last executing test programs:

13.645781187s ago: executing program 0 (id=2718):
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x644b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x2}, 0x8004, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="050000000b000000008000000400000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000010000000000000000000000000020100000000000"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000003c0)={r0, &(0x7f0000000600), &(0x7f0000000080)=""/61}, 0x20)
socket$kcm(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x9a481, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'ip6gre0\x00', 0x2})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000040), &(0x7f0000000100)='%pI4   \x00'}, 0x20)
close(0xffffffffffffffff)
socket$kcm(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x11, 0x4, 0x4, 0x3, 0x0, 0x1}, 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000f900850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x4, 0xc8}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8c, 0x0, 0x0, 0x2, 0x0, 0x4, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r4, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

8.706377348s ago: executing program 0 (id=2728):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1f, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000e6ffffff85000000b000000085000000d000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000800)=ANY=[@ANYBLOB="550a00000000000061111000000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x3}, {0x1, 0x0, 0x0, 0xc}]}, 0x94)
r1 = socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x2, 0x6, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x0, 0x200000, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0)=r4, 0x4)
sendmsg$inet(r5, &(0x7f0000001a40)={0x0, 0x0, 0x0}, 0x0)
close(r3)
sendmsg$kcm(r1, &(0x7f0000001c00)={&(0x7f0000000280)=@l2tp={0x2, 0x0, @rand_addr=0x64010100}, 0x80, &(0x7f0000001940)=[{&(0x7f0000000500)="cc", 0x1}], 0x1}, 0x48005)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x7c, &(0x7f0000000000)=r6, 0x8)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x3}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r0, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f00000008c0)=[0x0, 0x0], &(0x7f00000003c0)=[0x0], 0x0, 0x12, &(0x7f0000000400)=[{}, {}], 0x10, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x56, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
r9 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r10=>0xffffffffffffffff})
recvmsg$unix(r10, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r11=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r9, 0x107, 0x12, &(0x7f0000000340)=r11, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b0000000000000000000000ffffffff00000000", @ANYRES32=r7, @ANYBLOB="ff0700"/20, @ANYRES32=r8, @ANYRES32=r11, @ANYBLOB="030000000500dbb2b302030000091000000000ebfffffffffff2ffff"], 0x50)
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x28, 0x1, 0x0, 0x6, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b81, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x3, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xec, 0x7, 0x40, 0x8, 0x0, 0x0, 0xd000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, @perf_config_ext={0xffff8880b8e0a000, 0x1}, 0x986, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x81, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r14 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x4, 0x7f, 0x71, 0x6b, 0x0, 0x8, 0x8020, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x5, 0x7}, 0x402a, 0x480000000000, 0x1, 0x9, 0x7, 0x7ff, 0x400, 0x0, 0x8f, 0x0, 0x8}, 0x0, 0xf, r13, 0x1)
r15 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r15, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000600)="2e00000011008188e6b62aa73772cc891ba1f848430000005e140602000000000e0029001000000002", 0x29}, {&(0x7f0000000080)="37eebf67e6", 0x5}], 0x2}, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r14, 0x2403, 0x3de)
ioctl$TUNSETOFFLOAD(r12, 0xc004743e, 0x110e22fff6)

8.353898269s ago: executing program 2 (id=2730):
r0 = perf_event_open(&(0x7f0000000280)={0x6, 0x80, 0x2, 0x3, 0x1, 0x7a, 0x0, 0x80000001, 0x2110, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000000), 0xe}, 0x2000, 0x6, 0x8, 0x6, 0xac516a2, 0x5755, 0x0, 0x0, 0x80000000, 0x0, 0x6}, 0x0, 0xc, 0xffffffffffffffff, 0x8)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xdb1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0xd, 0x0, 0xfffe}, 0x0, 0x1, r0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = socket$kcm(0xa, 0x5, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x830d}, 0x100600, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$inet(r3, &(0x7f00000004c0)={&(0x7f0000000200)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000240)='*', 0x1}], 0x1}, 0x4000)
setsockopt$sock_attach_bpf(r3, 0x84, 0x1f, &(0x7f0000000100), 0x120)

