efcdea49c4a2779a0e777bbe23968e14233a810d9883680894de93023a8deae51ccbf32e6d1e53618ebee95c761221a33bc3263fff0f5ae23e14dba0418cf3f31effcb36956e06c57a17620044260419a208ae1d2296ec9472d44be74a8ed0a33a23181acdef8c7d2695ce9485ed8d17d9f6f30b9b128ee0ba15c42cbf6059bcfef008c09db8855343f79c3ce1c4d79077c8a62237d4e400a5aa88e7424f2f99df6c2070d6ed071f4968376581e20e52d64e9c4f8a6f73bb33f5b6b62c1deecc85bf789565fde14e4454306ed8f09af08afb360ee4fb40dd5dca0be43ccff75e5c0ef85ea7c521cb4840d61e99e1ce4661e721446d5a571cddffbc3643ec9b58237fd416376906bdca09485c2c80f82b23e8e7bbf22035fdbcacd804ae3771fd616901184ced46987d533017eef717e9b34a5531c3efe2d77c9b6cb0617382d69951545378a4118e71c64a1f16d096a8f933580922083d0536b90ae1715c63f682e8241b42e1646b0c52e34aa9c91efe2b6b787ce0747d4ff0dd07d6ebc9ce27e0ef35705eb7b78763a9829b464523ff3ed9078aff6ee29e6e7a59a5243825e8bb9235f8e49a9dfb5932536666c3dc75b29e515dbca4c84268cf23cd7b6da6814328a3cb26d7b1d6c28e20b36f9a2c9e2fcf663c314f72f37d2b8f405cfc686a6b35400435be0eab01709c2c4b3005491cbb0b560e33547b77ba9f25f01b194e20534199a3786ddfaf0a75aafb65cd4df4da7b5f98fe72a8bc7d045339fd41508cecca791c717a10d4fed8aa69eec80955bd899a6f8aaf3411be40568149e631ccbe17c68f85e87b58da81ba78def8b1a48c49b2dc7613f7d6ea8b158bed077666d37d1caba9a23b7cb2772e780f70872113e5bcaebaf9f9499f651dc894be3bba1e99d58b33d60c0eda397df91d7cf9fb072f247fa9a9f59c4f59c4284a3832ff0a1f9ce8f6346cb5c08a9dcb2851c7f169af688fc13f00cf9519ade547671698caaa3f4d4921fee83753b9ab0875707836343eddb5b87bec86aae023c9571b8e389ff3f4c692b6fb19686105249ce033116777d919ceb4559a67ee6b6ad9d4b53d2be24315429de3bf201107fe7dff9cbc92dbf9173391d555b0a1b8ea3252fd7d7fd15d8a3cc70cecdbdd43c4edcc4bb2fbbf646d5ec7dad0d3156a513d14184e0c316f8155e774f7dcea485f904828edf28510d692b66b1500c5a704371c2188a2812bd323de012f36a79674082b5f5e9f7f4ce1a75ed854b71555e9fcd1f0322c22a9e543674c79a74404e08e61860f505dc56e1b52977b9a9af18be4064b5f6aa7c891382bbbe65e70a4cee33176570341a525fb6b25c0b20bfa3f2ee4a01584f259f43c3b63a2dfc376f435827211379ab3ca8912cbe01e4f837920666fbda682f6954d1c156f21e12547b885f485c38f62e765013144be8ca92b1d4872790a5c02671517f6a8f0ceb247e08c64268ad8970b57bb6d077c9b8ebe7fb1183087c9a3baee06100609204be588621253b9b120c08db9f28c2d38c9bc3f59018bb7216d73186048770d1e556faa49df23a40a64b40cdda2041dccf5619db09b7a7795fd7eb631c0e0bffc3b64422bf6acd84b7fae8bd05b057260a4d7c4851829c7bbf0b6f27c5db0ff10f42df3528f79dc9bbd591965259cd0389deb124b1fadc5dfd3ade9742d29261379ea3d98929512371dec991f0636fbda5dac355a04e363beeb4751781d9cef3a0b6ac6500895d223ad43ed75cac8b0a868253fffa10bf6c2de99c687fd056e075cf0632b6d8ed2263ca08ad95b6f335a3b6d8ab7801422ac8597441ac1bbe289b50af31eb221d19a2d3177d4ad1056d616295e89471e65d811b8fa4fe2c0c12793f43ef7e75c7f657f6c26ca9cbae63ce99301069ab257ae77c38778d35afd326d569c626a68f3904b2c376dfaa05568892f346f86fb05e71fb751e09cd22525cb63512a7d2e4670bd31109b87818278e66dc73fa9667e35c5bc6588cd36d2b62592a4103803d93c194f8edd5d20c6597231321b909bbb3c1d13408e5cf27728883e333b391222e6b6665454892dfedd17a1066f1145163e1a31ba9a3e3cee925e55d794b89462a0a092a639ccd4a24514083cb68224c87c18f0bb39ff721cc598e686b5fef169bc30f9ec6df397905f8340f6ae7ad826aac774cc46bfb9dfe8192e9ef10e8355d7c2810269eb73c7ecb8d3ffa33437142b8e596cdb778cd3cdda5bbbd09a8ea919929adbc63ff1004490c45a9ea59def65fabc884c39beac1b74a218f59c5e31ba85dcc4b8bd81d7a66d8aaf0edb64b505f760442e16fb7f07a069aba88601c3ace27762cef8196da3d44b14796b04e7fa3bab37209190a1de6e6ecfd99353279ef643766814fa7fac7254eba59bff3546bf21afc7445a4f1bc92c7b013f34962ff029e0f2926acf6c8a25fecea5b0b810656c981535492a2a4159dcfd0bf98085dc9612159fa0ad837a22eaffce80405367931ef3eacbf5a663175acc306eb075c52265d0c6dfaab", 0xe8f}], 0x5}, 0x40000)

717.432334ms ago: executing program 3 (id=7816):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r1 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x2, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008ca94ff480152ad32000000850000007200000018"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$kcm(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x91c, 0x4156, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xfffffffffffffffc, 0xf29}, 0x8d40, 0x1, 0x7, 0x3, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r2, 0x29, 0x16, &(0x7f0000000040), 0xf7)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000007c0)={r4, 0x10, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd8d, 0x0, 0x0, 0x0}, 0x40)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x24000000)
setsockopt$sock_attach_bpf(r0, 0x1, 0x24, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x5}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000000000850000000d000000b7"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff32, 0x0}, 0xe07e872420dfefca)
socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r1, &(0x7f0000000a00)={&(0x7f0000000340)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000008c0)=[{&(0x7f00000004c0)="20a093f772bc1436cc692f2c2c8809e62b6eef40c3ce8602dd9fbfa469d979c965e907d05a6832291774d24ef5cd0faf442b5383df53b899d6", 0x39}, {0x0}], 0x2, &(0x7f0000000900)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast2}}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0xd2, 0x0, 0x1, [0x6, 0x3]}, @timestamp_addr={0x44, 0x34, 0x31, 0x1, 0x6, [{@local, 0xffffff85}, {@broadcast, 0xe9}, {@dev={0xac, 0x14, 0x14, 0x2a}, 0x6}, {@empty, 0x59}, {@dev={0xac, 0x14, 0x14, 0x11}, 0xc13}, {@loopback, 0xffffffff}]}, @lsrr={0x83, 0x7, 0x43, [@dev={0xac, 0x14, 0x14, 0x31}]}, @ssrr={0x89, 0x3, 0xea}, @ra={0x94, 0x4}, @generic={0x44, 0xc, "d89fbfa1480ba4db79c9"}]}}}], 0xc0}, 0x4004010)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="040300000900000000000000000000008500000023", @ANYBLOB="7aa32b2acb3f70b66e0e47cdeb31a461ab3019c7e60da17eec7337c0eee3e9b3c53d374158b0ed9b2b9b55173f6071d638e3e6c27d3bf18492a837c5e65b810e568fc8c1ae84f2", @ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

716.692714ms ago: executing program 2 (id=7817):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x85, &(0x7f0000000ac0), 0x90)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x0, 0xc8, 0x0, 0x3, 0x0, 0x0, 0x6341, 0x0, 0xfffffffe, 0x0, 0xffffffffffffffff}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x88, 0x64, &(0x7f00000009c0), 0x4)
close(r2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89a2, &(0x7f0000000040)={'bridge0\x00', @random="1400"})
recvmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x0)
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x716, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001080)={0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000e00)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000d80), &(0x7f0000000dc0)}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000fc0)={0x6, 0x6, &(0x7f0000000400)=ANY=[@ANYBLOB="181b00001dfa30610c755e60223d3ebddd3b8cecc515cf75426dc3ecf0489c46868cfbb667ebc1496a7337313b1d6fb3472488cf8b49195447ffb200eee4782312aee8cf598cf8fd3b240a2ca9b5160f7894136e9177d9453bc7774a90900f852e53b8f4fb9e8a82efde2ef5b670386783a18ae385b33339a69c515043d02cb8c6c6fa8748e179f6cf8bfbb89477c0e2dcb36f0e92dd7f06aeba78e119c20fa171e8fb2239ffebca63f6873099e2f4", @ANYRES32=r5, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES64=0x0, @ANYBLOB="0000000000000000b702000000000000990000c60b000000"], &(0x7f0000000e80)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000ec0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000f00)={0x5, 0x8, 0x5, 0x4}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000f40)=[r3, r3, r3, r3, r3, r3, r3], &(0x7f0000000f80)=[{0x4, 0x2, 0x8, 0xb}, {0x1, 0x1, 0x4, 0x7}], 0x10, 0xfc5}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x6, 0x15, &(0x7f0000000500), 0x4)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35f022eb"], 0xcfa4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0300000000000000"], 0x0, 0x52}, 0x28)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0xfdef)
sendmsg$tipc(r3, &(0x7f0000000b40)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x1, {0x41, 0x3, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x20008814)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x1, 0x4}, {0x2, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x10006}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b20d25a80648c2594f90124fc60100c", 0x16}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000)
r6 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe000031"], 0xfe33)

694.621576ms ago: executing program 4 (id=7818):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x5452, &(0x7f00000006c0)='\x02;\xe5\b\x00\x1c\x9c\x00\x00\x00\x00\x00\x00\x91\xecB\xdcZ\xe5\xbd$\x05\x90\xa9\xf3\xc7\xcb\xb7\xf0\xa1;#\x989\xe9\x12\xdf^6T\xdf\xcd\x02\xc5\xb0\xba\x12\'QXp\t\xfc\xf3\x01\x02\xbc\xbf\xc0\xf0\x10\xee\xd3\\yy\xa4\xf9\xe8\x00\xdd\xe97 0_\xe4]W\xf7~\xacVK\xc9t\x9e+:\x85\xef\x94\x0e\x19\x9cV[N.\xeb\x9fJ>\xd9\x99\x88\xd8\xdd\xb8Y\xc3$\xc6\x93\v\x04REY\xf4\xea\xf2\xcd\xcd.\x16\x861\xa1\v\x8d\x8e\x84R\xa6\x83\x84\xc0\x01e\xc3\xc8\xcc?\xc8?\x19\xb2\xa2\xe1\xac<\xe9f\x11\xff3\xc7\x19\x9e\x19\xf5-\xfe\xbd\xae\xbbR\x82\x16\xf9\x15S\x03U\xe0\xd8t\xe3%96')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f00000006c0)=ANY=[@ANYBLOB="8f03000000000060007538e486dd630ace2211057300fe80000000000000875a65059ff57b000000000000ff000000000000ac1414aa"], 0xcfa4)

553.434453ms ago: executing program 0 (id=7819):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000024000000080000000b"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)=r0}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, &(0x7f0000000140), &(0x7f0000000380)=r3}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40500000000000061104f0000ffffff1e010000000000029500000000b477e5c0e5097953d234f2c9b1694d8f000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

413.745409ms ago: executing program 3 (id=7820):
perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0xfd, 0x0, 0x4, 0x0, 0x0, 0x10000000c, 0x42002, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x2000, 0xc8, 0x2, 0x0, 0xfffffffffffffffd, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd632000fc04082f00db5b686158bbcfe8875a060305000023000000008dffffffffffffffac1414aa3a2008"], 0xfdef)

413.206679ms ago: executing program 4 (id=7821):
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r0, &(0x7f0000000700)={&(0x7f0000000280)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="280000000000000097ffffff070000000717a87f000001ac141400e0000001ac1e0001ac1414bb011c000000000000000000000008000000", @ANYRES64=r0], 0x48}, 0x0)

387.23836ms ago: executing program 2 (id=7822):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0xc220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000004680)=ANY=[@ANYBLOB="18020000e2ffffff00000000000000c685000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093add57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf72ee7944e810d0223917c3d042410f57466f59544047d6d8ac44060000000000ee16c729300d2301800000000000002b5a8b05fcc154ad5290a8cdb97c343f454ff69dd6cbde49b28a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b5592bf17956f3547497aba814382ff67b345b677a9d6523d87008000000400000000003fe8613ca29ff92be0d8deffff7b68136b0046d535dd39c0f35408869e9b342b953f91447e6b9eab304f134306320600a44095254b45a6c1312a13696c7202df5f764713504facc532c5a6d44d99ec7530ed7b0311000000000000e54e9072a22d911f4a2c2e2fa806e63c5cd98a8569a6d6bcfb000064885117e2ad910eae67e0ebe380d0f648713e68153579e02d71c58d147b00821ab9a6475b31e1ebf1369a04000000fbf3983f283f2f00000000992774814d63c933912d000006000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483ad4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d02000000000000000edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b5062809a7418b165dd0336d226bac1e1223be1c97b15175d0e664beb126000e96549e1a1228c686edb475b705eaa9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412131ed9925989e01eae489ec7052e0ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000000000bcc3fbe7d90de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f03000000000000005dcf4f2aaee86d4802000000000000007cdb686d5da2a42e4b5024b6535811f362201d4f82012e6af704973d04ea923c19e6cb723c1923b3eea2d73e176dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2bd4e96c93bff3ad04a82ff3cfadcf65eb92adc6c68d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a9a362ee9cc624ec454b90200fd9603f96908bddc14500000000000000000000000000044d917c62b27679913075731e8fddb07c10c82002d60181588ae63a440454287de9e340f611267f37bdd0f2d21cb06fcaf45a0a297e396f428d43371424b307eef82c5d6d19f3ef0d3b8f7fa51957e3099caab31133b34a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e2486472b5cba1f3346c1e8e23deb8c83ab6eb2c72c484241dc3b66da78260f800fffd39368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f5078191c8a02ad436725771738a2a98891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423c1cbc8b5d19167152823ed853140edda002c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd246128f41bcb02000000892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f21ca450139c558000000000000000000000800000000000000000075aa0000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf00334fa94da8477be7d99b558ec6a5b1596ac1e7617c6b32eed0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde330a193a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbd11b015c415ca04192fbfb1a8b0e3460af35771dbac10062835c9bab3ad09f7a022c52d8000000000000000000004000000000000000000000000000000000000000000400000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de42957ffe9bb6d752e68d2bc2ce777a17bf4dfdfee5de0f3e4dadf51ab9562827b762fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c8182d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c877a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5f3c20dbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966950000000000000000c187da23d6855500fe8510b51e13a890e394b84a6ea2cc8d42b97c697c29122298d55e2e1cca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3872342dea9252132860c9af1bd5fe263c0313dea5d6e0c11a466d6892ed65f34667dd79b07b5cbdd8aa7dd561a26b5562d4861a7e1b0f48930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a107763138e8d9876291af2076890c47925ac773d95d2ca42acb3e5f3a1550665b898462c139ffd0106bc8a61b6117d252efcab7106b4c3a3c13a70ff452e9d2096142c517b0e91b5cf88332faca5b3ee96363065c3ce32d3d39ec36e20d597e05664f2526bd918090649da11f7299789d00f5024df1e99d3efecb9b457642fe810370ba4fbe00fa60a28af966a27a1659e448bbe43a1dcd2ea760018b57a36ac41ef2051a7b703d55c0602540663016e20d50385766df4dac47802a55bd38dd767ee9960c6daa704fc5d01a14591f26b7b538c9bb22f6a2f7a34d1b9edfde3be9e25a110228c64253588ff420644dbc0854e69a7bdda72f93ceaccf92cfe7dd6296c950db10f6dd8a5ef9b73cf6a12a1ba16fdc7e35b805f4fd2fcff0a623722149c1465e4de2d53f0f10b14c21865027abc71a12cb1e9f8029c7a20000000eeb0d53a83e518c8d2052c08b515d9d0bde24ac4e798040c7db0bb03c019507d6377f3d5dd94a27abc6d6b120d61f772407e0d2cb50d29168b68aef9f176b4c3aa8b21279d4ea9c1f669aa8c2c17d5b3a8d1dda58d26f1019af04b7774c85d5bce8be010f27c5211938031c3404680b01279c778bd1fe1b48c4b5b8e0fe756e54a8d76b7cec5e3407d93b4eadc446440607de844acf5524a4657e33af2115547b735b57b5092d0bc8fa6acb832509abe0882d570ce400aaebd7baff88526608d6991aac95751671174129457e4a03aca69d82b64b89e6ad6ed1e275ec5002e48170e4c7b4f3971481098dedb88fba90770e44bf404d5a97fefe2fe8e459fe45933b78c7ab5fe985a480193a20fb07da1455fb283df68af569ac82aa6dc703e29bf158931fb79f2abfa6ff7eb8c4f381c9da58bea460e2ead969933e5391970ca4fddd64da2e5df9c4d82044068caaaab771b37bb06bbe673056d849825525f1120b2250f6b8520381f7a74b1c687781cb6b23e67b918844b83dbaeeb559ec8520d710dd6d6b4e64838bd434a36ed03fc0c488b24571032ffbc9f8ce97041e1bc4729d539358dc9599c1266b9ce2cb6dd0ad57a6e9d3d4a11a27f70b2934c96237e2ba09c58eeda678d4d08b6da99b7a86e946215afb1b48792fde54492e306cb5342e2589874b603a1de972b1f09cc350096f5c3e814118afdba0793cfdf20c77b34eacfdf63ce59ec4d2f867bf884e941559b068d908325667672b5e1cf71f4829c0493e8b141489ed926b822becead7a0a2b4a4c008ab16b616d60f347e4da54f06443507efe57ea62399ef4eb11b2f559e1b056456a53998bf1c6d13c92e75136147f91ae3a75ca15eb1b51bf700b3c0bf54bc3745ff313c5e75dc66386897f6ee45429371b8d0878c442ad2fe9baf85c1390da13efc353ccbef950c29f39ddf436f0d9bf1be1515ed251d8b6f11ecb16b1e8d1ed04196e9b6c2f9e068b7749bb6c1f533e493f22c901662c65cb761dc2eeff2f698bd4dbae83e2dfdc4f1c7f918a00515c1bc189d10ec22b35c92725cbf0ba244fd029c4f026f68e000000060000ab0476c3fd7f7c1e5c000000000000000000000011e43e39d3f4394fbfa13c416b1c443c5e52eea726491ad75100ebad7c6d5a665c59a3fb158e43da904f19e7e8daa4e90390b8da945f6cd78536c0d2be07221f85ad46b180f256d4d84592691d15d65896b66b63a46705338b67b72dc1c3075fcdc5cbffb0366151632ba5be8ae815dfea9fadfd31c473a24a73d3e5116c3023b3563c72d26fbd59877132bde5ca4ef8d92fd3613c768b35223f6fd0b5e9a8b98cccf1e2b4612e620e3a159d6365c9045aaa826aa0ee6d26cf0397ce674c20824584b464ebdc2f3ea26a7aec4570b242a6677a4e9187f8591c3a9bdc00000000002364bbd93964a8d0bdc802b9be2563838a91802e3deb150a6a97a73b168ccd8f7872"], &(0x7f0000000040)='GPL\x00', 0x4, 0x1076, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
setsockopt$sock_attach_bpf(r1, 0x29, 0x39, &(0x7f0000000100)=r2, 0x120) (async, rerun: 32)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) (async, rerun: 32)
r4 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0xfffffffffffffffc}, 0x104101, 0x4, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5) (async)
perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0x9, 0x8, 0xb, 0xfb, 0x0, 0x3c, 0xc002, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}, 0x18842, 0x0, 0x7fffffff, 0x2, 0x3cd, 0x3, 0x7, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x2) (async)
perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xec, 0x7, 0x40, 0xe5, 0x0, 0x0, 0xd000, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={0x0, 0x2}, 0x9c7, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0) (async, rerun: 64)
write$cgroup_type(r3, &(0x7f0000000180), 0x40001) (rerun: 64)
perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x1, 0xfc, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_config_ext={0x5, 0x2}, 0x8802, 0x7ff, 0x0, 0x7, 0x7, 0x2, 0x0, 0x0, 0x4, 0x0, 0x4}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (rerun: 32)
r6 = socket$kcm(0xf, 0x3, 0x2)
write$cgroup_subtree(r6, 0x0, 0x13) (async)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x87, 0x52000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0xfffffffffffffffd, 0x80000001, 0x2, 0x0, 0xfffffffc, 0x0, 0x0, 0xef40, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xb, 0x0, 0x0, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'})
