last executing test programs:

3.492358806s ago: executing program 1 (id=2442):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000014007910480000000000790018000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x21)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000002b40)={0x0, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000fdff030018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095", @ANYRES8=0x0, @ANYRESHEX=r2, @ANYRESDEC=r0, @ANYRES64=r2, @ANYRESHEX=r1, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x8, 0x0, 0x0, 0x0, 0x5, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x5, 0x2, 0x5}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0xa, 0x1, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffec, 0x0, &(0x7f00000008c0)="89", 0x0, 0xf, 0x0, 0x2}, 0x32)
sendmsg$kcm(r4, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x6005, 0x0, @empty, 0x7}, 0x80, 0x0}, 0x20040040)
sendmsg(r4, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002980)=ANY=[], 0x1258}, 0x4000080)
r6 = socket$kcm(0x10, 0x2, 0x4)
r7 = socket$kcm(0xa, 0x5, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x0, 0x0, 0x0}, 0x94)
r8 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5d34, 0x8cc80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r9 = socket$kcm(0x21, 0x2, 0x2)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
sendmsg$kcm(r9, 0x0, 0x106)
recvmsg$kcm(r7, 0x0, 0x141)
socket$kcm(0x21, 0x2, 0xa)
close(r6)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000740)="5c00000013006bcc9e3be35c6e17aa33074b876c1d0000007ea60864160af36514000cc0080019000300000006001dc00200bc24eab5008000001e618294ff4051f60a84c9f4d4938037e786a6d00010000400000000000000c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4004004)
recvmsg$kcm(r4, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x10, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071101a000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14}, 0x94)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000380)=ANY=[@ANYRES32=r0, @ANYRES32, @ANYBLOB="0c0000001000000000000000", @ANYRES32=r0, @ANYBLOB="da95bcc64d451e2561022d574128af08000000000000005de8a9bfa9edb621b62eab79ded02571266083a75b621d93f9da26f16c469e5569d604e5f70a36b0c909eb91dd535679bef615bc2f530efe261fac03765fc9e1fe694b91e2760aaddd50b3cc720bfcc3b183a5b78ffa77260b026cb72e8291", @ANYRES64], 0x20)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x29402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={&(0x7f0000000100), 0x1}, 0x210, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2.486323809s ago: executing program 1 (id=2452):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x8d923000, 0x0, 0x0, 0x0, 0x0, 0x0)
close(r1)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
recvmsg$kcm(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000300)=""/143, 0x8f}], 0x1}, 0x2)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x7, 0x80, 0x63, 0x5a, 0x0, 0x0, 0x0, 0x0, 0x37e24, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x500}, 0x100000, 0xe614, 0x0, 0x0, 0xffffffffffffbbfe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1c0000000000000}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))
r4 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r4, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="b5", 0x1}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r5)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r8 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c00000015006b0300224ed86e6c1d0002117ea6e070d6064e22000300000002250002000f00000017d34460bc24eab556a705251e6182949a00003d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0a5d700000017", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r10, 0x40042408, r9)
setsockopt$sock_attach_bpf(r4, 0x1, 0x7, &(0x7f0000000180), 0x43)

2.340002143s ago: executing program 3 (id=2454):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000b00), &(0x7f0000000000), 0x7, r0}, 0x36)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="05000000050000000200000047"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000040000000800000014100000", @ANYRES32, @ANYBLOB="00000002a11eb26110993f40fabf4a918fed713ef6698ec90539684fcfbfd8c8e9", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000003000000000000000040000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r4, r3}, 0xc)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000140), &(0x7f0000000340)=""/233}, 0x20)

2.113004383s ago: executing program 3 (id=2457):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000050000000000000000060000000000008471", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000400)=ANY=[@ANYBLOB="1808000030000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7060000000000008500000005000000bc0900000000000035090100000000009500000000000000b702000000000000db9af8fff1000000b5090000000000007b9af8ff00000000be8a00000000000007080000f8ffffffbf9400000000000007040000f0ffffffc70200000800000018260000", @ANYBLOB="0000000000000000b7050000080000004608f1ff76000000bf9800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000040))
socket$kcm(0x29, 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x3, 0x201, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x7ff, 0x7fffffff, 0xffff, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x4, 0xfffffffffffffff8}, 0x11316, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffffffffffffffe}, 0x0, 0xffffffffffffffff, r0, 0x8)
r4 = socket$kcm(0x2b, 0x1, 0x0)
close(r4)
socket$kcm(0x2, 0x2, 0x88)
setsockopt$sock_attach_bpf(r4, 0x1, 0xd, &(0x7f00000001c0), 0x45)
close(r4)
perf_event_open(&(0x7f0000000180)={0x2, 0x0, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x400, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x1, @perf_config_ext={0x0, 0x194a}, 0x2000, 0x0, 0x0, 0x9, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000340)=""/94, 0x5e, <r5=>0x0, &(0x7f0000000680)=""/161, 0xa1}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x13, 0x1a, &(0x7f0000000500)=@raw=[@printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf0000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @exit, @map_val={0x18, 0x1, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x80000000}, @exit, @ldst={0x1, 0x3, 0x0, 0xb, 0x2, 0xc, 0xfffffffffffffff0}], &(0x7f00000000c0)='syzkaller\x00', 0x80000001, 0xf, &(0x7f0000000100)=""/15, 0x41000, 0x8, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x5, 0x3}, 0x8, 0x10, 0x0, 0x0, r5, 0xffffffffffffffff, 0x3, &(0x7f0000000800)=[r2], &(0x7f0000000900)=[{0x2, 0x3, 0xc, 0x8}, {0x0, 0x2, 0x8, 0x9}, {0x5, 0x2, 0x9, 0x9}], 0x10, 0x2}, 0x94)
unlink(&(0x7f0000000180)='./cgroup/../file0\x00')
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
r6 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r6, 0x84, 0xb, &(0x7f0000000000)=r3, 0x4)
sendmsg$inet(r6, &(0x7f0000000ac0)={&(0x7f00000001c0)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000000940)=[{&(0x7f0000001880)="04", 0x1}], 0x1}, 0x8054)
close(r6)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0x1, 0x0, &(0x7f0000000000)="17", 0x0, 0xd00, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)

1.934093791s ago: executing program 0 (id=2458):
perf_event_open(0x0, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1}, 0xc) (async)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1}, 0xc)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x38}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x18, 0x0, 0x4, 0x4, 0x0, 0x0, 0x91206, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x7, 0x8000000000000001}, 0x104042, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ff, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1f, 0xf, &(0x7f0000001440)=ANY=[@ANYBLOB="18000000fdffffff00000000fdfffdff18110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000023000085000000860000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1f, 0xf, &(0x7f0000001440)=ANY=[@ANYBLOB="18000000fdffffff00000000fdfffdff18110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000023000085000000860000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

1.933460101s ago: executing program 2 (id=2459):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
r2 = socket$kcm(0x1e, 0x5, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43) (async)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r3=>0x0, <r4=>0x0})
close(r3) (async)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) (async)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={<r5=>0x0, <r6=>0x0})
close(r5) (async, rerun: 64)
setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f0000000180), 0x127) (rerun: 64)
r7 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r7, 0x10f, 0x87, &(0x7f00000008c0), 0x43) (async)
r8 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r8, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r2, &(0x7f0000000100)={&(0x7f00000004c0)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x2, 0x0, 0x1}}, 0x80, 0x0}, 0x0) (async, rerun: 32)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r0, 0x5}, 0x10) (async, rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@map=r1, r0, 0x26}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) (async)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_subtree(r9, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r10, 0x0, 0x100000) (async, rerun: 64)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0x1, <r11=>0xffffffffffffffff}, 0x4) (rerun: 64)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@bloom_filter={0x1e, 0x0, 0x2, 0x3}, 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xc000000, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
unlink(&(0x7f0000000140)='./cgroup\x00') (async)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r12, 0x0, &(0x7f0000001700)=""/53}, 0x20) (async, rerun: 32)
r13 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) (async, rerun: 32)
r14 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1b, 0x18, &(0x7f0000000200)=@raw=[@printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r11}}, @generic={0x18, 0xa, 0xe, 0x4, 0x1}, @map_val={0x18, 0x3, 0x2, 0x0, r12}], &(0x7f00000000c0)='GPL\x00', 0x0, 0x23, &(0x7f0000000100)=""/35, 0x41100, 0x6, '\x00', 0x0, @fallback=0x26, r13, 0x8, &(0x7f0000000300)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x0, 0x400, 0x1}, 0x10, 0x0, r14, 0x1, 0x0, &(0x7f0000000400)=[{0x0, 0x4, 0x5, 0x4}], 0x10, 0xa}, 0x94)

1.822921342s ago: executing program 2 (id=2460):
r0 = socket$kcm(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x2, 0x200000000000003, 0x106)
setsockopt$sock_attach_bpf(r1, 0x0, 0xb, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0xf14b)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xb5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x9, 0x5, 0x8000, 0xfff7, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1f, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000009000080850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x5, 0x0, 0x0, 0x0, 0x0, 0x149c, 0x503, 0xffffff81, 0x0, 0x0, 0x0, 0x7, 0xffff80fe}, 0x7)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x5, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000300), 0x0, 0x2, &(0x7f0000000340)=[{}], 0x8, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x64, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000140)=[{&(0x7f00000005c0)="df", 0x1}], 0x1}, 0x0)

1.601186012s ago: executing program 0 (id=2461):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000140), &(0x7f0000000340)=""/233}, 0x20)

1.390830045s ago: executing program 1 (id=2462):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x8, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x600}) (async)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)
r4 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r4, 0x29, 0x43, 0x0, 0x0) (async)
recvmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000028c0)=""/4035, 0xfc3}, {&(0x7f00000038c0)=""/4111, 0x100f}, {&(0x7f0000000800)=""/202, 0xca}, {&(0x7f0000000940)=""/139, 0x8b}], 0x4}, 0x120)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffff8000}, {}, {0x7, 0x0, 0xb, 0x9}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.257049652s ago: executing program 2 (id=2463):
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x10510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x25, &(0x7f0000000180)=r0, 0x4)
close(0x3)

1.199221762s ago: executing program 3 (id=2464):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x49, &(0x7f0000000180), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x4, &(0x7f00000001c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0xd455d0f2adb9ba32, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710443000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[], 0xfe33)
socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'vlan0\x00', 0x8000})
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x4000})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000080))
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r7 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r7, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000280)={'wlan0\x00', @multicast})
perf_event_open(0x0, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x2)

978.866662ms ago: executing program 0 (id=2465):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x13, &(0x7f0000000240)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xb, 0x1, 0xa, 0x6}, {0x7, 0x0, 0x4}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x85, 0x0, 0x0, 0x5}}, @printk={@lx, {0x3, 0x3, 0x6, 0xa, 0x1, 0xfff8, 0x51}, {0x5}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

907.95823ms ago: executing program 1 (id=2466):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000500)={[{0x2b, 'io'}, {0x2b, 'perf_event'}, {0x2d, 'perf_event'}, {0x2d, 'hugetlb'}, {0x2d, 'net_prio'}, {0x2d, 'blkio'}]}, 0x36)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000400000003000000000000001301000000000000000000000d020000000000"], 0xffffffffffffffff, 0x3e, 0xb1, 0x2}, 0x1f)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000b00), &(0x7f0000000000), 0x7, r0}, 0x36)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b40500000000000071121400000000007f150000000000009500000000000000ca5e3e379af9f838ef020326d8e8d978a4bb5a56ac5ed2adf9738a5ab86ed0a3a79581e249fe28ea01a87ebeb71be3a5a812b7b4a4252d2f6c010966947e360c1fd48deeb1a0dbd8a871dd64d7385bf7f7b0a4308586a0306b8649973c6f9458d0829f5708b27e2871153b07ec676d0725f3809ff278295c70a0d4115eb77e167e8011f8ff89847825f265f388f19f10d5c638a1e3ccf14afebfb4107c2c2c778ba052"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r2, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x9, 0x6, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa0, &(0x7f0000000300)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x1f, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x2a, &(0x7f0000000100)=r5, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x82100, 0x20, '\x00', r3, @fallback=0x37, r5}, 0x94)
r6 = perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x200, 0x9100, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xba}, 0x0, 0x400000, 0x0, 0x9}, 0x0, 0x0, r5, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r1)
r7 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000100)={r7, r0}, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000140), &(0x7f0000000340)=""/233}, 0x20)

849.18591ms ago: executing program 0 (id=2467):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8940, 0x0)
r0 = perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x7, 0x8, 0xff, 0x9, 0x0, 0x8, 0x8010, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xc, 0x4, @perf_config_ext={0x80000000, 0x749}, 0x10400, 0x2f, 0x43, 0x8, 0xf1, 0x1000, 0x6, 0x0, 0x4, 0x0, 0x5}, r1, 0x7, r0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20028814)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8982, &(0x7f0000000080))

802.702311ms ago: executing program 2 (id=2468):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000240)={&(0x7f0000000000)=@nfc={0x27, 0x0, 0xffffffffffffffff, 0x3}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000140)="a2334c4843fbcf8b08f2df7f421a4b36e74a82090a02037a18feb8934876cd191adb39be1dd23b29da2da99ea05c8a6008a0b4e37cc7d1d484df6778416a519caa005df825", 0x45}, {&(0x7f00000000c0)="dc404f8bcec54b12272e4240c23ec00926a65361c80ce13fc1ce1ede", 0x1c}, {&(0x7f00000001c0)="00bd26f9dd3be74e84663b75c970afde2c91129037e0f032966bfe75bb43395f306860bfc9c9548c4a4868764c9c0ee8a4477e1a8195a69b16265cc8ee8f", 0x3e}], 0x3}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000006b113200000000008510000002000000850000006c00000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x70)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x6, &(0x7f0000000100)=[{&(0x7f0000000380)="5c00000012006bab9a3fe3d86e17aa0a076b876c1d0048007ea60864160af36504001a0038001d00e517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb000011d600a0680d4bbd6df1db6f1078bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$kcm(0x10, 0x2, 0x0) (async)
sendmsg(r0, &(0x7f0000000240)={&(0x7f0000000000)=@nfc={0x27, 0x0, 0xffffffffffffffff, 0x3}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000140)="a2334c4843fbcf8b08f2df7f421a4b36e74a82090a02037a18feb8934876cd191adb39be1dd23b29da2da99ea05c8a6008a0b4e37cc7d1d484df6778416a519caa005df825", 0x45}, {&(0x7f00000000c0)="dc404f8bcec54b12272e4240c23ec00926a65361c80ce13fc1ce1ede", 0x1c}, {&(0x7f00000001c0)="00bd26f9dd3be74e84663b75c970afde2c91129037e0f032966bfe75bb43395f306860bfc9c9548c4a4868764c9c0ee8a4477e1a8195a69b16265cc8ee8f", 0x3e}], 0x3}, 0x4000000) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000006b113200000000008510000002000000850000006c00000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x70) (async)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x6, &(0x7f0000000100)=[{&(0x7f0000000380)="5c00000012006bab9a3fe3d86e17aa0a076b876c1d0048007ea60864160af36504001a0038001d00e517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb000011d600a0680d4bbd6df1db6f1078bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)

379.994597ms ago: executing program 1 (id=2469):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x60004, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0xfffffe8b}], 0x1}, 0x4)
socket$kcm(0x10, 0x2, 0x0) (async)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffef0, &(0x7f0000000000)='?proo/1/\x00q\xeeP\xee\x9c2G\xf0\x81x\x97\x00', <r1=>0x0}, 0x30)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRES16=r1], 0xfe33) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRES16=r1], 0xfe33)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe33)

379.696497ms ago: executing program 2 (id=2470):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000100)=0x8000000000000000, 0x12)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x8}})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000000000000000000000800008500000017000000850000000500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000380)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e22, 0x400, @private1, 0xfffffff8}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) (async)
write$cgroup_int(r0, &(0x7f0000000100)=0x8000000000000000, 0x12) (async)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x8}}) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000000000000000000000800008500000017000000850000000500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000380)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
socket$kcm(0x21, 0x2, 0x2) (async)
sendmsg$kcm(r2, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e22, 0x400, @private1, 0xfffffff8}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0) (async)

374.924576ms ago: executing program 0 (id=2471):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b07d25a806c8c6f94f90624fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) (async)
recvmsg$kcm(r0, &(0x7f0000000300)={0xffffffffffffffff, 0x5b, 0x0}, 0x10000) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r1, 0x29, 0x3, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x0, 0x0, 0xa0, 0x0, 0x0, 0x4, 0x8c4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x5, @perf_config_ext={0x7, 0x2}, 0x0, 0xc8, 0x5, 0x9, 0x1, 0x0, 0x2}, 0x0, 0x9, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xec, 0x7, 0x40, 0xe5, 0x0, 0x0, 0xd000, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={0x0, 0x2}, 0x9c7, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, 0x0, 0xfdef) (async)
perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x121, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(r2, &(0x7f00000001c0)='cpuacct.stat\x00', 0x0, 0x0)