7.687713211s ago: executing program 0 (id=2736):
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x644b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x2}, 0x8004, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="050000000b000000008000000400000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000010000000000000000000000000020100000000000"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000003c0)={r0, &(0x7f0000000600), &(0x7f0000000080)=""/61}, 0x20)
socket$kcm(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x9a481, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'ip6gre0\x00', 0x2})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000040), &(0x7f0000000100)='%pI4   \x00'}, 0x20)
close(0xffffffffffffffff)
socket$kcm(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x11, 0x4, 0x4, 0x3, 0x0, 0x1}, 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000f900850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x4, 0xc8}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8c, 0x0, 0x0, 0x2, 0x0, 0x4, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r4, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

7.671276781s ago: executing program 1 (id=2737):
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x10, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5c00000013006bab9e3fe3d86e6c1d0000147ea64e21160af36504b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300060100000800030011000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (fail_nth: 2)

7.282595394s ago: executing program 2 (id=2738):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$kcm(0xa, 0x2, 0x11)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
close(r1)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2420, 0x0, 0x0, 0x3, 0x3, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES16, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES16], 0x50)
r2 = socket$kcm(0xa, 0x7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="d4020000200000001800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2b}, 0x94)
sendmsg$inet(r2, &(0x7f0000000f00)={&(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x64010102}, 0x10, &(0x7f0000000080)=[{&(0x7f00000001c0)='f', 0x1}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="20000000000000008400000008"], 0x20}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000004080000000000000002000000000000000000000002000000000000000000000000000002000000000000000000000004"], 0x0, 0x56, 0x0, 0x0, 0x2}, 0x28)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
r3 = socket$kcm(0x2, 0x3, 0x2)
r4 = gettid()
syz_open_procfs$namespace(r4, &(0x7f0000000180)='ns/time_for_children\x00')
sendmsg$inet(r3, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, &(0x7f0000002800)=[{&(0x7f0000000c00)="b107c09a5026de51ce3e8640af1a8b2d1e67f16405c3458fe41dc04ef234718d683aa3a998fa99431a9c7c6d7505b0cec633f763303666604cbb6aa4c0f995a9454dc81b079dc93b0162ac3d1a8a1b72ce18d493594b3b24bad58801007a7b1d8ab9b50c5dbef8311b2502a124913259abadf354fea31d1ce0fed5c7ac577690164d1a72748723d3eb92e3e73e3a2b7cdfaa442f9e9f8e1a711d5b988215f0f80a2eeade5a078256a41973b0b029278c20a2818628dc256a0742896c3def6e825fdf64fd33d5f584ca908c272dc04d0693decdad028feec7f76221378c185027e8695c9b07506ed46d4f8bb90883c08e85e058ece62cd797d2c01e6285c77430eec435ac9df6256e121859d8aea507ff8a9dd0694681649d44fbb937398edecbe06096df2e443af0c3f0950301e1128727ba88a063e88f90206dd5f099a1c333114b97e0e1b55106a9755e208651a8f281173d1ed31e62433a766a28c8496f00ad108672a1f6079c10588a7ffb658dd61a6efa4bfa379945659c0ebbeca3f56215413802975d89f0c0131c71169084851cddd8b367738f069955b2d3fcdeba878b6bec8240227ddb9fac4706eb62bc6540a91014cce6987ee604c5f398ae4fef3f501ebad02ba122d7769b603eaddb5f9b101f1b42a931ac50c27feb4b0c703d1b3f9e88eb569db5082957fe", 0x1ec}, {&(0x7f0000001680)="fae0835ee82c20abb86f7c287ffb04a52a0b2339a4efc8216bada6fb7f4385ead471969bdf9b82994c10898db8b0fd9a6068b87f4547eff53d6cb7b37534e44d27c79042f5c405c0ff3eaf643001000000000000008263d71ee0e5b2cb31215ded6df9c76d150aa52a4eecb94fe48e79205c96a0aab13eaa4681860576d2e32f6873b200d669e65d56bd8a4703cbea6b8c610ec158fe5f8683f7", 