last executing test programs:

6.294809483s ago: executing program 0 (id=1949):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x100, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000380)='GPL\x00'}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'tunl0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080))
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000640)='cgroup.freeze\x00', 0x26e1, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000}, 0x200008c0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f00000002c0)="630b008646dc3f0aacf7b9860000", 0x0, 0x2, 0x0, 0xfffffffffffffe8d, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

4.261945545s ago: executing program 0 (id=1960):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x7fff, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, r0, 0xa)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r1)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
close(0xffffffffffffffff)
r2 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x2, 0x0, 0x0, 0x56fa, 0xd2201, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0xb}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={<r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r4)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000076fced26fc8516f5f35b100f7f3a96688199d25c46ec4e4cb2f9577be3d6fb959e6680d355de253bdd955892b1e2c8d93e632942f9663b07c45400f0b92f37a656988287f", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f0000000300)="4c13000007000c9d3f75", &(0x7f0000000380)=""/8, 0x2}, 0x20)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000180081054e81f782db4cb904021d0800fe007c05e8fe55a10a0015000200142603600e12080005007f370401a8001600200006000400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2e98a61e284ce5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0x0, 0xffffffffffffffff, 0x0, 0x16, &(0x7f0000000000)='/proc/net/\x01?\fX\a0\x04\x00\x00\x82q\xee'}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x12c82, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xaffffff7ffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8e61, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0xffff, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="000000181100000000000000008b", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.942516065s ago: executing program 1 (id=1962):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
socket$kcm(0x1e, 0x4, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
ioctl$TUNSETCARRIER(r1, 0x400454e2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x2, 0x4, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
socket$key(0xf, 0x3, 0x2)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0)
close(0xffffffffffffffff)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'batadv_slave_0\x00', 0x400})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8922, &(0x7f0000000080))

3.209558789s ago: executing program 1 (id=1967):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000180)={0x204, 0x2c, 0x0, 0x70bd2d, 0x25dfdbfb, {0x20}, [@generic="fcec424c79623d2d40dd365a259add99684f6adf3bd7b1914cc80ec92a59166073ea12c003749e180dcb8523dceeb47172b975ac39d86c08ae84b9288f97e56565be2744704ecb3ceaecd9943aaba1613f30da5862c8bf0ca3069970b0d1bd1c753f59f5c9a6c715ed94a1bd2ae98cfbafdc31fbdb74570e2b2bb4d42f4adb4cd3cc7e178ffc803d0e6593d2fa8753aec4fb090ed7eb072e2e03792a89efc7b24a8f1669854428cfe05701d996feebf7210fff2a116118680b20c5a9d5421fdec13843d1d2a7ef1a2fa4d7c2d8fa67c7a7924257591cbab09cecff05f941ab46ac3b1282a3bd24fcffa30dc5b333f646a9986b1036", @nested={0x18, 0x5b, 0x0, 0x1, [@typed={0x14, 0x62, 0x0, 0x0, @ipv6=@mcast2}]}, @generic="2272c20f0380e559eadb3cb4a5f3b766b44f9ac8176da75322141c79a531bf7d859b91906bdc4c9ebdf544044007195d5ca4ec4d2db73c3b407dd5c62fb24f3f4760e4bbfa07a1c80c23966740f493eb98dac44d36faaa957ab9ff764bf0fef0ee790ef1cdc0dcdf3f3292ffc9f401eb9d7b54cd2c12363f1ade788edaead5f53ec47621bd3c7ba92404aa7c8fd1e5e57eaaa2cfac2e331dab90c220d7b3cb8e134fa13627866fb1c14195283bcfc98c1e0121d2d8851ec6a97a0ba60c5ba347862da555f0ef745a45211804ab9bef9c524aa4f165dd6c8f418108", @typed={0x8, 0x104, 0x0, 0x0, @u32=0xfff}]}, 0x204}}, 0x40)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000113e0005000000"], 0x18}}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800"/16], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffe94, 0x0, 0xffffffffffffffff, 0xfffffffffffffe7d}, 0x80)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syz_tun\x00', 0x400})
socketpair(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8946, &(0x7f0000000080))
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000440)='virt_wifi0\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_tracing={0x1a, 0x7, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4b24, 0x0, 0x0, 0x0, 0x1ff}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000500)='syzkaller\x00', 0xfffffffa, 0x2b, &(0x7f0000000540)=""/43, 0x41000, 0x22, '\x00', 0x0, 0x11, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000580)={0x3, 0x9, 0x3, 0xfffffff7}, 0x10, 0x1b939, r7, 0x7, 0x0, &(0x7f00000005c0)=[{0x4, 0x2, 0x1, 0x4}, {0x2, 0x5, 0x6, 0x4}, {0x3, 0x4, 0x2, 0x6}, {0x2, 0x3, 0x5, 0x2}, {0x3, 0x5, 0x9, 0x1}, {0x2, 0x5, 0xc, 0x4}, {0x4, 0x1, 0x0, 0x5}]}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000800)={@cgroup=r2, 0x36, 0x0, 0x6, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000740)=[0x0], &(0x7f0000000780)=[0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000300)="1400000023003517d25a806f8b6394f90324fc60", 0x14}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))

3.175276215s ago: executing program 0 (id=1968):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x4, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200040, 0x0)
ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000200))
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0xffffffff, 0x6, 0x1, 0x0, 0x2}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000071", @ANYRESHEX], 0xfe33)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@fallback, 0xffffffffffffffff, 0x14, 0x2010}, 0x20)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r4}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1e00000005000000040000000600000022080400", @ANYRES32=r4, @ANYRES32=r3, @ANYRES32, @ANYBLOB="0400000003000000020000000a0000000000000000000000000000002817f4f2e889bac2a172427be78ba3494dcc64ab2fc4271f1b"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r6)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={&(0x7f00000004c0)="fb03ad87d6b5c54b04045143499684daa073b376c9b363b2f9cb847e8e0b2f601c9e0b6a74322aecefa86ad3b34708572117d3fe87703db0247e931c617f674c84710a0a1483b224e0c37404c06620f1a38afde63754b858fd1864e5dffd221309e47388d9b83924ede21e8cbb8da73062670384b9b5bff71c38245065ff45f583c75600", &(0x7f0000000780)=""/203, &(0x7f0000000580)="c0d04396d96a8b48fd9e7bfe712d90be493cd6bad4015b80ddd3aff7a77d1e065a755064d2345b4d410739c194449da4315af156e9d550b352e746f0140c255a67841e2408dd17ea4bc47e44a7fbfa904e762661d2972f94026be1e1fa111c74aeb9830d8d3cc901ed955e9a5028ba37fdd6f938fca7249eea63bfdf9231b76cb5eaa6f75ae2", &(0x7f0000000280)="a7d19d94ecbd641cb1bc28162466e8ed6e1c5459104b322af352", 0x1e93, r5, 0x4}, 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000bc0)=ANY=[@ANYRESHEX=r7, @ANYRES32=r5, @ANYRES16=r2, @ANYRES32], 0x0, 0x20000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000680)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000002d00010026bdf000fcdbdf250400000008000c"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r8}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

3.170858791s ago: executing program 4 (id=1969):
perf_event_open(0x0, 0x0, 0x100000, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xe, 0x66c}, 0x116141, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed5de7e91cd360a136ce6203c23c00fe82000000000400875865969f7e7507018100000000001a8829"], 0xfe1b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0x5, 0x5, &(0x7f0000001700)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000bf000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000)='/\x00\x02\x00\x00/x\x97\x00\x00'}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000140)='./file0\x00', 0x0, 0x991066, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371600000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

3.070396411s ago: executing program 2 (id=1970):
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0xeb, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffffc, 0x2103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xab3, 0x4, @perf_bp={&(0x7f0000000340), 0xc}, 0x10684, 0x0, 0x0, 0x1, 0x9, 0x800000, 0xffff, 0x0, 0x2, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x64)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$kcm(0x2a, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x541b, &(0x7f0000000140))
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r1, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1943}, 0x5000, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e50200000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r5, 0x0, 0x29, 0x0, 0x20000)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r4)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x6c, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0x58, 0x1, [@m_gact={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1419, 0x4}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r7 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xe8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x208, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000040)='%-&@-.&q\x00')
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f0000000000)='cpu&\t\t')
bpf$MAP_CREATE(0x2000000000000000, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831373f00000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

2.265884077s ago: executing program 4 (id=1972):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x200048cc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x0, 0x6, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000001800000000000004", @ANYRES32], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x2, 0x0, 0x0, 0x9, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000240))
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x8000000000000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000001340)}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$kcm(0x2, 0x3, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x0, 0xffffffffffffffff}}, @TCA_CTINFO_PARMS_DSCP_MASK={0x7, 0x5, 0x3f}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x5}]}, {0x4, 0x6, "9c567a6dbf6d835e4d47a14b22bf951a805543830044e929b9012ed8d491d1749063cddaaa24c5dd7ac126a15ca445ccd698e30d514a12c36f86d2c574b18ae361b89cc73e75eddf"}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x10004}, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r4, 0x0, 0x33, 0x0, 0x29)

2.257176777s ago: executing program 1 (id=1973):
socket$kcm(0xa, 0x2, 0x73)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$TOKEN_CREATE(0x24, &(0x7f00000007c0)={0x0, r0}, 0x8)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x88, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0x8310}, 0x0, 0x2, 0xfffffffe, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, 0x0, 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f0000000080)=ANY=[@ANYBLOB], 0xa)
socket$kcm(0x2, 0x5, 0x84)

2.138231768s ago: executing program 0 (id=1974):
socket$kcm(0x22, 0x2, 0x21)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c", 0x2a}], 0x1}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r3, 0x58, &(0x7f0000000180)}, 0x10)
syz_clone(0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x2000c450)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c000180090001"], 0x150}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="cc0000003600070100000000ff03000003"], 0xcc}, 0x1, 0x0, 0x0, 0x4c094}, 0x4040)

2.027044719s ago: executing program 1 (id=1975):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x26e1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
recvmsg$unix(r0, &(0x7f0000002100)={0x0, 0x0, 0x0}, 0x2100)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000008000000dd0100000000000063010400000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5}, 0x48)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x5, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18080000000000000000000000000000180000000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r4, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000100)=[{&(0x7f00000001c0)="92", 0x1}], 0x1}, 0x0)
recvmsg(r4, &(0x7f0000000080)={0x0, 0x17, 0x0}, 0x8002)
recvmsg$kcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000fc0)=""/4096, 0x1000}, {0x0}], 0x2, &(0x7f0000001fc0)=""/4096, 0x1000}, 0x1)
sendmsg$inet(r4, &(0x7f0000000f80)={&(0x7f0000000800)={0x2, 0x1, @loopback}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000000)="0f", 0x1}], 0x1}, 0x4000)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd0, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x802, 0x80000, 0x8, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)

2.021342521s ago: executing program 2 (id=1976):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa, 0x50}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xd, 0x0, &(0x7f0000000140)="aa6e25806dfeab10143dbabe86", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)

1.951289755s ago: executing program 3 (id=1977):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x4}, 0xf242, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x4110, 0x0, 0x0, 0x8, 0x37e, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x3, 0x106)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x3)
close(0x4)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x4)

1.851208713s ago: executing program 2 (id=1978):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
socket$kcm(0x1e, 0x4, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
ioctl$TUNSETCARRIER(r1, 0x400454e2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x2, 0x4, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
socket$key(0xf, 0x3, 0x2)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0)
close(0xffffffffffffffff)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'batadv_slave_0\x00', 0x400})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8922, &(0x7f0000000080))

1.807275018s ago: executing program 0 (id=1979):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x7fff, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x5, 0x3}, 0x0, 0x0, 0x40000, 0x0, 0x21, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, r0, 0xa)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r1)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
close(0xffffffffffffffff)
r2 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x2, 0x0, 0x0, 0x56fa, 0xd2201, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0xb}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={<r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r4)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000076fced26fc8516f5f35b100f7f3a96688199d25c46ec4e4cb2f9577be3d6fb959e6680d355de253bdd955892b1e2c8d93e632942f9663b07c45400f0b92f37a656988287f", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f0000000300)="4c13000007000c9d3f75", &(0x7f0000000380)=""/8, 0x2}, 0x20)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000180081054e81f782db4cb904021d0800fe007c05e8fe55a10a0015000200142603600e12080005007f370401a8001600200006000400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2e98a61e284ce5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0x0, 0xffffffffffffffff, 0x0, 0x16, &(0x7f0000000000)='/proc/net/\x01?\fX\a0\x04\x00\x00\x82q\xee'}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x12c82, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xaffffff7ffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8e61, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0xffff, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="000000181100000000000000008b", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.801550729s ago: executing program 4 (id=1980):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$kcm(0x10, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0xffffffffffffffff, 0x5, 0x10}, 0xc)
close(r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0xc220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x24000000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r2, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20}, 0x48010)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00'}, 0x18)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000080)={r1}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000220c00000000000000950000000000000018", @ANYRES32, @ANYBLOB="0000002100000000050000000000000095c333d4c0a3ecdd69086b8e4c36439a8808b90ea579cdf8bd475a470064827701f4169ebebecb5bba94f06f020fb64e5594a86f5f00000000000008c7533dc98a94008d7d2a7d2c23bc3f4cc1992aebd29fd21e95b3c7c49de340c24cb6ba1a33740825c424ecd87a3b02ae7840be900964b6948074a8f2ed867fd6601b0ca02215f4c2a5157135575fa1903abe92246853cb7cb868a3b2524a92bfa8aaeaf3ff3f08fb97ec0c126bfea903ef567bdf48aecb23342c8102732b7257f65b1f7d82adec836fd77d2f5c6e6c18ae428531d9e4d906b0a19827bffab9ced1e24e8f063d44fb76dd59e754"], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000a80)='contention_end\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)=ANY=[@ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB="1100"/12, @ANYRES32=r5, @ANYBLOB="6c606d3d067c277dda1f98a60ee30c8df800ee04405d66c8f4da733f9b740c5fe10c462462ac8e8bf02686b749bf3135c0f6f90ea7f145fd8c87f23fcbdbe92751b6986e81e05902def7cb3804500428ca6e0ce559575995636b5e34f15aa31f32629e9aaa68a574c2781a292639e89443c47c47b21d3c009da00aeec5", @ANYRES64=0x0], 0x20)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x4000000)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
sendmsg$inet6(r3, &(0x7f0000000000)={&(0x7f00000005c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c, 0x0}, 0x20040000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c0000002d00092f27bd70000000000006"], 0x1c}}, 0x84)

1.723038301s ago: executing program 3 (id=1981):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x4}, 0xf242, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x4110, 0x0, 0x0, 0x8, 0x37e, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x3, 0x106)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x3)
close(0x4)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r3)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x4)

1.605825751s ago: executing program 4 (id=1982):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x2, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000001000010700020100000000000a0000000600010016"], 0x1c}}, 0x0)
close(0x3)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0, 0xf}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x40000000000000, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8820, 0x90000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x6}, 0x8224, 0x2, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000140)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='thermal_power_devfreq_limit\x00', r5, 0x0, 0x3}, 0x18)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x32}}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x4}]}, 0x68}}, 0x0)
perf_event_open(0x0, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0xb)

1.491341903s ago: executing program 2 (id=1983):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x7fff, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x2fe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x89, 0x4}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x7, 0x0, 0x0)
socketpair(0xa, 0x3, 0xff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0xc0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000180)=ANY=[@ANYBLOB="911069000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)

1.293468507s ago: executing program 3 (id=1984):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x4, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200040, 0x0)
ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000200))
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0xffffffff, 0x6, 0x1, 0x0, 0x2}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000071", @ANYRESHEX], 0xfe33)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@fallback, 0xffffffffffffffff, 0x14, 0x2010}, 0x20)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r4}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1e00000005000000040000000600000022080400", @ANYRES32=r4, @ANYRES32=r3, @ANYRES32, @ANYBLOB="0400000003000000020000000a0000000000000000000000000000002817f4f2e889bac2a172427be78ba3494dcc64ab2fc4271f1b"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r6)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={&(0x7f00000004c0)="fb03ad87d6b5c54b04045143499684daa073b376c9b363b2f9cb847e8e0b2f601c9e0b6a74322aecefa86ad3b34708572117d3fe87703db0247e931c617f674c84710a0a1483b224e0c37404c06620f1a38afde63754b858fd1864e5dffd221309e47388d9b83924ede21e8cbb8da73062670384b9b5bff71c38245065ff45f583c75600", &(0x7f0000000780)=""/203, &(0x7f0000000580)="c0d04396d96a8b48fd9e7bfe712d90be493cd6bad4015b80ddd3aff7a77d1e065a755064d2345b4d410739c194449da4315af156e9d550b352e746f0140c255a67841e2408dd17ea4bc47e44a7fbfa904e762661d2972f94026be1e1fa111c74aeb9830d8d3cc901ed955e9a5028ba37fdd6f938fca7249eea63bfdf9231b76cb5eaa6f75ae2", &(0x7f0000000280)="a7d19d94ecbd641cb1bc28162466e8ed6e1c5459104b322af352", 0x1e93, r5, 0x4}, 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000bc0)=ANY=[@ANYRESHEX=r7, @ANYRES32=r5, @ANYRES16=r2, @ANYRES32], 0x0, 0x20000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000680)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000002d00010026bdf000fcdbdf250400000008000c"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r8}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1.253937746s ago: executing program 2 (id=1985):
socket$kcm(0xa, 0x2, 0x73)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$TOKEN_CREATE(0x24, &(0x7f00000007c0)={0x0, r0}, 0x8)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x88, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0x8310}, 0x0, 0x2, 0xfffffffe, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, 0x0, 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f0000000080)=ANY=[@ANYBLOB], 0xa)
socket$kcm(0x2, 0x5, 0x84)