327.064238ms ago: executing program 3 (id=2472):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x10, 0x2, &(0x7f0000000680)=ANY=[@ANYBLOB="911000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000f54f38742900"/28], 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000500)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1000}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xb, 0x8, 0x9}, {0x4, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r0}, {}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0x7, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0xf, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x2}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ldst={0x3, 0x2, 0x6, 0x8, 0x5, 0x50, 0x4}, @generic={0x3, 0x2, 0x6, 0x8, 0xfffffc00}]}, &(0x7f00000000c0)='syzkaller\x00', 0x3ff, 0x33, &(0x7f0000000100)=""/51, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000001c0)=[{0x5, 0x5, 0x5, 0x4}], 0x10, 0xd}, 0x94)

301.872943ms ago: executing program 1 (id=2473):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000140), &(0x7f0000000340)=""/233}, 0x20)

128.806733ms ago: executing program 3 (id=2474):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0x20, &(0x7f0000000180)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x64}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x2, 0x8, 0xa, 0x1a, 0xffffffffffffffff}, @map_idx={0x18, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0xc2000, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x9}, 0x8, 0x10, &(0x7f0000000280)={0x3, 0x6, 0x9, 0x125}, 0x10, 0x1f466, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000340)=[{0x5, 0x3, 0x8, 0x3}, {0x0, 0x4, 0x10, 0xa}, {0x2, 0x3, 0xc, 0x8}, {0x4, 0x5, 0x6, 0x2}, {0x2, 0x1, 0x5, 0x4}, {0x5, 0x4, 0x4}, {0x4, 0x1}], 0x10, 0x3}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000540)={@ifindex, 0x6, 0x0, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000480)=[0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0}, 0x40)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='rdma.current\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000580)={@fallback=r2, r0, 0x2b, 0x2000, 0x0, @value=r3, @void, @void, @void, r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000010630182000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

117.72106ms ago: executing program 2 (id=2475):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="d80000001800eb054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00060004010c00080008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cb8b4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e002c2a73ae028d1b34ff4f8cc430bb5a360db598262f3d40fad9e3bb9ad809d5e1cace81ed0bffece8b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d930000", 0xd8}], 0x1}, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000780)="1800000039000517d25a80648c63940d0324fc600b003540", 0x18}], 0x1, 0x0, 0x0, 0x6c000000}, 0x0)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
recvmsg(r3, &(0x7f00000003c0)={&(0x7f00000002c0)=@ax25={{0x3, @null}, [@netrom, @rose, @default, @rose, @bcast, @default, @bcast]}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000340)=""/117, 0x75}], 0x1, &(0x7f0000000480)=""/163, 0xa3}, 0x160)
ioctl$TUNSETVNETBE(r4, 0x400454de, &(0x7f00000001c0)=0x1)

102.608008ms ago: executing program 0 (id=2476):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000680)=ANY=[@ANYRES8=r0], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) (async)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12506, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000001, 0x8}, 0x7602, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) (async)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x9)
r4 = openat$cgroup_procs(r3, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0) (async)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r4, &(0x7f0000000080), 0x12)
r6 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000200)=0x1, 0x12) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) (async)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f00000001c0), 0x12)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='\b', @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50) (async)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x1240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x80000000b83, 0x1000}, 0x0, 0x20000000000, 0x0, 0x7, 0xce5e, 0x0, 0x20, 0x0, 0x0, 0x0, 0x3ffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
socketpair$unix(0x1, 0x5, 0x0, 0x0) (async)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5d31, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffeffffffff}, 0xc001, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r9 = socket$kcm(0xa, 0x5, 0x0) (rerun: 64)
sendmsg$kcm(r9, &(0x7f0000000600)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000000)=[{&(0x7f00000000c0)="80", 0x1}], 0x1, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000008400000005"], 0x18}, 0x41) (async, rerun: 64)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) (rerun: 64)

0s ago: executing program 3 (id=2477):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000b00), &(0x7f0000000000), 0x7, r0}, 0x36)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r3, 0x1, 0x41, &(0x7f0000000040)=r2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r4)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="d8000000180081064e81f782db4cb904021d0800067c7c09e8fe0ba1bc0004000200142603600e1208001e0003070401a8000600200e02400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000140), &(0x7f0000000340)=""/233}, 0x20)

kernel console output (not intermixed with test programs):

1] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.588546][ T8843] sit0: entered promiscuous mode
[  256.635749][ T8801] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  256.787203][ T5083] Bluetooth: hci2: command tx timeout
[  256.967671][ T8801] team0: Port device team_slave_0 added
[  256.982175][ T8801] team0: Port device team_slave_1 added
[  257.143193][ T8801] batman_adv: batadv0: Adding interface: batadv_slave_0
[  257.168605][ T8801] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.206810][ T8801] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  257.257786][ T8801] batman_adv: batadv0: Adding interface: batadv_slave_1
[  257.264961][ T8801] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.295035][ T8801] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  257.492096][ T8801] hsr_slave_0: entered promiscuous mode
[  257.501613][ T8801] hsr_slave_1: entered promiscuous mode
[  257.556029][ T8863] netlink: 152 bytes leftover after parsing attributes in process `syz.2.838'.
[  257.728659][ T8865] syzkaller0: entered promiscuous mode
[  257.743401][ T8865] syzkaller0: entered allmulticast mode
[  257.759128][ T5768] cgroup: fork rejected by pids controller in /syz2
[  258.821675][ T8886] netlink: 'syz.0.842': attribute type 3 has an invalid length.
[  258.838923][ T8886] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.842'.
[  258.857525][ T5083] Bluetooth: hci2: command tx timeout
[  260.765240][ T1030] veth1_macvtap: left promiscuous mode
[  260.776188][ T1030] veth0_macvtap: left promiscuous mode
[  260.791804][ T1030] veth1_vlan: left promiscuous mode
[  260.802382][ T1030] veth0_vlan: left promiscuous mode
[  260.937402][ T5083] Bluetooth: hci2: command tx timeout
[  261.847607][ T5786] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  261.866510][ T5786] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  261.875347][ T5786] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  261.884071][ T5786] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  261.892129][ T5786] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  261.914246][ T5786] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  262.180373][ T1030] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  262.231951][ T1030] team0 (unregistering): Port device team_slave_1 removed
[  262.276317][ T1030] team0 (unregistering): Port device C removed
[  262.320560][ T1030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  262.684736][ T1030] bond0 (unregistering): Released all slaves
[  262.749031][ T8914] netlink: 'syz.3.848': attribute type 29 has an invalid length.
[  262.761081][ T8918] netlink: 'syz.3.848': attribute type 29 has an invalid length.
[  263.730998][ T8801] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  263.760206][ T8801] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  263.785169][ T8801] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  263.810647][ T8801] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  263.830725][ T8921] chnl_net:caif_netlink_parms(): no params data found
[  263.977173][ T5083] Bluetooth: hci0: command tx timeout
[  264.068387][ T8921] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.075586][ T8921] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.095442][ T8921] bridge_slave_0: entered allmulticast mode
[  264.111178][ T8921] bridge_slave_0: entered promiscuous mode
[  264.125887][ T8921] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.135976][ T8921] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.145540][ T8921] bridge_slave_1: entered allmulticast mode
[  264.159256][ T8921] bridge_slave_1: entered promiscuous mode
[  264.277859][ T8921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.341088][ T8921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.373653][ T8801] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.445318][ T8921] team0: Port device team_slave_0 added
[  264.471746][ T8921] team0: Port device team_slave_1 added
[  264.515925][ T8801] 8021q: adding VLAN 0 to HW filter on device team0
[  264.562495][ T8921] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.577404][ T8921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.625472][ T8921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.670241][ T2942] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.678177][ T2942] bridge0: port 1(bridge_slave_0) entered forwarding state
[  264.694881][ T8921] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.717261][ T8921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.750001][ T8921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.767707][ T2942] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.774905][ T2942] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.977382][ T8921] hsr_slave_0: entered promiscuous mode
[  265.004398][ T8921] hsr_slave_1: entered promiscuous mode
[  265.011388][ T8921] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  265.024848][ T8921] Cannot create hsr debugfs directory
[  265.240620][ T8987] netlink: 'syz.0.863': attribute type 29 has an invalid length.
[  265.260658][ T8987] netlink: 'syz.0.863': attribute type 29 has an invalid length.
[  265.286977][ T8984] syzkaller0: entered promiscuous mode
[  265.292642][ T8984] syzkaller0: entered allmulticast mode
[  265.301528][ T8987] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.863'.
[  265.351481][ T8987] bridge_slave_1: default FDB implementation only supports local addresses
[  265.725676][ T8921] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.933789][ T8921] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.947619][ T9003] netlink: 52 bytes leftover after parsing attributes in process `syz.3.865'.
[  266.016047][ T8801] 8021q: adding VLAN 0 to HW filter on device batadv0
[  266.060060][ T5083] Bluetooth: hci0: command tx timeout
[  266.116831][ T8921] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.132375][ T9009] netlink: 'syz.0.866': attribute type 21 has an invalid length.
[  266.260156][ T8921] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.477256][ T8801] veth0_vlan: entered promiscuous mode
[  266.543288][ T8801] veth1_vlan: entered promiscuous mode
[  266.720598][ T9026] Q�6�`Ҙ: renamed from lo (while UP)
[  266.865684][ T8921] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  266.935104][ T8801] veth0_macvtap: entered promiscuous mode
[  266.966440][ T8921] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  267.012691][ T8921] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  267.117744][ T8801] veth1_macvtap: entered promiscuous mode
[  267.129113][ T8921] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  267.350281][ T8801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.396305][ T8801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.463277][ T8801] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.529217][ T8801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.547053][ T8801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.566031][ T8801] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.667612][ T8801] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.680067][ T8801] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.692269][ T8801] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.704356][ T8801] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.911223][ T9049] delete_channel: no stack
[  268.094736][  T168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.124013][  T168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.138022][ T5083] Bluetooth: hci0: command tx timeout
[  268.204039][ T8921] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.276199][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.312056][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.328335][ T8921] 8021q: adding VLAN 0 to HW filter on device team0
[  268.952081][ T2942] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.959355][ T2942] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.003160][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.010403][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.379971][ T8921] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  269.451588][ T8921] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  269.563378][ T9086] netlink: 'syz.1.819': attribute type 10 has an invalid length.
[  269.669698][ T9086] team0: Device ipvlan1 failed to register rx_handler
[  270.204582][ T8921] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.218330][ T5083] Bluetooth: hci0: command tx timeout
[  270.226173][ T9112] netlink: 'syz.1.878': attribute type 22 has an invalid length.
[  270.372315][ T8921] veth0_vlan: entered promiscuous mode
[  270.407893][ T8921] veth1_vlan: entered promiscuous mode
[  270.498577][ T8921] veth0_macvtap: entered promiscuous mode
[  270.543193][ T8921] veth1_macvtap: entered promiscuous mode
[  270.562932][ T9121] netlink: 65047 bytes leftover after parsing attributes in process `syz.3.882'.
[  270.622597][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.673530][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.689759][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.736509][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.750448][ T9125] netlink: 'syz.0.884': attribute type 1 has an invalid length.
[  270.759382][ T8921] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.782278][ T9125] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.884'.
[  270.802324][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.822523][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.844369][ T8921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.855951][ T8921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.875981][ T8921] batman_adv: batadv0: Interface activated: batadv_slave_1
[  270.927489][ T8921] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.956367][ T8921] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.965161][ T8921] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.978655][ T8921] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.999224][ T9129] netlink: 'syz.3.885': attribute type 25 has an invalid length.
[  271.011344][ T9129] netlink: 'syz.3.885': attribute type 28 has an invalid length.
[  271.077016][ T9135] sctp: [Deprecated]: syz.0.886 (pid 9135) Use of int in max_burst socket option deprecated.
[  271.077016][ T9135] Use struct sctp_assoc_value instead
[  271.159356][ T9129] netlink: 'syz.3.885': attribute type 10 has an invalid length.
[  271.625601][ T9143] netlink: 132 bytes leftover after parsing attributes in process `syz.1.887'.
[  271.835261][ T1030] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.869626][ T1030] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.983042][ T2915] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.011323][ T2915] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.580409][ T9165] netlink: 12 bytes leftover after parsing attributes in process `syz.2.894'.
[  273.229681][ T9187] netlink: 'syz.3.899': attribute type 9 has an invalid length.
[  273.259093][ T9187] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.899'.
[  273.335665][ T5083] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  273.413371][ T9191] netlink: 'syz.3.899': attribute type 9 has an invalid length.
[  273.428544][ T9191] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.899'.
[  273.724184][ T9201] netlink: 1057 bytes leftover after parsing attributes in process `syz.0.903'.
[  273.989867][ T9204] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.906'.
[  274.012375][ T9204] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.906'.
[  274.029385][ T9208] netlink: 188 bytes leftover after parsing attributes in process `syz.0.905'.
[  275.001643][ T9231] netlink: 'syz.0.912': attribute type 29 has an invalid length.
[  275.024215][ T9231] netlink: 'syz.0.912': attribute type 29 has an invalid length.
[  275.044016][ T9231] netlink: 'syz.0.912': attribute type 29 has an invalid length.
[  280.010018][ T9292] netlink: 'syz.0.928': attribute type 11 has an invalid length.
[  280.180133][ T9292] netlink: 212832 bytes leftover after parsing attributes in process `syz.0.928'.
[  280.440224][ T9283] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.433684][ T9306] netlink: 60 bytes leftover after parsing attributes in process `syz.2.931'.
[  282.463277][ T9306] netlink: 60 bytes leftover after parsing attributes in process `syz.2.931'.
[  282.502030][ T9311] netlink: 60 bytes leftover after parsing attributes in process `syz.2.931'.
[  282.634105][ T9306] netlink: 60 bytes leftover after parsing attributes in process `syz.2.931'.
[  283.046147][ T9327] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.939'.
[  283.436709][ T9345] netlink: 'syz.3.945': attribute type 20 has an invalid length.
[  283.621033][ T9351] netlink: 60 bytes leftover after parsing attributes in process `syz.3.946'.
[  283.652367][ T9351] netlink: 60 bytes leftover after parsing attributes in process `syz.3.946'.
[  283.798181][ T9359] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.947'.
[  284.164866][ T9374] sit0: entered allmulticast mode
[  285.128382][ T9386] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.954'.
[  285.660186][ T9397] netlink: 'syz.3.959': attribute type 21 has an invalid length.
[  285.669771][ T9391] netlink: 135856 bytes leftover after parsing attributes in process `syz.1.957'.
[  285.681335][ T9397] netlink: 156 bytes leftover after parsing attributes in process `syz.3.959'.
[  286.506684][ T9425] netlink: 10 bytes leftover after parsing attributes in process `syz.0.966'.
[  286.621320][ T1030] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  286.810277][ T9429] netlink: 'syz.3.968': attribute type 3 has an invalid length.
[  286.844675][ T9429] netlink: 'syz.3.968': attribute type 16 has an invalid length.
[  286.901557][ T9430] netlink: 'syz.3.968': attribute type 46 has an invalid length.
[  286.921720][ T9429] netlink: 'syz.3.968': attribute type 18 has an invalid length.
[  286.972528][ T9430] netlink: 'syz.3.968': attribute type 46 has an invalid length.
[  286.981765][ T9429] netlink: 'syz.3.968': attribute type 20 has an invalid length.
[  287.014661][ T9429] netlink: 'syz.3.968': attribute type 25 has an invalid length.
[  288.245777][ T9448] netlink: 'syz.1.970': attribute type 4 has an invalid length.
[  288.286277][ T9448] netlink: 152 bytes leftover after parsing attributes in process `syz.1.970'.
[  288.349083][ T9448] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  289.847792][ T9493] netlink: 64 bytes leftover after parsing attributes in process `syz.1.982'.
[  291.655631][ T9505] netlink: 'syz.0.987': attribute type 10 has an invalid length.
[  291.682447][ T9505] team0: Device hsr_slave_0 failed to register rx_handler
[  291.835950][ T9511] netlink: 'syz.1.989': attribute type 27 has an invalid length.
[  291.894046][ T9511] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.989'.
[  291.997023][ T9511] netlink: 'syz.1.989': attribute type 27 has an invalid length.
[  292.005881][ T9511] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.989'.
[  293.037047][ T9532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.994'.
[  293.080304][ T9535] sit0: entered promiscuous mode
[  293.345465][ T9532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.994'.
[  293.356891][ T9534] netlink: 60 bytes leftover after parsing attributes in process `syz.2.994'.
[  295.460055][ T9582] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1009'.
[  295.493916][ T9582] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1009'.
[  295.522668][ T9586] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1009'.
[  295.543851][ T9582] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1009'.
[  295.600358][ T9588] netlink: 'syz.3.1012': attribute type 3 has an invalid length.
[  295.600421][ T9588] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1012'.
[  297.080388][ T9610] netlink: 'syz.3.1017': attribute type 46 has an invalid length.
[  297.133134][ T9611] wg2: entered allmulticast mode
[  297.248018][ T1030] hsr_slave_0: left promiscuous mode
[  297.274234][ T1030] hsr_slave_1: left promiscuous mode
[  297.330282][ T1030] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.351926][ T9618] syz.3.1017: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  297.394098][ T1030] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.412022][ T9618] CPU: 1 PID: 9618 Comm: syz.3.1017 Not tainted syzkaller #0
[  297.419485][ T9618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  297.429617][ T9618] Call Trace:
[  297.432951][ T9618]  <TASK>
[  297.435928][ T9618]  dump_stack_lvl+0x18c/0x250
[  297.440684][ T9618]  ? show_regs_print_info+0x20/0x20
[  297.445961][ T9618]  ? load_image+0x400/0x400
[  297.450529][ T9618]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  297.457011][ T9618]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  297.463573][ T9618]  warn_alloc+0x246/0x340
[  297.467967][ T9618]  ? stack_trace_save+0xaa/0x100
[  297.472996][ T9618]  ? zone_watermark_ok_safe+0x230/0x230
[  297.478625][ T9618]  ? kasan_set_track+0x5f/0x70
[  297.483442][ T9618]  ? kasan_set_track+0x4e/0x70
[  297.488269][ T9618]  ? __kasan_kmalloc+0x8f/0xa0
[  297.493088][ T9618]  ? xsk_init_queue+0xad/0x100
[  297.497903][ T9618]  ? xsk_setsockopt+0x4e5/0x760
[  297.502806][ T9618]  ? do_sock_setsockopt+0x175/0x1a0
[  297.508052][ T9618]  ? __x64_sys_setsockopt+0x182/0x200
[  297.513472][ T9618]  __vmalloc_node_range+0x126/0x1330
[  297.518853][ T9618]  ? free_vm_area+0x50/0x50
[  297.523440][ T9618]  vmalloc_user+0x74/0x80
[  297.527835][ T9618]  ? xskq_create+0xbf/0x170
[  297.532403][ T9618]  xskq_create+0xbf/0x170
[  297.536830][ T9618]  xsk_init_queue+0xad/0x100
[  297.541491][ T9618]  xsk_setsockopt+0x4e5/0x760
[  297.546232][ T9618]  ? xsk_poll+0x680/0x680
[  297.550609][ T9618]  ? __fget_files+0x28/0x4b0
[  297.555235][ T9618]  ? __fget_files+0x28/0x4b0
[  297.559856][ T9618]  ? aa_sock_opt_perm+0x74/0x100
[  297.564826][ T9618]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  297.570408][ T9618]  ? security_socket_setsockopt+0x7e/0xa0
[  297.576158][ T9618]  ? xsk_poll+0x680/0x680
[  297.580525][ T9618]  do_sock_setsockopt+0x175/0x1a0
[  297.585578][ T9618]  ? __fdget+0x180/0x210
[  297.589862][ T9618]  __x64_sys_setsockopt+0x182/0x200
[  297.595101][ T9618]  do_syscall_64+0x55/0xa0
[  297.600173][ T9618]  ? clear_bhb_loop+0x40/0x90
[  297.604884][ T9618]  ? clear_bhb_loop+0x40/0x90
[  297.609742][ T9618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  297.615672][ T9618] RIP: 0033:0x7f8c0899c799
[  297.620120][ T9618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  297.639767][ T9618] RSP: 002b:00007f8c097a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  297.648219][ T9618] RAX: ffffffffffffffda RBX: 00007f8c08c16270 RCX: 00007f8c0899c799
[  297.656218][ T9618] RDX: 0000000000000002 RSI: 000000000000011b RDI: 000000000000000f
[  297.664315][ T9618] RBP: 00007f8c08a32bd9 R08: 0000000000000004 R09: 0000000000000000
[  297.672407][ T9618] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  297.680408][ T9618] R13: 00007f8c08c16308 R14: 00007f8c08c16270 R15: 00007ffdfaffe998
[  297.688426][ T9618]  </TASK>
[  297.738193][ T1030] veth1_macvtap: left allmulticast mode
[  297.747215][ T1030] veth1_macvtap: left promiscuous mode
[  297.752851][ T1030] veth0_macvtap: left promiscuous mode
[  297.764825][ T9618] Mem-Info:
[  297.769552][ T9618] active_anon:21006 inactive_anon:0 isolated_anon:0
[  297.769552][ T9618]  active_file:18097 inactive_file:40012 isolated_file:0
[  297.769552][ T9618]  unevictable:768 dirty:32 writeback:0
[  297.769552][ T9618]  slab_reclaimable:10547 slab_unreclaimable:97858
[  297.769552][ T9618]  mapped:36021 shmem:14897 pagetables:628
[  297.769552][ T9618]  sec_pagetables:0 bounce:0
[  297.769552][ T9618]  kernel_misc_reclaimable:0
[  297.769552][ T9618]  free:1327582 free_pcp:8453 free_cma:0
[  297.797059][ T1030] veth1_vlan: left promiscuous mode
[  297.871233][ T1030] veth0_vlan: left promiscuous mode
