last executing test programs:

6.001371681s ago: executing program 0 (id=1753):
gettid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0xffffffffffffff94, 0xfffffffffffffff8}, 0x126a0, 0x1000, 0x0, 0x0, 0x800736, 0x2, 0x7ff, 0x0, 0x0, 0x0, 0x100000002}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)}, 0x0)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$kcm(0x10, 0x3, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x10006, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000680)}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f00000003c0)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000001e40)=[{&(0x7f0000000400)=""/248, 0xf8}, {&(0x7f00000001c0)=""/39, 0x27}, {&(0x7f0000000e40)=""/4096, 0x1000}], 0x3}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x334ecc4b, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="05000000010000000400000004"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r5}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r6}, 0xc)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1}, 0x0, &(0x7f0000000280)=r4}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x40, 0x6, 0x9e4, 0x5, 0xd92, 0x20005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xa, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd3c0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)

5.145540367s ago: executing program 3 (id=1759):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101140, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f0000000900)={&(0x7f0000000380)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000440)='Z', 0x1}], 0x1}, 0x10)
sendmsg$inet(r1, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x3, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x87}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
recvmsg(r2, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x10000)
sendmsg$inet(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e24e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
ioctl$TUNGETIFF(r0, 0x800454d2, 0xfffffffffffffffd)

5.032934631s ago: executing program 1 (id=1760):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b20, &(0x7f0000000040)={'wlan1\x00', @random="000010000b00"})
socketpair(0x9, 0x3, 0x7, &(0x7f0000000400))
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x5, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4022, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_config_ext={0x9, 0xffff}, 0x0, 0x0, 0xfffffffc, 0x5, 0xfffffffffffffffd, 0x11, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000180)={0x2, 0xa0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4022, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x5, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80b02, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x2221)

4.788028639s ago: executing program 1 (id=1762):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xa}, 0x0, 0x5, 0x90, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000faffffff00000000faffffff6de62f0008000000182600", @ANYRES32], &(0x7f0000000580)='GPL\x00', 0xd, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x5, 0x9, 0x3, 0x1f}, 0x10, 0x0, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000700)=[{0x0, 0x4, 0xb, 0x1}], 0x10, 0x58586df}, 0x94)
r1 = socket$kcm(0x10, 0x3, 0x10)
r2 = perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x3, 0x0, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x200c8000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0xa49a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0xff)
sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000340)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3b, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, 0x0)
socket$kcm(0xa, 0x2, 0x3a)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1}, 0x20)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./cgroup/cgroup.procs\x00')
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x204, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x12023)
syz_clone(0xae12e400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89fa, &(0x7f0000000900)={'gre0\x00', @random="0000230c1100"})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))

4.407948221s ago: executing program 0 (id=1763):
gettid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffff94, 0xfffffffffffffff8}, 0x126a0, 0x1000, 0x0, 0x0, 0x736, 0x2, 0x7ff, 0x0, 0x0, 0x0, 0x100000002}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)}, 0x0)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$kcm(0x10, 0x3, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x10006, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) (fail_nth: 5)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x334ecc4b, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1}, 0x0, &(0x7f0000000280)=r4}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x40, 0x10000, 0x9e4, 0x5, 0x6, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd3c0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)

3.434712192s ago: executing program 3 (id=1764):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x80000001, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000940)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62d57c08a90b189d190c341035de53a9a13608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be428ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600d8ded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bce38ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2d03aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c710bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c87acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b907d25379897e851e7106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10e53a9f792ecb28ec39cdafa3eff63de2a7f50d042667820f6f86f276afb2b8132301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3bd9b1d742e334319c8979ce67c7a1f8924017e73bcf1ae3ed821a4b9839725000000000000000000000000000000f0ce2bf979256f99e89e05d466843d32b983d19cfa3c2a04e9f48311b786927c6c2d505637cad9ae8ae32fbee21a721e38edf6e80ff33a3a3cef251918374de4d4636348ef77a7bad1e8250117d604f59921f29bda75f135865bdc3e10906562e01af1fef96e49b969eaf4ec6b4c51fa2dcc7c1a117243fd64d641426e6a582fcda4be9f58724d4a66e46c032e6f6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000040)="05806ab382844306d758e60803dc", 0x0, 0x6b2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.319532885s ago: executing program 2 (id=1765):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)
sendmsg$kcm(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000e00)="e6aa32d992d8a2500450a2cccb8d93473349242af364b2b1b2c8e76fa26376fab03e8832a2cb5a5fcfb1ae163e925630e6a841d8810aa931d441659a54b8bc2ccf739424c6ea9ce59d041cd86436280d9c3b366162d37eb30f137d659b26a796843c26519c9fc2328257cd08307a51d0c230a90adc03cbf1250e8dd3b0f7d61231e1ffeed6db8ecb1164f3bbc6072326301909408211cc0514b673c7cfc5146f809c06c2a868c9f0822fa83c036d4aedac918d52a1bdde9482b617378bb73d8eb1123ee708a41561cc0af96b5fb1fabba78aa4b56c9ff4f0bd15e5a64590484b71d5e3ce874e1f8bc4c4a114d66c4ec8a82fc419071af20c14d72e782f5e818547528151de192fc19aeb69af4454b3e22d2614250002bb36817d92d4d688f0eb179726b8ddf413c185f0feca2240b014fe91f8682b52ee81f92e3d0366c01830b26aaa5bc56eeb38c93a6c5d6e8ae03b4042de611aacdc2a4198f91e158219ca52b2870c038afe6360605013fa75f800cd7f25bbee435f0e04d902ff5fd55f92ad58ae3f2f7ca1e22ba34d04363f19fd9673707a5ade769008dc1f2d0b4c39c600a38edf22be6de1f283f7dd7f38abf124c0c5d0a929bfce22c888f9da4e89eec650a8adaa33b21b2f693ae41bcd409592c386993b58c0716010b61543714b170a0aa815d73d2ba6df2571cc53b134335d28630bfedb1e06679d2831d1cb0729c890b640b974a32a60c4240b8082e1b014828c0b743202a2ecc33d0d68e9e578b90cd21abb31865901b440f2daf086014bd81a484e505602298f3740c7e3103eca00dc1b2be2077a641dc3f82fd3baeb76fa9fb7aa27a7fa4507fa88f7c42bc6e6721c703abcfce17ae365c5aba8ca4d1377dd7a70b53cb12b47cff277716fa93f56b1c88649a32ebfb3f04091b505463bef312f49d8ae7623913ea1bcf36be8702b973665f6c4139425b484633359d5023604f1b2a0717cf56fe9930326cf302e4a11616f6c5c4225f0d0b9742b1e4c1f6f5b85b17524d729bd3deadcf2df717692b15c75c924d2d554cb7c1d66977c30144b", 0x2f3}], 0x1}, 0x10)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0x2ee0}], 0x13, 0x0, 0x0, 0x10000000}, 0x12cd)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r2, 0x0)
r3 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x84, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x2980, 0x2, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, r2, 0x0)
close(r3)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, 0x8054)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
openat$cgroup_procs(r4, 0x0, 0x2, 0x0)
r7 = openat$cgroup_int(r4, &(0x7f0000000280)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f00000007c0)=ANY=[], 0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x55, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x5}, 0x50)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x9, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000050000850000001b000000b700000018000000850000005000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002420"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)=@o_path={&(0x7f0000000140)='./file0\x00', 0x0, 0x8}, 0x18)
write$cgroup_subtree(r10, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000071009154090893b3520ba54a07"], 0xfe33)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x9a, 0x1, 0x0, 0x0, 0x0, 0xae, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4be3f9cbb2623032, @perf_config_ext={0x5}, 0x402, 0x0, 0x0, 0x7, 0x5f, 0x40000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000f80)={r9}, 0xc)

3.225186458s ago: executing program 0 (id=1766):
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0e00009bd029ef8020ab070011000523a608463a3f", @ANYRES16=r0], 0xfe33)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x36, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
close(r0)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x8, &(0x7f0000001340)=@framed={{0xbe, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r10}}]}, &(0x7f0000000480)='syzkaller\x00'}, 0x90)

3.030751075s ago: executing program 3 (id=1767):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={r0, 0x20, &(0x7f00000001c0)={&(0x7f0000000040)=""/113, 0x71, 0x0, &(0x7f00000000c0)=""/177, 0xb1}}, 0x10)
r1 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xe, 0x7}, 0x0, 0x6a, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000180)='cpu!=0||!')
syz_clone(0xc0001480, 0x0, 0x0, 0x0, 0x0, 0x0)

2.968700677s ago: executing program 1 (id=1768):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r0)
r1 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a", 0x35}], 0x1, 0x0, 0x0, 0x7400}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b9040a000000e8fe55a1180015000600142603600e120900", 0x26}], 0x1}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="0439000020"], 0x33fe0)
sendmsg$kcm(r1, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
recvmsg$unix(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x20)

2.764090343s ago: executing program 2 (id=1769):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=@base={0x6, 0x4, 0x2, 0x7, 0x0, 0x1, 0xe92}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f0000000040)=[0x0, 0x0], &(0x7f0000000080)=[0x0], 0x0, 0x40, &(0x7f00000000c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0x2b, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2, <r4=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r4}, &(0x7f00000005c0)=0x20000, 0x0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r4}, &(0x7f0000000500)=0x2000000, &(0x7f0000000540)=r3}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000480)={r4, &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, &(0x7f0000000440)=ANY=[@ANYRESHEX=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000005e00b70400000000000085000000c3000000850000000700000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x24, '\x00', r1, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r5, r0}, 0xc)

2.562676989s ago: executing program 2 (id=1770):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b20, &(0x7f0000000040)={'wlan1\x00', @random="000010000b00"})
socketpair(0x9, 0x3, 0x7, &(0x7f0000000400))
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x5, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4022, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_config_ext={0x9, 0xffff}, 0x0, 0x0, 0xfffffffc, 0x5, 0xfffffffffffffffd, 0x11, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000180)={0x2, 0xa0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4022, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x5, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80b02, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x2221)

2.52777484s ago: executing program 3 (id=1771):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x12, 0x4, 0x4, 0x12}, 0x48)
r0 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x4f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000001200000000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4}, 0x94)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000035000b63d25a80648c2594f90124fc60", 0x14}], 0x1}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[], &(0x7f0000000c00)='GPL\x00'}, 0x75)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r5, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={r6, r0, 0x0, 0x1, 0xfffffffffffffffe}, 0x17)

2.469323092s ago: executing program 1 (id=1772):
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xcfa4)
r0 = gettid()
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2a040, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0x10, 0x0, 0x0, 0x0, 0x9}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000840)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640bd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x98, 0x3}, 0x8002, 0x6, 0x43a1bd74, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x15, 0x5, 0x0)
r1 = socket$kcm(0x22, 0x2, 0x26)
ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000000040))
close(r1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}, {&(0x7f0000000040)="781d92cf20d4b00a997dbf303182e5ec283de743bc0db17335fbbc", 0x1b}], 0x2}, 0x40800)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0xa}, {0x90010022, 0x1}]}, 0x94)
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0x12, &(0x7f00000008c0)=r5, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.253817589s ago: executing program 0 (id=1773):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r0}, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1f, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc3600040543a34b195c6a8fc054282cd41b264906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af41000000000000007f5ab0d534b8d63e4ca3be71f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733097f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b017d23c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b9ee4a0a0b9636bef4c23788494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74587100e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f26c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada4764320889000000000000000000000000000000a790af4fc17872b55b10db99e212d18193235659df45627da300959eafc8bfb44f70d250f8f2e86532700254c9a8b14999f59c8b9034c4bb2448eaeff5db21d4a7f3d974790d4c3cba7c402f50585b9289d86400679e5c2bcacb2841ca074d51fdb4a29e84d72b6c996cfbee06aa52cd632e82ba068e8e1572ef2eb414ba5fccfc3c03e64df6a9cc3936c604aa2c0e2ec7b777475023f29b146af003472ce146a5ff997ba53c51026c0096154f9280a34bbf21d66f57a250b5397766122fc86950ce5252e96868cd04df54764cf2082153d6cedd8aaf9700c734aa4a1cb33a2e0a13c5687be4de327511bff9816d13c3219dac1c1535f10243db6f96960ea6a621f5e1b7babbedf0a6bf0cf74123d2e78d01be2b048883a2459eec630fb0293d28d9799fd3a792caff693fd9f002f14c43fb5a1051cc686b7f114d7927eed559bdf2e8ddea3e61d5d942b63fe90230b2e1948fc563ef94d437281671d2fe5032d2a091fa842b0af2e116ba"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2f00020b, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7515, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
close(0xffffffffffffffff)
r2 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x0, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd3c0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x8000)
r6 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r6, 0x84, 0x8, &(0x7f0000000000), 0x8)
sendmsg$inet(r6, &(0x7f0000000380)={&(0x7f00000000c0)={0x2, 0x0, @private=0xa010100}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000280)="3a89fc", 0x3}], 0x1}, 0x24008051)
socket$kcm(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66}, 0x94)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@cred={{0x1c}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x60}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socketpair(0x0, 0xa, 0x42, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f0000000080))
setsockopt$sock_attach_bpf(r2, 0x84, 0xb, &(0x7f0000000000), 0xe)
sendmsg$inet(r2, &(0x7f0000000ac0)={&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000000940)=[{&(0x7f0000000080)="920600", 0x3}], 0x1}, 0x8054)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000002fc0)=""/4085, 0xff5}, {&(0x7f0000000300)=""/175, 0xaf}, {&(0x7f0000000240)=""/129, 0x81}], 0x3}, 0x10000)
recvmsg$kcm(r8, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)

2.253460929s ago: executing program 2 (id=1774):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xa}, 0x0, 0x5, 0x90, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000faffffff00000000faffffff6de62f0008000000182600", @ANYRES32], &(0x7f0000000580)='GPL\x00', 0xd, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x5, 0x9, 0x3, 0x1f}, 0x10, 0x0, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000700)=[{0x0, 0x4, 0xb, 0x1}], 0x10, 0x58586df}, 0x94)
r1 = socket$kcm(0x10, 0x3, 0x10)
r2 = perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x3, 0x0, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x200c8000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0xa49a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0xff)
sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000340)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3b, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, 0x0)
socket$kcm(0xa, 0x2, 0x3a)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1}, 0x20)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000080)='./cgroup/cgroup.procs\x00')
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x204, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x12023)
syz_clone(0xae12e400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000180)=0x8)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080))

2.154704502s ago: executing program 3 (id=1775):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xcfa4)
r0 = gettid()
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2a040, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0x10, 0x0, 0x0, 0x0, 0x9}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000840)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640bd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x98, 0x3}, 0x8002, 0x6, 0x43a1bd74, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x15, 0x5, 0x0)
r1 = socket$kcm(0x22, 0x2, 0x26)
ioctl$TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, 0x0)
close(r1)
bpf$ENABLE_STATS(0x20, &(0x7f0000000080), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x40800)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0xa}, {0x90010022, 0x1}]}, 0x94)
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0x12, &(0x7f00000008c0)=r5, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.229246382s ago: executing program 3 (id=1776):
gettid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffff94, 0xfffffffffffffff8}, 0x126a0, 0x1000, 0x0, 0x0, 0x736, 0x2, 0x7ff, 0x0, 0x0, 0x0, 0x100000002}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)}, 0x0)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$kcm(0x10, 0x3, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x10006, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x101d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x334ecc4b, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1}, 0x0, &(0x7f0000000280)=r4}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x40, 0x10000, 0x9e4, 0x5, 0x6, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd3c0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)

1.158798284s ago: executing program 1 (id=1777):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)
sendmsg$kcm(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000e00)="e6aa32d992d8a2500450a2cccb8d93473349242af364b2b1b2c8e76fa26376fab03e8832a2cb5a5fcfb1ae163e925630e6a841d8810aa931d441659a54b8bc2ccf739424c6ea9ce59d041cd86436280d9c3b366162d37eb30f137d659b26a796843c26519c9fc2328257cd08307a51d0c230a90adc03cbf1250e8dd3b0f7d61231e1ffeed6db8ecb1164f3bbc6072326301909408211cc0514b673c7cfc5146f809c06c2a868c9f0822fa83c036d4aedac918d52a1bdde9482b617378bb73d8eb1123ee708a41561cc0af96b5fb1fabba78aa4b56c9ff4f0bd15e5a64590484b71d5e3ce874e1f8bc4c4a114d66c4ec8a82fc419071af20c14d72e782f5e818547528151de192fc19aeb69af4454b3e22d2614250002bb36817d92d4d688f0eb179726b8ddf413c185f0feca2240b014fe91f8682b52ee81f92e3d0366c01830b26aaa5bc56eeb38c93a6c5d6e8ae03b4042de611aacdc2a4198f91e158219ca52b2870c038afe6360605013fa75f800cd7f25bbee435f0e04d902ff5fd55f92ad58ae3f2f7ca1e22ba34d04363f19fd9673707a5ade769008dc1f2d0b4c39c600a38edf22be6de1f283f7dd7f38abf124c0c5d0a929bfce22c888f9da4e89eec650a8adaa33b21b2f693ae41bcd409592c386993b58c0716010b61543714b170a0aa815d73d2ba6df2571cc53b134335d28630bfedb1e06679d2831d1cb0729c890b640b974a32a60c4240b8082e1b014828c0b743202a2ecc33d0d68e9e578b90cd21abb31865901b440f2daf086014bd81a484e505602298f3740c7e3103eca00dc1b2be2077a641dc3f82fd3baeb76fa9fb7aa27a7fa4507fa88f7c42bc6e6721c703abcfce17ae365c5aba8ca4d1377dd7a70b53cb12b47cff277716fa93f56b1c88649a32ebfb3f04091b505463bef312f49d8ae7623913ea1bcf36be8702b973665f6c4139425b484633359d5023604f1b2a0717cf56fe9930326cf302e4a11616f6c5c4225f0d0b9742b1e4c1f6f5b85b17524d729bd3deadcf2df717692b15c75c924d2d554cb7c1d66977c30144b", 0x2f3}], 0x1}, 0x10)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0x2ee0}], 0x13, 0x0, 0x0, 0x10000000}, 0x12cd)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r2, 0x0)
r3 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x84, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x2980, 0x2, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, r2, 0x0)
close(r3)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, 0x8054)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
openat$cgroup_procs(r4, 0x0, 0x2, 0x0)
r7 = openat$cgroup_int(r4, &(0x7f0000000280)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f00000007c0)=ANY=[], 0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x55, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x5}, 0x50)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x9, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000050000850000001b000000b700000018000000850000005000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002420"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)=@o_path={&(0x7f0000000140)='./file0\x00', 0x0, 0x8}, 0x18)
write$cgroup_subtree(r10, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000071009154090893b3520ba54a07"], 0xfe33)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x9a, 0x1, 0x0, 0x0, 0x0, 0xae, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4be3f9cbb2623032, @perf_config_ext={0x5}, 0x402, 0x0, 0x0, 0x7, 0x5f, 0x40000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000f80)={r9}, 0xc)

1.065887037s ago: executing program 0 (id=1778):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/14], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_clone(0x2a801400, 0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x2c}]}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r2 = perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0x8, 0x80, 0x7, 0x0, 0x7, 0x80000, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x4, 0x5, 0x0, 0x1, 0x623512b6, 0x12, 0x0, 0x0, 0xee, 0x0, 0x7fffffff}, r0, 0x1, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5c31, 0x410, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4, 0xef5}, 0x0, 0xffffffffefffffff, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, 0x0, &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x94)
r3 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r3, 0x6, 0x5, &(0x7f0000000040), 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xa, 0x4, 0x208, 0xb}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r5}, 0xc)
perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d004892e822a6abc02ad2602a5ad6f7007ea60864160af365935cfaea3f49d8df1931a0e64ffc4c78029ee517d34460bc06000000938037e70e457ae2bb24ef6697070000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r9 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$unix(r9, &(0x7f0000000680)={&(0x7f0000000280)=@abs={0x1, 0x0, 0x4e20}, 0x6e, 0x0}, 0x40000)
recvmsg(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000002e00)=""/4104, 0x1008}, {&(0x7f0000002d00)=""/197, 0xc5}, {&(0x7f0000001ac0)=""/4147, 0x1033}, {&(0x7f0000000040)=""/43, 0x2b}], 0x4}, 0x0)
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
ioctl$PERF_EVENT_IOC_SET_FILTER(r10, 0x8946, &(0x7f0000000080))