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x3d)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f0000000080)) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40305829, &(0x7f0000000040))

336.381583ms ago: executing program 0 (id=7823):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0xa4}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)

277.553076ms ago: executing program 4 (id=7824):
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x85, &(0x7f0000000ac0), 0x90)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x1, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x40d, 0x1}, 0x110627, 0x0, 0x0, 0x5, 0x8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x1b, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000f3ffffff000000000900000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018220000", @ANYRES32, @ANYBLOB="000000000900000018250000", @ANYRES32=0x1, @ANYBLOB="00000000ff07000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000007d680100080000000a45f0ff010000008500000002001000bf91000000000000b7020000000000008500000084000000b7000000000000109500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x94)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x6}, 0x200, 0xc8, 0x2, 0x3, 0x0, 0x0, 0x6341, 0x0, 0xfffffffe, 0x0, 0xffffffffffffffff}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f00000001c0)=@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000440)="97", 0x1}], 0x1}, 0x4008000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x2, 0x0, 0xfffffffc, 0x8}]}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x3)
setsockopt$sock_attach_bpf(r1, 0x84, 0x10, &(0x7f0000000000)=r4, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r7, 0x88, 0x64, &(0x7f00000009c0), 0x4)
close(r6)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89a2, &(0x7f0000000040)={'bridge0\x00', @random="1400"})
recvmsg$unix(r5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
r8 = socket$kcm(0x2, 0x200000000000001, 0x0)
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x716, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001080)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(r8, 0x6, 0x15, &(0x7f0000000500), 0x4)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35f022eb"], 0xcfa4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0300000000000000000000000000000d0300000000000000000000020400"/71], 0x0, 0x52}, 0x28)

269.513676ms ago: executing program 3 (id=7825):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0xf, &(0x7f0000000800)=ANY=[@ANYBLOB="18060000000000000400000000000000181100001372c08a791711ce6ea23fe281d50dc039223daca3b1d11e2e17eb4bc51848a9f5630fd7af2d5ff8c5cd9df276a8e3e4f7c8cc75389d8655015a9485fdaf19ff80efe610bed080d2c7785dcb170795567f4e6178c707025c4dc689f6f963344a8aee2e13d2f9777b0a9adda853cea75007b5270268e87a6d1fe46a9b1fa17513f51fb1035ee15a52acddc4fb1e949419fec7443d14", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000054000000bf0900000000000055090100000000009500000000000000bf91000000000000b5020000000000002800000085000000b7000000000000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2c, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
perf_event_open(&(0x7f0000000640)={0x6c2540b4ea0a2e9e, 0x80, 0xec, 0x0, 0x6, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0}, 0x11afa, 0xf1d, 0x98, 0x4, 0x8, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000080)=@in6={0xa, 0x4e24, 0x2, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7}, 0x80, 0x0}, 0x20000010)
sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0x0, @mcast1, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x48510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={&(0x7f00000002c0), 0x1}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x6, 0x0, 0xffda, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x20, 0x5f, &(0x7f0000000400)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xfffffff9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@cred={{0x1c}}, @rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x60}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socketpair(0x1, 0x1, 0x1, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8946, &(0x7f0000000080))
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0e00009bd029ef8020ab070011000523"], 0xfe33)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000e80)=ANY=[@ANYBLOB="18080000000000000800000000000000180000000000000000000081781753a71eaf660b1b0d0c89b134e67bd3cc1965d77e486ffbc795345c4c5a1481e089d96bc5e313f1974e41bab6012966eeb2e5bcf8b07c73b3bb7b972cab48b0bdbead22196ed8da73f0f6d6ad14b90d13e99124dd94c7fd90b27adda23b927d9352b91232cc96466e23f8cbcf2821b6a69634b862129f3df06b8837933f750253f194e3c63b396aea5c7f08ad62500738cbc8e0066bf80fc44883f0f1d068f2366c5497e02ea4aa5bf149af1f1beccc349fccf75b819d7726a6e3e8611dff64b3d44236eb2a39fbcf295876e5055c321cf47640dbd0d4dc847c0b5e94e4052d1eeb55b736b979a8cd9b3881ecf9d77762aa486f4ea5dc04529cd9537d7ce13cba691cf54b8a40b29fcf19d95669c70667ee4988fcb92ee36429280800000035918af4bb0ae0fbde2cfbf268920ea4fa8d40f2db184c14cd3e4adae8e56a9f8e1643bc78299fca15d3", @ANYBLOB="bb84d63cc2057eecb82c0a58d8c32f0bb23083c7f9e4181720", @ANYBLOB="979d2fe2d3b66b04b83fa454a0cf3e259d1dcb863879799633729c29d8f71400c187a08b5812bb1d7c3d8fd8e35794d91c3014d92430647842b5de6bce2dec95638799a7a3033530b5b7fb91f125829c23657efb87128dd647", @ANYRES16=r1, @ANYRESHEX=r3, @ANYBLOB="0620936a6c2dcbd59870eaeec5901d1d0002186335f79fc4a5c17d40ad764f2f9f486959009fe1276ac7100046571e91b9f43dd0273e41855dc126641190d46e827ff37adcf67121690f4295f18132c47eb0890c92d4211ba08492d2996da9caeca7bb1ff39944c2093b180208db9a13562994141b3ed6a39dd5cd888c7d46cbf40c1b7b4e146fe22789ce80fa5025318fe9d4e3399bb9bfae2a0bbb8aaf78643c3e0ba7d93cf7928eb057f3b1ba11726a6ccd0ce3b74d9cf55e4243fd2640c533085cb88a2d184a9b66548db85144900a61d7dc0e116bb370ad8be3425cad59d8e9858db062df7dd60caa36a369d8fcb6", @ANYRES32=r1], &(0x7f0000000740)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)}, 0x4800)
r9 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)}, 0x4000000)

256µs ago: executing program 2 (id=7826):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x7a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x4}, 0x40dd, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)="d80000001000810468f70082db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006430d00036010fab94dcf5c0461c1d67f6f94000534cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x20000004)

0s ago: executing program 0 (id=7827):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20488, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x10000, 0x1, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0xbf}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x1c0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x9a)

kernel console output (not intermixed with test programs):

:00007fc63e4c7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1371.202415][T26267] RAX: ffffffffffffffda RBX: 00007fc63d816090 RCX: 00007fc63d59c799
[ 1371.210450][T26267] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[ 1371.218482][T26267] RBP: 00007fc63d632c99 R08: 0000000000000000 R09: 0000000000000000
[ 1371.226508][T26267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1371.234534][T26267] R13: 00007fc63d816128 R14: 00007fc63d816090 R15: 00007ffc139861e8
[ 1371.242670][T26267]  </TASK>
[ 1372.355208][T26282] netlink: 'syz.0.6827': attribute type 21 has an invalid length.
[ 1372.368365][T26286] netlink: 'syz.3.6826': attribute type 27 has an invalid length.
[ 1372.392594][T26282] netlink: 128 bytes leftover after parsing attributes in process `syz.0.6827'.
[ 1372.417559][T26286] netlink: 164 bytes leftover after parsing attributes in process `syz.3.6826'.
[ 1372.447138][T26282] netlink: 3 bytes leftover after parsing attributes in process `syz.0.6827'.
[ 1372.592514][ T5779] Bluetooth: hci4: unexpected subevent 0x04 length: 150 > 11
[ 1373.793286][T26336] netlink: 'syz.4.6840': attribute type 21 has an invalid length.
[ 1373.833984][T26336] netlink: 128 bytes leftover after parsing attributes in process `syz.4.6840'.
[ 1373.867918][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1373.914126][T26336] netlink: 3 bytes leftover after parsing attributes in process `syz.4.6840'.
[ 1374.193029][T26348] pim6reg1: entered promiscuous mode
[ 1374.199413][T26348] pim6reg1: entered allmulticast mode
[ 1375.359545][T26346] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.6843'.
[ 1375.389196][T26365] netlink: 'syz.4.6847': attribute type 29 has an invalid length.
[ 1375.403867][T26346] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.6843'.
[ 1375.413146][T26346] netlink: 2 bytes leftover after parsing attributes in process `syz.2.6843'.
[ 1376.701655][T26364] netlink: 'syz.4.6847': attribute type 27 has an invalid length.
[ 1376.710556][T26365] netlink: 'syz.4.6847': attribute type 29 has an invalid length.
[ 1377.093073][ T5779] Bluetooth: hci2: unexpected subevent 0x04 length: 150 > 11
[ 1377.177771][T26389] netlink: 'syz.0.6860': attribute type 10 has an invalid length.
[ 1377.477687][T26389] team0 (unregistering): Port device team_slave_0 removed
[ 1377.529199][T26389] team0 (unregistering): Port device team_slave_1 removed
[ 1377.589881][T26394] netlink: 'syz.2.6854': attribute type 21 has an invalid length.
[ 1377.603611][T26394] netlink: 128 bytes leftover after parsing attributes in process `syz.2.6854'.
[ 1377.612926][T26394] netlink: 3 bytes leftover after parsing attributes in process `syz.2.6854'.
[ 1378.247533][T26405] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.6856'.
[ 1378.273924][T26405] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.6856'.
[ 1378.283439][T26405] netlink: 2 bytes leftover after parsing attributes in process `syz.0.6856'.
[ 1378.600459][T26410] dvmrp1: tun_chr_ioctl cmd 1074812117
[ 1378.635897][T26418] netlink: 'syz.0.6861': attribute type 10 has an invalid length.
[ 1378.820537][T26425] netlink: 'syz.4.6865': attribute type 10 has an invalid length.
[ 1378.894010][T26427] netlink: 'syz.0.6866': attribute type 10 has an invalid length.
[ 1379.241026][T26433] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.6868'.
[ 1379.655484][T26440] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.6870'.
[ 1379.675126][T26440] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.6870'.
[ 1379.684612][T26440] netlink: 2 bytes leftover after parsing attributes in process `syz.2.6870'.
[ 1379.943844][T26439] mac80211_hwsim hwsim125 »»»»»»: renamed from wlan0
[ 1380.716121][T26454] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.6874'.
[ 1380.803980][T26456] veth0_to_bond: entered promiscuous mode
[ 1381.232589][T26462] netlink: 'syz.3.6877': attribute type 10 has an invalid length.
[ 1383.074819][T26499] netlink: 'syz.4.6890': attribute type 10 has an invalid length.
[ 1383.170430][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1384.747758][T26534] __nla_validate_parse: 4 callbacks suppressed
[ 1384.747804][T26534] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.6901'.
[ 1384.786992][T26534] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.6901'.
[ 1384.874110][T26534] netlink: 2 bytes leftover after parsing attributes in process `syz.3.6901'.
[ 1385.673227][T26544] netlink: 'syz.4.6903': attribute type 4 has an invalid length.
[ 1385.816129][T26544] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.6903'.
[ 1387.523854][T26551] FAULT_INJECTION: forcing a failure.
[ 1387.523854][T26551] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1387.574679][T26551] CPU: 0 PID: 26551 Comm: syz.2.6907 Not tainted syzkaller #0
[ 1387.582241][T26551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1387.592351][T26551] Call Trace:
[ 1387.595676][T26551]  <TASK>
[ 1387.598653][T26551]  dump_stack_lvl+0x18c/0x250
[ 1387.603395][T26551]  ? show_regs_print_info+0x20/0x20
[ 1387.608661][T26551]  ? load_image+0x400/0x400
[ 1387.613316][T26551]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1387.619554][T26551]  should_fail_ex+0x39d/0x4d0
[ 1387.624306][T26551]  _copy_from_user+0x2f/0xe0
[ 1387.628955][T26551]  bpf_test_init+0xde/0x140
[ 1387.633509][T26551]  bpf_prog_test_run_xdp+0x4d1/0x10e0
[ 1387.638944][T26551]  ? dev_put+0x80/0x80
[ 1387.643076][T26551]  ? dev_put+0x80/0x80
[ 1387.647199][T26551]  bpf_prog_test_run+0x321/0x390
[ 1387.652191][T26551]  __sys_bpf+0x49d/0x890
[ 1387.656482][T26551]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1387.661910][T26551]  ? lock_chain_count+0x20/0x20
[ 1387.666807][T26551]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1387.672939][T26551]  __x64_sys_bpf+0x7c/0x90
[ 1387.677441][T26551]  do_syscall_64+0x55/0xa0
[ 1387.681911][T26551]  ? clear_bhb_loop+0x40/0x90
[ 1387.686634][T26551]  ? clear_bhb_loop+0x40/0x90
[ 1387.691356][T26551]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1387.697384][T26551] RIP: 0033:0x7f5d2179c799
[ 1387.701843][T26551] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1387.721514][T26551] RSP: 002b:00007f5d22651028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1387.729985][T26551] RAX: ffffffffffffffda RBX: 00007f5d21a15fa0 RCX: 00007f5d2179c799
[ 1387.738008][T26551] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1387.746029][T26551] RBP: 00007f5d22651090 R08: 0000000000000000 R09: 0000000000000000
[ 1387.754063][T26551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1387.762111][T26551] R13: 00007f5d21a16038 R14: 00007f5d21a15fa0 R15: 00007fffbf93d378
[ 1387.770145][T26551]  </TASK>
[ 1388.059401][T26558] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.6910'.
[ 1388.138193][T26558] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[ 1388.173675][T26558] CPU: 0 PID: 26558 Comm: syz.3.6910 Not tainted syzkaller #0
[ 1388.181244][T26558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1388.191434][T26558] Call Trace:
[ 1388.194754][T26558]  <TASK>
[ 1388.197709][T26558]  dump_stack_lvl+0x18c/0x250
[ 1388.202422][T26558]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1388.208639][T26558]  ? show_regs_print_info+0x20/0x20
[ 1388.213911][T26558]  ? load_image+0x400/0x400
[ 1388.218537][T26558]  ? sysfs_warn_dup+0x65/0xa0
[ 1388.223246][T26558]  sysfs_warn_dup+0x8e/0xa0
[ 1388.227772][T26558]  sysfs_do_create_link_sd+0xc0/0x110
[ 1388.233188][T26558]  device_add_class_symlinks+0x1cf/0x240
[ 1388.238866][T26558]  device_add+0x507/0xc20
[ 1388.243238][T26558]  wiphy_register+0x1dad/0x2ae0
[ 1388.248145][T26558]  ? cfg80211_event_work+0x40/0x40
[ 1388.253286][T26558]  ? minstrel_ht_alloc+0x88a/0x990
[ 1388.258448][T26558]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[ 1388.264551][T26558]  ieee80211_register_hw+0x3464/0x4250
[ 1388.270242][T26558]  ? ieee80211_tasklet_handler+0x20/0x20
[ 1388.275907][T26558]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1388.281839][T26558]  ? __debug_object_init+0xec/0x450
[ 1388.287074][T26558]  ? __asan_memset+0x22/0x40
[ 1388.291701][T26558]  ? __hrtimer_init+0x186/0x270
[ 1388.296590][T26558]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[ 1388.302366][T26558]  ? mac80211_hwsim_free+0x220/0x220
[ 1388.307720][T26558]  ? rcu_is_watching+0x15/0xb0
[ 1388.312521][T26558]  ? kstrndup+0xbd/0x140
[ 1388.316805][T26558]  hwsim_new_radio_nl+0xdc9/0x1a90
[ 1388.322048][T26558]  ? __nla_validate+0x50/0x50
[ 1388.326782][T26558]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[ 1388.333146][T26558]  ? perf_trace_kmalloc+0x68/0x140
[ 1388.338295][T26558]  ? __nla_parse+0x40/0x50
[ 1388.342740][T26558]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[ 1388.349100][T26558]  genl_family_rcv_msg_doit+0x211/0x310
[ 1388.354682][T26558]  ? end_current_label_crit_section+0x170/0x170
[ 1388.360967][T26558]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[ 1388.366897][T26558]  ? bpf_lsm_capable+0x9/0x10
[ 1388.371612][T26558]  ? security_capable+0x89/0xb0
[ 1388.376501][T26558]  genl_rcv_msg+0x619/0x7a0
[ 1388.381126][T26558]  ? genl_bind+0x360/0x360
[ 1388.385567][T26558]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[ 1388.391943][T26558]  netlink_rcv_skb+0x241/0x4d0
[ 1388.396746][T26558]  ? genl_bind+0x360/0x360
[ 1388.401188][T26558]  ? netlink_ack+0x1180/0x1180
[ 1388.406008][T26558]  ? __lock_acquire+0x7d40/0x7d40
[ 1388.411070][T26558]  ? net_generic+0x1e/0x240
[ 1388.415628][T26558]  ? down_read+0x1ac/0x2e0
[ 1388.420167][T26558]  genl_rcv+0x28/0x40
[ 1388.424184][T26558]  netlink_unicast+0x751/0x8d0
[ 1388.428991][T26558]  netlink_sendmsg+0x8d0/0xbf0
[ 1388.433797][T26558]  ? netlink_getsockopt+0x590/0x590
[ 1388.439030][T26558]  ? aa_sock_msg_perm+0x94/0x150
[ 1388.444026][T26558]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1388.449344][T26558]  ? security_socket_sendmsg+0x80/0xa0
[ 1388.454830][T26558]  ? netlink_getsockopt+0x590/0x590
[ 1388.460065][T26558]  ____sys_sendmsg+0x5ba/0x960
[ 1388.465036][T26558]  ? __asan_memset+0x22/0x40
[ 1388.469745][T26558]  ? __sys_sendmsg_sock+0x30/0x30
[ 1388.474796][T26558]  ? __import_iovec+0x5f2/0x850
[ 1388.479691][T26558]  ? import_iovec+0x73/0xa0
[ 1388.484223][T26558]  ___sys_sendmsg+0x2a6/0x360
[ 1388.488945][T26558]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1388.493755][T26558]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[ 1388.500053][T26558]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1388.504930][T26558]  ? __x64_sys_sendmsg+0x80/0x80
[ 1388.509921][T26558]  ? lockdep_hardirqs_on+0x98/0x150
[ 1388.515154][T26558]  do_syscall_64+0x55/0xa0
[ 1388.519615][T26558]  ? clear_bhb_loop+0x40/0x90
[ 1388.524365][T26558]  ? clear_bhb_loop+0x40/0x90
[ 1388.529072][T26558]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1388.534990][T26558] RIP: 0033:0x7fc63d59c799
[ 1388.539435][T26558] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1388.559066][T26558] RSP: 002b:00007fc63e4e8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1388.567515][T26558] RAX: ffffffffffffffda RBX: 00007fc63d815fa0 RCX: 00007fc63d59c799
[ 1388.575568][T26558] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[ 1388.583593][T26558] RBP: 00007fc63d632c99 R08: 0000000000000000 R09: 0000000000000000
[ 1388.591594][T26558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1388.599765][T26558] R13: 00007fc63d816038 R14: 00007fc63d815fa0 R15: 00007ffc139861e8
[ 1388.607784][T26558]  </TASK>
[ 1389.089490][T26575] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.6916'.