[  297.876998][ T9618] Node 0 active_anon:84624kB inactive_anon:0kB active_file:72388kB inactive_file:159856kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:144084kB dirty:128kB writeback:0kB shmem:58652kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10932kB pagetables:2512kB sec_pagetables:0kB all_unreclaimable? no
[  297.927435][ T9618] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:192kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  297.996139][ T9618] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  298.048809][ T9618] lowmem_reserve[]: 0 2521 2522 2522 2522
[  298.054759][ T9618] Node 0 DMA32 free:1397396kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:85884kB inactive_anon:0kB active_file:72388kB inactive_file:159024kB unevictable:1536kB writepending:128kB present:3129332kB managed:2586964kB mlocked:0kB bounce:0kB free_pcp:12684kB local_pcp:7400kB free_cma:0kB
[  298.110950][ T9618] lowmem_reserve[]: 0 0 0 0 0
[  298.199288][ T9618] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  298.346756][ T9618] lowmem_reserve[]: 0 0 0 0 0
[  298.366945][ T9618] Node 1 Normal free:3891688kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:192kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21600kB local_pcp:12512kB free_cma:0kB
[  298.483330][ T9618] lowmem_reserve[]: 0 0 0 0 0
[  298.494518][ T9618] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  298.518030][ T9618] Node 0 DMA32: 424*4kB (UME) 392*8kB (UM) 110*16kB (UME) 658*32kB (UME) 85*64kB (UE) 91*128kB (UME) 83*256kB (UME) 41*512kB (UM) 23*1024kB (UM) 5*2048kB (UM) 311*4096kB (UM) = 1394624kB
[  298.562896][ T9618] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  298.576434][ T9618] Node 1 Normal: 246*4kB (UME) 54*8kB (UE) 42*16kB (UE) 101*32kB (UE) 29*64kB (UME) 4*128kB (UME) 2*256kB (UE) 1*512kB (M) 2*1024kB (UE) 1*2048kB (E) 947*4096kB (M) = 3891720kB
[  298.633520][ T9618] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  298.654535][ T9618] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  298.669348][ T9618] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  298.689438][ T9618] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  298.726294][ T9618] 74295 total pagecache pages
[  298.736510][ T9618] 0 pages in swap cache
[  298.740737][ T9618] Free swap  = 124996kB
[  298.756581][ T9618] Total swap = 124996kB
[  298.760826][ T9618] 2097051 pages RAM
[  298.764686][ T9618] 0 pages HighMem/MovableOnly
[  298.805408][ T9618] 416924 pages reserved
[  298.816340][ T9618] 0 pages cma reserved
[  300.795375][ T1030] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  300.973036][ T1030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  301.053479][ T1030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  301.522926][ T1030] bond0 (unregistering): Released all slaves
[  301.616625][ T9629] __nla_validate_parse: 2 callbacks suppressed
[  301.616641][ T9629] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1020'.
[  302.067604][ T9647] netlink: 'syz.3.1026': attribute type 8 has an invalid length.
[  302.155590][ T9647] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1026'.
[  302.809231][ T9658] netlink: 'syz.2.1030': attribute type 21 has an invalid length.
[  303.475970][ T9671] netlink: 'syz.1.1034': attribute type 21 has an invalid length.
[  303.484809][ T9671] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1034'.
[  303.538593][ T9671] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1034'.
[  304.530851][ T9699] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1043'.
[  304.678372][ T9703] sctp: [Deprecated]: syz.1.1045 (pid 9703) Use of int in max_burst socket option deprecated.
[  304.678372][ T9703] Use struct sctp_assoc_value instead
[  304.800091][ T9699] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[  304.822282][ T9699] CPU: 1 PID: 9699 Comm: syz.0.1043 Not tainted syzkaller #0
[  304.829741][ T9699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  304.839861][ T9699] Call Trace:
[  304.843186][ T9699]  <TASK>
[  304.846160][ T9699]  dump_stack_lvl+0x18c/0x250
[  304.850915][ T9699]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  304.857139][ T9699]  ? show_regs_print_info+0x20/0x20
[  304.862576][ T9699]  ? load_image+0x400/0x400
[  304.867143][ T9699]  ? sysfs_warn_dup+0x65/0xa0
[  304.871876][ T9699]  sysfs_warn_dup+0x8e/0xa0
[  304.876435][ T9699]  sysfs_do_create_link_sd+0xc0/0x110
[  304.881876][ T9699]  device_add_class_symlinks+0x1cf/0x240
[  304.887588][ T9699]  device_add+0x507/0xc20
[  304.891996][ T9699]  wiphy_register+0x1dad/0x2ae0
[  304.896937][ T9699]  ? cfg80211_event_work+0x40/0x40
[  304.902106][ T9699]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  304.908352][ T9699]  ieee80211_register_hw+0x3464/0x4250
[  304.913926][ T9699]  ? ieee80211_tasklet_handler+0x20/0x20
[  304.919636][ T9699]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  304.925596][ T9699]  ? __debug_object_init+0xec/0x450
[  304.930872][ T9699]  ? __asan_memset+0x22/0x40
[  304.935536][ T9699]  ? __hrtimer_init+0x186/0x270
[  304.940463][ T9699]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  304.946377][ T9699]  ? mac80211_hwsim_free+0x220/0x220
[  304.951730][ T9699]  ? rcu_is_watching+0x15/0xb0
[  304.956555][ T9699]  ? kstrndup+0xbd/0x140
[  304.960887][ T9699]  hwsim_new_radio_nl+0xdc9/0x1a90
[  304.966081][ T9699]  ? __nla_validate+0x50/0x50
[  304.970827][ T9699]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  304.976890][ T9699]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  304.983291][ T9699]  ? lockdep_hardirqs_on+0x98/0x150
[  304.988555][ T9699]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  304.994785][ T9699]  ? __nla_parse+0x40/0x50
[  304.999269][ T9699]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  305.005684][ T9699]  genl_family_rcv_msg_doit+0x211/0x310
[  305.011306][ T9699]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  305.017300][ T9699]  ? genl_rcv_msg+0x5f6/0x7a0
[  305.022048][ T9699]  genl_rcv_msg+0x619/0x7a0
[  305.026616][ T9699]  ? genl_bind+0x360/0x360
[  305.031087][ T9699]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  305.037504][ T9699]  ? mark_lock+0x94/0x320
[  305.043393][ T9699]  netlink_rcv_skb+0x241/0x4d0
[  305.048238][ T9699]  ? genl_bind+0x360/0x360
[  305.052721][ T9699]  ? netlink_ack+0x1180/0x1180
[  305.057582][ T9699]  ? down_read+0x61/0x2e0
[  305.062030][ T9699]  ? down_read+0x1ac/0x2e0
[  305.066603][ T9699]  genl_rcv+0x28/0x40
[  305.070638][ T9699]  netlink_unicast+0x751/0x8d0
[  305.075495][ T9699]  netlink_sendmsg+0x8d0/0xbf0
[  305.080350][ T9699]  ? lockdep_hardirqs_on+0x98/0x150
[  305.085622][ T9699]  ? netlink_getsockopt+0x590/0x590
[  305.090984][ T9699]  ? aa_sock_msg_perm+0x94/0x150
[  305.096009][ T9699]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  305.101370][ T9699]  ? security_socket_sendmsg+0x80/0xa0
[  305.107035][ T9699]  ? netlink_getsockopt+0x590/0x590
[  305.112315][ T9699]  ____sys_sendmsg+0x5ba/0x960
[  305.117181][ T9699]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  305.123423][ T9699]  ? __asan_memset+0x22/0x40
[  305.128088][ T9699]  ? __sys_sendmsg_sock+0x30/0x30
[  305.133181][ T9699]  ? __import_iovec+0x5f2/0x850
[  305.138117][ T9699]  ? import_iovec+0x73/0xa0
[  305.142703][ T9699]  ___sys_sendmsg+0x2a6/0x360
[  305.147458][ T9699]  ? __sys_sendmsg+0x2a0/0x2a0
[  305.152353][ T9699]  __se_sys_sendmsg+0x1c2/0x2b0
[  305.157278][ T9699]  ? __x64_sys_sendmsg+0x80/0x80
[  305.162305][ T9699]  ? syscall_enter_from_user_mode+0x2e/0x80
[  305.168271][ T9699]  do_syscall_64+0x55/0xa0
[  305.172761][ T9699]  ? clear_bhb_loop+0x40/0x90
[  305.177494][ T9699]  ? clear_bhb_loop+0x40/0x90
[  305.182231][ T9699]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  305.188189][ T9699] RIP: 0033:0x7f94c699c799
[  305.192656][ T9699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  305.212412][ T9699] RSP: 002b:00007f94c7825028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  305.220895][ T9699] RAX: ffffffffffffffda RBX: 00007f94c6c16090 RCX: 00007f94c699c799
[  305.229014][ T9699] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  305.237043][ T9699] RBP: 00007f94c6a32bd9 R08: 0000000000000000 R09: 0000000000000000
[  305.245073][ T9699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  305.253110][ T9699] R13: 00007f94c6c16128 R14: 00007f94c6c16090 R15: 00007ffc61d81b18
[  305.261448][ T9699]  </TASK>
[  305.542909][ T9717] C: renamed from team_slave_0 (while UP)
[  305.556165][ T9717] netlink: 'syz.2.1048': attribute type 3 has an invalid length.
[  305.577498][ T9717] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  306.016872][ T9740] netlink: 'syz.1.1055': attribute type 21 has an invalid length.
[  307.070847][ T9761] bond0: entered promiscuous mode
[  307.080261][ T9761] bond_slave_0: entered promiscuous mode
[  307.093892][ T9761] bond_slave_1: entered promiscuous mode
[  307.104201][ T9761] bond0: entered allmulticast mode
[  307.126823][ T9761] bond_slave_0: entered allmulticast mode
[  307.142948][ T9761] bond_slave_1: entered allmulticast mode
[  308.627276][ T9812] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1076'.
[  309.573825][ T9816] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1074'.
[  309.681876][ T9816] debugfs: Directory '!!�' with parent 'ieee80211' already present!
[  309.834663][ T9842] netlink: 'syz.0.1083': attribute type 21 has an invalid length.
[  309.868854][ T9842] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1083'.
[  310.673942][ T9853] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1086'.
[  310.902468][ T9855] netlink: 'syz.3.1085': attribute type 21 has an invalid length.
[  311.100014][ T9869] netlink: 56843 bytes leftover after parsing attributes in process `syz.2.1090'.
[  311.304999][ T9871] netlink: 'syz.0.1091': attribute type 4 has an invalid length.
[  311.346337][ T9871] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1091'.
[  311.369123][ T9871] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  312.542148][ T9894] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  312.564224][ T9894] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  312.589131][ T9895] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1099'.
[  312.617691][ T9896] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  312.624732][ T9896] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  313.182026][ T9904] aaaaaaaaaaaaaaa: entered promiscuous mode
[  313.303903][ T9913] syzkaller0: entered promiscuous mode
[  313.313122][ T9913] syzkaller0: entered allmulticast mode
[  313.951415][ T9949] netlink: 'syz.0.1113': attribute type 29 has an invalid length.
[  315.644745][ T9949] netlink: 'syz.0.1113': attribute type 29 has an invalid length.
[  316.007506][ T9967] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1118'.
[  316.528292][ T9982] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1122'.
[  316.700207][ T9063] page_pool_release_retry() stalled pool shutdown 1 inflight 60 sec
[  317.347313][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  317.360818][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  318.619596][ T2942] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  318.698588][T10012] netlink: 'syz.2.1127': attribute type 29 has an invalid length.
[  318.754215][T10012] netlink: 'syz.2.1127': attribute type 29 has an invalid length.
[  318.791583][T10014] netlink: 'syz.2.1127': attribute type 29 has an invalid length.
[  319.715102][T10023] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1133'.
[  319.742439][T10023] hsr_slave_0: left promiscuous mode
[  319.749956][T10023] hsr_slave_1: left promiscuous mode
[  319.862957][T10027] netlink: 'syz.1.1136': attribute type 1 has an invalid length.
[  319.871446][T10027] netlink: 'syz.1.1136': attribute type 4 has an invalid length.
[  319.880161][T10027] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1136'.
[  319.895093][T10035] netlink: 204416 bytes leftover after parsing attributes in process `syz.3.1138'.
[  319.927348][T10035] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1138'.
[  320.392246][T10046] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.1142'.
[  320.903397][T10067] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1147'.
[  322.819700][T10120] netlink: 'syz.0.1161': attribute type 3 has an invalid length.
[  322.845521][T10120] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1161'.
[  323.052625][T10100] delete_channel: no stack
[  323.399318][T10133] netlink: 16399 bytes leftover after parsing attributes in process `syz.2.1165'.
[  323.611965][T10142] syzkaller0: entered promiscuous mode
[  323.627048][T10142] syzkaller0: entered allmulticast mode
[  323.660867][T10142] netlink: 'syz.1.1167': attribute type 3 has an invalid length.
[  323.680204][T10142] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1167'.
[  325.093204][T10189] netlink: 'syz.2.1179': attribute type 21 has an invalid length.
[  325.106067][T10189] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1179'.
[  325.117515][T10189] netlink: 'syz.2.1179': attribute type 5 has an invalid length.
[  325.130404][T10189] netlink: 'syz.2.1179': attribute type 6 has an invalid length.
[  325.151353][T10189] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1179'.
[  325.322023][T10192] netlink: 'syz.3.1180': attribute type 1 has an invalid length.
[  325.330053][T10192] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.1180'.
[  326.198224][T10226] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1191'.
[  326.238548][T10226] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[  326.264138][T10226] CPU: 0 PID: 10226 Comm: syz.3.1191 Not tainted syzkaller #0
[  326.271859][T10226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  326.281990][T10226] Call Trace:
[  326.285306][T10226]  <TASK>
[  326.288274][T10226]  dump_stack_lvl+0x18c/0x250
[  326.293024][T10226]  ? show_regs_print_info+0x20/0x20
[  326.298270][T10226]  ? load_image+0x400/0x400
[  326.302838][T10226]  sysfs_warn_dup+0x8e/0xa0
[  326.307376][T10226]  sysfs_do_create_link_sd+0xc0/0x110
[  326.312785][T10226]  device_add_class_symlinks+0x1cf/0x240
[  326.318472][T10226]  device_add+0x507/0xc20
[  326.322855][T10226]  wiphy_register+0x1dad/0x2ae0
[  326.327774][T10226]  ? cfg80211_event_work+0x40/0x40
[  326.332928][T10226]  ? minstrel_ht_alloc+0x88a/0x990
[  326.338132][T10226]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  326.344245][T10226]  ieee80211_register_hw+0x3464/0x4250
[  326.349791][T10226]  ? ieee80211_tasklet_handler+0x20/0x20
[  326.355464][T10226]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  326.361406][T10226]  ? __debug_object_init+0xec/0x450
[  326.366653][T10226]  ? __asan_memset+0x22/0x40
[  326.371290][T10226]  ? __hrtimer_init+0x186/0x270
[  326.376195][T10226]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  326.382021][T10226]  ? mac80211_hwsim_free+0x220/0x220
[  326.387357][T10226]  ? rcu_is_watching+0x15/0xb0
[  326.392168][T10226]  ? kstrndup+0xbd/0x140
[  326.396470][T10226]  hwsim_new_radio_nl+0xdc9/0x1a90
[  326.401667][T10226]  ? __nla_validate+0x50/0x50
[  326.406411][T10226]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  326.412803][T10226]  ? __nla_parse+0x40/0x50
[  326.417267][T10226]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  326.423643][T10226]  genl_family_rcv_msg_doit+0x211/0x310
[  326.429227][T10226]  ? end_current_label_crit_section+0x170/0x170
[  326.435512][T10226]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  326.441466][T10226]  ? bpf_lsm_capable+0x9/0x10
[  326.446190][T10226]  ? security_capable+0x89/0xb0
[  326.451107][T10226]  genl_rcv_msg+0x619/0x7a0
[  326.455664][T10226]  ? genl_bind+0x360/0x360
[  326.460114][T10226]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  326.466590][T10226]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  326.473235][T10226]  ? ref_tracker_free+0x690/0x840
[  326.478323][T10226]  netlink_rcv_skb+0x241/0x4d0
[  326.483144][T10226]  ? genl_bind+0x360/0x360
[  326.487606][T10226]  ? netlink_ack+0x1180/0x1180
[  326.492437][T10226]  ? __lock_acquire+0x7d40/0x7d40
[  326.497520][T10226]  ? down_read+0x1ac/0x2e0
[  326.502012][T10226]  genl_rcv+0x28/0x40
[  326.506052][T10226]  netlink_unicast+0x751/0x8d0
[  326.510973][T10226]  netlink_sendmsg+0x8d0/0xbf0
[  326.515799][T10226]  ? netlink_getsockopt+0x590/0x590
[  326.521047][T10226]  ? aa_sock_msg_perm+0x94/0x150
[  326.526045][T10226]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  326.531369][T10226]  ? security_socket_sendmsg+0x80/0xa0
[  326.536862][T10226]  ? netlink_getsockopt+0x590/0x590
[  326.542113][T10226]  ____sys_sendmsg+0x5ba/0x960
[  326.546932][T10226]  ? __asan_memset+0x22/0x40
[  326.551564][T10226]  ? __sys_sendmsg_sock+0x30/0x30
[  326.556617][T10226]  ? __import_iovec+0x5f2/0x850
[  326.561538][T10226]  ? import_iovec+0x73/0xa0
[  326.566083][T10226]  ___sys_sendmsg+0x2a6/0x360
[  326.570894][T10226]  ? __sys_sendmsg+0x2a0/0x2a0
[  326.575782][T10226]  __se_sys_sendmsg+0x1c2/0x2b0
[  326.580679][T10226]  ? __x64_sys_sendmsg+0x80/0x80
[  326.585687][T10226]  ? lockdep_hardirqs_on+0x98/0x150
[  326.590942][T10226]  do_syscall_64+0x55/0xa0
[  326.595408][T10226]  ? clear_bhb_loop+0x40/0x90
[  326.600126][T10226]  ? clear_bhb_loop+0x40/0x90
[  326.604857][T10226]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  326.610804][T10226] RIP: 0033:0x7f8c0899c799
[  326.615260][T10226] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  326.634996][T10226] RSP: 002b:00007f8c09803028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.643451][T10226] RAX: ffffffffffffffda RBX: 00007f8c08c15fa0 RCX: 00007f8c0899c799
[  326.651548][T10226] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  326.659652][T10226] RBP: 00007f8c08a32bd9 R08: 0000000000000000 R09: 0000000000000000
[  326.667743][T10226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  326.675746][T10226] R13: 00007f8c08c16038 R14: 00007f8c08c15fa0 R15: 00007ffdfaffe998
[  326.683898][T10226]  </TASK>
[  326.703263][T10229] netlink: 'syz.3.1191': attribute type 9 has an invalid length.
[  326.712025][T10229] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1191'.
[  327.123907][T10238] delete_channel: no stack
[  327.746142][T10269] netlink: 'syz.2.1205': attribute type 29 has an invalid length.
[  327.792021][T10269] netlink: 'syz.2.1205': attribute type 29 has an invalid length.
[  327.837741][T10268] netlink: 'syz.2.1205': attribute type 29 has an invalid length.
[  327.854958][T10268] netlink: 'syz.2.1205': attribute type 29 has an invalid length.
[  327.979039][T10277] delete_channel: no stack
[  328.020920][T10283] tap0: tun_chr_ioctl cmd 21731
[  328.165946][T10292] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1212'.
[  328.358628][T10300] netlink: 'syz.3.1214': attribute type 6 has an invalid length.
[  328.798963][T10320] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[  328.834626][T10319] netlink: 'syz.2.1221': attribute type 10 has an invalid length.
[  328.998347][T10324] netlink: 'syz.3.1223': attribute type 21 has an invalid length.
[  329.072392][T10326] netlink: 'syz.1.1224': attribute type 29 has an invalid length.
[  329.103378][T10326] netlink: 'syz.1.1224': attribute type 29 has an invalid length.
[  329.133884][T10329] netlink: 'syz.1.1224': attribute type 29 has an invalid length.
[  329.162262][T10326] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1224'.
[  329.646362][T10338] netlink: 'syz.1.1227': attribute type 10 has an invalid length.
[  330.080445][T10345] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1230'.
[  330.460012][T10338] team0 (unregistering): Port device team_slave_0 removed
[  330.512592][T10338] team0 (unregistering): Port device team_slave_1 removed
[  330.553074][T10347] netlink: 'syz.0.1231': attribute type 10 has an invalid length.
[  330.572548][T10347] veth0_macvtap: left promiscuous mode
[  330.680809][T10330] delete_channel: no stack
[  331.351676][T10369] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1236'.
[  332.121618][T10391] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1244'.
[  332.165216][T10391] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  332.208632][T10392] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1243'.
