last executing test programs:

1m54.917460531s ago: executing program 1 (id=45):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x482, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/uts\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x3, &(0x7f0000000040)=ANY=[], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1a, 0xf, 0xf4, 0x7f, 0x0, 0x8, 0x1508c, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x1}, 0x220, 0x8, 0x406, 0x8, 0x39da01c1, 0xca2, 0x1, 0x0, 0xb3, 0x0, 0x6}, r0, 0xe, r1, 0x8)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_subtree(r6, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5)
write$cgroup_subtree(r7, &(0x7f0000000a00)=ANY=[@ANYBLOB='-cpu'], 0x5)
r8 = openat$cgroup_type(r5, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x9)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

1m41.140150137s ago: executing program 3 (id=202):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x8}, 0x4202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef42100fffee3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x940, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
syz_clone(0xab009500, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="140000"], 0x18, 0x2000c810}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4)

1m35.390544961s ago: executing program 4 (id=235):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="660a00000000004061119800000000001800000000000000000000000000000095000000000000000a25263c53f9b5ef60c967d0e12b9902c3d90c6dee05dda89d5f08f7ea3094bc605319e4c0642414502141155eb7634b4c41dc9baeae8c42e5755853b96bd3bed4c2608f7178e50a42c2e9a452944c737b1dd2c78d0c9c646f6abb46fcafc84f8d1d638ba71dffbfe6ecf61267cf2f5aabf07f139e4662281c88ccde96e468cb324c91"], 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="3504000040000511d25a80648c63940d0324fc60040035400c000200", 0x1c}], 0x1}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe000032"], 0xfe33)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021c080406037c09e8fe55a10a0015400200142603600e122f00160004000400a8000600200005400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ed50c3e7867a9d3026cd0a23394d78c24cbee5de6ccd40dd6e4edef3d93", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x20000000)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xacc}, 0x0, 0xfff, 0xfffffe01, 0x2, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x401, 0xe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xca}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
socket$kcm(0x2, 0x200000000000001, 0x106)
socket$kcm(0x2, 0x3, 0x2)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x20})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))

1m34.990609866s ago: executing program 4 (id=240):
r0 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x1200)

1m25.28208477s ago: executing program 1 (id=45):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x482, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/uts\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x3, &(0x7f0000000040)=ANY=[], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1a, 0xf, 0xf4, 0x7f, 0x0, 0x8, 0x1508c, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x1}, 0x220, 0x8, 0x406, 0x8, 0x39da01c1, 0xca2, 0x1, 0x0, 0xb3, 0x0, 0x6}, r0, 0xe, r1, 0x8)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_subtree(r6, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5)
write$cgroup_subtree(r7, &(0x7f0000000a00)=ANY=[@ANYBLOB='-cpu'], 0x5)
r8 = openat$cgroup_type(r5, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x9)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

1m19.263253061s ago: executing program 3 (id=202):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x8}, 0x4202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef42100fffee3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x940, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
syz_clone(0xab009500, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="140000"], 0x18, 0x2000c810}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4)

1m12.703432s ago: executing program 4 (id=240):
r0 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x1200)

1m5.714131558s ago: executing program 1 (id=45):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x482, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/uts\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x3, &(0x7f0000000040)=ANY=[], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1a, 0xf, 0xf4, 0x7f, 0x0, 0x8, 0x1508c, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x1}, 0x220, 0x8, 0x406, 0x8, 0x39da01c1, 0xca2, 0x1, 0x0, 0xb3, 0x0, 0x6}, r0, 0xe, r1, 0x8)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_subtree(r6, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5)
write$cgroup_subtree(r7, &(0x7f0000000a00)=ANY=[@ANYBLOB='-cpu'], 0x5)
r8 = openat$cgroup_type(r5, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x9)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

1m1.135435902s ago: executing program 3 (id=202):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x8}, 0x4202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef42100fffee3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x940, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
syz_clone(0xab009500, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="140000"], 0x18, 0x2000c810}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4)

51.329769046s ago: executing program 4 (id=240):
r0 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x1200)

45.133176941s ago: executing program 1 (id=45):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x482, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/uts\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x3, &(0x7f0000000040)=ANY=[], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1a, 0xf, 0xf4, 0x7f, 0x0, 0x8, 0x1508c, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x1}, 0x220, 0x8, 0x406, 0x8, 0x39da01c1, 0xca2, 0x1, 0x0, 0xb3, 0x0, 0x6}, r0, 0xe, r1, 0x8)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_subtree(r6, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5)
write$cgroup_subtree(r7, &(0x7f0000000a00)=ANY=[@ANYBLOB='-cpu'], 0x5)
r8 = openat$cgroup_type(r5, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x9)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

44.105660407s ago: executing program 3 (id=202):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x8}, 0x4202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef42100fffee3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x940, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
syz_clone(0xab009500, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="140000"], 0x18, 0x2000c810}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4)

31.772035115s ago: executing program 4 (id=240):
r0 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x1200)

22.769168005s ago: executing program 1 (id=45):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x482, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/uts\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x3, &(0x7f0000000040)=ANY=[], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1a, 0xf, 0xf4, 0x7f, 0x0, 0x8, 0x1508c, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x1}, 0x220, 0x8, 0x406, 0x8, 0x39da01c1, 0xca2, 0x1, 0x0, 0xb3, 0x0, 0x6}, r0, 0xe, r1, 0x8)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_subtree(r6, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5)
write$cgroup_subtree(r7, &(0x7f0000000a00)=ANY=[@ANYBLOB='-cpu'], 0x5)
r8 = openat$cgroup_type(r5, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x9)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

22.0547573s ago: executing program 3 (id=202):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x8}, 0x4202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef42100fffee3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x940, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
syz_clone(0xab009500, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="140000"], 0x18, 0x2000c810}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4)

9.619270791s ago: executing program 4 (id=240):
r0 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x1200)

4.091062375s ago: executing program 0 (id=575):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x4545, 0x443780, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400800000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000200)=ANY=[@ANYRES8=r1, @ANYRES8=r3], 0x12)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@cgroup=r2, 0x36, 0x1, 0x81, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)}, 0x40)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0xe284a, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x7}, 0x100e64, 0xc78, 0x1, 0x0, 0x0, 0x251, 0x9, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)=[@cred={{0x1c}}, @rights={{0x10}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xb8}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002cc0)={&(0x7f00000007c0)=@in6={0xa, 0x4e20, 0x0, @mcast2}, 0x80, 0x0, 0x0, &(0x7f0000000000)}, 0x0)
recvmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)}, 0x40000100)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0300000004000000040000000a0000", @ANYRES32=0x1, @ANYBLOB="0000000000000a00000000000001000000dbb089e01438c8e849ab4639afde57789fa22db913b8062538cc9b2c801bd867c2563fce44429175641acb08c6c5a080d8575daaa43fbbe5e486f15ef3572b1d3c007621219054b7402daaec7029f4e79a342b55017f0038b6c7fbfff5863a42161cb22b8f372bc5209aface651a78fe68e6014ee8d9730bf8e59246a6dd82e07e075ab1ac93148010bda72881d255c520247a025603fa7f391018ec01a07abbf4eb98c184a8ca5390ae6259a1b833ae0278ec499745bfe32b3daa52e488c7a0a1c11e8d8c8649e34172e37547361b155334db15e51ebd1f995d28e03aeb4b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r7, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x4030582b, 0x0)

3.578467091s ago: executing program 2 (id=578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=@base={0xe, 0x4, 0x4, 0x2}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/27}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000400)={r0, 0x0, 0xffffffffffffffff}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x10, &(0x7f0000000000), 0x4)
close(r2)
sendmsg$inet(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x8004)
close(r3)

3.430514998s ago: executing program 2 (id=579):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f00000001c0)=[{0x94, 0x0, 0x0, 0x100000}]})
r1 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}]}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socketpair(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8912, &(0x7f0000000080))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1b00000000000000000000000300000000000000", @ANYRES32=0x1, @ANYBLOB="a23abc54cd64888e5fb7a6307b08b90000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000020000000400"/28], 0x50)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="c00e00007200911fdabcf8b30771a54a07"], 0xfe33)
r5 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, 0xffffffffffffffff)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x98, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x10000000, 0x7fffffff, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xac82bcfebbfdf1e0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[], &(0x7f0000000c00)='GPL\x00'}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="120000002d0000000800000002"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r8, &(0x7f0000000300), 0x0}, 0x20)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x9, 0x10, &(0x7f0000000300)=ANY=[@ANYRESDEC=r7, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca90000000000003509010000000000950000000000000006f1000201000080bf9800000000000056080000000000008500000085000000b7000000000000009500000000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x249}, 0x94)
close(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x3, 0x3, &(0x7f0000000380)=ANY=[@ANYRESHEX], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x64, &(0x7f0000000000), 0x10)
sendmsg$inet(r1, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0x34000}], 0x1}, 0x80d1)

3.343902794s ago: executing program 1 (id=45):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x482, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/uts\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0x3, &(0x7f0000000040)=ANY=[], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1a, 0xf, 0xf4, 0x7f, 0x0, 0x8, 0x1508c, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x1}, 0x220, 0x8, 0x406, 0x8, 0x39da01c1, 0xca2, 0x1, 0x0, 0xb3, 0x0, 0x6}, r0, 0xe, r1, 0x8)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_subtree(r6, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5)
write$cgroup_subtree(r7, &(0x7f0000000a00)=ANY=[@ANYBLOB='-cpu'], 0x5)
r8 = openat$cgroup_type(r5, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_type(r8, &(0x7f0000000080), 0x9)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

2.285866496s ago: executing program 0 (id=580):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000900)="0d907c85a0dbf4baabc5f47f35627eff1ea7457350eb58de55a9bc3513e8741439af3532ad49fcd996503ed60c95f82bbad62a8287de2fe5224b196e353745b133bca0c063db3cb06d2470f8d2a59c7b387a700afe53e1ea3e7eb3401d65e8e7281f652b34fbbb3fc31dfcd88e85df058c3dbfa9f051523ecc68ccef13266765a46630d3a7db718d588e2875ef51a71895c2d3f63248079a7668", 0x9a}], 0x1, &(0x7f0000007880)=[@ip_tos_u8={{0x11, 0x34000}}, @ip_pktinfo={{0x1c, 0xfd000f00, 0x8, {0x0, @loopback, @multicast1}}}, @ip_pktinfo={{0x1c, 0x28fdfff, 0x8, {0x0, @empty=0xa0050000}}}, @ip_retopts={{0x14, 0x0, 0x7, {[@ra={0x94, 0x4}]}}}, @ip_tos_u8={{0x11}}], 0x88}, 0x40894)

2.285253393s ago: executing program 2 (id=581):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0x2, 0x3, &(0x7f0000000040)=[0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x0, 0xa6, &(0x7f00000000c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0xd6, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xc, 0xd, 0x200cc, 0x6, 0x5, 0xffffffffffffffff, 0xfffffffe, '\x00', r0}, 0x50)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x2, 0x0, 0x7fef, 0x282, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0x7, 0x3, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x30004081)
setsockopt$sock_attach_bpf(r2, 0x6, 0x15, &(0x7f0000000500), 0x4)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)='D', &(0x7f0000000240), 0x4b2, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, &(0x7f0000000540)=""/245, &(0x7f0000000640), &(0x7f0000000680), 0x2, r1}, 0x38)

2.143949161s ago: executing program 0 (id=582):
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000), 0xfdef)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8ec, 0xc}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000dc0)=[{0x0}], 0x1}, 0x4810)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu>\t\t')

2.042924322s ago: executing program 2 (id=583):
r0 = socket$kcm(0xa, 0x3, 0x87)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8940, &(0x7f0000000080))
sendmsg$kcm(r1, &(0x7f00000003c0)={&(0x7f0000000100)=@l2={0x1f, 0x800, @any, 0x7, 0x2}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000180)="e14959186f38d644", 0x8}, {&(0x7f00000001c0)="f95ccc435c90008aa927c8595fcb4cb7c3ea6ce1c28be191df2f18e3859d24a14960fc1058d5a3af2d743a324994e6c67f57c90d3f8631e2b4b23dd56130aacb84af4420ee280c06e2802d0de0e8928108d720201d5fd7641cb5ad3499b87c365f8950465d3defa8b21c1402ca9c8d788622b81120ca549a951e4250adf2cd02d95acd3dea25aa20588d66aeb54afc663f04e8cfff47b144bd7c5d6ea158dad176445e2940e7402baf36057dd94f679084574d788c93b15a00aeda984bc98767950f8b19511917", 0xc7}], 0x2, &(0x7f0000000300)=[{0xc0, 0x108, 0x2, "d69bf9f98ac73d6d56c3cd6da5f10018cf5597660dbfe1ab024fa97bcf1ec895a60387f8944ca3c6a75b7360a6aafde874251e2cc33b7e47fed26ab4c72269d7479fe93ad67f4006cc161bf4887513e41c9eeaad7f03f649f9d9b638ec0fcadf2d0bd47deb18391d50de6111bdf46855cdb296f5142a91aeedbb5133ff70c94a7cbdc9645fbb633f7c7e0ad7c457eba046f3f029b7c3cc303b76420b7121b6370d5c20853a99a90856a8c08e4a7322eb"}], 0xc0}, 0x1)
recvmsg(r0, &(0x7f00000004c0)={&(0x7f0000000080)=@xdp, 0x80, 0x0}, 0x40000000)
sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f00000004c0), 0x3e}, 0x0)

1.941298508s ago: executing program 0 (id=584):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x5}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={0x1, &(0x7f0000000440)="3a6107ce05dc35c982bb75d4635674d3ff033048eb0194337b1693f770806ca7f9a6831ea80c501011c0850332bfabfb1b26f27b5f26bd91da76523cd1088335efe5a6d426dc2d159c300517071d5b7d2dfc2c356238eea3c6a89e21ae587c02a5ae427f7dad3b0113d70403e0705f590fcaf38f352bff31679396efcd672f8596998aa92606d907fed83b90f2a6418fd9ac99988a3123eccb9305a7b76d8c1647"}, 0x20)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000000c0), 0x8)
r1 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x9c, 0xb}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), 0x0, 0xfffffffb}, 0x38)
sendmsg$kcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000340)="46c9d3fbf1e51c4d7e56767f55d49565e539a27494b003de22806bb35cf9c88b0a50c8e4a59763769f25fbf7f6981dd04a9bca2ff40574001aac4f05630ab026331c083ab3e4131293227e14106cce884a18f4518c158f04845c4831f61b0d5b650cf332bbff7fd0842f0d6e692f", 0x6e}], 0x1, &(0x7f0000000700)=[{0x80, 0x119, 0x5, "78cf5f61de7661028f35e4fcbc381d304b2cc7a08d2874564f104ced41ad0bc7f4dac0cae16fc6264c9af88a9639cd77407a3b16d0c6dcab5ef2f29c0c86d192da26eda637e8d03cf6a39f832f4277a3d8e2ae7f5ea85cd8a1599030eb71c5b1b14dcfbde2e6219db5d2fcdaecef05"}, {0xf8, 0x115, 0x3, "d8b4007e2a0b89dcfbe16adfd4c010e9c75ed09516b4d5ab6f3897e4bdd3eede1db725b5619b5de752677b871d2545a6ab30a389f1deaae2ddd843070764459f06fc525ecaf47130ba2371898f3ef81f919fd2db71baf1cb2d64e079a8032c48cc56255750abaa70e95b21b66c3b2661b7244dd879163e2fbcf22bb08a4c456a583837916103e9ddbd35fcb55749ffb0e5a872ab4fd69f5763911e69e1851c5483c8fef640a1562dae451699f18162f7d750d8e0291f0af0a060b2205f1e8f2e9d51325e91a61d2ce4ce16ecc3fe69ba98432e3a068b2908b490620eec18d596accb1b3a048e0e"}, {0x48, 0x10f, 0x8, "da49c847a626ad1ec3f9107a682e0721a6c5f975603c8eb9e312257d372bc21741433ba4f5700fb37f6d31302206c24e7604f8"}], 0x1c0}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc851, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, @perf_config_ext={0x8, 0x7f}, 0x4000, 0x0, 0xea0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xc, 0xffffffffffffffff, 0x1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000031294", 0x2e}], 0x1}, 0x0)