769.260756ms ago: executing program 2 (id=1779):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000003080)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b80cdd64bdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe61241638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a9554328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c5a01ba62ed8f2c6a503dd1b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341d13d244359718ac3dad595712a4051bb6cf826ab757193fc093b8b3353fbbb278d19000000000000007b61805ed430ef06000000000000001e93f640f159320c8b088f4d64977b2eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751df38c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bf96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b777d73a63246ce6f0467167626329ab91df7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c230f27e7025d576535198742d403ec43572d7d0baf00e882617b260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6ee02412064730700aeff2b69c2f2bf6f691c3560e068743ae8e8771280dac7fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c56d9abc40c64a20c14ff0b1bf4d23fe07ae90f503ba9c64bf89b26e7d8d70710b04f9ece69023acadbb4582272e5b3a0429a5675e5a9554de54945d9a270180e0545b0c824ad36f7cc8be12b3874d5a19349b0ede845e9ece24d546d3af1bae069b89f6ecf2aabb17eb1840bc8e0ed1dd8b9b7eeaf32a185d8fc9a28c6b8e00250a7f2eeb756eadafe20bbc616bc44b347abc8caf722b2c3b06884c1d1690f23b06fa4541bb2a81073b452764f04bd39008b65ee222cf697ac21b087548e9708dffaff2859e973b1e88668c8022cc6dac8548167e5798ec9c7d288a7fa7749f07513187cd8f060abbbc5e37dd1be3aab927be1b409be733b7408534e5b0951e9ecfd0a1c77e3a29be4c4093330124615056e3ce0ce6ac91b1242d3bb2e787a186dc2ec284d60e9d8a03884a22eeaa1efa497ee88c6cb565b164a260afb5157e392b1ebb1a4d4f992011ecbac4a0a6df5bdc6f7994a422bb2761edd2d8f20f5f879a88f89d48b8314f862585e4b7a9d6a6681f40e8b82cc6555dcdb951d164cc9a70e640ac8974faa2587a6e3af3b9458f7d4b4077b3002536b10ea24d73307a33090c4c270909a5322eac32cb175e68fa83457b21465c08c02c0c714c2862ddbe567755f05a1e671328d160d3752345ca1db6e74c720e42afca982ba6befd96c5575f1e88f87ff6606301c0000000000000000000000000000000000000004d0d54b4caf78018766cdb971e8b168d4763c21181f00000003d4e1d842caf457797f93db93e4f38a9dbd79f6bf5dc40b55fdbf9b856665061b2e2924f27eb2d2b5a181ccfd9eeb11dec165b6f12433f00bb06124041ffdcdcdc91f3b3b76635a689c9249cf69bcae65e9f2cc9a5129e385b883c56026d83520395b7d511f607cf2f899c7b1c75e2192f775d72247167285857588ace1115fbebfe63c16b84cf7036d41c493a63c09f2ce46c1f5995c2d7fe58c15e64bb4cb7e7f336cc22fa1ea1363bce375bd3d579be1dddb08ed5147b629e4b3f0e65783ee5e20d9270802f2a7500738bf356131ca53e9d7ba8d486fb26252d684b84fa24639089064ca7b93057c041f12d544dab4d24a4f952b4f265a69ba279929959991b7ac63786055b3c029a0e8b6e4c26497c029bb61462623a58556cd62844d4d23cc738ee5b36c71d2c010b089251d5806000b1ade92dd9f441468967c052aecd9de817394eb580240d556d0f0b4b55d06670597991f37ddc4fa19a6369d5bf76c474633a337f676ad255869881da5cadcf49ce9188129cc978977f87b32bd49457536430ffbd3e01e67ff087644f52fcf0a3c732b0586cb87972c43d2616bf4e521dc3126bf1760243d51a197d3ecfd74bd625e9f496175cfeaaa020817d33d513f3e97854ea76e04e96a8639a297871485a8609f8ca842b3321932c4d9e224a0cec5946cec9e359fd3687415cad5fb8c678136f36d9f781fade9f2469477748f4dfa0f56c3b5a620fc84e1c735647895713cbcea57b2277831f8f633f0d29371e645e5544e57010a9b76457f6ad73231a9f31f6bbb1b95248aeda5a9df9dea643a792bb0910e45fce298ab0a0298fc33a423e860d5b308d7849381b294106af25f15fec047d5b844a99f36e342165df728e381b48c20e0900f8d265157467d3494f2b96acf060f74084760d226f50edb115c2e075f3c663a4b4169b900fa0a13cf796e0d7a9dad86953c13ed6241206d68ae194c64c491de6a531e9bd45abe705f07000a82ccd41a2c1b9d5dd8bf6c28653eb84f117e476e052a9db790e0a71dac9d8b343efebdc026860000000000000000000000000000aad579302085dfdf75bea24798c680b3de341e3bd57543bf74fd58bcebdbb883c743ed43ba7f540f2c4e0310c21e7deff9e45b8bd2cf65bb584091b8e80e34b3e59185fe32d1d73dd4f62712a39b1366c71420b339ec1295f79b1516723b6b80a7e99e5aa6536982c02275fc53fa3ef14d9fccb05f9c4e69a3af0fde863af2d9a0f8a94fc571b0ab4ad714f41fa4ee0bf14a8b44e3c41a3125be95e4b23d5f05395852761bfaebe0db979d5f3991d826cc74542b85cfd0dba66bc93cfd79178ab0b79fa3b29ff9c19e0424513c91980187c9d94b8354337a1fc782505db900c47d83bd49276cfe6e242ba8365b1ea4598a21f50f5415a70990b5bb4a1f6bd8acdf2c7da3d648754767089c9b5ceb556fafa3cc5afd2f3e9a62a90262a76ff89a2751b59a744f0d3f36ca503357daa3e29ce6f357dc1e4839277d003e93fdbb955e1a1302a76aea7e73835094fb15464e94e814c77c293121d0433e80d444c4ca17abaf32b521d8686666055da023aef9c8df3e80d2ed640ed10aa19a036dcef172dbd3b3600b69d7b90c6222e167d7c76059f2b5f3b3004e8a20d1f6612efeb629573be97aa949c6016e7e56283e84986aaa4fc8a098708ebe36f377ada63d9b464c39342e0682549862de3ec75e7b031bc49f341a21417fb6375e8701481b59d1722c836961804666801678eb25750b520bf1615a4bbf30aa74d60ec6b657f2dd298b0419da43fc708a60c94a7ff2fd6a2d08005ad73c9e2d6143d2857be8fb3f12bfa6628bccb153e39172d07563d6a1dc75c347c08060304f091230bd74b49ecdd13bf480db3984622a167c8603b8c501280059a7b6123c8f8cd217f64eccc2dffe4f3a1e8c9a96a13d8126f3ea26779fbd0069d729a7764d4ddd7d9d820b0de2530969362b94b974678527f5bac7eb8d6e321b2be0b2f7534634a5ecd1248d7ad7e8e03163e92e9f1d620e28597bd881eea0981e8adfd70b670b0763ce9226f7c3e156b353e22fdea6942b577bbc539aab23cbd46bdd0ea1e67140c759f208c12dc57f3100000000000000e4965fcb6c2749955eac9476687e63b41c6282bbcb0c3d8b0c9493a3a5f6d879d7257b4b68dc7cac3d9d5f5bbe937c501866ee4042b250e516ec074559e1e551167138766eeecb6941e8305d9cde1800c821536f9d25bd14163890842a08135bdb7a90db630b18f099855a7d9de65c80fa71ff90e873361d0e11a7dfebe56ffb2000b711a0b7914d6351ff60593e48af60e1ffecba7cd6f8ab662eb3c8f3164139e994d6a706afb92722595d649a04f1ff64e5634e7cb9106173a96bf47f7085e7eecdfdc1b6507b851c4ba43312726cfec58dedece1355a087c1b60882713a6161914f09267e2ce8aa886b380add5cd92e185d345c9b2933a78a4215133e8e7247fa444aee30bfb6c17ef537fba43aad323f552c01e17514d5db387e4bf9341ccf5931fc75350f8dcef3ed3e74d674865249b879466f0e3cf0dc9e3d8720ea261e6996b844501e374a0e9878c1d02fd3d6e2ae5d7677892d7a5cdf4b7fa8f315b41552d07495f034e1fa0a2c9a34b7f66638e775dacb33e9b5cd3f4193bdebb7e86090dd265ee2b3ca9bd32d19ef229a050e910263d916670d8006067f5c0a1d8219b4a74b6092656f3b96f060000005ca3eca5d6295a1c11be907fad3bf9ccdf9898a084bbcc0a3714691c6c28fc34c44f9a46d6caf3b93d5d9ad8e3a25d34da57b203af917f5359952468fcddbf43d8fd1add972fd5d361c5be3e8b3280bbfa97e9826163537c99ff461123a1d9f93880feb5f953217f1e633bfb221a7822513278c36abcb6a4009e5037b3f56f9172bd70331817862c5e129d830d4f13e9793dad49b6bf286d2a539d089393d481931735a544f4e86b51a91106ce86d278a0712eab917d843ecc7d031e99d230689210e5afbcbb0a6cff33b40e7b637a8171d7b28fcaee54bb0fb7e2dd92c6cf2130f9fa4482512ae356c5907533108113a9a98b0508e4041df8e99b4136a66f58a6e91e2017dc7e095e8e4776d396797e089e9b42fdee33e76c28a636893510ed71166086bb4c1f3363dfd0abf0b2ea8ceba68c7d9a22a8342059862985d987083d80761bd699c3ee77473263a77ea65eac8a4c3b6b87f399575a15a2db143f6aac363644fd45372d6f43baebc7c3547780d1d079e225962733e0c0d3f364cbe9bcec7caaa8d372da63b213d4554e9ced54c2d59a97b814f1d700"/3584], &(0x7f0000014ff5)='GPL\x00', 0x2, 0x103a, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2a3}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r1, 0x3a, 0xcc0, 0xcc0, &(0x7f0000000200)="e460cdfbef2408322900119386dd6a00000000072feb311ccd3ec8a755c1e1380081ffad008036e8d50000ff010000001400000500242f09880bd320d98a61a90057e9bf", 0x0, 0x401, 0x0, 0xa8, 0x0, &(0x7f00000011c0)="59235bd7a9324ff307d87177332368fbdeefaa1544600ea1870645446c357de433206896637019b84d57c3de1ea07638e494dd701db1af6fc15db78cf79f5ab4bc7aee8553677ffe377a35b4afdb989fb7da1ff63956ffb796d51daf1c268b9f1a4a06583f8c03ec1671b151a8a495c1b006fa5f2f3a54a46aeee8005b178b9516d2b928984ccb942fa2278a2e33a0b619f2dd814fc91942e03c48fd9b7d19d9a6612b46805b267ef3132a724cbfcd1c715be67930e2ae2b9a2479c5a4b2fecd301a745a6fd67598a5e5ecc1e56e58159c47def7f9285acfedc980596377e6f9ee076fa094e5d8f838b718ed63ff8265a1dbc1549bed03e6b27b6fc2b8a07373506a1a41d5a71cbf0eaa24ec737b02a8a2d5114c3c4e5810a2c3eae3373fd341800cfb0fb35cefe04ca4da2b02a83c40126e23cdf3c817b530bbe7b431bc0b7d864e3e6dd1ab90259a8bd7ad7dd4c6366ea6da661fd016b394adcce5988fff85fbc832a927c97b89337e195f562cd284911eef1ee52e4ff033b33beedea7cf43c4d0cc0471fa91011e1e7e8733bf82c01346d6ecb49f1a84e92d063c81a7227d89be33f7273b87e29ae53a5f38dc94cf391fcb82c9432821ef1a0f6bbfe8f7d6574479a8f621e1d8f7d9bb20f3d8d469e6d232d7d7837ff12a224a65c604907e787baaf7c863ad48a5edecbe1470c20507a6ee5dee75e9ef84c71af5af800a9ce9787ebdee9e1c8189fbf66048d5c3757fb2b697ce68cfd316a7b25a385111e0cd2fddb81602e36e74c4f99b403cb304a4774e648054c0456c7869f9d97873ff80e2664c1265292941a9b767c7f40767cfccdbcaa156453d6a910fd5440f7a2bf8f4bb6d6d9fd443f2304617a684b6afa99c157dcf70e51fdb55fd0dbf5c6733841024599f8d1791a07c5dc3a4ccaf4d7c0ca3d101b2beba3a49d2378c9fe4fdb10babd95083a0c4db5a30c4490828d97efe807a13e587fbac1089843964facfd27d287262759384fe9b610f81048be430c1e8fe6327c0f2fd003021d20563ec0c7e39aec6718649c958da2e02cb3848c76924492678889c18bea02ed5ee080106e9838cbca9ad5f66c0434182225b13a236b342cf80562c10d4a3459aea17589b84904d3d2c2b", &(0x7f00000004c0)="b33620dad49cc786c86a5c5444e76c2a1ef9224fb91083d2ba4368e98a14467703e9ee585196fa95320bd53c6a76ad443b81dc833b22016aeaafb4597c06919ecf7e5ea4d0a8995feaaf9a9feb0c4b5277398049a2f5475f6ceb26bd128189f4b1b3c662d3d1630717791de0cdac3ce6e01c5719b670da5ded7dfa9dda53f04ad151cb952d708eaa69e983dcfab36b2dac3f3fe85e1d86b3d73d4879fb11cfac51f3cb669a50", 0x1, 0xfffffffd}, 0x22)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0}, &(0x7f0000000080), &(0x7f00000000c0)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x4}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

572.325102ms ago: executing program 1 (id=1780):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000100000000000000000000850000007500000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000080000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000070000008500000010"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000008c0)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xa, 0xa13a, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={&(0x7f0000000180), 0x8}, 0x0, 0x10000, 0x0, 0x0, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000400", @ANYRES32=0x1, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000d2e9388bc315a8f3aa2e3982f3e9bd87eabd0888939d24425fd856973736d0c7e0d65573f1b53a8f1a8715c8b68468ffa07d3bf9c79f6026bba5485126214234fc5672c475331f86e5fa602e0ae332c7d4410db6d76eb8299eef8c527ac4"], 0x50)
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000004c0)='ns/pid_for_children\x00')
ioctl$TUNSETFILTEREBPF(r0, 0xb702, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@o_path={&(0x7f00000000c0)='./file0\x00', 0x0, 0x4000}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257075bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000006000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b257183fa3bcd48666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09601f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebd00000000000000005839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dcc718a09f4886afc26abba34635d0e8b54bc76be40d435aa8b5202db761014b1b999a12df6bee431a666100"/296], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x7300, 0x4000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x0, 0x4}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
r2 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000004700)=""/4097, 0x1001}, {&(0x7f0000003700)=""/4064, 0xfe0}, {&(0x7f0000000440)=""/171, 0xab}], 0x3}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
syz_clone(0x164000, 0x0, 0x0, 0x0, 0x0, 0x0)

94.648417ms ago: executing program 0 (id=1781):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b20, &(0x7f0000000040)={'wlan1\x00', @random="000010000b00"})
socketpair(0x9, 0x3, 0x7, &(0x7f0000000400))
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x5, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4022, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_config_ext={0x9, 0xffff}, 0x0, 0x0, 0xfffffffc, 0x5, 0xfffffffffffffffd, 0x11, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000180)={0x2, 0xa0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4022, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x5, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80b02, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x2221)

0s ago: executing program 2 (id=1782):
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0e00009bd029ef8020ab070011000523a608463a3f", @ANYRES16=r0], 0xfe33)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r7, &(0x7f0000000000)={0x0, 0x36, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
close(r0)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x8, &(0x7f0000001340)=@framed={{0xbe, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r9}}]}, &(0x7f0000000480)='syzkaller\x00'}, 0x90)

kernel console output (not intermixed with test programs):