[  332.227203][T10392] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  332.924711][T10405] validate_nla: 3 callbacks suppressed
[  332.924731][T10405] netlink: 'syz.2.1246': attribute type 1 has an invalid length.
[  333.026418][T10405] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.1246'.
[  333.985408][T10417] netlink: 'syz.0.1250': attribute type 3 has an invalid length.
[  334.023915][T10417] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1250'.
[  334.681553][T10424] netlink: 'syz.0.1253': attribute type 1 has an invalid length.
[  335.611003][T10446] netlink: 'syz.2.1259': attribute type 3 has an invalid length.
[  335.629180][T10446] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1259'.
[  335.882779][T10454] netlink: 'syz.0.1261': attribute type 2 has an invalid length.
[  336.055180][T10458] netlink: 'syz.1.1263': attribute type 21 has an invalid length.
[  336.081899][T10458] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1263'.
[  336.112493][T10458] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1263'.
[  337.453628][T10477] netlink: 'syz.0.1266': attribute type 10 has an invalid length.
[  337.463279][T10477] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1266'.
[  337.610074][T10477] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  338.336797][T10498] netlink: 'syz.1.1273': attribute type 12 has an invalid length.
[  338.346239][T10498] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1273'.
[  338.400031][T10499] netlink: 'syz.1.1273': attribute type 10 has an invalid length.
[  338.461106][T10497] netlink: 'syz.1.1273': attribute type 12 has an invalid length.
[  338.544109][T10497] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1273'.
[  339.139243][T10517] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1279'.
[  339.533735][T10523] netlink: 'syz.3.1280': attribute type 2 has an invalid length.
[  339.543091][T10523] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1280'.
[  339.799597][T10532] netlink: 'syz.3.1283': attribute type 29 has an invalid length.
[  339.809216][T10532] netlink: 'syz.3.1283': attribute type 29 has an invalid length.
[  339.836739][T10532] netlink: 'syz.3.1283': attribute type 29 has an invalid length.
[  339.948873][T10542] netlink: 'syz.2.1285': attribute type 6 has an invalid length.
[  340.968482][T10560] netlink: 'syz.2.1292': attribute type 3 has an invalid length.
[  341.018083][T10560] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.1292'.
[  341.060466][T10554] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1290'.
[  341.156427][T10554] hsr_slave_0: left promiscuous mode
[  341.197292][T10554] hsr_slave_1: left promiscuous mode
[  341.495055][T10578] netlink: 'syz.0.1297': attribute type 2 has an invalid length.
[  341.507635][T10578] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1297'.
[  342.644124][T10593] netlink: 210880 bytes leftover after parsing attributes in process `syz.1.1302'.
[  347.449260][T10623] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1308'.
[  347.523426][T10623] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  347.543955][T10623] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  347.568788][T10623] bond0 (unregistering): Released all slaves
[  347.591839][T10631] validate_nla: 3 callbacks suppressed
[  347.591854][T10631] netlink: 'syz.2.1310': attribute type 6 has an invalid length.
[  347.605370][T10631] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1310'.
[  348.763785][T10666] netlink: 'syz.3.1319': attribute type 1 has an invalid length.
[  348.791458][T10666] netlink: 146340 bytes leftover after parsing attributes in process `syz.3.1319'.
[  350.617150][ T1030] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  351.279904][T10677] netlink: 'syz.0.1321': attribute type 15 has an invalid length.
[  351.301920][T10677] netlink: 'syz.0.1321': attribute type 7 has an invalid length.
[  351.502538][T10693] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1326'.
[  351.588320][T10696] C: renamed from team_slave_0
[  356.203563][T10696] netlink: 'syz.1.1327': attribute type 4 has an invalid length.
[  356.215007][T10696] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1327'.
[  356.228193][T10696] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  356.356901][T10719] netlink: 'syz.1.1333': attribute type 29 has an invalid length.
[  356.375596][T10719] netlink: 'syz.1.1333': attribute type 29 has an invalid length.
[  356.413772][T10720] netlink: 'syz.1.1333': attribute type 29 has an invalid length.
[  356.426774][T10722] netlink: 'syz.1.1333': attribute type 29 has an invalid length.
[  356.544642][T10724] netlink: 'syz.2.1334': attribute type 10 has an invalid length.
[  356.556911][T10724] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1334'.
[  356.579885][T10724] caif0: entered promiscuous mode
[  356.588795][T10724] caif0: entered allmulticast mode
[  356.594181][T10724] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  356.659189][T10720] netlink: 'syz.1.1333': attribute type 29 has an invalid length.
[  357.663357][T10737] sit0: entered allmulticast mode
[  358.043699][T10749] netlink: 'syz.3.1341': attribute type 3 has an invalid length.
[  358.053341][T10749] netlink: 'syz.3.1341': attribute type 1 has an invalid length.
[  358.070159][T10749] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1341'.
[  358.245789][T10751] syzkaller0: entered promiscuous mode
[  358.256379][T10751] syzkaller0: entered allmulticast mode
[  361.189122][T10780] netlink: 'syz.0.1348': attribute type 10 has an invalid length.
[  361.287437][T10780] team0 (unregistering): Port device team_slave_0 removed
[  361.336640][T10780] team0 (unregistering): Port device team_slave_1 removed
[  361.391615][T10785] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1349'.
[  361.763380][T10807] syz.3.1354: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  361.797620][T10804] can: request_module (can-proto-0) failed.
[  361.812826][T10807] CPU: 1 PID: 10807 Comm: syz.3.1354 Not tainted syzkaller #0
[  361.820399][T10807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  361.830503][T10807] Call Trace:
[  361.833825][T10807]  <TASK>
[  361.836805][T10807]  dump_stack_lvl+0x18c/0x250
[  361.841561][T10807]  ? show_regs_print_info+0x20/0x20
[  361.846826][T10807]  ? load_image+0x400/0x400
[  361.851404][T10807]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  361.857885][T10807]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  361.864445][T10807]  warn_alloc+0x246/0x340
[  361.868837][T10807]  ? stack_trace_save+0xaa/0x100
[  361.873836][T10807]  ? zone_watermark_ok_safe+0x230/0x230
[  361.879467][T10807]  ? kasan_set_track+0x5f/0x70
[  361.884286][T10807]  ? kasan_set_track+0x4e/0x70
[  361.889095][T10807]  ? __kasan_kmalloc+0x8f/0xa0
[  361.893889][T10807]  ? xsk_init_queue+0xad/0x100
[  361.898685][T10807]  ? xsk_setsockopt+0x4e5/0x760
[  361.903741][T10807]  ? do_sock_setsockopt+0x175/0x1a0
[  361.908964][T10807]  ? __x64_sys_setsockopt+0x182/0x200
[  361.914380][T10807]  __vmalloc_node_range+0x126/0x1330
[  361.919727][T10807]  ? free_vm_area+0x50/0x50
[  361.924270][T10807]  vmalloc_user+0x74/0x80
[  361.928633][T10807]  ? xskq_create+0xbf/0x170
[  361.933186][T10807]  xskq_create+0xbf/0x170
[  361.937564][T10807]  xsk_init_queue+0xad/0x100
[  361.942227][T10807]  xsk_setsockopt+0x4e5/0x760
[  361.946946][T10807]  ? xsk_poll+0x680/0x680
[  361.951315][T10807]  ? __fget_files+0x28/0x4b0
[  361.955933][T10807]  ? __fget_files+0x28/0x4b0
[  361.960553][T10807]  ? aa_sock_opt_perm+0x74/0x100
[  361.965532][T10807]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  361.971115][T10807]  ? security_socket_setsockopt+0x7e/0xa0
[  361.976863][T10807]  ? xsk_poll+0x680/0x680
[  361.981227][T10807]  do_sock_setsockopt+0x175/0x1a0
[  361.986275][T10807]  ? __fdget+0x180/0x210
[  361.990554][T10807]  __x64_sys_setsockopt+0x182/0x200
[  361.995790][T10807]  do_syscall_64+0x55/0xa0
[  362.000244][T10807]  ? clear_bhb_loop+0x40/0x90
[  362.004943][T10807]  ? clear_bhb_loop+0x40/0x90
[  362.009652][T10807]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  362.015571][T10807] RIP: 0033:0x7f8c0899c799
[  362.020371][T10807] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  362.040011][T10807] RSP: 002b:00007f8c09803028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  362.048454][T10807] RAX: ffffffffffffffda RBX: 00007f8c08c15fa0 RCX: 00007f8c0899c799
[  362.056450][T10807] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000005
[  362.064446][T10807] RBP: 00007f8c08a32bd9 R08: 0000000000000004 R09: 0000000000000000
[  362.072442][T10807] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  362.080440][T10807] R13: 00007f8c08c16038 R14: 00007f8c08c15fa0 R15: 00007ffdfaffe998
[  362.088451][T10807]  </TASK>
[  362.142051][T10807] Mem-Info:
[  362.160675][T10807] active_anon:8450 inactive_anon:0 isolated_anon:0
[  362.160675][T10807]  active_file:18097 inactive_file:40040 isolated_file:0
[  362.160675][T10807]  unevictable:768 dirty:29 writeback:0
[  362.160675][T10807]  slab_reclaimable:10296 slab_unreclaimable:95697
[  362.160675][T10807]  mapped:24064 shmem:1361 pagetables:540
[  362.160675][T10807]  sec_pagetables:0 bounce:0
[  362.160675][T10807]  kernel_misc_reclaimable:0
[  362.160675][T10807]  free:1341084 free_pcp:8452 free_cma:0
[  362.173950][T10804] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1355'.
[  362.259182][T10807] Node 0 active_anon:33900kB inactive_anon:0kB active_file:72388kB inactive_file:159968kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96256kB dirty:116kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10848kB pagetables:2160kB sec_pagetables:0kB all_unreclaimable? no
[  362.308556][T10807] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:192kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  362.356590][T10814] netlink: 'syz.1.1357': attribute type 25 has an invalid length.
[  362.375037][T10814] netlink: 'syz.1.1357': attribute type 28 has an invalid length.
[  362.383442][T10807] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  362.428311][T10807] lowmem_reserve[]: 0 2521 2522 2522 2522
[  362.434353][T10807] Node 0 DMA32 free:1446512kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:33860kB inactive_anon:0kB active_file:72388kB inactive_file:159136kB unevictable:1536kB writepending:116kB present:3129332kB managed:2586964kB mlocked:0kB bounce:0kB free_pcp:13648kB local_pcp:3080kB free_cma:0kB
[  362.499742][T10807] lowmem_reserve[]: 0 0 0 0 0
[  362.504599][T10807] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  362.539678][T10807] lowmem_reserve[]: 0 0 0 0 0
[  362.544678][T10807] Node 1 Normal free:3892760kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:192kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20576kB local_pcp:12000kB free_cma:0kB
[  362.595065][T10819] netlink: 'syz.0.1358': attribute type 6 has an invalid length.
[  362.596664][T10807] lowmem_reserve[]: 0 0 0 0 0
[  362.631352][T10807] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  362.666321][T10807] Node 0 DMA32: 2*4kB (UE) 272*8kB (UME) 866*16kB (ME) 923*32kB (UME) 421*64kB (UME) 137*128kB (UME) 92*256kB (UME) 43*512kB (UM) 19*1024kB (UM) 6*2048kB (UM) 309*4096kB (M) = 1433032kB
[  362.722372][T10807] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  362.755583][T10807] Node 1 Normal: 246*4kB (UME) 54*8kB (UE) 41*16kB (UE) 120*32kB (UE) 32*64kB (UME) 6*128kB (UME) 2*256kB (UE) 1*512kB (M) 2*1024kB (UE) 1*2048kB (E) 947*4096kB (M) = 3892760kB
[  362.777125][T10807] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  362.804272][T10807] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  362.837337][T10807] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  362.863058][T10807] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  362.884234][T10807] 59498 total pagecache pages
[  362.901212][T10807] 0 pages in swap cache
[  362.905533][T10807] Free swap  = 124996kB
[  362.926424][T10807] Total swap = 124996kB
[  362.930771][T10807] 2097051 pages RAM
[  362.935159][T10807] 0 pages HighMem/MovableOnly
[  362.956328][T10807] 416924 pages reserved
[  362.963933][T10807] 0 pages cma reserved
[  363.087208][T10829] netlink: 'syz.1.1362': attribute type 28 has an invalid length.
[  363.245113][T10829] netlink: 'syz.1.1362': attribute type 4 has an invalid length.
[  363.259591][T10829] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1362'.
[  363.275591][T10833] wg2: entered promiscuous mode
[  363.285951][T10833] wg2: entered allmulticast mode
[  363.326812][T10829] netlink: 11254 bytes leftover after parsing attributes in process `syz.1.1362'.
[  363.739402][T10852] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1369'.
[  363.769236][T10851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  364.267568][T10872] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1376'.
[  365.713161][T10886] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1382'.
[  365.759958][T10886] debugfs: Directory '!!�' with parent 'ieee80211' already present!
[  366.175244][T10905] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.1388'.
[  366.256768][T10911] delete_channel: no stack
[  366.862644][T10922] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1394'.
[  366.872853][T10924] netlink: 'syz.3.1395': attribute type 21 has an invalid length.
[  366.881142][T10924] netlink: 'syz.3.1395': attribute type 1 has an invalid length.
[  366.890440][T10924] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1395'.
[  368.210151][T10950] netlink: 'syz.1.1401': attribute type 6 has an invalid length.
[  368.230304][T10954] netlink: 'syz.3.1403': attribute type 4 has an invalid length.
[  368.238498][T10950] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1401'.
[  368.256373][T10954] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1403'.
[  368.265942][T10954] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  368.295613][T10956] netlink: 'syz.3.1403': attribute type 29 has an invalid length.
[  368.348950][T10956] netlink: 'syz.3.1403': attribute type 29 has an invalid length.
[  368.379473][T10954] netlink: 'syz.3.1403': attribute type 29 has an invalid length.
[  368.398576][T10954] netlink: 'syz.3.1403': attribute type 29 has an invalid length.
[  368.426668][T10954] netlink: 'syz.3.1403': attribute type 29 has an invalid length.
[  368.735504][T10973] netlink: 'syz.3.1406': attribute type 2 has an invalid length.
[  368.765084][T10973] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1406'.
[  368.851560][T10978] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1409'.
[  368.987192][T10981] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1410'.
[  369.009104][T10980] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1410'.
[  369.032316][T10983] netlink: 'syz.3.1411': attribute type 13 has an invalid length.
[  369.064275][T10983] netlink: 'syz.3.1411': attribute type 58 has an invalid length.
[  369.083440][T10983] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1411'.
[  371.301072][T11052] netlink: 154020 bytes leftover after parsing attributes in process `syz.3.1429'.
[  372.209500][T11080] __nla_validate_parse: 1 callbacks suppressed
[  372.209540][T11080] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1437'.
[  372.226599][T11080] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  373.731891][T11132] validate_nla: 2 callbacks suppressed
[  373.731912][T11132] netlink: 'syz.0.1449': attribute type 9 has an invalid length.
[  373.748574][T11132] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.1449'.
[  374.467143][T11146] netlink: 'syz.0.1453': attribute type 2 has an invalid length.
[  374.504815][T11146] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1453'.
[  375.313958][T11163] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1459'.
[  375.428484][T11168] pim6reg1: entered allmulticast mode
[  375.739966][ T5786] Bluetooth: hci2: command 0x0406 tx timeout
[  375.862956][T11175] netlink: 'syz.3.1463': attribute type 10 has an invalid length.
[  375.900639][T11175] bond0: (slave bond_slave_0): Releasing backup interface
[  376.017211][T11175] bond_slave_0: left promiscuous mode
[  376.034153][T11175] bond_slave_0: left allmulticast mode
[  377.553258][T11202] netlink: 'syz.0.1470': attribute type 4 has an invalid length.
[  377.584954][T11202] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1470'.
[  378.393525][T11215] netlink: 'syz.1.1474': attribute type 2 has an invalid length.
[  378.466513][T11215] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1474'.
[  378.847888][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  378.854293][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  378.996741][T11229] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1480'.
[  379.005833][T11229] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1480'.
[  379.035709][T11220] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1477'.
[  379.066549][T11229] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1480'.
[  379.107758][T11220] openvswitch: netlink: Key type 4112 is out of range max 32
[  379.248699][T11232] netlink: 65027 bytes leftover after parsing attributes in process `syz.1.1479'.
[  379.833628][T11249] sit0: left promiscuous mode
[  379.846333][T11249] sit0: entered allmulticast mode
[  379.872470][ T2942] tipc: Subscription rejected, illegal request
[  379.922983][T11249] sit0: entered promiscuous mode
[  380.800351][T11252] netlink: 'syz.3.1487': attribute type 10 has an invalid length.
[  380.845668][T11252] 8021q: adding VLAN 0 to HW filter on device batadv0
[  380.887046][T11252] batadv0: entered promiscuous mode
[  380.901500][T11252] batadv0: entered allmulticast mode
[  380.910689][T11252] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  380.937985][ T1030] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  380.947897][ T1030] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  381.847290][T11282] netlink: 'syz.1.1493': attribute type 1 has an invalid length.
[  381.855250][T11282] netlink: 'syz.1.1493': attribute type 4 has an invalid length.
[  381.940467][T11282] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1493'.
[  382.477452][T11303] netlink: 'syz.3.1499': attribute type 7 has an invalid length.
[  383.131022][T11307] netlink: 'syz.0.1501': attribute type 8 has an invalid length.
[  383.174371][T11307] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.1501'.
[  385.176711][ T2942] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  385.964971][T11359] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  385.972367][T11359] IPv6: NLM_F_CREATE should be set when creating new route
[  385.977139][ T5786] Bluetooth: hci0: command 0x0406 tx timeout
[  385.980026][T11359] IPv6: NLM_F_CREATE should be set when creating new route
[  385.993038][T11359] IPv6: NLM_F_CREATE should be set when creating new route
[  386.852132][T11370] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1518'.
[  386.869901][T11371] netlink: 'syz.2.1517': attribute type 10 has an invalid length.
[  386.887823][T11371] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  386.948963][T11371] batman_adv: batadv0: Removing interface: batadv_slave_0
[  387.077457][T11371] batadv_slave_0: entered promiscuous mode
[  387.088386][T11371] batadv_slave_0: entered allmulticast mode
[  387.113987][T11371] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  387.145992][T11374] netlink: 'syz.2.1517': attribute type 15 has an invalid length.
[  387.175323][T11374] netlink: 'syz.2.1517': attribute type 7 has an invalid length.
[  390.078493][T11417] netlink: 'syz.1.1529': attribute type 29 has an invalid length.
[  390.098428][T11413] netlink: 'syz.1.1529': attribute type 29 has an invalid length.
[  390.116689][T11417] netlink: 'syz.1.1529': attribute type 29 has an invalid length.
[  390.178868][T11416] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1530'.
[  390.206392][T11416] netlink: 'syz.3.1530': attribute type 6 has an invalid length.
[  390.298852][T11429] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1532'.
[  390.315419][T11429] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1532'.
[  390.352955][T11428] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1532'.