1.660147206s ago: executing program 3 (id=202):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x8}, 0x4202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef42100fffee3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x940, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
syz_clone(0xab009500, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="140000"], 0x18, 0x2000c810}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4)

1.657019178s ago: executing program 0 (id=585):
perf_event_open$cgroup(&(0x7f0000000300)={0x24f8686fbf859a8c, 0x80, 0x8, 0x7, 0x8, 0x8, 0x0, 0x21a, 0x80000, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x93ab, 0x100000000}, 0x8000, 0x7, 0x401, 0x5, 0x8000, 0x7, 0x2, 0x0, 0x4}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000abd92de000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1fd, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xf)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="020000fe030000000400000008000000000000002c81cd6503b0ea00d87f747000677bece41e7793b3b191b670bbc928e490e083093395653dcea7add820a56de57c3e4e4affbb0500ca701f9aad078e40365bff991409d4c4444d09698252b5aedc33a6c4b99af1dc61c51f5851d8eeee5b29fb6a9df848045082a854407750d9a1ea0cc74f20791324c21299fea4a00bd4", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x3abe, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)
r2 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r2, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff32, 0x0}, 0xe07e872420dfefca)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10dfe000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f4080003000601000004000200110000", 0x5b}, {&(0x7f0000000680)='\'', 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)

561.862296ms ago: executing program 0 (id=586):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRESHEX, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES8=0x0, @ANYRES32, @ANYBLOB="4000000008000000ff"], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x10, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x8202, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x2, 0x4, 0x7, 0x80, 0x0, 0x1}, 0x50)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r3 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161)
sendmsg$inet(r3, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)}], 0x1, &(0x7f0000007880)=[@ip_tos_u8={{0x11, 0x34000}}, @ip_pktinfo={{0x1c, 0xfd000f00, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x28f0700, 0x8, {0x0, @empty=0xa0050000}}}, @ip_retopts={{0x24, 0x0, 0x7, {[@ra={0x94, 0x4}, @timestamp={0x44, 0x10, 0x88, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x40}}], 0x98}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={&(0x7f0000000140), 0x4}, 0x10c985, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r0}, 0x4)
socket$kcm(0x11, 0x3, 0x300)
socket$kcm(0x10, 0x2, 0x4)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091ef04e9befbbd00005c"], 0xfe33)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], 0x0, 0xb4ba}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r4}, 0x10)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r4, 0x0, 0x180000}, 0x18)
close(r5)

561.027277ms ago: executing program 2 (id=587):
perf_event_open(0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x5}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, 0x0, 0xff0f000000008080)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x891a, &(0x7f0000000180)={r1}) (fail_nth: 8)

0s ago: executing program 2 (id=588):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b66d25a80648c2594f90424fc60", 0x14}], 0x1}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYRESOCT, @ANYBLOB="6974e163f56bcc129d7bd2b4a211f168c9463d479cb689346574ff7ddf41e2612cff2d2214a7886937c3bb31e7ddbeea01a02bffda492639f9502a9fe7d0e7278a53296cb06ac2c0bf79649f47b2bc0f9ad7d1d7e70dc968119bb4d737f07427f9057c5a3cf23339fb43bc2f452e1a91a6b4d98c2011aca1a30b77be596dd5205a3fb5d8c0f9eb9834ec932b94e03356e7abbf2d9591fa8229ce8aa2c43eeeb9cd9d80f5f577d47403be77ca3fe5ed28af2e9ec69aeba2eecd904a4a731e12ccb01df218df68cf44f1c8ab1e3438b200c3c666aab349caa3c5484bea70a61f1986c1f3e7a90d4014f059", @ANYRES64=r0, @ANYRESHEX], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8b20, &(0x7f0000000100)={'wlan1\x00', @random="02ce60cfa1d1"})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x5}, 0x4210, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e21, @loopback}}, 0x80, 0x0, 0x0, 0x0, 0x18}, 0x0)
r3 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r3, &(0x7f0000001700)={&(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10, &(0x7f0000001640)=[{&(0x7f0000000100)="ea", 0x1}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x84, 0x9, &(0x7f0000000000), 0x98)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000240)={r2})
bpf$ITER_CREATE(0x21, &(0x7f00000000c0), 0x8)

kernel console output (not intermixed with test programs):

vsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.607092][ T6905] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.717836][ T1098] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.045456][ T5852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  173.055975][ T5852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  173.066333][ T5852] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  173.076200][ T5852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  173.084667][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  173.122379][ T5857] Bluetooth: hci1: command tx timeout
[  173.146070][ T7106] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.337'.
[  173.680701][ T6999] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  173.731674][ T6999] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  173.757962][ T6999] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  173.772878][ T6999] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  173.797955][ T6905] veth0_vlan: entered promiscuous mode
[  173.814362][ T7118] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.339'.
[  173.887016][ T6905] veth1_vlan: entered promiscuous mode
[  173.986990][ T1098] bridge_slave_1: left allmulticast mode
[  173.993343][ T1098] bridge_slave_1: left promiscuous mode
[  173.999210][ T1098] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.017099][ T1098] bridge_slave_0: left allmulticast mode
[  174.023632][ T1098] bridge_slave_0: left promiscuous mode
[  174.029522][ T1098] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.242768][   T36] wlan1: Trigger new scan to find an IBSS to join
[  174.354387][ T1098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  174.366219][ T1098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  174.376685][ T1098] bond0 (unregistering): Released all slaves
[  174.395091][ T7125] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  174.629057][ T6905] veth0_macvtap: entered promiscuous mode
[  174.640724][ T6905] veth1_macvtap: entered promiscuous mode
[  174.696722][ T6905] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.725579][ T6905] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.761285][ T6905] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.779827][ T6905] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.802959][ T6905] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.819108][ T6905] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.880897][ T7109] chnl_net:caif_netlink_parms(): no params data found
[  174.922685][ T6999] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.122125][ T5857] Bluetooth: hci0: command tx timeout
[  175.203281][ T5857] Bluetooth: hci1: command tx timeout
[  175.329937][ T1098] hsr_slave_0: left promiscuous mode
[  175.348037][ T1098] hsr_slave_1: left promiscuous mode
[  175.372612][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  175.400625][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_0
[  175.446159][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  175.476308][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_1
[  175.524679][ T1098] veth1_macvtap: left promiscuous mode
[  175.530696][ T1098] veth0_macvtap: left promiscuous mode
[  175.549336][ T1098] veth1_vlan: left promiscuous mode
[  175.556091][ T1098] veth0_vlan: left promiscuous mode
[  176.292456][ T1098] team0 (unregistering): Port device team_slave_1 removed
[  176.370711][ T1098] team0 (unregistering): Port device team_slave_0 removed
[  176.877225][ T6999] 8021q: adding VLAN 0 to HW filter on device team0
[  177.086318][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.094306][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.118525][ T7109] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.132272][ T7109] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.139594][ T7109] bridge_slave_0: entered allmulticast mode
[  177.162988][ T7109] bridge_slave_0: entered promiscuous mode
[  177.182229][ T7109] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.202412][ T5857] Bluetooth: hci0: command tx timeout
[  177.212126][ T7109] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.219447][ T7109] bridge_slave_1: entered allmulticast mode
[  177.238153][ T7109] bridge_slave_1: entered promiscuous mode
[  177.267949][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.275224][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.511659][ T7109] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.527629][ T7109] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.706504][ T7109] team0: Port device team_slave_0 added
[  177.711998][  T153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.720050][  T153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.742324][ T7109] team0: Port device team_slave_1 added
[  177.837459][ T7109] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.844796][ T7109] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.874698][ T7109] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.890192][ T7109] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.899841][ T7109] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.931253][ T7109] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.975814][ T7164] netlink: 3752 bytes leftover after parsing attributes in process `syz.2.350'.
[  177.988721][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.001283][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.090153][ T7109] hsr_slave_0: entered promiscuous mode
[  178.113155][ T7109] hsr_slave_1: entered promiscuous mode
[  178.120196][ T7166] FAULT_INJECTION: forcing a failure.
[  178.120196][ T7166] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  178.162247][ T7166] CPU: 0 UID: 0 PID: 7166 Comm: syz.0.352 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  178.162277][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  178.162289][ T7166] Call Trace:
[  178.162296][ T7166]  <TASK>
[  178.162305][ T7166]  dump_stack_lvl+0x189/0x250
[  178.162335][ T7166]  ? __pfx____ratelimit+0x10/0x10
[  178.162366][ T7166]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.162390][ T7166]  ? __pfx__printk+0x10/0x10
[  178.162419][ T7166]  ? fs_reclaim_acquire+0x7d/0x100
[  178.162457][ T7166]  should_fail_ex+0x414/0x560
[  178.162494][ T7166]  prepare_alloc_pages+0x213/0x610
[  178.162533][ T7166]  __alloc_frozen_pages_noprof+0x123/0x370
[  178.162569][ T7166]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  178.162611][ T7166]  ? policy_nodemask+0x27c/0x720
[  178.162635][ T7166]  ? get_vma_policy+0x110/0x3c0
[  178.162673][ T7166]  alloc_pages_mpol+0x232/0x4a0
[  178.162706][ T7166]  vma_alloc_folio_noprof+0xe4/0x200
[  178.162736][ T7166]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  178.162777][ T7166]  folio_prealloc+0x30/0x180
[  178.162806][ T7166]  do_wp_page+0x1231/0x5800
[  178.162855][ T7166]  ? __pfx_do_wp_page+0x10/0x10
[  178.162874][ T7166]  ? do_raw_spin_lock+0x121/0x290
[  178.162907][ T7166]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  178.162949][ T7166]  __handle_mm_fault+0x1144/0x5620
[  178.162996][ T7166]  ? __pfx___handle_mm_fault+0x10/0x10
[  178.163044][ T7166]  ? find_vma+0xe7/0x160
[  178.163068][ T7166]  ? __pfx_find_vma+0x10/0x10
[  178.163095][ T7166]  handle_mm_fault+0x40a/0x8e0
[  178.163132][ T7166]  do_user_addr_fault+0x764/0x1390
[  178.163172][ T7166]  exc_page_fault+0x76/0xf0
[  178.163206][ T7166]  asm_exc_page_fault+0x26/0x30
[  178.163225][ T7166] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  178.163251][ T7166] Code: 00 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 4f 00 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  178.163268][ T7166] RSP: 0018:ffffc900037075f8 EFLAGS: 00050206
[  178.163286][ T7166] RAX: ffffffff84bf5801 RBX: ffff888064780000 RCX: 00000000000206a0
[  178.163300][ T7166] RDX: 0000000000000000 RSI: ffff888064782940 RDI: 0000200000003000
[  178.163312][ T7166] RBP: ffffc90003707750 R08: ffff8880647a2fdf R09: 1ffff1100c8f45fb
[  178.163326][ T7166] R10: dffffc0000000000 R11: ffffed100c8f45fc R12: 1ffff920006e0fbf
[  178.163339][ T7166] R13: 00002000000006c0 R14: ffffc90003707e08 R15: 0000000000022fe0
[  178.163362][ T7166]  ? _copy_to_iter+0x1f1/0x16f0
[  178.163390][ T7166]  _copy_to_iter+0x24c/0x16f0
[  178.163424][ T7166]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  178.163453][ T7166]  ? __pfx__copy_to_iter+0x10/0x10
[  178.163474][ T7166]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  178.163502][ T7166]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  178.163529][ T7166]  ? __asan_memset+0x22/0x50
[  178.163558][ T7166]  __skb_datagram_iter+0xf8/0x990
[  178.163586][ T7166]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  178.163615][ T7166]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  178.163654][ T7166]  skb_copy_datagram_iter+0xc5/0x230
[  178.163699][ T7166]  __unix_dgram_recvmsg+0x66b/0xde0
[  178.163736][ T7166]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  178.163757][ T7166]  ? irqentry_exit+0x74/0x90
[  178.163781][ T7166]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  178.163808][ T7166]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  178.163835][ T7166]  ? unix_dgram_recvmsg+0xb1/0xd0
[  178.163863][ T7166]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  178.163891][ T7166]  sock_recvmsg+0x229/0x270
[  178.163911][ T7166]  ____sys_recvmsg+0x1c9/0x460
[  178.163942][ T7166]  ? __pfx_____sys_recvmsg+0x10/0x10
[  178.163977][ T7166]  ? import_iovec+0x74/0xa0
[  178.164000][ T7166]  ___sys_recvmsg+0x1b5/0x510
[  178.164026][ T7166]  ? __pfx____sys_recvmsg+0x10/0x10
[  178.164071][ T7166]  ? __fget_files+0x3a0/0x420
[  178.164103][ T7166]  __x64_sys_recvmsg+0x198/0x260
[  178.164127][ T7166]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  178.164172][ T7166]  do_syscall_64+0xfa/0x3b0
[  178.164188][ T7166]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.164204][ T7166]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  178.164219][ T7166]  ? clear_bhb_loop+0x60/0xb0
[  178.164240][ T7166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.164255][ T7166] RIP: 0033:0x7f314598e929
[  178.164269][ T7166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.164283][ T7166] RSP: 002b:00007f3146723038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  178.164301][ T7166] RAX: ffffffffffffffda RBX: 00007f3145bb5fa0 RCX: 00007f314598e929
[  178.164314][ T7166] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000006
[  178.164324][ T7166] RBP: 00007f3146723090 R08: 0000000000000000 R09: 0000000000000000
[  178.164334][ T7166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.164344][ T7166] R13: 0000000000000000 R14: 00007f3145bb5fa0 R15: 00007fff473dd848
[  178.164371][ T7166]  </TASK>
[  178.660054][   T12] wlan1: Trigger new scan to find an IBSS to join
[  178.731779][ T6999] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  178.753551][ T1098] wlan1: Creating new IBSS network, BSSID da:20:e5:d1:6c:09
[  178.767694][ T7169] netlink: 'syz.2.353': attribute type 39 has an invalid length.
[  178.923305][ T7170] netlink: 830 bytes leftover after parsing attributes in process `syz.2.353'.
[  178.934189][ T7170] bond_slave_0: entered promiscuous mode
[  178.940514][ T7170] bond_slave_1: entered promiscuous mode
[  179.283081][ T5857] Bluetooth: hci0: command tx timeout
[  179.305363][ T1098] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.416006][ T1098] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.464859][ T6999] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.517662][ T1098] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.568912][ T6999] veth0_vlan: entered promiscuous mode
[  179.591432][ T1098] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.611365][ T6999] veth1_vlan: entered promiscuous mode
[  179.649109][ T6999] veth0_macvtap: entered promiscuous mode
[  179.663865][ T6999] veth1_macvtap: entered promiscuous mode
[  179.718800][ T6999] batman_adv: batadv0: Interface activated: batadv_slave_0
[  179.864760][ T6999] batman_adv: batadv0: Interface activated: batadv_slave_1
[  179.901418][ T1098] bridge_slave_1: left allmulticast mode
[  179.913024][ T1098] bridge_slave_1: left promiscuous mode
[  179.932503][ T1098] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.944743][ T1098] bridge_slave_0: left allmulticast mode
[  179.954505][ T1098] bridge_slave_0: left promiscuous mode
[  179.960386][ T1098] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.010875][ T7188] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.358'.
[  180.253174][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  180.265219][ T5852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  180.275831][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  180.287200][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  180.296197][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  180.376751][ T1098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  180.389035][ T1098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  180.399463][ T1098] bond0 (unregistering): Released all slaves
[  180.416339][ T6999] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.427201][ T6999] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.437719][ T6999] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.446830][ T6999] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.827215][ T7193] bond_slave_0: left promiscuous mode
[  180.840997][ T7193] bond_slave_1: left promiscuous mode
[  180.847350][ T7193] bond0: entered promiscuous mode
[  180.857796][ T7193] bond_slave_0: entered promiscuous mode
[  180.864146][ T7193] bond_slave_1: entered promiscuous mode
[  181.213479][ T7109] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  181.264591][ T1098] hsr_slave_0: left promiscuous mode
[  181.280153][ T1098] hsr_slave_1: left promiscuous mode
[  181.287374][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  181.296123][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_0
[  181.304215][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  181.312171][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_1
[  181.329429][ T1098] veth1_macvtap: left promiscuous mode
[  181.336081][ T1098] veth0_macvtap: left promiscuous mode
[  181.341760][ T1098] veth1_vlan: left promiscuous mode
[  181.347493][ T1098] veth0_vlan: left promiscuous mode
[  181.362366][ T5852] Bluetooth: hci0: command tx timeout
[  181.870238][ T1098] team0 (unregistering): Port device team_slave_1 removed
[  181.907268][ T1098] team0 (unregistering): Port device team_slave_0 removed
[  182.267470][ T7109] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  182.278451][ T7109] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  182.316737][ T7206] netlink: 3752 bytes leftover after parsing attributes in process `syz.2.363'.
[  182.326462][ T5852] Bluetooth: hci2: command tx timeout
[  182.339359][ T7109] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  182.405330][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.442690][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.682325][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.726771][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.865327][ T7189] chnl_net:caif_netlink_parms(): no params data found
[  183.082905][ T7236] FAULT_INJECTION: forcing a failure.
[  183.082905][ T7236] name failslab, interval 1, probability 0, space 0, times 0
[  183.098586][ T7236] CPU: 0 UID: 0 PID: 7236 Comm: syz.2.371 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  183.098624][ T7236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  183.098636][ T7236] Call Trace:
[  183.098649][ T7236]  <TASK>
[  183.098661][ T7236]  dump_stack_lvl+0x189/0x250
[  183.098700][ T7236]  ? __pfx____ratelimit+0x10/0x10
[  183.098743][ T7236]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.098779][ T7236]  ? __pfx__printk+0x10/0x10
[  183.098847][ T7236]  ? irqentry_exit+0x74/0x90
[  183.098871][ T7236]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.098917][ T7236]  should_fail_ex+0x414/0x560
[  183.098971][ T7236]  should_failslab+0xa8/0x100
[  183.099005][ T7236]  __kmalloc_cache_noprof+0x70/0x3d0
[  183.099029][ T7236]  ? sctp_add_bind_addr+0x8c/0x370
[  183.099069][ T7236]  sctp_add_bind_addr+0x8c/0x370
[  183.099109][ T7236]  sctp_copy_local_addr_list+0x30b/0x4e0
[  183.099144][ T7236]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  183.099168][ T7236]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  183.099198][ T7236]  ? sctp_v6_is_any+0x64/0x80
[  183.099228][ T7236]  ? sctp_copy_one_addr+0x93/0x360
[  183.099268][ T7236]  sctp_bind_addr_copy+0xb3/0x3c0
[  183.099298][ T7236]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  183.099343][ T7236]  sctp_connect_new_asoc+0x2e0/0x690
[  183.099386][ T7236]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  183.099406][ T7236]  ? __local_bh_enable_ip+0x12d/0x1c0
[  183.099464][ T7236]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  183.099482][ T7236]  ? security_sctp_bind_connect+0x7e/0x2e0
[  183.099523][ T7236]  sctp_sendmsg+0x155c/0x2810
[  183.099632][ T7236]  ? __pfx_sctp_sendmsg+0x10/0x10
[  183.099690][ T7236]  ? aa_sk_perm+0x81e/0x950
[  183.099758][ T7236]  ? __pfx_aa_sk_perm+0x10/0x10
[  183.099806][ T7236]  ? __might_fault+0xb0/0x130
[  183.099824][ T7236]  ? sock_rps_record_flow+0x19/0x410
[  183.099865][ T7236]  ? inet_sendmsg+0x2f4/0x370
[  183.099917][ T7236]  __sock_sendmsg+0x19c/0x270
[  183.099967][ T7236]  ____sys_sendmsg+0x505/0x830
[  183.100036][ T7236]  ? __pfx_____sys_sendmsg+0x10/0x10
[  183.100124][ T7236]  ? import_iovec+0x74/0xa0
[  183.100181][ T7236]  ___sys_sendmsg+0x21f/0x2a0
[  183.100233][ T7236]  ? __pfx____sys_sendmsg+0x10/0x10
[  183.100385][ T7236]  ? __fget_files+0x2a/0x420
[  183.100488][ T7236]  ? __fget_files+0x2a/0x420
[  183.100518][ T7236]  ? __fget_files+0x3a0/0x420
[  183.100622][ T7236]  __x64_sys_sendmsg+0x19b/0x260
[  183.100673][ T7236]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  183.100760][ T7236]  ? __pfx_ksys_write+0x10/0x10
[  183.100826][ T7236]  ? do_syscall_64+0xbe/0x3b0
[  183.100866][ T7236]  do_syscall_64+0xfa/0x3b0
[  183.100899][ T7236]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.100919][ T7236]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  183.100939][ T7236]  ? clear_bhb_loop+0x60/0xb0
[  183.100985][ T7236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.101006][ T7236] RIP: 0033:0x7f979a38e929
[  183.101030][ T7236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.101045][ T7236] RSP: 002b:00007f979b28d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.101066][ T7236] RAX: ffffffffffffffda RBX: 00007f979a5b5fa0 RCX: 00007f979a38e929
[  183.101081][ T7236] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000007
[  183.101094][ T7236] RBP: 00007f979b28d090 R08: 0000000000000000 R09: 0000000000000000
[  183.101106][ T7236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  183.101117][ T7236] R13: 0000000000000000 R14: 00007f979a5b5fa0 R15: 00007ffc67c1b598
[  183.101216][ T7236]  </TASK>
[  183.640726][ T7234] bridge0: port 4(bond0) entered blocking state
[  183.661506][ T7234] bridge0: port 4(bond0) entered disabled state
[  183.677685][ T7234] bond0: entered allmulticast mode
[  183.721271][ T7234] bond_slave_0: entered allmulticast mode
[  183.736823][ T7234] bond_slave_1: entered allmulticast mode
[  183.782414][ T7234] bond0: entered promiscuous mode
[  183.795796][ T7234] bond_slave_0: entered promiscuous mode
[  183.842866][ T7234] bond_slave_1: entered promiscuous mode
[  183.900891][ T7234] bridge0: port 4(bond0) entered blocking state