[  351.495902][ T8590] netlink: 'syz.1.926': attribute type 10 has an invalid length.
[  352.249069][ T8600] netlink: 'syz.1.929': attribute type 1 has an invalid length.
[  352.262153][ T8600] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.929'.
[  352.339887][ T8603] delete_channel: no stack
[  352.736769][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  353.130965][ T8617] netlink: 'syz.2.934': attribute type 10 has an invalid length.
[  353.713885][ T8625] netlink: 'syz.2.938': attribute type 21 has an invalid length.
[  353.872691][ T8633] FAULT_INJECTION: forcing a failure.
[  353.872691][ T8633] name failslab, interval 1, probability 0, space 0, times 0
[  353.899158][ T8633] CPU: 0 PID: 8633 Comm: syz.1.941 Not tainted syzkaller #0
[  353.906509][ T8633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  353.916599][ T8633] Call Trace:
[  353.919933][ T8633]  <TASK>
[  353.922901][ T8633]  dump_stack_lvl+0x18c/0x250
[  353.927640][ T8633]  ? show_regs_print_info+0x20/0x20
[  353.932892][ T8633]  ? load_image+0x420/0x420
[  353.937450][ T8633]  ? __might_sleep+0xe0/0xe0
[  353.942091][ T8633]  ? __lock_acquire+0x7d40/0x7d40
[  353.947186][ T8633]  should_fail_ex+0x39d/0x4d0
[  353.951936][ T8633]  should_failslab+0x9/0x20
[  353.956511][ T8633]  slab_pre_alloc_hook+0x59/0x310
[  353.961588][ T8633]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  353.967350][ T8633]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  353.973112][ T8633]  __kmem_cache_alloc_node+0x53/0x250
[  353.978548][ T8633]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  353.984312][ T8633]  __kmalloc+0xa4/0x230
[  353.988521][ T8633]  tomoyo_realpath_from_path+0xe3/0x5d0
[  353.994136][ T8633]  tomoyo_path_number_perm+0x248/0x620
[  353.999666][ T8633]  ? tomoyo_path_number_perm+0x217/0x620
[  354.005362][ T8633]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  354.010871][ T8633]  ? ksys_write+0x1c4/0x260
[  354.015478][ T8633]  ? __fget_files+0x28/0x4b0
[  354.020109][ T8633]  ? __fget_files+0x28/0x4b0
[  354.024780][ T8633]  security_file_ioctl+0x70/0xa0
[  354.029777][ T8633]  __se_sys_ioctl+0x48/0x170
[  354.034429][ T8633]  do_syscall_64+0x55/0xa0
[  354.038907][ T8633]  ? clear_bhb_loop+0x40/0x90
[  354.043625][ T8633]  ? clear_bhb_loop+0x40/0x90
[  354.048341][ T8633]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  354.054271][ T8633] RIP: 0033:0x7f33e3f9ce59
[  354.058729][ T8633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  354.078383][ T8633] RSP: 002b:00007f33e4e12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  354.086836][ T8633] RAX: ffffffffffffffda RBX: 00007f33e4215fa0 RCX: 00007f33e3f9ce59
[  354.094840][ T8633] RDX: 0000200000001700 RSI: 00000000400454dc RDI: 0000000000000003
[  354.102862][ T8633] RBP: 00007f33e4e12090 R08: 0000000000000000 R09: 0000000000000000
[  354.110872][ T8633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.118885][ T8633] R13: 00007f33e4216038 R14: 00007f33e4215fa0 R15: 00007ffc3f78e1b8
[  354.126922][ T8633]  </TASK>
[  354.141015][ T8633] ERROR: Out of memory at tomoyo_realpath_from_path.
[  354.193380][ T8636] netlink: 'syz.2.942': attribute type 1 has an invalid length.
[  354.201473][ T8636] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.942'.
[  354.730079][ T8640] FAULT_INJECTION: forcing a failure.
[  354.730079][ T8640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.773593][ T8640] CPU: 1 PID: 8640 Comm: syz.1.944 Not tainted syzkaller #0
[  354.780933][ T8640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  354.791014][ T8640] Call Trace:
[  354.794325][ T8640]  <TASK>
[  354.797286][ T8640]  dump_stack_lvl+0x18c/0x250
[  354.802025][ T8640]  ? show_regs_print_info+0x20/0x20
[  354.807288][ T8640]  ? load_image+0x420/0x420
[  354.811833][ T8640]  ? __lock_acquire+0x7d40/0x7d40
[  354.816895][ T8640]  ? snprintf+0xe9/0x140
[  354.821173][ T8640]  should_fail_ex+0x39d/0x4d0
[  354.825895][ T8640]  _copy_to_user+0x2f/0xa0
[  354.830341][ T8640]  simple_read_from_buffer+0xe7/0x150
[  354.835750][ T8640]  proc_fail_nth_read+0x1e8/0x260
[  354.840793][ T8640]  ? proc_fault_inject_write+0x360/0x360
[  354.846450][ T8640]  ? fsnotify_perm+0x271/0x5e0
[  354.851233][ T8640]  ? proc_fault_inject_write+0x360/0x360
[  354.856883][ T8640]  vfs_read+0x28b/0x970
[  354.861063][ T8640]  ? kernel_read+0x1e0/0x1e0
[  354.865680][ T8640]  ? __fget_files+0x28/0x4b0
[  354.870284][ T8640]  ? __fget_files+0x28/0x4b0
[  354.874892][ T8640]  ? __fget_files+0x43d/0x4b0
[  354.879611][ T8640]  ? __fdget_pos+0x2a3/0x330
[  354.884225][ T8640]  ? ksys_read+0x75/0x260
[  354.888592][ T8640]  ksys_read+0x150/0x260
[  354.892853][ T8640]  ? vfs_write+0x990/0x990
[  354.897287][ T8640]  ? lockdep_hardirqs_on+0x98/0x150
[  354.902503][ T8640]  do_syscall_64+0x55/0xa0
[  354.906932][ T8640]  ? clear_bhb_loop+0x40/0x90
[  354.911639][ T8640]  ? clear_bhb_loop+0x40/0x90
[  354.916331][ T8640]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  354.922238][ T8640] RIP: 0033:0x7f33e3f5d68e
[  354.926668][ T8640] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  354.946291][ T8640] RSP: 002b:00007f33e4e11fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  354.954716][ T8640] RAX: ffffffffffffffda RBX: 00007f33e4e126c0 RCX: 00007f33e3f5d68e
[  354.962699][ T8640] RDX: 000000000000000f RSI: 00007f33e4e120a0 RDI: 0000000000000004
[  354.970689][ T8640] RBP: 00007f33e4e12090 R08: 0000000000000000 R09: 0000000000000000
[  354.978676][ T8640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  354.986659][ T8640] R13: 00007f33e4216038 R14: 00007f33e4215fa0 R15: 00007ffc3f78e1b8
[  354.994666][ T8640]  </TASK>
[  355.137065][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  355.194337][ T8652] delete_channel: no stack
[  355.245619][ T8648] netlink: 'syz.3.946': attribute type 10 has an invalid length.
[  356.482044][ T8671] netlink: 'syz.0.954': attribute type 1 has an invalid length.
[  356.506412][ T8671] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.954'.
[  357.144326][ T8685] netlink: 'syz.0.959': attribute type 10 has an invalid length.
[  357.165650][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  357.271863][ T8692] delete_channel: no stack
[  357.973505][ T8708] netlink: 'syz.0.968': attribute type 1 has an invalid length.
[  357.997403][ T8708] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.968'.
[  358.673537][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  358.678733][ T8723] netlink: 'syz.0.971': attribute type 10 has an invalid length.
[  358.708435][ T8723] team0: Device wg1 is of different type
[  358.896905][ T8732] delete_channel: no stack
[  358.951877][ T8733] netlink: 'syz.2.973': attribute type 10 has an invalid length.
[  359.519128][ T8743] netlink: 'syz.3.979': attribute type 10 has an invalid length.
[  359.543551][ T8746] netlink: 'syz.2.980': attribute type 1 has an invalid length.
[  359.570170][ T8744] netlink: 15999 bytes leftover after parsing attributes in process `syz.0.978'.
[  359.580752][ T8746] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.980'.
[  359.613586][ T8743] team0: Device wg1 is of different type
[  360.026060][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  360.809590][ T8775] delete_channel: no stack
[  360.836040][ T8766] netlink: 'syz.3.988': attribute type 10 has an invalid length.
[  361.186591][ T8782] netlink: 'syz.3.992': attribute type 1 has an invalid length.
[  361.194287][ T8782] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.992'.
[  362.068723][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  362.540994][ T8821] netlink: 'syz.1.1001': attribute type 10 has an invalid length.
[  362.571898][ T8822] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1003'.
[  362.600308][ T8822] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1003'.
[  362.656986][ T8820] FAULT_INJECTION: forcing a failure.
[  362.656986][ T8820] name failslab, interval 1, probability 0, space 0, times 0
[  362.675606][ T8820] CPU: 1 PID: 8820 Comm: syz.3.1003 Not tainted syzkaller #0
[  362.683024][ T8820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  362.693092][ T8820] Call Trace:
[  362.696398][ T8820]  <TASK>
[  362.699338][ T8820]  dump_stack_lvl+0x18c/0x250
[  362.704044][ T8820]  ? show_regs_print_info+0x20/0x20
[  362.709262][ T8820]  ? load_image+0x420/0x420
[  362.713806][ T8820]  ? __might_sleep+0xe0/0xe0
[  362.718423][ T8820]  ? __lock_acquire+0x7d40/0x7d40
[  362.723473][ T8820]  should_fail_ex+0x39d/0x4d0
[  362.728178][ T8820]  should_failslab+0x9/0x20
[  362.732698][ T8820]  slab_pre_alloc_hook+0x59/0x310
[  362.737746][ T8820]  kmem_cache_alloc_lru+0x4d/0x2d0
[  362.742871][ T8820]  ? __d_alloc+0x31/0x730
[  362.747221][ T8820]  __d_alloc+0x31/0x730
[  362.751403][ T8820]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  362.757575][ T8820]  d_alloc_pseudo+0x1d/0x70
[  362.762094][ T8820]  alloc_file_pseudo+0xe4/0x210
[  362.766967][ T8820]  ? alloc_empty_backing_file+0xe0/0xe0
[  362.772545][ T8820]  anon_inode_getfile+0xc5/0x1a0
[  362.777508][ T8820]  __se_sys_perf_event_open+0xee7/0x1c50
[  362.783162][ T8820]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  362.788829][ T8820]  ? lock_chain_count+0x20/0x20
[  362.793690][ T8820]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  362.799694][ T8820]  ? lockdep_hardirqs_on+0x98/0x150
[  362.804907][ T8820]  ? __x64_sys_perf_event_open+0x20/0xc0
[  362.810561][ T8820]  do_syscall_64+0x55/0xa0
[  362.814990][ T8820]  ? clear_bhb_loop+0x40/0x90
[  362.819694][ T8820]  ? clear_bhb_loop+0x40/0x90
[  362.824398][ T8820]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  362.830306][ T8820] RIP: 0033:0x7fde8dd9ce59
[  362.834743][ T8820] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  362.854361][ T8820] RSP: 002b:00007fde8bff6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  362.862796][ T8820] RAX: ffffffffffffffda RBX: 00007fde8e016090 RCX: 00007fde8dd9ce59
[  362.870778][ T8820] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 00002000000004c0
[  362.878757][ T8820] RBP: 00007fde8bff6090 R08: 0000000000000002 R09: 0000000000000000
[  362.886760][ T8820] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  362.894746][ T8820] R13: 00007fde8e016128 R14: 00007fde8e016090 R15: 00007ffe2abf6338
[  362.902752][ T8820]  </TASK>
[  362.974339][ T8816] delete_channel: no stack
[  363.002965][ T8824] netlink: 'syz.2.1004': attribute type 1 has an invalid length.
[  363.045299][ T8824] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1004'.
[  363.128646][ T8829] delete_channel: no stack
[  363.796564][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  364.171821][ T8852] netlink: 'syz.3.1016': attribute type 10 has an invalid length.
[  364.237534][ T8854] netlink: 'syz.3.1016': attribute type 2 has an invalid length.
[  364.263112][ T8854] netlink: 'syz.3.1016': attribute type 1 has an invalid length.
[  364.309317][ T8854] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1016'.
[  364.879484][ T8852] hsr_slave_0: left promiscuous mode
[  364.891112][ T8852] hsr_slave_1: left promiscuous mode
[  364.980338][ T8860] netlink: 'syz.0.1017': attribute type 1 has an invalid length.
[  364.993511][ T8860] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1017'.
[  365.006422][ T8848] netlink: 'syz.2.1013': attribute type 10 has an invalid length.
[  365.165308][ T8862] tap0: tun_chr_ioctl cmd 1074025677
[  365.170781][ T8862] tap0: linktype set to 0
[  365.227113][ T8862] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1018'.
[  365.239866][ T8862] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1018'.
[  365.274990][ T8861] delete_channel: no stack
[  365.440884][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  365.626309][ T8879] delete_channel: no stack
[  365.860607][ T8887] netlink: 'syz.1.1027': attribute type 10 has an invalid length.
[  366.020551][ T8890] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1029'.
[  366.054314][ T8890] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1029'.
[  366.073795][ T8889] delete_channel: no stack
[  366.705645][ T8896] netlink: 'syz.2.1030': attribute type 1 has an invalid length.
[  366.713537][ T8896] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1030'.
[  367.185788][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  367.484334][ T8901] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  367.898810][ T8915] netlink: 'syz.2.1036': attribute type 10 has an invalid length.
[  368.094715][ T8928] netlink: 'syz.3.1042': attribute type 1 has an invalid length.
[  368.100894][ T8924] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1040'.
[  368.118486][ T8928] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1042'.
[  368.141498][ T8924] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1040'.
[  368.913446][ T8923] delete_channel: no stack
[  369.172692][ T8941] delete_channel: no stack
[  369.471312][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  369.578437][ T8952] netlink: 'syz.3.1049': attribute type 15 has an invalid length.
[  369.603738][ T8952] netlink: 'syz.3.1049': attribute type 7 has an invalid length.
[  369.626528][ T8952] FAULT_INJECTION: forcing a failure.
[  369.626528][ T8952] name failslab, interval 1, probability 0, space 0, times 0
[  369.654693][ T8952] CPU: 0 PID: 8952 Comm: syz.3.1049 Not tainted syzkaller #0
[  369.662113][ T8952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  369.672181][ T8952] Call Trace:
[  369.675474][ T8952]  <TASK>
[  369.678425][ T8952]  dump_stack_lvl+0x18c/0x250
[  369.683136][ T8952]  ? show_regs_print_info+0x20/0x20
[  369.688354][ T8952]  ? load_image+0x420/0x420
[  369.692876][ T8952]  ? perf_trace_lock_acquire+0x104/0x410
[  369.698533][ T8952]  ? verify_lock_unused+0x140/0x140
[  369.703746][ T8952]  ? perf_trace_lock_acquire+0x104/0x410
[  369.709403][ T8952]  should_fail_ex+0x39d/0x4d0
[  369.714103][ T8952]  should_failslab+0x9/0x20
[  369.718622][ T8952]  slab_pre_alloc_hook+0x59/0x310
[  369.723673][ T8952]  kmem_cache_alloc+0x5a/0x2d0
[  369.728454][ T8952]  ? skb_clone+0x1eb/0x370
[  369.732912][ T8952]  skb_clone+0x1eb/0x370
[  369.737184][ T8952]  __netlink_deliver_tap+0x41c/0x830
[  369.742496][ T8952]  ? netlink_deliver_tap+0x2e/0x1b0
[  369.747719][ T8952]  netlink_deliver_tap+0x19c/0x1b0
[  369.752860][ T8952]  netlink_sendskb+0x68/0x130
[  369.757561][ T8952]  netlink_ack+0xce1/0x1180
[  369.762107][ T8952]  ? netlink_dump+0xe50/0xe50
[  369.766803][ T8952]  ? ref_tracker_free+0x690/0x840
[  369.771851][ T8952]  netlink_rcv_skb+0x2c5/0x4d0
[  369.776634][ T8952]  ? rtnetlink_bind+0x80/0x80
[  369.781324][ T8952]  ? netlink_ack+0x1180/0x1180
[  369.786121][ T8952]  ? __lock_acquire+0x7d40/0x7d40
[  369.791165][ T8952]  ? netlink_deliver_tap+0x2e/0x1b0
[  369.796394][ T8952]  netlink_unicast+0x751/0x8d0
[  369.801190][ T8952]  netlink_sendmsg+0x8d0/0xbf0
[  369.806031][ T8952]  ? netlink_getsockopt+0x590/0x590
[  369.811265][ T8952]  ? aa_sock_msg_perm+0x94/0x150
[  369.816219][ T8952]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  369.821524][ T8952]  ? security_socket_sendmsg+0x80/0xa0
[  369.826998][ T8952]  ? netlink_getsockopt+0x590/0x590
[  369.832230][ T8952]  ____sys_sendmsg+0x5ba/0x960
[  369.837039][ T8952]  ? __asan_memset+0x22/0x40
[  369.841653][ T8952]  ? __sys_sendmsg_sock+0x30/0x30
[  369.846689][ T8952]  ? __import_iovec+0x5f2/0x850
[  369.851585][ T8952]  ? import_iovec+0x73/0xa0
[  369.856100][ T8952]  ___sys_sendmsg+0x2a6/0x360
[  369.860792][ T8952]  ? get_pid_task+0x20/0x1e0
[  369.865404][ T8952]  ? __sys_sendmsg+0x2a0/0x2a0
[  369.870210][ T8952]  ? __lock_acquire+0x7d40/0x7d40
[  369.875274][ T8952]  __se_sys_sendmsg+0x1c2/0x2b0
[  369.880140][ T8952]  ? __x64_sys_sendmsg+0x80/0x80
[  369.885124][ T8952]  ? lockdep_hardirqs_on+0x98/0x150
[  369.890355][ T8952]  do_syscall_64+0x55/0xa0
[  369.894785][ T8952]  ? clear_bhb_loop+0x40/0x90
[  369.899478][ T8952]  ? clear_bhb_loop+0x40/0x90
[  369.904213][ T8952]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  369.910142][ T8952] RIP: 0033:0x7fde8dd9ce59
[  369.914576][ T8952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  369.934201][ T8952] RSP: 002b:00007fde8eb89028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  369.942626][ T8952] RAX: ffffffffffffffda RBX: 00007fde8e015fa0 RCX: 00007fde8dd9ce59
[  369.950614][ T8952] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[  369.958609][ T8952] RBP: 00007fde8eb89090 R08: 0000000000000000 R09: 0000000000000000
[  369.966594][ T8952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  369.974592][ T8952] R13: 00007fde8e016038 R14: 00007fde8e015fa0 R15: 00007ffe2abf6338
[  369.982597][ T8952]  </TASK>
[  370.132852][ T8956] netlink: 'syz.2.1050': attribute type 10 has an invalid length.
[  370.611175][ T8968] netlink: 'syz.1.1055': attribute type 1 has an invalid length.
[  370.680283][ T8968] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1055'.
[  370.983370][ T8964] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1053'.
[  371.035915][ T8964] bridge_slave_1: default FDB implementation only supports local addresses
[  371.127565][ T8970] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1053'.
[  371.618350][ T8980] delete_channel: no stack
[  372.065286][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  372.445498][ T8997] netlink: 'syz.2.1063': attribute type 10 has an invalid length.
[  372.492625][ T8997] syz_tun: entered promiscuous mode
[  372.561861][ T8997] syz_tun: entered allmulticast mode
[  372.569570][ T8997] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  372.578741][ T8995] netlink: 'syz.1.1062': attribute type 10 has an invalid length.
[  372.702485][ T9005] netlink: 'syz.0.1066': attribute type 1 has an invalid length.
[  372.725489][ T9005] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1066'.
[  373.297266][ T9018] delete_channel: no stack
[  373.695703][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  374.016889][ T9029] netlink: 'syz.1.1074': attribute type 10 has an invalid length.
[  374.126439][ T9034] netlink: 'syz.1.1074': attribute type 10 has an invalid length.
[  374.168975][ T9034] syz_tun: entered promiscuous mode
[  374.222480][ T9034] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  374.255595][ T9033] netlink: 'syz.3.1076': attribute type 10 has an invalid length.
[  374.309234][ T9033] team0: Device wg1 is of different type
[  374.413725][ T9041] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1078'.
[  374.648468][ T9044] validate_nla: 1 callbacks suppressed
[  374.648502][ T9044] netlink: 'syz.2.1079': attribute type 10 has an invalid length.
[  374.796943][ T9053] delete_channel: no stack
[  375.427474][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  375.989237][ T9074] FAULT_INJECTION: forcing a failure.
[  375.989237][ T9074] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.048080][ T9074] CPU: 0 PID: 9074 Comm: syz.3.1089 Not tainted syzkaller #0
[  376.055592][ T9074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  376.065676][ T9074] Call Trace:
[  376.068984][ T9074]  <TASK>
[  376.071938][ T9074]  dump_stack_lvl+0x18c/0x250
[  376.076670][ T9074]  ? show_regs_print_info+0x20/0x20
[  376.081910][ T9074]  ? load_image+0x420/0x420
[  376.086466][ T9074]  ? __lock_acquire+0x7d40/0x7d40
[  376.091528][ T9074]  ? snprintf+0xe9/0x140
[  376.095894][ T9074]  should_fail_ex+0x39d/0x4d0
[  376.100627][ T9074]  _copy_to_user+0x2f/0xa0
[  376.105108][ T9074]  simple_read_from_buffer+0xe7/0x150
[  376.110532][ T9074]  proc_fail_nth_read+0x1e8/0x260
[  376.115612][ T9074]  ? proc_fault_inject_write+0x360/0x360
[  376.121298][ T9074]  ? fsnotify_perm+0x271/0x5e0
[  376.126114][ T9074]  ? proc_fault_inject_write+0x360/0x360
[  376.131792][ T9074]  vfs_read+0x28b/0x970
[  376.135993][ T9074]  ? kernel_read+0x1e0/0x1e0
[  376.140622][ T9074]  ? __fget_files+0x28/0x4b0
[  376.145271][ T9074]  ? __fget_files+0x28/0x4b0
[  376.149906][ T9074]  ? __fget_files+0x43d/0x4b0
[  376.154621][ T9074]  ? __fdget_pos+0x2a3/0x330
[  376.159264][ T9074]  ? ksys_read+0x75/0x260
[  376.163627][ T9074]  ksys_read+0x150/0x260
[  376.167892][ T9074]  ? vfs_write+0x990/0x990
[  376.172327][ T9074]  ? lockdep_hardirqs_on+0x98/0x150
[  376.177545][ T9074]  do_syscall_64+0x55/0xa0
[  376.181974][ T9074]  ? clear_bhb_loop+0x40/0x90
[  376.186674][ T9074]  ? clear_bhb_loop+0x40/0x90
[  376.191387][ T9074]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  376.197301][ T9074] RIP: 0033:0x7fde8dd5d68e
[  376.201735][ T9074] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  376.221354][ T9074] RSP: 002b:00007fde8bff5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  376.229800][ T9074] RAX: ffffffffffffffda RBX: 00007fde8bff66c0 RCX: 00007fde8dd5d68e
[  376.237803][ T9074] RDX: 000000000000000f RSI: 00007fde8bff60a0 RDI: 0000000000000007
[  376.245790][ T9074] RBP: 00007fde8bff6090 R08: 0000000000000000 R09: 0000000000000000
[  376.253773][ T9074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.261768][ T9074] R13: 00007fde8e016128 R14: 00007fde8e016090 R15: 00007ffe2abf6338
[  376.269775][ T9074]  </TASK>
[  376.332640][ T9078] netlink: 'syz.1.1090': attribute type 10 has an invalid length.
[  376.441453][ T9084] netlink: 'syz.3.1092': attribute type 1 has an invalid length.
[  376.484656][ T9087] delete_channel: no stack
[  376.497941][ T9084] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1092'.
[  376.843383][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  378.831669][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  378.846388][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  379.318447][ T9118] netlink: 'syz.1.1104': attribute type 10 has an invalid length.
[  379.382496][ T9120] netlink: 'syz.0.1105': attribute type 1 has an invalid length.
[  379.390894][ T9120] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1105'.
[  379.593065][ T9127] delete_channel: no stack
[  379.678589][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  380.477459][ T9137] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1111'.
[  380.521350][ T9137] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1111'.