1.155193442s ago: executing program 4 (id=1986):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000180)={0x204, 0x2c, 0x0, 0x70bd2d, 0x25dfdbfb, {0x20}, [@generic="fcec424c79623d2d40dd365a259add99684f6adf3bd7b1914cc80ec92a59166073ea12c003749e180dcb8523dceeb47172b975ac39d86c08ae84b9288f97e56565be2744704ecb3ceaecd9943aaba1613f30da5862c8bf0ca3069970b0d1bd1c753f59f5c9a6c715ed94a1bd2ae98cfbafdc31fbdb74570e2b2bb4d42f4adb4cd3cc7e178ffc803d0e6593d2fa8753aec4fb090ed7eb072e2e03792a89efc7b24a8f1669854428cfe05701d996feebf7210fff2a116118680b20c5a9d5421fdec13843d1d2a7ef1a2fa4d7c2d8fa67c7a7924257591cbab09cecff05f941ab46ac3b1282a3bd24fcffa30dc5b333f646a9986b1036", @nested={0x18, 0x5b, 0x0, 0x1, [@typed={0x14, 0x62, 0x0, 0x0, @ipv6=@mcast2}]}, @generic="2272c20f0380e559eadb3cb4a5f3b766b44f9ac8176da75322141c79a531bf7d859b91906bdc4c9ebdf544044007195d5ca4ec4d2db73c3b407dd5c62fb24f3f4760e4bbfa07a1c80c23966740f493eb98dac44d36faaa957ab9ff764bf0fef0ee790ef1cdc0dcdf3f3292ffc9f401eb9d7b54cd2c12363f1ade788edaead5f53ec47621bd3c7ba92404aa7c8fd1e5e57eaaa2cfac2e331dab90c220d7b3cb8e134fa13627866fb1c14195283bcfc98c1e0121d2d8851ec6a97a0ba60c5ba347862da555f0ef745a45211804ab9bef9c524aa4f165dd6c8f418108", @typed={0x8, 0x104, 0x0, 0x0, @u32=0xfff}]}, 0x204}}, 0x40)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000113e0005000000"], 0x18}}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800"/16], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffe94, 0x0, 0xffffffffffffffff, 0xfffffffffffffe7d}, 0x80)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syz_tun\x00', 0x400})
socketpair(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8946, &(0x7f0000000080))
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000440)='virt_wifi0\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_tracing={0x1a, 0x7, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4b24, 0x0, 0x0, 0x0, 0x1ff}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000500)='syzkaller\x00', 0xfffffffa, 0x2b, &(0x7f0000000540)=""/43, 0x41000, 0x22, '\x00', 0x0, 0x11, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000580)={0x3, 0x9, 0x3, 0xfffffff7}, 0x10, 0x1b939, r7, 0x7, 0x0, &(0x7f00000005c0)=[{0x4, 0x2, 0x1, 0x4}, {0x2, 0x5, 0x6, 0x4}, {0x3, 0x4, 0x2, 0x6}, {0x2, 0x3, 0x5, 0x2}, {0x3, 0x5, 0x9, 0x1}, {0x2, 0x5, 0xc, 0x4}, {0x4, 0x1, 0x0, 0x5}]}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000800)={@cgroup=r2, 0x36, 0x0, 0x6, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000740)=[0x0], &(0x7f0000000780)=[0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000300)="1400000023003517d25a806f8b6394f90324fc60", 0x14}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))

306.909659ms ago: executing program 0 (id=1987):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1943}, 0x5001, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x6)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000b40044aabe9255164532000100000f05040000090006000000000000000000005f0000616100"/55], &(0x7f0000000340)=""/250, 0x37, 0xfa, 0x9}, 0x28)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa100, 0x7, 0x8, 0x0, 0x2b66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x48)
r4 = socket$kcm(0xa, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_ext={0x1c, 0x11, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x21fc}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@jmp={0x5, 0x1, 0x5, 0x4, 0x6, 0xffffffffffffffc0, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x9, 0xbd, &(0x7f0000000240)=""/189, 0x41100, 0x4, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000300)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000440)={0x4, 0x2, 0x6, 0x4}, 0x10, 0x60cf, r1, 0x1, &(0x7f0000000540)=[r2], &(0x7f0000000580)=[{0x5, 0x1, 0xd, 0x7}]}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001980)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x38, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_MASK={0x1c, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x15, 0x1, "7d10192e29bf0eb30ab54f227e1a7af78e"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xe8}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3}, &(0x7f0000000080)=0x1000000, &(0x7f0000000180)=r4}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x4044, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newchain={0x2c, 0x1e, 0x1, 0x0, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xe, 0xe}, {0x10, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x3}]}, 0x2c}}, 0x44004)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907a56675f37538ec86dd6317ce22667f11"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="8f87da8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000012000000000000000000"], &(0x7f0000000e80)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r7, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

300.216666ms ago: executing program 1 (id=1988):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x2, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2c, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1f, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0xc9}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x28, 0x1, 0x0)

299.50527ms ago: executing program 2 (id=1989):
socket$kcm(0x22, 0x2, 0x21)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c", 0x2a}], 0x1}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r3, 0x58, &(0x7f0000000180)}, 0x10)
syz_clone(0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x2000c450)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c000180090001"], 0x150}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="cc0000003600070100000000ff03000003"], 0xcc}, 0x1, 0x0, 0x0, 0x4c094}, 0x4040)

227.678118ms ago: executing program 3 (id=1990):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x9c}, 0x1, 0x0, 0x0, 0x4000840}, 0x4)

194.285617ms ago: executing program 3 (id=1991):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc601006034002200600053582c137153e370248078000f01700", 0x2c}], 0x1}, 0x0)

153.190401ms ago: executing program 4 (id=1992):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x200048cc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x0, 0x6, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000001800000000000004", @ANYRES32], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x2, 0x0, 0x0, 0x9, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000240))
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x8000000000000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000001340)}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$kcm(0x2, 0x3, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x0, 0xffffffffffffffff}}, @TCA_CTINFO_PARMS_DSCP_MASK={0x7, 0x5, 0x3f}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x5}]}, {0x4, 0x6, "9c567a6dbf6d835e4d47a14b22bf951a805543830044e929b9012ed8d491d1749063cddaaa24c5dd7ac126a15ca445ccd698e30d514a12c36f86d2c574b18ae361b89cc73e75eddf"}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x10004}, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r4, 0x0, 0x33, 0x0, 0x29)

27.474202ms ago: executing program 3 (id=1993):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x26e1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x144, 0x10, 0x1, 0xbffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@local, 0x1, 0x794, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075a, 0x3}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000016c0)=@newsa={0x138, 0x10, 0x1, 0xfff7fffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@remote, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x40}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
close(r0)
recvmsg$unix(r0, &(0x7f0000002100)={0x0, 0x0, 0x0}, 0x2100)
socket$kcm(0x11, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x5, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18080000000000000000000000000000180000000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r5, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000100)=[{&(0x7f00000001c0)="92", 0x1}], 0x1}, 0x0)
recvmsg(r5, &(0x7f0000000080)={0x0, 0x17, 0x0}, 0x8002)
recvmsg$kcm(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000fc0)=""/4096, 0x1000}, {0x0}], 0x2, &(0x7f0000001fc0)=""/4096, 0x1000}, 0x1)
sendmsg$inet(r5, &(0x7f0000000f80)={&(0x7f0000000800)={0x2, 0x1, @loopback}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000000)="0f", 0x1}], 0x1}, 0x4000)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd0, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x802, 0x80000, 0x8, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)

0s ago: executing program 1 (id=1994):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x4}, 0xf242, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x4110, 0x0, 0x0, 0x8, 0x37e, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x3, 0x106)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x3)
close(0x4)
close(0xffffffffffffffff)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x4)

kernel console output (not intermixed with test programs):

