last executing test programs:

16.746332732s ago: executing program 0 (id=9387):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp={0x0}, 0x21, 0x0, 0x0, 0x6, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_config_ext, 0x806, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa06"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

16.341519056s ago: executing program 0 (id=9400):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp={0x0}, 0x21, 0x0, 0x0, 0x6, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_config_ext, 0x806, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa06"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

9.516314904s ago: executing program 2 (id=9431):
socket$kcm(0xa, 0x5, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x189703, 0x0)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000001580))
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x41064400, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0x1, 0x1000000}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@call={0x85, 0x0, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r2, 0x2000012, 0xe, 0x0, &(0x7f0000000000)="63ec90c97b265715fe27cd9359a4", 0x0, 0xe6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xd}, 0x50)
r3 = socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000002100)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0xa0300, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x6}, 0x10, 0x0, 0x80000003, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r4, 0x84, 0x71, &(0x7f0000000000), 0x8)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB], 0x10b8}, 0xff00)

5.89701341s ago: executing program 2 (id=9446):
r0 = syz_clone(0x40240000, &(0x7f00000001c0)="41a4f76f3b", 0x5, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x8918, 0x0)
perf_event_open(&(0x7f0000000380)={0x1, 0xb7, 0x4, 0x0, 0x9f, 0xd4, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_bp={0x0}, 0xa04, 0x200000000000c8, 0x0, 0x6, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2}, r0, 0x8, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x40002100)
write$cgroup_subtree(r4, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd63fc80fc020c2f00db5b686158bbcfe8875a060300000023000000000000000000000000ac1414aa3a2008"], 0xfdef)

4.783982476s ago: executing program 2 (id=9452):
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x104943, 0x400ac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x3, 0x4, 0x3fe, 0x7ffffffc, 0x400, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_hsr\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080)) (fail_nth: 4)

4.179312676s ago: executing program 4 (id=9457):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
socket$kcm(0x10, 0x2, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x604800, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x4, @perf_config_ext={0x8, 0x830d}, 0x102302, 0x2, 0xfefffffa, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="030000000400000004000000b5"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xc1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x0, 0x11, 0x0, &(0x7f0000000140)="c1dfb082cd21d308098ee68886ddd78af5", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000004c0)={r4, 0x58, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040)=r5)
r6 = getpid()
perf_event_open(0x0, r6, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000600)={0x4, 0x80, 0x0, 0x1, 0x1, 0x5, 0x0, 0x8000000000000000, 0x100, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xd, 0x3, @perf_bp={&(0x7f00000005c0)}, 0x3a00, 0x1, 0x7fe, 0x0, 0x5, 0x6, 0x1, 0x0, 0x3, 0x0, 0x3}, r6, 0x10, 0xffffffffffffffff, 0x2)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="851000000100000018120000", @ANYRES32=r0, @ANYBLOB="000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000200000b7020000db0000008500000086000000"], &(0x7f00000000c0)='syzkaller\x00', 0xeae1, 0x0, 0x0, 0x41100, 0x28, '\x00', r5, 0x0, r7, 0x8, &(0x7f0000000140)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x1, 0x9, 0x9, 0x9}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f00000001c0)=[{0x3, 0x3, 0xb, 0x8}, {0x2, 0x3, 0x1, 0xa}, {0x0, 0x4, 0x7, 0x8}, {0x5, 0x5, 0xc, 0xa}, {0x0, 0x2, 0xf}, {0x4, 0x3, 0x0, 0x2}, {0x0, 0x3, 0x7, 0x1}, {0x2, 0x1, 0x2, 0xc}], 0x10, 0xc74}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007d00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r9}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111b100000000008510000002000000850000000000000095000000000000009500a505a17bc0ad"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x6}, 0x70)

3.054860212s ago: executing program 4 (id=9459):
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x104943, 0x400ac5d}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa8, 0xa8, 0x3, [@decl_tag={0x9, 0x0, 0x0, 0x11, 0x3, 0x1}, @enum={0xb, 0x2, 0x0, 0x6, 0x4, [{0x3, 0x8}, {0x2, 0xe}]}, @ptr={0xb, 0x0, 0x0, 0x2, 0x4}, @type_tag={0x1, 0x0, 0x0, 0x12, 0x1}, @restrict={0x5, 0x0, 0x0, 0xb, 0x3}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0xf, 0x2, 0x1}}, @restrict={0x4, 0x0, 0x0, 0xb, 0x5}, @enum={0x7, 0x2, 0x0, 0x6, 0x4, [{0x4}, {0x0, 0xffffffff}]}, @volatile={0x3, 0x0, 0x0, 0x9, 0x1}, @volatile={0x5, 0x0, 0x0, 0x9, 0x3}]}, {0x0, [0x30]}}, &(0x7f0000000500)=""/203, 0xc3, 0xcb, 0x1, 0xffffffff}, 0x28)
r0 = socket$kcm(0x23, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x8927, &(0x7f0000000000))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4081, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x15, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x114, 0x1d, 0x0, 0x4)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x3, 0x4, 0x3fe, 0x7ffffffc, 0x400, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_hsr\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r3, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x1, 0x12)
ioctl$TUNSETCARRIER(r4, 0x400454e2, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

2.442267951s ago: executing program 4 (id=9460):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1005000023000000080000000500800000000000", @ANYRES32, @ANYBLOB="1000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x20}, 0x1f00)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000002800)={0x18, 0x40, &(0x7f0000000c40)=ANY=[@ANYRES32=r2, @ANYBLOB, @ANYBLOB, @ANYRES32=r2, @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a5000000185000000600000000000000000000000251040006000000b7080000000000007b8af8ff00000000b7080000020000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000e40)='syzkaller\x00', 0x0, 0x0, &(0x7f0000000e80), 0x40f00, 0x40, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001080)={0x4, 0xb, 0x2, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000027c0)=[r2, r0, r0, 0xffffffffffffffff, 0xffffffffffffffff, r2, r2], 0x0, 0x10, 0x7}, 0x94)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x1c, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200}, 0x10c002, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90524fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
r5 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r5, &(0x7f00000003c0)={&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000100)="b7", 0x1}], 0x1}, 0x40080c0)
r6 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r6, 0x1, 0x3e, 0x0, 0x0)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r7 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r7, &(0x7f0000000080)={&(0x7f0000001340)=@hci={0x1f, 0x300, 0x37}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000100)="0000000000000000000000fa88a8", 0x36}], 0x1}, 0x4000080)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x8, 0x0, 0x4000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000003c0)="d8000000180081064e81f782db4cb904021d0800fe027c05e8fe55a10a0005000140020003600e41b0000900ac0006e01100000016000500014002000000035c3b61c1d67f6f94007174cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001b14d6d930dfe1d9d322fe7c4650b5b9bd6ee6f63f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b4ff010000000000000dd6e4edef3d93452a09004b43370e9703920723f97e46bb5c07540d3b", 0xd8}], 0x1}, 0x0)

2.440938241s ago: executing program 2 (id=9461):
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x1c, 0x4, 0x0, 0x0, 0x0, 0x3, 0x80400, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000002c0)}, 0x10cb4b, 0x400ad5c, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x158, 0x158, 0x4, [@fwd={0xb}, @float={0x6, 0x0, 0x0, 0x10, 0x8}, @volatile={0x9, 0x0, 0x0, 0x9, 0x4}, @restrict={0x5, 0x0, 0x0, 0xb, 0x5}, @decl_tag={0xe, 0x0, 0x0, 0x11, 0x3, 0x9}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x2e, 0x0, 0x5e}, @func_proto={0x0, 0x8, 0x0, 0xd, 0x0, [{0x2, 0x2}, {0xa, 0x3}, {0x5, 0x5}, {0xd, 0x5}, {0xa, 0x2}, {0x3, 0x5}, {0xa}, {0xb, 0x2}]}, @enum={0x2, 0x7, 0x0, 0x6, 0x4, [{0x10, 0x5}, {0x1, 0x47b7}, {0x5, 0x10001}, {0x7, 0x4}, {0xc, 0xfffeffff}, {0xf, 0x7}, {0x10, 0x2}]}, @enum64={0x4, 0x9, 0x0, 0x13, 0x1, 0x0, [{0x10, 0x1000, 0x3}, {0x7, 0x8, 0x3}, {0x10, 0x8, 0xfffff5d9}, {0xf, 0x6, 0xb20}, {0xb, 0x8001, 0x3}, {0xa, 0x8000}, {0xa, 0x7, 0x9}, {0x7, 0x4, 0x7}, {0x3, 0x5, 0x3}]}]}, {0x0, [0x5f, 0x5f]}}, &(0x7f0000000500)=""/98, 0x174, 0x62, 0x0, 0x7}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, r0}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}], 0x20, 0x2000c081}, 0x8000)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x3, 0x4, 0x3fe, 0x7ffffffc, 0x400, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_hsr\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair(0x10, 0x3, 0x3, &(0x7f0000000040))
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$OBJ_PIN_PROG(0x11, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x75, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x68}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

2.246019328s ago: executing program 1 (id=9463):
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x104943, 0x400ac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x3, 0x4, 0x3fe, 0x7ffffffc, 0x400, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_hsr\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080)) (fail_nth: 4)

2.245540218s ago: executing program 0 (id=9392):
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x108282, 0xac5d, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000001, 0xffffffff}, 0x800, 0x0, 0x0, 0x2, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$kcm(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000080000004000000003"], 0x50)
socket$kcm(0x2, 0x3, 0x84)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.memory_pressure\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="2c000000000000000000000007000000441805"], 0x30}, 0x7e8166965e22236a)

1.719482295s ago: executing program 0 (id=9465):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2}, 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x1500, &(0x7f0000000140)=[{&(0x7f0000000180)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe55a10a000500014002020a600e41b0000900ac00060211000000160012000a00ff110048035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1e, 0xe, &(0x7f00000022c0)=ANY=[@ANYRES64=r0], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xa5, 0xa, 0x0, 0x0, 0xffe4, 0x61, 0x11, 0x60}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d, 0x0, 0x1, 0x800, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xc2bb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="1400000004000000080000000600000000000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000000000000000000000cf96c1520dcce2bf5c7af68c2d81c248e78992b444d0aa4f9717e1", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r5, &(0x7f0000000140), 0x0}, 0x20)
r6 = syz_clone(0xa0800, 0x0, 0x0, &(0x7f0000000740), &(0x7f0000000780), 0x0)
perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0x9, 0x80, 0xc, 0x99, 0x0, 0x4, 0xfc918, 0xd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x4, 0x5}, 0x3005, 0x5, 0x5, 0x5, 0x0, 0x4, 0x187c, 0x0, 0x8001, 0x0, 0x5414}, r6, 0x2, 0xffffffffffffffff, 0x1)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000100000000000000", @ANYRES32=0x1, @ANYBLOB="0546c0fb250f888ea00000adc7c8000000000000000000ba8cd7a4ae64c5ee73167a3a7d9b35b425ed5dc6517b8f0589787a382e1fdb2124510000000000000005688bd2bf4d4d560500c086f8622b0aa46b28efe2c3378b42bd2670a1141c5f61fd945c1ced3a439088c0f671e6", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000020000000500"/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000dc0)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0}}, 0x10)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r10}, &(0x7f0000000280), &(0x7f0000000240)=r9}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18080000000000000000000000000000181200", @ANYRES32=r10], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_lsm={0x1d, 0xc, &(0x7f0000000280)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @map_val={0x18, 0x2, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x6}, @ldst={0x5, 0x0, 0x1, 0x87571a564c06c633, 0xa, 0xfffffffffffffffc, 0x8}], &(0x7f0000000300)='GPL\x00', 0xfffffe3f, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0x0, 0x5, 0x40}, 0x10, r8, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff, r10]}, 0x94)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.avg_queue_size\x00', 0x26e1, 0x0)
close(r11)
write$cgroup_pid(r11, &(0x7f0000000100), 0x12)
write$cgroup_pid(r11, &(0x7f00000005c0), 0x12)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0x9, 0x8, 0x10000, 0x80, r3, 0x64e9, '\x00', 0x0, r11, 0x4, 0x0, 0x3}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x36}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x18000000000002a0, 0x10, 0x0, &(0x7f00000005c0)="5aee41dea43e00005486f92def4dd72d", 0x0, 0xf004, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.53598771s ago: executing program 1 (id=9467):
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x8)
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x8c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x10800a, 0x6f5f, 0x8000, 0x0, 0x0, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x8, 0x1, 0x5, 0x2, 0x0, 0xd, 0x2204, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xcf48, 0x2, @perf_bp={0x0, 0x1}, 0x643, 0x6, 0x7, 0x7, 0xd, 0x2, 0xb1, 0x0, 0xe52, 0x0, 0x38000000}, 0x0, 0x6, 0xffffffffffffffff, 0x8)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x2}, 0x20)
perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, r0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d, 0x9, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000940)={'veth1_to_hsr\x00', 0x400})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
write$cgroup_int(r1, &(0x7f0000000240)=0x2, 0x12)

1.482399582s ago: executing program 2 (id=9468):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0xa}, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x101}, 0x104046}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000010040), 0x4)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000010000)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000005b000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48)

1.281645199s ago: executing program 3 (id=9470):
socket$kcm(0xa, 0x1, 0x0) (async)
r0 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r0, &(0x7f0000001e00)={&(0x7f0000000280)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-ce)\x00'}, 0x80, 0x0}, 0x20000005)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711203000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.191383402s ago: executing program 0 (id=9471):
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x104943, 0x400ac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0x17, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x8}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
socket$kcm(0x29, 0xa, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_hsr\x00'})
r4 = perf_event_open(&(0x7f0000000240)={0xc47b80ccc258b6c4, 0x80, 0x3, 0x9, 0x0, 0x0, 0x0, 0x8, 0x8010, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000040), 0xa}, 0x109000, 0x4, 0x6, 0x1, 0x6, 0x10001, 0xb7, 0x0, 0x200, 0x0, 0x5d9d}, 0xffffffffffffffff, 0xc, r3, 0x8)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r4, 0x40042409, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61123000000000006113340000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="d8000000190081054e81f782db4cb9041c140800fe007c05e8fe55a10a0015000200142603600e12080005007f370401a8000600200002400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x98ffffff}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8946, &(0x7f0000000080))

1.035882127s ago: executing program 3 (id=9472):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071121d000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x1f, 0x0, 0x1, 0x2000, 0x10000}, 0x28)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd63"], 0xfdef)
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0xc2ba, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000002000000b705000008000000850000006900000095", @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b70800000c300000638af8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018240000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xb, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r2, 0x5, 0xe, 0x0, &(0x7f00000000c0)="469dc2d342e2b7000091000000000bcf48f3ac4e19a56ceb0b42c0", 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x22)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001240)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000ac0)="ee", 0x1}, {0x0, 0x2}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000a80)={0x0, 0x0, 0x0}, 0x40000002)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)
socket$kcm(0x10, 0x2, 0x10)

965.173909ms ago: executing program 1 (id=9473):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x60}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp={0x0}, 0x21, 0x0, 0x0, 0x6, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_config_ext, 0x806, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa06"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

838.975153ms ago: executing program 3 (id=9474):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="000000000400"/20, @ANYRES32, @ANYBLOB="000b78a38b4949a8ae2eaf4f9f10e9c169e7c507059ca60f7133160deb00b60000706de29156373639ee5a300e79a2b076a23ac6ecd8c619c22c731acf02caae4ebf89ca47f57da329cb959d0316f9901c16be0f7237df15375ff65900", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x127)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000400)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x41, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, 0x0}, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f00000000c0)={r1})
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)="140000002f000b6c8cff00380529fc60077678cf", 0x14}], 0x1}, 0x4884)
r3 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r3, 0x84, 0x9, &(0x7f0000000380), 0x98)
r4 = socket$kcm(0x1e, 0x4, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0x1c, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r5, @ANYBLOB="00000000000000b7080000050000007b9778ff00000000020000000000000007020000f8fffffff48c56ea4bf9901540e41fb7030085000000820000001811000000", @ANYRES32=r5, @ANYRES8=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0xe, 0x0, &(0x7f00000002c0)="b8000005000000005baf2312bbc2", 0x0, 0x12000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r4, &(0x7f0000000100)={&(0x7f0000000040)=@tipc=@name={0x1e, 0x2, 0x1, {{}, 0x3}}, 0x80, 0x0}, 0x40040)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='pids.events\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2a040, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="b40000000000000079104800000000007900380000000000950074000000000022187069f9fb6bdbca6359d81e8eecd7934bdcd758593c4e4ead4367ee3caad7a68421695cdba2a119ca79a0a9a842dbeba155bc249578ff037773a2813b594c769c354a802307ef4ea733072570de61c55077543278cb2f2ce50f80aa94017b5ba8805cdd558a7eb801e1a9442402e596944d7dc5db8c2aa2a96eb2ba810078c32e228ea525f9dabdd2de349bf424610dc6a94b237888800628fa480e7d411df454c90cf5e070b0fa21c5fa54a65b920e43e67e9d7a6094bda46a016e7b8f9edbb8eea6638fb7"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x21)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40305829, 0x0)
perf_event_open(&(0x7f0000000280)={0x7, 0x80, 0x17, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x10, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x642, 0x9}, 0x0, 0x0, 0x7fffffff, 0x6, 0x7ff, 0x1, 0xb}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'sit0\x00', @local})
mkdirat$cgroup(r7, &(0x7f0000000180)='syz0\x00', 0x1ff)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

606.67906ms ago: executing program 1 (id=9475):
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x104943, 0x400ac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x3, 0x4, 0x3fe, 0x7ffffffc, 0x400, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_hsr\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8910, &(0x7f0000000080))

570.045341ms ago: executing program 4 (id=9476):
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x104943, 0x400ac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_hsr\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8910, &(0x7f0000000080))

542.017492ms ago: executing program 3 (id=9477):
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x108282, 0xac5d, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000001, 0xffffffff}, 0x800, 0x0, 0x0, 0x2, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$kcm(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000080000004000000003"], 0x50)
socket$kcm(0x2, 0x3, 0x84)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.memory_pressure\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, 0x0, 0x30}, 0x7e8166965e22236a)

314.303579ms ago: executing program 1 (id=9478):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000c7de00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000362434ccdaf46a0a4701e6c76ddc8c66360d92c36eb7714e90ef98382254cb5007f1d094600c17242ea45130bc2a39f18434cc77bd942a384d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x8c, 0x1, 0x0, 0x0, 0x0, 0x3, 0x4c0a0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b3, 0x0, @perf_config_ext={0x20000002}, 0x5280, 0x0, 0x0, 0x9, 0x1, 0xd, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