0x9a}, {&(0x7f00000002c0)="6b75b597d05d969a191023", 0xb}, {&(0x7f0000001740)="3f013c9ef434ca4df0854ba1c14f7db8ccda5e87715ffd1ead9c4d9a2306168b07d3c6763a3ceabf6dfae235f3d783ddc8a7bbd796b345df843b5f0a623ab36b3123dfcd05bf4a6e3f35d859ffc0b699be4052995533be91880029387cc3e15b2d9bf3513e617572d965ba8f665eedcbdaad53d04cddeed78a3904956c5dc95f47132090648f98558d14a4850ac4b92e1b41a06dee6198c74c72607a032c3c7ef5abd0ba4a7f9f5dfebd75457b2ec358e951ade2375ad6524eb4263d6ef72e05901da983aac2b31a5e2631e39301a6dd04c128aabcea9134ec99685df1068506541f1265c77c85300497abfebce6ed768d9922ba3699dc6cc1863c0aa9321170b9e63a74986c1996d0fa1a5886e7023836ddbe64bea33edfe6fc1cb64784da18c2d4930eb481930b9298b57c7939189df401aed6a586f0103fccf70f92a53666d5afd3dd0b12273e5c1f2ddee89ed9a280c10df8e55ed24dcf9d631b693cd38006da4629a6b4a599de94a5b8ba6bccffdaa9d3fe0970623c118ba7e811d534915e4c63fa40df1e5a37ad9e5827ff65b2e4d8480a3f66576a3a52c0c80606098c0cb0b203f20d4f7b614652e4d8eb595d29ad1a4ce2c97aa30328c9987e1f1d8b7954ff54ddb69d5c3d2225bdd84e93b19edc2d33116373b0b5be8eea62d84896d2412edf5d321f75811360f89fe6ca8ac6545ec1c9f86ab285d1b5ba00c269514dab7a076c01cbfecaaff336d116481b16e434262de851a70ff056b1f9319840e27d5f446a3476210f4e70ceb71eeec17619911d56b74d7e761ff9c43dd237772377f888bfad215f3ee19eeeb87564f77241258874dd70bdd976305092426d18a3bc60022cb0acc2d21b3e246ae7f49f5b6461b888a3d353362c2ec9bed1f7d4d3a0200e3af42fcf36f4c09bc095b3fd391a23faad86bfa29696b80093da6a97d6c4a54eca89d4979f12acbf89bca0c8cc5f490737b09fd77b8b7fcfa7b94787f81cff59ae583b5309bdb82ff76ceaf739cd254b32cc8e289541b8921aa2aedac4bf6c91c2aab801c459", 0x2ea}], 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="1c0000000000eeff0000000008000000a78f05aa3791bea13ec477afaf53adf13755787e70efece3217229e7a18c49e0a625ce9d8a1c1e8c353e89bb3e39a6e30263d48ac93fd66c01d25657d1e6fa617ce5081c5d269319184c991461463fe93cff22fd902e3c854eb18daa34e0f767b000bcbce7ed006c2aecd6f32533fe6e", @ANYRES32=0x0, @ANYBLOB="ac141410e000000100000000380000000000000000000000070000000101071722ac1e0001ac1414aae000000200000000ac141400000c3a047e2aae56e4b9eab8000000"], 0x58}, 0x0)
recvmsg$kcm(r3, &(0x7f0000004a40)={0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000003840)=""/4096, 0x1000}], 0x1}, 0x10002)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0xf, 0x2, 0xff, 0x0, 0x0, 0x2, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0x1}, 0x80000, 0xca, 0x0, 0x4, 0xdf1d, 0x400000, 0x0, 0x0, 0xe, 0x0, 0x8}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x6)
recvmsg$unix(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x1c0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x20, 0x0, 0x0, 0x0, 0x5d30, 0x10040, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x2, 0x20000}, 0x0, 0xbc, 0x0, 0xc, 0x7, 0x1, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="7a0a00ff00000000711076000000000095000000000000006e4448521f10d651a78d5b8dda4332edb55d450e1699739eb240046c51efea297d3cfacddbe2"], &(0x7f0000000480)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r5)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x5452, &(0x7f0000000a40)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdf\x85\xaac{\x8c\x8ffp`-\xcd\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\t\xed\x13q2\xdd\xaf\xcc\xeeR\xf2/\x00\x00E>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\xcb\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xcc\xca\x04\x00\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x03\x00\x00\x00\x00\x00\x00\x00\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\xf3\xcf\x17\xf5\x86%\x7f\xec\xb2\xc5E\x00\xb2e\xa8\xf1<\xb2\xc82\xbf=o\x00\x00\x00\x00E\x00\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x922A\x95\x8e\xbc\xc8<s,\xb023Z{\x9f\xc2\x94+e?\x87\x95\x8e\r\t\x0er\x92\xe2\t\xc4S\xd4\xd2\x87.&`\x95\'=0\r\xd2n\xf5\xcd\x9b\x15Oo\xd8Nj0\xe2\xe5A\xb2\xc3\xf7\xc8\xe7 \"+\xd6\x9e\x18\xec\xb7H\xf9\vd\xebE\x9dtI\xe5\xb5\x8e3\x19<\xdeS\xf4\xe6\xba\x0er\xfc]\xcbd@\xe8R#(u\xe1\x9b\xb7\xd5\x82\xab;\xdb\xa2\x9e\xe8W;\x86\x89\x99\xa1\x99\x1b\xbd\xaf\x11\xcf\x1d\xb5n\xe3&\x1b Z|\x18\n/\xe4\x83\xb5\xdd\xed\xd8\xba\xe8\x8d{@\xd1\x00\x00\x00\x00\x00')
syz_clone(0x4040000, 0x0, 0x0, 0x0, 0x0, 0x0)