05499][ T6281] netlink: 60 bytes leftover after parsing attributes in process `syz.2.90'.
[  114.123698][ T6281] unsupported nlmsg_type 40
[  114.272815][ T6282] netlink: 'syz.2.90': attribute type 25 has an invalid length.
[  116.351067][ T6313] netlink: 'syz.4.100': attribute type 21 has an invalid length.
[  116.369652][ T6313] netlink: 'syz.4.100': attribute type 6 has an invalid length.
[  116.387287][ T6313] netlink: 132 bytes leftover after parsing attributes in process `syz.4.100'.
[  116.469187][ T6315] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.101'.
[  116.975288][ T6326] netlink: 'syz.4.105': attribute type 3 has an invalid length.
[  117.072445][ T6326] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.105'.
[  117.468191][ T6327] netlink: zone id is out of range
[  117.553383][ T6327] netlink: zone id is out of range
[  117.892557][ T6327] netlink: zone id is out of range
[  117.927637][ T6327] netlink: zone id is out of range
[  117.972850][ T6340] netlink: del zone limit has 4 unknown bytes
[  118.105744][ T6336] netlink: del zone limit has 4 unknown bytes
[  118.244476][ T6327] netlink: set zone limit has 4 unknown bytes
[  119.560870][ T6384] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  119.568859][ T6384] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  119.646974][ T6380] netlink: 'syz.4.120': attribute type 3 has an invalid length.
[  119.654874][ T6380] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.120'.
[  120.138802][ T6400] netlink: 52 bytes leftover after parsing attributes in process `syz.0.125'.
[  120.597381][ T6409] netlink: 'syz.4.126': attribute type 5 has an invalid length.
[  121.577357][ T6423] netlink: 6955 bytes leftover after parsing attributes in process `syz.1.132'.
[  121.587163][ T6423] netlink: 127868 bytes leftover after parsing attributes in process `syz.1.132'.
[  121.771419][ T6430] netlink: 'syz.2.134': attribute type 3 has an invalid length.
[  121.806092][ T6430] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.134'.
[  122.275700][ T6445] netlink: 'syz.2.138': attribute type 39 has an invalid length.
[  122.478404][ T6445] veth0_macvtap: left promiscuous mode
[  122.904038][ T6457] netlink: 32 bytes leftover after parsing attributes in process `syz.4.141'.
[  122.940235][ T6457] netlink: 12 bytes leftover after parsing attributes in process `syz.4.141'.
[  123.009504][ T6465] netlink: 52 bytes leftover after parsing attributes in process `syz.1.144'.
[  123.377454][ T6478] Illegal XDP return value 12 on prog  (id 96) dev N/A, expect packet loss!
[  123.417142][ T6481] netlink: 16 bytes leftover after parsing attributes in process `syz.3.148'.
[  125.017205][ T6500] mac80211_hwsim hwsim10 .3ãc¤±: renamed from wlan1 (while UP)
[  125.482967][ T6508] openvswitch: netlink: Duplicate or invalid key (type 0).
[  125.532339][ T6508] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  125.567651][ T6510] netlink: 20 bytes leftover after parsing attributes in process `syz.2.158'.
[  125.671468][ T6511] netlink: 40 bytes leftover after parsing attributes in process `syz.2.158'.
[  126.017137][ T6504] delete_channel: no stack
[  128.085152][ T6531] syzkaller0: entered promiscuous mode
[  128.090702][ T6531] syzkaller0: entered allmulticast mode
[  128.584718][ T6560] netlink: 64 bytes leftover after parsing attributes in process `syz.2.173'.
[  129.041425][ T6558] netlink: del zone limit has 4 unknown bytes
[  133.055722][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  133.062486][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  133.693486][ T6545] Set syz1 is full, maxelem 65536 reached
[  133.851320][ T6590] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  136.738695][ T6625] netlink: 'syz.1.190': attribute type 21 has an invalid length.
[  136.860775][ T6625] netlink: 'syz.1.190': attribute type 6 has an invalid length.
[  137.353817][ T6625] netlink: 132 bytes leftover after parsing attributes in process `syz.1.190'.
[  137.436793][ T6632] netlink: 'syz.4.193': attribute type 5 has an invalid length.
[  138.164348][ T6640] netlink: 32 bytes leftover after parsing attributes in process `syz.3.196'.
[  138.199923][ T6640] netlink: 12 bytes leftover after parsing attributes in process `syz.3.196'.
[  138.474499][ T6647] netlink: 'syz.0.194': attribute type 10 has an invalid length.
[  138.586591][ T6642] netlink: 'syz.1.195': attribute type 3 has an invalid length.
[  138.652392][ T6642] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.195'.
[  138.773540][ T6647] team0: Port device geneve1 added
[  138.900234][ T6643] syzkaller0: entered promiscuous mode
[  138.910676][ T6643] syzkaller0: entered allmulticast mode
[  140.145860][ T6674] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.201'.
[  141.446604][ T6674] netlink: 6316 bytes leftover after parsing attributes in process `syz.0.201'.
[  141.659310][ T6687] netlink: 'syz.2.205': attribute type 21 has an invalid length.
[  141.669211][ T6687] netlink: 'syz.2.205': attribute type 6 has an invalid length.
[  141.677153][ T6687] netlink: 132 bytes leftover after parsing attributes in process `syz.2.205'.
[  141.733145][ T6689] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  142.034318][ T6700] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  142.103799][ T6705] ªªªªªª: renamed from vlan0 (while UP)
[  142.705555][ T6711] netlink: 'syz.2.212': attribute type 13 has an invalid length.
[  142.988888][ T6715] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  143.148508][ T6717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.213'.
[  143.175239][ T6717] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.213'.
[  143.197679][ T6717] netlink: zone id is out of range
[  143.212458][ T6717] netlink: zone id is out of range
[  143.219904][ T6717] netlink: zone id is out of range
[  143.231301][ T6717] netlink: zone id is out of range
[  143.256701][ T6717] netlink: zone id is out of range
[  143.266422][ T6717] netlink: zone id is out of range
[  143.274522][ T6717] netlink: get zone limit has 8 unknown bytes
[  144.896553][ T6736] syzkaller0: entered promiscuous mode
[  144.905161][ T6736] syzkaller0: entered allmulticast mode
[  145.071959][ T6750] netlink: 32 bytes leftover after parsing attributes in process `syz.4.223'.
[  145.111940][ T6750] netlink: 12 bytes leftover after parsing attributes in process `syz.4.223'.
[  146.383047][ T6783] netlink: 68 bytes leftover after parsing attributes in process `syz.4.231'.
[  147.909003][ T6797] netlink: 128 bytes leftover after parsing attributes in process `syz.1.234'.
[  147.919148][ T6797] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  149.947159][ T6797] netlink: 104088 bytes leftover after parsing attributes in process `syz.1.234'.
[  150.423737][ T6835] netlink: 168 bytes leftover after parsing attributes in process `syz.2.245'.
[  150.485842][ T6832] syzkaller0: entered promiscuous mode
[  150.491460][ T6832] syzkaller0: entered allmulticast mode
[  151.920981][ T6849] netlink: 'syz.4.248': attribute type 21 has an invalid length.
[  153.751069][ T6853] netlink: 'syz.1.249': attribute type 39 has an invalid length.
[  155.038454][ T6867] netlink: 'syz.3.253': attribute type 3 has an invalid length.
[  155.587247][ T6875] bpf: Bad value for 'mode'
[  156.214146][ T6849] netlink: 'syz.4.248': attribute type 6 has an invalid length.
[  156.224399][ T6849] netlink: 132 bytes leftover after parsing attributes in process `syz.4.248'.
[  156.320516][ T6883] syzkaller0: tun_chr_ioctl cmd 2147767520
[  156.493386][ T6886] netlink: 24 bytes leftover after parsing attributes in process `syz.2.259'.
[  156.564645][ T6884] cgroup: fork rejected by pids controller in /syz0
[  158.110963][ T3001] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.239621][ T3001] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.312415][ T3001] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.480229][ T3001] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.913001][ T3001] bridge_slave_1: left allmulticast mode
[  158.918934][ T3001] bridge_slave_1: left promiscuous mode
[  158.933426][ T3001] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.971521][ T3001] bridge_slave_0: left allmulticast mode
[  158.991694][ T3001] bridge_slave_0: left promiscuous mode
[  159.015594][ T3001] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.158403][ T5877] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  159.170994][ T5877] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  159.180294][ T5877] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  159.191056][ T5877] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  159.203029][ T5877] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  159.480063][ T6957] netlink: 104 bytes leftover after parsing attributes in process `syz.1.278'.
[  160.807482][ T3001] team0: Port device geneve1 removed
[  161.170914][ T3001] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  161.186165][ T3001] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  161.198784][ T3001] bond0 (unregistering): Released all slaves
[  161.282002][ T5877] Bluetooth: hci3: command tx timeout
[  161.438539][ T6989] netlink: 52 bytes leftover after parsing attributes in process `syz.3.285'.
[  162.590279][ T7008] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  163.364287][ T5877] Bluetooth: hci3: command tx timeout
[  163.897021][ T3001] hsr_slave_0: left promiscuous mode
[  163.904089][ T3001] hsr_slave_1: left promiscuous mode
[  163.910469][ T3001] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.922390][ T3001] batman_adv: batadv0: Removing interface: batadv_slave_0
[  163.931517][ T3001] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  163.942461][ T3001] batman_adv: batadv0: Removing interface: batadv_slave_1
[  163.980950][ T3001] veth1_macvtap: left promiscuous mode
[  163.987415][ T3001] veth1_vlan: left promiscuous mode
[  163.993559][ T3001] veth0_vlan: left promiscuous mode
[  164.214150][ T5877] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  165.276191][ T3001] team0 (unregistering): Port device team_slave_1 removed
[  165.482411][ T5877] Bluetooth: hci3: command tx timeout
[  165.502404][ T3001] team0 (unregistering): Port device team_slave_0 removed
[  166.219206][ T7042] netlink: 132 bytes leftover after parsing attributes in process `syz.2.296'.
[  166.448694][ T6943] chnl_net:caif_netlink_parms(): no params data found
[  166.532528][ T7062] netlink: 52 bytes leftover after parsing attributes in process `syz.3.301'.
[  167.162797][ T7073] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  167.312797][ T7069] syzkaller0: entered allmulticast mode
[  167.522121][ T5877] Bluetooth: hci3: command tx timeout
[  167.843338][ T6943] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.856849][ T6943] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.871693][ T6943] bridge_slave_0: entered allmulticast mode
[  167.887031][ T6943] bridge_slave_0: entered promiscuous mode
[  167.901170][ T6943] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.948244][ T6943] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.960075][ T6943] bridge_slave_1: entered allmulticast mode
[  167.968547][ T6943] bridge_slave_1: entered promiscuous mode
[  168.002627][ T7093] netlink: 104 bytes leftover after parsing attributes in process `syz.2.305'.
[  168.113540][ T7088] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.304'.
[  168.437213][ T6943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.520339][ T6943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.612506][ T7102] netlink: zone id is out of range
[  168.639692][ T7102] netlink: zone id is out of range
[  168.680398][ T7102] netlink: zone id is out of range
[  168.715440][ T6943] team0: Port device team_slave_0 added
[  168.743649][ T6943] team0: Port device team_slave_1 added
[  168.849152][ T7106] netlink: del zone limit has 4 unknown bytes
[  168.892178][ T6943] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.899193][ T6943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.974328][ T7102] netlink: set zone limit has 4 unknown bytes
[  169.043929][ T6943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  169.081669][ T6943] batman_adv: batadv0: Adding interface: batadv_slave_1
[  169.140235][ T6943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.196883][ T6943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.354879][ T7112] netlink: zone id is out of range
[  169.375549][ T7112] netlink: zone id is out of range
[  169.514897][ T7112] netlink: zone id is out of range
[  169.531269][ T7122] netlink: 52 bytes leftover after parsing attributes in process `syz.4.313'.
[  169.558278][ T7112] netlink: zone id is out of range
[  169.589758][ T7112] netlink: zone id is out of range
[  169.610467][ T6943] hsr_slave_0: entered promiscuous mode
[  169.631594][ T6943] hsr_slave_1: entered promiscuous mode
[  169.640818][ T6943] debugfs: 'hsr0' already exists in 'hsr'
[  169.658480][ T6943] Cannot create hsr debugfs directory
[  171.078710][ T7161] syz.2.321 uses obsolete (PF_INET,SOCK_PACKET)
[  171.388025][ T7169] netlink: 52 bytes leftover after parsing attributes in process `syz.4.325'.
[  171.691329][ T7176] FAULT_INJECTION: forcing a failure.
[  171.691329][ T7176] name failslab, interval 1, probability 0, space 0, times 0
[  171.822331][ T7176] CPU: 0 UID: 0 PID: 7176 Comm: syz.1.326 Not tainted syzkaller #0 PREEMPT(full) 
[  171.822360][ T7176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  171.822373][ T7176] Call Trace:
[  171.822381][ T7176]  <TASK>
[  171.822390][ T7176]  dump_stack_lvl+0x189/0x250
[  171.822419][ T7176]  ? __pfx____ratelimit+0x10/0x10
[  171.822445][ T7176]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.822469][ T7176]  ? __pfx__printk+0x10/0x10
[  171.822506][ T7176]  ? __pfx___might_resched+0x10/0x10
[  171.822523][ T7176]  ? fs_reclaim_acquire+0x7d/0x100
[  171.822562][ T7176]  should_fail_ex+0x414/0x560
[  171.822592][ T7176]  should_failslab+0xa8/0x100
[  171.822615][ T7176]  __kmalloc_noprof+0xcb/0x4f0
[  171.822631][ T7176]  ? bpf_test_init+0x9f/0x150
[  171.822655][ T7176]  bpf_test_init+0x9f/0x150
[  171.822681][ T7176]  bpf_prog_test_run_xdp+0x49e/0x10e0
[  171.822709][ T7176]  ? __fget_files+0x2a/0x420
[  171.822736][ T7176]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  171.822763][ T7176]  ? __fget_files+0x2a/0x420
[  171.822786][ T7176]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  171.822812][ T7176]  bpf_prog_test_run+0x2c7/0x340
[  171.822841][ T7176]  __sys_bpf+0x562/0x860
[  171.822867][ T7176]  ? __pfx___sys_bpf+0x10/0x10
[  171.822905][ T7176]  ? do_syscall_64+0xb7/0x3b0
[  171.822925][ T7176]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  171.822955][ T7176]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  171.822984][ T7176]  ? __pfx_ksys_write+0x10/0x10
[  171.823000][ T7176]  ? rcu_is_watching+0x15/0xb0
[  171.823031][ T7176]  __x64_sys_bpf+0x7c/0x90
[  171.823057][ T7176]  do_syscall_64+0xfa/0x3b0
[  171.823081][ T7176]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.823106][ T7176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.823126][ T7176]  ? clear_bhb_loop+0x60/0xb0
[  171.823152][ T7176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.823171][ T7176] RIP: 0033:0x7f99d8d8eec9
[  171.823190][ T7176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.823205][ T7176] RSP: 002b:00007f99d9bd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  171.823224][ T7176] RAX: ffffffffffffffda RBX: 00007f99d8fe5fa0 RCX: 00007f99d8d8eec9
[  171.823236][ T7176] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  171.823247][ T7176] RBP: 00007f99d9bd1090 R08: 0000000000000000 R09: 0000000000000000
[  171.823257][ T7176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.823267][ T7176] R13: 00007f99d8fe6038 R14: 00007f99d8fe5fa0 R15: 00007ffeebec3858
[  171.823299][ T7176]  </TASK>
[  172.152791][ T6943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  172.275456][ T6943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  172.350966][ T6943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  172.369045][ T6943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  172.448374][ T7192] veth1_macvtap: entered allmulticast mode
[  172.970950][ T7207] netlink: 'syz.4.331': attribute type 3 has an invalid length.
[  172.979301][ T7207] netlink: 199644 bytes leftover after parsing attributes in process `syz.4.331'.
[  173.026466][ T6943] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.117984][ T7216] netlink: 'syz.2.333': attribute type 5 has an invalid length.
[  173.374937][ T6943] 8021q: adding VLAN 0 to HW filter on device team0
[  173.425190][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.433183][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state
[  173.631186][ T6943] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  173.642726][ T6943] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  173.831004][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.838350][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.869850][ T6943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.933454][ T7265] netlink: 'syz.4.344': attribute type 21 has an invalid length.
[  176.076442][ T6943] veth0_vlan: entered promiscuous mode
[  176.097675][ T7266] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.344'.
[  176.143544][ T6943] veth1_vlan: entered promiscuous mode
[  176.246934][ T6943] veth0_macvtap: entered promiscuous mode
[  176.285148][ T6943] veth1_macvtap: entered promiscuous mode
[  176.450471][ T6943] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.452613][ T7274] netlink: 'syz.3.346': attribute type 3 has an invalid length.
[  176.565390][ T7274] netlink: 199644 bytes leftover after parsing attributes in process `syz.3.346'.
[  176.588787][ T6943] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.686545][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.720213][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.809534][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.846940][   T37] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.859365][ T7284] netlink: 'syz.4.348': attribute type 1 has an invalid length.
[  176.920401][ T7284] netlink: 17 bytes leftover after parsing attributes in process `syz.4.348'.
[  177.064627][ T7288] mac80211_hwsim hwsim12 .3ãc¤±: renamed from wlan1 (while UP)
[  177.623509][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.644493][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.976873][ T7308] netlink: 'syz.4.353': attribute type 2 has an invalid length.
[  177.990952][ T7308] netlink: 198112 bytes leftover after parsing attributes in process `syz.4.353'.
[  178.006041][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.031430][ T7308] netlink: 'syz.4.353': attribute type 1 has an invalid length.
[  178.035902][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.453474][ T7337] FAULT_INJECTION: forcing a failure.
[  179.453474][ T7337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.529831][ T7337] CPU: 1 UID: 0 PID: 7337 Comm: syz.1.358 Not tainted syzkaller #0 PREEMPT(full) 
[  179.529859][ T7337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  179.529872][ T7337] Call Trace:
[  179.529880][ T7337]  <TASK>
[  179.529889][ T7337]  dump_stack_lvl+0x189/0x250
[  179.529919][ T7337]  ? __pfx____ratelimit+0x10/0x10
[  179.529951][ T7337]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.529975][ T7337]  ? __pfx__printk+0x10/0x10
[  179.530004][ T7337]  ? __might_fault+0xb0/0x130
[  179.530026][ T7337]  ? __might_fault+0xb0/0x130
[  179.530051][ T7337]  should_fail_ex+0x414/0x560
[  179.530079][ T7337]  _copy_from_iter+0x1de/0x1790
[  179.530123][ T7337]  ? rcu_is_watching+0x15/0xb0
[  179.530145][ T7337]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  179.530180][ T7337]  ? __pfx__copy_from_iter+0x10/0x10
[  179.530210][ T7337]  ? __build_skb_around+0x257/0x3e0
[  179.530241][ T7337]  ? netlink_sendmsg+0x642/0xb30
[  179.530266][ T7337]  ? skb_put+0x11b/0x210
[  179.530297][ T7337]  netlink_sendmsg+0x6b2/0xb30
[  179.530334][ T7337]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.530364][ T7337]  ? perf_trace_run_bpf_submit+0x100/0x170
[  179.530389][ T7337]  ? aa_sock_msg_perm+0xf1/0x1d0
[  179.530416][ T7337]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  179.530442][ T7337]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.530470][ T7337]  __sock_sendmsg+0x219/0x270
[  179.530496][ T7337]  ____sys_sendmsg+0x505/0x830
[  179.530533][ T7337]  ? __pfx_____sys_sendmsg+0x10/0x10
[  179.530574][ T7337]  ? import_iovec+0x74/0xa0
[  179.530609][ T7337]  ___sys_sendmsg+0x21f/0x2a0
[  179.530642][ T7337]  ? __pfx____sys_sendmsg+0x10/0x10
[  179.530696][ T7337]  ? __fget_files+0x2a/0x420
[  179.530732][ T7337]  ? __fget_files+0x2a/0x420
[  179.530753][ T7337]  ? __fget_files+0x3a0/0x420
[  179.530786][ T7337]  __x64_sys_sendmsg+0x19b/0x260
[  179.530819][ T7337]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  179.530861][ T7337]  ? __pfx_ksys_write+0x10/0x10
[  179.530877][ T7337]  ? rcu_is_watching+0x15/0xb0
[  179.530902][ T7337]  ? do_syscall_64+0xbe/0x3b0