314.087719ms ago: executing program 4 (id=9479):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x4cf6dd15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0xc2ba, 0x0, 0x4000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x24040110)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0x17, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
socket$kcm(0x10, 0x2, 0x0)

313.855699ms ago: executing program 3 (id=9480):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x40010040)
r2 = socket$kcm(0x2c, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x11b, 0x2, &(0x7f0000000900), 0x4)

258.134311ms ago: executing program 2 (id=9481):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x4cf6dd15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0xc2ba, 0x0, 0x4000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x24040110)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0x17, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0) (fail_nth: 2)
socket$kcm(0x10, 0x2, 0x0)

203.699953ms ago: executing program 0 (id=9482):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2}, 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x1500, &(0x7f0000000140)=[{&(0x7f0000000180)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe55a10a000500014002020a600e41b0000900ac00060211000000160012000a00ff110048035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1e, 0xe, &(0x7f00000022c0)=ANY=[@ANYRES64=r0], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xa5, 0xa, 0x0, 0x0, 0xffe4, 0x61, 0x11, 0x60}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d, 0x0, 0x1, 0x800, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xc2bb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="1400000004000000080000000600000000000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000000000000000000000cf96c1520dcce2bf5c7af68c2d81c248e78992b444d0aa4f9717e1", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r5, &(0x7f0000000140), 0x0}, 0x20)
r6 = syz_clone(0xa0800, 0x0, 0x0, &(0x7f0000000740), &(0x7f0000000780), 0x0)
perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0x9, 0x80, 0xc, 0x99, 0x0, 0x4, 0xfc918, 0xd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x4, 0x5}, 0x3005, 0x5, 0x5, 0x5, 0x0, 0x4, 0x187c, 0x0, 0x8001, 0x0, 0x5414}, r6, 0x2, 0xffffffffffffffff, 0x1)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000100000000000000", @ANYRES32=0x1, @ANYBLOB="0546c0fb250f888ea00000adc7c8000000000000000000ba8cd7a4ae64c5ee73167a3a7d9b35b425ed5dc6517b8f0589787a382e1fdb2124510000000000000005688bd2bf4d4d560500c086f8622b0aa46b28efe2c3378b42bd2670a1141c5f61fd945c1ced3a439088c0f671e6", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000020000000500"/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000dc0)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0}}, 0x10)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r10}, &(0x7f0000000280), &(0x7f0000000240)=r9}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18080000000000000000000000000000181200", @ANYRES32=r10], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_lsm={0x1d, 0xc, &(0x7f0000000280)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @map_val={0x18, 0x2, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x6}, @ldst={0x5, 0x0, 0x1, 0x87571a564c06c633, 0xa, 0xfffffffffffffffc, 0x8}], &(0x7f0000000300)='GPL\x00', 0xfffffe3f, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0x0, 0x5, 0x40}, 0x10, r8, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff, r10]}, 0x94)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.avg_queue_size\x00', 0x26e1, 0x0)
close(r11)
write$cgroup_pid(r11, &(0x7f0000000100), 0x12)
write$cgroup_pid(r11, &(0x7f00000005c0), 0x12)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0x9, 0x8, 0x10000, 0x80, r3, 0x64e9, '\x00', 0x0, r11, 0x4, 0x0, 0x3}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x36}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x18000000000002a0, 0x10, 0x0, &(0x7f00000005c0)="5aee41dea43e00005486f92def4dd72d", 0x0, 0xf004, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

99.002516ms ago: executing program 3 (id=9483):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xb6123, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_config_ext={0xfff, 0x10}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r3, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0], 0x0, 0x83, &(0x7f0000000380)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000003c0), &(0x7f00000004c0), 0x8, 0xb4, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0xe, 0x2, 0x9, 0x37, 0x8, r1, 0x0, '\x00', r4, r3, 0x0, 0x1}, 0x50)
ioctl$TUNSETCARRIER(r3, 0x400454e2, &(0x7f00000001c0))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080b01000000e8fe55a11800150006", 0x21}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b9040a00000700", 0x15}], 0x1}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x33fe0)

69.886427ms ago: executing program 4 (id=9484):
r0 = gettid()
r1 = perf_event_open$cgroup(&(0x7f0000000480)={0x3, 0x80, 0xd, 0x0, 0x5, 0xa, 0x0, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, @perf_bp={&(0x7f0000000040)}, 0x1000, 0x7, 0x0, 0x4, 0x40, 0xd, 0x1, 0x0, 0x4, 0x0, 0xc}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, r0, 0x10, r1, 0x2)
r2 = socket$kcm(0x1e, 0x4, 0x0)
sendmsg$inet(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0xc000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x24040110)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000008000000040000000000000700000000030000000000000f01000000000000000000000d0200000000002e2e5f"], 0x0, 0x44}, 0x20)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0x17, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000e562be7039204c0c000000000039c450a7d756daf952d88e23dbe0fbc432c4642769b94603ba7a2302fda95ae7ee6295d8fee3b87c73106bed3a944d4c17a6693454921df0eb9a805003384d7f2d59e54dfaff4b3e24b89583a9a1aabc174d4816f7ed171586076dd7241253540117c773797d73def08a91204b703a5bc0499ec13f685c900012d418c52516", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000045000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000440)="b9ff033168440372b89e14f00800", 0x0, 0xa, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b70200000f001700bfa300000000000007030000f0ffffff720af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754d98b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8cf632c2604eab3a62a28611da1cae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412e1bdebae06edb51a134301b4627d4927287daf9dcae6720334862f3a18094f1edd9e3503379815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2f09e99f4ab5546ba1e5ad6a329f24e73a9c38eec34bd4dcc1609f6150e2de72f6599a2310c3841f4bb7f39cabc82c9fdfff5587ed4fa84090635fa3445c4cc54478b2f98320944ac7cb1c4e414556f7b0b763a00a84327cec7e11b3470f0384b27bbfdd8b2472497e7fe8c5df7e0a00641872472efa21c9ad3979e642dcc85c17ca8e084aa9689b83426e2fdaa01f500000000000000000000f9fd84fa991466ff749afe900d02281b2bb60d458340c4f68ec34835760ceca945bf181a000000c000000000b4a76515564ae189de7c1765f0ff68a0388ca8dd2aa831d0e01f0d7ce74401a58cef60e63e97a50c18de54121ce66380224ab7b9c0d4710f2347bad2c9b3e41cc738c1092728687f33e5cdb077223dc82c2137b4e3ba6791a2cd764e654f904c9505b7c5e3b2897072e747534952dcda50cde3e4deb6ebf85a04c3e415112b01eed6515c845a8a20519cd21787d560e9d8283fa8ff0c17b63ba06577c26678ff45420a1f85df47dbfc44e534f71aae5693fb5df61c5096219091ce0cd8e1e2e79bf9d37779e52007c66a00e6ded1499ed3892ed1544d1577906b52e16c734d4aec07dd15faa768c97298be87dd34ce704ffe3da8b46708cf972de4f31c0705ac933db80bdcfcb35c0d4620d4ec270ff7c9ce1b78994dd2b28b9d1c5c469d4c1a61781dce2f1b54d6138bd3f7df9e9ca613bec407c1b8d1bd0c7cb9d76eebf2f17c"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000140)="b9ff03076003008cd4aa9c18ed0f", 0x0, 0xfe5, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0xf0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$kcm(0x10, 0x2, 0x0)

0s ago: executing program 1 (id=9485):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x60}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp={0x0}, 0x21, 0x0, 0x0, 0x6, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_config_ext, 0x806, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa06"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