7.179736617s ago: executing program 1 (id=2739):
r0 = socket$kcm(0x2c, 0x3, 0x0)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@o_path={&(0x7f00000000c0)='./file0\x00', 0x0, 0x4010, r0}, 0x18)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000140)={r0, r1})
setsockopt$sock_attach_bpf(r0, 0x11b, 0x6, &(0x7f0000000000), 0x4)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000500)=@generic={&(0x7f00000003c0)='./file0\x00', r2}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff})
socketpair(0x11, 0x80000, 0xaa, &(0x7f0000000640))
ioctl$SIOCSIFHWADDR(r3, 0x8b26, &(0x7f0000000280)={'wlan1\x00', @random="26e9b28de000"})
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="9f0400000000000000ec0000180009020000000400000000000007000000000030004f5f00000000000000ffff08f700001090f8fb23afa71a04d515c7913ec4008319ded52f8df6eaa0490dfc6e07b35f55f5535e854c7e3b30060000005d1491857ff26f39695515e7bc9409b140ef53a85c9d3dfe6b8589791c16eb1beec17f9f5b7fa34eb110ead1cc7555c5048b47aa7258abea"], &(0x7f0000000540)=""/246, 0x36, 0xf6, 0x1}, 0x28)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
recvmsg(r3, &(0x7f0000002dc0)={&(0x7f0000000680), 0x80, &(0x7f0000002c80)=[{&(0x7f0000000700)=""/144, 0x90}, {&(0x7f00000007c0)=""/207, 0xcf}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/223, 0xdf}, {&(0x7f00000019c0)=""/227, 0xe3}, {&(0x7f0000001ac0)=""/185, 0xb9}, {&(0x7f0000001b80)=""/195, 0xc3}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x8, &(0x7f0000002d00)=""/179, 0xb3}, 0x12001)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002f00)='./cgroup.net/syz0\x00', 0x200002, 0x0)
syz_clone(0x4904100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000002e00)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0600000000000000", @ANYRES32, @ANYBLOB="5bea9764e12dc5776a961442f8fe68bedd637a85c540b64d2a00060000abe3f5894981dac3f7a3d382349a69fdfb459e4d1f3356b6130a37c2cea512b2f3f92674bc1f2771bfac549a2b176edf45e6d4b3da4650eb2b0f68dd924b094c6c111560fddb7131c09d47a3f8994fae3a08d4abbf3a896ad3b232b628ef162bb6da3762e12102bb317da319b21b3fcf17662de0a798180b", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r5 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r5, 0x29, 0x21, &(0x7f0000000040), 0x4)
sendmsg$kcm(r5, &(0x7f0000002dc0)={&(0x7f0000001580)=@l2tp6={0xa, 0x0, 0x2, @private1}, 0x80, &(0x7f00000029c0)}, 0x8c1)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e", 0x23}], 0x1, 0x0, 0x0, 0x35}, 0x0)