[  179.530934][ T7337]  do_syscall_64+0xfa/0x3b0
[  179.530959][ T7337]  ? lockdep_hardirqs_on+0x9c/0x150
[  179.530984][ T7337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.531004][ T7337]  ? clear_bhb_loop+0x60/0xb0
[  179.531028][ T7337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.531047][ T7337] RIP: 0033:0x7f99d8d8eec9
[  179.531065][ T7337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.531081][ T7337] RSP: 002b:00007f99d9bd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.531101][ T7337] RAX: ffffffffffffffda RBX: 00007f99d8fe5fa0 RCX: 00007f99d8d8eec9
[  179.531122][ T7337] RDX: 0000000000040080 RSI: 0000200000000000 RDI: 0000000000000003
[  179.531135][ T7337] RBP: 00007f99d9bd1090 R08: 0000000000000000 R09: 0000000000000000
[  179.531147][ T7337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.531159][ T7337] R13: 00007f99d8fe6038 R14: 00007f99d8fe5fa0 R15: 00007ffeebec3858
[  179.531190][ T7337]  </TASK>
[  180.365423][ T7350] netlink: 'syz.1.361': attribute type 3 has an invalid length.
[  180.380115][ T7350] netlink: 199644 bytes leftover after parsing attributes in process `syz.1.361'.
[  180.635535][ T7366] netlink: 'syz.4.363': attribute type 21 has an invalid length.
[  180.674873][ T7366] netlink: 'syz.4.363': attribute type 6 has an invalid length.
[  180.721608][ T7366] netlink: 132 bytes leftover after parsing attributes in process `syz.4.363'.
[  180.808258][ T7372] netlink: 52 bytes leftover after parsing attributes in process `syz.2.367'.
[  182.394358][ T7392] netlink: 'syz.1.373': attribute type 13 has an invalid length.
[  182.605866][ T7400] netlink: 64 bytes leftover after parsing attributes in process `syz.3.375'.
[  182.886739][ T7412] netlink: 52 bytes leftover after parsing attributes in process `syz.3.380'.
[  183.136789][ T7423] net_ratelimit: 52 callbacks suppressed
[  183.136810][ T7423] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  186.061252][ T7466] FAULT_INJECTION: forcing a failure.
[  186.061252][ T7466] name failslab, interval 1, probability 0, space 0, times 0
[  186.126700][ T7466] CPU: 1 UID: 0 PID: 7466 Comm: syz.3.394 Not tainted syzkaller #0 PREEMPT(full) 
[  186.126729][ T7466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  186.126741][ T7466] Call Trace:
[  186.126750][ T7466]  <TASK>
[  186.126759][ T7466]  dump_stack_lvl+0x189/0x250
[  186.126789][ T7466]  ? __pfx____ratelimit+0x10/0x10
[  186.126815][ T7466]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.126840][ T7466]  ? __pfx__printk+0x10/0x10
[  186.126876][ T7466]  ? __pfx___might_resched+0x10/0x10
[  186.126903][ T7466]  should_fail_ex+0x414/0x560
[  186.126932][ T7466]  should_failslab+0xa8/0x100
[  186.126956][ T7466]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  186.126990][ T7466]  ? __alloc_skb+0x112/0x2d0
[  186.127022][ T7466]  __alloc_skb+0x112/0x2d0
[  186.127052][ T7466]  netlink_sendmsg+0x5c6/0xb30
[  186.127093][ T7466]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.127124][ T7466]  ? aa_sock_msg_perm+0xf1/0x1d0
[  186.127151][ T7466]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  186.127178][ T7466]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.127206][ T7466]  __sock_sendmsg+0x219/0x270
[  186.127233][ T7466]  ____sys_sendmsg+0x505/0x830
[  186.127272][ T7466]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.127314][ T7466]  ? import_iovec+0x74/0xa0
[  186.127352][ T7466]  ___sys_sendmsg+0x21f/0x2a0
[  186.127386][ T7466]  ? __pfx____sys_sendmsg+0x10/0x10
[  186.127464][ T7466]  ? __fget_files+0x2a/0x420
[  186.127485][ T7466]  ? __fget_files+0x3a0/0x420
[  186.127521][ T7466]  __x64_sys_sendmsg+0x19b/0x260
[  186.127562][ T7466]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  186.127606][ T7466]  ? __pfx_ksys_write+0x10/0x10
[  186.127623][ T7466]  ? rcu_is_watching+0x15/0xb0
[  186.127650][ T7466]  ? do_syscall_64+0xbe/0x3b0
[  186.127683][ T7466]  do_syscall_64+0xfa/0x3b0
[  186.127708][ T7466]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.127733][ T7466]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.127753][ T7466]  ? clear_bhb_loop+0x60/0xb0
[  186.127779][ T7466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.127798][ T7466] RIP: 0033:0x7f2c7098eec9
[  186.127817][ T7466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.127832][ T7466] RSP: 002b:00007f2c7174f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.127852][ T7466] RAX: ffffffffffffffda RBX: 00007f2c70be5fa0 RCX: 00007f2c7098eec9
[  186.127866][ T7466] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  186.127877][ T7466] RBP: 00007f2c7174f090 R08: 0000000000000000 R09: 0000000000000000
[  186.127889][ T7466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.127900][ T7466] R13: 00007f2c70be6038 R14: 00007f2c70be5fa0 R15: 00007ffe1de84d48
[  186.127936][ T7466]  </TASK>
[  190.759229][ T7516] netlink: 4 bytes leftover after parsing attributes in process `syz.4.408'.
[  191.828890][ T7535] netlink: 'syz.0.414': attribute type 5 has an invalid length.
[  192.091974][ T7538] netlink: 56 bytes leftover after parsing attributes in process `syz.1.416'.
[  192.223693][ T7545] netlink: 'syz.2.418': attribute type 29 has an invalid length.
[  192.232770][ T7545] netlink: 'syz.2.418': attribute type 29 has an invalid length.
[  192.265770][ T7543] netlink: 'syz.2.418': attribute type 10 has an invalid length.
[  192.301254][ T7543] syz_tun: entered promiscuous mode
[  192.370123][ T7543] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  192.668327][ T7554] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  192.820472][ T7551] =======================================================
[  192.820472][ T7551] WARNING: The mand mount option has been deprecated and
[  192.820472][ T7551]          and is ignored by this kernel. Remove the mand
[  192.820472][ T7551]          option from the mount to silence this warning.
[  192.820472][ T7551] =======================================================
[  193.526063][ T7571] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.425'.
[  193.589120][ T7576] netlink: 'syz.4.427': attribute type 29 has an invalid length.
[  193.670262][ T7576] netlink: 'syz.4.427': attribute type 29 has an invalid length.
[  193.722212][ T7580] netlink: 'syz.4.427': attribute type 29 has an invalid length.
[  193.786964][ T7579] netlink: 52 bytes leftover after parsing attributes in process `syz.1.430'.
[  194.488733][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  194.495271][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  197.162893][ T7652] netlink: 'syz.2.454': attribute type 3 has an invalid length.
[  197.177835][ T7656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.455'.
[  197.232348][ T7652] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.454'.
[  197.273660][ T7656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.455'.
[  197.643752][ T7661] netlink: 'syz.3.457': attribute type 10 has an invalid length.
[  198.242761][ T7670] netlink: 52 bytes leftover after parsing attributes in process `syz.3.460'.
[  198.547582][ T7680] FAULT_INJECTION: forcing a failure.
[  198.547582][ T7680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.601405][ T7680] CPU: 0 UID: 0 PID: 7680 Comm: syz.1.462 Not tainted syzkaller #0 PREEMPT(full) 
[  198.601443][ T7680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  198.601461][ T7680] Call Trace:
[  198.601474][ T7680]  <TASK>
[  198.601485][ T7680]  dump_stack_lvl+0x189/0x250
[  198.601530][ T7680]  ? __pfx____ratelimit+0x10/0x10
[  198.601574][ T7680]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.601616][ T7680]  ? __pfx__printk+0x10/0x10
[  198.601666][ T7680]  ? __might_fault+0xb0/0x130
[  198.601719][ T7680]  should_fail_ex+0x414/0x560
[  198.601746][ T7680]  _copy_from_user+0x2d/0xb0
[  198.601765][ T7680]  ___sys_recvmsg+0x12e/0x510
[  198.601801][ T7680]  ? __pfx____sys_recvmsg+0x10/0x10
[  198.601856][ T7680]  ? __fget_files+0x3a0/0x420
[  198.601890][ T7680]  __x64_sys_recvmsg+0x198/0x260
[  198.601922][ T7680]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  198.601962][ T7680]  ? __pfx_ksys_write+0x10/0x10
[  198.601977][ T7680]  ? rcu_is_watching+0x15/0xb0
[  198.602004][ T7680]  ? do_syscall_64+0xbe/0x3b0
[  198.602035][ T7680]  do_syscall_64+0xfa/0x3b0
[  198.602059][ T7680]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.602083][ T7680]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.602102][ T7680]  ? clear_bhb_loop+0x60/0xb0
[  198.602125][ T7680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.602144][ T7680] RIP: 0033:0x7f99d8d8eec9
[  198.602161][ T7680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.602177][ T7680] RSP: 002b:00007f99d9bd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  198.602198][ T7680] RAX: ffffffffffffffda RBX: 00007f99d8fe5fa0 RCX: 00007f99d8d8eec9
[  198.602212][ T7680] RDX: 0000000040010102 RSI: 0000200000000280 RDI: 0000000000000003
[  198.602224][ T7680] RBP: 00007f99d9bd1090 R08: 0000000000000000 R09: 0000000000000000
[  198.602236][ T7680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.602247][ T7680] R13: 00007f99d8fe6038 R14: 00007f99d8fe5fa0 R15: 00007ffeebec3858
[  198.602277][ T7680]  </TASK>
[  199.259641][ T7690] syzkaller0: entered promiscuous mode
[  199.266198][ T7690] syzkaller0: entered allmulticast mode
[  199.448496][ T7709] netlink: 8 bytes leftover after parsing attributes in process `syz.2.469'.
[  200.146055][ T7716] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  200.980368][ T7723] netlink: 12 bytes leftover after parsing attributes in process `syz.1.473'.
[  201.034195][ T7723] netlink: 12 bytes leftover after parsing attributes in process `syz.1.473'.
[  201.048517][ T7723] netlink: 12 bytes leftover after parsing attributes in process `syz.1.473'.
[  202.275503][ T7743] openvswitch: netlink: Duplicate or invalid key (type 0).
[  202.300073][ T7743] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  202.897720][ T7735] delete_channel: no stack
[  204.530354][ T7782] netlink: 32 bytes leftover after parsing attributes in process `syz.2.493'.
[  204.627874][ T7786] netlink: 4 bytes leftover after parsing attributes in process `syz.1.490'.
[  204.637503][ T7782] netlink: 12 bytes leftover after parsing attributes in process `syz.2.493'.
[  204.871386][ T7784] syzkaller0: entered promiscuous mode
[  204.880957][ T7784] syzkaller0: entered allmulticast mode
[  204.999016][ T7794] netlink: 88 bytes leftover after parsing attributes in process `syz.1.496'.
[  205.011497][ T7794] netlink: 48 bytes leftover after parsing attributes in process `syz.1.496'.
[  205.631307][ T7804] openvswitch: netlink: Duplicate or invalid key (type 0).
[  205.679143][ T7804] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  205.728262][ T7810] netlink: 'syz.3.500': attribute type 21 has an invalid length.
[  205.754001][ T7810] netlink: 'syz.3.500': attribute type 6 has an invalid length.
[  205.776684][ T7810] netlink: 132 bytes leftover after parsing attributes in process `syz.3.500'.
[  206.272027][ T7800] delete_channel: no stack
[  206.880150][ T7827] netlink: 64 bytes leftover after parsing attributes in process `syz.2.505'.
[  207.296808][ T7843] netlink: 32 bytes leftover after parsing attributes in process `syz.2.509'.
[  207.382177][ T7843] netlink: 12 bytes leftover after parsing attributes in process `syz.2.509'.
[  207.679987][ T7858] openvswitch: netlink: Duplicate or invalid key (type 0).
[  207.696177][ T7858] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  207.707689][ T7854] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.514'.
[  208.376328][ T7866] netlink: 'syz.2.519': attribute type 5 has an invalid length.
[  208.422462][ T7851] delete_channel: no stack
[  209.677845][ T7897] __nla_validate_parse: 1 callbacks suppressed
[  209.677860][ T7897] netlink: 80 bytes leftover after parsing attributes in process `syz.2.527'.
[  209.821537][ T7901] netlink: 32 bytes leftover after parsing attributes in process `syz.3.529'.
[  209.833110][ T7901] netlink: 12 bytes leftover after parsing attributes in process `syz.3.529'.
[  209.891570][ T7900] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.528'.
[  210.857558][ T7915] FAULT_INJECTION: forcing a failure.
[  210.857558][ T7915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.896039][ T7915] CPU: 1 UID: 0 PID: 7915 Comm: syz.2.534 Not tainted syzkaller #0 PREEMPT(full) 
[  210.896075][ T7915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  210.896087][ T7915] Call Trace:
[  210.896095][ T7915]  <TASK>
[  210.896104][ T7915]  dump_stack_lvl+0x189/0x250
[  210.896133][ T7915]  ? __pfx____ratelimit+0x10/0x10
[  210.896160][ T7915]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.896184][ T7915]  ? __pfx__printk+0x10/0x10
[  210.896212][ T7915]  ? __might_fault+0xb0/0x130
[  210.896244][ T7915]  should_fail_ex+0x414/0x560
[  210.896272][ T7915]  _copy_from_iter+0x1de/0x1790
[  210.896309][ T7915]  ? irqentry_exit+0x74/0x90
[  210.896338][ T7915]  ? __pfx__copy_from_iter+0x10/0x10
[  210.896372][ T7915]  ? netlink_sendmsg+0x642/0xb30
[  210.896399][ T7915]  ? skb_put+0x11b/0x210
[  210.896430][ T7915]  netlink_sendmsg+0x6b2/0xb30
[  210.896465][ T7915]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.896500][ T7915]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  210.896526][ T7915]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.896553][ T7915]  __sock_sendmsg+0x219/0x270
[  210.896579][ T7915]  ____sys_sendmsg+0x505/0x830
[  210.896616][ T7915]  ? __pfx_____sys_sendmsg+0x10/0x10
[  210.896655][ T7915]  ? import_iovec+0x74/0xa0
[  210.896690][ T7915]  ___sys_sendmsg+0x21f/0x2a0
[  210.896722][ T7915]  ? __pfx____sys_sendmsg+0x10/0x10
[  210.896793][ T7915]  ? __fget_files+0x2a/0x420
[  210.896813][ T7915]  ? __fget_files+0x3a0/0x420
[  210.896846][ T7915]  __x64_sys_sendmsg+0x19b/0x260
[  210.896878][ T7915]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  210.896934][ T7915]  do_syscall_64+0xfa/0x3b0
[  210.896961][ T7915]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.896980][ T7915]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  210.897000][ T7915]  ? clear_bhb_loop+0x60/0xb0
[  210.897024][ T7915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.897043][ T7915] RIP: 0033:0x7fec75b8eec9
[  210.897071][ T7915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.897087][ T7915] RSP: 002b:00007fec76b0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.897108][ T7915] RAX: ffffffffffffffda RBX: 00007fec75de5fa0 RCX: 00007fec75b8eec9
[  210.897122][ T7915] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000008
[  210.897134][ T7915] RBP: 00007fec76b0e090 R08: 0000000000000000 R09: 0000000000000000
[  210.897145][ T7915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.897156][ T7915] R13: 00007fec75de6038 R14: 00007fec75de5fa0 R15: 00007ffd2ccc0998
[  210.897187][ T7915]  </TASK>
[  211.923389][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  211.929750][ T5881] Bluetooth: hci0: command 0x0406 tx timeout
[  211.936868][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  211.946599][ T5881] Bluetooth: hci4: command 0x0406 tx timeout
[  212.699793][ T7945] netlink: 32 bytes leftover after parsing attributes in process `syz.0.545'.
[  212.719718][ T7945] netlink: 12 bytes leftover after parsing attributes in process `syz.0.545'.
[  212.835080][ T7949] netlink: 'syz.2.546': attribute type 10 has an invalid length.
[  212.844429][ T7949] veth1_vlan: entered allmulticast mode
[  212.909879][ T7949] team0: Device veth1_vlan failed to register rx_handler
[  213.840407][ T7967] mac80211_hwsim hwsim7 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  213.859732][ T7966] netlink: 72 bytes leftover after parsing attributes in process `syz.3.550'.
[  213.870184][ T7966] netlink: 12 bytes leftover after parsing attributes in process `syz.3.550'.
[  213.880170][ T7966] netlink: 20 bytes leftover after parsing attributes in process `syz.3.550'.
[  213.980984][ T7969] netlink: 64 bytes leftover after parsing attributes in process `syz.1.551'.
[  215.916717][ T8014] netlink: 32 bytes leftover after parsing attributes in process `syz.0.563'.
[  215.948461][ T8014] netlink: 12 bytes leftover after parsing attributes in process `syz.0.563'.
[  216.083192][ T1113] wlan1: Trigger new scan to find an IBSS to join
[  216.516516][ T8027] netlink: 'syz.2.567': attribute type 3 has an invalid length.
[  216.525361][ T8027] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.567'.
[  217.033155][ T8042] FAULT_INJECTION: forcing a failure.
[  217.033155][ T8042] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.113103][ T8044] netlink: 68 bytes leftover after parsing attributes in process `syz.3.573'.
[  217.132045][ T8042] CPU: 1 UID: 0 PID: 8042 Comm: syz.2.570 Not tainted syzkaller #0 PREEMPT(full) 
[  217.132074][ T8042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  217.132086][ T8042] Call Trace:
[  217.132094][ T8042]  <TASK>
[  217.132103][ T8042]  dump_stack_lvl+0x189/0x250
[  217.132133][ T8042]  ? __pfx____ratelimit+0x10/0x10
[  217.132158][ T8042]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.132183][ T8042]  ? __pfx__printk+0x10/0x10
[  217.132211][ T8042]  ? __might_fault+0xb0/0x130
[  217.132244][ T8042]  should_fail_ex+0x414/0x560
[  217.132273][ T8042]  _copy_from_user+0x2d/0xb0
[  217.132292][ T8042]  ___sys_sendmsg+0x158/0x2a0
[  217.132327][ T8042]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.132397][ T8042]  ? __fget_files+0x2a/0x420
[  217.132418][ T8042]  ? __fget_files+0x3a0/0x420
[  217.132451][ T8042]  __x64_sys_sendmsg+0x19b/0x260
[  217.132480][ T8042]  ? perf_trace_run_bpf_submit+0x100/0x170
[  217.132508][ T8042]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  217.132572][ T8042]  ? do_syscall_64+0xbe/0x3b0
[  217.132604][ T8042]  do_syscall_64+0xfa/0x3b0
[  217.132632][ T8042]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.132651][ T8042]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  217.132671][ T8042]  ? clear_bhb_loop+0x60/0xb0
[  217.132696][ T8042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.132715][ T8042] RIP: 0033:0x7fec75b8eec9
[  217.132732][ T8042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.132748][ T8042] RSP: 002b:00007fec76aed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.132769][ T8042] RAX: ffffffffffffffda RBX: 00007fec75de6090 RCX: 00007fec75b8eec9
[  217.132784][ T8042] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[  217.132796][ T8042] RBP: 00007fec76aed090 R08: 0000000000000000 R09: 0000000000000000
[  217.132808][ T8042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.132820][ T8042] R13: 00007fec75de6128 R14: 00007fec75de6090 R15: 00007ffd2ccc0998
[  217.132853][ T8042]  </TASK>
[  217.147610][ T8046] netlink: 48 bytes leftover after parsing attributes in process `syz.0.574'.
[  219.123258][ T1167] wlan1: Trigger new scan to find an IBSS to join
[  220.208740][ T8062] openvswitch: netlink: VXLAN extension 109 out of range max 1
[  220.439427][ T8073] nft_compat: unsupported protocol 5
[  220.952476][ T8077] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  222.087188][   T63] wlan1: Trigger new scan to find an IBSS to join
[  222.148041][ T8065] netlink: 124 bytes leftover after parsing attributes in process `syz.3.581'.
[  222.185580][ T8065] netlink: 44 bytes leftover after parsing attributes in process `syz.3.581'.
[  222.852746][ T8085] delete_channel: no stack
[  223.020165][   T12] wlan1: Creating new IBSS network, BSSID c2:37:09:0f:15:6c
[  223.119381][ T8110] netlink: 68 bytes leftover after parsing attributes in process `syz.3.591'.
[  223.598231][ T8122] netlink: 'syz.2.595': attribute type 21 has an invalid length.
[  223.654635][ T8122] netlink: 'syz.2.595': attribute type 21 has an invalid length.
[  223.675290][ T8122] IPv6: NLM_F_CREATE should be specified when creating new route
[  223.687064][ T8122] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  223.694882][ T8122] IPv6: NLM_F_CREATE should be set when creating new route
[  223.702546][ T8122] IPv6: NLM_F_CREATE should be set when creating new route
[  223.710260][ T8122] IPv6: NLM_F_CREATE should be set when creating new route
[  223.905538][ T8132] netlink: 4 bytes leftover after parsing attributes in process `syz.2.598'.
[  224.245838][ T8142] netlink: 'syz.2.598': attribute type 11 has an invalid length.
[  225.196779][ T8158] netlink: 68 bytes leftover after parsing attributes in process `syz.2.604'.
[  225.526336][ T8163] netlink: 'syz.0.607': attribute type 22 has an invalid length.
[  225.554335][ T8163] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[  225.837782][ T8177] netlink: 146932 bytes leftover after parsing attributes in process `syz.4.610'.
[  225.861693][ T8177] openvswitch: netlink: Message has 6 unknown bytes.
[  226.216846][ T8187] netlink: 32 bytes leftover after parsing attributes in process `syz.0.615'.
[  226.277986][ T8187] netlink: 12 bytes leftover after parsing attributes in process `syz.0.615'.
[  226.345189][ T8185] syzkaller0: entered allmulticast mode
[  226.757120][ T8196] netlink: 'syz.1.618': attribute type 3 has an invalid length.