link: 55631 bytes leftover after parsing attributes in process `syz.4.8684'.
[ 1505.406035][T29570] netlink: 'syz.4.8686': attribute type 29 has an invalid length.
[ 1505.451943][T29570] netlink: 'syz.4.8686': attribute type 29 has an invalid length.
[ 1505.481013][T29573] netlink: 'syz.4.8686': attribute type 29 has an invalid length.
[ 1505.531864][T29570] FAULT_INJECTION: forcing a failure.
[ 1505.531864][T29570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1505.583334][T29570] CPU: 0 PID: 29570 Comm: syz.4.8686 Not tainted syzkaller #0
[ 1505.590839][T29570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1505.600918][T29570] Call Trace:
[ 1505.604221][T29570]  <TASK>
[ 1505.607179][T29570]  dump_stack_lvl+0x188/0x24e
[ 1505.611901][T29570]  ? show_regs_print_info+0x12/0x12
[ 1505.617141][T29570]  ? load_image+0x400/0x400
[ 1505.621670][T29570]  ? __lock_acquire+0x7d10/0x7d10
[ 1505.626725][T29570]  ? perf_trace_lock+0xf8/0x390
[ 1505.631628][T29570]  should_fail_ex+0x399/0x4d0
[ 1505.636318][T29570]  _copy_from_user+0x2c/0x170
[ 1505.641010][T29570]  ___sys_recvmsg+0x172/0x590
[ 1505.645718][T29570]  ? __sys_recvmsg+0x290/0x290
[ 1505.650524][T29570]  ? common_file_perm+0x171/0x1c0
[ 1505.655572][T29570]  ? __fget_files+0x43d/0x4b0
[ 1505.660283][T29570]  __x64_sys_recvmsg+0x205/0x2e0
[ 1505.665243][T29570]  ? ___sys_recvmsg+0x590/0x590
[ 1505.670122][T29570]  ? lockdep_hardirqs_on+0x94/0x140
[ 1505.675335][T29570]  do_syscall_64+0x4c/0xa0
[ 1505.679775][T29570]  ? clear_bhb_loop+0x60/0xb0
[ 1505.684472][T29570]  ? clear_bhb_loop+0x60/0xb0
[ 1505.689196][T29570]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1505.695111][T29570] RIP: 0033:0x7fe2a139ce59
[ 1505.699539][T29570] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1505.719159][T29570] RSP: 002b:00007fe2a22c7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1505.727586][T29570] RAX: ffffffffffffffda RBX: 00007fe2a1615fa0 RCX: 00007fe2a139ce59
[ 1505.735573][T29570] RDX: 0000000000010002 RSI: 0000200000000780 RDI: 0000000000000003
[ 1505.743575][T29570] RBP: 00007fe2a22c7090 R08: 0000000000000000 R09: 0000000000000000
[ 1505.751560][T29570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1505.759538][T29570] R13: 00007fe2a1616038 R14: 00007fe2a1615fa0 R15: 00007ffddedf7e08
[ 1505.767530][T29570]  </TASK>
[ 1505.777652][T29575] netlink: 'syz.0.8688': attribute type 29 has an invalid length.
[ 1505.808170][T29575] netlink: 'syz.0.8688': attribute type 29 has an invalid length.
[ 1505.819841][T29575] netlink: 'syz.0.8688': attribute type 29 has an invalid length.
[ 1505.834958][T29575] netlink: 'syz.0.8688': attribute type 29 has an invalid length.
[ 1506.210833][T29591] netlink: 'syz.1.8695': attribute type 10 has an invalid length.
[ 1506.240702][T29591] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1506.620170][T29589] netlink: 'syz.0.8690': attribute type 5 has an invalid length.
[ 1506.810873][T29606] netlink: 164 bytes leftover after parsing attributes in process `syz.3.8700'.
[ 1506.883653][T29606] netlink: 'syz.3.8700': attribute type 10 has an invalid length.
[ 1506.934591][T29606] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1506.995610][T29606] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1507.029024][T29606] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1507.064765][T29606] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1507.222070][T29610] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8702'.
[ 1507.237500][T29610] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1507.700533][T29628] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1508.068877][T29643] netlink: 164 bytes leftover after parsing attributes in process `syz.0.8714'.
[ 1508.183015][T29643] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1508.290179][T29643] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1508.348675][T29643] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1508.414504][T29643] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1508.778929][T29656] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8718'.
[ 1508.831057][T29656] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1509.679312][T29687] netlink: 164 bytes leftover after parsing attributes in process `syz.0.8730'.
[ 1509.700976][T29687] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1509.720245][T29687] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1509.742492][T29687] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1509.759298][T29687] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1510.224580][T29698] netlink: 164 bytes leftover after parsing attributes in process `syz.2.8744'.
[ 1510.286754][T29698] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1510.302115][T29698] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1510.317007][T29698] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1510.347032][T29698] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1510.377003][T29700] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8734'.
[ 1510.723257][T29708] FAULT_INJECTION: forcing a failure.
[ 1510.723257][T29708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1510.756936][T29708] CPU: 1 PID: 29708 Comm: syz.1.8737 Not tainted syzkaller #0
[ 1510.764541][T29708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1510.774623][T29708] Call Trace:
[ 1510.777928][T29708]  <TASK>
[ 1510.780885][T29708]  dump_stack_lvl+0x188/0x24e
[ 1510.785604][T29708]  ? show_regs_print_info+0x12/0x12
[ 1510.790838][T29708]  ? load_image+0x400/0x400
[ 1510.795374][T29708]  ? __lock_acquire+0x7d10/0x7d10
[ 1510.800449][T29708]  should_fail_ex+0x399/0x4d0
[ 1510.805172][T29708]  _copy_from_user+0x2c/0x170
[ 1510.809901][T29708]  ___sys_sendmsg+0x1c3/0x360
[ 1510.814621][T29708]  ? __sys_sendmsg+0x290/0x290
[ 1510.819443][T29708]  ? ktime_get_real_ts64+0x440/0x440
[ 1510.824782][T29708]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1510.829674][T29708]  ? __x64_sys_sendmsg+0x80/0x80
[ 1510.834666][T29708]  ? lockdep_hardirqs_on+0x94/0x140
[ 1510.839908][T29708]  do_syscall_64+0x4c/0xa0
[ 1510.844360][T29708]  ? clear_bhb_loop+0x60/0xb0
[ 1510.849077][T29708]  ? clear_bhb_loop+0x60/0xb0
[ 1510.853790][T29708]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1510.859722][T29708] RIP: 0033:0x7eff9cb9ce59
[ 1510.864166][T29708] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1510.883799][T29708] RSP: 002b:00007eff9adf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1510.892222][T29708] RAX: ffffffffffffffda RBX: 00007eff9ce15fa0 RCX: 00007eff9cb9ce59
[ 1510.900226][T29708] RDX: 0000000020040000 RSI: 0000200000000240 RDI: 000000000000000c
[ 1510.908204][T29708] RBP: 00007eff9adf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1510.916181][T29708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1510.924162][T29708] R13: 00007eff9ce16038 R14: 00007eff9ce15fa0 R15: 00007ffe94dedd58
[ 1510.932151][T29708]  </TASK>
[ 1511.337905][T29733] device caif0 entered promiscuous mode
[ 1511.381874][T29735] netlink: 164 bytes leftover after parsing attributes in process `syz.1.8748'.
[ 1511.419713][T29735] validate_nla: 7 callbacks suppressed
[ 1511.419729][T29735] netlink: 'syz.1.8748': attribute type 10 has an invalid length.
[ 1511.434484][T29735] device hsr0 entered promiscuous mode
[ 1511.440182][T29735] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1511.474556][T29735] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1511.504768][T29735] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1511.534487][T29735] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1511.552077][T29742] FAULT_INJECTION: forcing a failure.
[ 1511.552077][T29742] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1511.570574][T29742] CPU: 1 PID: 29742 Comm: syz.3.8751 Not tainted syzkaller #0
[ 1511.578077][T29742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1511.588157][T29742] Call Trace:
[ 1511.591466][T29742]  <TASK>
[ 1511.594406][T29742]  dump_stack_lvl+0x188/0x24e
[ 1511.599124][T29742]  ? show_regs_print_info+0x12/0x12
[ 1511.604354][T29742]  ? load_image+0x400/0x400
[ 1511.608888][T29742]  ? __lock_acquire+0x7d10/0x7d10
[ 1511.613952][T29742]  ? snprintf+0xe5/0x140
[ 1511.618226][T29742]  should_fail_ex+0x399/0x4d0
[ 1511.622938][T29742]  _copy_to_user+0x2c/0x130
[ 1511.627479][T29742]  simple_read_from_buffer+0xe3/0x150
[ 1511.632880][T29742]  proc_fail_nth_read+0x1a6/0x220
[ 1511.637952][T29742]  ? proc_fault_inject_write+0x310/0x310
[ 1511.643622][T29742]  ? fsnotify_perm+0x248/0x550
[ 1511.648420][T29742]  ? proc_fault_inject_write+0x310/0x310
[ 1511.654087][T29742]  vfs_read+0x2de/0xa00
[ 1511.658285][T29742]  ? kernel_read+0x1e0/0x1e0
[ 1511.662879][T29742]  ? __fget_files+0x28/0x4b0
[ 1511.667477][T29742]  ? __fget_files+0x28/0x4b0
[ 1511.672092][T29742]  ? __fget_files+0x43d/0x4b0
[ 1511.676793][T29742]  ? __fdget_pos+0x2ae/0x360
[ 1511.681395][T29742]  ? ksys_read+0x71/0x250
[ 1511.685747][T29742]  ksys_read+0x14c/0x250
[ 1511.689994][T29742]  ? vfs_write+0xa30/0xa30
[ 1511.694419][T29742]  ? lockdep_hardirqs_on+0x94/0x140
[ 1511.699615][T29742]  do_syscall_64+0x4c/0xa0
[ 1511.704032][T29742]  ? clear_bhb_loop+0x60/0xb0
[ 1511.708724][T29742]  ? clear_bhb_loop+0x60/0xb0
[ 1511.713428][T29742]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1511.719326][T29742] RIP: 0033:0x7f238075d68e
[ 1511.723740][T29742] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1511.743342][T29742] RSP: 002b:00007f23816b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1511.751748][T29742] RAX: ffffffffffffffda RBX: 00007f23816b86c0 RCX: 00007f238075d68e
[ 1511.759729][T29742] RDX: 000000000000000f RSI: 00007f23816b80a0 RDI: 0000000000000007
[ 1511.767714][T29742] RBP: 00007f23816b8090 R08: 0000000000000000 R09: 0000000000000000
[ 1511.775711][T29742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1511.783719][T29742] R13: 00007f2380a16038 R14: 00007f2380a15fa0 R15: 00007ffec0697c88
[ 1511.791744][T29742]  </TASK>
[ 1511.911338][T29746] netlink: 'syz.2.8752': attribute type 5 has an invalid length.
[ 1515.276794][T29774] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.8761'.
[ 1515.306149][T29774] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.8761'.
[ 1516.582685][T29787] netlink: 132 bytes leftover after parsing attributes in process `syz.1.8762'.
[ 1516.827578][T29807] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8771'.
[ 1517.410449][T29815] netlink: 'syz.0.8774': attribute type 5 has an invalid length.
[ 1517.466957][T29824] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.8778'.
[ 1517.504078][T29824] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.8778'.
[ 1517.705112][T29828] netlink: 'syz.2.8780': attribute type 10 has an invalid length.
[ 1517.725724][T29830] netlink: 'syz.1.8781': attribute type 2 has an invalid length.
[ 1517.733500][T29830] netlink: 'syz.1.8781': attribute type 1 has an invalid length.
[ 1517.752652][T29828] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8780'.
[ 1517.785984][T29828] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1517.807802][T29830] netlink: 170140 bytes leftover after parsing attributes in process `syz.1.8781'.
[ 1519.190607][T29862] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.8791'.
[ 1519.222145][T29864] netlink: 'syz.3.8792': attribute type 10 has an invalid length.
[ 1519.250808][T29864] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8792'.
[ 1519.832014][T29885] netlink: 'syz.0.8795': attribute type 5 has an invalid length.
[ 1521.000941][T29907] __nla_validate_parse: 1 callbacks suppressed
[ 1521.000977][T29907] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.8806'.
[ 1521.092143][T29911] netlink: 'syz.0.8807': attribute type 10 has an invalid length.
[ 1521.114612][T29911] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8807'.
[ 1521.126095][T29911] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1521.147536][T29907] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.8806'.
[ 1521.724385][T29925] netlink: 'syz.4.8812': attribute type 5 has an invalid length.
[ 1522.721983][T29953] device wlan1 entered promiscuous mode
[ 1522.768198][T16505] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1522.797833][T29952] netlink: 'syz.3.8821': attribute type 3 has an invalid length.
[ 1522.835693][T29952] netlink: 114680 bytes leftover after parsing attributes in process `syz.3.8821'.
[ 1522.896257][T29955] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.8822'.
[ 1524.048100][T29978] netlink: 'syz.2.8827': attribute type 5 has an invalid length.
[ 1525.158166][T12882] Bluetooth: hci4: unexpected event 0x04 length: 15 > 10
[ 1525.169016][T29997] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.8836'.
[ 1525.230537][T29998] device bond0 entered promiscuous mode
[ 1525.237921][T29998] device bond_slave_0 entered promiscuous mode
[ 1525.264624][T29998] device bond_slave_1 entered promiscuous mode
[ 1525.271039][T29998] device netdevsim0 entered promiscuous mode
[ 1525.494127][T30008] netlink: 61967 bytes leftover after parsing attributes in process `syz.1.8850'.
[ 1525.622768][T30014] FAULT_INJECTION: forcing a failure.
[ 1525.622768][T30014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1525.693324][T30014] CPU: 1 PID: 30014 Comm: syz.1.8842 Not tainted syzkaller #0
[ 1525.700918][T30014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1525.711006][T30014] Call Trace:
[ 1525.714315][T30014]  <TASK>
[ 1525.717281][T30014]  dump_stack_lvl+0x188/0x24e
[ 1525.722021][T30014]  ? show_regs_print_info+0x12/0x12
[ 1525.727274][T30014]  ? load_image+0x400/0x400
[ 1525.731824][T30014]  ? __lock_acquire+0x7d10/0x7d10
[ 1525.736894][T30014]  ? snprintf+0xe5/0x140
[ 1525.741177][T30014]  should_fail_ex+0x399/0x4d0
[ 1525.745895][T30014]  _copy_to_user+0x2c/0x130
[ 1525.750442][T30014]  simple_read_from_buffer+0xe3/0x150
[ 1525.755854][T30014]  proc_fail_nth_read+0x1a6/0x220
[ 1525.760912][T30014]  ? proc_fault_inject_write+0x310/0x310
[ 1525.766586][T30014]  ? fsnotify_perm+0x248/0x550
[ 1525.771389][T30014]  ? proc_fault_inject_write+0x310/0x310
[ 1525.777064][T30014]  vfs_read+0x2de/0xa00
[ 1525.781267][T30014]  ? kernel_read+0x1e0/0x1e0
[ 1525.785899][T30014]  ? __fget_files+0x28/0x4b0
[ 1525.790527][T30014]  ? __fget_files+0x28/0x4b0
[ 1525.795153][T30014]  ? __fget_files+0x43d/0x4b0
[ 1525.799875][T30014]  ? __fdget_pos+0x2ae/0x360
[ 1525.804482][T30014]  ? ksys_read+0x71/0x250
[ 1525.808833][T30014]  ksys_read+0x14c/0x250
[ 1525.813105][T30014]  ? vfs_write+0xa30/0xa30
[ 1525.817551][T30014]  ? lockdep_hardirqs_on+0x94/0x140
[ 1525.822760][T30014]  do_syscall_64+0x4c/0xa0
[ 1525.827190][T30014]  ? clear_bhb_loop+0x60/0xb0
[ 1525.831881][T30014]  ? clear_bhb_loop+0x60/0xb0
[ 1525.836584][T30014]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1525.842502][T30014] RIP: 0033:0x7eff9cb5d68e
[ 1525.846933][T30014] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1525.866557][T30014] RSP: 002b:00007eff9adf5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1525.874993][T30014] RAX: ffffffffffffffda RBX: 00007eff9adf66c0 RCX: 00007eff9cb5d68e
[ 1525.882978][T30014] RDX: 000000000000000f RSI: 00007eff9adf60a0 RDI: 0000000000000007
[ 1525.890960][T30014] RBP: 00007eff9adf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1525.898939][T30014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1525.906920][T30014] R13: 00007eff9ce16038 R14: 00007eff9ce15fa0 R15: 00007ffe94dedd58
[ 1525.914927][T30014]  </TASK>
[ 1526.601247][T30028] netlink: 'syz.0.8846': attribute type 8 has an invalid length.
[ 1526.895184][T30041] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.8853'.
[ 1527.039161][T30049] device syzkaller0 entered promiscuous mode
[ 1527.059932][T30046] netlink: 'syz.3.8847': attribute type 5 has an invalid length.
[ 1527.201683][T30055] delete_channel: no stack
[ 1527.234463][T12882] Bluetooth: hci4: command 0x0409 tx timeout
[ 1527.298599][T30054] device syzkaller0 entered promiscuous mode
[ 1527.390721][T30057] FAULT_INJECTION: forcing a failure.
[ 1527.390721][T30057] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1527.441209][T30057] CPU: 1 PID: 30057 Comm: syz.4.8860 Not tainted syzkaller #0
[ 1527.448714][T30057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1527.458821][T30057] Call Trace:
[ 1527.462130][T30057]  <TASK>
[ 1527.465083][T30057]  dump_stack_lvl+0x188/0x24e
[ 1527.469803][T30057]  ? show_regs_print_info+0x12/0x12
[ 1527.475042][T30057]  ? load_image+0x400/0x400
[ 1527.479593][T30057]  ? __lock_acquire+0x7d10/0x7d10
[ 1527.484667][T30057]  should_fail_ex+0x399/0x4d0
[ 1527.489379][T30057]  _copy_from_user+0x2c/0x170
[ 1527.494096][T30057]  ____sys_sendmsg+0x30a/0x970
[ 1527.498912][T30057]  ? __sys_sendmsg_sock+0x30/0x30
[ 1527.503984][T30057]  ? __import_iovec+0x315/0x500
[ 1527.508895][T30057]  ? import_iovec+0x6f/0xa0
[ 1527.513455][T30057]  ___sys_sendmsg+0x2a2/0x360
[ 1527.518173][T30057]  ? __sys_sendmsg+0x290/0x290
[ 1527.523000][T30057]  ? __lock_acquire+0x7d10/0x7d10
[ 1527.528081][T30057]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1527.532979][T30057]  ? __x64_sys_sendmsg+0x80/0x80
[ 1527.537981][T30057]  ? lockdep_hardirqs_on+0x94/0x140
[ 1527.543208][T30057]  do_syscall_64+0x4c/0xa0
[ 1527.547659][T30057]  ? clear_bhb_loop+0x60/0xb0
[ 1527.552369][T30057]  ? clear_bhb_loop+0x60/0xb0
[ 1527.557080][T30057]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1527.563029][T30057] RIP: 0033:0x7fe2a139ce59
[ 1527.567503][T30057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1527.587132][T30057] RSP: 002b:00007fe2a22c7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1527.595579][T30057] RAX: ffffffffffffffda RBX: 00007fe2a1615fa0 RCX: 00007fe2a139ce59
[ 1527.603574][T30057] RDX: 0000000000004000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1527.611574][T30057] RBP: 00007fe2a22c7090 R08: 0000000000000000 R09: 0000000000000000
[ 1527.619579][T30057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1527.627575][T30057] R13: 00007fe2a1616038 R14: 00007fe2a1615fa0 R15: 00007ffddedf7e08
[ 1527.635587][T30057]  </TASK>
[ 1528.140640][T30067] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8864'.
[ 1528.184631][T30067] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8864'.
[ 1528.204528][T30071] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8864'.
[ 1528.257488][T30071] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8864'.
[ 1528.326807][T30077] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.8867'.
[ 1528.512815][T30083] netlink: 'syz.1.8870': attribute type 5 has an invalid length.
[ 1529.268941][T30107] netlink: 'syz.0.8877': attribute type 1 has an invalid length.
[ 1529.355171][T30103] netlink: 'syz.1.8876': attribute type 5 has an invalid length.
[ 1529.860700][T30123] netlink: 'syz.3.8883': attribute type 2 has an invalid length.
[ 1529.898233][T30123] netlink: 'syz.3.8883': attribute type 8 has an invalid length.
[ 1529.945498][T30123] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8883'.
[ 1530.059704][T30129] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.8885'.
[ 1530.215091][T30134] netlink: 'syz.3.8886': attribute type 5 has an invalid length.
[ 1531.108789][T30150] FAULT_INJECTION: forcing a failure.
[ 1531.108789][T30150] name failslab, interval 1, probability 0, space 0, times 0
[ 1531.150602][T30150] CPU: 0 PID: 30150 Comm: syz.4.8894 Not tainted syzkaller #0
[ 1531.158148][T30150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1531.168228][T30150] Call Trace:
[ 1531.171532][T30150]  <TASK>
[ 1531.174491][T30150]  dump_stack_lvl+0x188/0x24e
[ 1531.179207][T30150]  ? is_bpf_text_address+0x22/0x2a0
[ 1531.184424][T30150]  ? show_regs_print_info+0x12/0x12
[ 1531.189680][T30150]  ? load_image+0x400/0x400
[ 1531.194216][T30150]  ? mark_lock+0x94/0x320
[ 1531.198592][T30150]  ? __lock_acquire+0x13cf/0x7d10
[ 1531.203661][T30150]  should_fail_ex+0x399/0x4d0
[ 1531.208367][T30150]  should_failslab+0x5/0x20
[ 1531.212895][T30150]  slab_pre_alloc_hook+0x59/0x310
[ 1531.217960][T30150]  kmem_cache_alloc_node+0x5a/0x320
[ 1531.223186][T30150]  ? __alloc_skb+0xfc/0x7e0
[ 1531.227727][T30150]  __alloc_skb+0xfc/0x7e0
[ 1531.232093][T30150]  ? memset+0x1e/0x40
[ 1531.236117][T30150]  __pskb_copy_fclone+0xa6/0x1010
[ 1531.241166][T30150]  ? __kasan_slab_alloc+0x6b/0x80
[ 1531.246223][T30150]  tipc_msg_reassemble+0x108/0x3a0
[ 1531.251357][T30150]  tipc_mcast_xmit+0x247/0x1890
[ 1531.256232][T30150]  ? tipc_bcbase_xmit+0x9b0/0x9b0
[ 1531.261273][T30150]  ? __might_fault+0xc2/0x120
[ 1531.265955][T30150]  ? __might_fault+0xa6/0x120
[ 1531.270652][T30150]  ? _copy_from_iter+0x353/0x1130
[ 1531.275692][T30150]  ? __kmem_cache_alloc_node+0x140/0x260
[ 1531.281334][T30150]  ? copyout_mc+0x110/0x110
[ 1531.285851][T30150]  ? rcu_is_watching+0x11/0xa0
[ 1531.290629][T30150]  ? tipc_msg_build+0xc9/0xde0
[ 1531.295424][T30150]  ? tipc_msg_build+0x3f5/0xde0
[ 1531.300292][T30150]  ? net_generic+0x1e/0x240
[ 1531.304814][T30150]  ? tipc_group_bc_cong+0x158/0x210
[ 1531.310040][T30150]  tipc_send_group_bcast+0x806/0xad0
[ 1531.315357][T30150]  ? tipc_wait_for_connect+0x640/0x640
[ 1531.320832][T30150]  ? mark_lock+0x94/0x320
[ 1531.325208][T30150]  ? wait_woken+0x1c0/0x1c0
[ 1531.329736][T30150]  __tipc_sendmsg+0x332/0x2c90
[ 1531.334522][T30150]  ? rht_lock+0x150/0x150
[ 1531.338874][T30150]  ? verify_lock_unused+0x140/0x140
[ 1531.344092][T30150]  ? verify_lock_unused+0x140/0x140
[ 1531.349315][T30150]  ? __might_sleep+0xd0/0xd0
[ 1531.353922][T30150]  ? mark_lock+0x94/0x320