[  390.382816][T11429] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1532'.
[  390.420722][T11431] syzkaller0: entered promiscuous mode
[  390.429908][T11431] syzkaller0: entered allmulticast mode
[  391.495631][T11452] netlink: 'syz.0.1538': attribute type 10 has an invalid length.
[  391.505131][T11452] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1538'.
[  391.515097][T11452] bond0: entered promiscuous mode
[  391.520864][T11452] bond_slave_0: entered promiscuous mode
[  391.527433][T11452] bond_slave_1: entered promiscuous mode
[  391.534056][T11452] bridge0: port 3(bond0) entered blocking state
[  391.540978][T11452] bridge0: port 3(bond0) entered disabled state
[  391.547881][T11452] bond0: entered allmulticast mode
[  391.553062][T11452] bond_slave_0: entered allmulticast mode
[  391.566732][T11452] bond_slave_1: entered allmulticast mode
[  391.575450][T11452] bridge0: port 3(bond0) entered blocking state
[  391.581959][T11452] bridge0: port 3(bond0) entered forwarding state
[  391.742802][T11461] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.1542'.
[  392.192390][T11487] netlink: 'syz.1.1551': attribute type 10 has an invalid length.
[  392.200815][T11487] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1551'.
[  393.290312][T11518] netlink: 'syz.1.1556': attribute type 11 has an invalid length.
[  393.313229][T11518] netlink: 184116 bytes leftover after parsing attributes in process `syz.1.1556'.
[  393.345257][T11518] debugfs: Directory '!!�' with parent 'ieee80211' already present!
[  394.011453][T11540] netlink: 64535 bytes leftover after parsing attributes in process `syz.0.1561'.
[  394.171830][T11543] netlink: 'syz.3.1563': attribute type 1 has an invalid length.
[  395.137034][T11561] netlink: 'syz.0.1568': attribute type 25 has an invalid length.
[  396.574041][T11597] netlink: 'syz.1.1580': attribute type 4 has an invalid length.
[  396.659974][T11597] __nla_validate_parse: 1 callbacks suppressed
[  396.659998][T11597] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1580'.
[  396.817445][T11596] netlink: 'syz.1.1580': attribute type 4 has an invalid length.
[  396.849882][T11596] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1580'.
[  398.265328][T11620] netlink: 'syz.3.1589': attribute type 7 has an invalid length.
[  398.279584][T11620] netlink: 140 bytes leftover after parsing attributes in process `syz.3.1589'.
[  398.413157][T11623] netlink: 'syz.2.1588': attribute type 2 has an invalid length.
[  398.434417][T11623] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1588'.
[  398.890965][T11642] delete_channel: no stack
[  398.900916][T11642] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  398.997784][T11642] delete_channel: no stack
[  399.313653][T11652] bridge_slave_1: left allmulticast mode
[  399.327125][T11652] bridge_slave_1: left promiscuous mode
[  399.338211][T11652] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.376049][T11652] bridge_slave_0: left allmulticast mode
[  399.386494][T11652] bridge_slave_0: left promiscuous mode
[  399.408059][T11652] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.797680][T11656] netlink: 'syz.2.1598': attribute type 22 has an invalid length.
[  400.717291][T11679] netlink: 'syz.1.1602': attribute type 2 has an invalid length.
[  400.728398][T11679] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1602'.
[  400.977332][T11684] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1605'.
[  401.054660][T11684] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.131640][T11693] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1607'.
[  401.175642][T11684] bridge_slave_0 (unregistering): left promiscuous mode
[  401.183858][T11684] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.394238][T11693] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1607'.
[  401.614680][T11696] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1607'.
[  401.650180][T11699] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1607'.
[  401.811724][T11709] netlink: 'syz.3.1611': attribute type 2 has an invalid length.
[  401.838488][T11709] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1611'.
[  402.006479][T11720] netlink: 'syz.1.1613': attribute type 1 has an invalid length.
[  402.014283][T11720] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1613'.
[  402.110723][T11720] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1613'.
[  402.383654][T11730] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  402.927622][T11745] netlink: 'syz.0.1622': attribute type 4 has an invalid length.
[  402.967188][T11745] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1622'.
[  403.085073][T11745] .`: renamed from bond0 (while UP)
[  403.284831][T11745] bridge0: port 3(.`) entered disabled state
[  403.304990][T11749] netlink: 'syz.1.1624': attribute type 10 has an invalid length.
[  403.333717][T11749] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1624'.
[  404.422666][T11780] netlink: 'syz.2.1631': attribute type 2 has an invalid length.
[  404.431782][T11780] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1631'.
[  404.449755][T11780] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  404.612095][T11785] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1633'.
[  404.925288][T11788] syzkaller0: entered promiscuous mode
[  404.961647][T11803] netlink: 64859 bytes leftover after parsing attributes in process `syz.0.1638'.
[  404.983501][T11788] syzkaller0: entered allmulticast mode
[  407.322556][T11806] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1639'.
[  407.332201][T11808] netlink: 'syz.0.1640': attribute type 4 has an invalid length.
[  407.340908][T11808] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1640'.
[  407.350353][T11808] A link change request failed with some changes committed already. Interface .` may have been left with an inconsistent configuration, please check.
[  407.764899][T11841] mac80211_hwsim hwsim17 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  407.828115][T11841] netlink: 'syz.1.1650': attribute type 3 has an invalid length.
[  407.853358][T11841] netlink: 16066 bytes leftover after parsing attributes in process `syz.1.1650'.
[  407.938150][T11841] netlink: 'syz.1.1650': attribute type 12 has an invalid length.
[  407.959939][T11841] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1650'.
[  410.056517][ T2942] wlan1: Trigger new scan to find an IBSS to join
[  410.398753][T11875] syzkaller0: entered promiscuous mode
[  410.416489][T11875] syzkaller0: entered allmulticast mode
[  410.754631][T11892] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1664'.
[  412.492130][T11892] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1664'.
[  412.501751][T11895] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.1665'.
[  413.105400][T11925] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1673'.
[  413.118322][ T2954] wlan1: Trigger new scan to find an IBSS to join
[  414.121178][T11945] netlink: 'syz.0.1678': attribute type 30 has an invalid length.
[  414.360192][T11950] netlink: 'syz.1.1687': attribute type 3 has an invalid length.
[  414.438951][T11950] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1687'.
[  414.529530][T11949] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  414.601323][T11949] netlink: 'syz.3.1679': attribute type 3 has an invalid length.
[  414.633611][T11949] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.1679'.
[  414.719098][T11949] netlink: 'syz.3.1679': attribute type 12 has an invalid length.
[  414.746498][T11949] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1679'.
[  414.823162][T11955] netlink: 'syz.2.1680': attribute type 21 has an invalid length.
[  415.149146][T11967] netlink: 'syz.3.1682': attribute type 21 has an invalid length.
[  416.057462][   T12] wlan1: Creating new IBSS network, BSSID 46:73:81:2a:b3:5b
[  416.135609][T11995] netlink: 'syz.3.1691': attribute type 10 has an invalid length.
[  417.108750][ T9922] wlan1: Trigger new scan to find an IBSS to join
[  417.319572][T12017] netlink: 'syz.3.1696': attribute type 1 has an invalid length.
[  417.331154][T12017] netlink: 'syz.3.1696': attribute type 4 has an invalid length.
[  417.356311][T12017] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.1696'.
[  417.630696][T12029] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  417.756499][T12033] macsec0: entered promiscuous mode
[  417.788482][T12033] macsec0: entered allmulticast mode
[  417.806560][T12033] veth1_macvtap: entered allmulticast mode
[  418.209984][T12045] netlink: 'syz.1.1702': attribute type 4 has an invalid length.
[  418.241266][T12045] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1702'.
[  418.643660][T12058] netlink: 15998 bytes leftover after parsing attributes in process `syz.1.1707'.
[  419.594564][T12083] netlink: 3076 bytes leftover after parsing attributes in process `syz.3.1714'.
[  419.654338][T12083] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1714'.
[  419.927547][T12085] netlink: 'syz.0.1715': attribute type 39 has an invalid length.
[  420.568384][T12089] netlink: 'syz.0.1715': attribute type 3 has an invalid length.
[  420.640032][T12089] netlink: 'syz.0.1715': attribute type 1 has an invalid length.
[  420.672516][T12089] netlink: 130160 bytes leftover after parsing attributes in process `syz.0.1715'.
[  422.058133][ T1030] wlan1: Trigger new scan to find an IBSS to join
[  423.163569][ T9922] wlan1: Creating new IBSS network, BSSID de:9d:f4:61:a5:51
[  423.436582][T12135] netlink: 'syz.3.1728': attribute type 4 has an invalid length.
[  423.455620][T12135] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.1728'.
[  423.524610][T12135] netlink: 'syz.3.1728': attribute type 33 has an invalid length.
[  423.577590][T12135] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1728'.
[  424.949718][T12160] netlink: 'syz.0.1736': attribute type 39 has an invalid length.
[  425.173957][T12156] netlink: 830 bytes leftover after parsing attributes in process `syz.1.1734'.
[  425.185042][T12156] veth0_to_bond: entered promiscuous mode
[  426.849404][T12208] netlink: 'syz.0.1748': attribute type 10 has an invalid length.
[  426.891713][T12208] batadv_slave_0: entered promiscuous mode
[  426.938549][T12208] batadv_slave_0: entered allmulticast mode
[  426.956937][T12208] .`: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  427.017470][T12210] 
��: renamed from bridge_slave_1 (while UP)
[  427.431969][T12216] delete_channel: no stack
[  429.241895][T12260] netlink: 'syz.3.1766': attribute type 11 has an invalid length.
[  429.266804][T12260] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1766'.
[  430.693446][T12272] netlink: 'syz.1.1769': attribute type 3 has an invalid length.
[  430.727282][T12275] netlink: 'syz.3.1770': attribute type 29 has an invalid length.
[  430.759799][T12275] netlink: 'syz.3.1770': attribute type 29 has an invalid length.
[  430.777137][T12272] netlink: 'syz.1.1769': attribute type 1 has an invalid length.
[  430.807841][T12274] netlink: 'syz.3.1770': attribute type 29 has an invalid length.
[  430.841898][T12272] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1769'.
[  431.287894][T12285] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1771'.
[  432.065072][T12301] netlink: 16410 bytes leftover after parsing attributes in process `syz.1.1777'.
[  433.494057][T12315] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.1780'.
[  433.632543][T12317] netlink: 'syz.1.1779': attribute type 10 has an invalid length.
[  434.666235][T12333] netlink: 'syz.0.1786': attribute type 10 has an invalid length.
[  434.692385][T12333] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1786'.
[  434.752588][T12333] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[  434.916063][T12333] netlink: 'syz.0.1786': attribute type 21 has an invalid length.
[  435.002239][T12333] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1786'.
[  435.247488][T12344] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.1788'.
[  437.130707][T12378] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1794'.
[  438.146764][T12401] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1799'.
[  438.165634][T12406] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.1802'.
[  438.902561][T12423] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1806'.
[  438.932434][T12423] tc_dump_action: action bad kind
[  439.547668][T12430] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1811'.
[  439.779875][T12437] netlink: 703 bytes leftover after parsing attributes in process `syz.2.1813'.
[  440.436841][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  440.443230][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  440.841394][T12449] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1812'.
[  441.372470][T12465] netlink: 199824 bytes leftover after parsing attributes in process `syz.0.1820'.
[  441.585106][T12475] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1822'.
[  441.644901][T12475] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1822'.
[  441.663035][T12470] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1822'.
[  441.696344][T12472] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1822'.
[  443.850155][T12505] netlink: 'syz.0.1831': attribute type 6 has an invalid length.
[  443.858021][T12505] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1831'.
[  443.972256][T12502] delete_channel: no stack
[  444.137493][ T1030] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  445.766480][T12539] 
��: renamed from bridge_slave_1 (while UP)
[  447.309202][T12565] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1847'.
[  447.345910][T12560] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  447.363884][T12560] mac80211_hwsim hwsim5 wlan0: entered allmulticast mode
[  447.413073][T12564] netlink: 'syz.2.1848': attribute type 19 has an invalid length.
[  447.435552][T12568] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1849'.
[  447.600118][T12571] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1849'.
[  448.099045][T12574] delete_channel: no stack
[  449.375803][T12615] netlink: 'syz.3.1863': attribute type 10 has an invalid length.
[  449.520666][T12614] netlink: 14463 bytes leftover after parsing attributes in process `syz.2.1862'.
[  450.169384][T12629] netlink: 'syz.0.1867': attribute type 39 has an invalid length.
[  450.425446][T12640] syzkaller0: entered promiscuous mode
[  450.431070][T12640] syzkaller0: entered allmulticast mode
[  450.462413][T12640] syzkaller0: left promiscuous mode
[  451.128096][T12651] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode
[  451.177187][T12654] netlink: 'syz.3.1875': attribute type 1 has an invalid length.
[  451.209848][T12654] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1875'.
[  452.059409][T12671] sock: sock_timestamping_bind_phc: sock not bind to device
[  452.455035][T12678] netlink: 26 bytes leftover after parsing attributes in process `syz.0.1883'.
[  452.481609][T12678] netlink: 'syz.0.1883': attribute type 21 has an invalid length.
[  452.508628][T12678] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1883'.
[  454.403416][T12701] netlink: 'syz.0.1891': attribute type 3 has an invalid length.
[  454.428290][T12701] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1891'.
[  454.560595][T12698] netlink: 'syz.3.1890': attribute type 27 has an invalid length.
[  454.581587][T12698] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1890'.
[  455.576319][ T2954] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  455.872420][T12730] netlink: 'syz.3.1901': attribute type 3 has an invalid length.
[  455.896592][T12730] netlink: 'syz.3.1901': attribute type 7 has an invalid length.
[  455.904543][T12730] netlink: 'syz.3.1901': attribute type 8 has an invalid length.
[  455.926277][T12730] netlink: 'syz.3.1901': attribute type 7 has an invalid length.
[  455.948813][T12731] netlink: 208064 bytes leftover after parsing attributes in process `syz.3.1901'.
[  455.966202][T12730] netlink: 198048 bytes leftover after parsing attributes in process `syz.3.1901'.
[  455.988014][T12731] netlink: zone id is out of range
[  456.006091][T12731] netlink: zone id is out of range
[  456.015867][T12731] netlink: zone id is out of range
[  456.030167][T12731] netlink: zone id is out of range
[  456.045873][T12731] netlink: zone id is out of range
[  456.055744][T12731] netlink: zone id is out of range
[  456.065905][T12731] netlink: zone id is out of range
[  456.076027][T12731] netlink: zone id is out of range
[  456.106301][T12731] netlink: zone id is out of range
[  456.112397][T12731] netlink: zone id is out of range
[  457.240727][T12752] netlink: 'syz.0.1911': attribute type 10 has an invalid length.
[  457.319091][T12752] geneve0: entered promiscuous mode
[  457.475335][T12752] geneve0: entered allmulticast mode
[  457.485169][T12752] .`: (slave geneve0): Enslaving as an active interface with an up link
[  457.551495][T12761] netlink: 'syz.2.1913': attribute type 3 has an invalid length.
[  457.586325][T12761] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1913'.
[  457.887893][ T5083] Bluetooth: hci3: unexpected event 0x16 length: 15 > 6
[  458.811362][ T2954] tipc: Subscription rejected, illegal request
[  459.143383][T12792] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1923'.
[  459.734326][T12799] netlink: 'syz.0.1925': attribute type 10 has an invalid length.
[  459.859499][T12799] .`: (slave geneve0): Releasing backup interface
[  459.882234][T12799] geneve0 (unregistering): left allmulticast mode
[  459.968100][T12805] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1927'.
[  460.451079][T12816] netlink: 'syz.1.1930': attribute type 10 has an invalid length.
[  460.469300][T12816] netlink: 65015 bytes leftover after parsing attributes in process `syz.1.1930'.
[  460.534282][T12812] netlink: 'syz.0.1929': attribute type 21 has an invalid length.
[  460.746965][T12823] netlink: 'syz.1.1935': attribute type 1 has an invalid length.
[  460.754797][T12823] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1935'.
[  460.971619][T12834] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1939'.
[  460.997556][T12834] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1939'.
[  461.024277][T12834] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1939'.
[  461.873562][T12852] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.1944'.
[  461.875927][T12854] netlink: 'syz.2.1945': attribute type 29 has an invalid length.
[  461.929738][T12854] netlink: 'syz.2.1945': attribute type 29 has an invalid length.
[  461.984633][T12854] mac80211_hwsim hwsim19 wlan1: entered promiscuous mode
[  462.118358][T12863] netlink: 'syz.0.1948': attribute type 10 has an invalid length.
[  462.145825][T12863] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  462.190049][T12863] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  462.200357][T12863] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  462.209660][T12863] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  462.352398][T12868] netlink: 'syz.2.1950': attribute type 21 has an invalid length.
[  464.754393][T12930] syz.3.1967 (12930) used greatest stack depth: 17128 bytes left
[  465.000767][T12939] netlink: 'syz.0.1970': attribute type 39 has an invalid length.
[  466.593764][T12970] netlink: 'syz.3.1977': attribute type 10 has an invalid length.
[  466.659421][T12971] netlink: 'syz.3.1977': attribute type 9 has an invalid length.
[  466.686123][T12971] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1977'.
[  467.331441][T12972] netlink: 'syz.3.1977': attribute type 9 has an invalid length.
[  467.361372][T12972] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1977'.
[  469.008842][T12996] netlink: 'syz.3.1985': attribute type 10 has an invalid length.
[  469.935205][T13008] netlink: 'syz.1.1987': attribute type 21 has an invalid length.
[  470.034081][T13009] netlink: 'syz.1.1987': attribute type 21 has an invalid length.
[  470.065949][T13009] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1987'.
[  470.112551][T13009] netlink: 'syz.1.1987': attribute type 4 has an invalid length.
[  470.176579][T13008] netlink: 'syz.1.1987': attribute type 4 has an invalid length.