[  226.800799][ T8196] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.618'.
[  227.376613][ T8211] netlink: 'syz.0.621': attribute type 39 has an invalid length.
[  227.478242][ T8211] veth0_macvtap: left promiscuous mode
[  227.543713][ T8217] __nla_validate_parse: 1 callbacks suppressed
[  227.543734][ T8217] netlink: 936 bytes leftover after parsing attributes in process `syz.4.625'.
[  227.642451][ T8217] netlink: 'syz.4.625': attribute type 1 has an invalid length.
[  227.664959][ T8217] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.625'.
[  228.315660][ T8224] netlink: 'syz.2.626': attribute type 1 has an invalid length.
[  228.324110][ T8224] netlink: 8 bytes leftover after parsing attributes in process `syz.2.626'.
[  228.758677][ T8237] netlink: 32 bytes leftover after parsing attributes in process `syz.1.631'.
[  228.776077][ T8237] netlink: 12 bytes leftover after parsing attributes in process `syz.1.631'.
[  228.835335][ T8240] netlink: 184 bytes leftover after parsing attributes in process `syz.4.633'.
[  229.336578][ T8249] netlink: 'syz.4.636': attribute type 10 has an invalid length.
[  229.352621][ T8249] netlink: 'syz.4.636': attribute type 16 has an invalid length.
[  229.412196][ T8249] netlink: 156 bytes leftover after parsing attributes in process `syz.4.636'.
[  229.501011][ T8259] netlink: 92 bytes leftover after parsing attributes in process `syz.0.638'.
[  229.709498][ T8264] netlink: 'syz.3.640': attribute type 29 has an invalid length.
[  229.811336][ T8264] netlink: 'syz.3.640': attribute type 29 has an invalid length.
[  230.003946][ T8270] netlink: 'syz.1.642': attribute type 3 has an invalid length.
[  230.011657][ T8270] netlink: 'syz.1.642': attribute type 6 has an invalid length.
[  230.041964][ T8270] netlink: 'syz.1.642': attribute type 8 has an invalid length.
[  230.049884][ T8270] netlink: 'syz.1.642': attribute type 10 has an invalid length.
[  230.073829][ T8270] netlink: 'syz.1.642': attribute type 11 has an invalid length.
[  230.081625][ T8270] netlink: 198236 bytes leftover after parsing attributes in process `syz.1.642'.
[  230.283708][ T8277] netlink: 52 bytes leftover after parsing attributes in process `syz.3.644'.
[  230.993386][ T8292] netlink: 'syz.2.650': attribute type 6 has an invalid length.
[  231.256000][ T8295] À: port 1(vlan0) entered blocking state
[  231.283488][ T8295] À: port 1(vlan0) entered disabled state
[  231.337524][ T8295] vlan0: entered allmulticast mode
[  231.363731][ T8295] veth0_vlan: entered allmulticast mode
[  231.378196][ T8295] vlan0: entered promiscuous mode
[  231.856755][ T8297] delete_channel: no stack
[  232.678785][ T8333] __nla_validate_parse: 6 callbacks suppressed
[  232.678807][ T8333] netlink: 32 bytes leftover after parsing attributes in process `syz.4.663'.
[  232.736430][ T8333] netlink: 12 bytes leftover after parsing attributes in process `syz.4.663'.
[  233.733341][ T8352] delete_channel: no stack
[  233.748988][ T8360] netlink: 52 bytes leftover after parsing attributes in process `syz.4.673'.
[  238.242345][ T8425] validate_nla: 2 callbacks suppressed
[  238.242368][ T8425] netlink: 'syz.1.692': attribute type 39 has an invalid length.
[  239.144275][ T8427] delete_channel: no stack
[  239.400745][ T8452] netlink: 'syz.2.701': attribute type 5 has an invalid length.
[  239.598949][ T8457] netlink: 68 bytes leftover after parsing attributes in process `syz.1.703'.
[  240.452115][ T8469] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  241.178131][ T8484] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.709'.
[  241.415723][ T8463] netlink: 124 bytes leftover after parsing attributes in process `syz.4.706'.
[  241.454227][ T8463] netlink: 44 bytes leftover after parsing attributes in process `syz.4.706'.
[  241.726011][ T8488] delete_channel: no stack
[  242.611305][ T8521] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  242.647793][ T8520] netlink: 'syz.2.722': attribute type 29 has an invalid length.
[  242.732200][ T8517] netlink: 'syz.2.722': attribute type 29 has an invalid length.
[  242.784575][ T8517] netlink: 'syz.2.722': attribute type 29 has an invalid length.
[  243.323488][ T8532] syzkaller0: entered allmulticast mode
[  245.181395][ T8572] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  245.550677][ T8582] netlink: 'syz.1.744': attribute type 1 has an invalid length.
[  245.704503][ T8571] netlink: 'syz.2.739': attribute type 39 has an invalid length.
[  246.810339][ T8618] netlink: 'syz.0.757': attribute type 3 has an invalid length.
[  246.819303][ T8618] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.757'.
[  247.549096][ T8630] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  247.734174][ T8632] netlink: 996 bytes leftover after parsing attributes in process `syz.3.763'.
[  248.066455][ T8640] netlink: 'syz.4.765': attribute type 39 has an invalid length.
[  248.969937][ T8640] veth0_macvtap: left promiscuous mode
[  249.271663][ T8654] netlink: 68 bytes leftover after parsing attributes in process `syz.3.771'.
[  249.593615][ T8649] syzkaller0: entered promiscuous mode
[  249.608369][ T8649] syzkaller0: entered allmulticast mode
[  250.570328][ T8675] netlink: 'syz.0.779': attribute type 5 has an invalid length.
[  250.590553][ T8661] syzkaller0: entered promiscuous mode
[  250.597027][ T8661] syzkaller0: entered allmulticast mode
[  253.017392][   T37] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  253.106559][ T8707] netlink: 'syz.2.790': attribute type 10 has an invalid length.
[  253.163654][ T8707] netlink: 40 bytes leftover after parsing attributes in process `syz.2.790'.
[  254.692939][ T8693] netlink: 'syz.0.786': attribute type 1 has an invalid length.
[  254.700686][ T8693] netlink: 'syz.0.786': attribute type 2 has an invalid length.
[  255.039505][ T8725] netlink: 'syz.2.797': attribute type 5 has an invalid length.
[  255.944206][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  255.953539][ T8750] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  255.960787][ T8750] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  255.970253][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  256.346866][ T8765] netlink: 'syz.0.812': attribute type 5 has an invalid length.
[  256.387825][ T8766] netlink: 32 bytes leftover after parsing attributes in process `syz.1.811'.
[  256.440643][ T8766] netlink: 12 bytes leftover after parsing attributes in process `syz.1.811'.
[  256.684037][ T8770] netlink: 'syz.3.813': attribute type 21 has an invalid length.
[  256.721057][ T8770] netlink: 132 bytes leftover after parsing attributes in process `syz.3.813'.
[  256.781236][ T8770] netlink: 'syz.3.813': attribute type 1 has an invalid length.
[  256.843925][ T8774] netlink: 'syz.2.816': attribute type 3 has an invalid length.
[  256.871144][ T8774] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.816'.
[  257.780473][ T8788] netlink: 24 bytes leftover after parsing attributes in process `syz.2.819'.
[  257.819165][ T8788] netlink: 24 bytes leftover after parsing attributes in process `syz.2.819'.
[  258.060639][ T8801] FAULT_INJECTION: forcing a failure.
[  258.060639][ T8801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.141142][ T8801] CPU: 0 UID: 0 PID: 8801 Comm: syz.1.826 Not tainted syzkaller #0 PREEMPT(full) 
[  258.141170][ T8801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  258.141184][ T8801] Call Trace:
[  258.141193][ T8801]  <TASK>
[  258.141201][ T8801]  dump_stack_lvl+0x189/0x250
[  258.141233][ T8801]  ? __pfx____ratelimit+0x10/0x10
[  258.141269][ T8801]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.141295][ T8801]  ? __pfx__printk+0x10/0x10
[  258.141343][ T8801]  should_fail_ex+0x414/0x560
[  258.141372][ T8801]  _copy_from_user+0x2d/0xb0
[  258.141392][ T8801]  bpf_test_init+0xd8/0x150
[  258.141424][ T8801]  bpf_prog_test_run_xdp+0x49e/0x10e0
[  258.141469][ T8801]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  258.141502][ T8801]  ? __fget_files+0x2a/0x420
[  258.141531][ T8801]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  258.141559][ T8801]  bpf_prog_test_run+0x2c7/0x340
[  258.141593][ T8801]  __sys_bpf+0x562/0x860
[  258.141623][ T8801]  ? __pfx___sys_bpf+0x10/0x10
[  258.141666][ T8801]  ? do_syscall_64+0xb7/0x3b0
[  258.141690][ T8801]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  258.141719][ T8801]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  258.141749][ T8801]  ? __pfx_ksys_write+0x10/0x10
[  258.141765][ T8801]  ? rcu_is_watching+0x15/0xb0
[  258.141794][ T8801]  __x64_sys_bpf+0x7c/0x90
[  258.141821][ T8801]  do_syscall_64+0xfa/0x3b0
[  258.141847][ T8801]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.141871][ T8801]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.141891][ T8801]  ? clear_bhb_loop+0x60/0xb0
[  258.141916][ T8801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.141936][ T8801] RIP: 0033:0x7f99d8d8eec9
[  258.141953][ T8801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.141970][ T8801] RSP: 002b:00007f99d9bd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  258.141992][ T8801] RAX: ffffffffffffffda RBX: 00007f99d8fe5fa0 RCX: 00007f99d8d8eec9
[  258.142007][ T8801] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  258.142019][ T8801] RBP: 00007f99d9bd1090 R08: 0000000000000000 R09: 0000000000000000
[  258.142032][ T8801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.142044][ T8801] R13: 00007f99d8fe6038 R14: 00007f99d8fe5fa0 R15: 00007ffeebec3858
[  258.142077][ T8801]  </TASK>
[  258.376867][ T8807] netlink: 'syz.3.825': attribute type 5 has an invalid length.
[  258.940917][ T8814] netlink: 'syz.0.827': attribute type 39 has an invalid length.
[  259.220797][ T8818] netlink: 'syz.2.829': attribute type 3 has an invalid length.
[  259.258918][ T8818] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.829'.
[  259.425923][ T8827] netlink: 64 bytes leftover after parsing attributes in process `syz.4.832'.
[  259.740420][ T8843] netlink: 12 bytes leftover after parsing attributes in process `syz.4.837'.
[  259.828032][ T8841] netlink: 14 bytes leftover after parsing attributes in process `syz.1.836'.
[  259.858966][ T8845] veth1_macvtap: entered allmulticast mode
[  260.139895][ T8849] netlink: 28 bytes leftover after parsing attributes in process `syz.2.839'.
[  260.154828][ T8849] netlink: 28 bytes leftover after parsing attributes in process `syz.2.839'.
[  260.163690][ T8858] netlink: 'syz.4.842': attribute type 5 has an invalid length.
[  260.539875][ T8862] netlink: 'syz.3.843': attribute type 39 has an invalid length.
[  260.858485][ T8862] veth0_macvtap: left promiscuous mode
[  262.195348][ T8903] netlink: 'syz.3.855': attribute type 39 has an invalid length.
[  263.476950][ T8943] netlink: 64 bytes leftover after parsing attributes in process `syz.1.868'.
[  267.434009][ T9008] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  267.480965][ T9008] batman_adv: batadv0: Removing interface: batadv_slave_0
[  267.563347][ T9008] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  267.676375][ T9008] batman_adv: batadv0: Removing interface: batadv_slave_1
[  269.316134][ T9023] netlink: 4 bytes leftover after parsing attributes in process `syz.0.892'.
[  269.420636][ T9023] netlink: 132 bytes leftover after parsing attributes in process `syz.0.892'.
[  269.469019][ T9026] netlink: 'syz.1.894': attribute type 2 has an invalid length.
[  269.518004][ T9026] netlink: 164 bytes leftover after parsing attributes in process `syz.1.894'.
[  272.079167][ T9074] netlink: 'syz.0.908': attribute type 5 has an invalid length.
[  273.470398][ T9101] netlink: 'syz.4.915': attribute type 21 has an invalid length.
[  273.512141][ T9101] netlink: 'syz.4.915': attribute type 6 has an invalid length.
[  273.550961][ T9101] netlink: 132 bytes leftover after parsing attributes in process `syz.4.915'.
[  274.727136][ T9115] netlink: 'syz.1.921': attribute type 21 has an invalid length.
[  274.736495][ T9115] netlink: 'syz.1.921': attribute type 6 has an invalid length.
[  275.008458][ T9115] netlink: 132 bytes leftover after parsing attributes in process `syz.1.921'.
[  275.165389][ T9130] netlink: 64 bytes leftover after parsing attributes in process `syz.3.925'.
[  275.295484][ T9133] netlink: 'syz.3.927': attribute type 5 has an invalid length.
[  275.788248][ T9148] FAULT_INJECTION: forcing a failure.
[  275.788248][ T9148] name failslab, interval 1, probability 0, space 0, times 0
[  275.892121][ T9148] CPU: 1 UID: 0 PID: 9148 Comm: syz.0.929 Not tainted syzkaller #0 PREEMPT(full) 
[  275.892151][ T9148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  275.892164][ T9148] Call Trace:
[  275.892176][ T9148]  <TASK>
[  275.892189][ T9148]  dump_stack_lvl+0x189/0x250
[  275.892228][ T9148]  ? __pfx____ratelimit+0x10/0x10
[  275.892265][ T9148]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.892300][ T9148]  ? __pfx__printk+0x10/0x10
[  275.892372][ T9148]  ? __pfx___might_resched+0x10/0x10
[  275.892390][ T9148]  ? fs_reclaim_acquire+0x7d/0x100
[  275.892446][ T9148]  should_fail_ex+0x414/0x560
[  275.892497][ T9148]  ? __pfx_sock_alloc_inode+0x10/0x10
[  275.892523][ T9148]  should_failslab+0xa8/0x100
[  275.892557][ T9148]  ? __pfx_sock_alloc_inode+0x10/0x10
[  275.892578][ T9148]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  275.892615][ T9148]  ? sock_alloc_inode+0x28/0xc0
[  275.892665][ T9148]  ? __pfx_sock_alloc_inode+0x10/0x10
[  275.892690][ T9148]  sock_alloc_inode+0x28/0xc0
[  275.892716][ T9148]  alloc_inode+0x6a/0x1b0
[  275.892765][ T9148]  __sock_create+0x12d/0x9f0
[  275.892792][ T9148]  ? do_syscall_64+0xb7/0x3b0
[  275.892834][ T9148]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  275.892896][ T9148]  __sys_socket+0xd7/0x1b0
[  275.892954][ T9148]  __x64_sys_socket+0x7a/0x90
[  275.892994][ T9148]  do_syscall_64+0xfa/0x3b0
[  275.893022][ T9148]  ? lockdep_hardirqs_on+0x9c/0x150
[  275.893054][ T9148]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.893078][ T9148]  ? clear_bhb_loop+0x60/0xb0
[  275.893127][ T9148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.893149][ T9148] RIP: 0033:0x7f036c58eec9
[  275.893174][ T9148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.893191][ T9148] RSP: 002b:00007f036d3a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  275.893212][ T9148] RAX: ffffffffffffffda RBX: 00007f036c7e5fa0 RCX: 00007f036c58eec9
[  275.893227][ T9148] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000021
[  275.893238][ T9148] RBP: 00007f036d3a2090 R08: 0000000000000000 R09: 0000000000000000
[  275.893250][ T9148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.893262][ T9148] R13: 00007f036c7e6038 R14: 00007f036c7e5fa0 R15: 00007fff9bad87e8
[  275.893363][ T9148]  </TASK>
[  275.893525][ T9148] socket: no more sockets
[  276.305561][ T9149] openvswitch: netlink: Duplicate or invalid key (type 0).
[  276.349289][ T9149] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  276.526085][ T9141] delete_channel: no stack
[  276.952383][ T9166] netlink: 64 bytes leftover after parsing attributes in process `syz.1.937'.
[  277.453520][ T9189] netlink: 32 bytes leftover after parsing attributes in process `syz.4.944'.
[  277.491005][ T9189] netlink: 12 bytes leftover after parsing attributes in process `syz.4.944'.
[  279.162678][ T9229] netlink: del zone limit has 4 unknown bytes
[  279.647649][ T9245] netlink: 'syz.0.963': attribute type 2 has an invalid length.
[  279.709458][ T9245] netlink: 17267 bytes leftover after parsing attributes in process `syz.0.963'.
[  280.288906][ T9241] delete_channel: no stack
[  280.839846][ T9262] netlink: 'syz.1.968': attribute type 21 has an invalid length.
[  280.859386][ T9262] netlink: 'syz.1.968': attribute type 6 has an invalid length.
[  280.889956][ T9262] netlink: 132 bytes leftover after parsing attributes in process `syz.1.968'.
[  282.124025][ T9288] netlink: 'syz.2.977': attribute type 1 has an invalid length.
[  282.636733][ T9298] netlink: 'syz.0.980': attribute type 39 has an invalid length.
[  283.493754][ T9310] netlink: 'syz.4.985': attribute type 39 has an invalid length.
[  283.601859][ T5880] Bluetooth: hci3: command 0x0406 tx timeout
[  283.656463][ T9316] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  283.976781][ T9315] netlink: 'syz.1.986': attribute type 21 has an invalid length.
[  283.995010][ T9315] netlink: 'syz.1.986': attribute type 6 has an invalid length.
[  284.044149][ T1113] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  284.105219][ T9315] netlink: 132 bytes leftover after parsing attributes in process `syz.1.986'.
[  286.234918][ T9344] netlink: 52 bytes leftover after parsing attributes in process `syz.2.994'.
[  288.148396][ T9375] netlink: 'syz.3.1008': attribute type 39 has an invalid length.
[  290.063219][ T9424] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1021'.
[  290.084781][ T9424] hsr_slave_0: left promiscuous mode
[  290.097730][ T9424] hsr_slave_1: left promiscuous mode
[  290.230116][ T9424] netlink: 'syz.2.1021': attribute type 7 has an invalid length.
[  290.556184][ T9438] netlink: 'syz.3.1025': attribute type 39 has an invalid length.
[  290.740934][ T9443] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  304.988508][ T9485] netlink: 'syz.1.1039': attribute type 39 has an invalid length.
[  305.549582][ T9502] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  307.234462][ T9540] netlink: 'syz.2.1052': attribute type 39 has an invalid length.
[  308.774322][ T9529] syzkaller0: entered promiscuous mode
[  308.791341][ T9529] syzkaller0: entered allmulticast mode
[  309.307064][ T9558] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  313.734444][ T9610] netlink: 'syz.0.1074': attribute type 3 has an invalid length.
[  313.748801][ T9610] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1074'.
[  316.084176][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  316.467090][ T9614] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  316.636206][ T9619] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1078'.
[  316.719477][ T9619] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1078'.
[  317.399625][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  317.406443][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  318.153716][ T9650] netlink: 184 bytes leftover after parsing attributes in process `syz.1.1086'.
[  318.851265][ T9670] netlink: 'syz.1.1088': attribute type 3 has an invalid length.
[  318.859459][ T9670] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1088'.
[  320.857813][ T9713] openvswitch: netlink: Missing valid actions attribute.
[  320.880306][ T9713] openvswitch: netlink: Actions may not be safe on all matching packets
[  321.164274][ T9710] netlink: 124 bytes leftover after parsing attributes in process `syz.4.1097'.
[  321.248282][ T9710] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1097'.
[  321.492822][ T9723] netlink: 'syz.3.1103': attribute type 29 has an invalid length.
[  321.504434][ T9719] delete_channel: no stack
[  321.524070][ T9723] netlink: 'syz.3.1103': attribute type 29 has an invalid length.
[  321.548892][ T9723] netlink: 'syz.3.1103': attribute type 29 has an invalid length.
[  321.570581][ T9723] netlink: 'syz.3.1103': attribute type 29 has an invalid length.
[  321.577558][ T9725] delete_channel: no stack
[  321.621550][ T9725] delete_channel: no stack
[  322.802482][ T9725] netlink: 'syz.2.1104': attribute type 1 has an invalid length.
[  322.897202][ T9725] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1104'.
[  323.223888][ T9749] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1109'.
[  323.245792][ T9747] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1109'.
[  323.299182][ T9749] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1109'.
[  324.768252][ T9768] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1113'.
[  324.999555][ T9781] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1118'.
[  325.526615][ T9787] netlink: 'syz.2.1120': attribute type 29 has an invalid length.
[  325.538353][ T9790] netlink: 'syz.2.1120': attribute type 29 has an invalid length.
[  325.634236][ T9786] syzkaller0: entered promiscuous mode
[  325.639850][ T9786] syzkaller0: entered allmulticast mode
[  329.920098][ T9867] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.1141'.
[  330.163444][ T9874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1144'.
[  330.199827][ T9876] netlink: 'syz.0.1145': attribute type 39 has an invalid length.
[  330.285635][ T9876] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1145'.
[  332.015760][ T9917] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[  335.769193][ T9980] netlink: 'syz.2.1176': attribute type 3 has an invalid length.
[  335.796162][ T9980] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1176'.
[  337.104804][T10008] netlink: 'syz.2.1185': attribute type 39 has an invalid length.
[  337.332806][T10012] FAULT_INJECTION: forcing a failure.
[  337.332806][T10012] name failslab, interval 1, probability 0, space 0, times 0
[  337.350958][T10012] CPU: 0 UID: 0 PID: 10012 Comm: syz.3.1187 Not tainted syzkaller #0 PREEMPT(full) 
[  337.350986][T10012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  337.351012][T10012] Call Trace:
[  337.351021][T10012]  <TASK>
[  337.351030][T10012]  dump_stack_lvl+0x189/0x250
[  337.351069][T10012]  ? __pfx____ratelimit+0x10/0x10
[  337.351097][T10012]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.351121][T10012]  ? __pfx__printk+0x10/0x10
[  337.351169][T10012]  should_fail_ex+0x414/0x560
[  337.351199][T10012]  should_failslab+0xa8/0x100
[  337.351223][T10012]  kmem_cache_alloc_noprof+0x73/0x3c0
[  337.351254][T10012]  ? skb_clone+0x212/0x3a0
[  337.351280][T10012]  skb_clone+0x212/0x3a0
[  337.351303][T10012]  __netlink_deliver_tap+0x404/0x850
[  337.351342][T10012]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.351370][T10012]  netlink_deliver_tap+0x19c/0x1b0
[  337.351397][T10012]  netlink_unicast+0x7fa/0x9e0
[  337.351433][T10012]  ? __pfx_netlink_unicast+0x10/0x10
[  337.351460][T10012]  ? netlink_sendmsg+0x642/0xb30
[  337.351484][T10012]  ? skb_put+0x11b/0x210
[  337.351517][T10012]  netlink_sendmsg+0x805/0xb30
[  337.351556][T10012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.351588][T10012]  ? aa_sock_msg_perm+0xf1/0x1d0
[  337.351616][T10012]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  337.351642][T10012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.351670][T10012]  __sock_sendmsg+0x219/0x270
[  337.351696][T10012]  ____sys_sendmsg+0x505/0x830
[  337.351734][T10012]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.351776][T10012]  ? import_iovec+0x74/0xa0
[  337.351813][T10012]  ___sys_sendmsg+0x21f/0x2a0
[  337.351847][T10012]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.351905][T10012]  ? __fget_files+0x2a/0x420
[  337.351945][T10012]  ? __fget_files+0x2a/0x420
[  337.351966][T10012]  ? __fget_files+0x3a0/0x420
[  337.352002][T10012]  __x64_sys_sendmsg+0x19b/0x260
[  337.352037][T10012]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  337.352107][T10012]  do_syscall_64+0xfa/0x3b0
[  337.352135][T10012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.352151][T10012]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  337.352170][T10012]  ? clear_bhb_loop+0x60/0xb0
[  337.352194][T10012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.352212][T10012] RIP: 0033:0x7f2c7098eec9
[  337.352230][T10012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.352246][T10012] RSP: 002b:00007f2c7174f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.352266][T10012] RAX: ffffffffffffffda RBX: 00007f2c70be5fa0 RCX: 00007f2c7098eec9
[  337.352280][T10012] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000008
[  337.352291][T10012] RBP: 00007f2c7174f090 R08: 0000000000000000 R09: 0000000000000000
[  337.352303][T10012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.352314][T10012] R13: 00007f2c70be6038 R14: 00007f2c70be5fa0 R15: 00007ffe1de84d48
[  337.352348][T10012]  </TASK>
[  339.368898][T10045] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1198'.
[  339.477521][T10050] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1199'.
[  342.368789][T10092] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1213'.
[  344.423726][T10141] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1226'.
[  344.667512][T10143] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1230'.
[  344.943444][T10147] netlink: 'syz.1.1231': attribute type 2 has an invalid length.
[  344.976963][T10147] netlink: 198112 bytes leftover after parsing attributes in process `syz.1.1231'.
[  345.044938][T10147] netlink: 'syz.1.1231': attribute type 1 has an invalid length.
[  345.123661][T10151] netlink: 'syz.1.1231': attribute type 1 has an invalid length.
[  345.365176][T10156] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1234'.
[  347.176009][T10198] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1248'.
[  347.347918][T10200] syzkaller0: entered allmulticast mode
[  347.371267][T10196] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1247'.
[  347.386321][T10196] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1247'.
[  347.554118][T10205] delete_channel: no stack
[  348.322692][T10238] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1263'.
[  348.615148][T10246] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1266'.
[  348.616233][T10242] syzkaller0: entered allmulticast mode
[  348.943766][T10251] netlink: 'syz.4.1267': attribute type 3 has an invalid length.
[  348.952522][T10251] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1267'.
[  349.492693][T10272] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1276'.
[  350.072951][T10286] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1280'.
[  350.128640][T10282] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.1280'.
[  350.259758][T10289] netlink: 'syz.0.1281': attribute type 21 has an invalid length.
[  350.412204][T10295] syzkaller0: entered allmulticast mode
[  350.874232][T10299] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1285'.
[  351.197508][T10313] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1289'.
[  351.785015][T10324] FAULT_INJECTION: forcing a failure.
[  351.785015][T10324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.800409][T10324] CPU: 0 UID: 0 PID: 10324 Comm: syz.0.1292 Not tainted syzkaller #0 PREEMPT(full) 
[  351.800438][T10324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  351.800450][T10324] Call Trace:
[  351.800458][T10324]  <TASK>
[  351.800467][T10324]  dump_stack_lvl+0x189/0x250
[  351.800497][T10324]  ? __pfx____ratelimit+0x10/0x10
[  351.800523][T10324]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.800547][T10324]  ? __pfx__printk+0x10/0x10
[  351.800575][T10324]  ? __might_fault+0xb0/0x130
[  351.800607][T10324]  should_fail_ex+0x414/0x560
[  351.800634][T10324]  _copy_from_user+0x2d/0xb0
[  351.800653][T10324]  __sys_bpf+0x1e3/0x860
[  351.800683][T10324]  ? __pfx___sys_bpf+0x10/0x10
[  351.800727][T10324]  ? ksys_write+0x22a/0x250
[  351.800748][T10324]  ? __pfx_ksys_write+0x10/0x10
[  351.800763][T10324]  ? rcu_is_watching+0x15/0xb0
[  351.800793][T10324]  __x64_sys_bpf+0x7c/0x90
[  351.800817][T10324]  do_syscall_64+0xfa/0x3b0
[  351.800843][T10324]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.800867][T10324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.800886][T10324]  ? clear_bhb_loop+0x60/0xb0
[  351.800910][T10324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.800928][T10324] RIP: 0033:0x7f036c58eec9
[  351.800945][T10324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.800962][T10324] RSP: 002b:00007f036d3a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  351.800983][T10324] RAX: ffffffffffffffda RBX: 00007f036c7e5fa0 RCX: 00007f036c58eec9
[  351.800998][T10324] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[  351.801010][T10324] RBP: 00007f036d3a2090 R08: 0000000000000000 R09: 0000000000000000
[  351.801022][T10324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.801033][T10324] R13: 00007f036c7e6038 R14: 00007f036c7e5fa0 R15: 00007fff9bad87e8
[  351.801077][T10324]  </TASK>
[  352.375577][T10339] syzkaller0: entered allmulticast mode
[  354.980828][T10346] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  355.045987][T10347] netlink: 'syz.1.1301': attribute type 2 has an invalid length.
[  355.178388][T10353] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1301'.
[  355.192616][T10352] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  357.028081][T10386] syzkaller0: entered allmulticast mode
[  357.032791][T10393] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  359.087340][T10433] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1329'.
[  359.151987][T10433] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1329'.
[  359.183985][T10436] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  360.451018][T10465] netlink: 'syz.2.1338': attribute type 27 has an invalid length.
[  360.459348][T10465] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1338'.
[  365.733452][T10522] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1357'.
[  365.799214][T10522] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1357'.
[  366.243302][T10538] delete_channel: no stack
[  366.615818][T10561] syzkaller0: entered allmulticast mode
[  369.054579][T10602] netlink: 'syz.0.1386': attribute type 1 has an invalid length.
[  371.011589][T10585] syzkaller0: entered promiscuous mode
[  371.018269][T10585] syzkaller0: entered allmulticast mode
[  371.050913][T10602] wg0 speed is unknown, defaulting to 1000
[  371.058855][T10602] wg0 speed is unknown, defaulting to 1000
[  373.811075][T10602] wg0 speed is unknown, defaulting to 1000
[  373.847822][T10602] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  373.940980][T10602] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  374.004708][T10628] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.1392'.
[  374.049409][T10633] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1394'.
[  374.080646][T10602] wg0 speed is unknown, defaulting to 1000
[  374.106835][T10602] wg0 speed is unknown, defaulting to 1000
[  374.134098][T10602] wg0 speed is unknown, defaulting to 1000
[  374.163366][T10602] wg0 speed is unknown, defaulting to 1000
[  374.177136][T10602] wg0 speed is unknown, defaulting to 1000
[  374.901509][T10642] netlink: 'syz.0.1397': attribute type 3 has an invalid length.
[  375.010286][T10642] netlink: 199556 bytes leftover after parsing attributes in process `syz.0.1397'.
[  375.144532][T10651] openvswitch: netlink: Duplicate or invalid key (type 0).
[  375.201057][T10651] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  375.214260][T10654] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1400'.
[  375.355977][T10654] openvswitch: netlink: Flow key attr not present in new flow.
[  375.642737][T10644] delete_channel: no stack
[  375.752868][T10659] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1402'.
[  375.849707][T10659] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1402'.
[  375.876790][T10661] netlink: 'syz.1.1405': attribute type 10 has an invalid length.
[  375.903611][T10665] xt_l2tp: missing protocol rule (udp|l2tpip)
[  375.929355][T10666] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1405'.
[  376.271333][T10677] netlink: 'syz.0.1407': attribute type 10 has an invalid length.
[  376.405446][T10677] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.1407'.
[  376.839272][T10688] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1412'.
[  376.859209][T10690] netlink: 'syz.0.1407': attribute type 10 has an invalid length.
[  376.940540][T10690] veth1_macvtap: left allmulticast mode
[  377.208257][T10690] team0: Device veth1_macvtap failed to register rx_handler
[  377.300347][T10697] syzkaller0: entered allmulticast mode
[  377.539426][T10707] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1418'.
[  378.579256][T10723] FAULT_INJECTION: forcing a failure.
[  378.579256][T10723] name failslab, interval 1, probability 0, space 0, times 0
[  378.710775][T10723] CPU: 1 UID: 0 PID: 10723 Comm: syz.0.1423 Not tainted syzkaller #0 PREEMPT(full) 
[  378.710804][T10723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  378.710821][T10723] Call Trace:
[  378.710830][T10723]  <TASK>
[  378.710840][T10723]  dump_stack_lvl+0x189/0x250
[  378.710870][T10723]  ? __pfx____ratelimit+0x10/0x10
[  378.710897][T10723]  ? __pfx_dump_stack_lvl+0x10/0x10
[  378.710922][T10723]  ? __pfx__printk+0x10/0x10
[  378.710959][T10723]  ? __pfx___might_resched+0x10/0x10
[  378.710988][T10723]  should_fail_ex+0x414/0x560
[  378.711018][T10723]  should_failslab+0xa8/0x100
[  378.711043][T10723]  __kmalloc_noprof+0xcb/0x4f0
[  378.711062][T10723]  ? bpf_prog_test_run_sk_lookup+0x4ac/0xb60
[  378.711097][T10723]  bpf_prog_test_run_sk_lookup+0x4ac/0xb60
[  378.711148][T10723]  ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10
[  378.711181][T10723]  ? __fget_files+0x3a0/0x420
[  378.711203][T10723]  ? __fget_files+0x2a/0x420
[  378.711230][T10723]  ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10
[  378.711260][T10723]  bpf_prog_test_run+0x2c7/0x340
[  378.711295][T10723]  __sys_bpf+0x562/0x860
[  378.711325][T10723]  ? __pfx___sys_bpf+0x10/0x10
[  378.711368][T10723]  ? do_syscall_64+0xb7/0x3b0
[  378.711398][T10723]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  378.711428][T10723]  ? __pfx_ksys_write+0x10/0x10
[  378.711443][T10723]  ? rcu_is_watching+0x15/0xb0
[  378.711482][T10723]  __x64_sys_bpf+0x7c/0x90
[  378.711504][T10723]  do_syscall_64+0xfa/0x3b0
[  378.711524][T10723]  ? lockdep_hardirqs_on+0x9c/0x150
[  378.711544][T10723]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.711559][T10723]  ? clear_bhb_loop+0x60/0xb0
[  378.711579][T10723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.711599][T10723] RIP: 0033:0x7f036c58eec9
[  378.711614][T10723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.711628][T10723] RSP: 002b:00007f036d3a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  378.711652][T10723] RAX: ffffffffffffffda RBX: 00007f036c7e5fa0 RCX: 00007f036c58eec9
[  378.711665][T10723] RDX: 0000000000000048 RSI: 0000200000000440 RDI: 000000000000000a
[  378.711677][T10723] RBP: 00007f036d3a2090 R08: 0000000000000000 R09: 0000000000000000
[  378.711686][T10723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.711696][T10723] R13: 00007f036c7e6038 R14: 00007f036c7e5fa0 R15: 00007fff9bad87e8
[  378.711726][T10723]  </TASK>
[  378.990676][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  379.006275][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  379.358418][T10737] netlink: 'syz.0.1427': attribute type 39 has an invalid length.
[  379.910897][T10729] syzkaller0: entered promiscuous mode
[  379.932606][T10729] syzkaller0: entered allmulticast mode
[  380.156986][T10753] __nla_validate_parse: 2 callbacks suppressed
[  380.157008][T10753] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1432'.
[  380.199673][T10753] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1432'.
[  382.933185][T10777] syzkaller0: entered allmulticast mode
[  383.111198][T10787] netlink: 'syz.4.1442': attribute type 2 has an invalid length.
[  383.338976][T10795] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1445'.
[  383.502351][T10795] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1445'.
[  384.748150][T10824] syzkaller0: entered promiscuous mode
[  384.757872][T10824] syzkaller0: entered allmulticast mode
[  385.565325][T10840] netlink: 208192 bytes leftover after parsing attributes in process `syz.1.1456'.
[  385.586042][T10840] netlink: 'syz.1.1456': attribute type 1 has an invalid length.
[  385.778602][T10844] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  387.330092][T10855] xt_cluster: you have exceeded the maximum number of cluster nodes (37482740 > 32)
[  387.378581][T10859] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1461'.
[  388.345072][T10872] netlink: 'syz.0.1465': attribute type 10 has an invalid length.
[  388.369101][T10872] netlink: 'syz.0.1465': attribute type 16 has an invalid length.
[  388.431247][T10872] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1465'.
[  389.003716][T10865] delete_channel: no stack
[  391.186829][T10895] netlink: 'syz.2.1474': attribute type 13 has an invalid length.
[  391.231847][T10895] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1474'.
[  391.252678][T10899] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1475'.
[  391.264268][T10895] bond0: entered promiscuous mode
[  391.269624][T10895] bond_slave_0: entered promiscuous mode
[  391.277533][T10895] bond_slave_1: entered promiscuous mode
[  391.290511][T10895] bond0: entered allmulticast mode
[  391.297005][T10895] bond_slave_0: entered allmulticast mode
[  391.331945][T10895] bond_slave_1: entered allmulticast mode
[  391.338585][T10901] FAULT_INJECTION: forcing a failure.
[  391.338585][T10901] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  391.353535][T10895] syz_tun: entered allmulticast mode
[  391.380420][T10901] CPU: 1 UID: 0 PID: 10901 Comm: syz.1.1477 Not tainted syzkaller #0 PREEMPT(full) 
[  391.380447][T10901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  391.380460][T10901] Call Trace:
[  391.380467][T10901]  <TASK>
[  391.380476][T10901]  dump_stack_lvl+0x189/0x250
[  391.380505][T10901]  ? __pfx____ratelimit+0x10/0x10
[  391.380531][T10901]  ? __pfx_dump_stack_lvl+0x10/0x10
[  391.380555][T10901]  ? __pfx__printk+0x10/0x10
[  391.380591][T10901]  ? __might_fault+0xb0/0x130
[  391.380623][T10901]  should_fail_ex+0x414/0x560
[  391.380650][T10901]  _copy_from_iter+0x1de/0x1790
[  391.380687][T10901]  ? rcu_is_watching+0x15/0xb0
[  391.380708][T10901]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  391.380742][T10901]  ? __pfx__copy_from_iter+0x10/0x10
[  391.380772][T10901]  ? __build_skb_around+0x257/0x3e0
[  391.380802][T10901]  ? netlink_sendmsg+0x642/0xb30
[  391.380827][T10901]  ? skb_put+0x11b/0x210
[  391.380858][T10901]  netlink_sendmsg+0x6b2/0xb30
[  391.380894][T10901]  ? __pfx_netlink_sendmsg+0x10/0x10
[  391.380924][T10901]  ? aa_sock_msg_perm+0xf1/0x1d0
[  391.380951][T10901]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  391.380977][T10901]  ? __pfx_netlink_sendmsg+0x10/0x10
[  391.381004][T10901]  __sock_sendmsg+0x219/0x270
[  391.381030][T10901]  ____sys_sendmsg+0x505/0x830
[  391.381066][T10901]  ? __pfx_____sys_sendmsg+0x10/0x10
[  391.381106][T10901]  ? import_iovec+0x74/0xa0
[  391.381141][T10901]  ___sys_sendmsg+0x21f/0x2a0
[  391.381173][T10901]  ? __pfx____sys_sendmsg+0x10/0x10
[  391.381242][T10901]  ? __fget_files+0x2a/0x420
[  391.381263][T10901]  ? __fget_files+0x3a0/0x420
[  391.381296][T10901]  __x64_sys_sendmsg+0x19b/0x260
[  391.381330][T10901]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  391.381371][T10901]  ? __pfx_ksys_write+0x10/0x10
[  391.381387][T10901]  ? rcu_is_watching+0x15/0xb0
[  391.381425][T10901]  ? do_syscall_64+0xbe/0x3b0
[  391.381457][T10901]  do_syscall_64+0xfa/0x3b0
[  391.381481][T10901]  ? lockdep_hardirqs_on+0x9c/0x150
[  391.381505][T10901]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.381525][T10901]  ? clear_bhb_loop+0x60/0xb0
[  391.381549][T10901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.381574][T10901] RIP: 0033:0x7f99d8d8eec9
[  391.381593][T10901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.381609][T10901] RSP: 002b:00007f99d9bd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  391.381635][T10901] RAX: ffffffffffffffda RBX: 00007f99d8fe5fa0 RCX: 00007f99d8d8eec9
[  391.381648][T10901] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  391.381660][T10901] RBP: 00007f99d9bd1090 R08: 0000000000000000 R09: 0000000000000000
[  391.381673][T10901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.381684][T10901] R13: 00007f99d8fe6038 R14: 00007f99d8fe5fa0 R15: 00007ffeebec3858
[  391.381715][T10901]  </TASK>
[  391.825995][T10901] netlink: 'syz.1.1477': attribute type 29 has an invalid length.
[  391.837339][T10901] netlink: 'syz.1.1477': attribute type 29 has an invalid length.
[  391.849187][T10901] netlink: 'syz.1.1477': attribute type 29 has an invalid length.
[  392.767956][T10931] netlink: 'syz.4.1487': attribute type 2 has an invalid length.
[  392.845012][T10931] netlink: 'syz.4.1487': attribute type 1 has an invalid length.
[  392.891750][T10931] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.1487'.
[  392.916905][T10931] block nbd5: not configured, cannot reconfigure
[  392.947072][T10928] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1486'.
[  392.989983][T10928] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1486'.
[  393.215271][T10937] delete_channel: no stack
[  393.763919][T10959] FAULT_INJECTION: forcing a failure.
[  393.763919][T10959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  393.882261][T10959] CPU: 1 UID: 0 PID: 10959 Comm: syz.0.1496 Not tainted syzkaller #0 PREEMPT(full) 
[  393.882292][T10959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  393.882305][T10959] Call Trace:
[  393.882318][T10959]  <TASK>
[  393.882331][T10959]  dump_stack_lvl+0x189/0x250
[  393.882372][T10959]  ? __pfx____ratelimit+0x10/0x10
[  393.882409][T10959]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.882445][T10959]  ? __pfx__printk+0x10/0x10
[  393.882524][T10959]  ? __might_fault+0xb0/0x130
[  393.882588][T10959]  should_fail_ex+0x414/0x560
[  393.882651][T10959]  _copy_from_user+0x2d/0xb0
[  393.882685][T10959]  copy_from_sockptr+0x5e/0xa0
[  393.882729][T10959]  packet_setsockopt+0xac1/0x12c0
[  393.882776][T10959]  ? __pfx_packet_setsockopt+0x10/0x10
[  393.882805][T10959]  ? perf_trace_lock+0x2f8/0x3b0
[  393.882899][T10959]  ? aa_sk_perm+0x81e/0x950
[  393.882963][T10959]  ? __pfx_aa_sk_perm+0x10/0x10
[  393.883014][T10959]  ? __fget_files+0x2a/0x420
[  393.883035][T10959]  ? aa_sock_opt_perm+0xff/0x1b0
[  393.883096][T10959]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  393.883124][T10959]  ? __pfx_packet_setsockopt+0x10/0x10
[  393.883164][T10959]  do_sock_setsockopt+0x179/0x1b0
[  393.883230][T10959]  __x64_sys_setsockopt+0x13f/0x1b0
[  393.883299][T10959]  do_syscall_64+0xfa/0x3b0
[  393.883327][T10959]  ? lockdep_hardirqs_on+0x9c/0x150
[  393.883361][T10959]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.883386][T10959]  ? clear_bhb_loop+0x60/0xb0