[ 1531.358268][T30150]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1531.364269][T30150]  ? __local_bh_enable_ip+0x136/0x1c0
[ 1531.369664][T30150]  ? lockdep_hardirqs_on+0x94/0x140
[ 1531.374872][T30150]  ? __local_bh_enable_ip+0x136/0x1c0
[ 1531.380258][T30150]  ? _local_bh_enable+0xa0/0xa0
[ 1531.385119][T30150]  tipc_sendmsg+0x51/0x70
[ 1531.389458][T30150]  ? tipc_recvmsg+0x1400/0x1400
[ 1531.394322][T30150]  ____sys_sendmsg+0x5be/0x970
[ 1531.399114][T30150]  ? __sys_sendmsg_sock+0x30/0x30
[ 1531.404155][T30150]  ? __import_iovec+0x315/0x500
[ 1531.409017][T30150]  ? import_iovec+0x6f/0xa0
[ 1531.413533][T30150]  ___sys_sendmsg+0x2a2/0x360
[ 1531.418233][T30150]  ? __sys_sendmsg+0x290/0x290
[ 1531.423023][T30150]  ? __lock_acquire+0x7d10/0x7d10
[ 1531.428078][T30150]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1531.432945][T30150]  ? __x64_sys_sendmsg+0x80/0x80
[ 1531.437914][T30150]  ? lockdep_hardirqs_on+0x94/0x140
[ 1531.443124][T30150]  do_syscall_64+0x4c/0xa0
[ 1531.447559][T30150]  ? clear_bhb_loop+0x60/0xb0
[ 1531.452249][T30150]  ? clear_bhb_loop+0x60/0xb0
[ 1531.456938][T30150]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1531.462844][T30150] RIP: 0033:0x7fe2a139ce59
[ 1531.467268][T30150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1531.486881][T30150] RSP: 002b:00007fe2a22c7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1531.495308][T30150] RAX: ffffffffffffffda RBX: 00007fe2a1615fa0 RCX: 00007fe2a139ce59
[ 1531.503289][T30150] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[ 1531.511273][T30150] RBP: 00007fe2a22c7090 R08: 0000000000000000 R09: 0000000000000000
[ 1531.519252][T30150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1531.527230][T30150] R13: 00007fe2a1616038 R14: 00007fe2a1615fa0 R15: 00007ffddedf7e08
[ 1531.535219][T30150]  </TASK>
[ 1532.124134][T30176] netlink: 'syz.4.8904': attribute type 5 has an invalid length.
[ 1533.921593][T30196] FAULT_INJECTION: forcing a failure.
[ 1533.921593][T30196] name failslab, interval 1, probability 0, space 0, times 0
[ 1533.979781][T30196] CPU: 0 PID: 30196 Comm: syz.4.8909 Not tainted syzkaller #0
[ 1533.987296][T30196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1533.997374][T30196] Call Trace:
[ 1534.000676][T30196]  <TASK>
[ 1534.003633][T30196]  dump_stack_lvl+0x188/0x24e
[ 1534.008353][T30196]  ? show_regs_print_info+0x12/0x12
[ 1534.013589][T30196]  ? load_image+0x400/0x400
[ 1534.018133][T30196]  ? __might_sleep+0xd0/0xd0
[ 1534.022751][T30196]  ? __lock_acquire+0x7d10/0x7d10
[ 1534.027813][T30196]  should_fail_ex+0x399/0x4d0
[ 1534.032532][T30196]  should_failslab+0x5/0x20
[ 1534.037061][T30196]  slab_pre_alloc_hook+0x59/0x310
[ 1534.042122][T30196]  ? sctp_association_new+0x86/0x25d0
[ 1534.047538][T30196]  __kmem_cache_alloc_node+0x4f/0x260
[ 1534.052946][T30196]  ? sctp_association_new+0x86/0x25d0
[ 1534.058341][T30196]  kmalloc_trace+0x26/0xe0
[ 1534.062792][T30196]  sctp_association_new+0x86/0x25d0
[ 1534.068015][T30196]  ? apparmor_capable+0x12c/0x190
[ 1534.073077][T30196]  ? bpf_lsm_capable+0x5/0x10
[ 1534.077798][T30196]  ? security_capable+0x85/0xb0
[ 1534.082681][T30196]  sctp_connect_new_asoc+0x2da/0x6a0
[ 1534.087990][T30196]  ? __sctp_connect+0xd80/0xd80
[ 1534.092866][T30196]  ? __local_bh_enable_ip+0x136/0x1c0
[ 1534.098248][T30196]  ? _local_bh_enable+0xa0/0xa0
[ 1534.103111][T30196]  ? sctp_endpoint_lookup_assoc+0x77/0x260
[ 1534.108932][T30196]  ? sctp_endpoint_lookup_assoc+0x77/0x260
[ 1534.114759][T30196]  ? bpf_lsm_sctp_bind_connect+0x5/0x10
[ 1534.120323][T30196]  ? security_sctp_bind_connect+0x85/0xb0
[ 1534.126050][T30196]  sctp_sendmsg+0x15b0/0x2940
[ 1534.130749][T30196]  ? aa_sk_perm+0x811/0x950
[ 1534.135267][T30196]  ? sctp_getsockopt+0x8a0/0x8a0
[ 1534.140217][T30196]  ? __might_fault+0xa6/0x120
[ 1534.144905][T30196]  ? aa_af_perm+0x340/0x340
[ 1534.149421][T30196]  ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0
[ 1534.155859][T30196]  ? inet_sendmsg+0x78/0x2f0
[ 1534.160452][T30196]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1534.165744][T30196]  ? security_socket_sendmsg+0x7c/0xa0
[ 1534.171222][T30196]  ? inet_send_prepare+0x260/0x260
[ 1534.176341][T30196]  ____sys_sendmsg+0x5be/0x970
[ 1534.181125][T30196]  ? __sys_sendmsg_sock+0x30/0x30
[ 1534.186172][T30196]  ? __import_iovec+0x315/0x500
[ 1534.191041][T30196]  ? import_iovec+0x6f/0xa0
[ 1534.195555][T30196]  ___sys_sendmsg+0x2a2/0x360
[ 1534.200253][T30196]  ? __sys_sendmsg+0x290/0x290
[ 1534.205046][T30196]  ? __lock_acquire+0x7d10/0x7d10
[ 1534.210117][T30196]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1534.214990][T30196]  ? __x64_sys_sendmsg+0x80/0x80
[ 1534.219954][T30196]  ? lockdep_hardirqs_on+0x94/0x140
[ 1534.225167][T30196]  do_syscall_64+0x4c/0xa0
[ 1534.229600][T30196]  ? clear_bhb_loop+0x60/0xb0
[ 1534.234299][T30196]  ? clear_bhb_loop+0x60/0xb0
[ 1534.238993][T30196]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1534.244901][T30196] RIP: 0033:0x7fe2a139ce59
[ 1534.249322][T30196] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1534.268933][T30196] RSP: 002b:00007fe2a22c7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1534.277355][T30196] RAX: ffffffffffffffda RBX: 00007fe2a1615fa0 RCX: 00007fe2a139ce59
[ 1534.285338][T30196] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000005
[ 1534.293315][T30196] RBP: 00007fe2a22c7090 R08: 0000000000000000 R09: 0000000000000000
[ 1534.301290][T30196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1534.309270][T30196] R13: 00007fe2a1616038 R14: 00007fe2a1615fa0 R15: 00007ffddedf7e08
[ 1534.317259][T30196]  </TASK>
[ 1534.655841][T30205] FAULT_INJECTION: forcing a failure.
[ 1534.655841][T30205] name failslab, interval 1, probability 0, space 0, times 0
[ 1534.724713][T30205] CPU: 0 PID: 30205 Comm: syz.0.8913 Not tainted syzkaller #0
[ 1534.732312][T30205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1534.742395][T30205] Call Trace:
[ 1534.745698][T30205]  <TASK>
[ 1534.748660][T30205]  dump_stack_lvl+0x188/0x24e
[ 1534.753378][T30205]  ? show_regs_print_info+0x12/0x12
[ 1534.758614][T30205]  ? load_image+0x400/0x400
[ 1534.763154][T30205]  ? __might_sleep+0xd0/0xd0
[ 1534.767768][T30205]  ? __lock_acquire+0x7d10/0x7d10
[ 1534.772826][T30205]  should_fail_ex+0x399/0x4d0
[ 1534.777535][T30205]  should_failslab+0x5/0x20
[ 1534.782070][T30205]  slab_pre_alloc_hook+0x59/0x310
[ 1534.787134][T30205]  ? __lock_acquire+0x7d10/0x7d10
[ 1534.792193][T30205]  ? kvmalloc_node+0x6c/0x180
[ 1534.796906][T30205]  __kmem_cache_alloc_node+0x4f/0x260
[ 1534.802390][T30205]  ? schedule_delayed_monitor_work+0x160/0x160
[ 1534.808598][T30205]  ? kvmalloc_node+0x6c/0x180
[ 1534.813318][T30205]  __kmalloc_node+0xa0/0x240
[ 1534.817950][T30205]  kvmalloc_node+0x6c/0x180
[ 1534.822490][T30205]  bpf_test_run_xdp_live+0x1dd/0x1a90
[ 1534.827901][T30205]  ? 0xffffffffa0004440
[ 1534.832085][T30205]  ? text_poke_copy+0x79/0x90
[ 1534.836800][T30205]  ? 0xffffffffa0004440
[ 1534.840979][T30205]  ? 0xffffffffa0004440
[ 1534.845159][T30205]  ? bpf_dispatcher_change_prog+0xcbb/0xf10
[ 1534.851087][T30205]  ? 0xffffffffa0004440
[ 1534.855268][T30205]  ? xdp_convert_md_to_buff+0x330/0x330
[ 1534.860875][T30205]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[ 1534.867160][T30205]  ? bpf_test_init+0x119/0x140
[ 1534.871951][T30205]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1534.877447][T30205]  bpf_prog_test_run_xdp+0x736/0xf10
[ 1534.882780][T30205]  ? dev_put+0x80/0x80
[ 1534.886890][T30205]  ? dev_put+0x80/0x80
[ 1534.890986][T30205]  bpf_prog_test_run+0x31e/0x390
[ 1534.895964][T30205]  __sys_bpf+0x62b/0x780
[ 1534.900241][T30205]  ? bpf_link_show_fdinfo+0x380/0x380
[ 1534.905662][T30205]  ? lock_chain_count+0x20/0x20
[ 1534.910558][T30205]  __x64_sys_bpf+0x78/0x90
[ 1534.915012][T30205]  do_syscall_64+0x4c/0xa0
[ 1534.919472][T30205]  ? clear_bhb_loop+0x60/0xb0
[ 1534.924184][T30205]  ? clear_bhb_loop+0x60/0xb0
[ 1534.928896][T30205]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1534.934824][T30205] RIP: 0033:0x7ff85e39ce59
[ 1534.939258][T30205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1534.958888][T30205] RSP: 002b:00007ff85f192028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1534.967327][T30205] RAX: ffffffffffffffda RBX: 00007ff85e615fa0 RCX: 00007ff85e39ce59
[ 1534.975322][T30205] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1534.983317][T30205] RBP: 00007ff85f192090 R08: 0000000000000000 R09: 0000000000000000
[ 1534.991311][T30205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1534.999304][T30205] R13: 00007ff85e616038 R14: 00007ff85e615fa0 R15: 00007ffc8ac946c8
[ 1535.007316][T30205]  </TASK>
[ 1536.312060][T30268] netlink: 'syz.2.8925': attribute type 5 has an invalid length.
[ 1536.457936][T30267] netlink: 'syz.4.8924': attribute type 5 has an invalid length.
[ 1538.807682][T30271] netlink: 'syz.3.8927': attribute type 10 has an invalid length.
[ 1538.842472][T30271] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8927'.
[ 1539.013055][T30274] netlink: 164 bytes leftover after parsing attributes in process `syz.0.8928'.
[ 1539.077977][T30274] netlink: 'syz.0.8928': attribute type 10 has an invalid length.
[ 1539.114441][T30274] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1539.148559][T30274] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1539.195956][T30274] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1539.236384][T30274] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1539.429509][T12882] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1539.438756][T12882] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1539.450014][T12882] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1539.460084][T12882] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1539.467769][T12882] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1539.475554][T12882] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1539.503858][T30285] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.8931'.
[ 1539.684382][T30210] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1539.797133][T30210] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1539.996647][T30210] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1540.031856][T30282] netlink: 'syz.2.8939': attribute type 5 has an invalid length.
[ 1540.189160][T30210] bond0: (slave netdevsim0): Releasing backup interface
[ 1540.269935][T30210] device netdevsim0 left promiscuous mode
[ 1540.299926][T30210] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1540.326808][T30286] chnl_net:caif_netlink_parms(): no params data found
[ 1540.352098][T30306] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.8937'.
[ 1540.573552][T30286] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1540.581256][T30286] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1540.591409][T30286] device bridge_slave_0 entered promiscuous mode
[ 1540.600649][T30286] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1540.608124][T30286] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1540.616328][T30286] device bridge_slave_1 entered promiscuous mode
[ 1540.651765][T30315] netlink: 'syz.2.8940': attribute type 10 has an invalid length.
[ 1540.682970][T30315] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8940'.
[ 1540.731444][T30315] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1540.879335][T30319] netlink: 'syz.4.8941': attribute type 10 has an invalid length.
[ 1540.934609][T30319] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8941'.
[ 1541.094244][T30286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1541.145444][T30286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1541.297946][T30333] netlink: 164 bytes leftover after parsing attributes in process `syz.2.8942'.
[ 1541.371593][T30286] team0: Port device team_slave_0 added
[ 1541.398156][T30286] team0: Port device team_slave_1 added
[ 1541.509786][T30330] netlink: 'syz.2.8942': attribute type 10 has an invalid length.
[ 1541.554533][T12882] Bluetooth: hci4: command 0x0409 tx timeout
[ 1541.574590][T30330] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1541.622398][T30330] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1541.689245][T30330] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1541.732072][T30330] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1541.899705][T30286] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1541.943892][T30286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1542.024445][T30286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1542.187232][T30359] netlink: 164 bytes leftover after parsing attributes in process `syz.2.8958'.
[ 1542.228826][T30286] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1542.246452][T30286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1542.363835][T30286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1542.421418][T30364] netlink: 'syz.2.8958': attribute type 10 has an invalid length.
[ 1542.444568][T30364] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1542.497250][T30364] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1542.543180][T30364] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1542.582178][T30364] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1542.645146][T30366] netlink: 'syz.0.8951': attribute type 10 has an invalid length.
[ 1542.714215][T30366] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8951'.
[ 1542.758147][T30366] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1542.892551][T30367] netlink: 'syz.4.8950': attribute type 5 has an invalid length.
[ 1542.974615][T30376] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.8952'.
[ 1543.067884][T30286] device hsr_slave_0 entered promiscuous mode
[ 1543.111099][T30286] device hsr_slave_1 entered promiscuous mode
[ 1543.132058][T30286] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1543.170935][T30286] Cannot create hsr debugfs directory
[ 1543.227146][T30379] netlink: 'syz.0.8953': attribute type 10 has an invalid length.
[ 1543.254027][T30379] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1543.570836][T30210] device wlan1 left promiscuous mode
[ 1543.596258][T30210] team0: Port device wlan1 removed
[ 1543.639800][T12882] Bluetooth: hci4: command 0x041b tx timeout
[ 1543.955416][T30210] device hsr_slave_0 left promiscuous mode
[ 1543.973269][T30210] device hsr_slave_1 left promiscuous mode
[ 1543.985438][T30210] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1543.995747][T30210] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1544.009546][T30210] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1544.023827][T30210] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1544.031988][T30210] batman_adv: batadv0: Interface deactivated: vlan1
[ 1544.039080][T30210] batman_adv: batadv0: Removing interface: vlan1
[ 1544.061556][T30210] bridge0: port 3(team0) entered disabled state
[ 1544.095243][T30210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1544.141111][T30210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1544.229240][T30210] device veth0_macvtap left promiscuous mode
[ 1544.258508][T30210] device veth1_vlan left promiscuous mode
[ 1544.278786][T30210] device veth0_vlan left promiscuous mode
[ 1544.743999][T30210] device geneve1 left promiscuous mode
[ 1544.761549][T30210] team0 (unregistering): Port device geneve1 removed
[ 1545.354987][T30210] device team_slave_1 left promiscuous mode
[ 1545.362215][T30210] team0 (unregistering): Port device team_slave_1 removed
[ 1545.397573][T30210] device team_slave_0 left promiscuous mode
[ 1545.404571][T30210] team0 (unregistering): Port device team_slave_0 removed
[ 1545.442423][T30210] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1545.451216][T30210] device bond_slave_1 left promiscuous mode
[ 1545.484254][T30210] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1545.493280][T30210] device bond_slave_0 left promiscuous mode
[ 1545.715554][T12882] Bluetooth: hci4: command 0x040f tx timeout
[ 1545.744613][T30210] bond0 (unregistering): Released all slaves
[ 1545.825207][T30415] netlink: 'syz.2.8964': attribute type 10 has an invalid length.
[ 1545.833372][T30415] __nla_validate_parse: 1 callbacks suppressed
[ 1545.833417][T30415] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8964'.
[ 1545.851806][T30415] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1545.868004][T30420] netlink: 'syz.0.8962': attribute type 5 has an invalid length.
[ 1546.241162][T30439] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.8967'.
[ 1546.531466][T30445] netlink: 'syz.3.8969': attribute type 10 has an invalid length.
[ 1546.562016][T30445] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8969'.
[ 1547.075842][T30286] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1547.136980][T30286] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1547.173179][T30286] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1547.239594][T30286] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1547.539753][T30286] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1547.584854][T30212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1547.598311][T30212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1547.692207][T30286] 8021q: adding VLAN 0 to HW filter on device team0
[ 1547.737335][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1547.794427][T12882] Bluetooth: hci4: command 0x0419 tx timeout
[ 1547.825022][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1547.851102][T30215] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1547.858278][T30215] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1547.990914][T30479] device syzkaller0 entered promiscuous mode
[ 1548.065287][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1548.093480][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1548.135656][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1548.164829][T30215] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1548.171980][T30215] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1548.242018][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1548.311019][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1550.451273][T30497] netlink: 'syz.0.8987': attribute type 5 has an invalid length.
[ 1550.464248][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1550.477294][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1550.489382][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1550.501249][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1550.512595][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1550.537172][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1550.559375][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1550.569076][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1550.580422][T30498] netlink: 'syz.4.8978': attribute type 5 has an invalid length.
[ 1550.599844][T30286] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1550.624428][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1551.144164][T30515] netlink: 'syz.4.8984': attribute type 10 has an invalid length.
[ 1551.170428][T30515] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8984'.
[ 1551.675604][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1551.683112][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1551.751102][T30286] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1551.911126][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1551.935506][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1552.028986][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1552.047577][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1552.089985][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1552.141772][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1552.194819][T30286] device veth0_vlan entered promiscuous mode
[ 1552.238130][T30286] device veth1_vlan entered promiscuous mode
[ 1552.296724][T30536] netlink: 'syz.3.8989': attribute type 5 has an invalid length.
[ 1552.343043][T30543] netlink: 'syz.4.8990': attribute type 5 has an invalid length.
[ 1552.422637][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1552.452154][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1552.511424][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1552.572704][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1552.619776][T30286] device veth0_macvtap entered promiscuous mode
[ 1552.654860][T30286] device veth1_macvtap entered promiscuous mode
[ 1552.730254][T30286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.761793][T30286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.838895][T30286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.869734][T30286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.930069][T30286] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1552.940688][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1552.955180][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1552.986377][T30286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1553.000672][T30286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1553.013835][T30286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1553.061103][T30286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1553.098884][T30286] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1553.115831][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1553.136164][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1553.158018][T30286] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1553.184894][T30286] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1553.214462][T30286] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1553.233545][T30286] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1553.444937][T30555] device syzkaller0 entered promiscuous mode