[  183.907867][ T7234] bridge0: port 4(bond0) entered forwarding state
[  184.014063][ T1098] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.084978][ T7109] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.171094][ T1098] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.213764][ T7189] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.221758][ T7189] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.240443][ T7189] bridge_slave_0: entered allmulticast mode
[  184.251717][ T7189] bridge_slave_0: entered promiscuous mode
[  184.334610][ T1098] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.381697][ T7189] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.401164][ T7189] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.412021][ T5852] Bluetooth: hci2: command tx timeout
[  184.426895][ T7189] bridge_slave_1: entered allmulticast mode
[  184.435434][ T7189] bridge_slave_1: entered promiscuous mode
[  184.487486][ T7109] 8021q: adding VLAN 0 to HW filter on device team0
[  184.511539][ T1098] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.534883][ T7189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.553193][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.560464][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.601274][ T7189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  184.719275][ T7189] team0: Port device team_slave_0 added
[  184.738994][ T7189] team0: Port device team_slave_1 added
[  184.751689][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  184.769582][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.776913][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.794567][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  184.807971][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  184.825612][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  184.835384][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  184.873649][ T7252] cgroup: fork rejected by pids controller in /syz2
[  184.920502][ T7189] batman_adv: batadv0: Adding interface: batadv_slave_0
[  184.930374][ T7189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.956809][ T7189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  184.986236][ T7250] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.375'.
[  185.023838][ T7189] batman_adv: batadv0: Adding interface: batadv_slave_1
[  185.047508][ T7189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.080958][ T7189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  185.336833][ T7189] hsr_slave_0: entered promiscuous mode
[  185.353376][ T7189] hsr_slave_1: entered promiscuous mode
[  185.361243][ T7189] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  185.369604][ T7189] Cannot create hsr debugfs directory
[  185.550402][ T1098] bridge_slave_1: left allmulticast mode
[  185.556474][ T1098] bridge_slave_1: left promiscuous mode
[  185.586214][ T1098] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.617254][ T1098] bridge_slave_0: left allmulticast mode
[  185.635011][ T1098] bridge_slave_0: left promiscuous mode
[  185.667784][ T1098] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.190446][ T5857] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  186.204457][ T5857] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  186.219967][ T5857] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  186.234787][ T5857] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  186.250388][ T5857] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  186.278923][ T1098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.293432][ T1098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.308634][ T1098] bond0 (unregistering): Released all slaves
[  186.491884][ T5857] Bluetooth: hci2: command tx timeout
[  186.577671][ T7275] netlink: 10 bytes leftover after parsing attributes in process `syz.0.381'.
[  186.882533][ T5857] Bluetooth: hci1: command tx timeout
[  186.928404][ T7253] chnl_net:caif_netlink_parms(): no params data found
[  187.014178][ T1098] hsr_slave_0: left promiscuous mode
[  187.020188][ T1098] hsr_slave_1: left promiscuous mode
[  187.026660][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.037425][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.052772][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.060325][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.077845][ T1098] veth1_macvtap: left promiscuous mode
[  187.084821][ T1098] veth0_macvtap: left promiscuous mode
[  187.090463][ T1098] veth1_vlan: left promiscuous mode
[  187.096085][ T1098] veth0_vlan: left promiscuous mode
[  187.550288][ T1098] team0 (unregistering): Port device team_slave_1 removed
[  187.588025][ T1098] team0 (unregistering): Port device team_slave_0 removed
[  188.026467][ T7109] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.205501][ T7292] netlink: 'syz.0.383': attribute type 21 has an invalid length.
[  188.219646][ T7292] netlink: 'syz.0.383': attribute type 15 has an invalid length.
[  188.243331][ T7292] netlink: 156 bytes leftover after parsing attributes in process `syz.0.383'.
[  188.255306][ T7292] IPv6: NLM_F_CREATE should be specified when creating new route
[  188.270064][ T7253] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.285410][ T7253] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.293430][ T7292] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  188.293949][ T7253] bridge_slave_0: entered allmulticast mode
[  188.301145][ T7292] IPv6: NLM_F_CREATE should be set when creating new route
[  188.309742][ T7253] bridge_slave_0: entered promiscuous mode
[  188.314785][ T7292] IPv6: NLM_F_CREATE should be set when creating new route
[  188.328187][ T7292] IPv6: NLM_F_CREATE should be set when creating new route
[  188.337567][ T5857] Bluetooth: hci3: command tx timeout
[  188.372424][ T7253] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.379663][ T7253] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.391514][ T7253] bridge_slave_1: entered allmulticast mode
[  188.400213][ T7253] bridge_slave_1: entered promiscuous mode
[  188.540220][ T7253] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.565987][ T5857] Bluetooth: hci2: command tx timeout
[  188.626127][ T7253] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.690274][ T7301] netlink: 'syz.0.384': attribute type 4 has an invalid length.
[  188.740447][ T7253] team0: Port device team_slave_0 added
[  188.771433][ T7253] team0: Port device team_slave_1 added
[  188.783941][ T7189] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  188.798052][ T7189] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  188.837343][ T7269] chnl_net:caif_netlink_parms(): no params data found
[  188.850069][ T7189] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  188.863740][ T7253] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.870892][ T7253] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.900545][ T7253] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.928641][ T7189] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  188.959587][ T1098] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.970237][ T5857] Bluetooth: hci1: command tx timeout
[  188.986506][ T7253] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.994195][ T7253] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.021125][ T7253] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  189.093834][ T1098] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.138138][ T7109] veth0_vlan: entered promiscuous mode
[  189.152672][ T7253] hsr_slave_0: entered promiscuous mode
[  189.159181][ T7253] hsr_slave_1: entered promiscuous mode
[  189.166280][ T7253] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  189.174081][ T7253] Cannot create hsr debugfs directory
[  189.203356][ T1098] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.279815][ T7269] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.288043][ T7269] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.295658][ T7269] bridge_slave_0: entered allmulticast mode
[  189.304455][ T7269] bridge_slave_0: entered promiscuous mode
[  189.327432][ T1098] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.359405][ T7269] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.367453][ T7269] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.375182][ T7269] bridge_slave_1: entered allmulticast mode
[  189.383587][ T7269] bridge_slave_1: entered promiscuous mode
[  189.446490][ T7109] veth1_vlan: entered promiscuous mode
[  189.476284][ T7269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  189.505825][ T7269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.620875][ T7269] team0: Port device team_slave_0 added
[  189.665841][ T7269] team0: Port device team_slave_1 added
[  189.798217][ T7316] netlink: 8 bytes leftover after parsing attributes in process `syz.0.386'.
[  189.919256][ T7269] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.939204][ T7269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.969233][ T7269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.998503][ T7316] netlink: 33 bytes leftover after parsing attributes in process `syz.0.386'.
[  190.013423][ T7316] netlink: 33 bytes leftover after parsing attributes in process `syz.0.386'.
[  190.057518][ T7269] batman_adv: batadv0: Adding interface: batadv_slave_1
[  190.067205][ T7269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.096750][ T7269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.144530][ T1098] bridge_slave_1: left allmulticast mode
[  190.150241][ T1098] bridge_slave_1: left promiscuous mode
[  190.164550][ T1098] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.177420][ T1098] bridge_slave_0: left allmulticast mode
[  190.184372][ T1098] bridge_slave_0: left promiscuous mode
[  190.191038][ T1098] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.230729][ T7318] netlink: 132 bytes leftover after parsing attributes in process `syz.0.387'.
[  190.402101][ T5857] Bluetooth: hci3: command tx timeout
[  190.509522][ T1098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  190.518693][ T1098] bond_slave_0: left promiscuous mode
[  190.526821][ T1098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  190.536571][ T1098] bond_slave_1: left promiscuous mode
[  190.543628][ T1098] bond0 (unregistering): Released all slaves
[  190.568408][ T7109] veth0_macvtap: entered promiscuous mode
[  190.736368][ T7109] veth1_macvtap: entered promiscuous mode
[  190.750966][ T7269] hsr_slave_0: entered promiscuous mode
[  190.758212][ T7269] hsr_slave_1: entered promiscuous mode
[  190.766815][ T7269] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  190.774792][ T7269] Cannot create hsr debugfs directory
[  190.842314][ T7321] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.388'.
[  190.910790][ T7189] 8021q: adding VLAN 0 to HW filter on device bond0
[  190.973812][ T1098] hsr_slave_0: left promiscuous mode
[  190.979763][ T1098] hsr_slave_1: left promiscuous mode
[  190.987397][ T1098] batman_adv: batadv0: Removing interface: team0
[  190.995464][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.003827][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.011691][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.019548][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.036768][ T1098] veth1_macvtap: left promiscuous mode
[  191.042223][ T5857] Bluetooth: hci1: command tx timeout
[  191.044400][ T1098] veth0_macvtap: left promiscuous mode
[  191.326455][ T1098] team0 (unregistering): Port device team_slave_1 removed
[  191.363448][ T1098] team0 (unregistering): Port device team_slave_0 removed
[  191.738604][ T7109] batman_adv: batadv0: Interface activated: batadv_slave_0
[  191.753554][ T7109] batman_adv: batadv0: Interface activated: batadv_slave_1
[  191.780357][ T7253] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  191.825951][ T7324] netlink: 'syz.0.389': attribute type 10 has an invalid length.
[  191.834733][ T7324] netlink: 40 bytes leftover after parsing attributes in process `syz.0.389'.
[  191.852866][ T7253] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  191.879062][ T7324] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.894062][ T7324] bridge_slave_0: left allmulticast mode
[  191.899769][ T7324] bridge_slave_0: left promiscuous mode
[  191.906671][ T7324] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.920680][ T7324] team0: Port device bridge_slave_0 added
[  191.962038][ T7189] 8021q: adding VLAN 0 to HW filter on device team0
[  191.970854][ T7109] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.987265][ T7109] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.997482][ T7109] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.008887][ T7327] FAULT_INJECTION: forcing a failure.
[  192.008887][ T7327] name failslab, interval 1, probability 0, space 0, times 0
[  192.015619][ T7109] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.021745][ T7327] CPU: 0 UID: 0 PID: 7327 Comm: syz.0.390 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  192.021784][ T7327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.021800][ T7327] Call Trace:
[  192.021817][ T7327]  <TASK>
[  192.021827][ T7327]  dump_stack_lvl+0x189/0x250
[  192.021861][ T7327]  ? __pfx____ratelimit+0x10/0x10
[  192.021899][ T7327]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.021927][ T7327]  ? __pfx__printk+0x10/0x10
[  192.021981][ T7327]  should_fail_ex+0x414/0x560
[  192.022022][ T7327]  should_failslab+0xa8/0x100
[  192.022056][ T7327]  __kmalloc_cache_noprof+0x70/0x3d0
[  192.022085][ T7327]  ? sctp_add_bind_addr+0x8c/0x370
[  192.022118][ T7327]  sctp_add_bind_addr+0x8c/0x370
[  192.022149][ T7327]  sctp_copy_local_addr_list+0x30b/0x4e0
[  192.022180][ T7327]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  192.022204][ T7327]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  192.022232][ T7327]  ? sctp_v6_is_any+0x64/0x80
[  192.022261][ T7327]  ? sctp_copy_one_addr+0x93/0x360
[  192.022292][ T7327]  sctp_bind_addr_copy+0xb3/0x3c0
[  192.022319][ T7327]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  192.022360][ T7327]  sctp_connect_new_asoc+0x2e0/0x690
[  192.022397][ T7327]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  192.022429][ T7327]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  192.022460][ T7327]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  192.022489][ T7327]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  192.022519][ T7327]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  192.022542][ T7327]  ? security_sctp_bind_connect+0x7e/0x2e0
[  192.022577][ T7327]  sctp_sendmsg+0x155c/0x2810
[  192.022626][ T7327]  ? __pfx_sctp_sendmsg+0x10/0x10
[  192.022662][ T7327]  ? aa_sk_perm+0x81e/0x950
[  192.022695][ T7327]  ? perf_trace_lock_acquire+0xf5/0x410
[  192.022728][ T7327]  ? __pfx_aa_sk_perm+0x10/0x10
[  192.022773][ T7327]  ? sock_rps_record_flow+0x19/0x410
[  192.022802][ T7327]  ? inet_sendmsg+0x2f4/0x370
[  192.022823][ T7327]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  192.022849][ T7327]  __sock_sendmsg+0x19c/0x270
[  192.022880][ T7327]  ____sys_sendmsg+0x505/0x830
[  192.022920][ T7327]  ? __pfx_____sys_sendmsg+0x10/0x10
[  192.022965][ T7327]  ? import_iovec+0x74/0xa0
[  192.022998][ T7327]  ___sys_sendmsg+0x21f/0x2a0
[  192.023033][ T7327]  ? __pfx____sys_sendmsg+0x10/0x10
[  192.023126][ T7327]  ? __fget_files+0x2a/0x420
[  192.023156][ T7327]  ? __fget_files+0x3a0/0x420
[  192.023204][ T7327]  __x64_sys_sendmsg+0x19b/0x260
[  192.023240][ T7327]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  192.023285][ T7327]  ? __pfx_ksys_write+0x10/0x10
[  192.023310][ T7327]  ? rcu_is_watching+0x15/0xb0
[  192.023346][ T7327]  ? do_syscall_64+0xbe/0x3b0
[  192.023375][ T7327]  do_syscall_64+0xfa/0x3b0
[  192.023395][ T7327]  ? lockdep_hardirqs_on+0x9c/0x150
[  192.023430][ T7327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.023452][ T7327]  ? clear_bhb_loop+0x60/0xb0
[  192.023481][ T7327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.023504][ T7327] RIP: 0033:0x7f314598e929
[  192.023525][ T7327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.023544][ T7327] RSP: 002b:00007f3146723038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.023569][ T7327] RAX: ffffffffffffffda RBX: 00007f3145bb5fa0 RCX: 00007f314598e929
[  192.023585][ T7327] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  192.023600][ T7327] RBP: 00007f3146723090 R08: 0000000000000000 R09: 0000000000000000
[  192.023615][ T7327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  192.023627][ T7327] R13: 0000000000000000 R14: 00007f3145bb5fa0 R15: 00007fff473dd848
[  192.023670][ T7327]  </TASK>
[  192.398451][ T7253] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  192.413722][ T7253] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  192.447863][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.455092][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.494120][ T5857] Bluetooth: hci3: command tx timeout
[  192.534812][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.542102][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  192.756065][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.778582][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.898358][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.919630][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.990343][ T7345] netlink: 180 bytes leftover after parsing attributes in process `syz.0.395'.
[  193.055219][ T7253] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.102359][ T7253] 8021q: adding VLAN 0 to HW filter on device team0
[  193.123041][ T5857] Bluetooth: hci1: command tx timeout
[  193.136591][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.143951][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.178897][ T1098] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.186171][ T1098] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.410933][ T7269] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  194.110125][ T5852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  194.121760][ T5852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  194.136647][ T5852] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  194.145891][ T5852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  194.157738][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  194.299352][   T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.357390][ T7269] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  194.377334][ T7269] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  194.410950][ T7189] 8021q: adding VLAN 0 to HW filter on device batadv0
[  194.562092][ T5852] Bluetooth: hci3: command tx timeout
[  195.205592][   T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.225571][ T7269] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  195.390155][   T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.803560][   T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.889939][ T7189] veth0_vlan: entered promiscuous mode
[  195.953429][ T7189] veth1_vlan: entered promiscuous mode
[  196.037856][ T7253] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.105677][ T7269] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.243609][ T5852] Bluetooth: hci0: command tx timeout
[  196.384727][ T7269] 8021q: adding VLAN 0 to HW filter on device team0
[  196.447194][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.454453][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.477231][ T7189] veth0_macvtap: entered promiscuous mode