[  380.548665][ T9133] netlink: 16182 bytes leftover after parsing attributes in process `syz.2.1110'.
[  380.588778][ T9133] netlink: 'syz.2.1110': attribute type 3 has an invalid length.
[  380.605412][ T9133] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1110'.
[  380.629586][ T9142] netlink: 'syz.2.1110': attribute type 4 has an invalid length.
[  380.702586][ T9142] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1110'.
[  380.781352][ T9136] delete_channel: no stack
[  381.060652][ T9151] netlink: 'syz.0.1117': attribute type 10 has an invalid length.
[  381.090485][ T9155] netlink: 'syz.2.1118': attribute type 1 has an invalid length.
[  381.112464][ T9155] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1118'.
[  381.516127][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  381.737927][ T9171] delete_channel: no stack
[  381.872804][ T9173] netlink: 'syz.3.1124': attribute type 15 has an invalid length.
[  381.891409][ T9173] netlink: 'syz.3.1124': attribute type 7 has an invalid length.
[  382.232871][ T9182] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1127'.
[  382.267275][ T9182] openvswitch: netlink: Key type 29 is not supported
[  382.549272][ T9186] syz.3.1128 (9186) used obsolete PPPIOCDETACH ioctl
[  382.771599][ T9188] netlink: 'syz.3.1130': attribute type 1 has an invalid length.
[  382.793981][ T9188] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1130'.
[  382.880561][ T9192] netlink: 'syz.0.1131': attribute type 10 has an invalid length.
[  383.009434][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  383.793781][ T9211] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1138'.
[  384.190662][ T9227] delete_channel: no stack
[  384.422452][ T9230] netlink: 'syz.0.1142': attribute type 10 has an invalid length.
[  384.444381][ T9236] netlink: 'syz.1.1144': attribute type 1 has an invalid length.
[  384.476331][ T9236] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1144'.
[  384.775920][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  388.879524][ T9263] netlink: 'syz.1.1154': attribute type 10 has an invalid length.
[  388.930728][ T9270] netlink: 'syz.2.1155': attribute type 1 has an invalid length.
[  388.951310][ T9270] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1155'.
[  389.109150][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  389.203286][ T9276] delete_channel: no stack
[  390.361763][ T9297] netlink: 'syz.1.1166': attribute type 10 has an invalid length.
[  390.457522][ T9302] netlink: 'syz.0.1167': attribute type 1 has an invalid length.
[  390.474745][ T9302] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1167'.
[  390.719312][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  390.937028][ T9318] delete_channel: no stack
[  392.258920][ T9334] netlink: 'syz.1.1177': attribute type 10 has an invalid length.
[  392.534269][ T9350] netlink: 'syz.1.1182': attribute type 1 has an invalid length.
[  392.546635][ T9350] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1182'.
[  392.697196][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  393.382389][ T9368] delete_channel: no stack
[  393.812970][ T9378] netlink: 'syz.3.1191': attribute type 10 has an invalid length.
[  394.938322][ T9392] netlink: 'syz.2.1197': attribute type 1 has an invalid length.
[  394.963812][ T9392] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1197'.
[  395.061703][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  395.805334][ T9407] delete_channel: no stack
[  396.127714][ T9414] netlink: 'syz.3.1205': attribute type 10 has an invalid length.
[  396.538061][ T9423] netlink: 'syz.1.1209': attribute type 1 has an invalid length.
[  396.547094][ T9423] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1209'.
[  396.640723][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  396.854131][ T9431] netlink: 'syz.3.1211': attribute type 21 has an invalid length.
[  397.507129][ T9445] netlink: 'syz.1.1217': attribute type 10 has an invalid length.
[  397.554173][ T9455] delete_channel: no stack
[  397.726743][ T9459] netlink: 'syz.1.1221': attribute type 1 has an invalid length.
[  397.757419][ T9459] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1221'.
[  397.926628][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  399.055336][ T9485] netlink: 'syz.3.1233': attribute type 1 has an invalid length.
[  399.070581][ T9483] netlink: 'syz.0.1230': attribute type 10 has an invalid length.
[  399.088896][ T9485] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1233'.
[  399.373454][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  399.618327][ T9500] FAULT_INJECTION: forcing a failure.
[  399.618327][ T9500] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.651853][ T9501] delete_channel: no stack
[  399.674247][ T9500] CPU: 1 PID: 9500 Comm: syz.0.1238 Not tainted syzkaller #0
[  399.681663][ T9500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  399.691746][ T9500] Call Trace:
[  399.695065][ T9500]  <TASK>
[  399.698035][ T9500]  dump_stack_lvl+0x18c/0x250
[  399.702768][ T9500]  ? show_regs_print_info+0x20/0x20
[  399.708006][ T9500]  ? load_image+0x420/0x420
[  399.712547][ T9500]  ? __might_fault+0xaa/0x120
[  399.717258][ T9500]  ? __lock_acquire+0x7d40/0x7d40
[  399.722322][ T9500]  should_fail_ex+0x39d/0x4d0
[  399.727056][ T9500]  _copy_from_user+0x2f/0xe0
[  399.731688][ T9500]  br_ioctl_stub+0x3e0/0xd50
[  399.736323][ T9500]  ? rcu_is_watching+0x15/0xb0
[  399.741127][ T9500]  ? rcu_read_unlock+0xa0/0xa0
[  399.745926][ T9500]  ? trace_contention_end+0x39/0xe0
[  399.751174][ T9500]  ? __mutex_lock+0x315/0xcc0
[  399.755896][ T9500]  ? mutex_lock_nested+0x20/0x20
[  399.760883][ T9500]  ? rcu_read_unlock+0xa0/0xa0
[  399.765689][ T9500]  sock_ioctl+0x517/0x7e0
[  399.770065][ T9500]  ? sock_poll+0x3e0/0x3e0
[  399.774531][ T9500]  ? bpf_lsm_file_ioctl+0x9/0x10
[  399.779500][ T9500]  ? security_file_ioctl+0x80/0xa0
[  399.784673][ T9500]  ? sock_poll+0x3e0/0x3e0
[  399.789130][ T9500]  __se_sys_ioctl+0xfd/0x170
[  399.793762][ T9500]  do_syscall_64+0x55/0xa0
[  399.798211][ T9500]  ? clear_bhb_loop+0x40/0x90
[  399.802922][ T9500]  ? clear_bhb_loop+0x40/0x90
[  399.807645][ T9500]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  399.813579][ T9500] RIP: 0033:0x7f204af9ce59
[  399.818023][ T9500] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  399.837666][ T9500] RSP: 002b:00007f204be8c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  399.846122][ T9500] RAX: ffffffffffffffda RBX: 00007f204b215fa0 RCX: 00007f204af9ce59
[  399.854134][ T9500] RDX: 0000200000000080 RSI: 0000000000008940 RDI: 0000000000000004
[  399.862143][ T9500] RBP: 00007f204be8c090 R08: 0000000000000000 R09: 0000000000000000
[  399.870158][ T9500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  399.878163][ T9500] R13: 00007f204b216038 R14: 00007f204b215fa0 R15: 00007ffecc70c1e8
[  399.886167][ T9500]  </TASK>
[  400.670898][ T9525] netlink: 'syz.0.1246': attribute type 1 has an invalid length.
[  400.701765][ T9522] netlink: 'syz.1.1245': attribute type 10 has an invalid length.
[  400.720286][ T9525] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1246'.
[  400.794993][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  401.293719][ T9547] delete_channel: no stack
[  401.555191][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  402.067211][ T9566] netlink: 'syz.3.1260': attribute type 1 has an invalid length.
[  402.082258][ T9566] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1260'.
[  402.197167][ T9565] netlink: 'syz.0.1261': attribute type 10 has an invalid length.
[  402.842115][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  402.996733][ T9594] delete_channel: no stack
[  403.201392][ T9598] netlink: 'syz.0.1273': attribute type 10 has an invalid length.
[  403.224495][ T9602] netlink: 'syz.3.1274': attribute type 1 has an invalid length.
[  403.251157][ T9602] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1274'.
[  403.319104][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  403.371071][ T9604] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1275'.
[  404.285167][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  404.576472][ T9633] netlink: 'syz.0.1284': attribute type 10 has an invalid length.
[  404.734024][ T9641] netlink: 'syz.1.1286': attribute type 1 has an invalid length.
[  404.746559][ T9641] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1286'.
[  404.971843][ T9644] netlink: 'syz.0.1296': attribute type 10 has an invalid length.
[  405.019247][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  405.178719][ T9658] delete_channel: no stack
[  405.185037][ T9654] delete_channel: no stack
[  405.386718][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  406.437926][ T9675] netlink: 'syz.2.1300': attribute type 10 has an invalid length.
[  406.486753][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  406.493346][ T9680] netlink: 'syz.0.1301': attribute type 1 has an invalid length.
[  406.515150][ T9680] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1301'.
[  406.958496][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  407.151014][ T9697] delete_channel: no stack
[  407.494609][ T9706] delete_channel: no stack
[  407.799330][ T9710] delete_channel: no stack
[  408.378733][ T9705] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1309'.
[  408.399861][ T9705] bridge_slave_1: default FDB implementation only supports local addresses
[  408.602068][ T9705] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1309'.
[  408.767402][ T9705] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[  408.813553][ T9719] netlink: 'syz.0.1311': attribute type 10 has an invalid length.
[  409.110661][ T9726] netlink: 'syz.2.1314': attribute type 1 has an invalid length.
[  409.119025][ T9726] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1314'.
[  409.263094][ T9729] netlink: 'syz.3.1315': attribute type 1 has an invalid length.
[  409.271883][ T9729] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1315'.
[  409.398453][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  409.462752][ T9732] netlink: 'syz.0.1325': attribute type 10 has an invalid length.
[  409.976093][ T9749] tap0: tun_chr_ioctl cmd 1074025677
[  409.981791][ T9749] tap0: linktype set to 0
[  410.001250][ T9752] delete_channel: no stack
[  410.086929][ T9749] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1323'.
[  410.103879][ T9749] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1323'.
[  410.278777][ T9756] netlink: 'syz.1.1322': attribute type 10 has an invalid length.
[  410.312932][ T9756] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1322'.
[  410.342272][ T9756] batman_adv: batadv0: Adding interface: veth1_vlan
[  410.386899][ T9756] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  410.475208][ T9756] batman_adv: batadv0: Interface activated: veth1_vlan
[  411.228448][ T9747] delete_channel: no stack
[  411.624687][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  411.637396][ T9769] netlink: 'syz.1.1329': attribute type 10 has an invalid length.
[  412.457890][ T9764] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1328'.
[  412.512738][ T9784] delete_channel: no stack
[  412.517852][ T9764] bridge_slave_1: default FDB implementation only supports local addresses
[  412.765285][ T9764] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1328'.
[  412.867413][ T9764] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[  412.954264][ T9789] netlink: 'syz.3.1337': attribute type 10 has an invalid length.
[  413.004385][ T9789] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1337'.
[  413.043923][ T9789] batman_adv: batadv0: Adding interface: veth1_vlan
[  413.094471][ T9789] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (299) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.122913][ T9791] netlink: 'syz.0.1338': attribute type 1 has an invalid length.
[  413.153809][ T9791] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1338'.
[  413.164437][ T9789] batman_adv: batadv0: Interface activated: veth1_vlan
[  413.924513][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  414.252914][ T9804] netlink: 'syz.3.1342': attribute type 10 has an invalid length.
[  414.301336][ T9812] delete_channel: no stack
[  414.979185][ T9828] delete_channel: no stack
[  415.475861][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  416.232259][ T9849] netlink: 'syz.1.1357': attribute type 10 has an invalid length.
[  416.470281][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  416.982906][ T9870] netlink: 'syz.3.1364': attribute type 1 has an invalid length.
[  417.027699][ T9873] delete_channel: no stack
[  417.037625][ T9870] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1364'.
[  417.335785][ T9877] netlink: 'syz.0.1369': attribute type 10 has an invalid length.
[  417.593239][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  418.620258][ T9901] netlink: 'syz.1.1379': attribute type 10 has an invalid length.
[  418.730937][ T9903] netlink: 'syz.2.1380': attribute type 10 has an invalid length.
[  418.857489][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  418.969909][ T9919] delete_channel: no stack
[  419.606117][ T9933] netlink: 'syz.1.1392': attribute type 10 has an invalid length.
[  420.188751][ T9950] delete_channel: no stack
[  420.194736][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  421.171735][ T9964] FAULT_INJECTION: forcing a failure.
[  421.171735][ T9964] name failslab, interval 1, probability 0, space 0, times 0
[  421.200062][ T9964] CPU: 1 PID: 9964 Comm: syz.0.1403 Not tainted syzkaller #0
[  421.207582][ T9964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  421.217667][ T9964] Call Trace:
[  421.220961][ T9964]  <TASK>
[  421.223905][ T9964]  dump_stack_lvl+0x18c/0x250
[  421.228614][ T9964]  ? sctp_sendmsg+0x1575/0x28c0
[  421.233501][ T9964]  ? ___sys_sendmsg+0x2a6/0x360
[  421.238373][ T9964]  ? show_regs_print_info+0x20/0x20
[  421.243598][ T9964]  ? load_image+0x420/0x420
[  421.248138][ T9964]  should_fail_ex+0x39d/0x4d0
[  421.252861][ T9964]  should_failslab+0x9/0x20
[  421.257399][ T9964]  slab_pre_alloc_hook+0x59/0x310
[  421.262451][ T9964]  ? sctp_add_bind_addr+0x8c/0x360
[  421.267585][ T9964]  __kmem_cache_alloc_node+0x53/0x250
[  421.272988][ T9964]  ? sctp_add_bind_addr+0x8c/0x360
[  421.278120][ T9964]  kmalloc_trace+0x2a/0xe0
[  421.282592][ T9964]  sctp_add_bind_addr+0x8c/0x360
[  421.287572][ T9964]  sctp_copy_local_addr_list+0x315/0x4f0
[  421.293243][ T9964]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  421.298985][ T9964]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  421.305074][ T9964]  ? sctp_v6_is_any+0x64/0x70
[  421.309790][ T9964]  ? sctp_copy_one_addr+0x8c/0x350
[  421.314925][ T9964]  sctp_bind_addr_copy+0xb3/0x3c0
[  421.319974][ T9964]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  421.326347][ T9964]  sctp_connect_new_asoc+0x2f9/0x6a0
[  421.331649][ T9964]  ? __sctp_connect+0xd80/0xd80
[  421.336521][ T9964]  ? __local_bh_enable_ip+0x13a/0x1c0
[  421.341915][ T9964]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  421.347477][ T9964]  ? security_sctp_bind_connect+0x89/0xb0
[  421.353237][ T9964]  sctp_sendmsg+0x1575/0x28c0
[  421.357950][ T9964]  ? sctp_getsockopt+0xb60/0xb60
[  421.362907][ T9964]  ? aa_sk_perm+0x83c/0x970
[  421.367452][ T9964]  ? aa_af_perm+0x330/0x330
[  421.371982][ T9964]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  421.378422][ T9964]  ? sock_rps_record_flow+0x19/0x3f0
[  421.383739][ T9964]  ? inet_sendmsg+0xe9/0x2f0
[  421.388355][ T9964]  ? inet_send_prepare+0x260/0x260
[  421.393496][ T9964]  ____sys_sendmsg+0x5ba/0x960
[  421.398290][ T9964]  ? __lock_acquire+0x7d40/0x7d40
[  421.403341][ T9964]  ? __sys_sendmsg_sock+0x30/0x30
[  421.408380][ T9964]  ? __import_iovec+0x5f2/0x850
[  421.413265][ T9964]  ? import_iovec+0x73/0xa0
[  421.417792][ T9964]  ___sys_sendmsg+0x2a6/0x360
[  421.422492][ T9964]  ? __sys_sendmsg+0x2a0/0x2a0
[  421.427300][ T9964]  ? trace_call_bpf+0xc3/0x6c0
[  421.432112][ T9964]  __se_sys_sendmsg+0x1c2/0x2b0
[  421.436985][ T9964]  ? __x64_sys_sendmsg+0x80/0x80
[  421.441962][ T9964]  ? lockdep_hardirqs_on+0x98/0x150
[  421.447197][ T9964]  do_syscall_64+0x55/0xa0
[  421.451643][ T9964]  ? clear_bhb_loop+0x40/0x90
[  421.456340][ T9964]  ? clear_bhb_loop+0x40/0x90
[  421.461040][ T9964]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  421.466954][ T9964] RIP: 0033:0x7f204af9ce59
[  421.471386][ T9964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  421.491021][ T9964] RSP: 002b:00007f204be8c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  421.499475][ T9964] RAX: ffffffffffffffda RBX: 00007f204b215fa0 RCX: 00007f204af9ce59
[  421.507489][ T9964] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  421.515480][ T9964] RBP: 00007f204be8c090 R08: 0000000000000000 R09: 0000000000000000
[  421.523477][ T9964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  421.531461][ T9964] R13: 00007f204b216038 R14: 00007f204b215fa0 R15: 00007ffecc70c1e8
[  421.539465][ T9964]  </TASK>
[  421.737782][ T9972] netlink: 'syz.3.1406': attribute type 1 has an invalid length.
[  421.747498][ T9972] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1406'.
[  421.795328][ T9973] netlink: 'syz.0.1405': attribute type 21 has an invalid length.
[  422.177062][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  422.345617][ T9982] delete_channel: no stack
[  423.396603][ T9999] delete_channel: no stack
[  424.021075][T10013] netlink: 'syz.1.1417': attribute type 1 has an invalid length.
[  424.034036][T10013] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1417'.
[  424.183718][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  424.301571][T10015] netlink: 'syz.2.1418': attribute type 10 has an invalid length.
[  424.857214][ T5777] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  425.828994][T10048] delete_channel: no stack
[  425.845733][T10046] syzkaller0: entered promiscuous mode
[  425.851267][T10046] syzkaller0: entered allmulticast mode
[  426.083288][T10053] netlink: 'syz.0.1431': attribute type 1 has an invalid length.
[  426.103069][T10053] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1431'.
[  426.793382][T10076] delete_channel: no stack
[  427.548282][T10095] netlink: 'syz.2.1446': attribute type 1 has an invalid length.
[  427.697394][T10095] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1446'.
[  427.927314][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  428.407609][T10112] delete_channel: no stack
[  428.570650][T10122] netlink: 'syz.3.1457': attribute type 1 has an invalid length.
[  428.588924][T10122] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1457'.
[  428.679601][T10128] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1458'.
[  428.701077][T10128] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1458'.
[  428.764606][T10128] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1458'.
[  428.823684][T10134] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1458'.
[  428.857298][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  429.451740][T10151] delete_channel: no stack
[  430.382138][T10164] netlink: 'syz.3.1470': attribute type 1 has an invalid length.
[  430.412212][T10164] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1470'.
[  430.600976][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  431.152739][T10169] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1472'.
[  431.173734][T10169] bridge_slave_1: default FDB implementation only supports local addresses
[  432.431182][T10199] delete_channel: no stack
[  432.475649][T10201] FAULT_INJECTION: forcing a failure.
[  432.475649][T10201] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  432.517174][T10201] CPU: 1 PID: 10201 Comm: syz.2.1482 Not tainted syzkaller #0
[  432.524703][T10201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  432.534795][T10201] Call Trace:
[  432.538098][T10201]  <TASK>
[  432.541064][T10201]  dump_stack_lvl+0x18c/0x250
[  432.545807][T10201]  ? show_regs_print_info+0x20/0x20
[  432.551045][T10201]  ? load_image+0x420/0x420
[  432.555591][T10201]  ? __might_fault+0xaa/0x120
[  432.560399][T10201]  ? __lock_acquire+0x7d40/0x7d40
[  432.565466][T10201]  should_fail_ex+0x39d/0x4d0
[  432.570197][T10201]  _copy_from_user+0x2f/0xe0
[  432.574831][T10201]  __sys_bpf+0x23e/0x890
[  432.579118][T10201]  ? bpf_link_show_fdinfo+0x390/0x390
[  432.584541][T10201]  ? lock_chain_count+0x20/0x20
[  432.589430][T10201]  __x64_sys_bpf+0x7c/0x90
[  432.593893][T10201]  do_syscall_64+0x55/0xa0
[  432.598345][T10201]  ? clear_bhb_loop+0x40/0x90
[  432.603064][T10201]  ? clear_bhb_loop+0x40/0x90
[  432.607785][T10201]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  432.613716][T10201] RIP: 0033:0x7f724f19ce59
[  432.618194][T10201] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  432.637831][T10201] RSP: 002b:00007f7250030028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  432.646269][T10201] RAX: ffffffffffffffda RBX: 00007f724f415fa0 RCX: 00007f724f19ce59
[  432.654267][T10201] RDX: 000000000000000c RSI: 0000200000000a80 RDI: 000000000000000a
[  432.662262][T10201] RBP: 00007f7250030090 R08: 0000000000000000 R09: 0000000000000000
[  432.670331][T10201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.678317][T10201] R13: 00007f724f416038 R14: 00007f724f415fa0 R15: 00007ffc3e17e728
[  432.686315][T10201]  </TASK>
[  432.942144][T10207] netlink: 'syz.2.1484': attribute type 1 has an invalid length.
[  432.974983][T10207] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1484'.
[  434.495199][T10214] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.1487'.
[  436.178791][T10247] netlink: 'syz.2.1495': attribute type 1 has an invalid length.
[  436.205147][T10247] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1495'.
[  436.750511][T10254] delete_channel: no stack
[  436.756789][T10255] netlink: 'syz.3.1496': attribute type 3 has an invalid length.
[  437.409738][T10261] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.1498'.