[ 1553.571107][T16498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1553.597760][T16498] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1556.234868][T30216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1556.272650][T30588] netlink: 'syz.3.9003': attribute type 5 has an invalid length.
[ 1556.322980][T30210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1556.357852][T30210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1556.366598][T30216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1556.823153][T30625] netlink: 'syz.3.8996': attribute type 5 has an invalid length.
[ 1557.398736][T30642] netlink: 'syz.1.8999': attribute type 5 has an invalid length.
[ 1557.858502][T30649] netlink: 'syz.4.9004': attribute type 5 has an invalid length.
[ 1558.357277][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1558.363649][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1559.171177][T30667] device syzkaller0 entered promiscuous mode
[ 1559.210039][T30672] netlink: 'syz.1.9008': attribute type 5 has an invalid length.
[ 1559.263151][T30673] netlink: 'syz.0.9007': attribute type 5 has an invalid length.
[ 1562.427717][T30692] netlink: 61967 bytes leftover after parsing attributes in process `syz.1.9011'.
[ 1562.438219][T30698] netlink: 164 bytes leftover after parsing attributes in process `syz.4.9012'.
[ 1562.451073][T30703] netlink: 'syz.4.9012': attribute type 10 has an invalid length.
[ 1562.459590][T30703] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1562.476529][T30703] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1562.489102][T30703] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1562.503735][T30703] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1562.512052][T30706] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.9017'.
[ 1562.535069][T30716] netlink: 'syz.2.9020': attribute type 5 has an invalid length.
[ 1563.036721][T30732] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.9025'.
[ 1563.078264][T30725] netlink: 'syz.0.9023': attribute type 5 has an invalid length.
[ 1563.422795][T30739] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.9027'.
[ 1564.026679][T30752] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.9032'.
[ 1564.054873][T30753] netlink: 164 bytes leftover after parsing attributes in process `syz.0.9033'.
[ 1564.084592][T30747] netlink: 'syz.3.9029': attribute type 5 has an invalid length.
[ 1564.117959][T30753] netlink: 'syz.0.9033': attribute type 10 has an invalid length.
[ 1564.134481][T30753] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1564.184628][T30753] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1564.225990][T30753] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1564.323366][T30753] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1564.710244][T30754] device syzkaller0 entered promiscuous mode
[ 1564.759501][T30771] netlink: 61967 bytes leftover after parsing attributes in process `syz.1.9038'.
[ 1564.912012][T30776] netlink: 'syz.3.9039': attribute type 5 has an invalid length.
[ 1565.049548][T30769] netlink: 'syz.0.9037': attribute type 5 has an invalid length.
[ 1567.761867][T30783] netlink: 'syz.3.9041': attribute type 10 has an invalid length.
[ 1567.769979][T30783] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9041'.
[ 1567.779522][T30779] netlink: 'syz.1.9040': attribute type 5 has an invalid length.
[ 1567.788152][T30788] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.9042'.
[ 1567.801603][T30790] netlink: 'syz.4.9043': attribute type 5 has an invalid length.
[ 1568.047921][T30798] netlink: 164 bytes leftover after parsing attributes in process `syz.4.9045'.
[ 1568.086742][T30795] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.9044'.
[ 1568.120926][T30798] netlink: 'syz.4.9045': attribute type 10 has an invalid length.
[ 1568.146800][T30798] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1568.188655][T30798] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1568.250565][T30798] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1568.293909][T30798] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1568.683966][T30805] device syzkaller0 entered promiscuous mode
[ 1568.725497][T30814] netlink: 'syz.0.9049': attribute type 5 has an invalid length.
[ 1571.328846][T30818] netlink: 'syz.4.9052': attribute type 5 has an invalid length.
[ 1571.344690][T30827] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.9055'.
[ 1571.356679][T30829] netlink: 'syz.2.9056': attribute type 5 has an invalid length.
[ 1571.367993][T30833] netlink: 'syz.0.9065': attribute type 5 has an invalid length.
[ 1571.463470][T30835] netlink: 'syz.4.9057': attribute type 10 has an invalid length.
[ 1571.472499][T30835] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9057'.
[ 1571.639232][T30844] netlink: 'syz.2.9059': attribute type 5 has an invalid length.
[ 1572.148292][T30852] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.9063'.
[ 1572.985016][T30871] validate_nla: 2 callbacks suppressed
[ 1572.985033][T30871] netlink: 'syz.4.9067': attribute type 5 has an invalid length.
[ 1573.158737][T30873] netlink: 'syz.0.9068': attribute type 5 has an invalid length.
[ 1574.118324][T30883] netlink: 'syz.2.9082': attribute type 5 has an invalid length.
[ 1574.148927][T30881] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.9072'.
[ 1574.159899][T30885] netlink: 'syz.3.9071': attribute type 5 has an invalid length.
[ 1574.321027][T30888] netlink: 'syz.0.9073': attribute type 10 has an invalid length.
[ 1574.346851][T30888] netlink: 40 bytes leftover after parsing attributes in process `syz.0.9073'.
[ 1574.541429][T30888] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[ 1574.721219][T30901] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.9078'.
[ 1574.992642][T30906] device syzkaller0 entered promiscuous mode
[ 1575.203872][T30919] netlink: 'syz.3.9083': attribute type 5 has an invalid length.
[ 1578.904576][T30924] netlink: 'syz.2.9084': attribute type 5 has an invalid length.
[ 1578.912559][T30933] netlink: 'syz.3.9088': attribute type 5 has an invalid length.
[ 1578.924968][T30941] netlink: 'syz.1.9086': attribute type 5 has an invalid length.
[ 1579.081032][T30951] netlink: 164 bytes leftover after parsing attributes in process `syz.3.9091'.
[ 1579.145610][T30951] netlink: 'syz.3.9091': attribute type 10 has an invalid length.
[ 1579.153839][T30951] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1579.194463][T30951] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1579.215537][T30951] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1579.254458][T30951] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1579.303204][T30956] netlink: 61967 bytes leftover after parsing attributes in process `syz.1.9093'.
[ 1579.432324][T30957] device syzkaller0 entered promiscuous mode
[ 1580.319943][T30981] device syzkaller0 entered promiscuous mode
[ 1583.055141][T30987] netlink: 'syz.4.9099': attribute type 5 has an invalid length.
[ 1583.064984][T30991] netlink: 'syz.2.9102': attribute type 5 has an invalid length.
[ 1584.903813][T31014] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.9107'.
[ 1584.913333][T31015] netlink: 164 bytes leftover after parsing attributes in process `syz.4.9108'.
[ 1584.924287][T31016] netlink: 'syz.4.9108': attribute type 10 has an invalid length.
[ 1584.932483][T31016] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1584.947460][T31016] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1584.957738][T31016] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1584.974906][T31016] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1584.981718][T31021] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.9110'.
[ 1585.731999][T31038] netlink: 'syz.3.9125': attribute type 5 has an invalid length.
[ 1586.187798][T31049] netlink: 'syz.4.9118': attribute type 5 has an invalid length.
[ 1587.198459][T31064] netlink: 'syz.3.9122': attribute type 5 has an invalid length.
[ 1587.277761][T31065] netlink: 'syz.0.9123': attribute type 5 has an invalid length.
[ 1587.718049][T31077] device syzkaller0 entered promiscuous mode
[ 1591.568191][T31103] netlink: 'syz.2.9132': attribute type 5 has an invalid length.
[ 1591.586146][T31117] netlink: 'syz.1.9134': attribute type 5 has an invalid length.
[ 1592.405887][T31137] netlink: 'syz.0.9140': attribute type 5 has an invalid length.
[ 1593.039269][T31153] netlink: 'syz.3.9145': attribute type 5 has an invalid length.
[ 1593.159278][T31159] netlink: 'syz.1.9147': attribute type 5 has an invalid length.
[ 1593.648566][T31160] netlink: 'syz.4.9146': attribute type 5 has an invalid length.
[ 1593.718512][T31167] netlink: 'syz.2.9148': attribute type 5 has an invalid length.
[ 1594.343214][T31171] device syzkaller0 entered promiscuous mode
[ 1597.615085][T12882] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1597.630438][T12882] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1597.644829][T12882] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1597.657761][T12882] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1597.667899][T12882] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1597.675462][T12882] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1598.129584][T31204] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.9157'.
[ 1598.139722][T31215] netlink: 'syz.0.9159': attribute type 5 has an invalid length.
[ 1598.681948][T31228] chnl_net:caif_netlink_parms(): no params data found
[ 1598.909041][T31245] netlink: 'syz.4.9169': attribute type 5 has an invalid length.
[ 1599.210742][T30212] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1599.331675][T31248] netlink: 'syz.1.9170': attribute type 5 has an invalid length.
[ 1599.423656][T31228] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1599.467468][T31228] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1599.485427][T31228] device bridge_slave_0 entered promiscuous mode
[ 1599.600427][T30212] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1599.714608][ T4289] Bluetooth: hci0: command 0x0409 tx timeout
[ 1599.804933][T31228] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1599.812060][T31228] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1599.915337][T31228] device bridge_slave_1 entered promiscuous mode
[ 1599.958738][T31228] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1600.013563][T30212] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1600.051991][T31228] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1600.153383][T31228] team0: Port device team_slave_0 added
[ 1600.217266][T30212] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1600.263301][T31228] team0: Port device team_slave_1 added
[ 1600.290045][T31272] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.9176'.
[ 1600.340131][T31228] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1600.369578][T31228] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1600.448114][T31228] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1600.580753][T31228] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1600.616639][T31228] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1600.728027][T31228] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1600.797120][T31278] netlink: 'syz.0.9177': attribute type 5 has an invalid length.
[ 1601.050862][T31270] device syzkaller0 entered promiscuous mode
[ 1601.794559][ T4289] Bluetooth: hci0: command 0x041b tx timeout
[ 1603.844242][T31306] netlink: 'syz.0.9182': attribute type 5 has an invalid length.
[ 1603.874580][ T4289] Bluetooth: hci0: command 0x040f tx timeout
[ 1603.911181][T31307] device syzkaller0 entered promiscuous mode
[ 1603.958428][T31228] device hsr_slave_0 entered promiscuous mode
[ 1603.990761][T31228] device hsr_slave_1 entered promiscuous mode
[ 1604.009846][T31228] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1604.025610][T31228] Cannot create hsr debugfs directory
[ 1605.964443][ T4289] Bluetooth: hci0: command 0x0419 tx timeout
[ 1606.587017][T31342] netlink: 'syz.4.9188': attribute type 5 has an invalid length.
[ 1606.601452][T31350] netlink: 61775 bytes leftover after parsing attributes in process `syz.1.9191'.
[ 1607.324563][T31361] netlink: 'syz.1.9193': attribute type 5 has an invalid length.
[ 1607.467254][T31360] netlink: 'syz.4.9194': attribute type 5 has an invalid length.
[ 1607.783178][T31369] netlink: 'syz.3.9195': attribute type 5 has an invalid length.
[ 1608.128659][T31377] netlink: 'syz.0.9197': attribute type 5 has an invalid length.
[ 1608.723290][T31387] netlink: 'syz.1.9198': attribute type 5 has an invalid length.
[ 1608.899023][T31396] netlink: 'syz.4.9200': attribute type 5 has an invalid length.
[ 1609.200544][T31228] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1609.237862][T31228] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1609.287245][T31228] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1609.522501][T31228] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1609.595518][T30212] device veth0_to_team left promiscuous mode
[ 1609.625621][T30212] Ÿë
: port 1(veth0_to_team) entered disabled state
[ 1609.721413][T30212] device hsr_slave_0 left promiscuous mode
[ 1609.770853][T30212] device hsr_slave_1 left promiscuous mode
[ 1609.781659][T30212] bridge0: port 3(team0) entered disabled state
[ 1609.829162][T30212] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1609.870182][T30212] device bridge_slave_0 left promiscuous mode
[ 1609.888766][T30212] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1609.981491][T30212] device veth0_macvtap left promiscuous mode
[ 1609.994894][T30212] device veth1_vlan left promiscuous mode
[ 1610.009275][T30212] device veth0_vlan left promiscuous mode
[ 1610.564218][T30212] device geneve1 left promiscuous mode
[ 1610.584087][T30212] team0 (unregistering): Port device geneve1 removed
[ 1611.106424][T30212] device team_slave_1 left promiscuous mode
[ 1611.113287][T30212] team0 (unregistering): Port device team_slave_1 removed
[ 1611.147234][T30212] device team_slave_0 left promiscuous mode
[ 1611.153843][T30212] team0 (unregistering): Port device team_slave_0 removed
[ 1611.187956][T30212] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1611.222378][T30212] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1611.451507][T30212] bond0 (unregistering): Released all slaves
[ 1611.530967][T31414] netlink: 'syz.0.9204': attribute type 5 has an invalid length.
[ 1611.570217][T31409] device syzkaller0 entered promiscuous mode
[ 1611.581550][T31422] netlink: 61967 bytes leftover after parsing attributes in process `syz.1.9207'.
[ 1613.774893][T31425] netlink: 'syz.4.9206': attribute type 5 has an invalid length.
[ 1613.807581][T31432] netlink: 'syz.1.9210': attribute type 5 has an invalid length.
[ 1613.939740][T31228] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1613.982127][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1614.022726][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1614.042393][T31228] 8021q: adding VLAN 0 to HW filter on device team0
[ 1614.077278][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1614.103735][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1614.122435][T30222] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1614.129625][T30222] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1614.170444][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1614.187674][T31444] netlink: 61967 bytes leftover after parsing attributes in process `syz.1.9213'.
[ 1614.258723][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1614.270048][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1614.290506][T16498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1614.297677][T16498] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1614.388821][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1614.431252][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1614.451979][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1614.496742][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1614.559611][T31228] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1614.603366][T31228] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1614.650986][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1614.661787][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1614.686190][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1614.705310][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1614.715274][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1614.742028][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1614.765085][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1614.785391][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1614.814427][T31468] netlink: 'syz.1.9216': attribute type 5 has an invalid length.
[ 1615.194093][T31453] device syzkaller0 entered promiscuous mode
[ 1615.677432][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1615.714918][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1615.769281][T31492] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.9220'.
[ 1615.805118][T31228] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1615.912667][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1615.955219][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1615.987149][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1616.027666][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1616.091761][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1616.115600][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1616.156635][T31495] netlink: 'syz.0.9223': attribute type 5 has an invalid length.
[ 1616.191136][T31228] device veth0_vlan entered promiscuous mode
[ 1619.234450][T31524] netlink: 'syz.0.9225': attribute type 5 has an invalid length.
[ 1619.242319][T31525] netlink: 'syz.4.9227': attribute type 5 has an invalid length.
[ 1619.269295][T31228] device veth1_vlan entered promiscuous mode
[ 1619.334822][T31228] device veth0_macvtap entered promiscuous mode
[ 1619.342024][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1619.361000][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1619.393534][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1619.446873][T31228] device veth1_macvtap entered promiscuous mode
[ 1619.478894][T31228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1619.489661][T31228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.500672][T31228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1619.511775][T31228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.528837][T31228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1619.567368][T31228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.620716][T31228] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1619.628891][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1619.642203][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1619.673824][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1619.708182][T31228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1619.730706][T31228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.741083][T31228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1619.751918][T31228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.762919][T31228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1619.775527][T31228] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.787176][T31228] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1619.807852][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1619.814167][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1619.824413][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1619.837583][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1619.848494][T31228] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1619.859959][T31228] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1619.872867][T31228] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1619.886715][T31228] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1620.404495][T31554] netlink: 'syz.3.9232': attribute type 5 has an invalid length.
[ 1620.510616][T30217] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1620.526906][T30217] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1620.554063][T31559] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.9233'.
[ 1620.589124][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1620.600544][T31561] netlink: 'syz.0.9234': attribute type 5 has an invalid length.
[ 1620.631823][T30217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1620.641900][T30217] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1620.651716][T30216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1621.045938][T31571] netlink: 'syz.3.9235': attribute type 5 has an invalid length.
[ 1621.675292][ T4289] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1621.684690][ T4289] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1621.692890][ T4289] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1621.701808][ T4289] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1621.713312][ T4289] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1621.721317][ T4289] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1621.782318][T31584] netlink: 'syz.2.9240': attribute type 5 has an invalid length.