[  196.498262][ T7377] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.400'.
[  196.549669][ T7189] veth1_macvtap: entered promiscuous mode
[  196.577598][   T36] bridge_slave_1: left allmulticast mode
[  196.587566][   T36] bridge_slave_1: left promiscuous mode
[  196.594659][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.609499][   T36] bridge_slave_0: left allmulticast mode
[  196.615739][   T36] bridge_slave_0: left promiscuous mode
[  196.621506][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.910843][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  196.922126][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  196.932383][   T36] bond0 (unregistering): Released all slaves
[  196.948562][ T1098] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.955750][ T1098] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.006677][ T7354] chnl_net:caif_netlink_parms(): no params data found
[  197.106488][ T7253] veth0_vlan: entered promiscuous mode
[  197.123453][ T7189] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.248464][ T7189] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.260102][ T7189] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.269353][ T7189] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.279673][ T7189] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.294110][ T7189] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.336066][ T7354] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.343714][ T7354] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.350942][ T7354] bridge_slave_0: entered allmulticast mode
[  197.358888][ T7354] bridge_slave_0: entered promiscuous mode
[  197.410924][ T7354] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.419933][ T7354] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.428483][ T7354] bridge_slave_1: entered allmulticast mode
[  197.436728][ T7354] bridge_slave_1: entered promiscuous mode
[  197.444539][ T7253] veth1_vlan: entered promiscuous mode
[  197.478352][   T36] hsr_slave_0: left promiscuous mode
[  197.485071][   T36] hsr_slave_1: left promiscuous mode
[  197.491180][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.499024][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.507699][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.515316][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  197.537771][   T36] veth1_macvtap: left promiscuous mode
[  197.543783][   T36] veth0_macvtap: left promiscuous mode
[  197.549397][   T36] veth1_vlan: left promiscuous mode
[  197.555362][   T36] veth0_vlan: left promiscuous mode
[  197.967688][   T36] team0 (unregistering): Port device team_slave_1 removed
[  198.008198][   T36] team0 (unregistering): Port device team_slave_0 removed
[  198.324125][ T5852] Bluetooth: hci0: command tx timeout
[  198.469596][ T7354] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.484327][ T7354] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.540666][ T7354] team0: Port device team_slave_0 added
[  198.607425][ T7354] team0: Port device team_slave_1 added
[  198.633343][ T7389] netlink: 'syz.0.403': attribute type 39 has an invalid length.
[  198.726888][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.753146][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.808090][ T7354] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.815317][ T7354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.842326][ T7354] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.862630][ T7253] veth0_macvtap: entered promiscuous mode
[  198.883798][ T7354] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.890820][ T7354] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.939578][ T7354] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.014467][ T7253] veth1_macvtap: entered promiscuous mode
[  199.072428][ T7354] hsr_slave_0: entered promiscuous mode
[  199.079181][ T7354] hsr_slave_1: entered promiscuous mode
[  199.098289][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.110048][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.229119][ T7269] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.243897][ T7253] batman_adv: batadv0: Interface activated: batadv_slave_0
[  199.298676][ T7253] batman_adv: batadv0: Interface activated: batadv_slave_1
[  199.361039][ T7398] netlink: 'syz.0.405': attribute type 21 has an invalid length.
[  199.415272][ T7398] netlink: 'syz.0.405': attribute type 10 has an invalid length.
[  199.426706][ T7398] netlink: 55 bytes leftover after parsing attributes in process `syz.0.405'.
[  199.437112][ T7253] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.446755][ T7253] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.455923][ T7253] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.465231][ T7253] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.765657][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.776697][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  199.783111][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  199.824651][ T7269] veth0_vlan: entered promiscuous mode
[  199.899999][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.924241][ T7269] veth1_vlan: entered promiscuous mode
[  200.020054][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.072935][  T153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.080827][  T153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.093322][ T7269] veth0_macvtap: entered promiscuous mode
[  200.121790][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.170023][ T7269] veth1_macvtap: entered promiscuous mode
[  200.219140][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.222636][ T7269] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.234860][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.265082][ T7269] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.350882][ T7269] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.368071][ T7269] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.376978][ T7269] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.388828][ T7269] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.405698][ T5852] Bluetooth: hci0: command tx timeout
[  200.507839][ T7402] netlink: 'syz.0.406': attribute type 2 has an invalid length.
[  200.520247][ T7402] netlink: 'syz.0.406': attribute type 1 has an invalid length.
[  200.528751][ T7402] netlink: 191376 bytes leftover after parsing attributes in process `syz.0.406'.
[  200.542486][ T7402] nbd: couldn't find a device at index 149
[  200.639835][   T12] bridge_slave_1: left allmulticast mode
[  200.666274][   T12] bridge_slave_1: left promiscuous mode
[  200.695856][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.728991][   T12] bridge_slave_0: left allmulticast mode
[  200.741877][   T12] bridge_slave_0: left promiscuous mode
[  200.747749][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.976235][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  200.992400][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  201.002316][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  201.011765][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  201.019808][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  201.283136][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  201.295291][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  201.306295][   T12] bond0 (unregistering): Released all slaves
[  201.447847][ T7354] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  201.512647][  T153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.520560][  T153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.553456][ T7354] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  201.671967][ T7354] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  201.772156][ T7410] netlink: 8 bytes leftover after parsing attributes in process `syz.0.408'.
[  202.064487][ T7354] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  202.115418][ T7410] netlink: 4 bytes leftover after parsing attributes in process `syz.0.408'.
[  202.144371][ T7410] netlink: 2 bytes leftover after parsing attributes in process `syz.0.408'.
[  202.162806][ T7410] bridge_slave_0: entered allmulticast mode
[  202.173493][ T7410] netlink: 4 bytes leftover after parsing attributes in process `syz.0.408'.
[  202.203575][ T7410] netlink: 2 bytes leftover after parsing attributes in process `syz.0.408'.
[  202.223775][  T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.231798][  T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.357936][   T12] hsr_slave_0: left promiscuous mode
[  202.391925][   T12] hsr_slave_1: left promiscuous mode
[  202.408534][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.437963][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  202.473165][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.482866][ T5852] Bluetooth: hci0: command tx timeout
[  202.504225][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  202.531714][   T12] veth1_macvtap: left promiscuous mode
[  202.537837][   T12] veth0_macvtap: left promiscuous mode
[  202.543784][   T12] veth1_vlan: left promiscuous mode
[  202.549317][   T12] veth0_vlan: left promiscuous mode
[  202.650023][ T5857] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  202.673035][ T5857] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  202.682808][ T5857] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  202.695842][ T5857] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  202.704143][ T5857] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  203.126879][ T5852] Bluetooth: hci1: command tx timeout
[  203.209163][   T12] team0 (unregistering): Port device team_slave_1 removed
[  203.257198][   T12] team0 (unregistering): Port device team_slave_0 removed
[  203.679566][ T7434] netlink: 3752 bytes leftover after parsing attributes in process `syz.2.411'.
[  203.987775][ T7442] netlink: 'syz.2.413': attribute type 3 has an invalid length.
[  204.022300][ T7442] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.413'.
[  204.066308][ T5852] Bluetooth: hci3: unexpected event 0x09 length: 15 > 3
[  204.318168][ T7405] chnl_net:caif_netlink_parms(): no params data found
[  204.802064][ T5852] Bluetooth: hci2: command tx timeout
[  204.805359][ T7405] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.835928][ T7405] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.843536][ T7405] bridge_slave_0: entered allmulticast mode
[  204.854807][ T7405] bridge_slave_0: entered promiscuous mode
[  204.885287][ T7467] netlink: 'syz.0.419': attribute type 6 has an invalid length.
[  204.898221][ T7405] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.919657][ T7405] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.927565][ T7467] netlink: 'syz.0.419': attribute type 7 has an invalid length.
[  204.940741][ T7405] bridge_slave_1: entered allmulticast mode
[  204.953360][ T7405] bridge_slave_1: entered promiscuous mode
[  204.962567][ T7467] netlink: 13182 bytes leftover after parsing attributes in process `syz.0.419'.
[  205.143852][ T7354] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.204971][ T5852] Bluetooth: hci1: command tx timeout
[  205.469151][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.671479][ T7405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  205.692430][ T7405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  205.735076][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.769104][ T7354] 8021q: adding VLAN 0 to HW filter on device team0
[  205.797984][ T7422] chnl_net:caif_netlink_parms(): no params data found
[  205.864469][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.991306][ T7405] team0: Port device team_slave_0 added
[  206.011027][ T7405] team0: Port device team_slave_1 added
[  206.038531][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.045789][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.076436][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.210486][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.217857][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.236582][ T7479] netlink: 3752 bytes leftover after parsing attributes in process `syz.2.424'.
[  206.302638][ T7405] batman_adv: batadv0: Adding interface: batadv_slave_0
[  206.310504][ T7405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.337391][ T7405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  206.350889][ T7405] batman_adv: batadv0: Adding interface: batadv_slave_1
[  206.358204][ T7405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.384578][ T7405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  206.623311][ T7422] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.632507][ T7422] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.639835][ T7422] bridge_slave_0: entered allmulticast mode
[  206.657833][ T7422] bridge_slave_0: entered promiscuous mode
[  206.795170][ T7422] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.810659][ T7422] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.819870][ T7422] bridge_slave_1: entered allmulticast mode
[  206.855620][ T7422] bridge_slave_1: entered promiscuous mode
[  206.888097][ T5852] Bluetooth: hci2: command tx timeout
[  207.292655][ T5852] Bluetooth: hci1: command tx timeout
[  207.731354][ T7405] hsr_slave_0: entered promiscuous mode
[  207.746188][ T7405] hsr_slave_1: entered promiscuous mode
[  207.756729][ T7405] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  207.766450][ T7405] Cannot create hsr debugfs directory
[  207.776254][ T7422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.819980][ T7422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.104593][ T7516] netlink: 'syz.2.436': attribute type 1 has an invalid length.
[  208.112892][ T7516] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.436'.
[  208.139238][   T12] bridge_slave_1: left allmulticast mode
[  208.145165][   T12] bridge_slave_1: left promiscuous mode
[  208.151118][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.180486][   T12] bridge_slave_0: left allmulticast mode
[  208.189858][   T12] bridge_slave_0: left promiscuous mode
[  208.198352][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.707637][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  208.720500][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  208.732739][   T12] bond0 (unregistering): Released all slaves
[  208.824873][ T7422] team0: Port device team_slave_0 added
[  208.841115][ T7422] team0: Port device team_slave_1 added
[  208.910015][ T7523] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.437'.
[  208.968523][ T5852] Bluetooth: hci2: command tx timeout
[  209.093544][ T7422] batman_adv: batadv0: Adding interface: batadv_slave_0
[  209.100669][ T7422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.128567][ T7422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  209.142686][ T7422] batman_adv: batadv0: Adding interface: batadv_slave_1
[  209.150206][ T7422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.176886][ T7422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  209.352007][   T12] hsr_slave_0: left promiscuous mode
[  209.363182][ T5852] Bluetooth: hci1: command tx timeout
[  209.366182][   T12] hsr_slave_1: left promiscuous mode
[  209.394777][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.402739][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.412301][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.419786][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.451429][   T12] veth1_macvtap: left promiscuous mode
[  209.460794][   T12] veth0_macvtap: left promiscuous mode
[  209.467852][   T12] veth1_vlan: left promiscuous mode
[  209.473349][   T12] veth0_vlan: left promiscuous mode
[  210.018945][   T12] team0 (unregistering): Port device team_slave_1 removed
[  210.068331][   T12] team0 (unregistering): Port device team_slave_0 removed
[  210.679257][ T7354] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.748186][ T7562] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.454'.
[  210.912966][ T7422] hsr_slave_0: entered promiscuous mode
[  210.920002][ T7422] hsr_slave_1: entered promiscuous mode
[  210.931366][ T7422] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  210.940366][ T7422] Cannot create hsr debugfs directory
[  211.043821][ T5852] Bluetooth: hci2: command tx timeout
[  211.567521][ T7585] netlink: 'syz.0.460': attribute type 6 has an invalid length.
[  211.577595][ T7585] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.460'.
[  211.755333][ T7354] veth0_vlan: entered promiscuous mode
[  211.779012][ T7405] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  211.799278][ T7405] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  211.810829][ T7405] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  211.827414][ T7354] veth1_vlan: entered promiscuous mode
[  211.854284][ T7405] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  211.861323][ T7592] netlink: 'syz.0.462': attribute type 21 has an invalid length.
[  211.879660][ T7592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.462'.
[  211.971460][ T7354] veth0_macvtap: entered promiscuous mode
[  212.026271][ T7354] veth1_macvtap: entered promiscuous mode
[  212.103647][ T7354] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.131597][ T7354] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.154518][ T7354] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.167261][ T7354] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.179092][ T7354] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.190805][ T7354] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.297111][ T7405] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.363277][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.371233][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.427544][ T7422] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  212.467087][ T7405] 8021q: adding VLAN 0 to HW filter on device team0
[  212.476861][ T7422] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  212.489457][ T7422] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  212.505693][ T7422] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  212.518538][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.527095][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.537512][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.544724][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.585552][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.592756][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.884471][ T7616] netlink: 3752 bytes leftover after parsing attributes in process `syz.2.467'.
[  214.353774][ T5857] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  214.364587][ T5857] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  214.372814][ T5857] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  214.381168][ T5857] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  214.396310][ T5857] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  214.445994][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.594414][ T7422] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.628061][ T7422] 8021q: adding VLAN 0 to HW filter on device team0
[  214.668352][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.706574][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.713830][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.769926][ T7628] FAULT_INJECTION: forcing a failure.
[  214.769926][ T7628] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.785799][ T7628] CPU: 0 UID: 0 PID: 7628 Comm: syz.0.469 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  214.785829][ T7628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  214.785841][ T7628] Call Trace:
[  214.785850][ T7628]  <TASK>
[  214.785858][ T7628]  dump_stack_lvl+0x189/0x250
[  214.785889][ T7628]  ? __pfx____ratelimit+0x10/0x10
[  214.785921][ T7628]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.785945][ T7628]  ? __pfx__printk+0x10/0x10
[  214.785974][ T7628]  ? __might_fault+0xb0/0x130
[  214.786011][ T7628]  should_fail_ex+0x414/0x560
[  214.786047][ T7628]  _copy_from_user+0x2d/0xb0
[  214.786073][ T7628]  __sys_bpf+0x1ed/0x860
[  214.786096][ T7628]  ? __pfx___sys_bpf+0x10/0x10
[  214.786129][ T7628]  ? ksys_write+0x22a/0x250
[  214.786157][ T7628]  ? __pfx_ksys_write+0x10/0x10
[  214.786178][ T7628]  ? rcu_is_watching+0x15/0xb0
[  214.786211][ T7628]  __x64_sys_bpf+0x7c/0x90
[  214.786254][ T7628]  do_syscall_64+0xfa/0x3b0
[  214.786273][ T7628]  ? lockdep_hardirqs_on+0x9c/0x150
[  214.786304][ T7628]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.786323][ T7628]  ? clear_bhb_loop+0x60/0xb0
[  214.786348][ T7628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.786366][ T7628] RIP: 0033:0x7f314598e929
[  214.786385][ T7628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.786402][ T7628] RSP: 002b:00007f3146723038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  214.786423][ T7628] RAX: ffffffffffffffda RBX: 00007f3145bb5fa0 RCX: 00007f314598e929
[  214.786438][ T7628] RDX: 0000000000000094 RSI: 0000200000000140 RDI: 0000000000000005
[  214.786450][ T7628] RBP: 00007f3146723090 R08: 0000000000000000 R09: 0000000000000000
[  214.786462][ T7628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.786474][ T7628] R13: 0000000000000000 R14: 00007f3145bb5fa0 R15: 00007fff473dd848
[  214.786504][ T7628]  </TASK>
[  214.797219][ T7405] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.996187][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.003469][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.107798][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.311152][ T7636] Dead loop on virtual device ip6_vti0, fix it urgently!
[  215.359205][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.413580][ T7639] netlink: 'syz.0.474': attribute type 5 has an invalid length.
[  215.665693][ T7405] veth0_vlan: entered promiscuous mode
[  215.991727][ T7405] veth1_vlan: entered promiscuous mode
[  216.163656][   T12] bridge_slave_1: left allmulticast mode
[  216.173682][   T12] bridge_slave_1: left promiscuous mode
[  216.193082][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.230030][   T12] bridge_slave_0: left allmulticast mode
[  216.257876][   T12] bridge_slave_0: left promiscuous mode
[  216.276936][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.492398][ T5857] Bluetooth: hci0: command tx timeout
[  216.824764][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  216.836218][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  216.848322][   T12] bond0 (unregistering): Released all slaves
[  216.897455][ T7625] chnl_net:caif_netlink_parms(): no params data found
[  217.203721][ T5857] Bluetooth: hci4: command 0x0406 tx timeout
[  217.297966][ T7625] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.306373][ T7625] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.314858][ T7625] bridge_slave_0: entered allmulticast mode
[  217.324735][ T7625] bridge_slave_0: entered promiscuous mode
[  217.333368][ T7625] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.340535][ T7625] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.348039][ T7625] bridge_slave_1: entered allmulticast mode
[  217.356139][ T7625] bridge_slave_1: entered promiscuous mode
[  217.480539][ T7422] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.658113][ T7625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.684306][ T7625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  218.078473][ T7673] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.480'.
[  218.182343][   T12] hsr_slave_0: left promiscuous mode
[  218.202279][   T12] hsr_slave_1: left promiscuous mode
[  218.220497][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.270547][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.287443][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.295227][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.314402][   T12] veth1_macvtap: left promiscuous mode
[  218.319999][   T12] veth0_macvtap: left promiscuous mode
[  218.326240][   T12] veth1_vlan: left promiscuous mode
[  218.331665][   T12] veth0_vlan: left promiscuous mode
[  218.564930][ T7683] netlink: 5 bytes leftover after parsing attributes in process `syz.2.483'.
[  218.572465][ T5852] Bluetooth: hci0: command tx timeout
[  218.585005][ T7683] netlink: 'syz.2.483': attribute type 2 has an invalid length.
[  218.619884][ T7683] netlink: 'syz.2.483': attribute type 1 has an invalid length.
[  218.636684][ T7683] netlink: 130248 bytes leftover after parsing attributes in process `syz.2.483'.
[  218.647501][ T7683] netlink: 5 bytes leftover after parsing attributes in process `syz.2.483'.
[  218.999381][   T12] team0 (unregistering): Port device team_slave_1 removed
[  219.037501][   T12] team0 (unregistering): Port device team_slave_0 removed
[  219.458416][ T7405] veth0_macvtap: entered promiscuous mode
[  219.510950][ T7625] team0: Port device team_slave_0 added
[  219.549565][ T7405] veth1_macvtap: entered promiscuous mode
[  219.618129][ T7625] team0: Port device team_slave_1 added
[  219.677539][ T7422] veth0_vlan: entered promiscuous mode
[  219.740033][ T7422] veth1_vlan: entered promiscuous mode
[  219.769378][ T7625] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.780297][ T7625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.807437][ T7625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.823867][ T7625] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.831009][ T7625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.858882][ T7625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.036041][ T7405] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.124586][ T7625] hsr_slave_0: entered promiscuous mode
[  220.131234][ T7625] hsr_slave_1: entered promiscuous mode
[  220.200624][ T7422] veth0_macvtap: entered promiscuous mode
[  220.320023][ T7405] batman_adv: batadv0: Interface activated: batadv_slave_1
[  220.344973][ T7405] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.356509][ T7405] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.366858][ T7405] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.375734][ T7405] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  220.469841][ T7422] veth1_macvtap: entered promiscuous mode
[  220.644891][ T5852] Bluetooth: hci0: command tx timeout
[  220.830327][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.839524][ T7422] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.851911][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.949913][ T7714] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  220.959060][ T7714] batman_adv: batadv0: Removing interface: batadv_slave_0
[  220.998826][ T7422] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.040603][ T7711] syzkaller0: refused to change device tx_queue_len
[  221.055662][ T7422] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.065771][ T7422] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.077171][ T7422] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.087826][ T7422] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.112309][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.126489][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.274433][ T7719] FAULT_INJECTION: forcing a failure.
[  221.274433][ T7719] name failslab, interval 1, probability 0, space 0, times 0
[  221.298886][ T7719] CPU: 0 UID: 0 PID: 7719 Comm: syz.0.493 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  221.298916][ T7719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  221.298929][ T7719] Call Trace:
[  221.298937][ T7719]  <TASK>
[  221.298945][ T7719]  dump_stack_lvl+0x189/0x250
[  221.298984][ T7719]  ? __pfx____ratelimit+0x10/0x10
[  221.299017][ T7719]  ? __pfx_dump_stack_lvl+0x10/0x10
[  221.299042][ T7719]  ? __pfx__printk+0x10/0x10
[  221.299064][ T7719]  ? nla_put+0xd0/0x150
[  221.299098][ T7719]  should_fail_ex+0x414/0x560
[  221.299130][ T7719]  should_failslab+0xa8/0x100
[  221.299160][ T7719]  kmem_cache_alloc_noprof+0x73/0x3c0
[  221.299183][ T7719]  ? skb_clone+0x212/0x3a0
[  221.299216][ T7719]  skb_clone+0x212/0x3a0
[  221.299247][ T7719]  __netlink_deliver_tap+0x404/0x850
[  221.299283][ T7719]  ? netlink_deliver_tap+0x2e/0x1b0
[  221.299306][ T7719]  netlink_deliver_tap+0x19c/0x1b0
[  221.299325][ T7719]  netlink_dump+0x8e4/0xe20
[  221.299351][ T7719]  ? __pfx_netlink_dump+0x10/0x10
[  221.299378][ T7719]  ? netlink_lookup+0x30/0x200
[  221.299394][ T7719]  ? netlink_lookup+0x30/0x200
[  221.299409][ T7719]  ? netlink_lookup+0x30/0x200
[  221.299429][ T7719]  __netlink_dump_start+0x5cb/0x7e0
[  221.299454][ T7719]  xsk_diag_handler_dump+0x183/0x220
[  221.299474][ T7719]  ? __pfx_xsk_diag_handler_dump+0x10/0x10
[  221.299490][ T7719]  ? __pfx_xsk_diag_dump+0x10/0x10
[  221.299508][ T7719]  ? sock_diag_lock_handler+0x19/0x290
[  221.299522][ T7719]  ? sock_diag_lock_handler+0x19/0x290
[  221.299542][ T7719]  sock_diag_rcv_msg+0x4cc/0x600
[  221.299560][ T7719]  netlink_rcv_skb+0x205/0x470
[  221.299579][ T7719]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  221.299596][ T7719]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  221.299624][ T7719]  ? netlink_deliver_tap+0x2e/0x1b0
[  221.299641][ T7719]  ? netlink_deliver_tap+0x2e/0x1b0
[  221.299663][ T7719]  netlink_unicast+0x758/0x8d0
[  221.299688][ T7719]  netlink_sendmsg+0x805/0xb30
[  221.299713][ T7719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.299736][ T7719]  ? aa_sock_msg_perm+0x94/0x160
[  221.299760][ T7719]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  221.299774][ T7719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.299793][ T7719]  __sock_sendmsg+0x219/0x270
[  221.299809][ T7719]  ____sys_sendmsg+0x505/0x830
[  221.299833][ T7719]  ? __pfx_____sys_sendmsg+0x10/0x10
[  221.299859][ T7719]  ? import_iovec+0x74/0xa0
[  221.299880][ T7719]  ___sys_sendmsg+0x21f/0x2a0
[  221.299901][ T7719]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.299948][ T7719]  ? __fget_files+0x2a/0x420
[  221.299968][ T7719]  ? __fget_files+0x3a0/0x420
[  221.300002][ T7719]  __x64_sys_sendmsg+0x19b/0x260
[  221.300024][ T7719]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  221.300050][ T7719]  ? __pfx_ksys_write+0x10/0x10
[  221.300066][ T7719]  ? rcu_is_watching+0x15/0xb0
[  221.300088][ T7719]  ? do_syscall_64+0xbe/0x3b0
[  221.300106][ T7719]  do_syscall_64+0xfa/0x3b0
[  221.300118][ T7719]  ? lockdep_hardirqs_on+0x9c/0x150
[  221.300141][ T7719]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.300155][ T7719]  ? clear_bhb_loop+0x60/0xb0
[  221.300173][ T7719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.300187][ T7719] RIP: 0033:0x7f314598e929
[  221.300201][ T7719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.300214][ T7719] RSP: 002b:00007f3146723038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.300230][ T7719] RAX: ffffffffffffffda RBX: 00007f3145bb5fa0 RCX: 00007f314598e929
[  221.300241][ T7719] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000009
[  221.300250][ T7719] RBP: 00007f3146723090 R08: 0000000000000000 R09: 0000000000000000
[  221.300258][ T7719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.300267][ T7719] R13: 0000000000000000 R14: 00007f3145bb5fa0 R15: 00007fff473dd848
[  221.300290][ T7719]  </TASK>
[  221.753081][ T7724] netlink: 10 bytes leftover after parsing attributes in process `syz.0.495'.
[  221.883530][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.891614][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.948337][ T1098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.961633][ T1098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.070253][   T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.142989][ T7726] netlink: 'syz.0.496': attribute type 29 has an invalid length.
[  222.269010][ T7727] netlink: 'syz.0.496': attribute type 29 has an invalid length.
[  222.277916][ T7728] netlink: 'syz.0.496': attribute type 29 has an invalid length.
[  222.318297][   T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.367396][ T7625] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  222.399272][   T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.418099][ T7625] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  222.444377][ T7625] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  222.455415][ T7625] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  222.491628][   T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.731865][ T5852] Bluetooth: hci0: command tx timeout
[  222.795836][ T7625] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.823260][   T36] bridge_slave_1: left allmulticast mode
[  222.828990][   T36] bridge_slave_1: left promiscuous mode
[  222.854388][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.906336][   T36] bridge_slave_0: left allmulticast mode
[  222.928160][   T36] bridge_slave_0: left promiscuous mode
[  222.941097][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.957421][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  223.977947][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  223.991074][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  224.003789][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  224.032151][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  224.186936][ T5857] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  224.197936][ T5857] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  224.206877][ T5857] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  224.217788][ T5857] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  224.226949][ T5857] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  224.328969][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  224.340005][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  224.350392][   T36] bond0 (unregistering): Released all slaves
[  224.388884][ T7742] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.497'.
[  224.416577][ T7752] wg2: entered allmulticast mode
[  224.442115][ T7746] wg2: entered promiscuous mode
[  224.616498][ T7625] 8021q: adding VLAN 0 to HW filter on device team0
[  224.730763][ T7758] FAULT_INJECTION: forcing a failure.
[  224.730763][ T7758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.744708][ T7758] CPU: 0 UID: 0 PID: 7758 Comm: syz.2.501 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  224.744740][ T7758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.744754][ T7758] Call Trace:
[  224.744763][ T7758]  <TASK>
[  224.744773][ T7758]  dump_stack_lvl+0x189/0x250
[  224.744807][ T7758]  ? __pfx____ratelimit+0x10/0x10
[  224.744853][ T7758]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.744880][ T7758]  ? __pfx__printk+0x10/0x10
[  224.744927][ T7758]  should_fail_ex+0x414/0x560
[  224.744967][ T7758]  _copy_to_user+0x31/0xb0
[  224.744998][ T7758]  simple_read_from_buffer+0xe1/0x170
[  224.745034][ T7758]  proc_fail_nth_read+0x1df/0x250
[  224.745071][ T7758]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.745109][ T7758]  ? rw_verify_area+0x258/0x650
[  224.745134][ T7758]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.745169][ T7758]  vfs_read+0x200/0x980
[  224.745203][ T7758]  ? __pfx___mutex_lock+0x10/0x10
[  224.745227][ T7758]  ? __pfx_vfs_read+0x10/0x10
[  224.745256][ T7758]  ? __fget_files+0x2a/0x420
[  224.745292][ T7758]  ? __fget_files+0x3a0/0x420
[  224.745323][ T7758]  ? __fget_files+0x2a/0x420
[  224.745365][ T7758]  ksys_read+0x145/0x250
[  224.745395][ T7758]  ? __pfx_ksys_read+0x10/0x10
[  224.745418][ T7758]  ? rcu_is_watching+0x15/0xb0
[  224.745453][ T7758]  ? do_syscall_64+0xbe/0x3b0
[  224.745480][ T7758]  do_syscall_64+0xfa/0x3b0
[  224.745501][ T7758]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.745534][ T7758]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.745556][ T7758]  ? clear_bhb_loop+0x60/0xb0
[  224.745584][ T7758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.745605][ T7758] RIP: 0033:0x7fe93ad8d33c
[  224.745626][ T7758] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  224.745646][ T7758] RSP: 002b:00007fe93bb46030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  224.745669][ T7758] RAX: ffffffffffffffda RBX: 00007fe93afb5fa0 RCX: 00007fe93ad8d33c
[  224.745686][ T7758] RDX: 000000000000000f RSI: 00007fe93bb460a0 RDI: 0000000000000006
[  224.745700][ T7758] RBP: 00007fe93bb46090 R08: 0000000000000000 R09: 0000000000000000
[  224.745714][ T7758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  224.745728][ T7758] R13: 0000000000000000 R14: 00007fe93afb5fa0 R15: 00007ffec21f06a8
[  224.745764][ T7758]  </TASK>
[  225.018461][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.025714][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  225.174746][   T36] hsr_slave_0: left promiscuous mode
[  225.203200][   T36] hsr_slave_1: left promiscuous mode
[  225.209824][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  225.219718][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  225.257989][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  225.282485][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  225.324515][   T36] veth1_macvtap: left promiscuous mode
[  225.330166][   T36] veth0_macvtap: left promiscuous mode
[  225.347200][   T36] veth1_vlan: left promiscuous mode
[  225.360675][   T36] veth0_vlan: left promiscuous mode
[  226.085462][ T5852] Bluetooth: hci1: command tx timeout
[  226.257598][   T36] team0 (unregistering): Port device team_slave_1 removed
[  226.303211][   T36] team0 (unregistering): Port device team_slave_0 removed
[  226.324904][ T5852] Bluetooth: hci2: command tx timeout
[  226.802815][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.810050][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.983701][ T7789] netlink: 'syz.2.510': attribute type 10 has an invalid length.
[  226.991709][ T7789] netlink: 2 bytes leftover after parsing attributes in process `syz.2.510'.
[  227.116247][ T7789] bond0: entered promiscuous mode
[  227.126941][ T7789] bond_slave_0: entered promiscuous mode
[  227.142269][ T7789] bond_slave_1: entered promiscuous mode
[  227.162632][ T7789] bridge0: port 3(bond0) entered blocking state
[  227.169547][ T7789] bridge0: port 3(bond0) entered disabled state
[  227.183262][ T7789] bond0: entered allmulticast mode
[  227.188468][ T7789] bond_slave_0: entered allmulticast mode
[  227.201937][ T7789] bond_slave_1: entered allmulticast mode
[  227.215755][ T7789] bridge0: port 3(bond0) entered blocking state
[  227.222253][ T7789] bridge0: port 3(bond0) entered forwarding state
[  227.285919][ T7794] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.511'.
[  227.313607][ T7748] chnl_net:caif_netlink_parms(): no params data found
[  227.863499][ T7753] chnl_net:caif_netlink_parms(): no params data found
[  228.021424][ T7748] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.048787][ T7748] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.083437][ T7748] bridge_slave_0: entered allmulticast mode
[  228.156399][ T7748] bridge_slave_0: entered promiscuous mode
[  228.173480][ T5852] Bluetooth: hci1: command tx timeout
[  228.186004][ T7813] netlink: 'syz.0.515': attribute type 10 has an invalid length.