[ 1389.130195][T26575] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.6916'.
[ 1389.140973][T26575] netlink: 2 bytes leftover after parsing attributes in process `syz.2.6916'.
[ 1389.151543][T26576] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.6915'.
[ 1389.193867][T26576] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.6915'.
[ 1389.332086][T26578] netlink: 'syz.3.6917': attribute type 2 has an invalid length.
[ 1389.344044][T26578] netlink: 'syz.3.6917': attribute type 8 has an invalid length.
[ 1391.349162][T26602] lo: entered promiscuous mode
[ 1392.104236][T26600] netlink: 'syz.3.6925': attribute type 29 has an invalid length.
[ 1392.130281][T26600] netlink: 'syz.3.6925': attribute type 29 has an invalid length.
[ 1392.188709][T26606] netlink: 'syz.3.6925': attribute type 29 has an invalid length.
[ 1392.644817][T26611] __nla_validate_parse: 2 callbacks suppressed
[ 1392.644839][T26611] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.6928'.
[ 1392.715282][T26611] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.6928'.
[ 1392.766530][T26611] netlink: 2 bytes leftover after parsing attributes in process `syz.4.6928'.
[ 1394.057093][T26633] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6935'.
[ 1394.375705][T26632] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1394.679308][T26636] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.6936'.
[ 1394.689592][T26636] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.6936'.
[ 1394.702900][T26636] netlink: 2 bytes leftover after parsing attributes in process `syz.4.6936'.
[ 1394.969825][T26649] netlink: 'syz.4.6942': attribute type 29 has an invalid length.
[ 1394.987042][T26645] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.6940'.
[ 1395.017887][T26645] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.6940'.
[ 1395.050268][T26645] netlink: 2 bytes leftover after parsing attributes in process `syz.3.6940'.
[ 1395.081015][T26649] netlink: 'syz.4.6942': attribute type 29 has an invalid length.
[ 1395.718470][ T5779] Bluetooth: hci5: unexpected subevent 0x04 length: 150 > 11
[ 1396.117895][T26683] netlink: 'syz.2.6952': attribute type 4 has an invalid length.
[ 1396.235729][T26684] netlink: 'syz.2.6952': attribute type 4 has an invalid length.
[ 1396.949153][T26706] veth0_to_bond: entered promiscuous mode
[ 1397.001374][T26708] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1397.065123][ T5779] Bluetooth: hci5: unexpected subevent 0x04 length: 150 > 11
[ 1398.094385][ T5779] Bluetooth: hci4: unexpected subevent 0x04 length: 150 > 11
[ 1398.522832][T26748] __nla_validate_parse: 7 callbacks suppressed
[ 1398.522870][T26748] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.6976'.
[ 1398.582817][T26748] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.6976'.
[ 1398.639687][T26748] netlink: 2 bytes leftover after parsing attributes in process `syz.2.6976'.
[ 1399.391576][ T5779] Bluetooth: hci4: unexpected subevent 0x04 length: 150 > 11
[ 1399.562878][T26776] netlink: 1057 bytes leftover after parsing attributes in process `syz.2.6987'.
[ 1400.001407][T26789] FAULT_INJECTION: forcing a failure.
[ 1400.001407][T26789] name failslab, interval 1, probability 0, space 0, times 0
[ 1400.016689][T26789] CPU: 0 PID: 26789 Comm: syz.4.6991 Not tainted syzkaller #0
[ 1400.024228][T26789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1400.034342][T26789] Call Trace:
[ 1400.037673][T26789]  <TASK>
[ 1400.040660][T26789]  dump_stack_lvl+0x18c/0x250
[ 1400.045407][T26789]  ? show_regs_print_info+0x20/0x20
[ 1400.050667][T26789]  ? load_image+0x400/0x400
[ 1400.055231][T26789]  ? __might_sleep+0xe0/0xe0
[ 1400.059873][T26789]  ? __lock_acquire+0x7d40/0x7d40
[ 1400.064962][T26789]  should_fail_ex+0x39d/0x4d0
[ 1400.069721][T26789]  should_failslab+0x9/0x20
[ 1400.074274][T26789]  slab_pre_alloc_hook+0x59/0x310
[ 1400.079334][T26789]  ? __lock_acquire+0x7d40/0x7d40
[ 1400.084390][T26789]  ? kvmalloc_node+0x70/0x180
[ 1400.089113][T26789]  ? kvmalloc_node+0x70/0x180
[ 1400.093820][T26789]  __kmem_cache_alloc_node+0x53/0x250
[ 1400.099405][T26789]  ? __schedule_delayed_monitor_work+0x200/0x200
[ 1400.105869][T26789]  ? kvmalloc_node+0x70/0x180
[ 1400.110583][T26789]  __kmalloc_node+0xa4/0x230
[ 1400.115215][T26789]  kvmalloc_node+0x70/0x180
[ 1400.119752][T26789]  bpf_test_run_xdp_live+0x1c2/0x1b20
[ 1400.125166][T26789]  ? 0xffffffffa0004740
[ 1400.129346][T26789]  ? 0xffffffffa0004740
[ 1400.133528][T26789]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[ 1400.139541][T26789]  ? 0xffffffffa0004740
[ 1400.143733][T26789]  ? xdp_convert_md_to_buff+0x330/0x330
[ 1400.149337][T26789]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[ 1400.155609][T26789]  ? _copy_from_user+0xa5/0xe0
[ 1400.160403][T26789]  ? bpf_test_init+0x119/0x140
[ 1400.165196][T26789]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1400.170680][T26789]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[ 1400.176104][T26789]  ? dev_put+0x80/0x80
[ 1400.180212][T26789]  ? dev_put+0x80/0x80
[ 1400.184307][T26789]  bpf_prog_test_run+0x321/0x390
[ 1400.189448][T26789]  __sys_bpf+0x49d/0x890
[ 1400.193726][T26789]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1400.199143][T26789]  ? lock_chain_count+0x20/0x20
[ 1400.204031][T26789]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1400.210052][T26789]  __x64_sys_bpf+0x7c/0x90
[ 1400.214499][T26789]  do_syscall_64+0x55/0xa0
[ 1400.218951][T26789]  ? clear_bhb_loop+0x40/0x90
[ 1400.223689][T26789]  ? clear_bhb_loop+0x40/0x90
[ 1400.228424][T26789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1400.234361][T26789] RIP: 0033:0x7fdae579c799
[ 1400.238809][T26789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1400.258537][T26789] RSP: 002b:00007fdae6696028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1400.267009][T26789] RAX: ffffffffffffffda RBX: 00007fdae5a15fa0 RCX: 00007fdae579c799
[ 1400.275103][T26789] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1400.283707][T26789] RBP: 00007fdae6696090 R08: 0000000000000000 R09: 0000000000000000
[ 1400.291710][T26789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1400.299709][T26789] R13: 00007fdae5a16038 R14: 00007fdae5a15fa0 R15: 00007fff9b332208
[ 1400.307811][T26789]  </TASK>
[ 1400.336804][T26791] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.6992'.
[ 1400.528107][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1400.775074][T26801] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6996'.
[ 1401.251996][T26822] netlink: 'syz.2.7003': attribute type 10 has an invalid length.
[ 1401.816472][T26822] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1401.824036][T26822] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1401.860387][T26822] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1401.867786][T26822] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1401.875484][T26822] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1401.882775][T26822] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1401.912977][T26822] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1402.100742][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1402.218266][T26833] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7007'.
[ 1402.252388][T26833] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7007'.
[ 1402.266336][T26833] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7007'.
[ 1402.645012][T26846] netlink: 'syz.2.7010': attribute type 2 has an invalid length.
[ 1402.652970][T26846] netlink: 'syz.2.7010': attribute type 8 has an invalid length.
[ 1402.673745][T26846] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7010'.
[ 1403.112391][T26852] netlink: 'syz.3.7015': attribute type 29 has an invalid length.
[ 1403.124243][T26852] netlink: 'syz.3.7015': attribute type 29 has an invalid length.
[ 1403.143220][T26852] netlink: 'syz.3.7015': attribute type 29 has an invalid length.
[ 1403.191143][ T5779] Bluetooth: hci2: unexpected subevent 0x04 length: 150 > 11
[ 1404.007677][T26883] netlink: 'syz.0.7025': attribute type 25 has an invalid length.
[ 1404.053660][T26883] netlink: 'syz.0.7025': attribute type 9 has an invalid length.
[ 1404.095711][ T5779] Bluetooth: hci4: unexpected subevent 0x04 length: 150 > 11
[ 1404.860369][T26893] __nla_validate_parse: 3 callbacks suppressed
[ 1404.860412][T26893] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7033'.
[ 1404.884014][T26893] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7033'.
[ 1404.933768][T26893] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7033'.
[ 1405.268777][ T5779] Bluetooth: hci2: unexpected subevent 0x04 length: 150 > 11
[ 1405.579124][T26916] netlink: 'syz.0.7041': attribute type 10 has an invalid length.
[ 1406.020601][T26908] netlink: 'syz.3.7038': attribute type 29 has an invalid length.
[ 1406.062680][T26925] netlink: 13435 bytes leftover after parsing attributes in process `syz.0.7044'.
[ 1406.191959][T26923] dvmrp1: tun_chr_ioctl cmd 1074812117
[ 1406.257228][T26928] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7045'.
[ 1406.324333][T26928] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7045'.
[ 1406.353653][T26928] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7045'.
[ 1407.230084][T26937] validate_nla: 3 callbacks suppressed
[ 1407.230102][T26937] netlink: 'syz.0.7049': attribute type 10 has an invalid length.
[ 1407.265749][ T5779] Bluetooth: hci2: unexpected subevent 0x04 length: 150 > 11
[ 1407.288623][T26937] hsr0: entered promiscuous mode
[ 1407.319443][T26937] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1407.398144][T26937] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1407.424668][T26937] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1407.440512][T26937] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1407.449419][T26945] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1408.248329][T26959] netlink: 'syz.4.7056': attribute type 29 has an invalid length.
[ 1408.464589][T26959] netlink: 'syz.4.7056': attribute type 29 has an invalid length.
[ 1408.698147][T26967] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7060'.
[ 1408.721661][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1408.729637][T26967] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7060'.
[ 1408.744782][T26967] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7060'.
[ 1409.275427][T26981] netlink: 'syz.2.7067': attribute type 10 has an invalid length.
[ 1409.509060][T24032] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1409.524459][T24032] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1409.544492][T24032] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1409.559666][T24032] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1409.567973][T24032] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1409.596090][T24032] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1409.688142][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1409.878329][T24051] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1409.899821][T26997] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7071'.
[ 1409.917031][T26997] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7071'.
[ 1409.929776][T26997] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7071'.
[ 1410.008811][T24051] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1410.248144][T24051] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1410.399628][T24051] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1410.420500][ T5779] Bluetooth: hci4: unexpected subevent 0x04 length: 150 > 11
[ 1410.512728][T26986] chnl_net:caif_netlink_parms(): no params data found
[ 1411.014186][T26986] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1411.054155][T26986] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1411.085839][T26986] bridge_slave_0: entered allmulticast mode
[ 1411.111774][T26986] bridge_slave_0: entered promiscuous mode
[ 1411.169250][T26986] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1411.202000][T26986] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1411.223811][T26986] bridge_slave_1: entered allmulticast mode
[ 1411.255440][T26986] bridge_slave_1: entered promiscuous mode
[ 1411.402584][T26986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1411.465096][T26986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1411.599587][T26986] team0: Port device team_slave_0 added
[ 1411.625562][T26986] team0: Port device team_slave_1 added
[ 1411.673134][ T5779] Bluetooth: hci3: command tx timeout
[ 1411.700653][ T5779] Bluetooth: hci2: unexpected subevent 0x04 length: 150 > 11
[ 1411.752315][T26986] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1411.774138][T26986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1411.854863][T26986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1411.888333][T26986] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1411.903636][T26986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1411.953650][T26986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1412.103019][T27055] netlink: 'syz.0.7090': attribute type 10 has an invalid length.
[ 1412.399264][T26986] hsr_slave_0: entered promiscuous mode
[ 1412.442679][T26986] hsr_slave_1: entered promiscuous mode
[ 1412.515801][T26986] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1412.547527][T26986] Cannot create hsr debugfs directory
[ 1412.626789][T27076] netlink: 26 bytes leftover after parsing attributes in process `syz.4.7096'.
[ 1412.836465][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1412.951794][T27086] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7097'.
[ 1413.168615][T27078] syzkaller0: entered promiscuous mode
[ 1413.178220][T27078] syzkaller0: entered allmulticast mode
[ 1413.226104][T27086] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!ÿ'
[ 1413.242028][T27086] CPU: 1 PID: 27086 Comm: syz.2.7097 Not tainted syzkaller #0
[ 1413.249595][T27086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1413.259796][T27086] Call Trace:
[ 1413.263124][T27086]  <TASK>
[ 1413.266111][T27086]  dump_stack_lvl+0x18c/0x250
[ 1413.270870][T27086]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1413.277090][T27086]  ? show_regs_print_info+0x20/0x20
[ 1413.282346][T27086]  ? load_image+0x400/0x400
[ 1413.286940][T27086]  sysfs_warn_dup+0x8e/0xa0
[ 1413.291503][T27086]  sysfs_do_create_link_sd+0xc0/0x110
[ 1413.296947][T27086]  device_add_class_symlinks+0x1cf/0x240
[ 1413.302682][T27086]  device_add+0x507/0xc20
[ 1413.307120][T27086]  wiphy_register+0x1dad/0x2ae0
[ 1413.312097][T27086]  ? cfg80211_event_work+0x40/0x40
[ 1413.317267][T27086]  ? minstrel_ht_alloc+0x88a/0x990
[ 1413.322485][T27086]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[ 1413.328796][T27086]  ieee80211_register_hw+0x3464/0x4250
[ 1413.334384][T27086]  ? ieee80211_tasklet_handler+0x20/0x20
[ 1413.340089][T27086]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1413.346064][T27086]  ? __debug_object_init+0xec/0x450
[ 1413.351354][T27086]  ? __asan_memset+0x22/0x40
[ 1413.356016][T27086]  ? __hrtimer_init+0x186/0x270
[ 1413.360944][T27086]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[ 1413.366802][T27086]  ? mac80211_hwsim_free+0x220/0x220
[ 1413.372166][T27086]  ? rcu_is_watching+0x15/0xb0
[ 1413.377008][T27086]  ? kstrndup+0xbd/0x140
[ 1413.381345][T27086]  hwsim_new_radio_nl+0xdc9/0x1a90
[ 1413.386547][T27086]  ? __nla_validate+0x50/0x50
[ 1413.391339][T27086]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[ 1413.397789][T27086]  ? __nla_parse+0x40/0x50
[ 1413.402303][T27086]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[ 1413.408719][T27086]  genl_family_rcv_msg_doit+0x211/0x310
[ 1413.414369][T27086]  ? end_current_label_crit_section+0x170/0x170
[ 1413.420694][T27086]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[ 1413.426678][T27086]  ? bpf_lsm_capable+0x9/0x10
[ 1413.431439][T27086]  ? security_capable+0x89/0xb0
[ 1413.436368][T27086]  genl_rcv_msg+0x619/0x7a0
[ 1413.440942][T27086]  ? genl_bind+0x360/0x360
[ 1413.445453][T27086]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[ 1413.451865][T27086]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[ 1413.458522][T27086]  ? ref_tracker_free+0x690/0x840
[ 1413.463629][T27086]  netlink_rcv_skb+0x241/0x4d0
[ 1413.468498][T27086]  ? genl_bind+0x360/0x360
[ 1413.472988][T27086]  ? netlink_ack+0x1180/0x1180
[ 1413.477886][T27086]  ? __lock_acquire+0x7d40/0x7d40
[ 1413.483009][T27086]  ? down_read+0x1ac/0x2e0
[ 1413.487494][T27086]  genl_rcv+0x28/0x40
[ 1413.491569][T27086]  netlink_unicast+0x751/0x8d0
[ 1413.496875][T27086]  netlink_sendmsg+0x8d0/0xbf0
[ 1413.501750][T27086]  ? netlink_getsockopt+0x590/0x590
[ 1413.507032][T27086]  ? aa_sock_msg_perm+0x94/0x150
[ 1413.512093][T27086]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1413.517457][T27086]  ? security_socket_sendmsg+0x80/0xa0
[ 1413.522973][T27086]  ? netlink_getsockopt+0x590/0x590
[ 1413.528339][T27086]  ____sys_sendmsg+0x5ba/0x960
[ 1413.533297][T27086]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1413.539568][T27086]  ? __asan_memset+0x22/0x40
[ 1413.544243][T27086]  ? __sys_sendmsg_sock+0x30/0x30
[ 1413.549336][T27086]  ? __import_iovec+0x5f2/0x850
[ 1413.554302][T27086]  ? import_iovec+0x73/0xa0
[ 1413.558887][T27086]  ___sys_sendmsg+0x2a6/0x360
[ 1413.563639][T27086]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1413.568633][T27086]  ? debug_mutex_init+0x38/0x70
[ 1413.573612][T27086]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1413.578537][T27086]  ? __x64_sys_sendmsg+0x80/0x80
[ 1413.583587][T27086]  ? lockdep_hardirqs_on+0x98/0x150
[ 1413.588884][T27086]  do_syscall_64+0x55/0xa0
[ 1413.593366][T27086]  ? clear_bhb_loop+0x40/0x90
[ 1413.598122][T27086]  ? clear_bhb_loop+0x40/0x90
[ 1413.602940][T27086]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1413.609015][T27086] RIP: 0033:0x7f5d2179c799
[ 1413.613528][T27086] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1413.633223][T27086] RSP: 002b:00007f5d22651028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1413.641731][T27086] RAX: ffffffffffffffda RBX: 00007f5d21a15fa0 RCX: 00007f5d2179c799
[ 1413.649791][T27086] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[ 1413.657839][T27086] RBP: 00007f5d21832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1413.665920][T27086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1413.674054][T27086] R13: 00007f5d21a16038 R14: 00007f5d21a15fa0 R15: 00007fffbf93d378
[ 1413.682119][T27086]  </TASK>
[ 1413.744692][T27090] netlink: 188 bytes leftover after parsing attributes in process `syz.0.7099'.
[ 1413.755526][ T5779] Bluetooth: hci3: command tx timeout
[ 1415.834388][ T5779] Bluetooth: hci3: command tx timeout
[ 1416.677216][T27099] netlink: 'syz.0.7100': attribute type 10 has an invalid length.