[ 1621.939462][T31576] device syzkaller0 entered promiscuous mode
[ 1623.797742][ T4289] Bluetooth: hci2: command 0x0409 tx timeout
[ 1624.748255][T31585] chnl_net:caif_netlink_parms(): no params data found
[ 1624.758519][T31600] netlink: 'syz.3.9241': attribute type 5 has an invalid length.
[ 1624.839047][T31613] netlink: 'syz.2.9246': attribute type 5 has an invalid length.
[ 1625.191355][T31585] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1625.229001][T31585] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1625.241405][T31585] device bridge_slave_0 entered promiscuous mode
[ 1625.294419][T31585] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1625.301642][T31585] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1625.405962][T31585] device bridge_slave_1 entered promiscuous mode
[ 1625.441025][T31626] netlink: 'syz.2.9251': attribute type 5 has an invalid length.
[ 1625.560609][T31585] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1625.572560][T31585] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1625.628545][T31585] team0: Port device team_slave_0 added
[ 1625.701789][T31585] team0: Port device team_slave_1 added
[ 1625.840515][T31585] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1625.869956][T31585] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1625.897063][ T4289] Bluetooth: hci2: command 0x041b tx timeout
[ 1625.960116][T31585] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1626.027276][T31585] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1626.034261][T31585] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1626.094355][T31585] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1626.270485][T31585] device hsr_slave_0 entered promiscuous mode
[ 1626.304196][T31585] device hsr_slave_1 entered promiscuous mode
[ 1626.337488][T31585] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1626.378132][T31585] Cannot create hsr debugfs directory
[ 1626.604005][T31649] device syzkaller0 entered promiscuous mode
[ 1626.791481][T31650] netlink: 'syz.3.9259': attribute type 5 has an invalid length.
[ 1627.955992][ T4289] Bluetooth: hci2: command 0x040f tx timeout
[ 1629.119731][T31673] netlink: 'syz.0.9262': attribute type 5 has an invalid length.
[ 1629.594090][T31688] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.9266'.
[ 1630.035846][ T4289] Bluetooth: hci2: command 0x0419 tx timeout
[ 1630.043156][T31691] device syzkaller0 entered promiscuous mode
[ 1630.050561][T31697] netlink: 'syz.2.9269': attribute type 5 has an invalid length.
[ 1630.242445][T30210] device wlan1 left promiscuous mode
[ 1630.266661][T30210] team0: Port device wlan1 removed
[ 1630.569002][T31585] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1630.589100][T31585] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1630.635340][T30210] device veth0_to_team left promiscuous mode
[ 1630.646103][T30210] Ÿë
: port 1(veth0_to_team) entered disabled state
[ 1630.691927][T30210] device hsr_slave_0 left promiscuous mode
[ 1630.711112][T30210] device hsr_slave_1 left promiscuous mode
[ 1630.729599][T30210] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1630.747701][T30210] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1630.768060][T30210] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1630.787424][T30210] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1630.835402][T30210] batman_adv: batadv0: Interface deactivated: vlan1
[ 1630.842056][T30210] batman_adv: batadv0: Removing interface: vlan1
[ 1630.873924][T30210] bridge0: port 4(team0) entered disabled state
[ 1630.917278][T30210] bridge0: port 3(bond0) entered disabled state
[ 1630.940464][T30210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1630.982085][T30210] device bridge_slave_0 left promiscuous mode
[ 1630.998665][T30210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1631.066238][T30210] device veth1_macvtap left promiscuous mode
[ 1631.095145][T30210] device veth0_macvtap left promiscuous mode
[ 1631.101296][T30210] device veth1_vlan left promiscuous mode
[ 1631.128143][T30210] device veth0_vlan left promiscuous mode
[ 1631.622838][T30210] device geneve1 left promiscuous mode
[ 1631.656554][T30210] team0 (unregistering): Port device geneve1 removed
[ 1632.204155][T30210] device team_slave_1 left promiscuous mode
[ 1632.211614][T30210] team0 (unregistering): Port device team_slave_1 removed
[ 1632.245364][T30210] device team_slave_0 left promiscuous mode
[ 1632.252052][T30210] team0 (unregistering): Port device team_slave_0 removed
[ 1632.288709][T30210] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1632.297637][T30210] device bond_slave_1 left promiscuous mode
[ 1632.332144][T30210] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1632.341299][T30210] device bond_slave_0 left promiscuous mode
[ 1632.591264][T30210] bond0 (unregistering): Released all slaves
[ 1632.676598][T31585] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1634.211005][T31739] netlink: 'syz.3.9277': attribute type 5 has an invalid length.
[ 1634.222544][T31738] netlink: 'syz.1.9276': attribute type 5 has an invalid length.
[ 1634.240615][T31585] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1634.456611][T31585] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1634.525060][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1634.533227][T30217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1634.579190][T31585] 8021q: adding VLAN 0 to HW filter on device team0
[ 1634.630540][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1634.651261][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1634.681885][T30222] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1634.689064][T30222] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1634.932672][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1634.992371][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1635.011838][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1635.062605][T30222] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1635.069821][T30222] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1635.109379][T31747] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.9281'.
[ 1635.153233][T31757] netlink: 'syz.0.9283': attribute type 5 has an invalid length.
[ 1635.278455][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1635.315315][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1635.395914][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1635.412239][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1635.641204][T31752] device syzkaller0 entered promiscuous mode
[ 1635.713655][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1635.725330][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1635.758405][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1635.786419][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1635.814192][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1635.845953][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1635.868237][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1638.263044][T31585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1639.013706][T31832] netlink: 'syz.2.9289': attribute type 5 has an invalid length.
[ 1639.092558][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1639.102356][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1639.147624][T31585] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1639.182658][T31824] netlink: 'syz.1.9290': attribute type 5 has an invalid length.
[ 1639.504624][T31840] netlink: 61775 bytes leftover after parsing attributes in process `syz.3.9294'.
[ 1640.133441][T31865] netlink: 'syz.1.9296': attribute type 5 has an invalid length.
[ 1640.489887][T31861] netlink: 'syz.0.9299': attribute type 5 has an invalid length.
[ 1640.613778][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1640.623169][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1640.695288][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1640.717429][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1640.765363][T31585] device veth0_vlan entered promiscuous mode
[ 1640.785752][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1640.808966][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1640.845676][T31585] device veth1_vlan entered promiscuous mode
[ 1640.922846][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1640.945261][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1641.005934][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1641.039345][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1641.067366][T31585] device veth0_macvtap entered promiscuous mode
[ 1641.123264][T31585] device veth1_macvtap entered promiscuous mode
[ 1641.198853][T31585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1641.234321][T31585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1641.244167][T31585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1641.326045][T31585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1641.364429][T31585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1641.389003][T31585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1641.439102][T31585] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1641.495424][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1641.529239][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1641.558082][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1641.595079][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1641.650365][T31585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1641.683383][T31585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1641.705462][T31585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1641.750407][T31585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1641.787338][T31585] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1641.832374][T31585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1641.898907][T31585] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1641.955284][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1641.965559][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1641.976941][T31897] netlink: 'syz.1.9304': attribute type 5 has an invalid length.
[ 1642.023467][T31585] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.044377][T31585] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.053107][T31585] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.137473][T31585] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.186576][T31907] netlink: 'syz.0.9306': attribute type 5 has an invalid length.
[ 1642.978138][T30235] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1643.012465][T30235] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1643.051389][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1643.070386][T30215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1643.094069][T30215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1643.122843][T30222] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1643.245010][T31923] netlink: 'syz.1.9318': attribute type 5 has an invalid length.
[ 1643.906428][T31920] netlink: 'syz.0.9308': attribute type 5 has an invalid length.
[ 1644.421849][T12882] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1644.431265][T12882] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1644.444128][T12882] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1644.452964][T12882] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1644.462312][T12882] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1644.469770][T12882] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1644.594161][T16498] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1644.749584][T31934] device syzkaller0 entered promiscuous mode
[ 1644.821610][T16498] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1644.967850][T16498] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1645.057869][T16498] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1645.078765][T31943] chnl_net:caif_netlink_parms(): no params data found
[ 1645.247886][T31943] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1645.311352][T31943] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1645.392071][T31943] device bridge_slave_0 entered promiscuous mode
[ 1645.451897][T31943] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1645.490534][T31943] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1645.529794][T31943] device bridge_slave_1 entered promiscuous mode
[ 1645.572040][T31951] netlink: 'syz.4.9315': attribute type 5 has an invalid length.
[ 1646.519913][ T4289] Bluetooth: hci3: command 0x0409 tx timeout
[ 1648.594712][ T4289] Bluetooth: hci3: command 0x041b tx timeout
[ 1649.290155][T31985] netlink: 'syz.2.9319': attribute type 5 has an invalid length.
[ 1649.359211][T31989] netlink: 'syz.0.9321': attribute type 5 has an invalid length.
[ 1649.443470][T32001] device syzkaller0 entered promiscuous mode
[ 1649.505612][T31943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1650.674404][ T4289] Bluetooth: hci3: command 0x040f tx timeout
[ 1652.757734][ T4289] Bluetooth: hci3: command 0x0419 tx timeout
[ 1653.320078][T31943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1653.383075][T31943] team0: Port device team_slave_0 added
[ 1653.392315][T31943] team0: Port device team_slave_1 added
[ 1653.513994][T31943] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1653.534333][T31943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1653.623579][T31943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1653.692334][T31943] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1653.708461][T31943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1653.779068][T31943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1655.351950][T32056] netlink: 'syz.0.9335': attribute type 5 has an invalid length.
[ 1655.380187][T32053] netlink: 'syz.2.9334': attribute type 5 has an invalid length.
[ 1655.403568][T32061] netlink: 'syz.4.9333': attribute type 5 has an invalid length.
[ 1655.713551][T31943] device hsr_slave_0 entered promiscuous mode
[ 1655.731056][T31943] device hsr_slave_1 entered promiscuous mode
[ 1655.751091][T31943] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1655.761267][T31943] Cannot create hsr debugfs directory
[ 1656.055827][T32083] netlink: 'syz.1.9351': attribute type 5 has an invalid length.
[ 1656.544055][T32091] netlink: 'syz.2.9342': attribute type 5 has an invalid length.
[ 1656.603326][T16498] device veth0_to_team left promiscuous mode
[ 1656.621428][T16498] Ÿë
: port 1(veth0_to_team) entered disabled state
[ 1656.676692][T16498] device hsr_slave_0 left promiscuous mode
[ 1656.703303][T16498] device hsr_slave_1 left promiscuous mode
[ 1656.725897][T16498] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1656.743485][T16498] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1656.761687][T16498] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1656.790192][T16498] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1656.854833][T16498] device veth0_macvtap left promiscuous mode
[ 1657.421298][T16498] device geneve1 left promiscuous mode
[ 1657.462966][T16498] team0 (unregistering): Port device geneve1 removed
[ 1659.356644][T16498] device team_slave_1 left promiscuous mode
[ 1659.363355][T16498] team0 (unregistering): Port device team_slave_1 removed
[ 1659.397988][T16498] device team_slave_0 left promiscuous mode
[ 1659.405754][T16498] team0 (unregistering): Port device team_slave_0 removed
[ 1659.440871][T16498] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1659.478989][T16498] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1659.734542][T16498] bond0 (unregistering): Released all slaves
[ 1659.806916][T32116] device syzkaller0 entered promiscuous mode
[ 1661.654617][T32141] netlink: 61775 bytes leftover after parsing attributes in process `syz.2.9353'.
[ 1661.899994][T32152] netlink: 'syz.1.9352': attribute type 5 has an invalid length.
[ 1662.047225][T32154] netlink: 'syz.2.9356': attribute type 5 has an invalid length.
[ 1662.170077][T31943] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1662.231795][T31943] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1662.284178][T31943] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1662.337127][T31943] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1662.725338][T31943] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1662.744180][T32164] netlink: 'syz.4.9358': attribute type 5 has an invalid length.
[ 1662.782457][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1662.815187][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1662.834427][T12882] Bluetooth: hci4: command 0x0406 tx timeout
[ 1662.958869][T31943] 8021q: adding VLAN 0 to HW filter on device team0
[ 1663.041601][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1663.071006][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1663.142491][T30235] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1663.149780][T30235] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1663.254539][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1663.282761][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1663.305380][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1663.326686][T30235] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1663.333823][T30235] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1663.369962][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1663.391410][T32174] netlink: 'syz.2.9360': attribute type 5 has an invalid length.
[ 1663.414480][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1663.423241][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1663.446925][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1663.485186][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1663.501899][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1663.520919][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1663.565038][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1663.598021][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1663.653260][T31943] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1663.703832][T31943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1663.748389][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1663.766306][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1664.056792][T32187] netlink: 'syz.0.9364': attribute type 5 has an invalid length.
[ 1664.708616][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1664.719700][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1664.756552][T31943] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1664.828488][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1664.848459][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1664.907098][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1664.945093][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1664.979397][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1664.998163][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1665.040061][T31943] device veth0_vlan entered promiscuous mode
[ 1665.095470][T31943] device veth1_vlan entered promiscuous mode
[ 1665.141983][T32208] netlink: 61775 bytes leftover after parsing attributes in process `syz.1.9367'.
[ 1665.216513][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1665.225874][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1665.275144][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1665.309039][T16498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1665.435130][T31943] device veth0_macvtap entered promiscuous mode
[ 1665.466371][T32212] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.9368'.
[ 1665.489306][T32214] netlink: 'syz.0.9370': attribute type 5 has an invalid length.
[ 1665.519137][T31943] device veth1_macvtap entered promiscuous mode
[ 1665.603809][T31943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1665.670105][T31943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1665.734369][T31943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1665.795917][T31943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1665.864385][T31943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1665.924377][T31943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1665.955113][T31943] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1666.019695][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1666.044929][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1666.081742][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1666.131392][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1666.193290][T31943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1666.243060][T31943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1666.292785][T31943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1666.322978][T31943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1666.350720][T31943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1666.378616][T31943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1666.392625][T31943] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1666.429412][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1666.449241][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1666.471068][T31943] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1666.516354][T31943] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1666.554558][T31943] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1666.593783][T31943] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1666.812957][T32254] netlink: 'syz.1.9380': attribute type 5 has an invalid length.