[  440.270331][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  440.276873][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  440.292873][T10290] netlink: 'syz.1.1508': attribute type 3 has an invalid length.
[  440.437130][T10293] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1504'.
[  440.585105][T10293] bridge_slave_1: default FDB implementation only supports local addresses
[  441.729201][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  442.509233][T10316] delete_channel: no stack
[  444.325504][T10323] netlink: 144316 bytes leftover after parsing attributes in process `syz.0.1515'.
[  444.536423][T10317] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1510'.
[  444.624957][T10317] bridge_slave_1: default FDB implementation only supports local addresses
[  445.882223][T10335] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1516'.
[  446.085960][T10335] bridge_slave_1: default FDB implementation only supports local addresses
[  447.453186][T10350] netlink: 'syz.1.1522': attribute type 1 has an invalid length.
[  447.493271][T10350] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1522'.
[  448.412090][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  448.533588][T10344] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1521'.
[  448.714606][T10344] bridge_slave_1: default FDB implementation only supports local addresses
[  449.084542][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  449.834877][T10379] delete_channel: no stack
[  450.163365][T10372] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.1526'.
[  450.193711][T10372] bridge_slave_1: default FDB implementation only supports local addresses
[  450.737035][T10366] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1526'.
[  450.840194][T10366] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[  452.649835][T10399] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.1532'.
[  452.749753][T10399] bridge_slave_1: default FDB implementation only supports local addresses
[  453.407736][T10410] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1536'.
[  453.518933][T10422] netlink: 'syz.3.1541': attribute type 1 has an invalid length.
[  453.547434][T10422] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1541'.
[  453.579517][T10410] bridge_slave_1: default FDB implementation only supports local addresses
[  453.596184][T10405] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1537'.
[  453.625025][T10405] bridge_slave_1: default FDB implementation only supports local addresses
[  453.915171][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  453.960246][T10432] delete_channel: no stack
[  456.905485][T10481] delete_channel: no stack
[  457.562131][T10494] delete_channel: no stack
[  457.676437][T10474] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1552'.
[  457.747035][T10474] bridge_slave_1: default FDB implementation only supports local addresses
[  458.895707][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  461.449657][T10530] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1567'.
[  461.639590][T10530] bridge_slave_1: default FDB implementation only supports local addresses
[  461.915197][T10535] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.1566'.
[  461.924528][T10535] bridge_slave_1: default FDB implementation only supports local addresses
[  462.563626][T10524] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1567'.
[  462.668784][T10524] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  462.796617][T10524] CPU: 0 PID: 10524 Comm: syz.0.1567 Not tainted syzkaller #0
[  462.804244][T10524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  462.814330][T10524] Call Trace:
[  462.817640][T10524]  <TASK>
[  462.820617][T10524]  dump_stack_lvl+0x18c/0x250
[  462.825349][T10524]  ? show_regs_print_info+0x20/0x20
[  462.830596][T10524]  ? load_image+0x420/0x420
[  462.835163][T10524]  sysfs_warn_dup+0x8e/0xa0
[  462.839703][T10524]  sysfs_do_create_link_sd+0xc0/0x110
[  462.845119][T10524]  device_add_class_symlinks+0x1cf/0x240
[  462.850800][T10524]  device_add+0x507/0xc20
[  462.855182][T10524]  wiphy_register+0x1dad/0x2ae0
[  462.860086][T10524]  ? cfg80211_event_work+0x40/0x40
[  462.865240][T10524]  ? minstrel_ht_alloc+0x88a/0x990
[  462.870413][T10524]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  462.876737][T10524]  ieee80211_register_hw+0x3464/0x4250
[  462.882287][T10524]  ? ieee80211_tasklet_handler+0x20/0x20
[  462.887951][T10524]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  462.893895][T10524]  ? __debug_object_init+0xec/0x450
[  462.899153][T10524]  ? __asan_memset+0x22/0x40
[  462.903794][T10524]  ? __hrtimer_init+0x186/0x270
[  462.908789][T10524]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  462.914570][T10524]  ? mac80211_hwsim_free+0x220/0x220
[  462.919892][T10524]  ? rcu_is_watching+0x15/0xb0
[  462.924727][T10524]  ? kstrndup+0xbd/0x140
[  462.929025][T10524]  hwsim_new_radio_nl+0xdc9/0x1a90
[  462.934184][T10524]  ? __nla_validate+0x50/0x50
[  462.938909][T10524]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  462.945291][T10524]  ? __nla_parse+0x40/0x50
[  462.949752][T10524]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  462.956129][T10524]  genl_family_rcv_msg_doit+0x211/0x310
[  462.961705][T10524]  ? end_current_label_crit_section+0x170/0x170
[  462.967989][T10524]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  462.973918][T10524]  ? bpf_lsm_capable+0x9/0x10
[  462.978635][T10524]  ? security_capable+0x89/0xb0
[  462.983536][T10524]  genl_rcv_msg+0x619/0x7a0
[  462.988082][T10524]  ? genl_bind+0x360/0x360
[  462.992533][T10524]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  462.998897][T10524]  ? ref_tracker_free+0x690/0x840
[  463.003970][T10524]  netlink_rcv_skb+0x241/0x4d0
[  463.008781][T10524]  ? genl_bind+0x360/0x360
[  463.013250][T10524]  ? netlink_ack+0x1180/0x1180
[  463.018069][T10524]  ? __lock_acquire+0x7d40/0x7d40
[  463.023142][T10524]  ? down_read+0x1ac/0x2e0
[  463.027602][T10524]  genl_rcv+0x28/0x40
[  463.031617][T10524]  netlink_unicast+0x751/0x8d0
[  463.036431][T10524]  netlink_sendmsg+0x8d0/0xbf0
[  463.041257][T10524]  ? netlink_getsockopt+0x590/0x590
[  463.046499][T10524]  ? aa_sock_msg_perm+0x94/0x150
[  463.051474][T10524]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  463.056806][T10524]  ? security_socket_sendmsg+0x80/0xa0
[  463.062299][T10524]  ? netlink_getsockopt+0x590/0x590
[  463.067541][T10524]  ____sys_sendmsg+0x5ba/0x960
[  463.072349][T10524]  ? __asan_memset+0x22/0x40
[  463.076980][T10524]  ? __sys_sendmsg_sock+0x30/0x30
[  463.082036][T10524]  ? __import_iovec+0x5f2/0x850
[  463.086932][T10524]  ? import_iovec+0x73/0xa0
[  463.091471][T10524]  ___sys_sendmsg+0x2a6/0x360
[  463.096190][T10524]  ? __sys_sendmsg+0x2a0/0x2a0
[  463.101057][T10524]  __se_sys_sendmsg+0x1c2/0x2b0
[  463.105943][T10524]  ? __x64_sys_sendmsg+0x80/0x80
[  463.110927][T10524]  ? lockdep_hardirqs_on+0x98/0x150
[  463.116168][T10524]  do_syscall_64+0x55/0xa0
[  463.120617][T10524]  ? clear_bhb_loop+0x40/0x90
[  463.125346][T10524]  ? clear_bhb_loop+0x40/0x90
[  463.130069][T10524]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  463.136015][T10524] RIP: 0033:0x7f204af9ce59
[  463.140462][T10524] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  463.160103][T10524] RSP: 002b:00007f204be6b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  463.168559][T10524] RAX: ffffffffffffffda RBX: 00007f204b216090 RCX: 00007f204af9ce59
[  463.176565][T10524] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  463.184562][T10524] RBP: 00007f204b032d6f R08: 0000000000000000 R09: 0000000000000000
[  463.192561][T10524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  463.200564][T10524] R13: 00007f204b216128 R14: 00007f204b216090 R15: 00007ffecc70c1e8
[  463.208588][T10524]  </TASK>
[  463.332334][T10520] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1569'.
[  463.387552][T10520] bridge_slave_1: default FDB implementation only supports local addresses
[  463.424752][T10516] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1566'.
[  463.570273][T10516] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  463.665909][T10516] CPU: 1 PID: 10516 Comm: syz.2.1566 Not tainted syzkaller #0
[  463.673436][T10516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  463.683524][T10516] Call Trace:
[  463.686830][T10516]  <TASK>
[  463.689792][T10516]  dump_stack_lvl+0x18c/0x250
[  463.694520][T10516]  ? show_regs_print_info+0x20/0x20
[  463.699772][T10516]  ? load_image+0x420/0x420
[  463.704336][T10516]  sysfs_warn_dup+0x8e/0xa0
[  463.708887][T10516]  sysfs_do_create_link_sd+0xc0/0x110
[  463.714297][T10516]  device_add_class_symlinks+0x1cf/0x240
[  463.719984][T10516]  device_add+0x507/0xc20
[  463.724366][T10516]  wiphy_register+0x1dad/0x2ae0
[  463.729278][T10516]  ? cfg80211_event_work+0x40/0x40
[  463.734430][T10516]  ? minstrel_ht_alloc+0x88a/0x990
[  463.739613][T10516]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  463.745759][T10516]  ieee80211_register_hw+0x3464/0x4250
[  463.751289][T10516]  ? ieee80211_tasklet_handler+0x20/0x20
[  463.756967][T10516]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  463.762897][T10516]  ? __debug_object_init+0xec/0x450
[  463.768144][T10516]  ? __asan_memset+0x22/0x40
[  463.772777][T10516]  ? __hrtimer_init+0x186/0x270
[  463.777670][T10516]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  463.783455][T10516]  ? mac80211_hwsim_free+0x220/0x220
[  463.788775][T10516]  ? rcu_is_watching+0x15/0xb0
[  463.793584][T10516]  ? kstrndup+0xbd/0x140
[  463.797869][T10516]  hwsim_new_radio_nl+0xdc9/0x1a90
[  463.803015][T10516]  ? mark_lock+0x94/0x320
[  463.807389][T10516]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  463.813456][T10516]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  463.819822][T10516]  ? lockdep_hardirqs_on+0x98/0x150
[  463.825071][T10516]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  463.831272][T10516]  ? genl_family_rcv_msg_attrs_parse+0x1ca/0x290
[  463.837646][T10516]  genl_family_rcv_msg_doit+0x211/0x310
[  463.843226][T10516]  ? end_current_label_crit_section+0x170/0x170
[  463.849523][T10516]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  463.855475][T10516]  ? bpf_lsm_capable+0x9/0x10
[  463.860200][T10516]  ? security_capable+0x89/0xb0
[  463.865102][T10516]  genl_rcv_msg+0x619/0x7a0
[  463.869650][T10516]  ? genl_bind+0x360/0x360
[  463.874112][T10516]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  463.880128][T10516]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  463.886509][T10516]  ? ref_tracker_free+0x690/0x840
[  463.891586][T10516]  netlink_rcv_skb+0x241/0x4d0
[  463.896390][T10516]  ? genl_bind+0x360/0x360
[  463.900842][T10516]  ? netlink_ack+0x1180/0x1180
[  463.905660][T10516]  ? __lock_acquire+0x7d40/0x7d40
[  463.910732][T10516]  ? down_read+0x1ac/0x2e0
[  463.915184][T10516]  genl_rcv+0x28/0x40
[  463.919204][T10516]  netlink_unicast+0x751/0x8d0
[  463.924039][T10516]  netlink_sendmsg+0x8d0/0xbf0
[  463.928858][T10516]  ? netlink_getsockopt+0x590/0x590
[  463.934099][T10516]  ? aa_sock_msg_perm+0x94/0x150
[  463.939073][T10516]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  463.944404][T10516]  ? security_socket_sendmsg+0x80/0xa0
[  463.949902][T10516]  ? netlink_getsockopt+0x590/0x590
[  463.955162][T10516]  ____sys_sendmsg+0x5ba/0x960
[  463.959969][T10516]  ? __asan_memset+0x22/0x40
[  463.964623][T10516]  ? __sys_sendmsg_sock+0x30/0x30
[  463.969692][T10516]  ? __import_iovec+0x5f2/0x850
[  463.974600][T10516]  ? import_iovec+0x73/0xa0
[  463.979143][T10516]  ___sys_sendmsg+0x2a6/0x360
[  463.983863][T10516]  ? __sys_sendmsg+0x2a0/0x2a0
[  463.988708][T10516]  __se_sys_sendmsg+0x1c2/0x2b0
[  463.993607][T10516]  ? __x64_sys_sendmsg+0x80/0x80
[  463.998601][T10516]  ? lockdep_hardirqs_on+0x98/0x150
[  464.003840][T10516]  do_syscall_64+0x55/0xa0
[  464.008289][T10516]  ? clear_bhb_loop+0x40/0x90
[  464.013007][T10516]  ? clear_bhb_loop+0x40/0x90
[  464.017720][T10516]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  464.023667][T10516] RIP: 0033:0x7f724f19ce59
[  464.028114][T10516] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  464.047751][T10516] RSP: 002b:00007f7250030028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  464.056201][T10516] RAX: ffffffffffffffda RBX: 00007f724f415fa0 RCX: 00007f724f19ce59
[  464.064207][T10516] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  464.072209][T10516] RBP: 00007f724f232d6f R08: 0000000000000000 R09: 0000000000000000
[  464.080221][T10516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  464.088227][T10516] R13: 00007f724f416038 R14: 00007f724f415fa0 R15: 00007ffc3e17e728
[  464.096249][T10516]  </TASK>
[  464.395702][T10552] delete_channel: no stack
[  464.404465][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  464.700306][T10556] netlink: 'syz.2.1574': attribute type 3 has an invalid length.
[  464.955334][T10543] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1571'.
[  465.017640][T10543] bridge_slave_1: default FDB implementation only supports local addresses
[  465.122932][T10559] delete_channel: no stack
[  467.509290][T10562] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1576'.
[  467.647902][T10562] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  467.684570][T10562] CPU: 1 PID: 10562 Comm: syz.1.1576 Not tainted syzkaller #0
[  467.692097][T10562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  467.702191][T10562] Call Trace:
[  467.705503][T10562]  <TASK>
[  467.708468][T10562]  dump_stack_lvl+0x18c/0x250
[  467.713210][T10562]  ? show_regs_print_info+0x20/0x20
[  467.718453][T10562]  ? load_image+0x420/0x420
[  467.723008][T10562]  sysfs_warn_dup+0x8e/0xa0
[  467.727552][T10562]  sysfs_do_create_link_sd+0xc0/0x110
[  467.732964][T10562]  device_add_class_symlinks+0x1cf/0x240
[  467.738644][T10562]  device_add+0x507/0xc20
[  467.743019][T10562]  wiphy_register+0x1dad/0x2ae0
[  467.747921][T10562]  ? cfg80211_event_work+0x40/0x40
[  467.753070][T10562]  ? minstrel_ht_alloc+0x88a/0x990
[  467.758425][T10562]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  467.764548][T10562]  ieee80211_register_hw+0x3464/0x4250
[  467.770086][T10562]  ? ieee80211_tasklet_handler+0x20/0x20
[  467.775771][T10562]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  467.781711][T10562]  ? __debug_object_init+0xec/0x450
[  467.786957][T10562]  ? __asan_memset+0x22/0x40
[  467.791589][T10562]  ? __hrtimer_init+0x186/0x270
[  467.796479][T10562]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  467.802257][T10562]  ? mac80211_hwsim_free+0x220/0x220
[  467.807578][T10562]  ? rcu_is_watching+0x15/0xb0
[  467.812380][T10562]  ? kstrndup+0xbd/0x140
[  467.816677][T10562]  hwsim_new_radio_nl+0xdc9/0x1a90
[  467.821818][T10562]  ? mark_lock+0x94/0x320
[  467.826181][T10562]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  467.832208][T10562]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  467.838567][T10562]  ? lockdep_hardirqs_on+0x98/0x150
[  467.843810][T10562]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  467.850035][T10562]  ? genl_family_rcv_msg_attrs_parse+0x1ca/0x290
[  467.856415][T10562]  genl_family_rcv_msg_doit+0x211/0x310
[  467.861994][T10562]  ? end_current_label_crit_section+0x170/0x170
[  467.868282][T10562]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  467.874216][T10562]  ? bpf_lsm_capable+0x9/0x10
[  467.878928][T10562]  ? security_capable+0x89/0xb0
[  467.883823][T10562]  genl_rcv_msg+0x619/0x7a0
[  467.888366][T10562]  ? genl_bind+0x360/0x360
[  467.892813][T10562]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  467.899173][T10562]  ? lockdep_hardirqs_on+0x98/0x150
[  467.904425][T10562]  netlink_rcv_skb+0x241/0x4d0
[  467.909251][T10562]  ? genl_bind+0x360/0x360
[  467.913711][T10562]  ? netlink_ack+0x1180/0x1180
[  467.918539][T10562]  ? genl_bind+0x360/0x360
[  467.922985][T10562]  ? netlink_rcv_skb+0x10/0x4d0
[  467.927880][T10562]  genl_rcv+0x28/0x40
[  467.931904][T10562]  netlink_unicast+0x751/0x8d0
[  467.936719][T10562]  netlink_sendmsg+0x8d0/0xbf0
[  467.941527][T10562]  ? lockdep_hardirqs_on+0x98/0x150
[  467.946767][T10562]  ? netlink_getsockopt+0x590/0x590
[  467.952007][T10562]  ? netlink_getsockopt+0x590/0x590
[  467.957263][T10562]  ? netlink_getsockopt+0x590/0x590
[  467.962504][T10562]  ____sys_sendmsg+0x5ba/0x960
[  467.967295][T10562]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  467.973493][T10562]  ? __asan_memset+0x22/0x40
[  467.978139][T10562]  ? __sys_sendmsg_sock+0x30/0x30
[  467.983190][T10562]  ? __import_iovec+0x5f2/0x850
[  467.988102][T10562]  ? import_iovec+0x73/0xa0
[  467.992653][T10562]  ___sys_sendmsg+0x2a6/0x360
[  467.997389][T10562]  ? __sys_sendmsg+0x2a0/0x2a0
[  468.002267][T10562]  __se_sys_sendmsg+0x1c2/0x2b0
[  468.007176][T10562]  ? __x64_sys_sendmsg+0x80/0x80
[  468.012162][T10562]  ? lockdep_hardirqs_on+0x98/0x150
[  468.017421][T10562]  ? __x64_sys_sendmsg+0x1d/0x80
[  468.022404][T10562]  ? __sanitizer_cov_trace_pc+0x8/0x60
[  468.027910][T10562]  do_syscall_64+0x55/0xa0
[  468.032362][T10562]  ? clear_bhb_loop+0x40/0x90
[  468.037081][T10562]  ? clear_bhb_loop+0x40/0x90
[  468.041806][T10562]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  468.047749][T10562] RIP: 0033:0x7f33e3f9ce59
[  468.052185][T10562] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  468.071808][T10562] RSP: 002b:00007f33e4e12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  468.080240][T10562] RAX: ffffffffffffffda RBX: 00007f33e4215fa0 RCX: 00007f33e3f9ce59
[  468.088228][T10562] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  468.096222][T10562] RBP: 00007f33e4032d6f R08: 0000000000000000 R09: 0000000000000000
[  468.104213][T10562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  468.112193][T10562] R13: 00007f33e4216038 R14: 00007f33e4215fa0 R15: 00007ffc3f78e1b8
[  468.120194][T10562]  </TASK>
[  468.977202][T10585] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1580'.
[  469.005108][T10585] bridge_slave_1: default FDB implementation only supports local addresses
[  469.099460][T10595] netlink: 'syz.0.1583': attribute type 3 has an invalid length.
[  469.207761][T10585] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1580'.
[  469.374911][T10585] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  469.428734][T10585] CPU: 1 PID: 10585 Comm: syz.3.1580 Not tainted syzkaller #0
[  469.436374][T10585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  469.446461][T10585] Call Trace:
[  469.449772][T10585]  <TASK>
[  469.452735][T10585]  dump_stack_lvl+0x18c/0x250
[  469.457455][T10585]  ? show_regs_print_info+0x20/0x20
[  469.462699][T10585]  ? load_image+0x420/0x420
[  469.467270][T10585]  sysfs_warn_dup+0x8e/0xa0
[  469.471807][T10585]  sysfs_do_create_link_sd+0xc0/0x110
[  469.477222][T10585]  device_add_class_symlinks+0x1cf/0x240
[  469.482902][T10585]  device_add+0x507/0xc20
[  469.487279][T10585]  wiphy_register+0x1dad/0x2ae0
[  469.492198][T10585]  ? cfg80211_event_work+0x40/0x40
[  469.497368][T10585]  ? minstrel_ht_alloc+0x88a/0x990
[  469.502534][T10585]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  469.508650][T10585]  ieee80211_register_hw+0x3464/0x4250
[  469.514154][T10585]  ? ieee80211_tasklet_handler+0x20/0x20
[  469.519810][T10585]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  469.525744][T10585]  ? __debug_object_init+0xec/0x450
[  469.530979][T10585]  ? __asan_memset+0x22/0x40
[  469.535594][T10585]  ? __hrtimer_init+0x186/0x270
[  469.540463][T10585]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  469.546218][T10585]  ? mac80211_hwsim_free+0x220/0x220
[  469.551538][T10585]  ? rcu_is_watching+0x15/0xb0
[  469.556334][T10585]  ? kstrndup+0xbd/0x140
[  469.560611][T10585]  hwsim_new_radio_nl+0xdc9/0x1a90
[  469.565763][T10585]  ? __nla_validate+0x50/0x50
[  469.570519][T10585]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  469.576896][T10585]  ? __nla_parse+0x40/0x50
[  469.581351][T10585]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  469.587724][T10585]  genl_family_rcv_msg_doit+0x211/0x310
[  469.593298][T10585]  ? end_current_label_crit_section+0x170/0x170
[  469.599596][T10585]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  469.605529][T10585]  ? bpf_lsm_capable+0x9/0x10
[  469.610256][T10585]  ? security_capable+0x89/0xb0
[  469.615164][T10585]  genl_rcv_msg+0x619/0x7a0
[  469.619705][T10585]  ? genl_bind+0x360/0x360
[  469.624150][T10585]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  469.630509][T10585]  ? ref_tracker_free+0x690/0x840
[  469.635581][T10585]  netlink_rcv_skb+0x241/0x4d0
[  469.640383][T10585]  ? genl_bind+0x360/0x360
[  469.644835][T10585]  ? netlink_ack+0x1180/0x1180
[  469.649657][T10585]  ? __lock_acquire+0x7d40/0x7d40
[  469.654733][T10585]  ? down_read+0x1ac/0x2e0
[  469.659178][T10585]  genl_rcv+0x28/0x40
[  469.663186][T10585]  netlink_unicast+0x751/0x8d0
[  469.667990][T10585]  netlink_sendmsg+0x8d0/0xbf0
[  469.672793][T10585]  ? netlink_getsockopt+0x590/0x590
[  469.678031][T10585]  ? aa_sock_msg_perm+0x94/0x150
[  469.683006][T10585]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  469.688322][T10585]  ? security_socket_sendmsg+0x80/0xa0
[  469.693816][T10585]  ? netlink_getsockopt+0x590/0x590
[  469.699076][T10585]  ____sys_sendmsg+0x5ba/0x960
[  469.703880][T10585]  ? __asan_memset+0x22/0x40
[  469.708504][T10585]  ? __sys_sendmsg_sock+0x30/0x30
[  469.713544][T10585]  ? __import_iovec+0x5f2/0x850
[  469.718438][T10585]  ? import_iovec+0x73/0xa0
[  469.722976][T10585]  ___sys_sendmsg+0x2a6/0x360
[  469.727694][T10585]  ? __sys_sendmsg+0x2a0/0x2a0
[  469.732533][T10585]  __se_sys_sendmsg+0x1c2/0x2b0
[  469.737412][T10585]  ? __x64_sys_sendmsg+0x80/0x80
[  469.742386][T10585]  ? lockdep_hardirqs_on+0x98/0x150
[  469.747613][T10585]  do_syscall_64+0x55/0xa0
[  469.752057][T10585]  ? clear_bhb_loop+0x40/0x90
[  469.756762][T10585]  ? clear_bhb_loop+0x40/0x90
[  469.761457][T10585]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  469.767374][T10585] RIP: 0033:0x7fde8dd9ce59
[  469.771814][T10585] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  469.791444][T10585] RSP: 002b:00007fde8bff6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  469.799886][T10585] RAX: ffffffffffffffda RBX: 00007fde8e016090 RCX: 00007fde8dd9ce59