[  470.274754][T13008] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1987'.
[  471.504064][T13028] net_ratelimit: 3 callbacks suppressed
[  471.504104][T13028] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  472.508926][T13035] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1995'.
[  473.446839][T13065] netlink: 'syz.0.2002': attribute type 21 has an invalid length.
[  473.467820][T13065] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2002'.
[  473.496479][T13065] netlink: 'syz.0.2002': attribute type 4 has an invalid length.
[  474.942393][T13096] netlink: 'syz.3.2011': attribute type 28 has an invalid length.
[  474.952027][T13096] netlink: 'syz.3.2011': attribute type 3 has an invalid length.
[  474.962644][T13096] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2011'.
[  475.269928][ T1030] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  475.551443][T13106] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.2015'.
[  476.672895][T13134] netlink: 'syz.1.2022': attribute type 2 has an invalid length.
[  476.714633][T13134] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2022'.
[  477.169724][T13141] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2025'.
[  477.190801][T13146] netlink: 'syz.3.2027': attribute type 3 has an invalid length.
[  477.210658][T13146] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.2027'.
[  477.255476][T13144] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2025'.
[  477.642192][T13157] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.2029'.
[  477.779606][T13157] netlink: zone id is out of range
[  477.850583][T13157] netlink: zone id is out of range
[  477.890403][T13157] netlink: zone id is out of range
[  477.946349][T13157] netlink: zone id is out of range
[  477.952293][T13157] netlink: zone id is out of range
[  477.974116][T13157] netlink: zone id is out of range
[  477.984307][T13157] netlink: zone id is out of range
[  478.006525][T13157] netlink: zone id is out of range
[  478.016968][T13157] netlink: zone id is out of range
[  478.027359][T13157] netlink: zone id is out of range
[  478.397569][T13165] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2032'.
[  478.777269][T13175] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  479.618027][T13204] netlink: 'syz.1.2044': attribute type 3 has an invalid length.
[  479.625941][T13204] netlink: 68216 bytes leftover after parsing attributes in process `syz.1.2044'.
[  480.348167][T13227] netlink: 'syz.0.2048': attribute type 3 has an invalid length.
[  480.366846][T13227] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2048'.
[  480.392760][T13227] netlink: 'syz.0.2048': attribute type 3 has an invalid length.
[  480.411472][T13227] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2048'.
[  480.433373][T13226] netlink: 'syz.2.2049': attribute type 10 has an invalid length.
[  480.466384][T13226] bond0: left promiscuous mode
[  480.471957][T13226] bond_slave_0: left promiscuous mode
[  480.500121][T13226] bond_slave_1: left promiscuous mode
[  480.520547][T13226] batadv_slave_0: left promiscuous mode
[  480.542303][T13226] bond0: left allmulticast mode
[  480.563882][T13226] bond_slave_0: left allmulticast mode
[  480.601880][T13226] bond_slave_1: left allmulticast mode
[  480.654977][T13226] batadv_slave_0: left allmulticast mode
[  481.593933][T13247] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2053'.
[  481.633269][T13247] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2053'.
[  482.327277][T13276] netlink: 180 bytes leftover after parsing attributes in process `syz.2.2063'.
[  482.363499][T13276] mac80211_hwsim hwsim18 wlan0: entered promiscuous mode
[  482.383404][T13276] mac80211_hwsim hwsim18 wlan0: entered allmulticast mode
[  482.459207][T13281] netlink: 'syz.1.2065': attribute type 12 has an invalid length.
[  482.482714][T13281] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2065'.
[  483.363291][T13320] netlink: 160 bytes leftover after parsing attributes in process `syz.1.2076'.
[  483.618795][T13323] C: renamed from team_slave_0
[  483.748833][T13323] netlink: 'syz.0.2077': attribute type 1 has an invalid length.
[  483.794446][T13323] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2077'.
[  484.219695][T13332] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2079'.
[  484.380983][T13332] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2079'.
[  484.435613][T13335] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2079'.
[  485.073470][T13334] netlink: 'syz.3.2075': attribute type 21 has an invalid length.
[  485.081649][T13334] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2075'.
[  485.117631][T13334] netlink: 'syz.3.2075': attribute type 4 has an invalid length.
[  485.142209][T13334] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2075'.
[  485.207281][T13334] net_ratelimit: 81 callbacks suppressed
[  485.207306][T13334] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  485.398976][T13353] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2084'.
[  486.251936][T13349] netlink: 'syz.0.2083': attribute type 51 has an invalid length.
[  486.284283][T13361] mac80211_hwsim hwsim16 ������: renamed from wlan0
[  486.937381][T13382] netlink: 10 bytes leftover after parsing attributes in process `syz.2.2093'.
[  487.287437][T13385] netlink: 'syz.3.2094': attribute type 10 has an invalid length.
[  487.295522][T13385] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2094'.
[  487.490225][T13392] netlink: 'syz.3.2097': attribute type 30 has an invalid length.
[  487.753417][T13397] IPv6: pim6reg1: Disabled Multicast RS
[  488.657114][ T5083] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  488.916988][T13428] pim6reg1: entered promiscuous mode
[  488.922388][T13428] pim6reg1: entered allmulticast mode
[  489.712171][T13450] netlink: 'syz.2.2113': attribute type 1 has an invalid length.
[  489.749855][T13450] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.2113'.
[  491.954057][T13510] netlink: 'syz.1.2131': attribute type 1 has an invalid length.
[  491.973622][T13510] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.2131'.
[  492.150146][T13515] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2133'.
[  492.868986][T13527] netlink: 'syz.3.2138': attribute type 9 has an invalid length.
[  492.902243][T13527] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.2138'.
[  493.321353][T13539] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2142'.
[  493.332813][T13535] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2141'.
[  493.355296][T13539] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2142'.
[  493.479614][T13545] netlink: 'syz.1.2142': attribute type 153 has an invalid length.
[  493.498993][T13545] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.2142'.
[  493.515347][T13542] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.2143'.
[  493.603023][T13543] syzkaller0: entered promiscuous mode
[  493.611780][T13543] syzkaller0: entered allmulticast mode
[  494.859268][T13563] netlink: 121460 bytes leftover after parsing attributes in process `syz.1.2150'.
[  497.271310][T13563] netlink: 21068 bytes leftover after parsing attributes in process `syz.1.2150'.
[  497.280786][T13563] tipc: Started in network mode
[  497.285884][T13563] tipc: Node identity d, cluster identity 56
[  497.291999][T13563] tipc: Node number set to 13
[  497.297731][T13570] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2153'.
[  498.145271][T13609] netlink: 'syz.3.2164': attribute type 2 has an invalid length.
[  498.184588][T13606] netlink: 'syz.2.2163': attribute type 25 has an invalid length.
[  498.869736][T13629] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2168'.
[  498.991650][T13629] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2168'.
[  499.979499][T13654] netlink: 4735 bytes leftover after parsing attributes in process `syz.0.2177'.
[  500.522472][T13674] netlink: 160644 bytes leftover after parsing attributes in process `syz.1.2184'.
[  500.559679][T13674] openvswitch: netlink: Tunnel attr 13157 out of range max 16
[  501.450154][T13692] netlink: 'syz.2.2189': attribute type 10 has an invalid length.
[  501.853151][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  501.866213][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  502.364656][T13702] netlink: 'syz.3.2192': attribute type 25 has an invalid length.
[  502.398932][T13708] syzkaller0: entered promiscuous mode
[  502.404484][T13708] syzkaller0: entered allmulticast mode
[  502.478919][T13711] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2194'.
[  502.957733][ T5083] Bluetooth: hci1: unexpected event 0x18 length: 15 < 23
[  503.355753][T13729] netlink: 'syz.0.2201': attribute type 10 has an invalid length.
[  503.364967][T13729] netlink: 209280 bytes leftover after parsing attributes in process `syz.0.2201'.
[  503.394698][T13729] openvswitch: netlink: Flow key attr not present in new flow.
[  503.463387][T13733] netlink: 'syz.2.2203': attribute type 2 has an invalid length.
[  505.278159][T13768] FAULT_INJECTION: forcing a failure.
[  505.278159][T13768] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  505.376314][T13768] CPU: 1 PID: 13768 Comm: syz.2.2212 Not tainted syzkaller #0
[  505.383863][T13768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  505.393970][T13768] Call Trace:
[  505.397330][T13768]  <TASK>
[  505.400349][T13768]  dump_stack_lvl+0x18c/0x250
[  505.405096][T13768]  ? show_regs_print_info+0x20/0x20
[  505.410351][T13768]  ? load_image+0x400/0x400
[  505.414923][T13768]  ? __might_fault+0xaa/0x120
[  505.419663][T13768]  ? __lock_acquire+0x7d40/0x7d40
[  505.424751][T13768]  should_fail_ex+0x39d/0x4d0
[  505.429489][T13768]  _copy_from_user+0x2f/0xe0
[  505.434135][T13768]  __sys_bpf+0x23e/0x890
[  505.438446][T13768]  ? bpf_link_show_fdinfo+0x390/0x390
[  505.443885][T13768]  ? lock_chain_count+0x20/0x20
[  505.448809][T13768]  __x64_sys_bpf+0x7c/0x90
[  505.453277][T13768]  do_syscall_64+0x55/0xa0
[  505.457741][T13768]  ? clear_bhb_loop+0x40/0x90
[  505.462473][T13768]  ? clear_bhb_loop+0x40/0x90
[  505.467197][T13768]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  505.473138][T13768] RIP: 0033:0x7f9ef879c799
[  505.477600][T13768] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  505.497255][T13768] RSP: 002b:00007f9ef9726028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  505.505740][T13768] RAX: ffffffffffffffda RBX: 00007f9ef8a16090 RCX: 00007f9ef879c799
[  505.513754][T13768] RDX: 0000000000000020 RSI: 00002000000001c0 RDI: 0000000000000004
[  505.521778][T13768] RBP: 00007f9ef9726090 R08: 0000000000000000 R09: 0000000000000000
[  505.529798][T13768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.537814][T13768] R13: 00007f9ef8a16128 R14: 00007f9ef8a16090 R15: 00007fff898d3838
[  505.545861][T13768]  </TASK>
[  506.497374][T13788] netlink: 15998 bytes leftover after parsing attributes in process `syz.1.2217'.
[  507.289039][T13807] syzkaller0: entered promiscuous mode
[  507.330447][T13807] syzkaller0: entered allmulticast mode
[  507.364965][T13807] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 65487
[  507.860403][T13814] netlink: 'syz.2.2226': attribute type 21 has an invalid length.
[  507.917073][T13814] netlink: 'syz.2.2226': attribute type 4 has an invalid length.
[  507.924891][T13814] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2226'.
[  508.369862][T13822] netlink: 'syz.3.2228': attribute type 9 has an invalid length.
[  508.396392][T13822] netlink: 399 bytes leftover after parsing attributes in process `syz.3.2228'.
[  509.668112][T13863] syzkaller0: entered promiscuous mode
[  509.689055][T13863] syzkaller0: entered allmulticast mode
[  510.521005][T13878] netlink: 'syz.1.2244': attribute type 29 has an invalid length.
[  512.275228][T13875] netlink: 'syz.0.2243': attribute type 2 has an invalid length.
[  512.283095][T13875] netlink: 'syz.0.2243': attribute type 4 has an invalid length.
[  512.291175][T13875] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2243'.
[  512.310580][T13878] netlink: 'syz.1.2244': attribute type 29 has an invalid length.
[  512.334910][T13888] netlink: 'syz.3.2246': attribute type 10 has an invalid length.
[  512.575926][T13896] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  512.960187][T13908] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2253'.
[  513.164203][T13913] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2255'.
[  513.267367][T13913] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2255'.
[  513.996272][T13941] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  514.017135][T13941] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  514.036271][T13941] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  514.047494][T13941] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  514.062751][T13941] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  514.063588][ T9930] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.084834][T13941] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  514.314352][ T9930] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.729519][ T9930] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.854938][ T9930] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  515.017239][T13964] netlink: 'syz.2.2267': attribute type 4 has an invalid length.
[  515.025085][T13964] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2267'.
[  515.089580][T13968] netlink: 16222 bytes leftover after parsing attributes in process `syz.1.2268'.
[  515.102384][T13964] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  515.400840][T13960] netlink: 'syz.0.2265': attribute type 10 has an invalid length.
[  515.445781][T13974] netlink: 'syz.2.2270': attribute type 16 has an invalid length.
[  515.476294][T13974] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2270'.
[  515.593682][T13980] netlink: 'syz.0.2271': attribute type 10 has an invalid length.
[  515.700251][T13939] chnl_net:caif_netlink_parms(): no params data found
[  516.136544][ T5083] Bluetooth: hci3: command tx timeout
[  516.377192][ T1030] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  516.419333][T14000] netlink: 'syz.1.2276': attribute type 29 has an invalid length.
[  516.453055][T14000] netlink: 'syz.1.2276': attribute type 29 has an invalid length.
[  516.561523][T13939] bridge0: port 1(bridge_slave_0) entered blocking state
[  516.569661][T13939] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.577486][T13939] bridge_slave_0: entered allmulticast mode
[  516.585073][T13939] bridge_slave_0: entered promiscuous mode
[  516.595900][T14000] netlink: 'syz.1.2276': attribute type 29 has an invalid length.
[  516.699407][T13939] bridge0: port 2(bridge_slave_1) entered blocking state
[  516.708781][T13939] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.720304][T13939] bridge_slave_1: entered allmulticast mode
[  516.729694][T13939] bridge_slave_1: entered promiscuous mode
[  516.741516][T14009] netlink: 'syz.1.2276': attribute type 29 has an invalid length.
[  516.767312][T14013] netlink: 'syz.1.2276': attribute type 29 has an invalid length.
[  516.986944][T14029] netlink: 'syz.1.2282': attribute type 21 has an invalid length.
[  517.003132][T13939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  517.199344][T13939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  517.874499][T13939] team0: Port device team_slave_0 added
[  518.095147][T13939] team0: Port device team_slave_1 added
[  518.218373][ T5083] Bluetooth: hci3: command tx timeout
[  518.510392][T13939] batman_adv: batadv0: Adding interface: batadv_slave_0
[  518.520784][T13939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  518.547024][T13939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  518.561072][T13939] batman_adv: batadv0: Adding interface: batadv_slave_1
[  518.568788][T14065] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2292'.
[  518.583908][T13939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  518.611091][T13939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  518.819042][T13939] hsr_slave_0: entered promiscuous mode
[  518.836854][T13939] hsr_slave_1: entered promiscuous mode
[  519.079365][T14077] bridge0: port 2(bridge_slave_1) entered disabled state
[  519.160552][T14077] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.168413][T14077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  519.296800][T14077] bridge0: port 2(bridge_slave_1) entered disabled state
[  520.298054][ T5083] Bluetooth: hci3: command tx timeout
[  520.438454][ T9930] bond0: (slave wlan1): Releasing backup interface
[  520.451379][ T9930] mac80211_hwsim hwsim9 wlan1 (unregistering): left promiscuous mode
[  520.476007][ T9930] mac80211_hwsim hwsim9 wlan1 (unregistering): left allmulticast mode
[  521.350563][ T9930] hsr_slave_0: left promiscuous mode
[  521.360671][ T9930] hsr_slave_1: left promiscuous mode
[  521.375271][ T9930] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  521.391970][ T9930] batman_adv: batadv0: Removing interface: batadv_slave_0
[  521.414871][ T9930] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  521.435988][ T9930] batman_adv: batadv0: Removing interface: batadv_slave_1
[  521.455888][ T9930] bond0: left allmulticast mode
[  521.466361][ T9930] bond_slave_1: left allmulticast mode
[  521.471918][ T9930] batadv0: left allmulticast mode
[  521.503751][ T9930] bridge0: port 3(bond0) entered disabled state
[  521.521558][ T9930] bridge_slave_1: left allmulticast mode
[  521.527487][ T9930] bridge_slave_1: left promiscuous mode
[  521.533322][ T9930] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.543004][ T9930] bridge_slave_0: left allmulticast mode
[  521.548910][ T9930] bridge_slave_0: left promiscuous mode
[  521.554622][ T9930] bridge0: port 1(bridge_slave_0) entered disabled state
[  522.064387][ T9930] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  522.075264][ T9930] bond_slave_1 (unregistering): left promiscuous mode
[  522.373603][ T9930] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  522.382026][ T5083] Bluetooth: hci3: command tx timeout
[  522.388296][ T9930] batadv0 (unregistering): left promiscuous mode
[  522.457724][ T9930] bond0 (unregistering): Released all slaves
[  522.829133][T13939] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  522.966286][T13939] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  523.049688][T13939] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  523.090902][T13939] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  523.271487][T14154] netlink: 209820 bytes leftover after parsing attributes in process `syz.0.2312'.
[  523.516948][T13939] 8021q: adding VLAN 0 to HW filter on device bond0
[  523.581265][T13939] 8021q: adding VLAN 0 to HW filter on device team0
[  523.652347][ T1030] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.659601][ T1030] bridge0: port 1(bridge_slave_0) entered forwarding state
[  523.741452][ T1030] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.748728][ T1030] bridge0: port 2(bridge_slave_1) entered forwarding state
[  524.424733][T13939] 8021q: adding VLAN 0 to HW filter on device batadv0
[  524.569642][T13939] veth0_vlan: entered promiscuous mode
[  524.617836][T13939] veth1_vlan: entered promiscuous mode
[  524.687414][T13939] veth0_macvtap: entered promiscuous mode
[  524.699035][T13939] veth1_macvtap: entered promiscuous mode
[  524.735484][T13939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  524.751457][T13939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.764223][T13939] batman_adv: batadv0: Interface activated: batadv_slave_0
[  524.795650][T13939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.827524][T13939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.846763][T13939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.861359][T14202] delete_channel: no stack
[  524.870461][T13939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.892740][T13939] batman_adv: batadv0: Interface activated: batadv_slave_1