[ 1416.699618][T27107] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 1416.719555][T27107] syzkaller0: entered promiscuous mode
[ 1416.725532][T27107] syzkaller0: entered allmulticast mode
[ 1417.112826][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1417.521481][T27131] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1417.903986][ T5779] Bluetooth: hci3: command tx timeout
[ 1418.041792][T24051] hsr_slave_0: left promiscuous mode
[ 1418.051403][T24051] hsr_slave_1: left promiscuous mode
[ 1418.059826][ T5779] Bluetooth: hci0: unexpected subevent 0x04 length: 150 > 11
[ 1418.080003][T24051] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1418.095939][T24051] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1418.106320][T24051] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1418.114248][T24051] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1418.132084][T24051] bridge_slave_1: left allmulticast mode
[ 1418.137901][T24051] bridge_slave_1: left promiscuous mode
[ 1418.144562][T24051] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1418.184314][T24051] bridge_slave_0: left allmulticast mode
[ 1418.190056][T24051] bridge_slave_0: left promiscuous mode
[ 1418.214452][T24051] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1418.281025][T24051] veth1_macvtap: left promiscuous mode
[ 1418.295281][T24051] veth0_macvtap: left promiscuous mode
[ 1418.301026][T24051] veth1_vlan: left promiscuous mode
[ 1418.318873][T24051] veth0_vlan: left promiscuous mode
[ 1419.284726][T27176] netlink: 'syz.2.7124': attribute type 29 has an invalid length.
[ 1419.539969][T24051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1419.598801][T24051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1420.009983][T24051] bond0 (unregistering): Released all slaves
[ 1420.147468][T27170] netlink: 'syz.0.7128': attribute type 10 has an invalid length.
[ 1420.163291][T27176] netlink: 'syz.2.7124': attribute type 29 has an invalid length.
[ 1420.198381][T26986] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1420.246769][T26986] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1420.302597][T26986] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1420.337906][T26986] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1420.402598][T27186] netlink: 'syz.2.7127': attribute type 10 has an invalid length.
[ 1420.497082][T27184] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7126'.
[ 1420.548140][T27184] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7126'.
[ 1420.581787][T27184] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7126'.
[ 1420.871693][T26986] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1420.996248][T26986] 8021q: adding VLAN 0 to HW filter on device team0
[ 1421.004827][T27193] dvmrp1: tun_chr_ioctl cmd 1074812117
[ 1421.065680][T24057] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1421.072890][T24057] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1421.108753][T24051] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1421.116034][T24051] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1421.360171][T27214] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1421.526313][T27221] netlink: 'syz.0.7137': attribute type 10 has an invalid length.
[ 1421.737476][T27226] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7139'.
[ 1421.763845][T27226] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7139'.
[ 1421.773364][T27226] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7139'.
[ 1421.856100][T26986] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1422.010911][T26986] veth0_vlan: entered promiscuous mode
[ 1422.064220][T27239] netlink: 830 bytes leftover after parsing attributes in process `syz.2.7143'.
[ 1422.080580][T26986] veth1_vlan: entered promiscuous mode
[ 1422.125044][T27236] netlink: 'syz.4.7142': attribute type 6 has an invalid length.
[ 1422.132899][T27236] netlink: 168 bytes leftover after parsing attributes in process `syz.4.7142'.
[ 1422.205427][T27236] netlink: 176 bytes leftover after parsing attributes in process `syz.4.7142'.
[ 1422.253225][T26986] veth0_macvtap: entered promiscuous mode
[ 1422.299271][T26986] veth1_macvtap: entered promiscuous mode
[ 1422.375462][T26986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1422.423424][T26986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1422.443580][T26986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1422.463911][T26986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1422.484729][T26986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1422.513558][T26986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1422.523446][T26986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1422.553619][T26986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1422.597846][T26986] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1422.646181][T27249] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7145'.
[ 1422.688171][T26986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1422.707940][T26986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1422.729689][T26986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1422.744408][T26986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1422.764710][T26986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1422.786772][T26986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1422.806701][T26986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1422.817729][T26986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1422.830384][T26986] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1422.893451][T26986] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1422.941067][T26986] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1422.972822][T26986] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1423.000007][T26986] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1423.255591][T24057] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1423.270414][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.276789][T24057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1423.276918][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.357144][T27266] netlink: 'syz.4.7149': attribute type 10 has an invalid length.
[ 1423.397259][T24051] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1423.428465][T24051] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1424.143129][T27274] netlink: 'syz.0.7158': attribute type 29 has an invalid length.
[ 1424.205633][T27274] netlink: 'syz.0.7158': attribute type 29 has an invalid length.
[ 1424.255904][T27285] netlink: 'syz.0.7158': attribute type 29 has an invalid length.
[ 1424.856469][T27304] netlink: 'syz.2.7159': attribute type 10 has an invalid length.
[ 1425.518707][T27332] netlink: 'syz.3.7164': attribute type 4 has an invalid length.
[ 1425.536077][T27332] __nla_validate_parse: 10 callbacks suppressed
[ 1425.536099][T27332] netlink: 144 bytes leftover after parsing attributes in process `syz.3.7164'.
[ 1425.554630][T27332] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1426.039932][T27344] syz.4.7168: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1426.119954][T27344] CPU: 1 PID: 27344 Comm: syz.4.7168 Not tainted syzkaller #0
[ 1426.127507][T27344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1426.137625][T27344] Call Trace:
[ 1426.140947][T27344]  <TASK>
[ 1426.143926][T27344]  dump_stack_lvl+0x18c/0x250
[ 1426.148669][T27344]  ? show_regs_print_info+0x20/0x20
[ 1426.153927][T27344]  ? load_image+0x400/0x400
[ 1426.158495][T27344]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1426.164969][T27344]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[ 1426.171613][T27344]  warn_alloc+0x246/0x340
[ 1426.176006][T27344]  ? stack_trace_save+0xaa/0x100
[ 1426.181000][T27344]  ? zone_watermark_ok_safe+0x230/0x230
[ 1426.186617][T27344]  ? kasan_set_track+0x5f/0x70
[ 1426.191421][T27344]  ? kasan_set_track+0x4e/0x70
[ 1426.196203][T27344]  ? __kasan_kmalloc+0x8f/0xa0
[ 1426.200982][T27344]  ? xsk_init_queue+0xad/0x100
[ 1426.205758][T27344]  ? xsk_setsockopt+0x4e5/0x760
[ 1426.210651][T27344]  ? do_sock_setsockopt+0x175/0x1a0
[ 1426.215889][T27344]  ? __x64_sys_setsockopt+0x182/0x200
[ 1426.221308][T27344]  __vmalloc_node_range+0x126/0x1330
[ 1426.226690][T27344]  ? free_vm_area+0x50/0x50
[ 1426.231260][T27344]  vmalloc_user+0x74/0x80
[ 1426.235640][T27344]  ? xskq_create+0xbf/0x170
[ 1426.240210][T27344]  xskq_create+0xbf/0x170
[ 1426.244565][T27344]  xsk_init_queue+0xad/0x100
[ 1426.249184][T27344]  xsk_setsockopt+0x4e5/0x760
[ 1426.253890][T27344]  ? xsk_poll+0x680/0x680
[ 1426.258240][T27344]  ? __fget_files+0x28/0x4b0
[ 1426.262858][T27344]  ? __fget_files+0x28/0x4b0
[ 1426.267500][T27344]  ? aa_sock_opt_perm+0x74/0x100
[ 1426.272457][T27344]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[ 1426.278039][T27344]  ? security_socket_setsockopt+0x7e/0xa0
[ 1426.283809][T27344]  ? xsk_poll+0x680/0x680
[ 1426.288190][T27344]  do_sock_setsockopt+0x175/0x1a0
[ 1426.293259][T27344]  ? __fdget+0x180/0x210
[ 1426.297652][T27344]  __x64_sys_setsockopt+0x182/0x200
[ 1426.302905][T27344]  do_syscall_64+0x55/0xa0
[ 1426.307371][T27344]  ? clear_bhb_loop+0x40/0x90
[ 1426.312148][T27344]  ? clear_bhb_loop+0x40/0x90
[ 1426.316872][T27344]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1426.322813][T27344] RIP: 0033:0x7fdae579c799
[ 1426.327277][T27344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1426.347112][T27344] RSP: 002b:00007fdae6696028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1426.355669][T27344] RAX: ffffffffffffffda RBX: 00007fdae5a15fa0 RCX: 00007fdae579c799
[ 1426.363691][T27344] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[ 1426.371712][T27344] RBP: 00007fdae5832c99 R08: 0000000000000004 R09: 0000000000000000
[ 1426.379729][T27344] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[ 1426.387760][T27344] R13: 00007fdae5a16038 R14: 00007fdae5a15fa0 R15: 00007fff9b332208
[ 1426.395937][T27344]  </TASK>
[ 1426.454503][T27344] Mem-Info:
[ 1426.457700][T27344] active_anon:10428 inactive_anon:0 isolated_anon:0
[ 1426.457700][T27344]  active_file:19374 inactive_file:40466 isolated_file:0
[ 1426.457700][T27344]  unevictable:768 dirty:109 writeback:0
[ 1426.457700][T27344]  slab_reclaimable:11229 slab_unreclaimable:97100
[ 1426.457700][T27344]  mapped:30033 shmem:1361 pagetables:537
[ 1426.457700][T27344]  sec_pagetables:0 bounce:0
[ 1426.457700][T27344]  kernel_misc_reclaimable:0
[ 1426.457700][T27344]  free:1318040 free_pcp:11586 free_cma:0
[ 1426.505801][T27344] Node 0 active_anon:41712kB inactive_anon:0kB active_file:77496kB inactive_file:161664kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120132kB dirty:436kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11816kB pagetables:2148kB sec_pagetables:0kB all_unreclaimable? no
[ 1426.552286][T27344] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1426.589589][T27344] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1426.623043][T27344] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1426.632066][T27344] Node 0 DMA32 free:1354604kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:41776kB inactive_anon:0kB active_file:77496kB inactive_file:160840kB unevictable:1536kB writepending:436kB present:3129332kB managed:2586964kB mlocked:0kB bounce:0kB free_pcp:38276kB local_pcp:18056kB free_cma:0kB
[ 1426.676081][T27344] lowmem_reserve[]: 0 0 0 0 0
[ 1426.705262][T27344] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[ 1426.732433][T27354] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7170'.
[ 1426.745916][T27344] lowmem_reserve[]: 0 0 0 0 0
[ 1426.746011][T27344] Node 1 Normal free:3902196kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:8096kB local_pcp:0kB free_cma:0kB
[ 1426.746076][T27344] lowmem_reserve[]: 0 0 0 0 0
[ 1426.746127][T27344] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1426.746284][T27344] Node 0 DMA32: 1307*4kB (UM) 474*8kB (UME) 719*16kB (M) 1370*32kB (UME) 734*64kB (UME) 275*128kB (UME) 95*256kB (UME) 90*512kB (UME) 63*1024kB (UME) 10*2048kB (M) 257*4096kB (UM) = 1354604kB
[ 1426.746525][T27344] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1426.746659][T27344] Node 1 Normal: 221*4kB (UME) 58*8kB (UME) 35*16kB (UME) 244*32kB (UME) 82*64kB (UME) 19*128kB (UME) 3*256kB (UM) 2*512kB (U) 2*1024kB 
[ 1426.763046][T27354] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7170'.
[ 1426.859924][T27344] (UE) 1*2048kB (E) 947*4096kB (M) = 3902196kB
[ 1426.873893][T27354] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7170'.
[ 1426.884208][T27344] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1426.917682][T27344] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1426.950605][T27344] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1426.976222][T27344] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1426.986570][T27344] 61201 total pagecache pages
[ 1426.991299][T27344] 0 pages in swap cache
[ 1427.002990][T27344] Free swap  = 124996kB
[ 1427.012254][T27357] netlink: 'syz.3.7172': attribute type 10 has an invalid length.
[ 1427.025637][T27344] Total swap = 124996kB
[ 1427.029858][T27344] 2097051 pages RAM
[ 1427.043695][T27344] 0 pages HighMem/MovableOnly
[ 1427.073568][T27344] 416924 pages reserved
[ 1427.077802][T27344] 0 pages cma reserved
[ 1427.227231][T27357] team0 (unregistering): Port device team_slave_0 removed
[ 1427.257066][T27357] team0 (unregistering): Port device team_slave_1 removed
[ 1427.296898][T27366] FAULT_INJECTION: forcing a failure.
[ 1427.296898][T27366] name failslab, interval 1, probability 0, space 0, times 0
[ 1427.314728][T27366] CPU: 0 PID: 27366 Comm: syz.4.7175 Not tainted syzkaller #0
[ 1427.322276][T27366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1427.332448][T27366] Call Trace:
[ 1427.335783][T27366]  <TASK>
[ 1427.338760][T27366]  dump_stack_lvl+0x18c/0x250
[ 1427.343695][T27366]  ? show_regs_print_info+0x20/0x20
[ 1427.348960][T27366]  ? load_image+0x400/0x400
[ 1427.353712][T27366]  ? lockdep_hardirqs_on+0x98/0x150
[ 1427.358987][T27366]  should_fail_ex+0x39d/0x4d0
[ 1427.363740][T27366]  should_failslab+0x9/0x20
[ 1427.368318][T27366]  slab_pre_alloc_hook+0x59/0x310
[ 1427.373406][T27366]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1427.379563][T27366]  ? page_pool_create+0x71/0x5c0
[ 1427.384567][T27366]  __kmem_cache_alloc_node+0x53/0x250
[ 1427.390014][T27366]  ? page_pool_create+0x71/0x5c0
[ 1427.395011][T27366]  kmalloc_node_trace+0x26/0xe0
[ 1427.399926][T27366]  page_pool_create+0x71/0x5c0
[ 1427.404755][T27366]  bpf_test_run_xdp_live+0x203/0x1b20
[ 1427.410190][T27366]  ? 0xffffffffa0004740
[ 1427.414400][T27366]  ? 0xffffffffa0004740
[ 1427.418620][T27366]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[ 1427.424569][T27366]  ? 0xffffffffa0004740
[ 1427.428775][T27366]  ? xdp_convert_md_to_buff+0x330/0x330
[ 1427.434397][T27366]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[ 1427.440685][T27366]  ? _copy_from_user+0xa5/0xe0
[ 1427.445493][T27366]  ? bpf_test_init+0x119/0x140
[ 1427.450311][T27366]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1427.455820][T27366]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[ 1427.461254][T27366]  ? dev_put+0x80/0x80
[ 1427.465376][T27366]  ? dev_put+0x80/0x80
[ 1427.469473][T27366]  bpf_prog_test_run+0x321/0x390
[ 1427.474444][T27366]  __sys_bpf+0x49d/0x890
[ 1427.478712][T27366]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1427.484128][T27366]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1427.490327][T27366]  __x64_sys_bpf+0x7c/0x90
[ 1427.494778][T27366]  do_syscall_64+0x55/0xa0
[ 1427.499318][T27366]  ? clear_bhb_loop+0x40/0x90
[ 1427.504034][T27366]  ? clear_bhb_loop+0x40/0x90
[ 1427.508749][T27366]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1427.514676][T27366] RIP: 0033:0x7fdae579c799
[ 1427.519120][T27366] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1427.538748][T27366] RSP: 002b:00007fdae6696028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1427.547191][T27366] RAX: ffffffffffffffda RBX: 00007fdae5a15fa0 RCX: 00007fdae579c799
[ 1427.555217][T27366] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1427.563234][T27366] RBP: 00007fdae6696090 R08: 0000000000000000 R09: 0000000000000000
[ 1427.571336][T27366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1427.579337][T27366] R13: 00007fdae5a16038 R14: 00007fdae5a15fa0 R15: 00007fff9b332208
[ 1427.587359][T27366]  </TASK>
[ 1427.685266][T27365] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7176'.
[ 1429.181919][T27403] netlink: 'syz.2.7188': attribute type 9 has an invalid length.
[ 1429.192087][T27403] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.7188'.
[ 1429.328327][T27405] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7189'.
[ 1429.371933][T27405] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7189'.
[ 1429.404875][T27405] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7189'.
[ 1429.547845][T27413] netlink: 6 bytes leftover after parsing attributes in process `syz.2.7192'.
[ 1429.595891][T27413] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1429.960511][T27417] netlink: 'syz.3.7193': attribute type 29 has an invalid length.
[ 1429.973435][T27417] netlink: 'syz.3.7193': attribute type 29 has an invalid length.
[ 1429.992275][T27417] netlink: 'syz.3.7193': attribute type 29 has an invalid length.
[ 1430.453915][T27448] netlink: 'syz.3.7203': attribute type 10 has an invalid length.
[ 1430.500275][T27449] netlink: 'syz.0.7204': attribute type 46 has an invalid length.
[ 1430.515382][T27449] netlink: 'syz.0.7204': attribute type 46 has an invalid length.
[ 1430.594439][T27449] net veth1_virt_wifi 
€Â: renamed from virt_wifi0
[ 1431.050591][T27468] netlink: 'syz.0.7210': attribute type 9 has an invalid length.
[ 1431.073906][T27468] __nla_validate_parse: 5 callbacks suppressed
[ 1431.073926][T27468] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.7210'.
[ 1431.614919][T27477] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7213'.
[ 1431.633784][T27477] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.7213'.
[ 1431.646638][T27477] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7213'.
[ 1431.657118][T27479] netlink: 'syz.3.7214': attribute type 10 has an invalid length.
[ 1431.668528][T27479] netlink: 55 bytes leftover after parsing attributes in process `syz.3.7214'.
[ 1432.285185][T27483] dvmrp1: tun_chr_ioctl cmd 1074812117
[ 1432.376948][T27488] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1432.543322][T27498] FAULT_INJECTION: forcing a failure.
[ 1432.543322][T27498] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1432.556892][T27498] CPU: 1 PID: 27498 Comm: syz.4.7221 Not tainted syzkaller #0
[ 1432.564419][T27498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1432.574716][T27498] Call Trace:
[ 1432.578050][T27498]  <TASK>
[ 1432.581055][T27498]  dump_stack_lvl+0x18c/0x250
[ 1432.585793][T27498]  ? show_regs_print_info+0x20/0x20
[ 1432.591072][T27498]  ? load_image+0x400/0x400
[ 1432.595641][T27498]  ? __might_fault+0xaa/0x120
[ 1432.600373][T27498]  ? __lock_acquire+0x7d40/0x7d40
[ 1432.605467][T27498]  should_fail_ex+0x39d/0x4d0
[ 1432.610219][T27498]  _copy_from_user+0x2f/0xe0
[ 1432.614881][T27498]  ___sys_sendmsg+0x1c7/0x360
[ 1432.619609][T27498]  ? get_pid_task+0x20/0x1e0
[ 1432.624270][T27498]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1432.629108][T27498]  ? __lock_acquire+0x7d40/0x7d40
[ 1432.634222][T27498]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1432.639141][T27498]  ? __x64_sys_sendmsg+0x80/0x80
[ 1432.644153][T27498]  ? lockdep_hardirqs_on+0x98/0x150
[ 1432.649423][T27498]  do_syscall_64+0x55/0xa0
[ 1432.653938][T27498]  ? clear_bhb_loop+0x40/0x90
[ 1432.658673][T27498]  ? clear_bhb_loop+0x40/0x90
[ 1432.663572][T27498]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1432.669525][T27498] RIP: 0033:0x7fdae579c799
[ 1432.673988][T27498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1432.693647][T27498] RSP: 002b:00007fdae6696028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1432.702136][T27498] RAX: ffffffffffffffda RBX: 00007fdae5a15fa0 RCX: 00007fdae579c799
[ 1432.710166][T27498] RDX: 0000000000000000 RSI: 0000200000001640 RDI: 0000000000000006
[ 1432.718189][T27498] RBP: 00007fdae6696090 R08: 0000000000000000 R09: 0000000000000000
[ 1432.726218][T27498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1432.734255][T27498] R13: 00007fdae5a16038 R14: 00007fdae5a15fa0 R15: 00007fff9b332208
[ 1432.742298][T27498]  </TASK>
[ 1432.859138][T27502] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7223'.
[ 1432.880713][T27502] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7223'.