[  469.807893][T10585] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  469.815885][T10585] RBP: 00007fde8de32d6f R08: 0000000000000000 R09: 0000000000000000
[  469.823883][T10585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  469.831876][T10585] R13: 00007fde8e016128 R14: 00007fde8e016090 R15: 00007ffe2abf6338
[  469.839884][T10585]  </TASK>
[  470.391864][T10597] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1582'.
[  470.429040][ T5777] Bluetooth: hci1: unexpected event 0x16 length: 15 > 6
[  470.559057][T10597] bridge_slave_1: default FDB implementation only supports local addresses
[  470.919229][T10592] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1582'.
[  470.959452][T10606] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1585'.
[  471.014579][T10606] bridge_slave_1: default FDB implementation only supports local addresses
[  471.171398][T10592] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  471.185291][T10592] CPU: 0 PID: 10592 Comm: syz.1.1582 Not tainted syzkaller #0
[  471.192885][T10592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  471.202966][T10592] Call Trace:
[  471.206274][T10592]  <TASK>
[  471.209240][T10592]  dump_stack_lvl+0x18c/0x250
[  471.213969][T10592]  ? show_regs_print_info+0x20/0x20
[  471.219202][T10592]  ? load_image+0x420/0x420
[  471.223758][T10592]  sysfs_warn_dup+0x8e/0xa0
[  471.228298][T10592]  sysfs_do_create_link_sd+0xc0/0x110
[  471.233704][T10592]  device_add_class_symlinks+0x1cf/0x240
[  471.239389][T10592]  device_add+0x507/0xc20
[  471.243761][T10592]  wiphy_register+0x1dad/0x2ae0
[  471.248674][T10592]  ? cfg80211_event_work+0x40/0x40
[  471.253839][T10592]  ? minstrel_ht_alloc+0x88a/0x990
[  471.259001][T10592]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  471.265108][T10592]  ieee80211_register_hw+0x3464/0x4250
[  471.270644][T10592]  ? ieee80211_tasklet_handler+0x20/0x20
[  471.276330][T10592]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  471.282263][T10592]  ? __debug_object_init+0xec/0x450
[  471.287521][T10592]  ? __asan_memset+0x22/0x40
[  471.292152][T10592]  ? __hrtimer_init+0x186/0x270
[  471.297047][T10592]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  471.302839][T10592]  ? mac80211_hwsim_free+0x220/0x220
[  471.308162][T10592]  ? rcu_is_watching+0x15/0xb0
[  471.312961][T10592]  ? kstrndup+0xbd/0x140
[  471.317235][T10592]  hwsim_new_radio_nl+0xdc9/0x1a90
[  471.322362][T10592]  ? __nla_validate+0x50/0x50
[  471.327071][T10592]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  471.333420][T10592]  ? __nla_parse+0x40/0x50
[  471.337867][T10592]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  471.344223][T10592]  genl_family_rcv_msg_doit+0x211/0x310
[  471.349793][T10592]  ? end_current_label_crit_section+0x170/0x170
[  471.356081][T10592]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  471.361999][T10592]  ? bpf_lsm_capable+0x9/0x10
[  471.366712][T10592]  ? security_capable+0x89/0xb0
[  471.371602][T10592]  genl_rcv_msg+0x619/0x7a0
[  471.376133][T10592]  ? genl_bind+0x360/0x360
[  471.380575][T10592]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  471.386930][T10592]  netlink_rcv_skb+0x241/0x4d0
[  471.391718][T10592]  ? genl_bind+0x360/0x360
[  471.396156][T10592]  ? netlink_ack+0x1180/0x1180
[  471.400960][T10592]  ? __lock_acquire+0x7d40/0x7d40
[  471.406011][T10592]  ? down_read+0x1ac/0x2e0
[  471.410447][T10592]  genl_rcv+0x28/0x40
[  471.414446][T10592]  netlink_unicast+0x751/0x8d0
[  471.419237][T10592]  netlink_sendmsg+0x8d0/0xbf0
[  471.424035][T10592]  ? netlink_getsockopt+0x590/0x590
[  471.429257][T10592]  ? aa_sock_msg_perm+0x94/0x150
[  471.434214][T10592]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  471.439516][T10592]  ? security_socket_sendmsg+0x80/0xa0
[  471.445008][T10592]  ? netlink_getsockopt+0x590/0x590
[  471.450246][T10592]  ____sys_sendmsg+0x5ba/0x960
[  471.455039][T10592]  ? __asan_memset+0x22/0x40
[  471.459664][T10592]  ? __sys_sendmsg_sock+0x30/0x30
[  471.464715][T10592]  ? __import_iovec+0x5f2/0x850
[  471.469590][T10592]  ? import_iovec+0x73/0xa0
[  471.474115][T10592]  ___sys_sendmsg+0x2a6/0x360
[  471.478824][T10592]  ? __sys_sendmsg+0x2a0/0x2a0
[  471.483636][T10592]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  471.489915][T10592]  __se_sys_sendmsg+0x1c2/0x2b0
[  471.494780][T10592]  ? hrtimer_interrupt+0x89a/0x9c0
[  471.499912][T10592]  ? __x64_sys_sendmsg+0x80/0x80
[  471.504882][T10592]  ? lockdep_hardirqs_on+0x98/0x150
[  471.510099][T10592]  do_syscall_64+0x55/0xa0
[  471.514531][T10592]  ? clear_bhb_loop+0x40/0x90
[  471.519251][T10592]  ? clear_bhb_loop+0x40/0x90
[  471.523951][T10592]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  471.529866][T10592] RIP: 0033:0x7f33e3f9ce59
[  471.534297][T10592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  471.553934][T10592] RSP: 002b:00007f33e4e12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  471.562371][T10592] RAX: ffffffffffffffda RBX: 00007f33e4215fa0 RCX: 00007f33e3f9ce59
[  471.570361][T10592] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  471.578348][T10592] RBP: 00007f33e4032d6f R08: 0000000000000000 R09: 0000000000000000
[  471.586338][T10592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  471.594329][T10592] R13: 00007f33e4216038 R14: 00007f33e4215fa0 R15: 00007ffc3f78e1b8
[  471.602331][T10592]  </TASK>
[  472.860973][T10603] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1585'.
[  472.932002][T10603] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  473.005337][T10603] CPU: 1 PID: 10603 Comm: syz.0.1585 Not tainted syzkaller #0
[  473.012858][T10603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  473.022952][T10603] Call Trace:
[  473.026285][T10603]  <TASK>
[  473.029238][T10603]  dump_stack_lvl+0x18c/0x250
[  473.033963][T10603]  ? show_regs_print_info+0x20/0x20
[  473.039209][T10603]  ? load_image+0x420/0x420
[  473.043774][T10603]  sysfs_warn_dup+0x8e/0xa0
[  473.048318][T10603]  sysfs_do_create_link_sd+0xc0/0x110
[  473.053726][T10603]  device_add_class_symlinks+0x1cf/0x240
[  473.059406][T10603]  device_add+0x507/0xc20
[  473.063776][T10603]  wiphy_register+0x1dad/0x2ae0
[  473.068708][T10603]  ? cfg80211_event_work+0x40/0x40
[  473.073876][T10603]  ? minstrel_ht_alloc+0x88a/0x990
[  473.079042][T10603]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  473.085159][T10603]  ieee80211_register_hw+0x3464/0x4250
[  473.090677][T10603]  ? ieee80211_tasklet_handler+0x20/0x20
[  473.096348][T10603]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  473.102276][T10603]  ? __debug_object_init+0xec/0x450
[  473.107515][T10603]  ? __asan_memset+0x22/0x40
[  473.111755][T10633] netlink: 'syz.2.1591': attribute type 1 has an invalid length.
[  473.112130][T10603]  ? __hrtimer_init+0x186/0x270
[  473.124760][T10603]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  473.130542][T10603]  ? mac80211_hwsim_free+0x220/0x220
[  473.135868][T10603]  ? rcu_is_watching+0x15/0xb0
[  473.140697][T10603]  ? kstrndup+0xbd/0x140
[  473.145002][T10603]  hwsim_new_radio_nl+0xdc9/0x1a90
[  473.145262][T10633] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1591'.
[  473.150140][T10603]  ? __nla_validate+0x50/0x50
[  473.150216][T10603]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  473.170514][T10603]  ? __nla_parse+0x40/0x50
[  473.174972][T10603]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  473.181342][T10603]  genl_family_rcv_msg_doit+0x211/0x310
[  473.186928][T10603]  ? end_current_label_crit_section+0x170/0x170
[  473.193230][T10603]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  473.199165][T10603]  ? bpf_lsm_capable+0x9/0x10
[  473.203878][T10603]  ? security_capable+0x89/0xb0
[  473.208799][T10603]  genl_rcv_msg+0x619/0x7a0
[  473.213348][T10603]  ? genl_bind+0x360/0x360
[  473.217809][T10603]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  473.224195][T10603]  netlink_rcv_skb+0x241/0x4d0
[  473.229005][T10603]  ? genl_bind+0x360/0x360
[  473.233459][T10603]  ? netlink_ack+0x1180/0x1180
[  473.238273][T10603]  ? __lock_acquire+0x7d40/0x7d40
[  473.243338][T10603]  ? down_read+0x1ac/0x2e0
[  473.247787][T10603]  genl_rcv+0x28/0x40
[  473.251798][T10603]  netlink_unicast+0x751/0x8d0
[  473.256605][T10603]  netlink_sendmsg+0x8d0/0xbf0
[  473.261406][T10603]  ? netlink_getsockopt+0x590/0x590
[  473.266627][T10603]  ? aa_sock_msg_perm+0x94/0x150
[  473.271585][T10603]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  473.276904][T10603]  ? security_socket_sendmsg+0x80/0xa0
[  473.282401][T10603]  ? netlink_getsockopt+0x590/0x590
[  473.287650][T10603]  ____sys_sendmsg+0x5ba/0x960
[  473.292464][T10603]  ? __asan_memset+0x22/0x40
[  473.297090][T10603]  ? __sys_sendmsg_sock+0x30/0x30
[  473.302136][T10603]  ? __import_iovec+0x5f2/0x850
[  473.307012][T10603]  ? import_iovec+0x73/0xa0
[  473.311560][T10603]  ___sys_sendmsg+0x2a6/0x360
[  473.316275][T10603]  ? __sys_sendmsg+0x2a0/0x2a0
[  473.321099][T10603]  __se_sys_sendmsg+0x1c2/0x2b0
[  473.325971][T10603]  ? __x64_sys_sendmsg+0x80/0x80
[  473.330937][T10603]  ? lockdep_hardirqs_on+0x98/0x150
[  473.336167][T10603]  do_syscall_64+0x55/0xa0
[  473.340614][T10603]  ? clear_bhb_loop+0x40/0x90
[  473.345332][T10603]  ? clear_bhb_loop+0x40/0x90
[  473.350045][T10603]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  473.355973][T10603] RIP: 0033:0x7f204af9ce59
[  473.360414][T10603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  473.380065][T10603] RSP: 002b:00007f204be8c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  473.388498][T10603] RAX: ffffffffffffffda RBX: 00007f204b215fa0 RCX: 00007f204af9ce59
[  473.396518][T10603] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  473.404507][T10603] RBP: 00007f204b032d6f R08: 0000000000000000 R09: 0000000000000000
[  473.412491][T10603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  473.420483][T10603] R13: 00007f204b216038 R14: 00007f204b215fa0 R15: 00007ffecc70c1e8
[  473.428491][T10603]  </TASK>
[  474.393523][T10639] delete_channel: no stack
[  475.051535][T10636] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1590'.
[  475.135065][T10636] bridge_slave_1: default FDB implementation only supports local addresses
[  475.255123][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  475.515561][T10636] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1590'.
[  475.819906][T10636] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  475.871594][T10636] CPU: 1 PID: 10636 Comm: syz.3.1590 Not tainted syzkaller #0
[  475.879131][T10636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  475.889226][T10636] Call Trace:
[  475.892542][T10636]  <TASK>
[  475.895507][T10636]  dump_stack_lvl+0x18c/0x250
[  475.900241][T10636]  ? show_regs_print_info+0x20/0x20
[  475.905512][T10636]  ? load_image+0x420/0x420
[  475.910071][T10636]  sysfs_warn_dup+0x8e/0xa0
[  475.914613][T10636]  sysfs_do_create_link_sd+0xc0/0x110
[  475.920026][T10636]  device_add_class_symlinks+0x1cf/0x240
[  475.925710][T10636]  device_add+0x507/0xc20
[  475.930083][T10636]  wiphy_register+0x1dad/0x2ae0
[  475.934990][T10636]  ? cfg80211_event_work+0x40/0x40
[  475.940143][T10636]  ? minstrel_ht_alloc+0x88a/0x990
[  475.945309][T10636]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  475.951434][T10636]  ieee80211_register_hw+0x3464/0x4250
[  475.956932][T10636]  ? ieee80211_tasklet_handler+0x20/0x20
[  475.962574][T10636]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  475.968485][T10636]  ? __debug_object_init+0xec/0x450
[  475.973706][T10636]  ? __asan_memset+0x22/0x40
[  475.978320][T10636]  ? __hrtimer_init+0x186/0x270
[  475.983192][T10636]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  475.988941][T10636]  ? mac80211_hwsim_free+0x220/0x220
[  475.994235][T10636]  ? rcu_is_watching+0x15/0xb0
[  475.999013][T10636]  ? kstrndup+0xbd/0x140
[  476.003276][T10636]  hwsim_new_radio_nl+0xdc9/0x1a90
[  476.008403][T10636]  ? mark_lock+0x94/0x320
[  476.012754][T10636]  ? mark_lock+0x94/0x320
[  476.017105][T10636]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  476.023454][T10636]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  476.029632][T10636]  ? lockdep_hardirqs_on+0x98/0x150
[  476.034864][T10636]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  476.041049][T10636]  ? genl_family_rcv_msg_doit+0x1e5/0x310
[  476.046800][T10636]  genl_family_rcv_msg_doit+0x211/0x310
[  476.052367][T10636]  ? end_current_label_crit_section+0x170/0x170
[  476.058644][T10636]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  476.064582][T10636]  ? bpf_lsm_capable+0x9/0x10
[  476.069288][T10636]  ? security_capable+0x89/0xb0
[  476.074180][T10636]  genl_rcv_msg+0x619/0x7a0
[  476.078701][T10636]  ? genl_bind+0x360/0x360
[  476.083127][T10636]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  476.089475][T10636]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  476.096111][T10636]  netlink_rcv_skb+0x241/0x4d0
[  476.100902][T10636]  ? genl_bind+0x360/0x360
[  476.105331][T10636]  ? netlink_ack+0x1180/0x1180
[  476.110121][T10636]  ? __lock_acquire+0x7d40/0x7d40
[  476.115178][T10636]  ? down_read+0x1ac/0x2e0
[  476.119623][T10636]  genl_rcv+0x28/0x40
[  476.123629][T10636]  netlink_unicast+0x751/0x8d0
[  476.128442][T10636]  netlink_sendmsg+0x8d0/0xbf0
[  476.133235][T10636]  ? netlink_getsockopt+0x590/0x590
[  476.138455][T10636]  ? aa_sock_msg_perm+0x94/0x150
[  476.143420][T10636]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  476.148721][T10636]  ? security_socket_sendmsg+0x80/0xa0
[  476.154191][T10636]  ? netlink_getsockopt+0x590/0x590
[  476.159414][T10636]  ____sys_sendmsg+0x5ba/0x960
[  476.164195][T10636]  ? __asan_memset+0x22/0x40
[  476.168834][T10636]  ? __sys_sendmsg_sock+0x30/0x30
[  476.173874][T10636]  ? __import_iovec+0x5f2/0x850
[  476.178742][T10636]  ? import_iovec+0x73/0xa0
[  476.183259][T10636]  ___sys_sendmsg+0x2a6/0x360
[  476.187957][T10636]  ? __sys_sendmsg+0x2a0/0x2a0
[  476.192767][T10636]  __se_sys_sendmsg+0x1c2/0x2b0
[  476.197635][T10636]  ? __x64_sys_sendmsg+0x80/0x80
[  476.202605][T10636]  ? lockdep_hardirqs_on+0x98/0x150
[  476.207829][T10636]  do_syscall_64+0x55/0xa0
[  476.212255][T10636]  ? clear_bhb_loop+0x40/0x90
[  476.216947][T10636]  ? clear_bhb_loop+0x40/0x90
[  476.221648][T10636]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  476.227556][T10636] RIP: 0033:0x7fde8dd9ce59
[  476.231981][T10636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  476.251600][T10636] RSP: 002b:00007fde8eb89028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  476.260035][T10636] RAX: ffffffffffffffda RBX: 00007fde8e015fa0 RCX: 00007fde8dd9ce59
[  476.268021][T10636] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  476.276009][T10636] RBP: 00007fde8de32d6f R08: 0000000000000000 R09: 0000000000000000
[  476.283996][T10636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  476.291980][T10636] R13: 00007fde8e016038 R14: 00007fde8e015fa0 R15: 00007ffe2abf6338
[  476.299990][T10636]  </TASK>
[  476.754333][T10663] delete_channel: no stack
[  478.552884][T10679] netlink: 'syz.1.1600': attribute type 3 has an invalid length.
[  480.063938][ T5777] Bluetooth: hci0: unexpected event 0x16 length: 15 > 6
[  480.430043][T10697] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1601'.
[  480.575181][T10697] bridge_slave_1: default FDB implementation only supports local addresses
[  480.979280][T10711] delete_channel: no stack
[  481.039646][T10685] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1601'.
[  481.197633][T10685] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  481.218670][T10685] CPU: 0 PID: 10685 Comm: syz.3.1601 Not tainted syzkaller #0
[  481.226175][T10685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  481.236260][T10685] Call Trace:
[  481.239573][T10685]  <TASK>
[  481.242537][T10685]  dump_stack_lvl+0x18c/0x250
[  481.247264][T10685]  ? show_regs_print_info+0x20/0x20
[  481.252505][T10685]  ? load_image+0x420/0x420
[  481.257057][T10685]  sysfs_warn_dup+0x8e/0xa0
[  481.261587][T10685]  sysfs_do_create_link_sd+0xc0/0x110
[  481.266993][T10685]  device_add_class_symlinks+0x1cf/0x240
[  481.272667][T10685]  device_add+0x507/0xc20
[  481.277043][T10685]  wiphy_register+0x1dad/0x2ae0
[  481.281966][T10685]  ? cfg80211_event_work+0x40/0x40
[  481.287119][T10685]  ? minstrel_ht_alloc+0x88a/0x990
[  481.292291][T10685]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  481.298417][T10685]  ieee80211_register_hw+0x3464/0x4250
[  481.303938][T10685]  ? ieee80211_tasklet_handler+0x20/0x20
[  481.309630][T10685]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  481.315574][T10685]  ? __debug_object_init+0xec/0x450
[  481.320805][T10685]  ? __asan_memset+0x22/0x40
[  481.325423][T10685]  ? __hrtimer_init+0x186/0x270
[  481.330306][T10685]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  481.336065][T10685]  ? mac80211_hwsim_free+0x220/0x220
[  481.341360][T10685]  ? rcu_is_watching+0x15/0xb0
[  481.346145][T10685]  ? kstrndup+0xbd/0x140
[  481.350417][T10685]  hwsim_new_radio_nl+0xdc9/0x1a90
[  481.355559][T10685]  ? mark_lock+0x94/0x320
[  481.359921][T10685]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  481.366284][T10685]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  481.372458][T10685]  ? lockdep_hardirqs_on+0x98/0x150
[  481.377681][T10685]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  481.383863][T10685]  genl_family_rcv_msg_doit+0x211/0x310
[  481.389426][T10685]  ? end_current_label_crit_section+0x170/0x170
[  481.395695][T10685]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  481.401613][T10685]  ? bpf_lsm_capable+0x9/0x10
[  481.406307][T10685]  ? security_capable+0x89/0xb0
[  481.411188][T10685]  genl_rcv_msg+0x619/0x7a0
[  481.415718][T10685]  ? genl_bind+0x360/0x360
[  481.420155][T10685]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  481.426176][T10685]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  481.432530][T10685]  ? ref_tracker_free+0x690/0x840
[  481.437576][T10685]  netlink_rcv_skb+0x241/0x4d0
[  481.442372][T10685]  ? genl_bind+0x360/0x360
[  481.446807][T10685]  ? netlink_ack+0x1180/0x1180
[  481.451599][T10685]  ? __lock_acquire+0x7d40/0x7d40
[  481.456647][T10685]  ? down_read+0x1ac/0x2e0
[  481.461080][T10685]  genl_rcv+0x28/0x40
[  481.465080][T10685]  netlink_unicast+0x751/0x8d0
[  481.469883][T10685]  netlink_sendmsg+0x8d0/0xbf0
[  481.474687][T10685]  ? netlink_getsockopt+0x590/0x590
[  481.479917][T10685]  ? aa_sock_msg_perm+0x94/0x150
[  481.484885][T10685]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  481.490196][T10685]  ? security_socket_sendmsg+0x80/0xa0
[  481.495674][T10685]  ? netlink_getsockopt+0x590/0x590
[  481.500901][T10685]  ____sys_sendmsg+0x5ba/0x960
[  481.505697][T10685]  ? __asan_memset+0x22/0x40
[  481.510309][T10685]  ? __sys_sendmsg_sock+0x30/0x30
[  481.515344][T10685]  ? __import_iovec+0x5f2/0x850
[  481.520221][T10685]  ? import_iovec+0x73/0xa0
[  481.524744][T10685]  ___sys_sendmsg+0x2a6/0x360
[  481.529440][T10685]  ? __sys_sendmsg+0x2a0/0x2a0
[  481.534276][T10685]  __se_sys_sendmsg+0x1c2/0x2b0
[  481.539151][T10685]  ? __x64_sys_sendmsg+0x80/0x80
[  481.544120][T10685]  ? lockdep_hardirqs_on+0x98/0x150
[  481.549348][T10685]  do_syscall_64+0x55/0xa0
[  481.553781][T10685]  ? clear_bhb_loop+0x40/0x90
[  481.558482][T10685]  ? clear_bhb_loop+0x40/0x90
[  481.563188][T10685]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  481.569099][T10685] RIP: 0033:0x7fde8dd9ce59
[  481.573527][T10685] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  481.593147][T10685] RSP: 002b:00007fde8eb89028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  481.601579][T10685] RAX: ffffffffffffffda RBX: 00007fde8e015fa0 RCX: 00007fde8dd9ce59
[  481.609584][T10685] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  481.617569][T10685] RBP: 00007fde8de32d6f R08: 0000000000000000 R09: 0000000000000000
[  481.625553][T10685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.633540][T10685] R13: 00007fde8e016038 R14: 00007fde8e015fa0 R15: 00007ffe2abf6338
[  481.641537][T10685]  </TASK>
[  481.858602][T10715] delete_channel: no stack
[  482.937180][T10723] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.1607'.
[  483.068208][T10723] bridge_slave_1: default FDB implementation only supports local addresses
[  483.554721][T10723] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1607'.
[  483.579284][T10723] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  483.605141][T10723] CPU: 0 PID: 10723 Comm: syz.2.1607 Not tainted syzkaller #0
[  483.612661][T10723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  483.622755][T10723] Call Trace:
[  483.626058][T10723]  <TASK>
[  483.629021][T10723]  dump_stack_lvl+0x18c/0x250
[  483.633752][T10723]  ? show_regs_print_info+0x20/0x20
[  483.638994][T10723]  ? load_image+0x420/0x420
[  483.643565][T10723]  sysfs_warn_dup+0x8e/0xa0
[  483.648097][T10723]  sysfs_do_create_link_sd+0xc0/0x110
[  483.653503][T10723]  device_add_class_symlinks+0x1cf/0x240
[  483.659176][T10723]  device_add+0x507/0xc20
[  483.663543][T10723]  wiphy_register+0x1dad/0x2ae0
[  483.668449][T10723]  ? cfg80211_event_work+0x40/0x40
[  483.673611][T10723]  ? minstrel_ht_alloc+0x88a/0x990
[  483.678784][T10723]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  483.684897][T10723]  ieee80211_register_hw+0x3464/0x4250
[  483.690413][T10723]  ? ieee80211_tasklet_handler+0x20/0x20
[  483.696081][T10723]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  483.702011][T10723]  ? __debug_object_init+0xec/0x450
[  483.707256][T10723]  ? __asan_memset+0x22/0x40
[  483.711884][T10723]  ? __hrtimer_init+0x186/0x270
[  483.716773][T10723]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  483.722552][T10723]  ? mac80211_hwsim_free+0x220/0x220
[  483.727864][T10723]  ? rcu_is_watching+0x15/0xb0
[  483.732659][T10723]  ? kstrndup+0xbd/0x140
[  483.736964][T10723]  hwsim_new_radio_nl+0xdc9/0x1a90
[  483.742107][T10723]  ? __nla_validate+0x50/0x50
[  483.746822][T10723]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  483.753185][T10723]  ? __nla_parse+0x40/0x50