4.62770217s ago: executing program 0 (id=2741):
r0 = bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x6, 0x9}, 0x114905, 0x4, 0x0, 0x9, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800001000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$kcm(0xa, 0x1, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000080000000200000000000000", @ANYRES32=r4], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8916, &(0x7f0000000000)={r4})
r5 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8916, &(0x7f0000000000)={r5})
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x8936, &(0x7f0000000000)={r4})
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r6, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@generic={0x7, 0x9, '\t\x00A\x00\x00\x00\x00'}]}}}], 0x20}, 0x20002800)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000200)=r0, 0x4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5d30, 0x12000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x2, @perf_config_ext={0xf, 0x5}, 0x100e64, 0x4e76, 0x4, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003600000085000000640000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
r7 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$kcm(0x1e, 0x5, 0x0)
setsockopt$sock_attach_bpf(r8, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r9 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r9, 0x29, 0x1a, 0x0, 0x0)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x10, 0x0}, 0x3000c084)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x3e, &(0x7f0000000100)=r10, 0x4)
sendmsg$inet(r7, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

4.595102621s ago: executing program 3 (id=2743):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000017000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b707000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x10, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.588529851s ago: executing program 1 (id=2744):
r0 = perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x644b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x2}, 0x8004, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)="d800000019008111e0020f060d8107040a60090000020000000455a1bc00090008000699e3ffffff140005000800000006000567b8b7b94002000009080016060000000000000074d67fffff6b26462f25a4d1c2e446b72af3e29400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237ee4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b694138c9f1ac76efb42a9ecbeec6e6ccd4", 0xd8}], 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x1, @ANYBLOB="0200000001"], 0x50)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="350400004100054cc6a119e30980a843015a35400c00020002452b0c7f21d100002037153e370c04018006041a004500ac377653c6de2a7c1af4a918505e7a19ff6dc6a3cb9708b9469405009c8e000000800000516c006c154938456646efee34b951a078932502bdbcf6c6b8d226dc64f5b1a0718d687ed8934d4780bae8ba0a55a6c130214043ff8ad5084a642a4d4aac02e408ff3af4be0000000000005b3ceabc3ad0dcf506e49fc53f2d6ef7b311065ea22bc6d528c88fd15df422c8a63e1835674464541c201f843eccf75e7cecddf3a7464ca5b6a9e0b8f2cb286aa8cf672e7bf2e0270f830e01f0a48af76682b068ccaef35850dc2168aa5f5d25c9042255c7ee9048013dd0c07bdbd29d5617f26824ebdce61e63402cec93032363325edd84bb957353b8f9add6f0bc8f0923277229e8b85fd6916d61e6ea2c2e68c581331a74", 0x145}, {&(0x7f0000000a40)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc2261c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c78070974afc897fb738fbcfeac369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319129c48853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f329d71", 0x2f0}], 0x2}, 0x10049014)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'})
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x3d)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8946, &(0x7f0000000080))
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002380)=""/4102, 0x1006}], 0x1}, 0x2002)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)="d800000019008111e00212ba0d8105040a603f00ff0f040b067c55a1bc000900080006990300000015000500fe8081780d001500030001400200000901ac040000d67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/214, 0xd6}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x6, &(0x7f0000000140)=ANY=[@ANYBLOB="180800000000000000000000000000008510000018", @ANYRESHEX=r0], 0x0}, 0x94)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000080)=ANY=[@ANYBLOB], 0xfe33)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020032000b05d25a806f8c6394f90824fc602f0000000a740100053582c137153e", 0x23}], 0x1}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={0x0, 0xffffffffffffffff, 0x0, 0x3b, &(0x7f0000000000)='/proc/sys/net\x00\x00\x00\x00\x00\x00\x10\x04/sync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd11=\x11\xc8\xdd\x15\xcc\xd2\xf1d\'%\x11c\x91l,'}, 0x30)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8948, &(0x7f00000000c0)={'bond0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}})

4.32779742s ago: executing program 2 (id=2745):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="6880a642beaf34317f0dd3122a90ad0d2b", 0x11}], 0x1}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
recvmsg$kcm(r2, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2120)
sendmsg$inet(r2, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb97}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)
r3 = perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x84, 0x9, 0xff, 0x6, 0x0, 0x1fea3c31, 0x2200, 0xf, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x72, 0x10001}, 0xa063, 0x3, 0x1, 0x5, 0x2, 0x4, 0xf3a, 0x0, 0x8, 0x0, 0x826c}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r3, @ANYRES64, @ANYRESOCT=r3])
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x10, r3}, 0x18)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x746f2f51, &(0x7f0000000080)=[{&(0x7f0000000040)="3f0400001c00810ce00f80ecdb4cb9f207c804a01f000000020005fb0a0002000a0ada1b40d80300000000000000", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