[ 1432.892414][T27502] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7223'.
[ 1433.798371][T27508] netlink: 'syz.3.7224': attribute type 10 has an invalid length.
[ 1434.560956][T27523] netlink: 'syz.3.7232': attribute type 21 has an invalid length.
[ 1434.898169][T27532] netlink: 'syz.3.7235': attribute type 10 has an invalid length.
[ 1435.037427][T27536] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.7236'.
[ 1435.060304][T27536] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.7236'.
[ 1435.371349][T27551] netlink: 'syz.4.7241': attribute type 3 has an invalid length.
[ 1435.841126][T27567] aaaaaaaaaaaaaaa: entered promiscuous mode
[ 1437.087522][T27606] netlink: 'syz.3.7260': attribute type 3 has an invalid length.
[ 1437.103873][T27606] __nla_validate_parse: 4 callbacks suppressed
[ 1437.103937][T27606] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.7260'.
[ 1437.361073][T27617] FAULT_INJECTION: forcing a failure.
[ 1437.361073][T27617] name failslab, interval 1, probability 0, space 0, times 0
[ 1437.379697][T27617] CPU: 0 PID: 27617 Comm: syz.3.7264 Not tainted syzkaller #0
[ 1437.387333][T27617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1437.397699][T27617] Call Trace:
[ 1437.401017][T27617]  <TASK>
[ 1437.403992][T27617]  dump_stack_lvl+0x18c/0x250
[ 1437.408736][T27617]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1437.414950][T27617]  ? show_regs_print_info+0x20/0x20
[ 1437.420214][T27617]  ? load_image+0x400/0x400
[ 1437.424789][T27617]  should_fail_ex+0x39d/0x4d0
[ 1437.429534][T27617]  should_failslab+0x9/0x20
[ 1437.434104][T27617]  slab_pre_alloc_hook+0x59/0x310
[ 1437.439187][T27617]  ? kvmalloc_node+0x70/0x180
[ 1437.444109][T27617]  ? kvmalloc_node+0x70/0x180
[ 1437.448836][T27617]  __kmem_cache_alloc_node+0x53/0x250
[ 1437.454266][T27617]  ? kvmalloc_node+0x70/0x180
[ 1437.459043][T27617]  __kmalloc_node+0xa4/0x230
[ 1437.463703][T27617]  kvmalloc_node+0x70/0x180
[ 1437.468263][T27617]  page_pool_create+0x1eb/0x5c0
[ 1437.473176][T27617]  bpf_test_run_xdp_live+0x203/0x1b20
[ 1437.478702][T27617]  ? 0xffffffffa0004740
[ 1437.482902][T27617]  ? 0xffffffffa0004740
[ 1437.487101][T27617]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[ 1437.493040][T27617]  ? 0xffffffffa0004740
[ 1437.497226][T27617]  ? xdp_convert_md_to_buff+0x330/0x330
[ 1437.502834][T27617]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[ 1437.509111][T27617]  ? _copy_from_user+0xa5/0xe0
[ 1437.513914][T27617]  ? bpf_test_init+0x119/0x140
[ 1437.518701][T27617]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1437.524191][T27617]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[ 1437.529724][T27617]  ? dev_put+0x80/0x80
[ 1437.533844][T27617]  ? dev_put+0x80/0x80
[ 1437.537956][T27617]  bpf_prog_test_run+0x321/0x390
[ 1437.542934][T27617]  __sys_bpf+0x49d/0x890
[ 1437.547300][T27617]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1437.552708][T27617]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1437.558907][T27617]  __x64_sys_bpf+0x7c/0x90
[ 1437.563355][T27617]  do_syscall_64+0x55/0xa0
[ 1437.567805][T27617]  ? clear_bhb_loop+0x40/0x90
[ 1437.572516][T27617]  ? clear_bhb_loop+0x40/0x90
[ 1437.577226][T27617]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1437.583146][T27617] RIP: 0033:0x7f8d3b99c799
[ 1437.587592][T27617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1437.607233][T27617] RSP: 002b:00007f8d3c7cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1437.615759][T27617] RAX: ffffffffffffffda RBX: 00007f8d3bc15fa0 RCX: 00007f8d3b99c799
[ 1437.623761][T27617] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1437.631765][T27617] RBP: 00007f8d3c7cb090 R08: 0000000000000000 R09: 0000000000000000
[ 1437.639767][T27617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1437.647850][T27617] R13: 00007f8d3bc16038 R14: 00007f8d3bc15fa0 R15: 00007fff855d34d8
[ 1437.655864][T27617]  </TASK>
[ 1437.680504][T27614] can: request_module (can-proto-0) failed.
[ 1437.713306][T27617] page_pool_create() gave up with errno -12
[ 1438.029917][T27627] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.7267'.
[ 1438.050769][T27631] netlink: 'syz.3.7269': attribute type 10 has an invalid length.
[ 1438.519257][T27643] netlink: 'syz.2.7272': attribute type 3 has an invalid length.
[ 1438.533662][T27643] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.7272'.
[ 1438.769248][T27650] netlink: 60 bytes leftover after parsing attributes in process `syz.0.7275'.
[ 1439.122496][T27662] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7280'.
[ 1439.143700][T27662] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7280'.
[ 1439.158672][T27662] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7280'.
[ 1439.469879][T27667] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1439.800660][T27678] netlink: 6 bytes leftover after parsing attributes in process `syz.0.7285'.
[ 1439.836263][T27678] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1440.213828][T27686] netlink: 'syz.4.7290': attribute type 10 has an invalid length.
[ 1440.376523][T27682] netlink: 'syz.3.7287': attribute type 29 has an invalid length.
[ 1440.409485][T27682] netlink: 'syz.3.7287': attribute type 29 has an invalid length.
[ 1440.459396][T27691] netlink: 'syz.3.7287': attribute type 29 has an invalid length.
[ 1440.688525][T27701] FAULT_INJECTION: forcing a failure.
[ 1440.688525][T27701] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1440.742555][T27701] CPU: 1 PID: 27701 Comm: syz.0.7295 Not tainted syzkaller #0
[ 1440.750117][T27701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1440.760220][T27701] Call Trace:
[ 1440.763569][T27701]  <TASK>
[ 1440.766561][T27701]  dump_stack_lvl+0x18c/0x250
[ 1440.771307][T27701]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1440.777523][T27701]  ? show_regs_print_info+0x20/0x20
[ 1440.782785][T27701]  ? load_image+0x400/0x400
[ 1440.787364][T27701]  should_fail_ex+0x39d/0x4d0
[ 1440.792110][T27701]  _copy_from_iter+0x1d9/0x12e0
[ 1440.797041][T27701]  ? __virt_addr_valid+0x18c/0x540
[ 1440.802214][T27701]  ? __lock_acquire+0x7d40/0x7d40
[ 1440.807382][T27701]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1440.813421][T27701]  ? copyout_mc+0x70/0x70
[ 1440.817893][T27701]  ? __virt_addr_valid+0x18c/0x540
[ 1440.823055][T27701]  ? __virt_addr_valid+0x18c/0x540
[ 1440.828211][T27701]  ? __virt_addr_valid+0x469/0x540
[ 1440.833711][T27701]  ? __check_object_size+0x506/0xa20
[ 1440.839141][T27701]  skb_copy_datagram_from_iter+0xf4/0x6e0
[ 1440.844911][T27701]  ? skb_put+0x11b/0x210
[ 1440.849186][T27701]  tun_get_user+0x15db/0x3ca0
[ 1440.853903][T27701]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1440.859919][T27701]  ? rcu_read_unlock+0xa0/0xa0
[ 1440.864765][T27701]  ? tun_get+0x1c/0x2e0
[ 1440.868947][T27701]  ? __lock_acquire+0x7d40/0x7d40
[ 1440.874006][T27701]  ? tun_get+0x1c/0x2e0
[ 1440.878192][T27701]  ? tun_get+0x20f/0x2e0
[ 1440.882478][T27701]  tun_chr_write_iter+0x119/0x200
[ 1440.887533][T27701]  vfs_write+0x46c/0x990
[ 1440.891812][T27701]  ? file_end_write+0x250/0x250
[ 1440.896715][T27701]  ksys_write+0x150/0x260
[ 1440.901083][T27701]  ? __ia32_sys_read+0x90/0x90
[ 1440.905888][T27701]  ? syscall_enter_from_user_mode+0x2e/0x80
[ 1440.911817][T27701]  do_syscall_64+0x55/0xa0
[ 1440.916266][T27701]  ? clear_bhb_loop+0x40/0x90
[ 1440.920998][T27701]  ? clear_bhb_loop+0x40/0x90
[ 1440.925714][T27701]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1440.931639][T27701] RIP: 0033:0x7fb1cb99c799
[ 1440.936085][T27701] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1440.955721][T27701] RSP: 002b:00007fb1cc912028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1440.964165][T27701] RAX: ffffffffffffffda RBX: 00007fb1cbc15fa0 RCX: 00007fb1cb99c799
[ 1440.972256][T27701] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8
[ 1440.980252][T27701] RBP: 00007fb1cc912090 R08: 0000000000000000 R09: 0000000000000000
[ 1440.988426][T27701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1440.996427][T27701] R13: 00007fb1cbc16038 R14: 00007fb1cbc15fa0 R15: 00007ffe343482f8
[ 1441.004447][T27701]  </TASK>
[ 1441.174882][T27709] netlink: 'syz.2.7298': attribute type 10 has an invalid length.
[ 1441.303292][T27711] netlink: 148 bytes leftover after parsing attributes in process `syz.4.7299'.
[ 1441.331294][T27711] netlink: 'syz.4.7299': attribute type 10 has an invalid length.
[ 1441.342219][T27711] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7299'.
[ 1441.363709][T27711] hsr0: entered promiscuous mode
[ 1441.967844][T27737] netlink: 'syz.3.7309': attribute type 10 has an invalid length.
[ 1442.011998][T27729] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!ý'
[ 1442.021197][T27729] CPU: 1 PID: 27729 Comm: syz.2.7306 Not tainted syzkaller #0
[ 1442.028727][T27729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1442.038833][T27729] Call Trace:
[ 1442.042160][T27729]  <TASK>
[ 1442.045142][T27729]  dump_stack_lvl+0x18c/0x250
[ 1442.049892][T27729]  ? show_regs_print_info+0x20/0x20
[ 1442.055187][T27729]  ? load_image+0x400/0x400
[ 1442.059779][T27729]  sysfs_warn_dup+0x8e/0xa0
[ 1442.064336][T27729]  sysfs_do_create_link_sd+0xc0/0x110
[ 1442.069777][T27729]  device_add_class_symlinks+0x1cf/0x240
[ 1442.075479][T27729]  device_add+0x507/0xc20
[ 1442.079878][T27729]  wiphy_register+0x1dad/0x2ae0
[ 1442.084791][T27729]  ? __rtnl_unlock+0x18/0xe0
[ 1442.089467][T27729]  ? cfg80211_event_work+0x40/0x40
[ 1442.094642][T27729]  ? minstrel_ht_alloc+0x88a/0x990
[ 1442.099833][T27729]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[ 1442.105982][T27729]  ieee80211_register_hw+0x3464/0x4250
[ 1442.111551][T27729]  ? ieee80211_tasklet_handler+0x20/0x20
[ 1442.117255][T27729]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1442.123219][T27729]  ? __debug_object_init+0xec/0x450
[ 1442.128491][T27729]  ? __asan_memset+0x22/0x40
[ 1442.133141][T27729]  ? __hrtimer_init+0x186/0x270
[ 1442.138055][T27729]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[ 1442.143867][T27729]  ? mac80211_hwsim_free+0x220/0x220
[ 1442.149229][T27729]  ? rcu_is_watching+0x15/0xb0
[ 1442.154059][T27729]  ? kstrndup+0xbd/0x140
[ 1442.158379][T27729]  hwsim_new_radio_nl+0xdc9/0x1a90
[ 1442.163574][T27729]  ? __nla_validate+0x50/0x50
[ 1442.168334][T27729]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[ 1442.174756][T27729]  ? __nla_parse+0x40/0x50
[ 1442.179238][T27729]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[ 1442.185638][T27729]  genl_family_rcv_msg_doit+0x211/0x310
[ 1442.191250][T27729]  ? end_current_label_crit_section+0x170/0x170
[ 1442.197563][T27729]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[ 1442.203530][T27729]  ? bpf_lsm_capable+0x9/0x10
[ 1442.208273][T27729]  ? security_capable+0x89/0xb0
[ 1442.213208][T27729]  genl_rcv_msg+0x619/0x7a0
[ 1442.217790][T27729]  ? genl_bind+0x360/0x360
[ 1442.222306][T27729]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[ 1442.228734][T27729]  netlink_rcv_skb+0x241/0x4d0
[ 1442.233575][T27729]  ? genl_bind+0x360/0x360
[ 1442.238068][T27729]  ? netlink_ack+0x1180/0x1180
[ 1442.242924][T27729]  ? __lock_acquire+0x7d40/0x7d40
[ 1442.248069][T27729]  ? down_read+0x1ac/0x2e0
[ 1442.252540][T27729]  genl_rcv+0x28/0x40
[ 1442.256662][T27729]  netlink_unicast+0x751/0x8d0
[ 1442.261510][T27729]  netlink_sendmsg+0x8d0/0xbf0
[ 1442.266344][T27729]  ? netlink_getsockopt+0x590/0x590
[ 1442.271803][T27729]  ? aa_sock_msg_perm+0x94/0x150
[ 1442.276798][T27729]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1442.282142][T27729]  ? security_socket_sendmsg+0x80/0xa0
[ 1442.287658][T27729]  ? netlink_getsockopt+0x590/0x590
[ 1442.292930][T27729]  ____sys_sendmsg+0x5ba/0x960
[ 1442.297767][T27729]  ? __asan_memset+0x22/0x40
[ 1442.302419][T27729]  ? __sys_sendmsg_sock+0x30/0x30
[ 1442.307502][T27729]  ? __import_iovec+0x5f2/0x850
[ 1442.312438][T27729]  ? import_iovec+0x73/0xa0
[ 1442.317007][T27729]  ___sys_sendmsg+0x2a6/0x360
[ 1442.321766][T27729]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1442.326751][T27729]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1442.331662][T27729]  ? __x64_sys_sendmsg+0x80/0x80
[ 1442.336695][T27729]  do_syscall_64+0x55/0xa0
[ 1442.341177][T27729]  ? clear_bhb_loop+0x40/0x90
[ 1442.345918][T27729]  ? clear_bhb_loop+0x40/0x90
[ 1442.350682][T27729]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1442.356642][T27729] RIP: 0033:0x7f5d2179c799
[ 1442.361111][T27729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1442.380781][T27729] RSP: 002b:00007f5d22651028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1442.389272][T27729] RAX: ffffffffffffffda RBX: 00007f5d21a15fa0 RCX: 00007f5d2179c799
[ 1442.397300][T27729] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[ 1442.405321][T27729] RBP: 00007f5d21832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1442.413346][T27729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1442.421371][T27729] R13: 00007f5d21a16038 R14: 00007f5d21a15fa0 R15: 00007fffbf93d378
[ 1442.429425][T27729]  </TASK>
[ 1442.772977][T27742] __nla_validate_parse: 5 callbacks suppressed
[ 1442.773073][T27742] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.7311'.
[ 1442.799788][T27742] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.7311'.
[ 1442.815379][T27745] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.7311'.
[ 1442.828625][T27742] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.7311'.
[ 1442.845895][T27742] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.7311'.
[ 1443.069953][T27750] netlink: 'syz.3.7315': attribute type 2 has an invalid length.
[ 1443.104337][T27750] netlink: 'syz.3.7315': attribute type 8 has an invalid length.
[ 1443.112645][T27750] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7315'.
[ 1443.261165][T27755] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7317'.
[ 1443.280138][T27755] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.7317'.
[ 1443.300552][T27755] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7317'.
[ 1443.315030][T27758] netlink: 'syz.0.7318': attribute type 10 has an invalid length.
[ 1443.596338][T27764] netlink: 55 bytes leftover after parsing attributes in process `syz.4.7321'.
[ 1444.068180][T27770] debugfs: Directory '!!ô!ý' with parent 'ieee80211' already present!
[ 1444.160738][T27777] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1444.360835][T27781] dvmrp1: tun_chr_ioctl cmd 1074812117
[ 1445.938821][T27816] FAULT_INJECTION: forcing a failure.
[ 1445.938821][T27816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1445.952384][T27816] CPU: 1 PID: 27816 Comm: syz.2.7340 Not tainted syzkaller #0
[ 1445.959915][T27816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1445.970024][T27816] Call Trace:
[ 1445.973357][T27816]  <TASK>
[ 1445.976337][T27816]  dump_stack_lvl+0x18c/0x250
[ 1445.981173][T27816]  ? show_regs_print_info+0x20/0x20
[ 1445.986434][T27816]  ? load_image+0x400/0x400
[ 1445.991007][T27816]  ? __lock_acquire+0x7d40/0x7d40
[ 1445.996099][T27816]  should_fail_ex+0x39d/0x4d0
[ 1446.000850][T27816]  _copy_from_user+0x2f/0xe0
[ 1446.005496][T27816]  __copy_msghdr+0x3bb/0x580
[ 1446.010145][T27816]  ___sys_sendmsg+0x214/0x360
[ 1446.014850][T27816]  ? get_pid_task+0x20/0x1e0
[ 1446.019497][T27816]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1446.024311][T27816]  ? __lock_acquire+0x7d40/0x7d40
[ 1446.029391][T27816]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1446.034277][T27816]  ? __x64_sys_sendmsg+0x80/0x80
[ 1446.039277][T27816]  ? lockdep_hardirqs_on+0x98/0x150
[ 1446.044527][T27816]  do_syscall_64+0x55/0xa0
[ 1446.048984][T27816]  ? clear_bhb_loop+0x40/0x90
[ 1446.053701][T27816]  ? clear_bhb_loop+0x40/0x90
[ 1446.058428][T27816]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1446.064361][T27816] RIP: 0033:0x7f5d2179c799
[ 1446.068840][T27816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1446.088567][T27816] RSP: 002b:00007f5d22651028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1446.097017][T27816] RAX: ffffffffffffffda RBX: 00007f5d21a15fa0 RCX: 00007f5d2179c799
[ 1446.105023][T27816] RDX: 0000000000000000 RSI: 0000200000001640 RDI: 0000000000000006
[ 1446.113019][T27816] RBP: 00007f5d22651090 R08: 0000000000000000 R09: 0000000000000000
[ 1446.121052][T27816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1446.129055][T27816] R13: 00007f5d21a16038 R14: 00007f5d21a15fa0 R15: 00007fffbf93d378
[ 1446.137098][T27816]  </TASK>
[ 1446.279040][T27818] validate_nla: 5 callbacks suppressed
[ 1446.279060][T27818] netlink: 'syz.3.7341': attribute type 39 has an invalid length.
[ 1446.586672][T27829] netlink: 'syz.4.7346': attribute type 10 has an invalid length.
[ 1446.897219][T27839] netlink: 'syz.3.7350': attribute type 11 has an invalid length.
[ 1447.497448][T27849] netlink: 'syz.0.7355': attribute type 3 has an invalid length.
[ 1447.602195][T27855] netlink: 'syz.3.7357': attribute type 10 has an invalid length.
[ 1447.812383][T27857] __nla_validate_parse: 12 callbacks suppressed
[ 1447.812425][T27857] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7358'.
[ 1447.883327][T27857] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7358'.
[ 1447.904324][T27857] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7358'.
[ 1448.232331][T27868] delete_channel: no stack
[ 1448.248680][T27876] netlink: 'syz.2.7365': attribute type 19 has an invalid length.