[ 1666.881512][T32257] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.9381'.
[ 1666.891050][T30215] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1666.891069][T30215] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1666.942510][T30215] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1666.984417][T32250] netlink: 'syz.4.9379': attribute type 5 has an invalid length.
[ 1667.013202][T30235] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1667.025263][T30235] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1667.109208][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1667.399455][T32261] netlink: 'syz.2.9382': attribute type 5 has an invalid length.
[ 1667.545076][T32270] netlink: 'syz.0.9384': attribute type 5 has an invalid length.
[ 1668.983905][T32305] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.9393'.
[ 1669.326836][T32319] netlink: 'syz.1.9398': attribute type 5 has an invalid length.
[ 1669.579051][T12882] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1669.589279][T12882] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1669.603845][T12882] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1669.624843][T12882] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1669.632414][T12882] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1669.639843][T12882] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1669.913163][T32322] netlink: 'syz.3.9397': attribute type 5 has an invalid length.
[ 1670.105752][T30235] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1670.212049][T32321] netlink: 'syz.2.9399': attribute type 5 has an invalid length.
[ 1670.287606][T32334] netlink: 'syz.1.9410': attribute type 5 has an invalid length.
[ 1670.437744][T30235] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1670.601908][T30235] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1670.733561][T30235] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1671.147770][T32323] chnl_net:caif_netlink_parms(): no params data found
[ 1671.177193][T32363] netlink: 'syz.3.9404': attribute type 5 has an invalid length.
[ 1671.693226][T32323] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1671.715438][ T4289] Bluetooth: hci5: command 0x0409 tx timeout
[ 1671.754704][T32323] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1671.763561][T32323] device bridge_slave_0 entered promiscuous mode
[ 1671.797245][T32323] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1671.809903][T32323] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1671.831205][T32323] device bridge_slave_1 entered promiscuous mode
[ 1672.014892][T32323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1672.080475][T32323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1672.712184][T32390] netlink: 'syz.3.9414': attribute type 5 has an invalid length.
[ 1672.802214][T32323] team0: Port device team_slave_0 added
[ 1672.829667][T32391] netlink: 'syz.1.9412': attribute type 5 has an invalid length.
[ 1672.922258][T32323] team0: Port device team_slave_1 added
[ 1673.022619][T32323] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1673.044440][T32323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1673.124824][T32323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1673.223994][T32323] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1673.244157][T32323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1673.349379][T32323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1673.535004][T32425] FAULT_INJECTION: forcing a failure.
[ 1673.535004][T32425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1673.580567][T32425] CPU: 1 PID: 32425 Comm: syz.3.9425 Not tainted syzkaller #0
[ 1673.588189][T32425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1673.598276][T32425] Call Trace:
[ 1673.601576][T32425]  <TASK>
[ 1673.604531][T32425]  dump_stack_lvl+0x188/0x24e
[ 1673.609252][T32425]  ? show_regs_print_info+0x12/0x12
[ 1673.614490][T32425]  ? load_image+0x400/0x400
[ 1673.619091][T32425]  ? __lock_acquire+0x7d10/0x7d10
[ 1673.624171][T32425]  should_fail_ex+0x399/0x4d0
[ 1673.628882][T32425]  fpu__restore_sig+0x258/0x1290
[ 1673.633859][T32425]  ? copy_fpstate_to_sigframe+0xd50/0xd50
[ 1673.639625][T32425]  ? __might_fault+0xc2/0x120
[ 1673.644329][T32425]  ? __might_fault+0xa6/0x120
[ 1673.649059][T32425]  __ia32_sys_rt_sigreturn+0x5e4/0x760
[ 1673.654561][T32425]  ? load_gs_index+0x130/0x130
[ 1673.659386][T32425]  ? lock_chain_count+0x20/0x20
[ 1673.664270][T32425]  ? exit_to_user_mode_loop+0xdc/0x110
[ 1673.669776][T32425]  ? lockdep_hardirqs_on+0x94/0x140
[ 1673.675012][T32425]  do_syscall_64+0x4c/0xa0
[ 1673.679467][T32425]  ? clear_bhb_loop+0x60/0xb0
[ 1673.684178][T32425]  ? clear_bhb_loop+0x60/0xb0
[ 1673.688891][T32425]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1673.694815][T32425] RIP: 0033:0x7f6f7f19ce59
[ 1673.699257][T32425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1673.718901][T32425] RSP: 002b:00007f6f800e9028 EFLAGS: 00000246
[ 1673.725009][T32425] RAX: ffffffffffffffb3 RBX: 00007f6f7f415fa0 RCX: 00007f6f7f19ce59
[ 1673.733023][T32425] RDX: 0000000000000010 RSI: 0000200000000300 RDI: 000000000000000f
[ 1673.741029][T32425] RBP: 00007f6f800e9090 R08: 0000000000000000 R09: 0000000000000000
[ 1673.749034][T32425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1673.757031][T32425] R13: 00007f6f7f416038 R14: 00007f6f7f415fa0 R15: 00007ffcc69d7f28
[ 1673.765055][T32425]  </TASK>
[ 1673.794473][ T4289] Bluetooth: hci5: command 0x041b tx timeout
[ 1673.847633][T32323] device hsr_slave_0 entered promiscuous mode
[ 1673.865204][T32323] device hsr_slave_1 entered promiscuous mode
[ 1674.381584][T32430] netlink: 'syz.1.9424': attribute type 5 has an invalid length.
[ 1674.451865][T32423] netlink: 'syz.2.9423': attribute type 5 has an invalid length.
[ 1674.533003][T32438] netlink: 'syz.4.9427': attribute type 5 has an invalid length.
[ 1675.162940][ T4289] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1675.590058][T30235] device hsr_slave_0 left promiscuous mode
[ 1675.627085][T30235] device hsr_slave_1 left promiscuous mode
[ 1675.675963][T30235] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1675.732835][T30235] device bridge_slave_0 left promiscuous mode
[ 1675.749704][T30235] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1675.844038][T30235] device veth0_macvtap left promiscuous mode
[ 1675.851883][T30235] device veth1_vlan left promiscuous mode
[ 1675.874617][ T4289] Bluetooth: hci5: command 0x040f tx timeout
[ 1675.892865][T30235] device veth0_vlan left promiscuous mode
[ 1676.223924][T30235] team0 (unregistering): Port device geneve1 removed
[ 1676.685925][T30235] team0 (unregistering): Port device team_slave_1 removed
[ 1676.722662][T30235] team0 (unregistering): Port device team_slave_0 removed
[ 1676.760867][T30235] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1676.799230][T30235] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1677.029569][T30235] bond0 (unregistering): Released all slaves
[ 1677.386907][T32482] FAULT_INJECTION: forcing a failure.
[ 1677.386907][T32482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1677.482775][T32482] CPU: 0 PID: 32482 Comm: syz.4.9436 Not tainted syzkaller #0
[ 1677.490373][T32482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1677.500469][T32482] Call Trace:
[ 1677.503776][T32482]  <TASK>
[ 1677.506732][T32482]  dump_stack_lvl+0x188/0x24e
[ 1677.511458][T32482]  ? show_regs_print_info+0x12/0x12
[ 1677.516699][T32482]  ? load_image+0x400/0x400
[ 1677.521248][T32482]  ? __lock_acquire+0x7d10/0x7d10
[ 1677.526315][T32482]  should_fail_ex+0x399/0x4d0
[ 1677.531027][T32482]  fpu__restore_sig+0x258/0x1290
[ 1677.536004][T32482]  ? copy_fpstate_to_sigframe+0xd50/0xd50
[ 1677.541769][T32482]  ? __might_fault+0xc2/0x120
[ 1677.546476][T32482]  ? __might_fault+0xa6/0x120
[ 1677.551197][T32482]  __ia32_sys_rt_sigreturn+0x5e4/0x760
[ 1677.556726][T32482]  ? load_gs_index+0x130/0x130
[ 1677.561643][T32482]  ? lock_chain_count+0x20/0x20
[ 1677.566535][T32482]  ? lockdep_hardirqs_on+0x94/0x140
[ 1677.571791][T32482]  do_syscall_64+0x4c/0xa0
[ 1677.576255][T32482]  ? clear_bhb_loop+0x60/0xb0
[ 1677.580991][T32482]  ? clear_bhb_loop+0x60/0xb0
[ 1677.585741][T32482]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1677.591677][T32482] RIP: 0033:0x7fc30d99ce59
[ 1677.596134][T32482] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1677.615800][T32482] RSP: 002b:00007fc30e901028 EFLAGS: 00000246
[ 1677.621897][T32482] RAX: ffffffffffffffea RBX: 00007fc30dc15fa0 RCX: 00007fc30d99ce59
[ 1677.629897][T32482] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000001c
[ 1677.637892][T32482] RBP: 00007fc30e901090 R08: 0000000000000000 R09: 0000000000000000
[ 1677.645892][T32482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1677.653901][T32482] R13: 00007fc30dc16038 R14: 00007fc30dc15fa0 R15: 00007ffe867237a8
[ 1677.661920][T32482]  </TASK>
[ 1677.804171][T32489] netlink: 'syz.3.9439': attribute type 5 has an invalid length.
[ 1677.897194][T32323] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1677.930179][T32323] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1677.954529][ T4289] Bluetooth: hci5: command 0x0419 tx timeout
[ 1677.963538][T32323] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1678.054824][T32323] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1678.384734][T32323] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1678.414892][T32323] 8021q: adding VLAN 0 to HW filter on device team0
[ 1678.427548][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1678.443711][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1678.494246][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1678.520264][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1678.537990][T30210] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1678.545166][T30210] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1678.644881][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1678.689773][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1678.699439][T32514] FAULT_INJECTION: forcing a failure.
[ 1678.699439][T32514] name failslab, interval 1, probability 0, space 0, times 0
[ 1678.730442][T30210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1678.737610][T30210] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1678.767974][T32514] CPU: 1 PID: 32514 Comm: syz.4.9444 Not tainted syzkaller #0
[ 1678.775478][T32514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1678.785558][T32514] Call Trace:
[ 1678.788857][T32514]  <TASK>
[ 1678.791804][T32514]  dump_stack_lvl+0x188/0x24e
[ 1678.796527][T32514]  ? show_regs_print_info+0x12/0x12
[ 1678.801774][T32514]  ? load_image+0x400/0x400
[ 1678.806310][T32514]  ? __might_sleep+0xd0/0xd0
[ 1678.810923][T32514]  ? __lock_acquire+0x7d10/0x7d10
[ 1678.815988][T32514]  should_fail_ex+0x399/0x4d0
[ 1678.820689][T32514]  should_failslab+0x5/0x20
[ 1678.825216][T32514]  slab_pre_alloc_hook+0x59/0x310
[ 1678.830266][T32514]  ? sock_kmalloc+0x92/0xf0
[ 1678.834795][T32514]  __kmem_cache_alloc_node+0x4f/0x260
[ 1678.840188][T32514]  ? sock_kmalloc+0x92/0xf0
[ 1678.844717][T32514]  __kmalloc+0xa0/0x240
[ 1678.848900][T32514]  sock_kmalloc+0x92/0xf0
[ 1678.853254][T32514]  ____sys_sendmsg+0x1bb/0x970
[ 1678.858053][T32514]  ? __sys_sendmsg_sock+0x30/0x30
[ 1678.863104][T32514]  ? __import_iovec+0x315/0x500
[ 1678.867977][T32514]  ? import_iovec+0x6f/0xa0
[ 1678.872506][T32514]  ___sys_sendmsg+0x2a2/0x360
[ 1678.877209][T32514]  ? __sys_sendmsg+0x290/0x290
[ 1678.882030][T32514]  ? __lock_acquire+0x7d10/0x7d10
[ 1678.887098][T32514]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1678.892018][T32514]  ? __x64_sys_sendmsg+0x80/0x80
[ 1678.897007][T32514]  ? lockdep_hardirqs_on+0x94/0x140
[ 1678.902232][T32514]  do_syscall_64+0x4c/0xa0
[ 1678.906670][T32514]  ? clear_bhb_loop+0x60/0xb0
[ 1678.911371][T32514]  ? clear_bhb_loop+0x60/0xb0
[ 1678.916079][T32514]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1678.921994][T32514] RIP: 0033:0x7fc30d99ce59
[ 1678.926437][T32514] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1678.946059][T32514] RSP: 002b:00007fc30e901028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1678.954498][T32514] RAX: ffffffffffffffda RBX: 00007fc30dc15fa0 RCX: 00007fc30d99ce59
[ 1678.962495][T32514] RDX: 0000000000000000 RSI: 0000200000001640 RDI: 0000000000000003
[ 1678.970487][T32514] RBP: 00007fc30e901090 R08: 0000000000000000 R09: 0000000000000000
[ 1678.978477][T32514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1678.986480][T32514] R13: 00007fc30dc16038 R14: 00007fc30dc15fa0 R15: 00007ffe867237a8
[ 1678.994492][T32514]  </TASK>
[ 1679.029361][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1679.059984][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1679.131376][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1679.224060][T32504] netlink: 'syz.3.9441': attribute type 5 has an invalid length.
[ 1679.279800][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1679.301395][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1679.323671][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1679.346486][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1679.374069][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1679.394742][T32528] netlink: 'syz.4.9447': attribute type 2 has an invalid length.
[ 1679.420991][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1679.443994][T32528] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.9447'.
[ 1679.467349][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1679.509169][T30216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1679.530712][T30216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1679.554564][T32323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1679.872906][T32540] netlink: 'syz.1.9451': attribute type 5 has an invalid length.
[ 1680.303273][T32548] FAULT_INJECTION: forcing a failure.
[ 1680.303273][T32548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1680.429180][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1680.441770][T32548] CPU: 0 PID: 32548 Comm: syz.2.9452 Not tainted syzkaller #0
[ 1680.449281][T32548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1680.459360][T32548] Call Trace:
[ 1680.462658][T32548]  <TASK>
[ 1680.465610][T32548]  dump_stack_lvl+0x188/0x24e
[ 1680.470334][T32548]  ? show_regs_print_info+0x12/0x12
[ 1680.475566][T32548]  ? load_image+0x400/0x400
[ 1680.480104][T32548]  ? __lock_acquire+0x7d10/0x7d10
[ 1680.485173][T32548]  ? unix_ioctl+0x25d/0x660
[ 1680.489706][T32548]  should_fail_ex+0x399/0x4d0
[ 1680.494413][T32548]  _copy_from_user+0x2c/0x170
[ 1680.499227][T32548]  sock_do_ioctl+0x18c/0x320
[ 1680.503851][T32548]  ? sock_show_fdinfo+0xb0/0xb0
[ 1680.508742][T32548]  sock_ioctl+0x4d2/0x710
[ 1680.513105][T32548]  ? sock_poll+0x410/0x410
[ 1680.517550][T32548]  ? bpf_lsm_file_ioctl+0x5/0x10
[ 1680.522521][T32548]  ? security_file_ioctl+0x7c/0xa0
[ 1680.525266][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1680.527645][T32548]  ? sock_poll+0x410/0x410
[ 1680.539369][T32548]  __se_sys_ioctl+0xfa/0x170
[ 1680.543989][T32548]  do_syscall_64+0x4c/0xa0
[ 1680.548423][T32548]  ? clear_bhb_loop+0x60/0xb0
[ 1680.553111][T32548]  ? clear_bhb_loop+0x60/0xb0
[ 1680.557815][T32548]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1680.563732][T32548] RIP: 0033:0x7f17c379ce59
[ 1680.568155][T32548] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1680.587768][T32548] RSP: 002b:00007f17c465b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1680.596199][T32548] RAX: ffffffffffffffda RBX: 00007f17c3a15fa0 RCX: 00007f17c379ce59
[ 1680.604195][T32548] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000000d
[ 1680.612177][T32548] RBP: 00007f17c465b090 R08: 0000000000000000 R09: 0000000000000000
[ 1680.620165][T32548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1680.628151][T32548] R13: 00007f17c3a16038 R14: 00007f17c3a15fa0 R15: 00007ffe7f01f578
[ 1680.636143][T32548]  </TASK>
[ 1680.677918][T32323] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1680.730854][T30212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1680.748713][T30212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1680.790503][T32558] FAULT_INJECTION: forcing a failure.
[ 1680.790503][T32558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1680.804278][T30212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1680.813980][T30212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1680.829971][T32323] device veth0_vlan entered promiscuous mode
[ 1680.868035][T32558] CPU: 0 PID: 32558 Comm: syz.1.9456 Not tainted syzkaller #0
[ 1680.875549][T32558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1680.885630][T32558] Call Trace:
[ 1680.888939][T32558]  <TASK>
[ 1680.891900][T32558]  dump_stack_lvl+0x188/0x24e
[ 1680.896637][T32558]  ? show_regs_print_info+0x12/0x12
[ 1680.901875][T32558]  ? load_image+0x400/0x400
[ 1680.906421][T32558]  ? __lock_acquire+0x7d10/0x7d10
[ 1680.911491][T32558]  should_fail_ex+0x399/0x4d0
[ 1680.916204][T32558]  _copy_from_iter+0x1c0/0x1130
[ 1680.921086][T32558]  ? __lock_acquire+0x7d10/0x7d10
[ 1680.926168][T32558]  ? sock_alloc_send_pskb+0x89d/0x9a0
[ 1680.931593][T32558]  ? copyout_mc+0x110/0x110
[ 1680.936138][T32558]  ? __virt_addr_valid+0x188/0x540
[ 1680.941276][T32558]  ? __virt_addr_valid+0x188/0x540
[ 1680.946429][T32558]  ? __virt_addr_valid+0x465/0x540
[ 1680.951575][T32558]  ? __check_object_size+0x500/0xa40
[ 1680.956880][T32558]  skb_copy_datagram_from_iter+0xef/0x690
[ 1680.962620][T32558]  ? skb_put+0x117/0x210
[ 1680.966874][T32558]  tun_get_user+0xb81/0x3c70
[ 1680.971492][T32558]  ? rcu_read_unlock+0xa0/0xa0
[ 1680.976279][T32558]  ? tun_get+0x1c/0x2e0
[ 1680.980457][T32558]  ? __lock_acquire+0x7d10/0x7d10
[ 1680.985501][T32558]  ? tun_get+0x1c/0x2e0
[ 1680.989698][T32558]  tun_chr_write_iter+0x112/0x1f0
[ 1680.994749][T32558]  vfs_write+0x4b1/0xa30
[ 1680.999019][T32558]  ? file_end_write+0x250/0x250
[ 1681.003888][T32558]  ? __fget_files+0x43d/0x4b0
[ 1681.008588][T32558]  ? __fdget_pos+0x1d4/0x360
[ 1681.013195][T32558]  ? ksys_write+0x71/0x250
[ 1681.017634][T32558]  ksys_write+0x14c/0x250
[ 1681.021982][T32558]  ? __ia32_sys_read+0x80/0x80
[ 1681.026768][T32558]  ? lockdep_hardirqs_on+0x94/0x140
[ 1681.031979][T32558]  do_syscall_64+0x4c/0xa0
[ 1681.036410][T32558]  ? clear_bhb_loop+0x60/0xb0
[ 1681.041105][T32558]  ? clear_bhb_loop+0x60/0xb0
[ 1681.045795][T32558]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1681.051699][T32558] RIP: 0033:0x7ff213b9ce59
[ 1681.056122][T32558] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1681.075741][T32558] RSP: 002b:00007ff214a07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1681.084165][T32558] RAX: ffffffffffffffda RBX: 00007ff213e16180 RCX: 00007ff213b9ce59
[ 1681.092151][T32558] RDX: 0000000000000012 RSI: 0000200000000240 RDI: 0000000000000007
[ 1681.100140][T32558] RBP: 00007ff214a07090 R08: 0000000000000000 R09: 0000000000000000
[ 1681.108126][T32558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1681.116108][T32558] R13: 00007ff213e16218 R14: 00007ff213e16180 R15: 00007ffcca0f3fc8
[ 1681.124096][T32558]  </TASK>
[ 1681.154029][T30212] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1681.176847][T30212] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1681.221486][T32323] device veth1_vlan entered promiscuous mode
[ 1681.236883][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1681.243202][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1681.444604][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1681.480057][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1681.531529][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1681.545335][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1681.584807][T32323] device veth0_macvtap entered promiscuous mode
[ 1681.621607][T32323] device veth1_macvtap entered promiscuous mode
[ 1681.654995][T32323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1681.686075][T32323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1681.704586][T32323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1681.734404][T32323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1681.754356][T32323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1681.767205][T32323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1681.780158][T32323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1681.790874][T32323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1681.808466][T32323] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1681.816152][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1681.833772][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1681.843257][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1681.857936][T30210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1681.872075][T32323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1681.895413][T32323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1681.928315][T32323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1681.940341][T32323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1681.959021][T32323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1681.970722][T32323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1681.986819][T32323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1681.999746][T32323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1682.020119][T32323] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1682.032272][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1682.047837][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1682.062325][T32323] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1682.072022][T32323] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1682.085957][T32323] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1682.098028][T32323] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1682.213336][T30235] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1682.246860][T30235] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1682.282580][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1682.303186][T30210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1682.319333][T30210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1682.327741][T30235] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1682.531281][T32585] FAULT_INJECTION: forcing a failure.