4.255483242s ago: executing program 3 (id=2746):
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x10, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5c00000013006bab9e3fe3d86e6c1d0000147ea64e21160af36504b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300060100000800030011000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

4.226586653s ago: executing program 0 (id=2747):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x7}, 0x10104, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, r0, 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xb, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0xa, 0x5, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000180)=@in6={0xa, 0x4e23, 0xb00, @mcast1, 0xffffff5e}, 0x80, 0x0, 0x0, &(0x7f0000000280)=[{0x18, 0x29, 0xb, "7c3bfcc3"}], 0x18}, 0xf7e5)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000800), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000740)="2e00000010008188e6b62aa73f72cc9f0ba1f8481a0000005e140602000000000e000a00100000000a8000001294", 0x2e}], 0x1}, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x10, 0x0}, 0x3000c085)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f0000000100)=r5, 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)
sendmsg(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f00000001c0)=@caif=@rfm={0x25, 0x5, "ddbcd28a94cb332e83ceb76ffd88abdf"}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000540)="96315437ecdc869620a24058f57c73a52df64841449a2fda848685b4cf5f6759e9cf83f67d5a0483f963a67c02e9294fb021d76194e5d6e4a9debcc6c4c0c277164c026bb479876d307baa6b5cdadd8f0774bdfd660dc3d5f62e9f3002d4082108c2d5366fdaf85f2172dd0805067312ef58445e480ab8250819bbc5e5cd1787e6209f80bec18673c928a469cf5a7bfee0c32cda65e40cef140737ab0e7324b0398435af0afc2bc135fdff", 0xab}, {&(0x7f0000000600)="09c876ea3e3b62fa1af8ce91ce25107d0337f0bdf2974c8aea05699dea7f623746a59194d0241558fdce66515f943c7fa50ed5b8c714584a06b70971e539e7fbcd9c628a580776d38c34479fa83dc01a707e44b219a62e029f71334d357295f582c104ffdf1c37dcab51315ddae3895cd3c0a26fcb22165b1a8db5154ba9ed900a2472a9f82195dfcc7eda4fbd7ac1d73bb6cff8b4930dfd7be3a2e7e1bcc75963a356227c2be1b41c15888d55b9", 0xae}, {&(0x7f00000006c0)="9cbd30c58f821ca2b7182e1cf079b883c24ffbae4ab409549cb8d855fa1d004318081e0f16ad4df211162e8ba6c168", 0x2f}], 0x3, &(0x7f0000000800)=[{0x30, 0xff, 0x6, "eba54fd128fb4519e53be836254de17d7043eda6b49b2b867bde4bd31838"}], 0x30}, 0x1)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000340)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000880)=""/94, 0x5e}, {&(0x7f0000000900)=""/11, 0xb}], 0x2}, 0x10000)

4.118456216s ago: executing program 1 (id=2748):
r0 = perf_event_open(&(0x7f0000000280)={0x6, 0x80, 0x2, 0x3, 0x1, 0x7a, 0x0, 0x80000001, 0x2110, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000000), 0xe}, 0x2000, 0x6, 0x8, 0x6, 0xac516a2, 0x5755, 0x0, 0x0, 0x80000000, 0x0, 0x6}, 0x0, 0xc, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xdb1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0xd, 0x0, 0xfffe}, 0x0, 0x1, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e23, 0x997, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x40}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x68000000}, 0x4040010)
r1 = socket$kcm(0xa, 0x5, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x830d}, 0x100600, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$inet(r1, &(0x7f00000004c0)={&(0x7f0000000200)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000240)='*', 0x1}], 0x1}, 0x4000)
setsockopt$sock_attach_bpf(r1, 0x84, 0x1f, &(0x7f0000000100), 0x120)

4.083734538s ago: executing program 3 (id=2749):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xf, 0x0, &(0x7f0000000000)="532e62b00bf2e1f1a5c9ed1283a7d0", 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1303000054009155090893b31b71a54a07"], 0xfe33)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)='%pK    \x00'}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, r2, 0x4, '\x00', r3, 0xffffffffffffffff, 0x5, 0x4, 0x2}, 0x50)