[ 1448.262343][T27876] netlink: 55 bytes leftover after parsing attributes in process `syz.2.7365'.
[ 1448.441146][T27882] netlink: 'syz.2.7368': attribute type 10 has an invalid length.
[ 1449.180958][T27895] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7372'.
[ 1449.204336][T27895] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7372'.
[ 1449.222514][T27895] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7372'.
[ 1449.275085][T27899] netlink: 14556 bytes leftover after parsing attributes in process `syz.3.7374'.
[ 1449.472649][T27906] netlink: 'syz.3.7378': attribute type 10 has an invalid length.
[ 1450.002828][T27912] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.7380'.
[ 1450.208785][T27912] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.7380'.
[ 1450.798922][T27931] IPv6: pim6reg1: Disabled Multicast RS
[ 1450.998524][T27936] netlink: 'syz.0.7390': attribute type 10 has an invalid length.
[ 1451.113831][ T5779] Bluetooth: hci3: ISO packet for unknown connection handle 2622
[ 1451.390482][T27957] netlink: 'syz.0.7397': attribute type 21 has an invalid length.
[ 1452.566584][T27975] netlink: 'syz.2.7402': attribute type 10 has an invalid length.
[ 1452.629014][ T5779] Bluetooth: hci3: ISO packet for unknown connection handle 2622
[ 1452.811653][T27986] netlink: 'syz.2.7406': attribute type 9 has an invalid length.
[ 1452.859375][T27986] __nla_validate_parse: 8 callbacks suppressed
[ 1452.859394][T27986] netlink: 61951 bytes leftover after parsing attributes in process `syz.2.7406'.
[ 1453.800220][T27999] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7411'.
[ 1453.823991][T27999] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7411'.
[ 1453.848570][T27999] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7411'.
[ 1454.014520][T28007] netlink: 'syz.3.7414': attribute type 10 has an invalid length.
[ 1454.040533][ T5779] Bluetooth: hci0: ISO packet for unknown connection handle 2622
[ 1454.712495][T28032] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7424'.
[ 1454.730339][T28032] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7424'.
[ 1454.740427][T28032] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7424'.
[ 1454.964000][ T5779] Bluetooth: hci3: ISO packet for unknown connection handle 4095
[ 1455.154133][T28044] netlink: 'syz.3.7430': attribute type 12 has an invalid length.
[ 1455.230116][T28046] netlink: 'syz.4.7429': attribute type 10 has an invalid length.
[ 1455.379696][T28050] can: request_module (can-proto-0) failed.
[ 1455.545736][T28055] netlink: 'syz.4.7433': attribute type 4 has an invalid length.
[ 1455.568994][T28055] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.7433'.
[ 1455.587672][T28054] netlink: 'syz.4.7433': attribute type 4 has an invalid length.
[ 1455.599244][T28054] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.7433'.
[ 1455.655278][T28057] FAULT_INJECTION: forcing a failure.
[ 1455.655278][T28057] name failslab, interval 1, probability 0, space 0, times 0
[ 1455.723765][T28057] CPU: 1 PID: 28057 Comm: syz.2.7434 Not tainted syzkaller #0
[ 1455.731326][T28057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1455.741443][T28057] Call Trace:
[ 1455.744776][T28057]  <TASK>
[ 1455.747752][T28057]  dump_stack_lvl+0x18c/0x250
[ 1455.752492][T28057]  ? show_regs_print_info+0x20/0x20
[ 1455.757744][T28057]  ? load_image+0x400/0x400
[ 1455.762297][T28057]  ? __might_sleep+0xe0/0xe0
[ 1455.766926][T28057]  ? __lock_acquire+0x7d40/0x7d40
[ 1455.771994][T28057]  should_fail_ex+0x39d/0x4d0
[ 1455.776739][T28057]  should_failslab+0x9/0x20
[ 1455.781299][T28057]  slab_pre_alloc_hook+0x59/0x310
[ 1455.786498][T28057]  ? __xdp_reg_mem_model+0x1e4/0x5c0
[ 1455.791840][T28057]  __kmem_cache_alloc_node+0x53/0x250
[ 1455.797255][T28057]  ? __asan_memset+0x22/0x40
[ 1455.801889][T28057]  ? __xdp_reg_mem_model+0x1e4/0x5c0
[ 1455.807211][T28057]  kmalloc_trace+0x2a/0xe0
[ 1455.811669][T28057]  __xdp_reg_mem_model+0x1e4/0x5c0
[ 1455.816820][T28057]  ? kvmalloc_node+0x70/0x180
[ 1455.821535][T28057]  ? kvmalloc_node+0x70/0x180
[ 1455.826350][T28057]  ? xdp_reg_mem_model+0x40/0x40
[ 1455.831338][T28057]  xdp_reg_mem_model+0x22/0x40
[ 1455.836140][T28057]  bpf_test_run_xdp_live+0x262/0x1b20
[ 1455.841558][T28057]  ? 0xffffffffa0004740
[ 1455.845745][T28057]  ? 0xffffffffa0004740
[ 1455.849955][T28057]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[ 1455.855899][T28057]  ? 0xffffffffa0004740
[ 1455.860092][T28057]  ? xdp_convert_md_to_buff+0x330/0x330
[ 1455.865712][T28057]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[ 1455.872033][T28057]  ? _copy_from_user+0xa5/0xe0
[ 1455.876859][T28057]  ? bpf_test_init+0x119/0x140
[ 1455.881675][T28057]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1455.887246][T28057]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[ 1455.892775][T28057]  ? dev_put+0x80/0x80
[ 1455.896902][T28057]  ? dev_put+0x80/0x80
[ 1455.901033][T28057]  bpf_prog_test_run+0x321/0x390
[ 1455.906015][T28057]  __sys_bpf+0x49d/0x890
[ 1455.910291][T28057]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1455.915727][T28057]  ? lock_chain_count+0x20/0x20
[ 1455.920622][T28057]  __x64_sys_bpf+0x7c/0x90
[ 1455.925080][T28057]  do_syscall_64+0x55/0xa0
[ 1455.929538][T28057]  ? clear_bhb_loop+0x40/0x90
[ 1455.934248][T28057]  ? clear_bhb_loop+0x40/0x90
[ 1455.938963][T28057]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1455.944890][T28057] RIP: 0033:0x7f5d2179c799
[ 1455.949336][T28057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1455.968973][T28057] RSP: 002b:00007f5d22651028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1455.977428][T28057] RAX: ffffffffffffffda RBX: 00007f5d21a15fa0 RCX: 00007f5d2179c799
[ 1455.985433][T28057] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1455.993429][T28057] RBP: 00007f5d22651090 R08: 0000000000000000 R09: 0000000000000000
[ 1456.001429][T28057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1456.009426][T28057] R13: 00007f5d21a16038 R14: 00007f5d21a15fa0 R15: 00007fffbf93d378
[ 1456.017448][T28057]  </TASK>
[ 1456.067374][T28060] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7435'.
[ 1456.081431][ T5779] Bluetooth: hci3: ISO packet for unknown connection handle 5
[ 1456.401752][T28079] netlink: 'syz.0.7442': attribute type 10 has an invalid length.
[ 1456.563075][T28082] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1457.400087][ T5779] Bluetooth: hci3: ISO packet for unknown connection handle 0
[ 1457.578886][T28103] netlink: 'syz.4.7450': attribute type 19 has an invalid length.
[ 1457.840994][T28111] netlink: 'syz.3.7452': attribute type 10 has an invalid length.
[ 1458.173384][T28116] __nla_validate_parse: 9 callbacks suppressed
[ 1458.173429][T28116] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.7456'.
[ 1458.291634][T28116] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[ 1459.253962][T24032] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1459.275588][T24032] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1459.284900][T24032] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1459.295678][T24032] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1459.307042][T24032] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1459.315620][T24032] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1459.364583][T28137] netlink: 'syz.4.7464': attribute type 10 has an invalid length.
[ 1459.470470][T24054] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.519942][T28133] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7462'.
[ 1459.559322][T28133] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7462'.
[ 1459.613872][T28133] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7462'.
[ 1459.650129][T28139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1459.683697][T28139] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1459.706313][T28139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1459.723733][T28139] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1459.829278][T28146] netlink: 135856 bytes leftover after parsing attributes in process `syz.4.7468'.
[ 1459.921886][T24054] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1460.047410][T24054] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1460.206195][T24054] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1460.285036][T28160] netlink: 'syz.4.7473': attribute type 10 has an invalid length.
[ 1460.653041][T28134] chnl_net:caif_netlink_parms(): no params data found
[ 1460.860936][T28177] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7477'.
[ 1460.905533][T28177] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7477'.
[ 1460.953742][T28177] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7477'.
[ 1461.251096][T28134] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1461.281626][T28134] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1461.294772][T28134] bridge_slave_0: entered allmulticast mode
[ 1461.311254][T28134] bridge_slave_0: entered promiscuous mode
[ 1461.343644][ T5779] Bluetooth: hci4: command tx timeout
[ 1461.570203][T28196] netlink: 6 bytes leftover after parsing attributes in process `syz.3.7481'.
[ 1461.612920][T28196] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1461.680436][T28134] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1461.702941][T28134] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1461.726916][T28134] bridge_slave_1: entered allmulticast mode
[ 1461.739081][T28134] bridge_slave_1: entered promiscuous mode
[ 1461.860402][T28134] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1461.897115][T28134] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1462.093050][T28134] team0: Port device team_slave_0 added
[ 1462.114319][T28211] netlink: 'syz.0.7483': attribute type 10 has an invalid length.
[ 1462.219659][T28215] netlink: 'syz.4.7485': attribute type 10 has an invalid length.
[ 1462.233005][T28134] team0: Port device team_slave_1 added
[ 1462.440054][T28134] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1462.459062][T28134] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1462.510703][T28134] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1462.536875][T28134] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1462.552279][T28134] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1462.728409][T28134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1463.121028][T28220] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7487'.
[ 1463.155279][T28228] tun0: tun_chr_ioctl cmd 2147767519
[ 1463.423574][ T5779] Bluetooth: hci4: command tx timeout
[ 1463.454632][T28226] netlink: 'syz.0.7489': attribute type 29 has an invalid length.
[ 1463.574917][T28134] hsr_slave_0: entered promiscuous mode
[ 1463.604324][T28134] hsr_slave_1: entered promiscuous mode
[ 1463.621555][T28134] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1463.643541][T28134] Cannot create hsr debugfs directory
[ 1463.649528][T28226] netlink: 'syz.0.7489': attribute type 29 has an invalid length.
[ 1463.751966][T28232] netlink: 'syz.0.7489': attribute type 29 has an invalid length.
[ 1464.114124][T28256] netlink: 'syz.4.7493': attribute type 2 has an invalid length.
[ 1464.122137][T28256] netlink: 'syz.4.7493': attribute type 8 has an invalid length.
[ 1464.137343][T28261] FAULT_INJECTION: forcing a failure.
[ 1464.137343][T28261] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1464.153009][T28261] CPU: 1 PID: 28261 Comm: syz.0.7494 Not tainted syzkaller #0
[ 1464.160545][T28261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1464.170657][T28261] Call Trace:
[ 1464.173980][T28261]  <TASK>
[ 1464.176955][T28261]  dump_stack_lvl+0x18c/0x250
[ 1464.181694][T28261]  ? show_regs_print_info+0x20/0x20
[ 1464.186959][T28261]  ? load_image+0x400/0x400
[ 1464.191517][T28261]  ? __might_fault+0xaa/0x120
[ 1464.196254][T28261]  ? __lock_acquire+0x7d40/0x7d40
[ 1464.201345][T28261]  ? __might_fault+0xaa/0x120
[ 1464.206078][T28261]  should_fail_ex+0x39d/0x4d0
[ 1464.210823][T28261]  _copy_from_iter+0x1d9/0x12e0
[ 1464.215728][T28261]  ? __might_fault+0xaa/0x120
[ 1464.220452][T28261]  ? _copy_from_iter+0x24e/0x12e0
[ 1464.225525][T28261]  ? __virt_addr_valid+0x18c/0x540
[ 1464.230688][T28261]  ? __lock_acquire+0x7d40/0x7d40
[ 1464.235846][T28261]  ? copyout_mc+0x70/0x70
[ 1464.240264][T28261]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1464.246301][T28261]  ? copyout_mc+0x70/0x70
[ 1464.250688][T28261]  ? __virt_addr_valid+0x18c/0x540
[ 1464.255859][T28261]  ? page_copy_sane+0x16a/0x270
[ 1464.260776][T28261]  copy_page_from_iter+0x7b/0x100
[ 1464.265888][T28261]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[ 1464.271769][T28261]  tun_get_user+0x15db/0x3ca0
[ 1464.276565][T28261]  ? aa_file_perm+0x11b/0xee0
[ 1464.281308][T28261]  ? rcu_read_unlock+0xa0/0xa0
[ 1464.286136][T28261]  ? tun_get+0x1c/0x2e0
[ 1464.290347][T28261]  ? __lock_acquire+0x7d40/0x7d40
[ 1464.295427][T28261]  ? tun_get+0x1c/0x2e0
[ 1464.299641][T28261]  tun_chr_write_iter+0x119/0x200
[ 1464.304722][T28261]  vfs_write+0x46c/0x990
[ 1464.309026][T28261]  ? file_end_write+0x250/0x250
[ 1464.313958][T28261]  ? __fget_files+0x43d/0x4b0
[ 1464.318710][T28261]  ? __fdget_pos+0x1d8/0x330
[ 1464.323368][T28261]  ? ksys_write+0x75/0x260
[ 1464.327842][T28261]  ksys_write+0x150/0x260
[ 1464.332264][T28261]  ? __ia32_sys_read+0x90/0x90
[ 1464.337085][T28261]  ? lockdep_hardirqs_on+0x98/0x150
[ 1464.342347][T28261]  do_syscall_64+0x55/0xa0
[ 1464.346814][T28261]  ? clear_bhb_loop+0x40/0x90
[ 1464.351545][T28261]  ? clear_bhb_loop+0x40/0x90
[ 1464.356286][T28261]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1464.362236][T28261] RIP: 0033:0x7fb1cb99c799
[ 1464.366788][T28261] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1464.386456][T28261] RSP: 002b:00007fb1cc8f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1464.394924][T28261] RAX: ffffffffffffffda RBX: 00007fb1cbc16090 RCX: 00007fb1cb99c799
[ 1464.402955][T28261] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8
[ 1464.410979][T28261] RBP: 00007fb1cc8f1090 R08: 0000000000000000 R09: 0000000000000000
[ 1464.419012][T28261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1464.427032][T28261] R13: 00007fb1cbc16128 R14: 00007fb1cbc16090 R15: 00007ffe343482f8
[ 1464.435076][T28261]  </TASK>
[ 1464.443168][T28256] __nla_validate_parse: 2 callbacks suppressed
[ 1464.443185][T28256] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7493'.
[ 1464.743834][T28267] netlink: 'syz.3.7496': attribute type 10 has an invalid length.
[ 1464.881435][T28273] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7498'.
[ 1464.904979][T28273] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7498'.
[ 1464.930403][T28273] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7498'.
[ 1465.543016][ T5779] Bluetooth: hci4: command tx timeout
[ 1466.282878][ T5779] Bluetooth: hci3: unexpected subevent 0x0a length: 150 > 30
[ 1467.129817][T24054] hsr_slave_0: left promiscuous mode
[ 1467.184034][T24054] hsr_slave_1: left promiscuous mode
[ 1467.204376][T24054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1467.211910][T24054] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1467.290539][T24054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1467.333757][T24054] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1467.583651][T24032] Bluetooth: hci4: command tx timeout
[ 1467.715707][T24054] bridge_slave_1: left allmulticast mode
[ 1467.728579][T24054] bridge_slave_1: left promiscuous mode
[ 1467.736684][T24054] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1467.814769][T24054] bridge_slave_0: left allmulticast mode
[ 1467.820607][T24054] bridge_slave_0: left promiscuous mode
[ 1467.847817][T24054] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1468.076878][T24054] veth0_macvtap: left promiscuous mode
[ 1468.086848][T24054] veth1_vlan: left promiscuous mode
[ 1468.100278][T24054] veth0_vlan: left promiscuous mode
[ 1472.476931][T24054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1472.537041][T24054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1472.925764][T24054] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1472.936421][T24054] bond0 (unregistering): Released all slaves
[ 1473.052864][T28327] netlink: 'syz.3.7508': attribute type 10 has an invalid length.
[ 1473.062785][T28326] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7509'.
[ 1473.072277][T28326] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.7509'.
[ 1473.083407][T28326] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7509'.
[ 1473.265498][T28347] netlink: 'syz.3.7513': attribute type 10 has an invalid length.
[ 1473.273430][T28347] netlink: 55 bytes leftover after parsing attributes in process `syz.3.7513'.
[ 1473.381690][T28134] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1473.532642][T28351] netlink: 'syz.4.7514': attribute type 2 has an invalid length.
[ 1473.543248][T28351] netlink: 'syz.4.7514': attribute type 8 has an invalid length.
[ 1473.555889][T28351] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7514'.
[ 1473.576246][T28134] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1473.634065][T28134] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1473.695425][T28134] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1474.121193][T28361] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1474.299147][T28134] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1474.391810][T28134] 8021q: adding VLAN 0 to HW filter on device team0
[ 1474.539943][T24065] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1474.547275][T24065] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1474.604839][T28371] netlink: 'syz.4.7520': attribute type 10 has an invalid length.
[ 1474.631397][T28366] dvmrp1: tun_chr_ioctl cmd 1074812117
[ 1474.658765][T24065] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1474.665996][T24065] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1474.889705][T28378] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7522'.
[ 1474.928723][T28378] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.7522'.
[ 1474.959323][T28378] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7522'.
[ 1475.218360][T28389] syzkaller0: entered promiscuous mode
[ 1475.251822][T28389] syzkaller0: entered allmulticast mode
[ 1475.465700][T28404] FAULT_INJECTION: forcing a failure.
[ 1475.465700][T28404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1475.485651][T28405] netlink: 'syz.4.7527': attribute type 2 has an invalid length.
[ 1475.503807][T28404] CPU: 0 PID: 28404 Comm: syz.3.7528 Not tainted syzkaller #0
[ 1475.511363][T28404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1475.521472][T28404] Call Trace:
[ 1475.524796][T28404]  <TASK>
[ 1475.527770][T28404]  dump_stack_lvl+0x18c/0x250
[ 1475.532506][T28404]  ? show_regs_print_info+0x20/0x20
[ 1475.537775][T28404]  ? load_image+0x400/0x400
[ 1475.542344][T28404]  ? __might_fault+0xaa/0x120
[ 1475.547066][T28404]  ? __lock_acquire+0x7d40/0x7d40
[ 1475.552154][T28404]  should_fail_ex+0x39d/0x4d0
[ 1475.556918][T28404]  _copy_from_user+0x2f/0xe0
[ 1475.561566][T28404]  ____sys_sendmsg+0x2fd/0x960
[ 1475.566379][T28404]  ? __lock_acquire+0x7d40/0x7d40
[ 1475.571458][T28404]  ? __sys_sendmsg_sock+0x30/0x30
[ 1475.576530][T28404]  ? __import_iovec+0x3fa/0x850
[ 1475.581449][T28404]  ? import_iovec+0x73/0xa0
[ 1475.586024][T28404]  ___sys_sendmsg+0x2a6/0x360
[ 1475.590746][T28404]  ? get_pid_task+0x20/0x1e0
[ 1475.595417][T28404]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1475.600251][T28404]  ? __lock_acquire+0x7d40/0x7d40
[ 1475.605352][T28404]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1475.610263][T28404]  ? __x64_sys_sendmsg+0x80/0x80
[ 1475.615282][T28404]  ? lockdep_hardirqs_on+0x98/0x150
[ 1475.620556][T28404]  do_syscall_64+0x55/0xa0
[ 1475.625036][T28404]  ? clear_bhb_loop+0x40/0x90
[ 1475.629773][T28404]  ? clear_bhb_loop+0x40/0x90
[ 1475.634507][T28404]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1475.640459][T28404] RIP: 0033:0x7f8d3b99c799
[ 1475.644931][T28404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1475.665086][T28404] RSP: 002b:00007f8d3c7cb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1475.673572][T28404] RAX: ffffffffffffffda RBX: 00007f8d3bc15fa0 RCX: 00007f8d3b99c799
[ 1475.681594][T28404] RDX: 0000000000000000 RSI: 0000200000001640 RDI: 0000000000000006
[ 1475.689624][T28404] RBP: 00007f8d3c7cb090 R08: 0000000000000000 R09: 0000000000000000
[ 1475.697645][T28404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1475.705669][T28404] R13: 00007f8d3bc16038 R14: 00007f8d3bc15fa0 R15: 00007fff855d34d8
[ 1475.713715][T28404]  </TASK>
[ 1475.745330][T28405] netlink: 'syz.4.7527': attribute type 8 has an invalid length.