[  483.757635][T10723]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  483.763997][T10723]  genl_family_rcv_msg_doit+0x211/0x310
[  483.769604][T10723]  ? end_current_label_crit_section+0x170/0x170
[  483.775886][T10723]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  483.781813][T10723]  ? bpf_lsm_capable+0x9/0x10
[  483.786527][T10723]  ? security_capable+0x89/0xb0
[  483.791420][T10723]  genl_rcv_msg+0x619/0x7a0
[  483.795955][T10723]  ? genl_bind+0x360/0x360
[  483.800399][T10723]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  483.806758][T10723]  ? ref_tracker_free+0x690/0x840
[  483.811818][T10723]  netlink_rcv_skb+0x241/0x4d0
[  483.816621][T10723]  ? genl_bind+0x360/0x360
[  483.821061][T10723]  ? netlink_ack+0x1180/0x1180
[  483.825865][T10723]  ? __lock_acquire+0x7d40/0x7d40
[  483.830923][T10723]  ? down_read+0x1ac/0x2e0
[  483.835362][T10723]  genl_rcv+0x28/0x40
[  483.839369][T10723]  netlink_unicast+0x751/0x8d0
[  483.844176][T10723]  netlink_sendmsg+0x8d0/0xbf0
[  483.848979][T10723]  ? netlink_getsockopt+0x590/0x590
[  483.854208][T10723]  ? aa_sock_msg_perm+0x94/0x150
[  483.859180][T10723]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  483.864486][T10723]  ? security_socket_sendmsg+0x80/0xa0
[  483.869975][T10723]  ? netlink_getsockopt+0x590/0x590
[  483.875209][T10723]  ____sys_sendmsg+0x5ba/0x960
[  483.880003][T10723]  ? __asan_memset+0x22/0x40
[  483.884623][T10723]  ? __sys_sendmsg_sock+0x30/0x30
[  483.889669][T10723]  ? __import_iovec+0x5f2/0x850
[  483.894572][T10723]  ? import_iovec+0x73/0xa0
[  483.899100][T10723]  ___sys_sendmsg+0x2a6/0x360
[  483.903810][T10723]  ? __sys_sendmsg+0x2a0/0x2a0
[  483.908641][T10723]  __se_sys_sendmsg+0x1c2/0x2b0
[  483.913517][T10723]  ? __x64_sys_sendmsg+0x80/0x80
[  483.918486][T10723]  ? lockdep_hardirqs_on+0x98/0x150
[  483.923730][T10723]  do_syscall_64+0x55/0xa0
[  483.928167][T10723]  ? clear_bhb_loop+0x40/0x90
[  483.932867][T10723]  ? clear_bhb_loop+0x40/0x90
[  483.937570][T10723]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  483.943492][T10723] RIP: 0033:0x7f724f19ce59
[  483.947932][T10723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  483.967563][T10723] RSP: 002b:00007f724ffee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  483.976017][T10723] RAX: ffffffffffffffda RBX: 00007f724f416180 RCX: 00007f724f19ce59
[  483.984009][T10723] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  483.992004][T10723] RBP: 00007f724f232d6f R08: 0000000000000000 R09: 0000000000000000
[  483.999998][T10723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  484.007992][T10723] R13: 00007f724f416218 R14: 00007f724f416180 R15: 00007ffc3e17e728
[  484.016008][T10723]  </TASK>
[  484.247790][T10731] netlink: 'syz.1.1611': attribute type 3 has an invalid length.
[  484.634918][T10742] netlink: 'syz.1.1616': attribute type 1 has an invalid length.
[  484.644320][T10742] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1616'.
[  484.708161][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  485.439091][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  486.540365][T10768] netlink: 'syz.3.1619': attribute type 1 has an invalid length.
[  486.595234][T10768] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1619'.
[  486.745821][T10774] delete_channel: no stack
[  486.963362][T10778] netlink: 'syz.3.1621': attribute type 3 has an invalid length.
[  488.173617][T10775] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.1618'.
[  488.283773][T10775] bridge_slave_1: default FDB implementation only supports local addresses
[  488.699725][T10775] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1618'.
[  488.921477][T10775] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  489.035275][T10775] CPU: 0 PID: 10775 Comm: syz.2.1618 Not tainted syzkaller #0
[  489.042795][T10775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  489.052882][T10775] Call Trace:
[  489.056208][T10775]  <TASK>
[  489.059172][T10775]  dump_stack_lvl+0x18c/0x250
[  489.063914][T10775]  ? show_regs_print_info+0x20/0x20
[  489.069164][T10775]  ? load_image+0x420/0x420
[  489.073733][T10775]  sysfs_warn_dup+0x8e/0xa0
[  489.078272][T10775]  sysfs_do_create_link_sd+0xc0/0x110
[  489.083674][T10775]  device_add_class_symlinks+0x1cf/0x240
[  489.089354][T10775]  device_add+0x507/0xc20
[  489.093757][T10775]  wiphy_register+0x1dad/0x2ae0
[  489.098672][T10775]  ? cfg80211_event_work+0x40/0x40
[  489.103824][T10775]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  489.110027][T10775]  ? ieee80211_register_hw+0x3299/0x4250
[  489.115708][T10775]  ieee80211_register_hw+0x3464/0x4250
[  489.121244][T10775]  ? ieee80211_tasklet_handler+0x20/0x20
[  489.126913][T10775]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  489.132849][T10775]  ? __debug_object_init+0xec/0x450
[  489.138136][T10775]  ? __asan_memset+0x22/0x40
[  489.142784][T10775]  ? __hrtimer_init+0x186/0x270
[  489.147690][T10775]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  489.153481][T10775]  ? mac80211_hwsim_free+0x220/0x220
[  489.158802][T10775]  ? rcu_is_watching+0x15/0xb0
[  489.163595][T10775]  ? kstrndup+0xbd/0x140
[  489.167883][T10775]  hwsim_new_radio_nl+0xdc9/0x1a90
[  489.173028][T10775]  ? __nla_validate+0x50/0x50
[  489.177735][T10775]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  489.184090][T10775]  ? __nla_parse+0x40/0x50
[  489.188534][T10775]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  489.194884][T10775]  genl_family_rcv_msg_doit+0x211/0x310
[  489.200450][T10775]  ? end_current_label_crit_section+0x170/0x170
[  489.206725][T10775]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  489.212639][T10775]  ? bpf_lsm_capable+0x9/0x10
[  489.217334][T10775]  ? security_capable+0x89/0xb0
[  489.222213][T10775]  genl_rcv_msg+0x619/0x7a0
[  489.226736][T10775]  ? genl_bind+0x360/0x360
[  489.231172][T10775]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  489.237528][T10775]  ? lockdep_hardirqs_on+0x98/0x150
[  489.242756][T10775]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  489.248933][T10775]  netlink_rcv_skb+0x241/0x4d0
[  489.253728][T10775]  ? genl_bind+0x360/0x360
[  489.258186][T10775]  ? netlink_ack+0x1180/0x1180
[  489.262995][T10775]  ? __lock_acquire+0x7d40/0x7d40
[  489.268059][T10775]  ? down_read+0x1ac/0x2e0
[  489.272511][T10775]  genl_rcv+0x28/0x40
[  489.276531][T10775]  netlink_unicast+0x751/0x8d0
[  489.281341][T10775]  netlink_sendmsg+0x8d0/0xbf0
[  489.286174][T10775]  ? netlink_getsockopt+0x590/0x590
[  489.291413][T10775]  ? aa_sock_msg_perm+0x94/0x150
[  489.296383][T10775]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  489.301691][T10775]  ? security_socket_sendmsg+0x80/0xa0
[  489.307196][T10775]  ? netlink_getsockopt+0x590/0x590
[  489.312438][T10775]  ____sys_sendmsg+0x5ba/0x960
[  489.317245][T10775]  ? __asan_memset+0x22/0x40
[  489.321864][T10775]  ? __sys_sendmsg_sock+0x30/0x30
[  489.326907][T10775]  ? __import_iovec+0x5f2/0x850
[  489.331787][T10775]  ? import_iovec+0x73/0xa0
[  489.336312][T10775]  ___sys_sendmsg+0x2a6/0x360
[  489.341023][T10775]  ? __sys_sendmsg+0x2a0/0x2a0
[  489.345854][T10775]  __se_sys_sendmsg+0x1c2/0x2b0
[  489.350730][T10775]  ? __x64_sys_sendmsg+0x80/0x80
[  489.355720][T10775]  ? lockdep_hardirqs_on+0x98/0x150
[  489.360958][T10775]  do_syscall_64+0x55/0xa0
[  489.365400][T10775]  ? clear_bhb_loop+0x40/0x90
[  489.370117][T10775]  ? clear_bhb_loop+0x40/0x90
[  489.374827][T10775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  489.380760][T10775] RIP: 0033:0x7f724f19ce59
[  489.385232][T10775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  489.404879][T10775] RSP: 002b:00007f7250030028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  489.413321][T10775] RAX: ffffffffffffffda RBX: 00007f724f415fa0 RCX: 00007f724f19ce59
[  489.421326][T10775] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  489.429333][T10775] RBP: 00007f724f232d6f R08: 0000000000000000 R09: 0000000000000000
[  489.437326][T10775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  489.445321][T10775] R13: 00007f724f416038 R14: 00007f724f415fa0 R15: 00007ffc3e17e728
[  489.453327][T10775]  </TASK>
[  489.646565][ T5777] Bluetooth: hci2: unexpected event 0x16 length: 15 > 6
[  490.258651][T10802] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1623'.
[  490.335201][T10802] bridge_slave_1: default FDB implementation only supports local addresses
[  490.907974][T10802] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1623'.
[  490.999853][T10802] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  491.115085][T10802] CPU: 0 PID: 10802 Comm: syz.1.1623 Not tainted syzkaller #0
[  491.122610][T10802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  491.132699][T10802] Call Trace:
[  491.136060][T10802]  <TASK>
[  491.139033][T10802]  dump_stack_lvl+0x18c/0x250
[  491.143757][T10802]  ? show_regs_print_info+0x20/0x20
[  491.149005][T10802]  ? load_image+0x420/0x420
[  491.153575][T10802]  sysfs_warn_dup+0x8e/0xa0
[  491.158113][T10802]  sysfs_do_create_link_sd+0xc0/0x110
[  491.163548][T10802]  device_add_class_symlinks+0x1cf/0x240
[  491.169208][T10802]  device_add+0x507/0xc20
[  491.173560][T10802]  wiphy_register+0x1dad/0x2ae0
[  491.178447][T10802]  ? cfg80211_event_work+0x40/0x40
[  491.183580][T10802]  ? minstrel_ht_alloc+0x88a/0x990
[  491.188723][T10802]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  491.194809][T10802]  ieee80211_register_hw+0x3464/0x4250
[  491.200309][T10802]  ? ieee80211_tasklet_handler+0x20/0x20
[  491.205970][T10802]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  491.211887][T10802]  ? __debug_object_init+0xec/0x450
[  491.217118][T10802]  ? __asan_memset+0x22/0x40
[  491.221727][T10802]  ? __hrtimer_init+0x186/0x270
[  491.226625][T10802]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  491.232385][T10802]  ? mac80211_hwsim_free+0x220/0x220
[  491.237725][T10802]  ? rcu_is_watching+0x15/0xb0
[  491.242582][T10802]  ? kstrndup+0xbd/0x140
[  491.246871][T10802]  hwsim_new_radio_nl+0xdc9/0x1a90
[  491.252019][T10802]  ? __nla_validate+0x50/0x50
[  491.256737][T10802]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  491.263110][T10802]  ? __nla_parse+0x40/0x50
[  491.267574][T10802]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  491.273945][T10802]  genl_family_rcv_msg_doit+0x211/0x310
[  491.279543][T10802]  ? end_current_label_crit_section+0x170/0x170
[  491.285819][T10802]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  491.291741][T10802]  ? bpf_lsm_capable+0x9/0x10
[  491.296451][T10802]  ? security_capable+0x89/0xb0
[  491.301337][T10802]  genl_rcv_msg+0x619/0x7a0
[  491.305872][T10802]  ? genl_bind+0x360/0x360
[  491.310323][T10802]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  491.316683][T10802]  ? ref_tracker_free+0x690/0x840
[  491.321738][T10802]  netlink_rcv_skb+0x241/0x4d0
[  491.326532][T10802]  ? genl_bind+0x360/0x360
[  491.330966][T10802]  ? netlink_ack+0x1180/0x1180
[  491.335777][T10802]  ? __lock_acquire+0x7d40/0x7d40
[  491.340833][T10802]  ? down_read+0x1ac/0x2e0
[  491.345279][T10802]  genl_rcv+0x28/0x40
[  491.349291][T10802]  netlink_unicast+0x751/0x8d0
[  491.354096][T10802]  netlink_sendmsg+0x8d0/0xbf0
[  491.358894][T10802]  ? netlink_getsockopt+0x590/0x590
[  491.364137][T10802]  ? aa_sock_msg_perm+0x94/0x150
[  491.369110][T10802]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  491.374442][T10802]  ? security_socket_sendmsg+0x80/0xa0
[  491.379943][T10802]  ? netlink_getsockopt+0x590/0x590
[  491.385192][T10802]  ____sys_sendmsg+0x5ba/0x960
[  491.390002][T10802]  ? __asan_memset+0x22/0x40
[  491.394630][T10802]  ? __sys_sendmsg_sock+0x30/0x30
[  491.399679][T10802]  ? __import_iovec+0x5f2/0x850
[  491.404562][T10802]  ? import_iovec+0x73/0xa0
[  491.409090][T10802]  ___sys_sendmsg+0x2a6/0x360
[  491.413810][T10802]  ? __sys_sendmsg+0x2a0/0x2a0
[  491.418661][T10802]  __se_sys_sendmsg+0x1c2/0x2b0
[  491.423541][T10802]  ? __x64_sys_sendmsg+0x80/0x80
[  491.428521][T10802]  ? lockdep_hardirqs_on+0x98/0x150
[  491.433745][T10802]  do_syscall_64+0x55/0xa0
[  491.438189][T10802]  ? clear_bhb_loop+0x40/0x90
[  491.442894][T10802]  ? clear_bhb_loop+0x40/0x90
[  491.447604][T10802]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  491.453533][T10802] RIP: 0033:0x7f33e3f9ce59
[  491.457987][T10802] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  491.477647][T10802] RSP: 002b:00007f33e4df1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  491.486091][T10802] RAX: ffffffffffffffda RBX: 00007f33e4216090 RCX: 00007f33e3f9ce59
[  491.494084][T10802] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  491.502077][T10802] RBP: 00007f33e4032d6f R08: 0000000000000000 R09: 0000000000000000
[  491.510074][T10802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  491.518072][T10802] R13: 00007f33e4216128 R14: 00007f33e4216090 R15: 00007ffc3f78e1b8
[  491.526081][T10802]  </TASK>
[  492.517440][T10825] netlink: 'syz.3.1632': attribute type 1 has an invalid length.
[  492.603344][T10825] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1632'.
[  492.799229][T10830] delete_channel: no stack
[  493.339407][T10838] netlink: 'syz.2.1636': attribute type 1 has an invalid length.
[  493.376945][T10823] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1631'.
[  493.409035][T10838] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1636'.
[  493.492013][T10823] bridge_slave_1: default FDB implementation only supports local addresses
[  495.874744][T10851] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1637'.
[  495.958776][T10851] bridge_slave_1: default FDB implementation only supports local addresses
[  496.657152][T10876] netlink: 'syz.0.1643': attribute type 1 has an invalid length.
[  496.698282][T10876] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1643'.
[  497.058523][T10884] netlink: 'syz.3.1645': attribute type 3 has an invalid length.
[  497.348085][T10887] netlink: 'syz.0.1654': attribute type 1 has an invalid length.
[  497.375104][T10887] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1654'.
[  497.549598][T10892] delete_channel: no stack
[  500.496229][T10922] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1652'.
[  500.687989][T10922] bridge_slave_1: default FDB implementation only supports local addresses
[  500.890448][T10926] netlink: 'syz.3.1655': attribute type 3 has an invalid length.
[  501.721368][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  501.732729][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  502.236902][T10936] netlink: 'syz.1.1658': attribute type 1 has an invalid length.
[  502.268563][T10936] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1658'.
[  503.248297][T10951] netlink: 'syz.1.1662': attribute type 3 has an invalid length.
[  504.861614][T10944] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1661'.
[  504.915441][T10944] bridge_slave_1: default FDB implementation only supports local addresses
[  506.116042][T10974] netlink: 'syz.0.1666': attribute type 3 has an invalid length.
[  506.661299][T10979] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.1664'.
[  506.855874][T10979] bridge_slave_1: default FDB implementation only supports local addresses
[  507.770327][T10982] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1665'.
[  507.855790][T10982] bridge_slave_1: default FDB implementation only supports local addresses
[  510.307251][T11009] netlink: 'syz.0.1674': attribute type 1 has an invalid length.
[  510.355270][T11009] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1674'.
[  511.102794][T10996] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1672'.
[  511.167472][T10996] bridge_slave_1: default FDB implementation only supports local addresses
[  516.403521][T11050] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1681'.
[  516.453558][T11050] bridge_slave_1: default FDB implementation only supports local addresses
[  516.834688][T11055] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1682'.
[  516.863404][T11055] bridge_slave_1: default FDB implementation only supports local addresses
[  517.016828][T11046] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1679'.
[  517.098063][T11070] delete_channel: no stack
[  517.134011][T11046] bridge_slave_1: default FDB implementation only supports local addresses
[  522.536792][T11113] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1693'.
[  522.594427][T11113] bridge_slave_1: default FDB implementation only supports local addresses
[  524.544450][T11124] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1694'.
[  524.565254][T11124] bridge_slave_1: default FDB implementation only supports local addresses
[  524.851270][T11141] delete_channel: no stack
[  525.541471][T11155] delete_channel: no stack
[  526.679130][T11173] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1707'.
[  527.653001][T11184] delete_channel: no stack
[  528.817257][T11213] netlink: 'syz.1.1717': attribute type 1 has an invalid length.
[  528.841270][T11213] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1717'.
[  529.212225][T11223] netlink: 'syz.0.1728': attribute type 1 has an invalid length.
[  529.224037][T11223] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1728'.
[  529.658944][ T5777] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  530.028121][T11232] delete_channel: no stack
[  531.068014][T11254] netlink: 'syz.1.1726': attribute type 8 has an invalid length.
[  531.095102][T11254] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1726'.
[  531.122137][T11254] FAULT_INJECTION: forcing a failure.
[  531.122137][T11254] name failslab, interval 1, probability 0, space 0, times 0
[  531.159037][T11254] CPU: 0 PID: 11254 Comm: syz.1.1726 Not tainted syzkaller #0
[  531.166553][T11254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  531.176632][T11254] Call Trace:
[  531.179937][T11254]  <TASK>
[  531.182892][T11254]  dump_stack_lvl+0x18c/0x250
[  531.187615][T11254]  ? show_regs_print_info+0x20/0x20
[  531.192853][T11254]  ? load_image+0x420/0x420
[  531.197407][T11254]  should_fail_ex+0x39d/0x4d0
[  531.202143][T11254]  should_failslab+0x9/0x20
[  531.206694][T11254]  slab_pre_alloc_hook+0x59/0x310
[  531.211768][T11254]  kmem_cache_alloc+0x5a/0x2d0
[  531.216574][T11254]  ? skb_clone+0x1eb/0x370
[  531.221028][T11254]  skb_clone+0x1eb/0x370
[  531.225306][T11254]  __netlink_deliver_tap+0x41c/0x830
[  531.230659][T11254]  ? netlink_deliver_tap+0x2e/0x1b0
[  531.235900][T11254]  netlink_deliver_tap+0x19c/0x1b0
[  531.241057][T11254]  netlink_dump+0x94b/0xe50
[  531.245625][T11254]  ? netlink_lookup+0x200/0x200
[  531.250545][T11254]  ? netlink_autobind+0x300/0x300
[  531.255749][T11254]  ? netlink_lookup+0x30/0x200
[  531.260568][T11254]  ? netlink_lookup+0x30/0x200
[  531.265384][T11254]  __netlink_dump_start+0x5f1/0x810
[  531.270624][T11254]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  531.275774][T11254]  rtnetlink_rcv_msg+0xe1d/0xfa0
[  531.280762][T11254]  ? neigh_get+0xd80/0xd80
[  531.285230][T11254]  ? rtnetlink_bind+0x80/0x80
[  531.289949][T11254]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  531.295968][T11254]  ? lock_chain_count+0x20/0x20
[  531.300853][T11254]  ? __local_bh_enable_ip+0x13a/0x1c0
[  531.306254][T11254]  ? lockdep_hardirqs_on+0x98/0x150
[  531.311490][T11254]  ? __local_bh_enable_ip+0x13a/0x1c0
[  531.316890][T11254]  ? _local_bh_enable+0xa0/0xa0
[  531.321775][T11254]  ? __dev_queue_xmit+0x265/0x3660
[  531.326929][T11254]  ? __dev_queue_xmit+0x265/0x3660
[  531.332076][T11254]  ? __dev_queue_xmit+0x1b2c/0x3660
[  531.337319][T11254]  ? __dev_queue_xmit+0x265/0x3660
[  531.342473][T11254]  ? neigh_get+0xd80/0xd80
[  531.346948][T11254]  ? ref_tracker_free+0x690/0x840
[  531.352018][T11254]  netlink_rcv_skb+0x241/0x4d0
[  531.356823][T11254]  ? rtnetlink_bind+0x80/0x80
[  531.361539][T11254]  ? netlink_ack+0x1180/0x1180
[  531.366363][T11254]  ? __lock_acquire+0x7d40/0x7d40
[  531.371447][T11254]  ? netlink_deliver_tap+0x2e/0x1b0
[  531.376688][T11254]  netlink_unicast+0x751/0x8d0
[  531.381506][T11254]  netlink_sendmsg+0x8d0/0xbf0
[  531.386318][T11254]  ? netlink_getsockopt+0x590/0x590
[  531.391553][T11254]  ? aa_sock_msg_perm+0x94/0x150
[  531.396529][T11254]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  531.401855][T11254]  ? security_socket_sendmsg+0x80/0xa0
[  531.407347][T11254]  ? netlink_getsockopt+0x590/0x590
[  531.412582][T11254]  ____sys_sendmsg+0x5ba/0x960
[  531.417382][T11254]  ? __asan_memset+0x22/0x40
[  531.422010][T11254]  ? __sys_sendmsg_sock+0x30/0x30
[  531.427061][T11254]  ? __import_iovec+0x5f2/0x850
[  531.431953][T11254]  ? import_iovec+0x73/0xa0
[  531.436487][T11254]  ___sys_sendmsg+0x2a6/0x360
[  531.441194][T11254]  ? get_pid_task+0x20/0x1e0
[  531.445822][T11254]  ? __sys_sendmsg+0x2a0/0x2a0
[  531.450645][T11254]  ? __lock_acquire+0x7d40/0x7d40
[  531.455753][T11254]  __se_sys_sendmsg+0x1c2/0x2b0
[  531.460637][T11254]  ? __x64_sys_sendmsg+0x80/0x80
[  531.465623][T11254]  ? lockdep_hardirqs_on+0x98/0x150
[  531.470857][T11254]  do_syscall_64+0x55/0xa0
[  531.475297][T11254]  ? clear_bhb_loop+0x40/0x90
[  531.480009][T11254]  ? clear_bhb_loop+0x40/0x90
[  531.484729][T11254]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  531.490668][T11254] RIP: 0033:0x7f33e3f9ce59
[  531.495134][T11254] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  531.514785][T11254] RSP: 002b:00007f33e4e12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  531.523261][T11254] RAX: ffffffffffffffda RBX: 00007f33e4215fa0 RCX: 00007f33e3f9ce59
[  531.531263][T11254] RDX: 0000000024000000 RSI: 0000200000000140 RDI: 0000000000000003
[  531.539260][T11254] RBP: 00007f33e4e12090 R08: 0000000000000000 R09: 0000000000000000
[  531.547252][T11254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  531.555247][T11254] R13: 00007f33e4216038 R14: 00007f33e4215fa0 R15: 00007ffc3f78e1b8
[  531.563264][T11254]  </TASK>
[  531.750827][T11257] netlink: 'syz.2.1727': attribute type 10 has an invalid length.
[  531.834461][T11257] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1727'.
[  531.864871][T11257] batman_adv: batadv0: Adding interface: vlan1