3.949889502s ago: executing program 2 (id=2750):
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x644b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x2}, 0x8004, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="050000000b000000008000000400000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000010000000000000000000000000020100000000000"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000003c0)={r0, &(0x7f0000000600), &(0x7f0000000080)=""/61}, 0x20)
socket$kcm(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x9a481, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'ip6gre0\x00', 0x2})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000040), &(0x7f0000000100)='%pI4   \x00'}, 0x20)
close(0xffffffffffffffff)
socket$kcm(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x11, 0x4, 0x4, 0x3, 0x0, 0x1}, 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000f900850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x4, 0xc8}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8c, 0x0, 0x0, 0x2, 0x0, 0x4, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r4, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

3.829538326s ago: executing program 3 (id=2751):
r0 = socket$kcm(0x2, 0x922000000001, 0x106)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xc000000, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x0, 0x0, 0xb269, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0e00009bd029ef8020ab070004000523a6"], 0xfe33)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
close(r2)
socket$kcm(0x2b, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f00000000c0), 0x4)

823.592184ms ago: executing program 3 (id=2752):
r0 = socket$kcm(0x2c, 0x3, 0x0)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@o_path={&(0x7f00000000c0)='./file0\x00', 0x0, 0x4010, r0}, 0x18)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000140)={r0, r1})
setsockopt$sock_attach_bpf(r0, 0x11b, 0x6, &(0x7f0000000000), 0x4)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000500)=@generic={&(0x7f00000003c0)='./file0\x00', r2}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff})
socketpair(0x11, 0x80000, 0xaa, &(0x7f0000000640))
ioctl$SIOCSIFHWADDR(r3, 0x8b26, &(0x7f0000000280)={'wlan1\x00', @random="26e9b28de000"})
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="9f0400000000000000ec0000180009020000000400000000000007000000000030004f5f00000000000000ffff08f700001090f8fb23afa71a04d515c7913ec4008319ded52f8df6eaa0490dfc6e07b35f55f5535e854c7e3b30060000005d1491857ff26f39695515e7bc9409b140ef53a85c9d3dfe6b8589791c16eb1beec17f9f5b7fa34eb110ead1cc7555c5048b47aa7258abea"], &(0x7f0000000540)=""/246, 0x36, 0xf6, 0x1}, 0x28)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
recvmsg(r3, &(0x7f0000002dc0)={&(0x7f0000000680), 0x80, &(0x7f0000002c80)=[{&(0x7f0000000700)=""/144, 0x90}, {&(0x7f00000007c0)=""/207, 0xcf}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/223, 0xdf}, {&(0x7f00000019c0)=""/227, 0xe3}, {&(0x7f0000001ac0)=""/185, 0xb9}, {&(0x7f0000001b80)=""/195, 0xc3}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x8, &(0x7f0000002d00)=""/179, 0xb3}, 0x12001)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002f00)='./cgroup.net/syz0\x00', 0x200002, 0x0)
syz_clone(0x4904100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000002e00)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0600000000000000", @ANYRES32, @ANYBLOB="5bea9764e12dc5776a961442f8fe68bedd637a85c540b64d2a00060000abe3f5894981dac3f7a3d382349a69fdfb459e4d1f3356b6130a37c2cea512b2f3f92674bc1f2771bfac549a2b176edf45e6d4b3da4650eb2b0f68dd924b094c6c111560fddb7131c09d47a3f8994fae3a08d4abbf3a896ad3b232b628ef162bb6da3762e12102bb317da319b21b3fcf17662de0a798180b", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r5 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r5, 0x29, 0x21, &(0x7f0000000040), 0x4)
sendmsg$kcm(r5, &(0x7f0000002dc0)={&(0x7f0000001580)=@l2tp6={0xa, 0x0, 0x2, @private1}, 0x80, &(0x7f00000029c0)}, 0x8c1)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e", 0x23}], 0x1, 0x0, 0x0, 0x35}, 0x0)

801.740924ms ago: executing program 0 (id=2753):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffff8}, 0x10080, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000a80)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce2200302c"], 0x66) (fail_nth: 2)

766.159775ms ago: executing program 1 (id=2754):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000017000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b707000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x10, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

711.730337ms ago: executing program 2 (id=2755):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
close(r0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r1, &(0x7f0000001c40)={0x0, 0x0, 0x0}, 0x0)
close(r2)
socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x10f, 0x85, 0x0, 0x0)
write$cgroup_type(r0, &(0x7f0000000080), 0x11ffffce1)