[  393.883429][T10959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.883451][T10959] RIP: 0033:0x7f036c58eec9
[  393.883478][T10959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.883495][T10959] RSP: 002b:00007f036d3a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  393.883517][T10959] RAX: ffffffffffffffda RBX: 00007f036c7e5fa0 RCX: 00007f036c58eec9
[  393.883532][T10959] RDX: 0000000000000012 RSI: 0000000000000107 RDI: 0000000000000005
[  393.883544][T10959] RBP: 00007f036d3a2090 R08: 0000000000000004 R09: 0000000000000000
[  393.883557][T10959] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  393.883570][T10959] R13: 00007f036c7e6038 R14: 00007f036c7e5fa0 R15: 00007fff9bad87e8
[  393.883678][T10959]  </TASK>
[  394.211820][T10965] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  394.373481][T10961] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1497'.
[  394.462075][T10965] netlink: 10 bytes leftover after parsing attributes in process `syz.3.1499'.
[  394.574425][T10973] netlink: 'syz.0.1501': attribute type 10 has an invalid length.
[  394.666388][T10973] team0: Device ipvlan1 failed to register rx_handler
[  395.568438][T10993] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1509'.
[  395.887222][T11001] netlink: 'syz.1.1512': attribute type 1 has an invalid length.
[  395.895487][T11001] netlink: 'syz.1.1512': attribute type 4 has an invalid length.
[  396.743647][T11013] netlink: 'syz.4.1515': attribute type 39 has an invalid length.
[  397.026924][T11021] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1518'.
[  397.368980][T11034] xt_limit: Overflow, try lower: 324398827/4200216962
[  397.837557][T11046] cgroup: Unknown subsys name 'u'
[  397.865692][T11045] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1526'.
[  397.899932][T11045] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1526'.
[  397.976724][T11045] FAULT_INJECTION: forcing a failure.
[  397.976724][T11045] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.990756][T11045] CPU: 1 UID: 0 PID: 11045 Comm: syz.2.1526 Not tainted syzkaller #0 PREEMPT(full) 
[  397.990785][T11045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  397.990806][T11045] Call Trace:
[  397.990815][T11045]  <TASK>
[  397.990824][T11045]  dump_stack_lvl+0x189/0x250
[  397.990858][T11045]  ? __pfx_dump_stack_lvl+0x10/0x10
[  397.990883][T11045]  ? __pfx__printk+0x10/0x10
[  397.990917][T11045]  ? __might_fault+0xb0/0x130
[  397.990944][T11045]  should_fail_ex+0x414/0x560
[  397.990972][T11045]  _copy_from_user+0x2d/0xb0
[  397.990992][T11045]  ___sys_sendmsg+0x158/0x2a0
[  397.991025][T11045]  ? __pfx____sys_sendmsg+0x10/0x10
[  397.991101][T11045]  ? __fget_files+0x2a/0x420
[  397.991122][T11045]  ? __fget_files+0x3a0/0x420
[  397.991156][T11045]  __x64_sys_sendmsg+0x19b/0x260
[  397.991188][T11045]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  397.991244][T11045]  do_syscall_64+0xfa/0x3b0
[  397.991274][T11045]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.991293][T11045]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  397.991313][T11045]  ? clear_bhb_loop+0x60/0xb0
[  397.991338][T11045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.991358][T11045] RIP: 0033:0x7fec75b8eec9
[  397.991377][T11045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.991394][T11045] RSP: 002b:00007fec76b0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  397.991416][T11045] RAX: ffffffffffffffda RBX: 00007fec75de5fa0 RCX: 00007fec75b8eec9
[  397.991431][T11045] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000008
[  397.991444][T11045] RBP: 00007fec76b0e090 R08: 0000000000000000 R09: 0000000000000000
[  397.991457][T11045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.991468][T11045] R13: 00007fec75de6038 R14: 00007fec75de5fa0 R15: 00007ffd2ccc0998
[  397.991501][T11045]  </TASK>
[  398.757824][T11064] bridge0: entered promiscuous mode
[  398.789507][T11064] bridge0: entered allmulticast mode
[  399.258456][T11078] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  400.020322][T11106] FAULT_INJECTION: forcing a failure.
[  400.020322][T11106] name failslab, interval 1, probability 0, space 0, times 0
[  400.041927][T11106] CPU: 0 UID: 0 PID: 11106 Comm: syz.1.1545 Not tainted syzkaller #0 PREEMPT(full) 
[  400.041955][T11106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  400.041968][T11106] Call Trace:
[  400.041977][T11106]  <TASK>
[  400.041987][T11106]  dump_stack_lvl+0x189/0x250
[  400.042016][T11106]  ? __pfx____ratelimit+0x10/0x10
[  400.042043][T11106]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.042069][T11106]  ? __pfx__printk+0x10/0x10
[  400.042094][T11106]  ? perf_trace_lock+0xec/0x3b0
[  400.042133][T11106]  should_fail_ex+0x414/0x560
[  400.042163][T11106]  should_failslab+0xa8/0x100
[  400.042187][T11106]  kmem_cache_alloc_noprof+0x73/0x3c0
[  400.042220][T11106]  ? skb_clone+0x212/0x3a0
[  400.042245][T11106]  skb_clone+0x212/0x3a0
[  400.042270][T11106]  __netlink_deliver_tap+0x404/0x850
[  400.042315][T11106]  ? netlink_deliver_tap+0x2e/0x1b0
[  400.042344][T11106]  netlink_deliver_tap+0x19c/0x1b0
[  400.042372][T11106]  netlink_unicast+0x7fa/0x9e0
[  400.042409][T11106]  ? __pfx_netlink_unicast+0x10/0x10
[  400.042436][T11106]  ? netlink_sendmsg+0x642/0xb30
[  400.042460][T11106]  ? skb_put+0x11b/0x210
[  400.042493][T11106]  netlink_sendmsg+0x805/0xb30
[  400.042533][T11106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  400.042573][T11106]  ? aa_sock_msg_perm+0xf1/0x1d0
[  400.042601][T11106]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  400.042628][T11106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  400.042657][T11106]  __sock_sendmsg+0x219/0x270
[  400.042685][T11106]  ____sys_sendmsg+0x505/0x830
[  400.042724][T11106]  ? __pfx_____sys_sendmsg+0x10/0x10
[  400.042768][T11106]  ? import_iovec+0x74/0xa0
[  400.042805][T11106]  ___sys_sendmsg+0x21f/0x2a0
[  400.042839][T11106]  ? __pfx____sys_sendmsg+0x10/0x10
[  400.042899][T11106]  ? __fget_files+0x2a/0x420
[  400.042940][T11106]  ? __fget_files+0x2a/0x420
[  400.042961][T11106]  ? __fget_files+0x3a0/0x420
[  400.042998][T11106]  __x64_sys_sendmsg+0x19b/0x260
[  400.043032][T11106]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  400.043076][T11106]  ? __pfx_ksys_write+0x10/0x10
[  400.043092][T11106]  ? rcu_is_watching+0x15/0xb0
[  400.043121][T11106]  ? do_syscall_64+0xbe/0x3b0
[  400.043154][T11106]  do_syscall_64+0xfa/0x3b0
[  400.043179][T11106]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.043204][T11106]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.043225][T11106]  ? clear_bhb_loop+0x60/0xb0
[  400.043252][T11106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.043271][T11106] RIP: 0033:0x7f99d8d8eec9
[  400.043291][T11106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.043309][T11106] RSP: 002b:00007f99d9bd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  400.043331][T11106] RAX: ffffffffffffffda RBX: 00007f99d8fe5fa0 RCX: 00007f99d8d8eec9
[  400.043346][T11106] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  400.043359][T11106] RBP: 00007f99d9bd1090 R08: 0000000000000000 R09: 0000000000000000
[  400.043372][T11106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.043384][T11106] R13: 00007f99d8fe6038 R14: 00007f99d8fe5fa0 R15: 00007ffeebec3858
[  400.043421][T11106]  </TASK>
[  400.624069][T11119] debugfs: '!' already exists in 'ieee80211'
[  401.389553][T11136] FAULT_INJECTION: forcing a failure.
[  401.389553][T11136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.464114][T11136] CPU: 1 UID: 0 PID: 11136 Comm: syz.3.1552 Not tainted syzkaller #0 PREEMPT(full) 
[  401.464143][T11136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  401.464156][T11136] Call Trace:
[  401.464165][T11136]  <TASK>
[  401.464174][T11136]  dump_stack_lvl+0x189/0x250
[  401.464205][T11136]  ? __pfx____ratelimit+0x10/0x10
[  401.464233][T11136]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.464258][T11136]  ? __pfx__printk+0x10/0x10
[  401.464306][T11136]  should_fail_ex+0x414/0x560
[  401.464337][T11136]  _copy_to_user+0x31/0xb0
[  401.464360][T11136]  finalize_log+0xe1/0x160
[  401.464390][T11136]  ? __pfx_finalize_log+0x10/0x10
[  401.464416][T11136]  ? btf_check_type_tags+0x679/0x680
[  401.464453][T11136]  btf_new_fd+0x6fa/0xc90
[  401.464486][T11136]  ? apparmor_capable+0x137/0x1b0
[  401.464528][T11136]  ? __pfx_btf_new_fd+0x10/0x10
[  401.464558][T11136]  ? bpf_token_put+0x143/0x160
[  401.464590][T11136]  ? bpf_btf_load+0x126/0x190
[  401.464624][T11136]  __sys_bpf+0x3ed/0x860
[  401.464654][T11136]  ? __pfx___sys_bpf+0x10/0x10
[  401.464703][T11136]  ? do_syscall_64+0xb7/0x3b0
[  401.464733][T11136]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  401.464765][T11136]  ? __pfx_ksys_write+0x10/0x10
[  401.464796][T11136]  __x64_sys_bpf+0x7c/0x90
[  401.464822][T11136]  do_syscall_64+0xfa/0x3b0
[  401.464847][T11136]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.464872][T11136]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.464892][T11136]  ? clear_bhb_loop+0x60/0xb0
[  401.464918][T11136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.464938][T11136] RIP: 0033:0x7f2c7098eec9
[  401.464956][T11136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.464973][T11136] RSP: 002b:00007f2c7174f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  401.464995][T11136] RAX: ffffffffffffffda RBX: 00007f2c70be5fa0 RCX: 00007f2c7098eec9
[  401.465010][T11136] RDX: 0000000000000028 RSI: 0000200000000040 RDI: 0000000000000012
[  401.465022][T11136] RBP: 00007f2c7174f090 R08: 0000000000000000 R09: 0000000000000000
[  401.465035][T11136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  401.465047][T11136] R13: 00007f2c70be6038 R14: 00007f2c70be5fa0 R15: 00007ffe1de84d48
[  401.465085][T11136]  </TASK>
[  402.116332][T11147] netlink: 'syz.4.1556': attribute type 21 has an invalid length.
[  402.532195][T11159] delete_channel: no stack
[  403.192741][T11173] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1566'.
[  403.300258][T11173] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1566'.
[  403.984834][T11200] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1572'.
[  404.999534][T11225] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  405.008812][T11225] batman_adv: batadv0: Removing interface: batadv_slave_0
[  405.227344][T11225] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  405.251402][T11225] batman_adv: batadv0: Removing interface: batadv_slave_1
[  405.404647][T11231] netlink: 'syz.2.1587': attribute type 11 has an invalid length.
[  405.428860][T11231] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1587'.
[  405.440523][T11231] netlink: 'syz.2.1587': attribute type 11 has an invalid length.
[  405.448812][T11231] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1587'.
[  405.468547][T11231] netlink: 'syz.2.1587': attribute type 2 has an invalid length.
[  405.477699][T11231] netlink: 137592 bytes leftover after parsing attributes in process `syz.2.1587'.
[  405.510481][T11230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  406.051423][T11249] netlink: 29 bytes leftover after parsing attributes in process `syz.0.1594'.
[  406.072306][T11247] À: port 1(vlan0) entered blocking state
[  406.078588][T11247] À: port 1(vlan0) entered disabled state
[  406.154436][T11247] vlan0: entered allmulticast mode
[  406.211946][T11247] veth0_vlan: entered allmulticast mode
[  406.241138][T11247] vlan0: entered promiscuous mode
[  407.217492][T11265] FAULT_INJECTION: forcing a failure.
[  407.217492][T11265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.344338][T11265] CPU: 0 UID: 0 PID: 11265 Comm: syz.4.1598 Not tainted syzkaller #0 PREEMPT(full) 
[  407.344369][T11265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  407.344382][T11265] Call Trace:
[  407.344393][T11265]  <TASK>
[  407.344405][T11265]  dump_stack_lvl+0x189/0x250
[  407.344445][T11265]  ? __pfx____ratelimit+0x10/0x10
[  407.344482][T11265]  ? __pfx_dump_stack_lvl+0x10/0x10
[  407.344515][T11265]  ? __pfx__printk+0x10/0x10
[  407.344558][T11265]  ? __might_fault+0xb0/0x130
[  407.344644][T11265]  should_fail_ex+0x414/0x560
[  407.344703][T11265]  _copy_from_user+0x2d/0xb0
[  407.344735][T11265]  ___sys_sendmsg+0x158/0x2a0
[  407.344791][T11265]  ? __pfx____sys_sendmsg+0x10/0x10
[  407.345026][T11265]  ? __fget_files+0x2a/0x420
[  407.345053][T11265]  ? __fget_files+0x3a0/0x420
[  407.345142][T11265]  __x64_sys_sendmsg+0x19b/0x260
[  407.345206][T11265]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  407.345299][T11265]  ? __pfx_ksys_write+0x10/0x10
[  407.345316][T11265]  ? rcu_is_watching+0x15/0xb0
[  407.345375][T11265]  ? do_syscall_64+0xbe/0x3b0
[  407.345430][T11265]  do_syscall_64+0xfa/0x3b0
[  407.345458][T11265]  ? lockdep_hardirqs_on+0x9c/0x150
[  407.345491][T11265]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.345515][T11265]  ? clear_bhb_loop+0x60/0xb0
[  407.345562][T11265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.345584][T11265] RIP: 0033:0x7fc93898eec9
[  407.345610][T11265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.345629][T11265] RSP: 002b:00007fc939822038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.345650][T11265] RAX: ffffffffffffffda RBX: 00007fc938be5fa0 RCX: 00007fc93898eec9
[  407.345666][T11265] RDX: 000000002000c884 RSI: 0000200000000200 RDI: 0000000000000005
[  407.345679][T11265] RBP: 00007fc939822090 R08: 0000000000000000 R09: 0000000000000000
[  407.345692][T11265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.345705][T11265] R13: 00007fc938be6038 R14: 00007fc938be5fa0 R15: 00007fff9db11bc8
[  407.345811][T11265]  </TASK>
[  407.590691][T11265] netlink: 'syz.4.1598': attribute type 39 has an invalid length.
[  407.612354][T11268] netlink: 'syz.1.1599': attribute type 39 has an invalid length.
[  407.756034][T11274] netlink: 'syz.2.1601': attribute type 39 has an invalid length.
[  408.155868][T11275] syzkaller0: entered promiscuous mode
[  408.161606][T11275] syzkaller0: entered allmulticast mode
[  408.260815][T11268] veth0_macvtap: left promiscuous mode
[  411.161231][T11306] netlink: 'syz.1.1610': attribute type 10 has an invalid length.
[  411.171566][T11306] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1610'.
[  411.180966][T11306] batadv_slave_1: entered promiscuous mode
[  411.187879][T11306] bridge0: port 3(batadv_slave_1) entered blocking state
[  411.196435][T11306] bridge0: port 3(batadv_slave_1) entered disabled state
[  411.211002][T11306] batadv_slave_1: entered allmulticast mode
[  411.223590][T11306] bridge0: port 3(batadv_slave_1) entered blocking state
[  411.231087][T11306] bridge0: port 3(batadv_slave_1) entered forwarding state
[  411.529205][T11314] netlink: 'syz.4.1612': attribute type 3 has an invalid length.
[  411.558056][T11314] netlink: 201372 bytes leftover after parsing attributes in process `syz.4.1612'.
[  412.083663][T11323] netlink: 'syz.2.1614': attribute type 1 has an invalid length.
[  412.120563][T11323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1614'.
[  412.196244][T11309] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1611'.
[  412.732049][T11308] delete_channel: no stack
[  412.759080][T11327] netlink: 'syz.4.1615': attribute type 21 has an invalid length.
[  412.775867][T11327] IPv6: NLM_F_CREATE should be specified when creating new route
[  412.795119][T11327] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  412.802655][T11327] IPv6: NLM_F_CREATE should be set when creating new route
[  412.810362][T11327] IPv6: NLM_F_CREATE should be set when creating new route
[  413.817984][T11341] netlink: 'syz.0.1618': attribute type 10 has an invalid length.
[  413.913866][T11341] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1618'.
[  416.861599][ T5861] bond0: (slave syz_tun): Releasing backup interface
[  416.883035][ T5861] syz_tun (unregistering): left allmulticast mode
[  417.350012][T11367] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1627'.
[  417.363069][T11367] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1627'.
[  417.534122][ T6266] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.698931][ T6266] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.761973][T11384] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1631'.
[  417.950796][ T6266] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.114774][ T6266] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.524679][ T6266] bridge_slave_1: left allmulticast mode
[  418.530406][ T6266] bridge_slave_1: left promiscuous mode
[  418.554740][ T5880] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  418.567266][ T5880] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  418.575716][ T5880] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  418.584814][ T5880] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  418.593544][ T5880] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  418.602248][ T6266] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.692959][ T6266] bridge_slave_0: left promiscuous mode
[  418.698848][ T6266] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.774867][ T6266] vlan0: left allmulticast mode
[  418.779819][ T6266] veth0_vlan: left allmulticast mode
[  418.803364][ T6266] vlan0: left promiscuous mode
[  418.808684][ T6266] À: port 1(vlan0) entered disabled state
[  419.912893][ T6266] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  419.927992][ T6266] bond_slave_0: left promiscuous mode
[  419.933961][ T6266] bond_slave_0: left allmulticast mode
[  419.949663][ T6266] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  419.965524][ T6266] bond_slave_1: left promiscuous mode
[  419.971199][ T6266] bond_slave_1: left allmulticast mode
[  419.979650][ T6266] bond0 (unregistering): Released all slaves
[  420.713482][ T5875] Bluetooth: hci0: command tx timeout
[  420.824490][T11415] syzkaller0: entered promiscuous mode
[  420.851768][T11415] syzkaller0: entered allmulticast mode
[  420.911560][T11386] wg0 speed is unknown, defaulting to 1000
[  420.932736][T11427] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1643'.
[  420.959099][T11426] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1644'.
[  420.962442][T11424] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1643'.
[  422.733840][ T5875] Bluetooth: hci0: command tx timeout
[  423.077342][T11424] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1643'.
[  423.993693][T11386] chnl_net:caif_netlink_parms(): no params data found
[  424.277430][T11476] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1659'.
[  424.652847][T11386] bridge0: port 1(bridge_slave_0) entered blocking state
[  424.675676][T11386] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.804884][ T5875] Bluetooth: hci0: command tx timeout
[  424.849013][T11386] bridge_slave_0: entered allmulticast mode
[  424.852767][T11498] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1667'.
[  424.859306][T11386] bridge_slave_0: entered promiscuous mode
[  424.880748][T11386] bridge0: port 2(bridge_slave_1) entered blocking state
[  424.889290][T11386] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.909498][T11386] bridge_slave_1: entered allmulticast mode
[  424.928218][T11386] bridge_slave_1: entered promiscuous mode
[  425.036156][T11500] openvswitch: netlink: Duplicate or invalid key (type 0).
[  425.064390][T11500] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  425.162295][T11503] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1667'.
[  425.280391][T11504] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  425.375195][T11386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  425.472647][T11386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  425.504120][T11491] delete_channel: no stack
[  426.005403][T11386] team0: Port device team_slave_0 added
[  426.133053][T11386] team0: Port device team_slave_1 added
[  426.328601][T11386] batman_adv: batadv0: Adding interface: batadv_slave_0
[  426.333902][T11521] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1673'.
[  426.348314][T11386] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  426.406162][T11386] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  426.448094][T11386] batman_adv: batadv0: Adding interface: batadv_slave_1
[  426.467770][T11386] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  426.514466][T11386] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  426.886026][ T5875] Bluetooth: hci0: command tx timeout
[  426.921969][ T6266] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  426.929424][ T6266] batman_adv: batadv0: Removing interface: batadv_slave_0
[  426.938980][ T6266] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  426.947637][ T6266] batman_adv: batadv0: Removing interface: batadv_slave_1
[  426.985078][ T6266] veth1_macvtap: left promiscuous mode
[  426.990974][ T6266] veth0_vlan: left promiscuous mode
[  427.771442][ T6266] team0 (unregistering): Port device team_slave_1 removed
[  427.818456][ T6266] team0 (unregistering): Port device team_slave_0 removed
[  428.420233][T11539] macsec0: entered promiscuous mode
[  428.438584][T11539] macsec0: entered allmulticast mode
[  428.471669][T11540] veth1_macvtap: entered allmulticast mode