[  524.924324][T13939] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  524.963458][T13939] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  524.986407][T13939] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  525.006487][T13939] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  525.237127][ T9930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  525.326370][ T9930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.480091][ T9924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  525.547331][ T9924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.662345][T14225] validate_nla: 5 callbacks suppressed
[  525.662364][T14225] netlink: 'syz.2.2327': attribute type 21 has an invalid length.
[  525.690053][T14225] netlink: 'syz.2.2327': attribute type 1 has an invalid length.
[  525.710576][T14225] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2327'.
[  526.420543][T14250] netlink: 105120 bytes leftover after parsing attributes in process `syz.0.2333'.
[  526.436335][T14250] netlink: 'syz.0.2333': attribute type 2 has an invalid length.
[  527.123108][T14265] netlink: 'syz.0.2336': attribute type 10 has an invalid length.
[  527.137103][T14265] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2336'.
[  527.519075][T14292] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2342'.
[  527.634356][T14296] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2343'.
[  527.760542][T14299] IPv6: Can't replace route, no match found
[  528.105077][T14303] netlink: 'syz.2.2346': attribute type 22 has an invalid length.
[  528.133463][T14303] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2346'.
[  528.755650][T14324] netlink: 3752 bytes leftover after parsing attributes in process `syz.3.2352'.
[  528.783553][T13941] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  528.792924][T13941] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  528.801206][T13941] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  528.828179][T13941] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  528.838960][T13941] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  528.849031][T13941] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  528.909676][T14315] netlink: 'syz.2.2350': attribute type 10 has an invalid length.
[  528.940859][T14315] team0: Device veth1_vlan failed to register rx_handler
[  529.024546][T14330] netlink: 'syz.3.2353': attribute type 10 has an invalid length.
[  529.042118][T14330] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.053468][T14330] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.104979][T14330] bridge0: port 2(bridge_slave_1) entered blocking state
[  529.112938][T14330] bridge0: port 2(bridge_slave_1) entered forwarding state
[  529.121631][T14330] bridge0: port 1(bridge_slave_0) entered blocking state
[  529.129711][T14330] bridge0: port 1(bridge_slave_0) entered forwarding state
[  529.161968][T14330] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  529.447159][T14335] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2355'.
[  529.522486][T14322] chnl_net:caif_netlink_parms(): no params data found
[  530.071302][T14322] bridge0: port 1(bridge_slave_0) entered blocking state
[  530.082781][T14322] bridge0: port 1(bridge_slave_0) entered disabled state
[  530.090963][T14322] bridge_slave_0: entered allmulticast mode
[  530.098648][T14322] bridge_slave_0: entered promiscuous mode
[  530.108919][T14322] bridge0: port 2(bridge_slave_1) entered blocking state
[  530.116582][T14322] bridge0: port 2(bridge_slave_1) entered disabled state
[  530.123930][T14322] bridge_slave_1: entered allmulticast mode
[  530.131950][T14322] bridge_slave_1: entered promiscuous mode
[  530.237379][T14322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  530.269964][T14322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  530.388570][T14322] team0: Port device team_slave_0 added
[  530.422501][T14322] team0: Port device team_slave_1 added
[  530.524089][T14322] batman_adv: batadv0: Adding interface: batadv_slave_0
[  530.547037][T14322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  530.592964][T14322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  530.625773][T14322] batman_adv: batadv0: Adding interface: batadv_slave_1
[  530.643049][T14322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  530.715821][T14322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  530.936528][ T5083] Bluetooth: hci4: command tx timeout
[  531.557980][T14322] hsr_slave_0: entered promiscuous mode
[  531.624297][T14322] hsr_slave_1: entered promiscuous mode
[  531.648183][T14322] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  531.683125][T14322] Cannot create hsr debugfs directory
[  533.018284][ T5083] Bluetooth: hci4: command tx timeout
[  533.908110][T14419] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2371'.
[  535.097608][ T5083] Bluetooth: hci4: command tx timeout
[  535.201941][T14442] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.2375'.
[  535.472643][T14451] syzkaller0: entered allmulticast mode
[  535.993704][T14471] netlink: 209588 bytes leftover after parsing attributes in process `syz.2.2378'.
[  536.052805][T14471] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.2378'.
[  536.365949][ T9922] hsr_slave_0: left promiscuous mode
[  536.503375][ T9922] hsr_slave_1: left promiscuous mode
[  536.590876][ T9922] .`: left allmulticast mode
[  536.608310][ T9922] bond_slave_0: left allmulticast mode
[  536.613860][ T9922] bond_slave_1: left allmulticast mode
[  536.626486][ T9922] batadv_slave_0: left allmulticast mode
[  536.632523][ T9922] bridge0: port 3(.`) entered disabled state
[  536.677515][ T9922] bridge_slave_1: left allmulticast mode
[  536.683227][ T9922] bridge_slave_1: left promiscuous mode
[  536.717662][ T9922] bridge0: port 2(bridge_slave_1) entered disabled state
[  536.744531][ T9922] veth1_macvtap: left promiscuous mode
[  537.176417][ T5083] Bluetooth: hci4: command tx timeout
[  537.782944][ T5083] Bluetooth: hci3: unexpected event 0x09 length: 15 > 3
[  537.835190][ T9922] .` (unregistering): (slave batadv_slave_0): Releasing backup interface
[  537.860011][ T9922] batadv_slave_0 (unregistering): left promiscuous mode
[  538.048240][ T9922] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  538.061017][ T9922] bond_slave_1 (unregistering): left promiscuous mode
[  538.132023][ T9922] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  538.158625][ T9922] bond_slave_0 (unregistering): left promiscuous mode
[  538.925145][ T9922] .` (unregistering): Released all slaves
[  539.026496][T14322] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  539.037439][T14322] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  539.049098][T14322] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  539.072577][T14322] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  539.383830][T14322] 8021q: adding VLAN 0 to HW filter on device bond0
[  539.515374][T14322] 8021q: adding VLAN 0 to HW filter on device team0
[  539.562682][ T2954] bridge0: port 1(bridge_slave_0) entered blocking state
[  539.569969][ T2954] bridge0: port 1(bridge_slave_0) entered forwarding state
[  539.598717][ T1030] bridge0: port 2(bridge_slave_1) entered blocking state
[  539.605987][ T1030] bridge0: port 2(bridge_slave_1) entered forwarding state
[  539.831875][T14521] netlink: 'syz.2.2393': attribute type 9 has an invalid length.
[  539.844654][T14521] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2393'.
[  539.886484][T14526] netlink: 'syz.1.2394': attribute type 10 has an invalid length.
[  539.894363][T14526] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2394'.
[  540.388895][T14322] 8021q: adding VLAN 0 to HW filter on device batadv0
[  540.562925][T14322] veth0_vlan: entered promiscuous mode
[  540.640155][T14322] veth1_vlan: entered promiscuous mode
[  540.769685][T14322] veth0_macvtap: entered promiscuous mode
[  540.810550][T14322] veth1_macvtap: entered promiscuous mode
[  540.889206][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.922516][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.946845][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.966272][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.998028][T14322] batman_adv: batadv0: Interface activated: batadv_slave_0
[  541.025990][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.046824][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.065539][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.093252][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.112425][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.123298][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.141711][T14322] batman_adv: batadv0: Interface activated: batadv_slave_1
[  541.202841][T14322] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  541.236197][T14322] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  541.244984][T14322] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  541.278671][T14322] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  541.592410][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  541.645064][T14578] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2405'.
[  541.654284][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  541.758625][ T2942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  541.793847][ T2942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  542.182287][T14592] netlink: 'syz.2.2407': attribute type 5 has an invalid length.
[  542.245964][T14592] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2407'.
[  543.111499][T14608] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2408'.
[  543.286367][T14608] team0: Port device team_slave_0 removed
[  543.308400][T14608] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  543.604944][T14622] tap0: tun_chr_ioctl cmd 35108
[  543.702509][T14622] netlink: 208064 bytes leftover after parsing attributes in process `syz.2.2412'.
[  544.125491][T14651] netlink: 'syz.3.2417': attribute type 16 has an invalid length.
[  544.160013][T14651] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2417'.
[  544.254399][T14651] veth1_macvtap: entered allmulticast mode
[  544.602358][T14662] netlink: 'syz.2.2421': attribute type 2 has an invalid length.
[  544.638446][T14662] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2421'.
[  544.732947][T14667] netlink: 60959 bytes leftover after parsing attributes in process `syz.3.2423'.
[  545.030707][T14681] netlink: 'syz.1.2427': attribute type 11 has an invalid length.
[  545.047024][T14681] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2427'.
[  548.378310][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  549.887778][T14718] sock: sock_set_timeout: `syz.2.2436' (pid 14718) tries to set negative timeout
[  549.934683][T14713] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2438'.
[  550.621005][T14738] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2444'.
[  550.978577][T14749] netlink: 'syz.2.2447': attribute type 5 has an invalid length.
[  551.118680][T14756] netlink: 'syz.3.2449': attribute type 10 has an invalid length.
[  551.133913][T14756] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2449'.
[  551.144959][T14756] bond0: entered promiscuous mode
[  551.153671][T14756] bond_slave_0: entered promiscuous mode
[  551.160187][T14756] bond_slave_1: entered promiscuous mode
[  551.166652][T14756] bridge0: entered promiscuous mode
[  551.226971][T14756] bridge0: port 3(bond0) entered blocking state
[  551.236583][T14756] bridge0: port 3(bond0) entered disabled state
[  551.251121][T14756] bond0: entered allmulticast mode
[  551.259524][T14756] bond_slave_0: entered allmulticast mode
[  551.272410][T14756] bond_slave_1: entered allmulticast mode
[  551.287877][T14756] bridge0: entered allmulticast mode
[  551.311397][T14756] bond0: left allmulticast mode
[  551.325617][T14756] bond_slave_0: left allmulticast mode
[  551.342858][T14756] bond_slave_1: left allmulticast mode
[  551.370704][T14756] bridge0: left allmulticast mode
[  551.880943][T14785] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  552.633764][T14801] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2462'.
[  552.687815][T14801] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2462'.
[  552.725007][T14802] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2462'.
[  552.921056][T14806] netlink: 'syz.3.2464': attribute type 2 has an invalid length.
[  552.929369][T14806] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2464'.
[  553.282557][T14817] netlink: 'syz.2.2468': attribute type 29 has an invalid length.
[  553.446785][T14813] mac80211_hwsim hwsim37 wlan0: entered promiscuous mode
[  553.453921][T14813] mac80211_hwsim hwsim37 wlan0: entered allmulticast mode
[  553.473524][T14817] netlink: 'syz.2.2468': attribute type 29 has an invalid length.
[  553.906529][T14841] netlink: 'syz.2.2475': attribute type 21 has an invalid length.
[  553.946319][T14841] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2475'.
[  554.072784][T14842] ------------[ cut here ]------------
[  554.078356][T14842] WARNING: CPU: 1 PID: 14842 at kernel/events/core.c:6806 perf_pending_task+0x35c/0x470
[  554.088245][T14842] Modules linked in:
[  554.092195][T14842] CPU: 1 PID: 14842 Comm: syz.0.2476 Not tainted syzkaller #0
[  554.099773][T14842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  554.109958][T14842] RIP: 0010:perf_pending_task+0x35c/0x470
[  554.116183][T14842] Code: ff 84 db 75 14 e8 74 e0 d5 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 60 e0 d5 ff e8 7b 61 4f ff eb e5 e8 54 e0 d5 ff <0f> 0b e9 f3 fe ff ff e8 48 e0 d5 ff 48 c7 c7 70 f3 1c 8d 4c 89 f6
[  554.136227][T14842] RSP: 0018:ffffc9000bd379c0 EFLAGS: 00010293
[  554.142350][T14842] RAX: ffffffff81b13c0c RBX: ffff8880229b7e48 RCX: ffff888058768000
[  554.156866][T14842] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  554.164922][T14842] RBP: 0000000000000001 R08: ffffffff8e8aeeef R09: 1ffffffff1d15ddd
[  554.173014][T14842] R10: dffffc0000000000 R11: fffffbfff1d15dde R12: ffff888058768000
[  554.181095][T14842] R13: ffff888021485d30 R14: ffff8880229b7c08 R15: 1ffff11004536f81
[  554.189157][T14842] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  554.198465][T14842] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  554.205118][T14842] CR2: 0000000100000000 CR3: 000000002f16e000 CR4: 00000000003506e0
[  554.213198][T14842] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  554.221642][T14842] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  554.229793][T14842] Call Trace:
[  554.233113][T14842]  <TASK>
[  554.236089][T14842]  task_work_run+0x1d4/0x260
[  554.240818][T14842]  ? task_work_cancel+0x220/0x220
[  554.245903][T14842]  do_exit+0x95a/0x2460
[  554.250179][T14842]  ? lock_chain_count+0x20/0x20
[  554.255092][T14842]  ? put_task_struct+0xc0/0xc0
[  554.260088][T14842]  ? preempt_schedule_common+0x82/0xc0
[  554.265606][T14842]  ? preempt_schedule+0xc0/0xd0
[  554.270591][T14842]  ? schedule_preempt_disabled+0x20/0x20
[  554.276363][T14842]  do_group_exit+0x21b/0x2d0
[  554.281017][T14842]  get_signal+0x12fc/0x13f0
[  554.285671][T14842]  arch_do_signal_or_restart+0xc2/0x800
[  554.291344][T14842]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  554.297169][T14842]  ? get_sigframe_size+0x20/0x20
[  554.302179][T14842]  ? ksys_write+0x1fb/0x260
[  554.306826][T14842]  ? exit_to_user_mode_loop+0x3b/0x110
[  554.312347][T14842]  exit_to_user_mode_loop+0x70/0x110
[  554.317743][T14842]  exit_to_user_mode_prepare+0xee/0x180
[  554.323743][T14842]  syscall_exit_to_user_mode+0x1a/0x50
[  554.329377][T14842]  do_syscall_64+0x61/0xa0
[  554.333849][T14842]  ? clear_bhb_loop+0x40/0x90
[  554.338658][T14842]  ? clear_bhb_loop+0x40/0x90
[  554.343385][T14842]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  554.349421][T14842] RIP: 0033:0x7f8f3b79c799
[  554.353896][T14842] Code: Unable to access opcode bytes at 0x7f8f3b79c76f.
[  554.361055][T14842] RSP: 002b:00007f8f3c5eb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  554.369576][T14842] RAX: 0000000000000012 RBX: 00007f8f3ba15fa0 RCX: 00007f8f3b79c799
[  554.377658][T14842] RDX: 0000000000000012 RSI: 0000200000000200 RDI: 0000000000000009
[  554.385671][T14842] RBP: 00007f8f3b832bd9 R08: 0000000000000000 R09: 0000000000000000
[  554.393770][T14842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  554.401830][T14842] R13: 00007f8f3ba16038 R14: 00007f8f3ba15fa0 R15: 00007ffca0031808
[  554.409964][T14842]  </TASK>
[  554.413022][T14842] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  554.420330][T14842] CPU: 1 PID: 14842 Comm: syz.0.2476 Not tainted syzkaller #0
[  554.427805][T14842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  554.437974][T14842] Call Trace:
[  554.441272][T14842]  <TASK>
[  554.444227][T14842]  dump_stack_lvl+0x18c/0x250
[  554.448961][T14842]  ? show_regs_print_info+0x20/0x20
[  554.454210][T14842]  ? load_image+0x400/0x400
[  554.458758][T14842]  panic+0x2dc/0x730
[  554.462679][T14842]  ? bpf_jit_dump+0xd0/0xd0
[  554.467218][T14842]  __warn+0x2e0/0x470
[  554.471222][T14842]  ? perf_pending_task+0x35c/0x470
[  554.476368][T14842]  ? perf_pending_task+0x35c/0x470
[  554.481510][T14842]  report_bug+0x2be/0x4f0
[  554.485856][T14842]  ? perf_pending_task+0x35c/0x470
[  554.491006][T14842]  ? perf_pending_task+0x35c/0x470
[  554.496148][T14842]  ? perf_pending_task+0x35e/0x470
[  554.501313][T14842]  handle_bug+0xcf/0x120
[  554.505591][T14842]  exc_invalid_op+0x1a/0x50
[  554.510206][T14842]  asm_exc_invalid_op+0x1a/0x20
[  554.515090][T14842] RIP: 0010:perf_pending_task+0x35c/0x470
[  554.520838][T14842] Code: ff 84 db 75 14 e8 74 e0 d5 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 60 e0 d5 ff e8 7b 61 4f ff eb e5 e8 54 e0 d5 ff <0f> 0b e9 f3 fe ff ff e8 48 e0 d5 ff 48 c7 c7 70 f3 1c 8d 4c 89 f6
[  554.540465][T14842] RSP: 0018:ffffc9000bd379c0 EFLAGS: 00010293
[  554.546572][T14842] RAX: ffffffff81b13c0c RBX: ffff8880229b7e48 RCX: ffff888058768000
[  554.554561][T14842] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  554.562545][T14842] RBP: 0000000000000001 R08: ffffffff8e8aeeef R09: 1ffffffff1d15ddd
[  554.570625][T14842] R10: dffffc0000000000 R11: fffffbfff1d15dde R12: ffff888058768000
[  554.578621][T14842] R13: ffff888021485d30 R14: ffff8880229b7c08 R15: 1ffff11004536f81
[  554.586621][T14842]  ? perf_pending_task+0x35c/0x470
[  554.591770][T14842]  task_work_run+0x1d4/0x260
[  554.596388][T14842]  ? task_work_cancel+0x220/0x220
[  554.601452][T14842]  do_exit+0x95a/0x2460
[  554.605639][T14842]  ? lock_chain_count+0x20/0x20
[  554.610513][T14842]  ? put_task_struct+0xc0/0xc0
[  554.615300][T14842]  ? preempt_schedule_common+0x82/0xc0
[  554.620874][T14842]  ? preempt_schedule+0xc0/0xd0
[  554.625758][T14842]  ? schedule_preempt_disabled+0x20/0x20
[  554.631441][T14842]  do_group_exit+0x21b/0x2d0
[  554.636062][T14842]  get_signal+0x12fc/0x13f0
[  554.640612][T14842]  arch_do_signal_or_restart+0xc2/0x800
[  554.646190][T14842]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  554.651953][T14842]  ? get_sigframe_size+0x20/0x20
[  554.656936][T14842]  ? ksys_write+0x1fb/0x260
[  554.661468][T14842]  ? exit_to_user_mode_loop+0x3b/0x110
[  554.667446][T14842]  exit_to_user_mode_loop+0x70/0x110
[  554.672841][T14842]  exit_to_user_mode_prepare+0xee/0x180
[  554.678412][T14842]  syscall_exit_to_user_mode+0x1a/0x50
[  554.685302][T14842]  do_syscall_64+0x61/0xa0
[  554.689767][T14842]  ? clear_bhb_loop+0x40/0x90
[  554.694483][T14842]  ? clear_bhb_loop+0x40/0x90
[  554.699202][T14842]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  554.705132][T14842] RIP: 0033:0x7f8f3b79c799
[  554.709578][T14842] Code: Unable to access opcode bytes at 0x7f8f3b79c76f.
[  554.716619][T14842] RSP: 002b:00007f8f3c5eb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  554.725060][T14842] RAX: 0000000000000012 RBX: 00007f8f3ba15fa0 RCX: 00007f8f3b79c799
[  554.733153][T14842] RDX: 0000000000000012 RSI: 0000200000000200 RDI: 0000000000000009
[  554.741151][T14842] RBP: 00007f8f3b832bd9 R08: 0000000000000000 R09: 0000000000000000
[  554.749143][T14842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  554.757146][T14842] R13: 00007f8f3ba16038 R14: 00007f8f3ba15fa0 R15: 00007ffca0031808
[  554.765148][T14842]  </TASK>
[  554.768751][T14842] Kernel Offset: disabled
[  554.773085][T14842] Rebooting in 86400 seconds..