[ 1475.760348][T28405] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7527'.
[ 1475.828945][T28134] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1476.543620][ T5779] Bluetooth: hci0: command 0x0406 tx timeout
[ 1478.367331][T28134] veth0_vlan: entered promiscuous mode
[ 1478.407127][T28134] veth1_vlan: entered promiscuous mode
[ 1478.435611][T28411] netlink: 'syz.3.7529': attribute type 10 has an invalid length.
[ 1478.524018][T28134] veth0_macvtap: entered promiscuous mode
[ 1478.540887][T28134] veth1_macvtap: entered promiscuous mode
[ 1478.612942][T28134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1478.653514][T28134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.663434][T28134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1478.689175][T28134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.701084][T28134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1478.712167][T28134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.747155][T28134] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1478.778364][T28134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1478.789822][T28134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.801162][T28134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1478.812579][T28134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.832966][T28134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1478.864541][T28134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1478.895657][T28134] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1478.922965][T28134] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1478.954084][T28134] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1478.977103][T28134] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1479.000099][T28134] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1479.185750][T28433] bridge_slave_0: entered promiscuous mode
[ 1479.204841][T28433] bridge_slave_0: entered allmulticast mode
[ 1479.357658][T28432] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7535'.
[ 1479.373009][T28432] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7535'.
[ 1479.408775][T28432] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7535'.
[ 1479.450119][T28440] netlink: 830 bytes leftover after parsing attributes in process `syz.0.7536'.
[ 1479.462597][T24051] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1479.474230][T24051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1479.571310][T24057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1479.604743][T24057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1479.837207][T28448] netlink: 'syz.4.7539': attribute type 10 has an invalid length.
[ 1479.866578][T28451] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7540'.
[ 1480.111789][T28467] netlink: 'syz.0.7543': attribute type 3 has an invalid length.
[ 1480.139456][T28467] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.7543'.
[ 1480.640829][T28481] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7546'.
[ 1480.683743][T28481] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.7546'.
[ 1480.713934][T28481] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7546'.
[ 1480.741964][T28486] netlink: 'syz.2.7548': attribute type 21 has an invalid length.
[ 1480.752235][T28486] netlink: 'syz.2.7548': attribute type 1 has an invalid length.
[ 1480.796377][T28486] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1480.929478][T28493] netlink: 'syz.3.7551': attribute type 10 has an invalid length.
[ 1481.492678][T28506] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.7555'.
[ 1482.401391][T28541] netlink: 'syz.0.7564': attribute type 10 has an invalid length.
[ 1482.506021][T28535] netlink: 'syz.3.7562': attribute type 41 has an invalid length.
[ 1483.105162][T28563] netlink: 'syz.4.7569': attribute type 1 has an invalid length.
[ 1483.830614][T28588] netlink: 'syz.2.7576': attribute type 10 has an invalid length.
[ 1484.328981][T28588] team0 (unregistering): Port device team_slave_0 removed
[ 1484.487214][T28588] team0 (unregistering): Port device team_slave_1 removed
[ 1484.715499][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.721933][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.807051][T28611] netlink: 'syz.0.7583': attribute type 1 has an invalid length.
[ 1484.815253][T28611] __nla_validate_parse: 15 callbacks suppressed
[ 1484.815269][T28611] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.7583'.
[ 1485.449091][T28619] netlink: 'syz.3.7586': attribute type 13 has an invalid length.
[ 1485.459129][T28619] netlink: 'syz.3.7586': attribute type 58 has an invalid length.
[ 1485.467371][T28619] netlink: 152 bytes leftover after parsing attributes in process `syz.3.7586'.
[ 1486.910139][T28648] netlink: 'syz.2.7594': attribute type 10 has an invalid length.
[ 1486.972160][T28646] netlink: 17279 bytes leftover after parsing attributes in process `syz.4.7593'.
[ 1487.312413][T28653] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7598'.
[ 1487.333725][T28653] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7598'.
[ 1487.353997][T28653] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7598'.
[ 1488.022984][T28671] netlink: 'syz.4.7605': attribute type 10 has an invalid length.
[ 1488.127970][T28668] netlink: 'syz.3.7604': attribute type 10 has an invalid length.
[ 1488.832603][T28687] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7610'.
[ 1488.863418][T28687] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.7610'.
[ 1488.898373][T28687] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7610'.
[ 1489.006423][T28690] can: request_module (can-proto-0) failed.
[ 1489.253863][T28701] FAULT_INJECTION: forcing a failure.
[ 1489.253863][T28701] name failslab, interval 1, probability 0, space 0, times 0
[ 1489.266810][T28701] CPU: 0 PID: 28701 Comm: syz.3.7613 Not tainted syzkaller #0
[ 1489.274317][T28701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1489.284426][T28701] Call Trace:
[ 1489.287750][T28701]  <TASK>
[ 1489.290728][T28701]  dump_stack_lvl+0x18c/0x250
[ 1489.295480][T28701]  ? show_regs_print_info+0x20/0x20
[ 1489.300736][T28701]  ? load_image+0x400/0x400
[ 1489.305301][T28701]  ? perf_trace_preemptirq_template+0x269/0x330
[ 1489.311642][T28701]  should_fail_ex+0x39d/0x4d0
[ 1489.316391][T28701]  should_failslab+0x9/0x20
[ 1489.320951][T28701]  slab_pre_alloc_hook+0x59/0x310
[ 1489.326027][T28701]  ? ida_alloc_range+0x5e7/0x860
[ 1489.331017][T28701]  __kmem_cache_alloc_node+0x53/0x250
[ 1489.336453][T28701]  ? ida_alloc_range+0x5e7/0x860
[ 1489.341447][T28701]  kmalloc_trace+0x2a/0xe0
[ 1489.345924][T28701]  ida_alloc_range+0x5e7/0x860
[ 1489.350750][T28701]  ? idr_replace+0x1b0/0x1b0
[ 1489.355409][T28701]  __xdp_reg_mem_model+0x218/0x5c0
[ 1489.360590][T28701]  ? kvmalloc_node+0x70/0x180
[ 1489.365330][T28701]  ? xdp_reg_mem_model+0x40/0x40
[ 1489.370344][T28701]  xdp_reg_mem_model+0x22/0x40
[ 1489.375141][T28701]  bpf_test_run_xdp_live+0x262/0x1b20
[ 1489.380564][T28701]  ? 0xffffffffa0004740
[ 1489.384751][T28701]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[ 1489.390675][T28701]  ? 0xffffffffa0004740
[ 1489.394857][T28701]  ? xdp_convert_md_to_buff+0x330/0x330
[ 1489.400458][T28701]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[ 1489.406735][T28701]  ? _copy_from_user+0xa5/0xe0
[ 1489.411534][T28701]  ? bpf_test_init+0x119/0x140
[ 1489.416325][T28701]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1489.421813][T28701]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[ 1489.427230][T28701]  ? dev_put+0x80/0x80
[ 1489.431366][T28701]  ? dev_put+0x80/0x80
[ 1489.435462][T28701]  bpf_prog_test_run+0x321/0x390
[ 1489.440435][T28701]  __sys_bpf+0x49d/0x890
[ 1489.444711][T28701]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1489.450120][T28701]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1489.456326][T28701]  __x64_sys_bpf+0x7c/0x90
[ 1489.460773][T28701]  do_syscall_64+0x55/0xa0
[ 1489.465224][T28701]  ? clear_bhb_loop+0x40/0x90
[ 1489.469935][T28701]  ? clear_bhb_loop+0x40/0x90
[ 1489.474646][T28701]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1489.480565][T28701] RIP: 0033:0x7f8d3b99c799
[ 1489.485010][T28701] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1489.505342][T28701] RSP: 002b:00007f8d3c7cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1489.513793][T28701] RAX: ffffffffffffffda RBX: 00007f8d3bc15fa0 RCX: 00007f8d3b99c799
[ 1489.521790][T28701] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1489.529784][T28701] RBP: 00007f8d3c7cb090 R08: 0000000000000000 R09: 0000000000000000
[ 1489.537774][T28701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1489.545770][T28701] R13: 00007f8d3bc16038 R14: 00007f8d3bc15fa0 R15: 00007fff855d34d8
[ 1489.553868][T28701]  </TASK>
[ 1490.249767][T28717] netlink: 'syz.4.7616': attribute type 10 has an invalid length.
[ 1491.645543][T28738] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7623'.
[ 1491.734932][T28738] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7623'.
[ 1491.811536][T28738] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7623'.
[ 1495.436726][T28762] mac80211_hwsim hwsim132 »»»»»»: renamed from wlan0
[ 1496.024679][T28778] netlink: 'syz.4.7629': attribute type 10 has an invalid length.
[ 1496.052032][T28774] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7635'.
[ 1496.067337][T28774] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7635'.
[ 1496.083183][T28774] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7635'.
[ 1496.508506][T28783] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.7636'.
[ 1496.644634][T28783] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[ 1497.306412][T28812] netlink: 'syz.2.7647': attribute type 10 has an invalid length.
[ 1497.367247][T28810] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7648'.
[ 1497.408027][T28810] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7648'.
[ 1497.433575][T28810] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7648'.
[ 1497.815623][T28829] netlink: 6 bytes leftover after parsing attributes in process `syz.3.7656'.
[ 1497.861207][T28829] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1498.105184][T28835] netlink: 'syz.3.7659': attribute type 10 has an invalid length.
[ 1498.285688][T28839] netlink: 'syz.3.7661': attribute type 10 has an invalid length.
[ 1498.528546][T28842] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.7660'.
[ 1500.159962][T28847] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7663'.
[ 1500.175114][T28847] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7663'.
[ 1500.188799][T28847] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7663'.
[ 1500.433407][T28856] FAULT_INJECTION: forcing a failure.
[ 1500.433407][T28856] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1500.457672][T28856] CPU: 0 PID: 28856 Comm: syz.0.7667 Not tainted syzkaller #0
[ 1500.465215][T28856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1500.475316][T28856] Call Trace:
[ 1500.478634][T28856]  <TASK>
[ 1500.481590][T28856]  dump_stack_lvl+0x18c/0x250
[ 1500.486308][T28856]  ? show_regs_print_info+0x20/0x20
[ 1500.491539][T28856]  ? load_image+0x400/0x400
[ 1500.496078][T28856]  ? __might_fault+0xaa/0x120
[ 1500.500800][T28856]  ? __lock_acquire+0x7d40/0x7d40
[ 1500.505854][T28856]  ? lockdep_hardirqs_on+0x98/0x150
[ 1500.511083][T28856]  should_fail_ex+0x39d/0x4d0
[ 1500.515816][T28856]  _copy_from_iter+0x1d9/0x12e0
[ 1500.520710][T28856]  ? rep_movs_alternative+0x4a/0x90
[ 1500.525948][T28856]  ? _copy_from_iter+0x24e/0x12e0
[ 1500.531010][T28856]  ? __virt_addr_valid+0x18c/0x540
[ 1500.536245][T28856]  ? __lock_acquire+0x7d40/0x7d40
[ 1500.541300][T28856]  ? copyout_mc+0x70/0x70
[ 1500.545668][T28856]  ? copyout_mc+0x70/0x70
[ 1500.550045][T28856]  ? __virt_addr_valid+0x18c/0x540
[ 1500.555210][T28856]  ? page_copy_sane+0x16a/0x270
[ 1500.560115][T28856]  copy_page_from_iter+0x7b/0x100
[ 1500.565189][T28856]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[ 1500.571048][T28856]  tun_get_user+0x15db/0x3ca0
[ 1500.575789][T28856]  ? rcu_read_unlock+0xa0/0xa0
[ 1500.580694][T28856]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1500.586978][T28856]  ? tun_get+0x1c/0x2e0
[ 1500.591192][T28856]  ? __lock_acquire+0x7d40/0x7d40
[ 1500.596264][T28856]  ? tun_get+0x1c/0x2e0
[ 1500.600454][T28856]  tun_chr_write_iter+0x119/0x200
[ 1500.605509][T28856]  vfs_write+0x46c/0x990
[ 1500.609788][T28856]  ? file_end_write+0x250/0x250
[ 1500.614676][T28856]  ? __fget_files+0x43d/0x4b0
[ 1500.619392][T28856]  ? __fdget_pos+0x1d8/0x330
[ 1500.624013][T28856]  ? ksys_write+0x75/0x260
[ 1500.628473][T28856]  ksys_write+0x150/0x260
[ 1500.632838][T28856]  ? __ia32_sys_read+0x90/0x90
[ 1500.637643][T28856]  ? lockdep_hardirqs_on+0x98/0x150
[ 1500.642876][T28856]  do_syscall_64+0x55/0xa0
[ 1500.647328][T28856]  ? clear_bhb_loop+0x40/0x90
[ 1500.652030][T28856]  ? clear_bhb_loop+0x40/0x90
[ 1500.656736][T28856]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1500.662660][T28856] RIP: 0033:0x7fb1cb99c799
[ 1500.667104][T28856] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1500.686738][T28856] RSP: 002b:00007fb1cc912028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1500.695179][T28856] RAX: ffffffffffffffda RBX: 00007fb1cbc15fa0 RCX: 00007fb1cb99c799
[ 1500.703182][T28856] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8
[ 1500.711172][T28856] RBP: 00007fb1cc912090 R08: 0000000000000000 R09: 0000000000000000
[ 1500.719164][T28856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1500.727157][T28856] R13: 00007fb1cbc16038 R14: 00007fb1cbc15fa0 R15: 00007ffe343482f8
[ 1500.735192][T28856]  </TASK>
[ 1501.163177][T28855] netlink: 'syz.3.7666': attribute type 29 has an invalid length.
[ 1501.189062][T28855] netlink: 'syz.3.7666': attribute type 29 has an invalid length.
[ 1501.286280][T28863] netlink: 'syz.3.7666': attribute type 29 has an invalid length.
[ 1501.482194][T28870] netlink: 'syz.0.7672': attribute type 10 has an invalid length.
[ 1501.659895][T28876] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7675'.
[ 1501.670825][T28876] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7675'.
[ 1503.362612][T28901] netlink: 'syz.4.7685': attribute type 10 has an invalid length.
[ 1503.552890][T28907] netlink: 'syz.3.7687': attribute type 10 has an invalid length.
[ 1503.583754][T28907] __nla_validate_parse: 1 callbacks suppressed
[ 1503.583773][T28907] netlink: 55 bytes leftover after parsing attributes in process `syz.3.7687'.
[ 1503.730396][T28914] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1503.751282][T28909] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7688'.
[ 1503.773647][T28909] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.7688'.
[ 1503.803730][T28909] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7688'.
[ 1503.970079][T28920] netlink: 'syz.4.7693': attribute type 19 has an invalid length.
[ 1503.983174][T28920] netlink: 172 bytes leftover after parsing attributes in process `syz.4.7693'.
[ 1504.010454][T28920] netlink: 'syz.4.7693': attribute type 10 has an invalid length.
[ 1504.023682][T28920] netlink: 55 bytes leftover after parsing attributes in process `syz.4.7693'.
[ 1504.065179][T28921] netlink: 'syz.3.7692': attribute type 2 has an invalid length.
[ 1504.073170][T28921] netlink: 'syz.3.7692': attribute type 8 has an invalid length.
[ 1504.093675][T28921] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7692'.
[ 1504.698398][T28927] dvmrp1: tun_chr_ioctl cmd 1074812117
[ 1504.850893][T28935] FAULT_INJECTION: forcing a failure.
[ 1504.850893][T28935] name failslab, interval 1, probability 0, space 0, times 0
[ 1504.924246][T28935] CPU: 1 PID: 28935 Comm: syz.0.7699 Not tainted syzkaller #0
[ 1504.931890][T28935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1504.942029][T28935] Call Trace:
[ 1504.945356][T28935]  <TASK>
[ 1504.948331][T28935]  dump_stack_lvl+0x18c/0x250
[ 1504.953072][T28935]  ? show_regs_print_info+0x20/0x20
[ 1504.958329][T28935]  ? load_image+0x400/0x400
[ 1504.962886][T28935]  ? __lock_acquire+0x1273/0x7d40
[ 1504.967982][T28935]  should_fail_ex+0x39d/0x4d0
[ 1504.972808][T28935]  should_failslab+0x9/0x20
[ 1504.977384][T28935]  slab_pre_alloc_hook+0x59/0x310
[ 1504.982471][T28935]  kmem_cache_alloc+0x5a/0x2d0
[ 1504.987303][T28935]  ? dst_alloc+0x105/0x170
[ 1504.991779][T28935]  dst_alloc+0x105/0x170
[ 1504.996088][T28935]  ip_route_output_key_hash_rcu+0x14f6/0x2370
[ 1505.002220][T28935]  ? ip_route_output_key_hash+0x13d/0x330
[ 1505.008009][T28935]  ip_route_output_key_hash+0x1f3/0x330
[ 1505.013612][T28935]  ? ip_route_input_rcu+0x30f0/0x30f0
[ 1505.019135][T28935]  ? __lock_acquire+0x7d40/0x7d40
[ 1505.024213][T28935]  ip_route_output_flow+0x2a/0x150
[ 1505.029370][T28935]  ? security_sk_classify_flow+0x7b/0x90
[ 1505.035055][T28935]  raw_sendmsg+0x129a/0x1c00
[ 1505.039714][T28935]  ? compat_raw_ioctl+0x70/0x70
[ 1505.044642][T28935]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[ 1505.051107][T28935]  ? sock_rps_record_flow+0x19/0x3f0
[ 1505.056453][T28935]  ? inet_sendmsg+0x7c/0x2f0
[ 1505.061088][T28935]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1505.066428][T28935]  ? security_socket_sendmsg+0x80/0xa0
[ 1505.072025][T28935]  ? inet_send_prepare+0x260/0x260
[ 1505.077191][T28935]  ____sys_sendmsg+0x5ba/0x960
[ 1505.081999][T28935]  ? __lock_acquire+0x7d40/0x7d40
[ 1505.087081][T28935]  ? __sys_sendmsg_sock+0x30/0x30
[ 1505.092145][T28935]  ? __import_iovec+0x3fa/0x850
[ 1505.097069][T28935]  ? import_iovec+0x73/0xa0
[ 1505.101714][T28935]  ___sys_sendmsg+0x2a6/0x360
[ 1505.106443][T28935]  ? get_pid_task+0x20/0x1e0
[ 1505.111087][T28935]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1505.115927][T28935]  ? __lock_acquire+0x7d40/0x7d40
[ 1505.121118][T28935]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1505.126023][T28935]  ? __x64_sys_sendmsg+0x80/0x80
[ 1505.131028][T28935]  ? lockdep_hardirqs_on+0x98/0x150
[ 1505.136293][T28935]  do_syscall_64+0x55/0xa0
[ 1505.140775][T28935]  ? clear_bhb_loop+0x40/0x90
[ 1505.145521][T28935]  ? clear_bhb_loop+0x40/0x90
[ 1505.150257][T28935]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1505.156199][T28935] RIP: 0033:0x7fb1cb99c799
[ 1505.160661][T28935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1505.180361][T28935] RSP: 002b:00007fb1cc912028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1505.188834][T28935] RAX: ffffffffffffffda RBX: 00007fb1cbc15fa0 RCX: 00007fb1cb99c799
[ 1505.196868][T28935] RDX: 0000000000000000 RSI: 0000200000001640 RDI: 0000000000000006
[ 1505.204890][T28935] RBP: 00007fb1cc912090 R08: 0000000000000000 R09: 0000000000000000
[ 1505.212911][T28935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1505.220937][T28935] R13: 00007fb1cbc16038 R14: 00007fb1cbc15fa0 R15: 00007ffe343482f8
[ 1505.228978][T28935]  </TASK>
[ 1505.451143][T28945] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7702'.