[  228.223991][ T7748] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.236118][ T7813] netlink: 55 bytes leftover after parsing attributes in process `syz.0.515'.
[  228.260958][ T7748] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.282600][ T7748] bridge_slave_1: entered allmulticast mode
[  228.304604][ T7748] bridge_slave_1: entered promiscuous mode
[  228.403081][ T5852] Bluetooth: hci2: command tx timeout
[  228.464718][ T7748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  228.540614][ T7820] netlink: 209588 bytes leftover after parsing attributes in process `syz.0.517'.
[  228.565676][ T7748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  228.703506][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.757893][ T7748] team0: Port device team_slave_0 added
[  228.815646][ T7748] team0: Port device team_slave_1 added
[  228.884797][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.905365][ T7827] sctp: [Deprecated]: syz.0.519 (pid 7827) Use of struct sctp_assoc_value in delayed_ack socket option.
[  228.905365][ T7827] Use struct sctp_sack_info instead
[  228.947918][ T7753] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.955707][ T7753] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.965888][ T7753] bridge_slave_0: entered allmulticast mode
[  228.977611][ T7753] bridge_slave_0: entered promiscuous mode
[  228.991763][ T7753] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.999518][ T7753] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.016736][ T7753] bridge_slave_1: entered allmulticast mode
[  229.026933][ T7753] bridge_slave_1: entered promiscuous mode
[  229.066864][ T7748] batman_adv: batadv0: Adding interface: batadv_slave_0
[  229.076163][ T7748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.103718][ T7748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  229.117444][ T7748] batman_adv: batadv0: Adding interface: batadv_slave_1
[  229.129540][ T7748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.156599][ T7748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.205229][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.231300][ T7625] 8021q: adding VLAN 0 to HW filter on device batadv0
[  229.371182][ T7840] FAULT_INJECTION: forcing a failure.
[  229.371182][ T7840] name failslab, interval 1, probability 0, space 0, times 0
[  229.410556][ T7753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  229.455583][ T7753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  229.468192][ T7840] CPU: 1 UID: 0 PID: 7840 Comm: syz.0.521 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  229.468220][ T7840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.468230][ T7840] Call Trace:
[  229.468236][ T7840]  <TASK>
[  229.468243][ T7840]  dump_stack_lvl+0x189/0x250
[  229.468265][ T7840]  ? __pfx____ratelimit+0x10/0x10
[  229.468289][ T7840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.468306][ T7840]  ? __pfx__printk+0x10/0x10
[  229.468338][ T7840]  should_fail_ex+0x414/0x560
[  229.468363][ T7840]  should_failslab+0xa8/0x100
[  229.468385][ T7840]  __kmalloc_cache_noprof+0x70/0x3d0
[  229.468403][ T7840]  ? sctp_add_bind_addr+0x8c/0x370
[  229.468423][ T7840]  sctp_add_bind_addr+0x8c/0x370
[  229.468441][ T7840]  sctp_copy_local_addr_list+0x30b/0x4e0
[  229.468460][ T7840]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  229.468475][ T7840]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  229.468494][ T7840]  ? sctp_v4_is_any+0x35/0x60
[  229.468509][ T7840]  ? sctp_copy_one_addr+0x93/0x360
[  229.468528][ T7840]  sctp_bind_addr_copy+0xb3/0x3c0
[  229.468544][ T7840]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  229.468569][ T7840]  sctp_connect_new_asoc+0x2e0/0x690
[  229.468592][ T7840]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  229.468615][ T7840]  ? register_lock_class+0x51/0x320
[  229.468631][ T7840]  ? sctp_endpoint_lookup_assoc+0xd1/0x260
[  229.468653][ T7840]  __sctp_connect+0x5ba/0xd50
[  229.468682][ T7840]  ? __pfx___sctp_connect+0x10/0x10
[  229.468700][ T7840]  ? __local_bh_enable_ip+0x12d/0x1c0
[  229.468716][ T7840]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.468740][ T7840]  ? __local_bh_enable_ip+0x12d/0x1c0
[  229.468756][ T7840]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  229.468771][ T7840]  ? security_sctp_bind_connect+0x7e/0x2e0
[  229.468793][ T7840]  sctp_setsockopt_connectx+0x100/0x1b0
[  229.468818][ T7840]  sctp_setsockopt+0x6d9/0x1200
[  229.468836][ T7840]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  229.468854][ T7840]  do_sock_setsockopt+0x25a/0x3e0
[  229.468876][ T7840]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  229.468898][ T7840]  ? __fget_files+0x2a/0x420
[  229.468925][ T7840]  __x64_sys_setsockopt+0x18b/0x220
[  229.468948][ T7840]  do_syscall_64+0xfa/0x3b0
[  229.468962][ T7840]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.468983][ T7840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.468997][ T7840]  ? clear_bhb_loop+0x60/0xb0
[  229.469015][ T7840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.469029][ T7840] RIP: 0033:0x7f314598e929
[  229.469043][ T7840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.469055][ T7840] RSP: 002b:00007f31437f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  229.469072][ T7840] RAX: ffffffffffffffda RBX: 00007f3145bb6080 RCX: 00007f314598e929
[  229.469082][ T7840] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000006
[  229.469091][ T7840] RBP: 00007f31437f6090 R08: 0000000000000010 R09: 0000000000000000
[  229.469100][ T7840] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[  229.469109][ T7840] R13: 0000000000000000 R14: 00007f3145bb6080 R15: 00007fff473dd848
[  229.469133][ T7840]  </TASK>
[  229.809402][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.855720][ T7748] hsr_slave_0: entered promiscuous mode
[  229.862952][ T7748] hsr_slave_1: entered promiscuous mode
[  229.869644][ T7748] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  229.877686][ T7748] Cannot create hsr debugfs directory
[  230.197814][ T7753] team0: Port device team_slave_0 added
[  230.242071][ T5852] Bluetooth: hci1: command tx timeout
[  230.277123][ T7753] team0: Port device team_slave_1 added
[  230.464681][ T7857] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.524'.
[  230.490013][ T5852] Bluetooth: hci2: command tx timeout
[  230.497082][ T7753] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.523752][ T7753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.584964][ T7753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.623289][ T7753] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.637375][ T7753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.669215][ T7753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.941454][ T7753] hsr_slave_0: entered promiscuous mode
[  230.955157][ T7753] hsr_slave_1: entered promiscuous mode
[  230.963179][ T7753] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.971319][ T7753] Cannot create hsr debugfs directory
[  230.984439][   T36] bridge_slave_1: left allmulticast mode
[  230.990294][   T36] bridge_slave_1: left promiscuous mode
[  230.996343][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.006340][   T36] bridge_slave_0: left allmulticast mode
[  231.012682][   T36] bridge_slave_0: left promiscuous mode
[  231.018644][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.336962][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  231.348711][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  231.359052][   T36] bond0 (unregistering): Released all slaves
[  231.449727][ T7625] veth0_vlan: entered promiscuous mode
[  231.975153][ T7625] veth1_vlan: entered promiscuous mode
[  232.060557][ T7879] Illegal XDP return value 4294967274 on prog  (id 368) dev N/A, expect packet loss!
[  232.182265][   T36] hsr_slave_0: left promiscuous mode
[  232.192414][ T7884] FAULT_INJECTION: forcing a failure.
[  232.192414][ T7884] name failslab, interval 1, probability 0, space 0, times 0
[  232.213044][ T7884] CPU: 0 UID: 0 PID: 7884 Comm: syz.0.537 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  232.213073][ T7884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  232.213084][ T7884] Call Trace:
[  232.213095][ T7884]  <TASK>
[  232.213105][ T7884]  dump_stack_lvl+0x189/0x250
[  232.213138][ T7884]  ? __pfx____ratelimit+0x10/0x10
[  232.213175][ T7884]  ? __pfx_dump_stack_lvl+0x10/0x10
[  232.213204][ T7884]  ? __pfx__printk+0x10/0x10
[  232.213277][ T7884]  should_fail_ex+0x414/0x560
[  232.213329][ T7884]  should_failslab+0xa8/0x100
[  232.213374][ T7884]  __kmalloc_cache_noprof+0x70/0x3d0
[  232.213403][ T7884]  ? sctp_add_bind_addr+0x8c/0x370
[  232.213442][ T7884]  sctp_add_bind_addr+0x8c/0x370
[  232.213482][ T7884]  sctp_copy_local_addr_list+0x30b/0x4e0
[  232.213519][ T7884]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  232.213545][ T7884]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  232.213582][ T7884]  ? sctp_v4_is_any+0x35/0x60
[  232.213605][ T7884]  ? sctp_copy_one_addr+0x93/0x360
[  232.213642][ T7884]  sctp_bind_addr_copy+0xb3/0x3c0
[  232.213672][ T7884]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  232.213717][ T7884]  sctp_connect_new_asoc+0x2e0/0x690
[  232.213760][ T7884]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  232.213785][ T7884]  ? __local_bh_enable_ip+0x12d/0x1c0
[  232.213834][ T7884]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  232.213855][ T7884]  ? security_sctp_bind_connect+0x7e/0x2e0
[  232.213894][ T7884]  sctp_sendmsg+0x155c/0x2810
[  232.213965][ T7884]  ? __pfx_sctp_sendmsg+0x10/0x10
[  232.214007][ T7884]  ? aa_sk_perm+0x81e/0x950
[  232.214057][ T7884]  ? __pfx_aa_sk_perm+0x10/0x10
[  232.214103][ T7884]  ? sock_rps_record_flow+0x19/0x410
[  232.214136][ T7884]  ? inet_sendmsg+0x2f4/0x370
[  232.214175][ T7884]  __sock_sendmsg+0x19c/0x270
[  232.214210][ T7884]  ____sys_sendmsg+0x505/0x830
[  232.214257][ T7884]  ? __pfx_____sys_sendmsg+0x10/0x10
[  232.214317][ T7884]  ? import_iovec+0x74/0xa0
[  232.214367][ T7884]  ___sys_sendmsg+0x21f/0x2a0
[  232.214408][ T7884]  ? __pfx____sys_sendmsg+0x10/0x10
[  232.214505][ T7884]  ? __fget_files+0x2a/0x420
[  232.214576][ T7884]  ? __fget_files+0x2a/0x420
[  232.214604][ T7884]  ? __fget_files+0x3a0/0x420
[  232.214668][ T7884]  __x64_sys_sendmsg+0x19b/0x260
[  232.214710][ T7884]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  232.214772][ T7884]  ? __pfx_ksys_write+0x10/0x10
[  232.214794][ T7884]  ? rcu_is_watching+0x15/0xb0
[  232.214839][ T7884]  ? do_syscall_64+0xbe/0x3b0
[  232.214875][ T7884]  do_syscall_64+0xfa/0x3b0
[  232.214894][ T7884]  ? lockdep_hardirqs_on+0x9c/0x150
[  232.214929][ T7884]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.214951][ T7884]  ? clear_bhb_loop+0x60/0xb0
[  232.214986][ T7884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.215007][ T7884] RIP: 0033:0x7f314598e929
[  232.215029][ T7884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.215048][ T7884] RSP: 002b:00007f3146723038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  232.215069][ T7884] RAX: ffffffffffffffda RBX: 00007f3145bb5fa0 RCX: 00007f314598e929
[  232.215083][ T7884] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000006
[  232.215096][ T7884] RBP: 00007f3146723090 R08: 0000000000000000 R09: 0000000000000000
[  232.215109][ T7884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  232.215120][ T7884] R13: 0000000000000000 R14: 00007f3145bb5fa0 R15: 00007fff473dd848
[  232.215188][ T7884]  </TASK>
[  232.215398][   T36] hsr_slave_1: left promiscuous mode
[  232.382163][ T5852] Bluetooth: hci1: command tx timeout
[  232.387581][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  232.564655][ T5852] Bluetooth: hci2: command tx timeout
[  232.577276][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  232.600218][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.622864][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  232.664702][   T36] veth1_macvtap: left promiscuous mode
[  232.670336][   T36] veth0_macvtap: left promiscuous mode
[  232.689686][   T36] veth1_vlan: left promiscuous mode
[  232.695426][   T36] veth0_vlan: left promiscuous mode
[  233.161698][   T36] team0 (unregistering): Port device team_slave_1 removed
[  233.197984][   T36] team0 (unregistering): Port device team_slave_0 removed
[  233.639865][ T7895] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.539'.
[  233.716211][ T7625] veth0_macvtap: entered promiscuous mode
[  233.761405][ T7625] veth1_macvtap: entered promiscuous mode
[  233.869575][ T7625] batman_adv: batadv0: Interface activated: batadv_slave_0
[  233.888390][ T7748] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  233.944523][ T7625] batman_adv: batadv0: Interface activated: batadv_slave_1
[  233.985821][ T7748] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  234.006670][ T7748] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  234.025550][ T7625] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.041924][ T7625] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.050751][ T7625] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.060001][ T7625] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.086723][ T7748] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  234.190453][ T7908] netlink: 'syz.2.544': attribute type 33 has an invalid length.
[  234.209123][ T7908] netlink: 152 bytes leftover after parsing attributes in process `syz.2.544'.
[  234.404365][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.428203][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.519285][ T1098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.534015][ T7918] FAULT_INJECTION: forcing a failure.
[  234.534015][ T7918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.554122][ T1098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.562575][ T7918] CPU: 1 UID: 0 PID: 7918 Comm: syz.0.547 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  234.562602][ T7918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  234.562613][ T7918] Call Trace:
[  234.562620][ T7918]  <TASK>
[  234.562629][ T7918]  dump_stack_lvl+0x189/0x250
[  234.562658][ T7918]  ? __pfx____ratelimit+0x10/0x10
[  234.562689][ T7918]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.562713][ T7918]  ? __pfx__printk+0x10/0x10
[  234.562739][ T7918]  ? __might_fault+0xb0/0x130
[  234.562771][ T7918]  should_fail_ex+0x414/0x560
[  234.562804][ T7918]  _copy_from_user+0x2d/0xb0
[  234.562828][ T7918]  generic_map_update_batch+0x572/0x7f0
[  234.562867][ T7918]  ? __pfx_generic_map_update_batch+0x10/0x10
[  234.562896][ T7918]  ? __fget_files+0x2a/0x420
[  234.562930][ T7918]  ? __pfx_generic_map_update_batch+0x10/0x10
[  234.562957][ T7918]  bpf_map_do_batch+0x369/0x5f0
[  234.562984][ T7918]  __sys_bpf+0x384/0x860
[  234.563003][ T7918]  ? __pfx___sys_bpf+0x10/0x10
[  234.563040][ T7918]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  234.563085][ T7918]  __x64_sys_bpf+0x7c/0x90
[  234.563114][ T7918]  do_syscall_64+0xfa/0x3b0
[  234.563135][ T7918]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.563160][ T7918]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  234.563180][ T7918]  ? clear_bhb_loop+0x60/0xb0
[  234.563205][ T7918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.563224][ T7918] RIP: 0033:0x7f314598e929
[  234.563242][ T7918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.563259][ T7918] RSP: 002b:00007f3146723038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  234.563281][ T7918] RAX: ffffffffffffffda RBX: 00007f3145bb5fa0 RCX: 00007f314598e929
[  234.563296][ T7918] RDX: 0000000000000038 RSI: 00002000000001c0 RDI: 000000000000001a
[  234.563308][ T7918] RBP: 00007f3146723090 R08: 0000000000000000 R09: 0000000000000000
[  234.563320][ T7918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  234.563331][ T7918] R13: 0000000000000000 R14: 00007f3145bb5fa0 R15: 00007fff473dd848
[  234.563361][ T7918]  </TASK>
[  234.629761][ T7748] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.813304][ T7753] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  234.845976][ T7753] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  234.887545][ T7753] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  234.922792][ T7748] 8021q: adding VLAN 0 to HW filter on device team0
[  234.954061][ T7753] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  234.972921][ T7923] netlink: 132 bytes leftover after parsing attributes in process `syz.0.549'.
[  234.996989][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.004305][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.023477][ T1098] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.030690][ T1098] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.179639][  T153] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.353060][  T153] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.567018][  T153] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.729836][  T153] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.848724][ T7753] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.948400][ T7753] 8021q: adding VLAN 0 to HW filter on device team0
[  235.990443][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.997759][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.028135][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.035602][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.204603][  T153] bridge_slave_1: left allmulticast mode
[  236.210678][  T153] bridge_slave_1: left promiscuous mode
[  236.233032][  T153] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.253480][  T153] bridge_slave_0: left allmulticast mode
[  236.259218][  T153] bridge_slave_0: left promiscuous mode
[  236.281284][  T153] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.978282][ T5857] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  236.987784][ T5857] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  236.996694][ T5857] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  237.005994][ T5857] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  237.026138][ T5857] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  237.122865][  T153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  237.138634][  T153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  237.149569][  T153] bond0 (unregistering): Released all slaves
[  237.190898][ T7950] netlink: 3752 bytes leftover after parsing attributes in process `syz.2.553'.
[  237.238701][ T7958] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.556'.
[  237.274265][ T7957] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.556'.
[  237.375047][ T7748] 8021q: adding VLAN 0 to HW filter on device batadv0
[  237.509750][ T7962] netlink: 'syz.2.557': attribute type 29 has an invalid length.
[  237.527874][ T7964] netlink: 'syz.2.557': attribute type 29 has an invalid length.
[  237.759702][ T7748] veth0_vlan: entered promiscuous mode
[  237.844023][ T7748] veth1_vlan: entered promiscuous mode
[  237.887640][ T7748] veth0_macvtap: entered promiscuous mode
[  237.957842][  T153] hsr_slave_0: left promiscuous mode
[  237.967463][  T153] hsr_slave_1: left promiscuous mode
[  237.987524][  T153] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  237.997780][  T153] batman_adv: batadv0: Removing interface: batadv_slave_0
[  238.008477][  T153] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  238.038243][  T153] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.069608][  T153] veth1_macvtap: left promiscuous mode
[  238.082330][  T153] veth0_macvtap: left promiscuous mode
[  238.088674][  T153] veth1_vlan: left promiscuous mode
[  238.095732][  T153] veth0_vlan: left promiscuous mode