[ 1682.531281][T32585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1682.612405][T32585] CPU: 1 PID: 32585 Comm: syz.1.9463 Not tainted syzkaller #0
[ 1682.619934][T32585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1682.630011][T32585] Call Trace:
[ 1682.633314][T32585]  <TASK>
[ 1682.636262][T32585]  dump_stack_lvl+0x188/0x24e
[ 1682.640966][T32585]  ? show_regs_print_info+0x12/0x12
[ 1682.646197][T32585]  ? load_image+0x400/0x400
[ 1682.650733][T32585]  ? __lock_acquire+0x7d10/0x7d10
[ 1682.655806][T32585]  should_fail_ex+0x399/0x4d0
[ 1682.660512][T32585]  _copy_from_user+0x2c/0x170
[ 1682.665217][T32585]  dev_ethtool+0xc2/0x12f0
[ 1682.669675][T32585]  ? ethtool_get_module_eeprom_call+0x170/0x170
[ 1682.675948][T32585]  ? __lock_acquire+0x7d10/0x7d10
[ 1682.680994][T32585]  ? full_name_hash+0x8e/0xe0
[ 1682.685689][T32585]  ? dev_load+0x1d/0x1e0
[ 1682.689997][T32585]  ? dev_load+0x1d/0x1e0
[ 1682.694271][T32585]  dev_ioctl+0x474/0xe80
[ 1682.698551][T32585]  sock_do_ioctl+0x245/0x320
[ 1682.703175][T32585]  ? sock_show_fdinfo+0xb0/0xb0
[ 1682.708065][T32585]  sock_ioctl+0x4d2/0x710
[ 1682.712433][T32585]  ? sock_poll+0x410/0x410
[ 1682.716885][T32585]  ? bpf_lsm_file_ioctl+0x5/0x10
[ 1682.721844][T32585]  ? security_file_ioctl+0x7c/0xa0
[ 1682.726981][T32585]  ? sock_poll+0x410/0x410
[ 1682.731427][T32585]  __se_sys_ioctl+0xfa/0x170
[ 1682.736059][T32585]  do_syscall_64+0x4c/0xa0
[ 1682.740506][T32585]  ? clear_bhb_loop+0x60/0xb0
[ 1682.745213][T32585]  ? clear_bhb_loop+0x60/0xb0
[ 1682.749926][T32585]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1682.755857][T32585] RIP: 0033:0x7ff213b9ce59
[ 1682.760290][T32585] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1682.779920][T32585] RSP: 002b:00007ff214a49028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1682.788349][T32585] RAX: ffffffffffffffda RBX: 00007ff213e15fa0 RCX: 00007ff213b9ce59
[ 1682.796342][T32585] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000000d
[ 1682.804336][T32585] RBP: 00007ff214a49090 R08: 0000000000000000 R09: 0000000000000000
[ 1682.812326][T32585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1682.820332][T32585] R13: 00007ff213e16038 R14: 00007ff213e15fa0 R15: 00007ffcca0f3fc8
[ 1682.828335][T32585]  </TASK>
[ 1683.077161][T32591] netlink: 'syz.0.9465': attribute type 5 has an invalid length.
[ 1683.143904][T32579] netlink: 'syz.4.9460': attribute type 5 has an invalid length.
[ 1684.423390][T32628] netlink: 830 bytes leftover after parsing attributes in process `syz.4.9479'.
[ 1684.518881][T32631] netlink: 'syz.0.9482': attribute type 5 has an invalid length.
[ 1684.627768][T32633] FAULT_INJECTION: forcing a failure.
[ 1684.627768][T32633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1684.689882][T32633] CPU: 1 PID: 32633 Comm: syz.2.9481 Not tainted syzkaller #0
[ 1684.697429][T32633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1684.707523][T32633] Call Trace:
[ 1684.710839][T32633]  <TASK>
[ 1684.713808][T32633]  dump_stack_lvl+0x188/0x24e
[ 1684.718548][T32633]  ? show_regs_print_info+0x12/0x12
[ 1684.723799][T32633]  ? load_image+0x400/0x400
[ 1684.728372][T32633]  ? __lock_acquire+0x7d10/0x7d10
[ 1684.733455][T32633]  should_fail_ex+0x399/0x4d0
[ 1684.738182][T32633]  _copy_from_user+0x2c/0x170
[ 1684.742925][T32633]  iovec_from_user+0x143/0x360
[ 1684.743061][T32636] ==================================================================
[ 1684.747735][T32633]  __import_iovec+0x6d/0x500
[ 1684.755776][T32636] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6c9/0x920
[ 1684.760429][T32633]  import_iovec+0x6f/0xa0
[ 1684.768162][T32636] Write of size 72 at addr ffff888059ffab10 by task syz.3.9483/32636
[ 1684.772511][T32633]  ___sys_sendmsg+0x252/0x360
[ 1684.780540][T32636] 
[ 1684.787626][T32633]  ? __sys_sendmsg+0x290/0x290
[ 1684.792452][T32633]  ? __lock_acquire+0x7d10/0x7d10
[ 1684.797543][T32633]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1684.802431][T32633]  ? __x64_sys_sendmsg+0x80/0x80
[ 1684.807431][T32633]  ? lockdep_hardirqs_on+0x94/0x140
[ 1684.812659][T32633]  do_syscall_64+0x4c/0xa0
[ 1684.817100][T32633]  ? clear_bhb_loop+0x60/0xb0
[ 1684.821801][T32633]  ? clear_bhb_loop+0x60/0xb0
[ 1684.826508][T32633]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1684.832424][T32633] RIP: 0033:0x7f17c379ce59
[ 1684.836859][T32633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1684.856487][T32633] RSP: 002b:00007f17c465b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1684.864963][T32633] RAX: ffffffffffffffda RBX: 00007f17c3a15fa0 RCX: 00007f17c379ce59
[ 1684.872968][T32633] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[ 1684.880974][T32633] RBP: 00007f17c465b090 R08: 0000000000000000 R09: 0000000000000000
[ 1684.888987][T32633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1684.897002][T32633] R13: 00007f17c3a16038 R14: 00007f17c3a15fa0 R15: 00007ffe7f01f578
[ 1684.905034][T32633]  </TASK>
[ 1684.908080][T32636] CPU: 0 PID: 32636 Comm: syz.3.9483 Not tainted syzkaller #0
[ 1684.915572][T32636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1684.925653][T32636] Call Trace:
[ 1684.928951][T32636]  <TASK>
[ 1684.931914][T32636]  dump_stack_lvl+0x188/0x24e
[ 1684.936643][T32636]  ? __lock_acquire+0x7d10/0x7d10
[ 1684.941687][T32636]  ? show_regs_print_info+0x12/0x12
[ 1684.946906][T32636]  ? load_image+0x400/0x400
[ 1684.951433][T32636]  ? __virt_addr_valid+0x465/0x540
[ 1684.956566][T32636]  ? __bpf_get_stackid+0x6c9/0x920
[ 1684.961691][T32636]  print_report+0xa8/0x210
[ 1684.966121][T32636]  kasan_report+0x10b/0x140
[ 1684.970644][T32636]  ? __bpf_get_stackid+0x6c9/0x920
[ 1684.975773][T32636]  kasan_check_range+0x235/0x290
[ 1684.980734][T32636]  ? __bpf_get_stackid+0x6c9/0x920
[ 1684.985861][T32636]  memcpy+0x3c/0x60
[ 1684.989681][T32636]  __bpf_get_stackid+0x6c9/0x920
[ 1684.994644][T32636]  bpf_get_stackid_pe+0x33f/0x400
[ 1684.999721][T32636]  bpf_prog_ceda4e53fcf21ae1+0x28/0x40
[ 1685.005189][T32636]  bpf_overflow_handler+0x6e8/0x7c0
[ 1685.010411][T32636]  ? bpf_overflow_handler+0xd9/0x7c0
[ 1685.015710][T32636]  ? perf_swevent_overflow+0x230/0x230
[ 1685.021186][T32636]  ? ct_irq_exit_irqson+0x113/0x170
[ 1685.026397][T32636]  ? perf_trace_lock+0xf8/0x390
[ 1685.031262][T32636]  ? __perf_event_account_interrupt+0x187/0x280
[ 1685.037519][T32636]  __perf_event_overflow+0x448/0x610
[ 1685.042826][T32636]  perf_swevent_event+0x315/0x570
[ 1685.047866][T32636]  ? perf_tp_event+0xc30/0xc30
[ 1685.052646][T32636]  ? is_bpf_text_address+0x22/0x2a0
[ 1685.057861][T32636]  ___perf_sw_event+0x49e/0x6e0
[ 1685.062727][T32636]  ? preempt_count_add+0x8d/0x190
[ 1685.067760][T32636]  ? ___perf_sw_event+0x180/0x6e0
[ 1685.072803][T32636]  ? perf_swevent_put_recursion_context+0xb0/0xb0
[ 1685.079232][T32636]  ? __lock_acquire+0x13cf/0x7d10
[ 1685.084290][T32636]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1685.090289][T32636]  ? lock_chain_count+0x20/0x20
[ 1685.095161][T32636]  __perf_sw_event+0x135/0x260
[ 1685.099951][T32636]  do_user_addr_fault+0xaea/0xb10
[ 1685.104994][T32636]  ? trace_hardirqs_off_finish+0x86/0x180
[ 1685.110731][T32636]  exc_page_fault+0x60/0x100
[ 1685.115340][T32636]  ? __might_fault+0xa6/0x120
[ 1685.120030][T32636]  asm_exc_page_fault+0x22/0x30
[ 1685.124889][T32636] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[ 1685.131500][T32636] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[ 1685.151114][T32636] RSP: 0018:ffffc900039cf958 EFLAGS: 00050206
[ 1685.157196][T32636] RAX: ffffffff840f3a01 RBX: ffffc90003d89000 RCX: 0000000000031fe0
[ 1685.165174][T32636] RDX: 0000000000033fe0 RSI: 0000200000002000 RDI: ffffc90003d8b000
[ 1685.173153][T32636] RBP: ffffc900039cfa90 R08: ffffc90003dbcfdf R09: 1ffff920007b79fb
[ 1685.181130][T32636] R10: dffffc0000000000 R11: fffff520007b79fc R12: 1ffff92000739f83
[ 1685.189110][T32636] R13: 0000200000000000 R14: 0000000000033fe0 R15: 00007ffffffcb020
[ 1685.197097][T32636]  ? _copy_from_iter+0x1f1/0x1130
[ 1685.202133][T32636]  _copy_from_iter+0x2a9/0x1130
[ 1685.206994][T32636]  ? __lock_acquire+0x7d10/0x7d10
[ 1685.212037][T32636]  ? slab_pre_alloc_hook+0x59/0x310
[ 1685.217250][T32636]  ? copyout_mc+0x110/0x110
[ 1685.221771][T32636]  ? do_raw_spin_unlock+0x11d/0x230
[ 1685.226981][T32636]  ? _raw_spin_unlock+0x24/0x40
[ 1685.231844][T32636]  ? find_vmap_area+0xf8/0x110
[ 1685.236616][T32636]  ? __check_object_size+0x500/0xa40
[ 1685.241921][T32636]  netlink_sendmsg+0x755/0xbd0
[ 1685.246722][T32636]  ? netlink_getsockopt+0x550/0x550
[ 1685.251936][T32636]  ? aa_file_perm+0x3ea/0xf00
[ 1685.256621][T32636]  ? aa_file_perm+0x112/0xf00
[ 1685.261303][T32636]  ? aa_sock_msg_perm+0x94/0x150
[ 1685.266247][T32636]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1685.271543][T32636]  ? security_socket_sendmsg+0x7c/0xa0
[ 1685.277017][T32636]  sock_write_iter+0x2d9/0x3e0
[ 1685.281796][T32636]  ? sock_read_iter+0x3a0/0x3a0
[ 1685.286662][T32636]  ? common_file_perm+0x171/0x1c0
[ 1685.291709][T32636]  vfs_write+0x4b1/0xa30
[ 1685.295977][T32636]  ? file_end_write+0x250/0x250
[ 1685.300845][T32636]  ? __fget_files+0x43d/0x4b0
[ 1685.305540][T32636]  ? __fdget_pos+0x1d4/0x360
[ 1685.310146][T32636]  ? ksys_write+0x71/0x250
[ 1685.314577][T32636]  ksys_write+0x14c/0x250
[ 1685.318931][T32636]  ? __ia32_sys_read+0x80/0x80
[ 1685.323738][T32636]  ? lockdep_hardirqs_on+0x94/0x140
[ 1685.328957][T32636]  do_syscall_64+0x4c/0xa0
[ 1685.333394][T32636]  ? clear_bhb_loop+0x60/0xb0
[ 1685.338093][T32636]  ? clear_bhb_loop+0x60/0xb0
[ 1685.342788][T32636]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1685.348691][T32636] RIP: 0033:0x7f6f7f19ce59
[ 1685.353118][T32636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1685.372737][T32636] RSP: 002b:00007f6f800e9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1685.381156][T32636] RAX: ffffffffffffffda RBX: 00007f6f7f415fa0 RCX: 00007f6f7f19ce59
[ 1685.389138][T32636] RDX: 0000000000033fe0 RSI: 0000200000000000 RDI: 0000000000000006
[ 1685.397123][T32636] RBP: 00007f6f7f232d6f R08: 0000000000000000 R09: 0000000000000000
[ 1685.405099][T32636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1685.413076][T32636] R13: 00007f6f7f416038 R14: 00007f6f7f415fa0 R15: 00007ffcc69d7f28
[ 1685.421073][T32636]  </TASK>
[ 1685.424102][T32636] 
[ 1685.426447][T32636] Allocated by task 32636:
[ 1685.430872][T32636]  kasan_set_track+0x4b/0x70
[ 1685.435488][T32636]  __kasan_kmalloc+0x8e/0xa0
[ 1685.440093][T32636]  __kmalloc_node+0xb0/0x240
[ 1685.444704][T32636]  bpf_map_area_alloc+0x47/0xe0
[ 1685.449569][T32636]  prealloc_elems_and_freelist+0x86/0x1c0
[ 1685.455299][T32636]  stack_map_alloc+0x390/0x520
[ 1685.460078][T32636]  map_create+0x534/0x1000
[ 1685.464508][T32636]  __sys_bpf+0x38b/0x780
[ 1685.468765][T32636]  __x64_sys_bpf+0x78/0x90
[ 1685.473192][T32636]  do_syscall_64+0x4c/0xa0
[ 1685.477622][T32636]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1685.483529][T32636] 
[ 1685.485861][T32636] Last potentially related work creation:
[ 1685.491579][T32636]  kasan_save_stack+0x3a/0x60
[ 1685.496277][T32636]  __kasan_record_aux_stack+0xb2/0xc0
[ 1685.501653][T32636]  call_rcu+0x14f/0x990
[ 1685.505827][T32636]  nf_nat_unregister_fn+0x1ea/0x370
[ 1685.511033][T32636]  ip6table_nat_net_pre_exit+0x68/0x90
[ 1685.516502][T32636]  cleanup_net+0x591/0xba0
[ 1685.520933][T32636]  process_one_work+0x8a2/0x1160
[ 1685.525879][T32636]  worker_thread+0xaa2/0x1270
[ 1685.530566][T32636]  kthread+0x29d/0x330
[ 1685.534637][T32636]  ret_from_fork+0x1f/0x30
[ 1685.539066][T32636] 
[ 1685.541396][T32636] The buggy address belongs to the object at ffff888059ffab00
[ 1685.541396][T32636]  which belongs to the cache kmalloc-cg-64 of size 64
[ 1685.555543][T32636] The buggy address is located 16 bytes inside of
[ 1685.555543][T32636]  64-byte region [ffff888059ffab00, ffff888059ffab40)
[ 1685.568647][T32636] 
[ 1685.570977][T32636] The buggy address belongs to the physical page:
[ 1685.577400][T32636] page:ffffea000167fe80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x59ffa
[ 1685.587555][T32636] memcg:ffff88807cfde601
[ 1685.591796][T32636] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 1685.599350][T32636] raw: 00fff00000000200 ffffea0001666ac0 dead000000000005 ffff888017442780
[ 1685.607943][T32636] raw: 0000000000000000 0000000080200020 00000001ffffffff ffff88807cfde601
[ 1685.616522][T32636] page dumped because: kasan: bad access detected
[ 1685.622937][T32636] page_owner tracks the page as allocated
[ 1685.628652][T32636] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 4274, tgid 4274 (syz-executor), ts 134737131041, free_ts 57351861825
[ 1685.647075][T32636]  post_alloc_hook+0x173/0x1a0
[ 1685.651883][T32636]  get_page_from_freelist+0x1a1e/0x1ab0
[ 1685.657446][T32636]  __alloc_pages+0x1ec/0x4f0
[ 1685.662054][T32636]  alloc_slab_page+0x5d/0x160
[ 1685.666745][T32636]  new_slab+0x87/0x2c0
[ 1685.670824][T32636]  ___slab_alloc+0xbc6/0x1240
[ 1685.675510][T32636]  __kmem_cache_alloc_node+0x1a0/0x260
[ 1685.680974][T32636]  __kmalloc_node+0xa0/0x240
[ 1685.685581][T32636]  kvmalloc_node+0x6c/0x180
[ 1685.690099][T32636]  nf_hook_entries_grow+0x309/0x730
[ 1685.695302][T32636]  __nf_register_net_hook+0x2c9/0x910
[ 1685.700702][T32636]  nf_register_net_hook+0xae/0x190
[ 1685.705822][T32636]  nf_register_net_hooks+0x40/0x1a0
[ 1685.711028][T32636]  nf_defrag_ipv6_enable+0x83/0x110
[ 1685.716241][T32636]  nf_ct_netns_do_get+0x1e4/0x5b0
[ 1685.721272][T32636]  nf_ct_netns_inet_get+0x3b/0x150
[ 1685.726395][T32636] page last free stack trace:
[ 1685.731069][T32636]  free_unref_page_prepare+0x8b4/0x9a0
[ 1685.736543][T32636]  free_unref_page+0x2e/0x3f0
[ 1685.741240][T32636]  free_contig_range+0x9d/0x150
[ 1685.746097][T32636]  destroy_args+0xf0/0xa0a
[ 1685.750550][T32636]  debug_vm_pgtable+0x33c/0x38e
[ 1685.755405][T32636]  do_one_initcall+0x26a/0x840
[ 1685.760180][T32636]  do_initcall_level+0x137/0x1e4
[ 1685.765140][T32636]  do_initcalls+0x4b/0x8a
[ 1685.769483][T32636]  kernel_init_freeable+0x415/0x5be
[ 1685.774693][T32636]  kernel_init+0x19/0x1b0
[ 1685.779033][T32636]  ret_from_fork+0x1f/0x30
[ 1685.783483][T32636] 
[ 1685.785815][T32636] Memory state around the buggy address:
[ 1685.791449][T32636]  ffff888059ffaa00: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[ 1685.799522][T32636]  ffff888059ffaa80: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[ 1685.807587][T32636] >ffff888059ffab00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[ 1685.815679][T32636]                                   ^
[ 1685.821079][T32636]  ffff888059ffab80: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[ 1685.829160][T32636]  ffff888059ffac00: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[ 1685.837240][T32636] ==================================================================
[ 1685.845303][T32636] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1685.852496][T32636] CPU: 0 PID: 32636 Comm: syz.3.9483 Not tainted syzkaller #0
[ 1685.859954][T32636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1685.870019][T32636] Call Trace:
[ 1685.873323][T32636]  <TASK>
[ 1685.876268][T32636]  dump_stack_lvl+0x188/0x24e
[ 1685.880967][T32636]  ? memcpy+0x3c/0x60
[ 1685.884961][T32636]  ? show_regs_print_info+0x12/0x12
[ 1685.890173][T32636]  ? load_image+0x400/0x400
[ 1685.894692][T32636]  panic+0x2e5/0x730
[ 1685.898606][T32636]  ? bpf_jit_dump+0xd0/0xd0
[ 1685.903124][T32636]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1685.909029][T32636]  ? _raw_spin_unlock+0x40/0x40
[ 1685.913894][T32636]  ? print_memory_metadata+0x314/0x400
[ 1685.919367][T32636]  check_panic_on_warn+0x80/0xa0
[ 1685.924317][T32636]  ? __bpf_get_stackid+0x6c9/0x920
[ 1685.929526][T32636]  end_report+0x66/0x110
[ 1685.933783][T32636]  kasan_report+0x118/0x140
[ 1685.938298][T32636]  ? __bpf_get_stackid+0x6c9/0x920
[ 1685.943417][T32636]  kasan_check_range+0x235/0x290
[ 1685.948370][T32636]  ? __bpf_get_stackid+0x6c9/0x920
[ 1685.953492][T32636]  memcpy+0x3c/0x60
[ 1685.957310][T32636]  __bpf_get_stackid+0x6c9/0x920
[ 1685.962264][T32636]  bpf_get_stackid_pe+0x33f/0x400
[ 1685.967304][T32636]  bpf_prog_ceda4e53fcf21ae1+0x28/0x40
[ 1685.972768][T32636]  bpf_overflow_handler+0x6e8/0x7c0
[ 1685.977974][T32636]  ? bpf_overflow_handler+0xd9/0x7c0
[ 1685.983271][T32636]  ? perf_swevent_overflow+0x230/0x230
[ 1685.988762][T32636]  ? ct_irq_exit_irqson+0x113/0x170
[ 1685.993981][T32636]  ? perf_trace_lock+0xf8/0x390
[ 1685.998842][T32636]  ? __perf_event_account_interrupt+0x187/0x280
[ 1686.005107][T32636]  __perf_event_overflow+0x448/0x610
[ 1686.010412][T32636]  perf_swevent_event+0x315/0x570
[ 1686.015452][T32636]  ? perf_tp_event+0xc30/0xc30
[ 1686.020236][T32636]  ? is_bpf_text_address+0x22/0x2a0
[ 1686.025446][T32636]  ___perf_sw_event+0x49e/0x6e0
[ 1686.030311][T32636]  ? preempt_count_add+0x8d/0x190
[ 1686.035346][T32636]  ? ___perf_sw_event+0x180/0x6e0
[ 1686.040382][T32636]  ? perf_swevent_put_recursion_context+0xb0/0xb0
[ 1686.046813][T32636]  ? __lock_acquire+0x13cf/0x7d10
[ 1686.051869][T32636]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1686.057868][T32636]  ? lock_chain_count+0x20/0x20
[ 1686.062730][T32636]  __perf_sw_event+0x135/0x260
[ 1686.067508][T32636]  do_user_addr_fault+0xaea/0xb10
[ 1686.072547][T32636]  ? trace_hardirqs_off_finish+0x86/0x180
[ 1686.078281][T32636]  exc_page_fault+0x60/0x100
[ 1686.082878][T32636]  ? __might_fault+0xa6/0x120
[ 1686.087560][T32636]  asm_exc_page_fault+0x22/0x30
[ 1686.092425][T32636] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[ 1686.099032][T32636] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[ 1686.118651][T32636] RSP: 0018:ffffc900039cf958 EFLAGS: 00050206
[ 1686.124726][T32636] RAX: ffffffff840f3a01 RBX: ffffc90003d89000 RCX: 0000000000031fe0
[ 1686.132703][T32636] RDX: 0000000000033fe0 RSI: 0000200000002000 RDI: ffffc90003d8b000
[ 1686.140677][T32636] RBP: ffffc900039cfa90 R08: ffffc90003dbcfdf R09: 1ffff920007b79fb
[ 1686.148664][T32636] R10: dffffc0000000000 R11: fffff520007b79fc R12: 1ffff92000739f83
[ 1686.156646][T32636] R13: 0000200000000000 R14: 0000000000033fe0 R15: 00007ffffffcb020
[ 1686.164625][T32636]  ? _copy_from_iter+0x1f1/0x1130
[ 1686.169669][T32636]  _copy_from_iter+0x2a9/0x1130
[ 1686.174528][T32636]  ? __lock_acquire+0x7d10/0x7d10
[ 1686.179562][T32636]  ? slab_pre_alloc_hook+0x59/0x310
[ 1686.184766][T32636]  ? copyout_mc+0x110/0x110
[ 1686.189284][T32636]  ? do_raw_spin_unlock+0x11d/0x230
[ 1686.194491][T32636]  ? _raw_spin_unlock+0x24/0x40
[ 1686.199350][T32636]  ? find_vmap_area+0xf8/0x110
[ 1686.204124][T32636]  ? __check_object_size+0x500/0xa40
[ 1686.209418][T32636]  netlink_sendmsg+0x755/0xbd0
[ 1686.214199][T32636]  ? netlink_getsockopt+0x550/0x550
[ 1686.219407][T32636]  ? aa_file_perm+0x3ea/0xf00
[ 1686.224092][T32636]  ? aa_file_perm+0x112/0xf00
[ 1686.228777][T32636]  ? aa_sock_msg_perm+0x94/0x150
[ 1686.233725][T32636]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1686.239022][T32636]  ? security_socket_sendmsg+0x7c/0xa0
[ 1686.244498][T32636]  sock_write_iter+0x2d9/0x3e0
[ 1686.249275][T32636]  ? sock_read_iter+0x3a0/0x3a0
[ 1686.254135][T32636]  ? common_file_perm+0x171/0x1c0
[ 1686.259174][T32636]  vfs_write+0x4b1/0xa30
[ 1686.263440][T32636]  ? file_end_write+0x250/0x250
[ 1686.268310][T32636]  ? __fget_files+0x43d/0x4b0
[ 1686.273029][T32636]  ? __fdget_pos+0x1d4/0x360
[ 1686.277629][T32636]  ? ksys_write+0x71/0x250
[ 1686.282068][T32636]  ksys_write+0x14c/0x250
[ 1686.286417][T32636]  ? __ia32_sys_read+0x80/0x80
[ 1686.291201][T32636]  ? lockdep_hardirqs_on+0x94/0x140
[ 1686.296417][T32636]  do_syscall_64+0x4c/0xa0
[ 1686.300849][T32636]  ? clear_bhb_loop+0x60/0xb0
[ 1686.305542][T32636]  ? clear_bhb_loop+0x60/0xb0
[ 1686.310230][T32636]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1686.316146][T32636] RIP: 0033:0x7f6f7f19ce59
[ 1686.320570][T32636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1686.340178][T32636] RSP: 002b:00007f6f800e9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1686.348599][T32636] RAX: ffffffffffffffda RBX: 00007f6f7f415fa0 RCX: 00007f6f7f19ce59
[ 1686.356576][T32636] RDX: 0000000000033fe0 RSI: 0000200000000000 RDI: 0000000000000006
[ 1686.364552][T32636] RBP: 00007f6f7f232d6f R08: 0000000000000000 R09: 0000000000000000
[ 1686.372525][T32636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1686.380502][T32636] R13: 00007f6f7f416038 R14: 00007f6f7f415fa0 R15: 00007ffcc69d7f28
[ 1686.388510][T32636]  </TASK>
[ 1686.392097][T32636] Kernel Offset: disabled
[ 1686.396427][T32636] Rebooting in 86400 seconds..