[ 1505.485024][T28945] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7702'.
[ 1505.514957][T28945] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7702'.
[ 1507.209770][T28957] validate_nla: 3 callbacks suppressed
[ 1507.209791][T28957] netlink: 'syz.0.7707': attribute type 10 has an invalid length.
[ 1507.965549][T28986] netlink: 'syz.0.7717': attribute type 3 has an invalid length.
[ 1508.112300][T28993] netlink: 'syz.3.7719': attribute type 10 has an invalid length.
[ 1509.400863][T29006] netlink: 'syz.2.7726': attribute type 10 has an invalid length.
[ 1509.428107][T29018] __nla_validate_parse: 10 callbacks suppressed
[ 1509.428145][T29018] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7729'.
[ 1509.895145][T29026] netlink: 'syz.3.7733': attribute type 10 has an invalid length.
[ 1509.939918][T29021] delete_channel: no stack
[ 1510.217790][T29038] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.7738'.
[ 1510.238167][T29038] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.7738'.
[ 1510.265821][T29038] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7738'.
[ 1510.310962][T29043] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.7740'.
[ 1510.532921][T29048] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.7741'.
[ 1510.574242][T29053] bridge_slave_0: mtu less than device minimum
[ 1510.591634][T29048] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.7741'.
[ 1510.704159][T29057] netlink: 'syz.3.7746': attribute type 10 has an invalid length.
[ 1511.149867][T29080] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7753'.
[ 1511.183652][T29080] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7753'.
[ 1511.192865][T29080] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7753'.
[ 1511.232687][T29081] netlink: 'syz.4.7754': attribute type 29 has an invalid length.
[ 1511.268419][T29081] netlink: 'syz.4.7754': attribute type 29 has an invalid length.
[ 1511.436543][T29085] netlink: 'syz.4.7754': attribute type 29 has an invalid length.
[ 1511.486998][T29085] netlink: 'syz.4.7754': attribute type 3 has an invalid length.
[ 1511.904114][T29101] syzkaller0: entered allmulticast mode
[ 1512.148064][T29103] delete_channel: no stack
[ 1512.152869][T29103] delete_channel: no stack
[ 1512.361511][T29115] validate_nla: 1 callbacks suppressed
[ 1512.361529][T29115] netlink: 'syz.4.7765': attribute type 10 has an invalid length.
[ 1512.425099][T29116] netlink: 'syz.4.7765': attribute type 10 has an invalid length.
[ 1512.520011][T29122] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[ 1512.943271][T29138] netlink: 'syz.2.7771': attribute type 10 has an invalid length.
[ 1513.607831][T29149] netlink: 'syz.4.7775': attribute type 3 has an invalid length.
[ 1514.228011][T29168] netlink: 'syz.0.7782': attribute type 10 has an invalid length.
[ 1514.506612][T29176] can: request_module (can-proto-0) failed.
[ 1514.697610][T29191] __nla_validate_parse: 9 callbacks suppressed
[ 1514.697674][T29191] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7789'.
[ 1514.721104][T29191] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.7789'.
[ 1514.731949][T29191] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7789'.
[ 1514.834444][T29193] netlink: 'syz.3.7790': attribute type 3 has an invalid length.
[ 1514.861306][T29193] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.7790'.
[ 1517.944212][T29214] netlink: 'syz.4.7796': attribute type 10 has an invalid length.
[ 1518.533365][T29233] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7801'.
[ 1518.556219][T29233] netlink: 6324 bytes leftover after parsing attributes in process `syz.4.7801'.
[ 1518.576770][T29233] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7801'.
[ 1518.719224][T29238] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.7804'.
[ 1518.761788][T29242] netlink: 'syz.2.7806': attribute type 10 has an invalid length.
[ 1519.128643][T29250] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.7809'.
[ 1519.188932][T29250] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[ 1519.203961][T29250] CPU: 0 PID: 29250 Comm: syz.4.7809 Not tainted syzkaller #0
[ 1519.211529][T29250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1519.221643][T29250] Call Trace:
[ 1519.224971][T29250]  <TASK>
[ 1519.227947][T29250]  dump_stack_lvl+0x18c/0x250
[ 1519.232693][T29250]  ? show_regs_print_info+0x20/0x20
[ 1519.237967][T29250]  ? load_image+0x400/0x400
[ 1519.242554][T29250]  sysfs_warn_dup+0x8e/0xa0
[ 1519.247109][T29250]  sysfs_do_create_link_sd+0xc0/0x110
[ 1519.252546][T29250]  device_add_class_symlinks+0x1cf/0x240
[ 1519.258252][T29250]  device_add+0x507/0xc20
[ 1519.262659][T29250]  wiphy_register+0x1dad/0x2ae0
[ 1519.267601][T29250]  ? cfg80211_event_work+0x40/0x40
[ 1519.272773][T29250]  ? minstrel_ht_alloc+0x88a/0x990
[ 1519.277965][T29250]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[ 1519.284107][T29250]  ieee80211_register_hw+0x3464/0x4250
[ 1519.289665][T29250]  ? ieee80211_tasklet_handler+0x20/0x20
[ 1519.295362][T29250]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1519.301305][T29250]  ? __debug_object_init+0xec/0x450
[ 1519.306555][T29250]  ? __asan_memset+0x22/0x40
[ 1519.311188][T29250]  ? __hrtimer_init+0x186/0x270
[ 1519.316072][T29250]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[ 1519.321858][T29250]  ? mac80211_hwsim_free+0x220/0x220
[ 1519.327180][T29250]  ? rcu_is_watching+0x15/0xb0
[ 1519.331979][T29250]  ? kstrndup+0xbd/0x140
[ 1519.336271][T29250]  hwsim_new_radio_nl+0xdc9/0x1a90
[ 1519.341437][T29250]  ? __nla_validate+0x50/0x50
[ 1519.346170][T29250]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[ 1519.352553][T29250]  ? __nla_parse+0x40/0x50
[ 1519.357003][T29250]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[ 1519.363386][T29250]  genl_family_rcv_msg_doit+0x211/0x310
[ 1519.369003][T29250]  ? end_current_label_crit_section+0x170/0x170
[ 1519.375288][T29250]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[ 1519.381233][T29250]  ? bpf_lsm_capable+0x9/0x10
[ 1519.385962][T29250]  ? security_capable+0x89/0xb0
[ 1519.390856][T29250]  genl_rcv_msg+0x619/0x7a0
[ 1519.395394][T29250]  ? genl_bind+0x360/0x360
[ 1519.399840][T29250]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[ 1519.406242][T29250]  ? lockdep_hardirqs_on+0x98/0x150
[ 1519.411506][T29250]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1519.417724][T29250]  netlink_rcv_skb+0x241/0x4d0
[ 1519.422544][T29250]  ? genl_bind+0x360/0x360
[ 1519.426993][T29250]  ? netlink_ack+0x1180/0x1180
[ 1519.431804][T29250]  ? __lock_acquire+0x7d40/0x7d40
[ 1519.436874][T29250]  ? down_read+0x1ac/0x2e0
[ 1519.441340][T29250]  genl_rcv+0x28/0x40
[ 1519.445363][T29250]  netlink_unicast+0x751/0x8d0
[ 1519.450173][T29250]  netlink_sendmsg+0x8d0/0xbf0
[ 1519.454979][T29250]  ? netlink_getsockopt+0x590/0x590
[ 1519.460225][T29250]  ? netlink_getsockopt+0x590/0x590
[ 1519.465475][T29250]  ____sys_sendmsg+0x5ba/0x960
[ 1519.470378][T29250]  ? __asan_memset+0x22/0x40
[ 1519.475018][T29250]  ? __sys_sendmsg_sock+0x30/0x30
[ 1519.480072][T29250]  ? __import_iovec+0x5f2/0x850
[ 1519.484965][T29250]  ? import_iovec+0x73/0xa0
[ 1519.489594][T29250]  ___sys_sendmsg+0x2a6/0x360
[ 1519.494311][T29250]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1519.499120][T29250]  ? trace_call_bpf+0xc3/0x6c0
[ 1519.503917][T29250]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[ 1519.510218][T29250]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1519.515118][T29250]  ? __x64_sys_sendmsg+0x80/0x80
[ 1519.520118][T29250]  ? lockdep_hardirqs_on+0x98/0x150
[ 1519.525365][T29250]  do_syscall_64+0x55/0xa0
[ 1519.529906][T29250]  ? clear_bhb_loop+0x40/0x90
[ 1519.534617][T29250]  ? clear_bhb_loop+0x40/0x90
[ 1519.539329][T29250]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1519.545252][T29250] RIP: 0033:0x7fdae579c799
[ 1519.549693][T29250] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1519.569453][T29250] RSP: 002b:00007fdae6696028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1519.577926][T29250] RAX: ffffffffffffffda RBX: 00007fdae5a15fa0 RCX: 00007fdae579c799
[ 1519.586023][T29250] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[ 1519.594038][T29250] RBP: 00007fdae5832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1519.602062][T29250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1519.610069][T29250] R13: 00007fdae5a16038 R14: 00007fdae5a15fa0 R15: 00007fff9b332208
[ 1519.618317][T29250]  </TASK>
[ 1520.125248][T29268] netlink: 'syz.3.7816': attribute type 10 has an invalid length.
[ 1520.204611][T29270] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.7817'.
[ 1520.220696][T29270] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.7817'.
[ 1520.244313][T29270] netlink: 2 bytes leftover after parsing attributes in process `syz.2.7817'.
[ 1520.564125][T29290] netlink: 6 bytes leftover after parsing attributes in process `syz.2.7826'.
[ 1520.591564][T29290] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1546.152378][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.159101][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1567.907157][T24032] Bluetooth: hci3: command 0x0406 tx timeout
[ 1607.593996][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.600399][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1625.473469][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1625.480260][    C1] rcu: 	1-....: (10499 ticks this GP) idle=1afc/1/0x4000000000000000 softirq=118862/118862 fqs=4958
[ 1625.492409][    C1] rcu: 	         hardirqs   softirqs   csw/system
[ 1625.498887][    C1] rcu: 	 number:  1397627          0            0
[ 1625.505323][    C1] rcu: 	cputime:    17138      35341           72   ==> 52500(ms)
[ 1625.513195][    C1] rcu: 	(t=10502 jiffies g=160893 q=782 ncpus=2)
[ 1625.519579][    C1] CPU: 1 PID: 29286 Comm: syz.4.7824 Not tainted syzkaller #0
[ 1625.527097][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1625.537258][    C1] RIP: 0010:unwind_next_frame+0x1c6/0x2970
[ 1625.543108][    C1] Code: 48 c7 c3 e0 4b c8 8a e9 65 04 00 00 49 89 df 48 89 6c 24 10 48 c7 c3 00 00 00 81 4c 89 ff 48 c7 c6 00 00 00 81 e8 8a e6 4b 00 <49> 81 ff 00 00 00 81 40 0f 92 c5 4c 89 ff 48 c7 c6 00 00 c0 8a e8
[ 1625.562843][    C1] RSP: 0018:ffffc900001f0470 EFLAGS: 00000246
[ 1625.568942][    C1] RAX: ffffffff813b37e6 RBX: ffffffff81000000 RCX: ffff8880458ada00
[ 1625.576947][    C1] RDX: 0000000000000100 RSI: ffffffff81000000 RDI: ffffffff813b6761
[ 1625.584945][    C1] RBP: ffffc900001f05f8 R08: ffffc900001f0600 R09: 0000000000000000
[ 1625.593028][    C1] R10: ffffc900001f05a8 R11: fffff5200003e0c1 R12: ffffc900001f05a8
[ 1625.601029][    C1] R13: dffffc0000000000 R14: ffffc900001f05dd R15: ffffffff813b6761
[ 1625.609055][    C1] FS:  00007fdae66966c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1625.618016][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1625.624634][    C1] CR2: 0000000100000000 CR3: 000000002f7b2000 CR4: 00000000003506e0
[ 1625.632635][    C1] DR0: 0000000000000000 DR1: 0000200000000300 DR2: 0000200000000300
[ 1625.640657][    C1] DR3: 0000200000000300 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 1625.648677][    C1] Call Trace:
[ 1625.651989][    C1]  <IRQ>
[ 1625.654879][    C1]  ? __unwind_start+0x2d2/0x7e0
[ 1625.659781][    C1]  __unwind_start+0x66a/0x7e0
[ 1625.664500][    C1]  ? stack_trace_save+0x100/0x100
[ 1625.669561][    C1]  arch_stack_walk+0xf8/0x190
[ 1625.674279][    C1]  ? __unwind_start+0x2d2/0x7e0
[ 1625.679170][    C1]  stack_trace_save+0xaa/0x100
[ 1625.683978][    C1]  ? stack_trace_snprint+0xf0/0xf0
[ 1625.689129][    C1]  ? perf_trace_run_bpf_submit+0x1c0/0x1c0
[ 1625.694961][    C1]  ? ktime_get+0x7f/0x280
[ 1625.699313][    C1]  kasan_set_track+0x4e/0x70
[ 1625.703973][    C1]  __kasan_slab_alloc+0x6c/0x80
[ 1625.708870][    C1]  slab_post_alloc_hook+0x6e/0x4b0
[ 1625.714020][    C1]  kmem_cache_alloc_node+0x14c/0x320
[ 1625.719354][    C1]  ? __alloc_skb+0x103/0x2c0
[ 1625.723990][    C1]  __alloc_skb+0x103/0x2c0
[ 1625.728459][    C1]  ndisc_alloc_skb+0xa6/0x450
[ 1625.733185][    C1]  ndisc_send_rs+0x2a6/0x610
[ 1625.737822][    C1]  addrconf_rs_timer+0x2d5/0x630
[ 1625.742792][    C1]  ? addrconf_disable_policy_idev+0x480/0x480
[ 1625.748886][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1625.754908][    C1]  call_timer_fn+0x189/0x540
[ 1625.759526][    C1]  ? addrconf_disable_policy_idev+0x480/0x480
[ 1625.765652][    C1]  ? call_timer_fn+0xd2/0x540
[ 1625.770352][    C1]  ? __run_timers+0x800/0x800
[ 1625.775158][    C1]  ? addrconf_disable_policy_idev+0x480/0x480
[ 1625.781258][    C1]  __run_timers+0x542/0x800
[ 1625.785798][    C1]  ? detach_timer+0x2b0/0x2b0
[ 1625.790600][    C1]  ? lock_chain_count+0x20/0x20
[ 1625.795497][    C1]  run_timer_softirq+0x67/0xf0
[ 1625.800283][    C1]  handle_softirqs+0x280/0x820
[ 1625.805079][    C1]  ? __irq_exit_rcu+0xd3/0x190
[ 1625.809869][    C1]  ? do_softirq+0x1a0/0x1a0
[ 1625.814404][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[ 1625.819636][    C1]  __irq_exit_rcu+0xd3/0x190
[ 1625.824248][    C1]  ? irq_exit_rcu+0x20/0x20
[ 1625.828784][    C1]  irq_exit_rcu+0x9/0x20
[ 1625.833132][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1625.838790][    C1]  </IRQ>
[ 1625.841746][    C1]  <TASK>
[ 1625.844707][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1625.850808][    C1] RIP: 0010:generic_exec_single+0x481/0x4f0
[ 1625.856727][    C1] Code: 75 11 e8 72 03 0b 00 48 85 db 75 16 e8 68 03 0b 00 eb 15 e8 61 03 0b 00 e8 3c fb 08 09 48 85 db 74 ea e8 52 03 0b 00 fb 31 c0 <48> c7 44 24 20 0e 36 e0 45 4b c7 04 2c 00 00 00 00 43 c7 44 2c 08
[ 1625.876358][    C1] RSP: 0018:ffffc900031f7a00 EFLAGS: 00000246
[ 1625.882450][    C1] RAX: 0000000000000000 RBX: 0000000000000200 RCX: 0000000000080000
[ 1625.890446][    C1] RDX: ffffc9000d86b000 RSI: 00000000000020d3 RDI: 00000000000020d4
[ 1625.898446][    C1] RBP: ffffc900031f7ad0 R08: ffffffff911c15ff R09: 1ffffffff22382bf
[ 1625.906443][    C1] R10: dffffc0000000000 R11: fffffbfff22382c0 R12: 1ffff9200063ef44
[ 1625.914441][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff9200063ef65
[ 1625.922453][    C1]  ? event_function+0x300/0x300
[ 1625.927338][    C1]  ? smp_call_function_single+0x5a0/0x5a0
[ 1625.933092][    C1]  ? percpu_counter_add_batch+0x1f1/0x2a0
[ 1625.938843][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[ 1625.944087][    C1]  ? smp_call_function_single+0xb0/0x5a0
[ 1625.949929][    C1]  smp_call_function_single+0x36d/0x5a0
[ 1625.955503][    C1]  ? event_function+0x300/0x300
[ 1625.960387][    C1]  ? flush_smp_call_function_queue+0x250/0x250
[ 1625.966614][    C1]  ? event_function+0x300/0x300
[ 1625.971510][    C1]  perf_install_in_context+0x5be/0x920
[ 1625.977008][    C1]  ? exclusive_event_installable+0x2c0/0x2c0
[ 1625.983020][    C1]  ? add_event_to_ctx+0x1180/0x1180
[ 1625.988262][    C1]  ? anon_inode_getfile+0x109/0x1a0
[ 1625.993499][    C1]  ? perf_event__header_size+0x165/0x220
[ 1625.999170][    C1]  __se_sys_perf_event_open+0x1836/0x1c50
[ 1626.004935][    C1]  ? __x64_sys_perf_event_open+0xc0/0xc0
[ 1626.010629][    C1]  ? lock_chain_count+0x20/0x20
[ 1626.015514][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[ 1626.020741][    C1]  ? __x64_sys_perf_event_open+0x20/0xc0
[ 1626.026496][    C1]  do_syscall_64+0x55/0xa0
[ 1626.030949][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1626.035751][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1626.040458][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1626.046378][    C1] RIP: 0033:0x7fdae579c799
[ 1626.050833][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1626.070471][    C1] RSP: 002b:00007fdae6696028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 1626.078914][    C1] RAX: ffffffffffffffda RBX: 00007fdae5a15fa0 RCX: 00007fdae579c799
[ 1626.087004][    C1] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000300
[ 1626.095000][    C1] RBP: 00007fdae5832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1626.102999][    C1] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 1626.111001][    C1] R13: 00007fdae5a16038 R14: 00007fdae5a15fa0 R15: 00007fff9b332208
[ 1626.119014][    C1]  </TASK>