[  238.702610][  T153] team0 (unregistering): Port device team_slave_1 removed
[  238.745682][  T153] team0 (unregistering): Port device team_slave_0 removed
[  239.122060][ T5852] Bluetooth: hci0: command tx timeout
[  239.173636][ T7748] veth1_macvtap: entered promiscuous mode
[  239.265573][ T7748] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.356914][ T7748] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.387536][ T7753] 8021q: adding VLAN 0 to HW filter on device batadv0
[  239.439235][ T7987] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.567'.
[  239.464944][ T7954] chnl_net:caif_netlink_parms(): no params data found
[  239.490285][ T7748] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.512222][ T7748] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.521014][ T7748] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.542936][ T7748] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.740349][ T8000] FAULT_INJECTION: forcing a failure.
[  239.740349][ T8000] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  239.754605][ T8000] CPU: 0 UID: 0 PID: 8000 Comm: syz.0.569 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  239.754633][ T8000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.754646][ T8000] Call Trace:
[  239.754654][ T8000]  <TASK>
[  239.754662][ T8000]  dump_stack_lvl+0x189/0x250
[  239.754694][ T8000]  ? __pfx____ratelimit+0x10/0x10
[  239.754726][ T8000]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.754752][ T8000]  ? __pfx__printk+0x10/0x10
[  239.754780][ T8000]  ? fs_reclaim_acquire+0x7d/0x100
[  239.754822][ T8000]  should_fail_ex+0x414/0x560
[  239.754857][ T8000]  prepare_alloc_pages+0x213/0x610
[  239.754896][ T8000]  __alloc_frozen_pages_noprof+0x123/0x370
[  239.754932][ T8000]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  239.754973][ T8000]  ? policy_nodemask+0x27c/0x720
[  239.755007][ T8000]  alloc_pages_mpol+0x232/0x4a0
[  239.755039][ T8000]  vma_alloc_folio_noprof+0xe4/0x200
[  239.755082][ T8000]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  239.755123][ T8000]  folio_prealloc+0x30/0x180
[  239.755151][ T8000]  do_wp_page+0x1231/0x5800
[  239.755197][ T8000]  ? __pfx_do_wp_page+0x10/0x10
[  239.755217][ T8000]  ? do_raw_spin_lock+0x121/0x290
[  239.755249][ T8000]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  239.755290][ T8000]  __handle_mm_fault+0x1144/0x5620
[  239.755337][ T8000]  ? __pfx___handle_mm_fault+0x10/0x10
[  239.755381][ T8000]  ? find_vma+0xe7/0x160
[  239.755410][ T8000]  ? __pfx_find_vma+0x10/0x10
[  239.755432][ T8000]  ? __up_read+0x280/0x680
[  239.755461][ T8000]  handle_mm_fault+0x40a/0x8e0
[  239.755497][ T8000]  do_user_addr_fault+0x764/0x1390
[  239.755591][ T8000]  exc_page_fault+0x76/0xf0
[  239.755627][ T8000]  asm_exc_page_fault+0x26/0x30
[  239.755646][ T8000] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  239.755673][ T8000] Code: 00 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 4f 00 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  239.755692][ T8000] RSP: 0018:ffffc90003b07b68 EFLAGS: 00050202
[  239.755711][ T8000] RAX: ffffffff84c1ce01 RBX: 0000000000010001 RCX: 0000000000002541
[  239.755725][ T8000] RDX: 0000000000000000 RSI: ffff88806214dac6 RDI: 000020000000e000
[  239.755739][ T8000] RBP: ffffc90003b07ce0 R08: 0000000000000006 R09: 0000000000000007
[  239.755752][ T8000] R10: dffffc0000000000 R11: ffffed100c42a000 R12: 0000200000010541
[  239.755766][ T8000] R13: 00007ffffffff000 R14: ffff888062140006 R15: 0000200000000540
[  239.755791][ T8000]  ? _copy_from_user+0x81/0xb0
[  239.755824][ T8000]  _copy_to_user+0x8a/0xb0
[  239.755852][ T8000]  generic_map_lookup_batch+0x8e8/0xcc0
[  239.755898][ T8000]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  239.755926][ T8000]  ? __fget_files+0x2a/0x420
[  239.755960][ T8000]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  239.755990][ T8000]  bpf_map_do_batch+0x25e/0x5f0
[  239.756020][ T8000]  ? security_bpf+0x7e/0x300
[  239.756052][ T8000]  __sys_bpf+0x70c/0x860
[  239.756073][ T8000]  ? __pfx___sys_bpf+0x10/0x10
[  239.756108][ T8000]  ? ksys_write+0x22a/0x250
[  239.756136][ T8000]  ? __pfx_ksys_write+0x10/0x10
[  239.756157][ T8000]  ? rcu_is_watching+0x15/0xb0
[  239.756190][ T8000]  __x64_sys_bpf+0x7c/0x90
[  239.756221][ T8000]  do_syscall_64+0xfa/0x3b0
[  239.756239][ T8000]  ? lockdep_hardirqs_on+0x9c/0x150
[  239.756270][ T8000]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.756289][ T8000]  ? clear_bhb_loop+0x60/0xb0
[  239.756314][ T8000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.756334][ T8000] RIP: 0033:0x7f314598e929
[  239.756352][ T8000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.756369][ T8000] RSP: 002b:00007f3146723038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  239.756388][ T8000] RAX: ffffffffffffffda RBX: 00007f3145bb5fa0 RCX: 00007f314598e929
[  239.756418][ T8000] RDX: 0000000000000038 RSI: 00002000000002c0 RDI: 0000000000000018
[  239.756431][ T8000] RBP: 00007f3146723090 R08: 0000000000000000 R09: 0000000000000000
[  239.756443][ T8000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  239.756454][ T8000] R13: 0000000000000000 R14: 00007f3145bb5fa0 R15: 00007fff473dd848
[  239.756486][ T8000]  </TASK>
[  240.251242][ T7954] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.271264][ T7954] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.281270][ T7954] bridge_slave_0: entered allmulticast mode
[  240.291148][ T7954] bridge_slave_0: entered promiscuous mode
[  240.300445][ T7954] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.307842][ T7954] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.315668][ T7954] bridge_slave_1: entered allmulticast mode
[  240.323871][ T7954] bridge_slave_1: entered promiscuous mode
[  240.340545][ T7753] veth0_vlan: entered promiscuous mode
[  240.352670][ T8004] netlink: 'syz.0.571': attribute type 6 has an invalid length.
[  240.360387][ T8004] netlink: 168 bytes leftover after parsing attributes in process `syz.0.571'.
[  240.448612][ T7954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  240.461634][ T7954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  240.494181][ T7753] veth1_vlan: entered promiscuous mode
[  240.509404][ T8007] netlink: 56 bytes leftover after parsing attributes in process `syz.2.572'.
[  240.522611][ T8008] netlink: 56 bytes leftover after parsing attributes in process `syz.2.572'.
[  240.539572][ T8007] netlink: 56 bytes leftover after parsing attributes in process `syz.2.572'.
[  240.579684][ T7954] team0: Port device team_slave_0 added
[  240.621052][ T8010] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.573'.
[  240.624448][ T7954] team0: Port device team_slave_1 added
[  240.668109][ T8012] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  240.679621][ T8012] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  240.706951][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.725918][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.818371][ T8016] netlink: 'syz.2.576': attribute type 39 has an invalid length.
[  240.819918][ T7954] batman_adv: batadv0: Adding interface: batadv_slave_0
[  240.837820][ T7954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.864623][ T7954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.881151][  T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.890050][  T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.898233][ T8016] veth0_macvtap: left promiscuous mode
[  240.931510][ T7954] batman_adv: batadv0: Adding interface: batadv_slave_1
[  240.938995][ T7954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.966778][ T7954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.017316][ T7753] veth0_macvtap: entered promiscuous mode
[  241.097735][ T7954] hsr_slave_0: entered promiscuous mode
[  241.105908][ T7954] hsr_slave_1: entered promiscuous mode
[  241.119975][ T7753] veth1_macvtap: entered promiscuous mode
[  241.204358][ T5852] Bluetooth: hci0: command tx timeout
[  241.388790][ T7753] batman_adv: batadv0: Interface activated: batadv_slave_0
[  241.457858][ T8024] netlink: 3752 bytes leftover after parsing attributes in process `syz.2.579'.
[  241.492081][ T7753] batman_adv: batadv0: Interface activated: batadv_slave_1
[  241.588222][   T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.654941][ T7753] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  241.671959][ T7753] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  241.681092][ T7753] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  241.696095][ T7753] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  241.774073][   T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.871535][   T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.941794][   T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.974864][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.983409][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.024033][  T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.035153][  T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.175782][   T59] bridge_slave_1: left allmulticast mode
[  242.181525][   T59] bridge_slave_1: left promiscuous mode
[  242.195140][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.205139][   T59] bridge_slave_0: left allmulticast mode
[  242.210915][   T59] bridge_slave_0: left promiscuous mode
[  242.217342][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.563515][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.587031][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.615158][   T59] bond0 (unregistering): Released all slaves
[  242.918989][ T8036] netlink: 'syz.0.584': attribute type 10 has an invalid length.
[  242.927640][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  242.939023][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  242.939467][ T7954] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  242.960557][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  242.970814][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  242.979042][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  242.981627][ T7954] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  243.030611][ T8036] team0: Port device wlan1 added
[  243.063140][ T7954] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  243.293579][ T5857] Bluetooth: hci0: command tx timeout
[  243.584700][ T7954] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  243.748018][   T59] hsr_slave_0: left promiscuous mode
[  243.754978][   T59] hsr_slave_1: left promiscuous mode
[  243.761153][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.773645][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.781693][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.793086][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.810297][   T59] veth1_macvtap: left promiscuous mode
[  243.816004][   T59] veth0_macvtap: left promiscuous mode
[  243.821633][   T59] veth1_vlan: left promiscuous mode
[  243.827473][   T59] veth0_vlan: left promiscuous mode
[  244.386046][ T8052] FAULT_INJECTION: forcing a failure.
[  244.386046][ T8052] name failslab, interval 1, probability 0, space 0, times 0
[  244.400569][ T8052] CPU: 0 UID: 0 PID: 8052 Comm: syz.2.587 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  244.400602][ T8052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.400614][ T8052] Call Trace:
[  244.400622][ T8052]  <TASK>
[  244.400631][ T8052]  dump_stack_lvl+0x189/0x250
[  244.400660][ T8052]  ? __pfx____ratelimit+0x10/0x10
[  244.400692][ T8052]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.400716][ T8052]  ? __pfx__printk+0x10/0x10
[  244.400748][ T8052]  ? __pfx___might_resched+0x10/0x10
[  244.400772][ T8052]  ? fs_reclaim_acquire+0x7d/0x100
[  244.400807][ T8052]  should_fail_ex+0x414/0x560
[  244.400844][ T8052]  should_failslab+0xa8/0x100
[  244.400873][ T8052]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  244.400900][ T8052]  ? __request_module+0x2d1/0x5e0
[  244.400928][ T8052]  kstrdup+0x42/0x100
[  244.400960][ T8052]  __request_module+0x2d1/0x5e0
[  244.400982][ T8052]  ? __pfx_aa_get_newest_label+0x10/0x10
[  244.401017][ T8052]  ? __pfx___request_module+0x10/0x10
[  244.401043][ T8052]  ? apparmor_capable+0x137/0x1b0
[  244.401076][ T8052]  ? capable+0x89/0xe0
[  244.401097][ T8052]  ? dev_load+0x21/0x1f0
[  244.401121][ T8052]  devinet_ioctl+0x130/0x1b50
[  244.401164][ T8052]  ? __pfx_devinet_ioctl+0x10/0x10
[  244.401197][ T8052]  ? get_user_ifreq+0x12c/0x180
[  244.401229][ T8052]  inet_ioctl+0x3c0/0x4c0
[  244.401253][ T8052]  ? __pfx_inet_ioctl+0x10/0x10
[  244.401292][ T8052]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  244.401334][ T8052]  sock_do_ioctl+0xd9/0x300
[  244.401368][ T8052]  ? __pfx_sock_do_ioctl+0x10/0x10
[  244.401418][ T8052]  sock_ioctl+0x576/0x790
[  244.401451][ T8052]  ? __pfx_sock_ioctl+0x10/0x10
[  244.401481][ T8052]  ? __fget_files+0x2a/0x420
[  244.401508][ T8052]  ? __fget_files+0x3a0/0x420
[  244.401543][ T8052]  ? __fget_files+0x2a/0x420
[  244.401575][ T8052]  ? bpf_lsm_file_ioctl+0x9/0x20
[  244.401597][ T8052]  ? __pfx_sock_ioctl+0x10/0x10
[  244.401627][ T8052]  __se_sys_ioctl+0xf9/0x170
[  244.401653][ T8052]  do_syscall_64+0xfa/0x3b0
[  244.401675][ T8052]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.401694][ T8052]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  244.401715][ T8052]  ? clear_bhb_loop+0x60/0xb0
[  244.401740][ T8052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.401760][ T8052] RIP: 0033:0x7fe93ad8e929
[  244.401779][ T8052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.401797][ T8052] RSP: 002b:00007fe93bb46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  244.401817][ T8052] RAX: ffffffffffffffda RBX: 00007fe93afb5fa0 RCX: 00007fe93ad8e929
[  244.401832][ T8052] RDX: 0000200000000180 RSI: 000000000000891a RDI: 0000000000000006
[  244.401845][ T8052] RBP: 00007fe93bb46090 R08: 0000000000000000 R09: 0000000000000000
[  244.401857][ T8052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.401869][ T8052] R13: 0000000000000000 R14: 00007fe93afb5fa0 R15: 00007ffec21f06a8
[  244.401901][ T8052]  </TASK>
[  244.787737][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  244.802170][   T59] team0 (unregistering): Port device team_slave_1 removed
[  244.826082][ T5852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  244.844376][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  244.860696][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  244.869317][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  244.878618][   T59] team0 (unregistering): Port device team_slave_0 removed
[  245.043296][ T5852] Bluetooth: hci1: command tx timeout
[  245.284498][ T1150] wlan1: Trigger new scan to find an IBSS to join
[  245.291495][ T1150] ------------[ cut here ]------------
[  245.297437][ T1150] UBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1223:5
[  245.306131][ T1150] index 1 is out of range for type 'struct ieee80211_channel *[] __counted_by(n_channels)' (aka 'struct ieee80211_channel *[]')
[  245.324812][ T1150] CPU: 0 UID: 0 PID: 1150 Comm: kworker/u8:8 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  245.324843][ T1150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  245.324856][ T1150] Workqueue: events_unbound cfg80211_wiphy_work
[  245.324885][ T1150] Call Trace:
[  245.324894][ T1150]  <TASK>
[  245.324903][ T1150]  dump_stack_lvl+0x189/0x250
[  245.324936][ T1150]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.324961][ T1150]  ? __pfx__printk+0x10/0x10
[  245.325003][ T1150]  ubsan_epilogue+0xa/0x40
[  245.325026][ T1150]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  245.325053][ T1150]  ieee80211_request_ibss_scan+0x600/0x8b0
[  245.325094][ T1150]  ieee80211_ibss_work+0xde7/0x1060
[  245.325128][ T1150]  ? __pfx_ieee80211_ibss_work+0x10/0x10
[  245.325164][ T1150]  ? ieee80211_iface_work+0xf39/0xfe0
[  245.325182][ T1150]  ? rcu_is_watching+0x15/0xb0
[  245.325207][ T1150]  cfg80211_wiphy_work+0x2df/0x460
[  245.325228][ T1150]  ? process_scheduled_works+0x9ef/0x17b0
[  245.325250][ T1150]  process_scheduled_works+0xade/0x17b0
[  245.325299][ T1150]  ? __pfx_process_scheduled_works+0x10/0x10
[  245.325336][ T1150]  worker_thread+0x8a0/0xda0
[  245.325358][ T1150]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  245.325393][ T1150]  ? __kthread_parkme+0x7b/0x200
[  245.325424][ T1150]  kthread+0x70e/0x8a0
[  245.325450][ T1150]  ? __pfx_worker_thread+0x10/0x10
[  245.325476][ T1150]  ? __pfx_kthread+0x10/0x10
[  245.325501][ T1150]  ? _raw_spin_unlock_irq+0x23/0x50
[  245.325524][ T1150]  ? lockdep_hardirqs_on+0x9c/0x150
[  245.325547][ T1150]  ? __pfx_kthread+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  245.325571][ T1150]  ret_from_fork+0x3fc/0x770
[  245.325592][ T1150]  ? __pfx_ret_from_fork+0x10/0x10
[  245.325616][ T1150]  ? __switch_to_asm+0x39/0x70
[  245.325636][ T1150]  ? __switch_to_asm+0x33/0x70
[  245.325655][ T1150]  ? __pfx_kthread+0x10/0x10
[  245.325679][ T1150]  ret_from_fork_asm+0x1a/0x30
[  245.325717][ T1150]  </TASK>
[  245.325733][ T1150] ---[ end trace ]---
[  245.366124][ T5852] Bluetooth: hci0: command tx timeout
[  245.597029][ T1150] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  245.604758][ T1150] CPU: 0 UID: 0 PID: 1150 Comm: kworker/u8:8 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) 
[  245.616703][ T1150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  245.626821][ T1150] Workqueue: events_unbound cfg80211_wiphy_work
[  245.633129][ T1150] Call Trace:
[  245.636457][ T1150]  <TASK>
[  245.639414][ T1150]  dump_stack_lvl+0x99/0x250
[  245.644052][ T1150]  ? __asan_memcpy+0x40/0x70
[  245.648891][ T1150]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.654227][ T1150]  ? __pfx__printk+0x10/0x10
[  245.658879][ T1150]  panic+0x2db/0x790
[  245.662806][ T1150]  ? __pfx_panic+0x10/0x10
[  245.667252][ T1150]  ? _printk+0xcf/0x120
[  245.671441][ T1150]  ? __pfx__printk+0x10/0x10
[  245.676175][ T1150]  check_panic_on_warn+0x89/0xb0
[  245.681164][ T1150]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  245.686931][ T1150]  ieee80211_request_ibss_scan+0x600/0x8b0
[  245.692787][ T1150]  ieee80211_ibss_work+0xde7/0x1060
[  245.698024][ T1150]  ? __pfx_ieee80211_ibss_work+0x10/0x10
[  245.703695][ T1150]  ? ieee80211_iface_work+0xf39/0xfe0
[  245.709087][ T1150]  ? rcu_is_watching+0x15/0xb0
[  245.713905][ T1150]  cfg80211_wiphy_work+0x2df/0x460
[  245.719058][ T1150]  ? process_scheduled_works+0x9ef/0x17b0
[  245.724918][ T1150]  process_scheduled_works+0xade/0x17b0
[  245.730529][ T1150]  ? __pfx_process_scheduled_works+0x10/0x10
[  245.736666][ T1150]  worker_thread+0x8a0/0xda0
[  245.741304][ T1150]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  245.747802][ T1150]  ? __kthread_parkme+0x7b/0x200
[  245.753065][ T1150]  kthread+0x70e/0x8a0
[  245.757182][ T1150]  ? __pfx_worker_thread+0x10/0x10
[  245.762334][ T1150]  ? __pfx_kthread+0x10/0x10
[  245.766964][ T1150]  ? _raw_spin_unlock_irq+0x23/0x50
[  245.772198][ T1150]  ? lockdep_hardirqs_on+0x9c/0x150
[  245.777702][ T1150]  ? __pfx_kthread+0x10/0x10
[  245.782441][ T1150]  ret_from_fork+0x3fc/0x770
[  245.787149][ T1150]  ? __pfx_ret_from_fork+0x10/0x10
[  245.792316][ T1150]  ? __switch_to_asm+0x39/0x70
[  245.797214][ T1150]  ? __switch_to_asm+0x33/0x70
[  245.802018][ T1150]  ? __pfx_kthread+0x10/0x10
[  245.806647][ T1150]  ret_from_fork_asm+0x1a/0x30
[  245.811452][ T1150]  </TASK>
[  245.814765][ T1150] Kernel Offset: disabled
[  245.819148][ T1150] Rebooting in 86400 seconds..