[  531.916400][T11257] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.013125][T11257] batman_adv: batadv0: Interface activated: vlan1
[  532.051089][T11262] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1730'.
[  532.091306][T11262] Lè+߬ç³Õ: renamed from bridge_slave_0 (while UP)
[  532.322753][ T5777] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  532.400701][T11270] netlink: 'syz.1.1733': attribute type 8 has an invalid length.
[  532.429060][T11270] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1733'.
[  533.717971][T11303] netlink: 'syz.2.1742': attribute type 29 has an invalid length.
[  533.775946][T11303] netlink: 'syz.2.1742': attribute type 29 has an invalid length.
[  533.813423][ T5777] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  533.926072][T11298] netlink: 'syz.2.1742': attribute type 29 has an invalid length.
[  533.987669][T11298] netlink: 'syz.2.1742': attribute type 29 has an invalid length.
[  535.383977][T11329] FAULT_INJECTION: forcing a failure.
[  535.383977][T11329] name failslab, interval 1, probability 0, space 0, times 0
[  535.405094][T11329] CPU: 1 PID: 11329 Comm: syz.1.1751 Not tainted syzkaller #0
[  535.412606][T11329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  535.422693][T11329] Call Trace:
[  535.426004][T11329]  <TASK>
[  535.428965][T11329]  dump_stack_lvl+0x18c/0x250
[  535.433698][T11329]  ? show_regs_print_info+0x20/0x20
[  535.438949][T11329]  ? load_image+0x420/0x420
[  535.443497][T11329]  ? perf_trace_lock_acquire+0x104/0x410
[  535.449178][T11329]  ? verify_lock_unused+0x140/0x140
[  535.454427][T11329]  ? perf_trace_lock_acquire+0x104/0x410
[  535.460118][T11329]  should_fail_ex+0x39d/0x4d0
[  535.464855][T11329]  should_failslab+0x9/0x20
[  535.469407][T11329]  slab_pre_alloc_hook+0x59/0x310
[  535.474497][T11329]  kmem_cache_alloc+0x5a/0x2d0
[  535.479279][T11329]  ? skb_clone+0x1eb/0x370
[  535.483711][T11329]  skb_clone+0x1eb/0x370
[  535.487981][T11329]  __netlink_deliver_tap+0x41c/0x830
[  535.493317][T11329]  ? netlink_deliver_tap+0x2e/0x1b0
[  535.498539][T11329]  netlink_deliver_tap+0x19c/0x1b0
[  535.503672][T11329]  netlink_unicast+0x72c/0x8d0
[  535.508467][T11329]  netlink_sendmsg+0x8d0/0xbf0
[  535.513287][T11329]  ? netlink_getsockopt+0x590/0x590
[  535.518527][T11329]  ? aa_sock_msg_perm+0x94/0x150
[  535.523487][T11329]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  535.528783][T11329]  ? security_socket_sendmsg+0x80/0xa0
[  535.534265][T11329]  ? netlink_getsockopt+0x590/0x590
[  535.539486][T11329]  ____sys_sendmsg+0x5ba/0x960
[  535.544283][T11329]  ? __asan_memset+0x22/0x40
[  535.548910][T11329]  ? __sys_sendmsg_sock+0x30/0x30
[  535.553945][T11329]  ? __import_iovec+0x5f2/0x850
[  535.558810][T11329]  ? import_iovec+0x73/0xa0
[  535.563329][T11329]  ___sys_sendmsg+0x2a6/0x360
[  535.568020][T11329]  ? get_pid_task+0x20/0x1e0
[  535.572635][T11329]  ? __sys_sendmsg+0x2a0/0x2a0
[  535.577436][T11329]  ? __lock_acquire+0x7d40/0x7d40
[  535.582493][T11329]  __se_sys_sendmsg+0x1c2/0x2b0
[  535.587359][T11329]  ? __x64_sys_sendmsg+0x80/0x80
[  535.592322][T11329]  ? lockdep_hardirqs_on+0x98/0x150
[  535.597536][T11329]  do_syscall_64+0x55/0xa0
[  535.601960][T11329]  ? clear_bhb_loop+0x40/0x90
[  535.606655][T11329]  ? clear_bhb_loop+0x40/0x90
[  535.611350][T11329]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  535.617264][T11329] RIP: 0033:0x7f33e3f9ce59
[  535.621693][T11329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  535.641318][T11329] RSP: 002b:00007f33e4dd0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  535.649766][T11329] RAX: ffffffffffffffda RBX: 00007f33e4216180 RCX: 00007f33e3f9ce59
[  535.657752][T11329] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000000009
[  535.665733][T11329] RBP: 00007f33e4dd0090 R08: 0000000000000000 R09: 0000000000000000
[  535.673715][T11329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.681701][T11329] R13: 00007f33e4216218 R14: 00007f33e4216180 R15: 00007ffc3f78e1b8
[  535.689703][T11329]  </TASK>
[  535.705179][T11329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1751'.
[  535.714370][T11329] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1751'.
[  536.969203][T11328] delete_channel: no stack
[  537.418536][T11342] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1756'.
[  537.451272][T11342] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1756'.
[  537.493978][T11344] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1757'.
[  537.524599][T11344] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1757'.
[  537.802716][T11341] delete_channel: no stack
[  537.961239][T11343] delete_channel: no stack
[  538.763172][T11371] FAULT_INJECTION: forcing a failure.
[  538.763172][T11371] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  538.805904][T11371] CPU: 1 PID: 11371 Comm: syz.0.1763 Not tainted syzkaller #0
[  538.813422][T11371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  538.823511][T11371] Call Trace:
[  538.826815][T11371]  <TASK>
[  538.829772][T11371]  dump_stack_lvl+0x18c/0x250
[  538.834497][T11371]  ? show_regs_print_info+0x20/0x20
[  538.839745][T11371]  ? load_image+0x420/0x420
[  538.844627][T11371]  ? __lock_acquire+0x7d40/0x7d40
[  538.849689][T11371]  ? mark_lock+0x94/0x320
[  538.854057][T11371]  should_fail_ex+0x39d/0x4d0
[  538.858784][T11371]  prepare_alloc_pages+0x1e2/0x5f0
[  538.863936][T11371]  __alloc_pages+0x134/0x460
[  538.868564][T11371]  ? zone_statistics+0x170/0x170
[  538.873535][T11371]  ? do_wp_page+0x7ca/0x35f0
[  538.878152][T11371]  ? do_wp_page+0xfc5/0x35f0
[  538.882775][T11371]  __folio_alloc+0x10/0x20
[  538.887229][T11371]  vma_alloc_folio+0x47a/0x8f0
[  538.892033][T11371]  do_wp_page+0x1243/0x35f0
[  538.896575][T11371]  ? folio_put+0xd0/0xd0
[  538.900845][T11371]  ? do_raw_spin_lock+0x11f/0x2c0
[  538.905917][T11371]  ? __rwlock_init+0x150/0x150
[  538.910750][T11371]  handle_mm_fault+0x135d/0x4c00
[  538.915730][T11371]  ? handle_mm_fault+0xe7/0x4c00
[  538.920729][T11371]  ? numa_migrate_prep+0x350/0x350
[  538.925888][T11371]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  538.931219][T11371]  do_user_addr_fault+0x730/0x12c0
[  538.936374][T11371]  exc_page_fault+0x64/0x100
[  538.941002][T11371]  asm_exc_page_fault+0x26/0x30
[  538.945913][T11371] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  538.951752][T11371] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  538.971390][T11371] RSP: 0018:ffffc90003477718 EFLAGS: 00050206
[  538.977488][T11371] RAX: ffffffff8427ba01 RBX: 1ffff9200068efc7 RCX: 000000000000d5d0
[  538.985489][T11371] RDX: 0000000000000000 RSI: ffff888088aa2ce8 RDI: 0000200000003000
[  538.993485][T11371] RBP: ffffc90003477878 R08: ffff888088ab02b7 R09: 1ffff11011156056
[  539.001481][T11371] R10: dffffc0000000000 R11: ffffed1011156057 R12: ffff888088aa00e8
[  539.009483][T11371] R13: 00000000000101d0 R14: 00000000000101d0 R15: ffffc90003477e48
[  539.017495][T11371]  ? _copy_to_iter+0x141/0x1120
[  539.022390][T11371]  _copy_to_iter+0x24f/0x1120
[  539.027108][T11371]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  539.033050][T11371]  ? iov_iter_init+0x1e0/0x1e0
[  539.037857][T11371]  ? __virt_addr_valid+0x18c/0x540
[  539.043023][T11371]  ? __virt_addr_valid+0x469/0x540
[  539.048167][T11371]  ? __phys_addr_symbol+0x2f/0x70
[  539.053222][T11371]  ? __check_object_size+0x506/0xa20
[  539.058541][T11371]  __skb_datagram_iter+0xdb/0x780
[  539.063604][T11371]  ? tsk_importance+0x150/0x150
[  539.068493][T11371]  ? __local_bh_enable_ip+0x142/0x1c0
[  539.073904][T11371]  ? skb_copy_datagram_iter+0x200/0x200
[  539.079511][T11371]  skb_copy_datagram_iter+0xb1/0x200
[  539.084853][T11371]  tipc_recvstream+0x72b/0xe70
[  539.089661][T11371]  ? tipc_sendstream+0x70/0x70
[  539.094459][T11371]  ____sys_recvmsg+0x2ce/0x5e0
[  539.099265][T11371]  ? __sys_recvmsg_sock+0x50/0x50
[  539.104329][T11371]  ? import_iovec+0x73/0xa0
[  539.108869][T11371]  ___sys_recvmsg+0x216/0x590
[  539.113587][T11371]  ? __sys_recvmsg+0x2a0/0x2a0
[  539.118381][T11371]  ? ksys_write+0x1c4/0x260
[  539.122936][T11371]  ? __fget_files+0x43d/0x4b0
[  539.127669][T11371]  __x64_sys_recvmsg+0x20c/0x2e0
[  539.132650][T11371]  ? ___sys_recvmsg+0x590/0x590
[  539.137545][T11371]  ? syscall_enter_from_user_mode+0x2e/0x80
[  539.143484][T11371]  do_syscall_64+0x55/0xa0
[  539.147927][T11371]  ? clear_bhb_loop+0x40/0x90
[  539.152641][T11371]  ? clear_bhb_loop+0x40/0x90
[  539.157354][T11371]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  539.163273][T11371] RIP: 0033:0x7f204af9ce59
[  539.167713][T11371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  539.187347][T11371] RSP: 002b:00007f204be8c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  539.195790][T11371] RAX: ffffffffffffffda RBX: 00007f204b215fa0 RCX: 00007f204af9ce59
[  539.203794][T11371] RDX: 0000000000001f00 RSI: 0000200000000500 RDI: 0000000000000007
[  539.211797][T11371] RBP: 00007f204be8c090 R08: 0000000000000000 R09: 0000000000000000
[  539.219798][T11371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  539.227803][T11371] R13: 00007f204b216038 R14: 00007f204b215fa0 R15: 00007ffecc70c1e8
[  539.235828][T11371]  </TASK>
[  539.811486][T11383] netlink: 'syz.0.1766': attribute type 3 has an invalid length.
[  540.094867][T11389] netlink: 'syz.1.1768': attribute type 22 has an invalid length.
[  540.119835][T11389] netlink: 14380 bytes leftover after parsing attributes in process `syz.1.1768'.
[  540.618767][T11400] delete_channel: no stack
[  540.857618][T11405] delete_channel: no stack
[  540.995690][T11408] netlink: 'syz.0.1773': attribute type 29 has an invalid length.
[  541.592936][T11408] netlink: 'syz.0.1773': attribute type 29 has an invalid length.
[  541.629911][T11402] netlink: 'syz.0.1773': attribute type 29 has an invalid length.
[  541.713472][T11411] netlink: 'syz.0.1773': attribute type 29 has an invalid length.
[  542.124778][T11425] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1778'.
[  542.144402][T11425] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1778'.
[  542.176488][T11422] raw_sendmsg: syz.0.1778 forgot to set AF_INET. Fix it!
[  542.193586][T11422] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1778'.
[  571.465266][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  571.476087][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  571.485794][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  571.495455][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  571.505112][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  571.514739][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  577.785689][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  584.435130][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  597.715110][    C0] icmp: detected local route for 10.128.1.112 during ICMP sending, src 10.128.0.163
[  618.926689][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  618.933043][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  647.454980][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  647.461620][    C1] rcu: 	1-....: (10500 ticks this GP) idle=557c/1/0x4000000000000000 softirq=38623/38623 fqs=4205
[  647.472965][    C1] rcu: 	         hardirqs   softirqs   csw/system
[  647.479372][    C1] rcu: 	 number:  1529023          0            0
[  647.485775][    C1] rcu: 	cputime:    15791      36678           56   ==> 52470(ms)
[  647.493573][    C1] rcu: 	(t=10500 jiffies g=36837 q=1691 ncpus=2)
[  647.499894][    C1] CPU: 1 PID: 11429 Comm: syz.1.1780 Not tainted syzkaller #0
[  647.507348][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  647.517404][    C1] RIP: 0010:stack_trace_consume_entry+0xe1/0x270
[  647.523754][    C1] Code: 25 96 69 00 49 89 d9 4c 8b 04 24 4c 89 e2 4c 89 ff 48 8b 74 24 08 48 8b 1f 45 8d 79 01 0f b6 44 15 00 84 c0 0f 85 35 01 00 00 <45> 89 38 4e 8d 3c cb 4c 89 f8 48 c1 e8 03 80 3c 10 00 74 1a 4c 89
[  647.543363][    C1] RSP: 0018:ffffc900001ef678 EFLAGS: 00000246
[  647.549442][    C1] RAX: 0000000000000000 RBX: ffffc900001ef810 RCX: ffff88807af49e00
[  647.557412][    C1] RDX: dffffc0000000000 RSI: ffffffff817c1e31 RDI: ffffc900001ef780
[  647.565399][    C1] RBP: 1ffff9200003def2 R08: ffffc900001ef790 R09: 000000000000001b
[  647.573371][    C1] R10: 0000000000000004 R11: 0000000000000100 R12: 0000000000000000
[  647.581347][    C1] R13: 1ffff9200003def1 R14: ffffc900001ef788 R15: 000000000000001c
[  647.589324][    C1] FS:  00007f33e4e126c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  647.598264][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  647.604850][    C1] CR2: 000000110c2aa4bf CR3: 00000000889cd000 CR4: 00000000003506e0
[  647.612843][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  647.620822][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  647.628790][    C1] Call Trace:
[  647.632068][    C1]  <IRQ>
[  647.634914][    C1]  ? __kernel_text_address+0xd/0x30
[  647.640120][    C1]  ? generic_exec_single+0x481/0x4f0
[  647.645406][    C1]  ? stack_trace_save+0x100/0x100
[  647.650433][    C1]  arch_stack_walk+0x138/0x190
[  647.655202][    C1]  ? generic_exec_single+0x481/0x4f0
[  647.660489][    C1]  stack_trace_save+0xaa/0x100
[  647.665258][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  647.670384][    C1]  kasan_set_track+0x4e/0x70
[  647.674976][    C1]  ? kasan_set_track+0x4e/0x70
[  647.679738][    C1]  ? __kasan_kmalloc+0x8f/0xa0
[  647.684505][    C1]  ? __kmalloc_node_track_caller+0xb2/0x230
[  647.690405][    C1]  ? krealloc+0x86/0x120
[  647.694651][    C1]  ? nf_ct_ext_add+0x1ab/0x440
[  647.699422][    C1]  ? init_conntrack+0x69c/0xf10
[  647.704266][    C1]  ? nf_conntrack_in+0xc06/0x15c0
[  647.709292][    C1]  ? nf_hook_slow+0xbd/0x200
[  647.713880][    C1]  ? nf_hook+0x228/0x390
[  647.718115][    C1]  ? __ip_local_out+0x4db/0x5f0
[  647.722961][    C1]  ? ip_local_out+0x2a/0x130
[  647.727541][    C1]  ? iptunnel_xmit+0x4f0/0x920
[  647.732301][    C1]  ? udp_tunnel_xmit_skb+0x249/0x390
[  647.737580][    C1]  ? geneve_xmit+0x26a8/0x3540
[  647.742344][    C1]  ? dev_hard_start_xmit+0x246/0x740
[  647.747629][    C1]  ? __dev_queue_xmit+0x19a3/0x3660
[  647.752826][    C1]  ? ip6_finish_output2+0xe3d/0x1630
[  647.758114][    C1]  ? ndisc_send_skb+0xc26/0x14f0
[  647.763051][    C1]  ? addrconf_rs_timer+0x2d5/0x630
[  647.768159][    C1]  ? call_timer_fn+0x189/0x540
[  647.772916][    C1]  ? __run_timers+0x542/0x800
[  647.777586][    C1]  ? run_timer_softirq+0x67/0xf0
[  647.782515][    C1]  ? handle_softirqs+0x280/0x820
[  647.787446][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  647.792210][    C1]  ? irq_exit_rcu+0x9/0x20
[  647.796649][    C1]  ? sysvec_apic_timer_interrupt+0xa4/0xc0
[  647.802454][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  647.808621][    C1]  ? nf_ct_ext_add+0x1ab/0x440
[  647.813386][    C1]  __kasan_kmalloc+0x8f/0xa0
[  647.817973][    C1]  ? nf_ct_ext_add+0x1ab/0x440
[  647.822748][    C1]  __kmalloc_node_track_caller+0xb2/0x230
[  647.828471][    C1]  krealloc+0x86/0x120
[  647.832566][    C1]  nf_ct_ext_add+0x1ab/0x440
[  647.837157][    C1]  init_conntrack+0x69c/0xf10
[  647.841850][    C1]  ? early_drop+0x7f0/0x7f0
[  647.846350][    C1]  ? nf_conntrack_find_get+0x650/0x650
[  647.851819][    C1]  ? kasan_check_range+0x89/0x290
[  647.856839][    C1]  ? __siphash_unaligned+0x22e/0x3a0
[  647.862128][    C1]  nf_conntrack_in+0xc06/0x15c0
[  647.867002][    C1]  ? nf_ct_pernet+0x270/0x270
[  647.871676][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  647.877831][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  647.883042][    C1]  ? ipv4_conntrack_local+0x123/0x200
[  647.888414][    C1]  ? ipv4_conntrack_in+0x20/0x20
[  647.893350][    C1]  nf_hook_slow+0xbd/0x200
[  647.897772][    C1]  ? nf_hook+0x390/0x390
[  647.902009][    C1]  nf_hook+0x228/0x390
[  647.906074][    C1]  ? nf_hook+0xa2/0x390
[  647.910229][    C1]  ? __ip_local_out+0x5f0/0x5f0
[  647.915084][    C1]  ? nf_hook+0x390/0x390
[  647.919318][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  647.925471][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  647.930667][    C1]  ? ip_fast_csum+0x1ee/0x2b0
[  647.935346][    C1]  __ip_local_out+0x4db/0x5f0
[  647.940058][    C1]  ? nf_hook+0x390/0x390
[  647.944319][    C1]  ip_local_out+0x2a/0x130
[  647.948741][    C1]  iptunnel_xmit+0x4f0/0x920
[  647.953337][    C1]  udp_tunnel_xmit_skb+0x249/0x390
[  647.958465][    C1]  geneve_xmit+0x26a8/0x3540
[  647.963065][    C1]  ? geneve_xmit+0x15e/0x3540
[  647.967766][    C1]  ? perf_trace_run_bpf_submit+0xd0/0x1c0
[  647.973493][    C1]  ? geneve_stop+0x1b0/0x1b0
[  647.978084][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  647.984073][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  647.990225][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  647.995428][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  648.001595][    C1]  dev_hard_start_xmit+0x246/0x740
[  648.006732][    C1]  __dev_queue_xmit+0x19a3/0x3660
[  648.011766][    C1]  ? read_seqbegin+0x196/0x270
[  648.016538][    C1]  ? __dev_queue_xmit+0x265/0x3660
[  648.021645][    C1]  ? read_seqbegin+0x19a/0x270
[  648.026407][    C1]  ? read_seqbegin+0x1c8/0x270
[  648.031171][    C1]  ? neigh_event_send+0x110/0x110
[  648.036211][    C1]  ? netdev_core_pick_tx+0x340/0x340
[  648.041501][    C1]  ? __asan_memcpy+0x40/0x70
[  648.046095][    C1]  ? eth_header+0x11b/0x200
[  648.050607][    C1]  ? llc_sysctl_exit+0x70/0x70
[  648.055374][    C1]  ? neigh_resolve_output+0x618/0x730
[  648.060765][    C1]  ip6_finish_output2+0xe3d/0x1630
[  648.065886][    C1]  ? ip6_finish_output2+0x645/0x1630
[  648.071173][    C1]  ? nf_hook+0x390/0x390
[  648.075428][    C1]  ? ip6_finish_output+0x1bf/0x820
[  648.080538][    C1]  ? ip6_finish_output+0x57b/0x820
[  648.085777][    C1]  ndisc_send_skb+0xc26/0x14f0
[  648.090547][    C1]  ? ndisc_send_skb+0x1f5/0x14f0
[  648.095493][    C1]  ? ndisc_mc_map+0x680/0x680
[  648.100168][    C1]  ? skb_dst+0xd0/0xd0
[  648.104238][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  648.110403][    C1]  addrconf_rs_timer+0x2d5/0x630
[  648.115342][    C1]  ? addrconf_disable_policy_idev+0x480/0x480
[  648.121401][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  648.127382][    C1]  call_timer_fn+0x189/0x540
[  648.131966][    C1]  ? addrconf_disable_policy_idev+0x480/0x480
[  648.138025][    C1]  ? call_timer_fn+0xd2/0x540
[  648.142694][    C1]  ? __run_timers+0x800/0x800
[  648.147370][    C1]  ? addrconf_disable_policy_idev+0x480/0x480
[  648.153431][    C1]  __run_timers+0x542/0x800
[  648.157954][    C1]  ? detach_timer+0x2b0/0x2b0
[  648.162636][    C1]  run_timer_softirq+0x67/0xf0
[  648.167391][    C1]  handle_softirqs+0x280/0x820
[  648.172153][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  648.176930][    C1]  ? do_softirq+0x1a0/0x1a0
[  648.181431][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  648.186642][    C1]  __irq_exit_rcu+0xd3/0x190
[  648.191225][    C1]  ? irq_exit_rcu+0x20/0x20
[  648.195730][    C1]  irq_exit_rcu+0x9/0x20
[  648.199969][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  648.205605][    C1]  </IRQ>
[  648.208536][    C1]  <TASK>
[  648.211480][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  648.217456][    C1] RIP: 0010:generic_exec_single+0x481/0x4f0
[  648.223346][    C1] Code: 75 11 e8 42 05 0b 00 48 85 db 75 16 e8 38 05 0b 00 eb 15 e8 31 05 0b 00 e8 bc 4c 0a 09 48 85 db 74 ea e8 22 05 0b 00 fb 31 c0 <48> c7 44 24 20 0e 36 e0 45 4b c7 04 2c 00 00 00 00 43 c7 44 2c 08
[  648.242943][    C1] RSP: 0018:ffffc900035efa00 EFLAGS: 00000246
[  648.249004][    C1] RAX: 0000000000000000 RBX: 0000000000000200 RCX: 0000000000080000
[  648.256969][    C1] RDX: ffffc9000d15b000 RSI: 0000000000002602 RDI: 0000000000002603
[  648.264949][    C1] RBP: ffffc900035efad0 R08: ffffffff911c65ff R09: 1ffffffff2238cbf
[  648.272915][    C1] R10: dffffc0000000000 R11: fffffbfff2238cc0 R12: 1ffff920006bdf44
[  648.280879][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920006bdf65
[  648.288855][    C1]  ? event_function+0x300/0x300
[  648.293704][    C1]  ? smp_call_function_single+0x5a0/0x5a0
[  648.299435][    C1]  ? percpu_counter_add_batch+0x1f1/0x2a0
[  648.305158][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  648.310363][    C1]  ? smp_call_function_single+0xb0/0x5a0
[  648.316010][    C1]  smp_call_function_single+0x36d/0x5a0
[  648.321555][    C1]  ? event_function+0x300/0x300
[  648.326403][    C1]  ? flush_smp_call_function_queue+0x250/0x250
[  648.332553][    C1]  ? event_function+0x300/0x300
[  648.337409][    C1]  perf_install_in_context+0x5be/0x920
[  648.342881][    C1]  ? exclusive_event_installable+0x2c0/0x2c0
[  648.348875][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  648.354070][    C1]  ? add_event_to_ctx+0x1180/0x1180
[  648.359294][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  648.365452][    C1]  __se_sys_perf_event_open+0x1836/0x1c50
[  648.371175][    C1]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  648.376816][    C1]  ? lock_chain_count+0x20/0x20
[  648.381669][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  648.386863][    C1]  ? __x64_sys_perf_event_open+0x20/0xc0
[  648.392491][    C1]  do_syscall_64+0x55/0xa0
[  648.396908][    C1]  ? clear_bhb_loop+0x40/0x90
[  648.401588][    C1]  ? clear_bhb_loop+0x40/0x90
[  648.406279][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  648.412169][    C1] RIP: 0033:0x7f33e3f9ce59
[  648.416592][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  648.436219][    C1] RSP: 002b:00007f33e4e12028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  648.444630][    C1] RAX: ffffffffffffffda RBX: 00007f33e4215fa0 RCX: 00007f33e3f9ce59
[  648.452626][    C1] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 00002000000008c0
[  648.460604][    C1] RBP: 00007f33e4032d6f R08: 0000000000000002 R09: 0000000000000000
[  648.468571][    C1] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  648.476563][    C1] R13: 00007f33e4216038 R14: 00007f33e4215fa0 R15: 00007ffc3f78e1b8
[  648.484552][    C1]  </TASK>