[  428.819639][T11386] hsr_slave_0: entered promiscuous mode
[  428.905283][T11386] hsr_slave_1: entered promiscuous mode
[  428.923613][T11386] debugfs: 'hsr0' already exists in 'hsr'
[  428.947826][T11386] Cannot create hsr debugfs directory
[  429.716458][T11554] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1686'.
[  429.762403][T11554] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1686'.
[  431.195644][T11575] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1692'.
[  431.474657][T11577] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1693'.
[  431.653938][T11386] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  431.766122][T11386] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  431.796805][T11386] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  431.850395][T11386] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  431.952576][T11596] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1699'.
[  432.109649][T11597] wg0 speed is unknown, defaulting to 1000
[  432.250710][T11386] 8021q: adding VLAN 0 to HW filter on device bond0
[  432.388207][T11599] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1700'.
[  432.618494][T11386] 8021q: adding VLAN 0 to HW filter on device team0
[  433.012532][T11604] netlink: 184 bytes leftover after parsing attributes in process `syz.4.1702'.
[  433.499767][ T6266] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.507291][ T6266] bridge0: port 1(bridge_slave_0) entered forwarding state
[  433.613392][T11616] netlink: 'syz.0.1703': attribute type 21 has an invalid length.
[  433.689379][ T6266] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.696968][ T6266] bridge0: port 2(bridge_slave_1) entered forwarding state
[  433.776692][T11616] netlink: 'syz.0.1703': attribute type 6 has an invalid length.
[  433.810235][T11599] netlink: 'syz.1.1700': attribute type 2 has an invalid length.
[  433.862078][T11616] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1703'.
[  434.466911][T11630] wg0 speed is unknown, defaulting to 1000
[  434.831180][T11386] 8021q: adding VLAN 0 to HW filter on device batadv0
[  436.875610][T11386] veth0_vlan: entered promiscuous mode
[  436.929191][T11386] veth1_vlan: entered promiscuous mode
[  437.010261][T11386] veth0_macvtap: entered promiscuous mode
[  437.036994][T11386] veth1_macvtap: entered promiscuous mode
[  437.079641][T11662] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1717'.
[  437.130318][T11386] batman_adv: batadv0: Interface activated: batadv_slave_0
[  437.188455][T11386] batman_adv: batadv0: Interface activated: batadv_slave_1
[  437.221768][T11665] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1718'.
[  437.246722][T11665] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1718'.
[  437.269983][T11665] netlink: 'syz.3.1718': attribute type 5 has an invalid length.
[  437.338155][ T1113] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  437.361527][ T1113] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  437.393443][ T1113] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  437.412428][ T1113] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  437.744312][ T1113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  437.768302][ T1113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  437.907811][ T6266] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  437.942638][ T6266] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  438.046065][T11680] netlink: 'syz.1.1723': attribute type 39 has an invalid length.
[  438.913628][T11705] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1731'.
[  440.017911][T11715] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1735'.
[  440.319346][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  440.325891][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  442.249071][T11760] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  443.255520][T11771] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1751'.
[  443.422172][T11777] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1755'.
[  445.245005][T11788] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1761'.
[  445.554542][T11800] netlink: 'syz.0.1764': attribute type 10 has an invalid length.
[  445.562857][T11800] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1764'.
[  445.573288][T11800] batadv_slave_1: entered promiscuous mode
[  445.579511][T11800] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  445.587781][T11800] batman_adv: batadv0: Removing interface: batadv_slave_1
[  445.599237][T11800] bridge0: port 3(batadv_slave_1) entered blocking state
[  445.652301][T11800] bridge0: port 3(batadv_slave_1) entered disabled state
[  445.719968][T11800] batadv_slave_1: entered allmulticast mode
[  445.740412][T11800] bridge0: port 3(batadv_slave_1) entered blocking state
[  445.748191][T11800] bridge0: port 3(batadv_slave_1) entered forwarding state
[  446.938375][T11817] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1767'.
[  447.145470][T11824] netlink: 'syz.2.1770': attribute type 3 has an invalid length.
[  447.202533][T11824] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1770'.
[  447.439791][T11831] netlink: 'syz.2.1770': attribute type 1 has an invalid length.
[  447.526931][T11831] netlink: 'syz.2.1770': attribute type 2 has an invalid length.
[  447.790214][T11827] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1772'.
[  448.008384][T11827] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1772'.
[  448.607484][T11842] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1775'.
[  448.621405][T11843] netlink: 'syz.1.1774': attribute type 21 has an invalid length.
[  448.668136][T11843] netlink: 'syz.1.1774': attribute type 6 has an invalid length.
[  448.724815][T11843] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1774'.
[  449.011906][T11835] delete_channel: no stack
[  449.585565][T11867] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1784'.
[  449.878916][T11873] openvswitch: netlink: Duplicate or invalid key (type 0).
[  449.950851][T11873] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  449.973206][T11866] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1785'.
[  450.096787][T11866] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1785'.
[  450.162447][T11876] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1787'.
[  450.284015][T11878] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1788'.
[  450.302087][T11878] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1788'.
[  450.311209][T11878] netlink: 'syz.4.1788': attribute type 5 has an invalid length.
[  450.474162][T11868] delete_channel: no stack
[  450.523088][T11874] delete_channel: no stack
[  451.143106][T11903] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1796'.
[  451.312963][T11909] netlink: 'syz.1.1799': attribute type 21 has an invalid length.
[  451.321350][T11909] netlink: 'syz.1.1799': attribute type 6 has an invalid length.
[  451.345113][T11909] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1799'.
[  451.538676][T11913] netlink: 'syz.4.1800': attribute type 8 has an invalid length.
[  452.019222][T11924] delete_channel: no stack
[  452.124004][T11931] openvswitch: netlink: Duplicate or invalid key (type 0).
[  452.132748][T11931] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  452.300767][T11933] netlink: 'syz.3.1805': attribute type 5 has an invalid length.
[  452.753764][T11927] delete_channel: no stack
[  453.909227][T11955] __nla_validate_parse: 4 callbacks suppressed
[  453.909250][T11955] netlink: 124 bytes leftover after parsing attributes in process `syz.4.1814'.
[  453.929651][T11955] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1814'.
[  454.036108][T11961] netlink: 'syz.2.1815': attribute type 21 has an invalid length.
[  454.058251][T11961] netlink: 'syz.2.1815': attribute type 6 has an invalid length.
[  454.082131][T11961] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1815'.
[  454.193592][T11959] delete_channel: no stack
[  454.332754][T11975] netlink: 'syz.4.1818': attribute type 21 has an invalid length.
[  454.341385][T11975] netlink: 'syz.4.1818': attribute type 6 has an invalid length.
[  454.355441][T11975] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1818'.
[  454.943562][T11987] netlink: 'syz.2.1824': attribute type 10 has an invalid length.
[  454.951766][T11987] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1824'.
[  454.961098][T11987] batadv_slave_1: entered promiscuous mode
[  454.969568][T11987] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  454.977511][T11987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  454.986262][T11987] bridge0: port 3(batadv_slave_1) entered blocking state
[  454.993907][T11987] bridge0: port 3(batadv_slave_1) entered disabled state
[  455.002570][T11987] batadv_slave_1: entered allmulticast mode
[  455.023161][T11987] bridge0: port 3(batadv_slave_1) entered blocking state
[  455.030686][T11987] bridge0: port 3(batadv_slave_1) entered forwarding state
[  455.467280][T11997] netlink: 124 bytes leftover after parsing attributes in process `syz.4.1828'.
[  455.515994][T11997] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1828'.
[  455.734188][T12006] delete_channel: no stack
[  455.882844][T12018] netlink: 'syz.0.1835': attribute type 21 has an invalid length.
[  455.911803][T12018] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1835'.
[  456.381856][T12031] netlink: del zone limit has 4 unknown bytes
[  457.155000][T12055] openvswitch: netlink: Duplicate or invalid key (type 0).
[  457.176885][T12055] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  457.252990][T12052] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1847'.
[  457.262716][T12052] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1847'.
[  457.524963][T12058] delete_channel: no stack
[  457.849259][T12050] delete_channel: no stack
[  459.782756][T12100] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1862'.
[  459.795847][T12100] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1862'.
[  460.066931][T12096] delete_channel: no stack
[  460.205706][T12109] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  460.413224][T12118] openvswitch: netlink: Duplicate or invalid key (type 0).
[  460.453889][T12118] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  461.080248][T12111] delete_channel: no stack
[  463.142660][T12160] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1881'.
[  463.196590][T12162] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1883'.
[  463.240925][T12163] openvswitch: netlink: Duplicate or invalid key (type 0).
[  463.255601][T12163] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  463.326514][T12162] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1883'.
[  463.576564][T12171] validate_nla: 1 callbacks suppressed
[  463.576604][T12171] netlink: 'syz.0.1885': attribute type 39 has an invalid length.
[  463.928872][T12154] delete_channel: no stack
[  464.728715][T12206] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1897'.
[  464.859427][T12206] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1897'.
[  465.899109][T12230] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1908'.
[  466.337396][T12243] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1913'.
[  466.346771][T12243] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1913'.
[  466.361309][T12243] netlink: 'syz.0.1913': attribute type 5 has an invalid length.
[  466.764647][T12247] netlink: 184 bytes leftover after parsing attributes in process `syz.0.1914'.
[  467.594503][T12264] netlink: 'syz.3.1920': attribute type 39 has an invalid length.
[  468.543554][T12274] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1925'.
[  468.561775][T12274] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1925'.
[  468.585356][T12274] netlink: 'syz.0.1925': attribute type 5 has an invalid length.
[  468.647676][T12276] netlink: 'syz.3.1922': attribute type 21 has an invalid length.
[  468.669044][T12276] netlink: 'syz.3.1922': attribute type 6 has an invalid length.
[  468.694770][T12276] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1922'.
[  468.721512][T12278] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1926'.
[  470.228036][T12297] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1933'.
[  470.592294][T12312] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1938'.
[  471.502378][T12323] netlink: 'syz.3.1943': attribute type 21 has an invalid length.
[  472.929748][T12301] syzkaller0: entered promiscuous mode
[  472.935973][T12301] syzkaller0: entered allmulticast mode
[  472.947843][T12317] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1940'.
[  472.957848][T12317] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1940'.
[  472.969329][T12317] netlink: 'syz.1.1940': attribute type 5 has an invalid length.
[  472.978500][T12323] netlink: 'syz.3.1943': attribute type 6 has an invalid length.
[  473.006880][T12323] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1943'.
[  473.994728][T12355] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1951'.
[  474.302715][T12362] openvswitch: netlink: Duplicate or invalid key (type 0).
[  474.317160][T12362] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  474.991109][T12360] delete_channel: no stack
[  475.477576][T12369] netlink: 'syz.1.1955': attribute type 39 has an invalid length.
[  475.907375][T12387] netlink: 'syz.0.1960': attribute type 21 has an invalid length.
[  475.928962][T12387] netlink: 'syz.0.1960': attribute type 6 has an invalid length.
[  475.986859][T12387] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1960'.
[  476.942847][T12413] netlink: 'syz.4.1969': attribute type 39 has an invalid length.
[  477.916653][T12429] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1972'.
[  477.926071][T12429] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1972'.
[  477.964847][T12429] netlink: 'syz.4.1972': attribute type 5 has an invalid length.
[  478.074957][T12427] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1974'.
[  478.085301][T12427] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1974'.
[  478.254878][T12432] delete_channel: no stack
[  478.397313][T12448] netlink: 'syz.0.1979': attribute type 21 has an invalid length.
[  478.421098][T12448] netlink: 'syz.0.1979': attribute type 6 has an invalid length.
[  478.448808][T12448] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1979'.
[  480.026684][T12482] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
[  480.038653][T12482] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  480.047267][T12482] CPU: 1 UID: 0 PID: 12482 Comm: syz.3.1993 Not tainted syzkaller #0 PREEMPT(full) 
[  480.056661][T12482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  480.066767][T12482] RIP: 0010:__xfrm_state_insert+0x1011/0x1450
[  480.072882][T12482] Code: 18 00 74 08 4c 89 ef e8 1d 7f 01 f8 4d 89 65 00 41 80 3c 1e 00 74 08 48 89 ef e8 1a 7e 01 f8 4c 8b 75 00 4c 89 f0 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 f7 e8 f1 7e 01 f8 4d 89 2e 41 80 3c 1f 00
[  480.092524][T12482] RSP: 0018:ffffc90003dcf0e8 EFLAGS: 00010246
[  480.098706][T12482] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000080000
[  480.106692][T12482] RDX: ffffc9000be13000 RSI: 000000000000048b RDI: 000000000000048c
[  480.114784][T12482] RBP: ffff88807b32d9b0 R08: ffff888025b05a00 R09: 0000000000000002
[  480.122864][T12482] R10: 000000000000000a R11: 0000000000000002 R12: ffff88804ad4d568
[  480.130850][T12482] R13: ffff88807b32d9a8 R14: 0000000000000000 R15: 1ffff110095a9aae
[  480.138854][T12482] FS:  00007f2c7174f6c0(0000) GS:ffff888125d11000(0000) knlGS:0000000000000000
[  480.147809][T12482] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  480.154494][T12482] CR2: 00002000000016c0 CR3: 0000000079336000 CR4: 00000000003526f0
[  480.162482][T12482] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000200000000300
[  480.170476][T12482] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  480.178460][T12482] Call Trace:
[  480.181758][T12482]  <TASK>
[  480.184714][T12482]  ? xfrm_state_insert+0x44/0x60
[  480.189685][T12482]  xfrm_state_insert+0x54/0x60
[  480.194470][T12482]  ipcomp4_init_state+0x673/0xb20
[  480.199521][T12482]  __xfrm_init_state+0xa76/0x13f0
[  480.204562][T12482]  ? __xfrm_init_state+0x7ef/0x13f0
[  480.209777][T12482]  xfrm_add_sa+0x2f5b/0x4070
[  480.214397][T12482]  ? __pfx_xfrm_add_sa+0x10/0x10
[  480.219347][T12482]  ? apparmor_capable+0x137/0x1b0
[  480.224403][T12482]  ? __nla_parse+0x40/0x60
[  480.228887][T12482]  xfrm_user_rcv_msg+0x7a3/0xab0
[  480.233850][T12482]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  480.239347][T12482]  ? __pfx___mutex_trylock_common+0x10/0x10
[  480.245262][T12482]  ? rcu_is_watching+0x15/0xb0
[  480.250040][T12482]  ? trace_contention_end+0x39/0x120
[  480.255342][T12482]  ? __mutex_lock+0x335/0x1350
[  480.260135][T12482]  netlink_rcv_skb+0x208/0x470
[  480.264929][T12482]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  480.270401][T12482]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  480.275976][T12482]  ? netlink_deliver_tap+0x2e/0x1b0
[  480.281196][T12482]  ? netlink_deliver_tap+0x2e/0x1b0
[  480.286446][T12482]  xfrm_netlink_rcv+0x79/0x90
[  480.291147][T12482]  netlink_unicast+0x82c/0x9e0
[  480.295937][T12482]  ? __pfx_netlink_unicast+0x10/0x10
[  480.301257][T12482]  ? netlink_sendmsg+0x642/0xb30
[  480.306230][T12482]  ? skb_put+0x11b/0x210
[  480.310497][T12482]  netlink_sendmsg+0x805/0xb30
[  480.315288][T12482]  ? __pfx_netlink_sendmsg+0x10/0x10
[  480.320610][T12482]  ? aa_sock_msg_perm+0xf1/0x1d0
[  480.325573][T12482]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  480.330880][T12482]  ? __pfx_netlink_sendmsg+0x10/0x10
[  480.336188][T12482]  __sock_sendmsg+0x219/0x270
[  480.340887][T12482]  ____sys_sendmsg+0x505/0x830
[  480.345679][T12482]  ? __pfx_____sys_sendmsg+0x10/0x10
[  480.350995][T12482]  ? import_iovec+0x74/0xa0
[  480.355613][T12482]  ___sys_sendmsg+0x21f/0x2a0
[  480.360311][T12482]  ? __pfx____sys_sendmsg+0x10/0x10
[  480.365553][T12482]  ? __fget_files+0x2a/0x420
[  480.370191][T12482]  ? __fget_files+0x2a/0x420
[  480.374805][T12482]  ? __fget_files+0x3a0/0x420
[  480.379602][T12482]  __x64_sys_sendmsg+0x19b/0x260
[  480.384573][T12482]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  480.390067][T12482]  ? rcu_is_watching+0x15/0xb0
[  480.394848][T12482]  ? do_syscall_64+0xbe/0x3b0
[  480.399547][T12482]  do_syscall_64+0xfa/0x3b0
[  480.404072][T12482]  ? lockdep_hardirqs_on+0x9c/0x150
[  480.409289][T12482]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.415370][T12482]  ? clear_bhb_loop+0x60/0xb0
[  480.420065][T12482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.425973][T12482] RIP: 0033:0x7f2c7098eec9
[  480.430405][T12482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.450033][T12482] RSP: 002b:00007f2c7174f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  480.458633][T12482] RAX: ffffffffffffffda RBX: 00007f2c70be5fa0 RCX: 00007f2c7098eec9
[  480.466627][T12482] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  480.474611][T12482] RBP: 00007f2c70a11f91 R08: 0000000000000000 R09: 0000000000000000
[  480.482600][T12482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  480.490582][T12482] R13: 00007f2c70be6038 R14: 00007f2c70be5fa0 R15: 00007ffe1de84d48
[  480.498580][T12482]  </TASK>
[  480.501626][T12482] Modules linked in:
[  480.505781][T12482] ---[ end trace 0000000000000000 ]---
[  480.511461][T12482] RIP: 0010:__xfrm_state_insert+0x1011/0x1450
[  480.517633][T12482] Code: 18 00 74 08 4c 89 ef e8 1d 7f 01 f8 4d 89 65 00 41 80 3c 1e 00 74 08 48 89 ef e8 1a 7e 01 f8 4c 8b 75 00 4c 89 f0 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 f7 e8 f1 7e 01 f8 4d 89 2e 41 80 3c 1f 00
[  480.537680][T12482] RSP: 0018:ffffc90003dcf0e8 EFLAGS: 00010246
[  480.544285][T12482] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000080000
[  480.552421][T12482] RDX: ffffc9000be13000 RSI: 000000000000048b RDI: 000000000000048c
[  480.558042][T12483] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1992'.
[  480.560862][T12482] RBP: ffff88807b32d9b0 R08: ffff888025b05a00 R09: 0000000000000002
[  480.560883][T12482] R10: 000000000000000a R11: 0000000000000002 R12: ffff88804ad4d568
[  480.560898][T12482] R13: ffff88807b32d9a8 R14: 0000000000000000 R15: 1ffff110095a9aae
[  480.560915][T12482] FS:  00007f2c7174f6c0(0000) GS:ffff888125d11000(0000) knlGS:0000000000000000
[  480.580111][T12473] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1989'.
[  480.586073][T12482] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  480.586095][T12482] CR2: 00002000000016c0 CR3: 0000000079336000 CR4: 00000000003526f0
[  480.586115][T12482] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000200000000300
[  480.594901][T12483] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1992'.
[  480.603117][T12482] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  480.614565][T12483] netlink: 'syz.4.1992': attribute type 5 has an invalid length.
[  480.618785][T12482] Kernel panic - not syncing: Fatal exception in interrupt
[  480.627282][T12482] Kernel Offset: disabled