634.98005ms ago: executing program 1 (id=2756):
r0 = perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x644b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x2}, 0x8004, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)="d800000019008111e0020f060d8107040a60090000020000000455a1bc00090008000699e3ffffff140005000800000006000567b8b7b94002000009080016060000000000000074d67fffff6b26462f25a4d1c2e446b72af3e29400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237ee4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b694138c9f1ac76efb42a9ecbeec6e6ccd4", 0xd8}], 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x1, @ANYBLOB="0200000001"], 0x50)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="350400004100054cc6a119e30980a843015a35400c00020002452b0c7f21d100002037153e370c04018006041a004500ac377653c6de2a7c1af4a918505e7a19ff6dc6a3cb9708b9469405009c8e000000800000516c006c154938456646efee34b951a078932502bdbcf6c6b8d226dc64f5b1a0718d687ed8934d4780bae8ba0a55a6c130214043ff8ad5084a642a4d4aac02e408ff3af4be0000000000005b3ceabc3ad0dcf506e49fc53f2d6ef7b311065ea22bc6d528c88fd15df422c8a63e1835674464541c201f843eccf75e7cecddf3a7464ca5b6a9e0b8f2cb286aa8cf672e7bf2e0270f830e01f0a48af76682b068ccaef35850dc2168aa5f5d25c9042255c7ee9048013dd0c07bdbd29d5617f26824ebdce61e63402cec93032363325edd84bb957353b8f9add6f0bc8f0923277229e8b85fd6916d61e6ea2c2e68c581331a74", 0x145}, {&(0x7f0000000a40)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc2261c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c78070974afc897fb738fbcfeac369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319129c48853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f329d71", 0x2f0}], 0x2}, 0x10049014)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'})
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x3d)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8946, &(0x7f0000000080))
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002380)=""/4102, 0x1006}], 0x1}, 0x2002)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)="d800000019008111e00212ba0d8105040a603f00ff0f040b067c55a1bc000900080006990300000015000500fe8081780d001500030001400200000901ac040000d67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/214, 0xd6}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x6, &(0x7f0000000140)=ANY=[@ANYBLOB="180800000000000000000000000000008510000018", @ANYRESHEX=r0], 0x0}, 0x94)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000080)=ANY=[@ANYBLOB], 0xfe33)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020032000b05d25a806f8c6394f90824fc602f0000000a740100053582c137153e", 0x23}], 0x1}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={0x0, 0xffffffffffffffff, 0x0, 0x3b, &(0x7f0000000000)='/proc/sys/net\x00\x00\x00\x00\x00\x00\x10\x04/sync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd11=\x11\xc8\xdd\x15\xcc\xd2\xf1d\'%\x11c\x91l,'}, 0x30)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8948, &(0x7f00000000c0)={'bond0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}})

91.923417ms ago: executing program 2 (id=2757):
socket$kcm(0x2, 0x3, 0x2)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x29, 0x1, 0x1, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0x3)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001980)="2b7314e09a92bafb36c833be506b72e39af51682a30566ac25c1a8a5753002cd45098cda6617d9d0d69f7684523ba452330693735b9fc8ce6db494c2d377f07e122122111906bbff8b319713b03ce8bc5f18475cc8956611f3d7eb7c9bffb9335988a65c825a0736541282bcbd5f23d95b1b6abf84a1185f0591f27b3706b60612e043e6c714e6a3f7020aee5bafd0bf574564d8583ab0b1d9b95b50a207f7f6de8fbedf2c358ea42251196c857fb9bb205a3ee34f3a61b134ed1e4a732ede3507ffc8a262f76254cc664cd4eca06375bb89295cab412d559dc1fb098d3067f4a5e5ff61846026aff514f883ea491e4dc3f351d0a16b9c694dcd1e31c7d30dc50130a621ff5139109a7db3e9e137cc20a7fe260f639e369ac106094b9ba024e5934a5883df79429acbc854c25c9b3294400f8940c3cbb9d50f67b5ddd4a2cf85c36dfe80e3119f81d83abf8822c9832f7f6bf14feb6a8182a9efec48c0b74b1484631f3f45ef9e6b90e0dab6181a5c68ccc94651be224b51c2492fa8cb03ad0b475a5f052ffa9b695407227999e464a7ea0f58d35963d3d32ce38b73391c593530423a10b4d752c05feb266edb12a813beb7cdf747260232a45c4baa266ba1722ffeae9a474d3cee695360069766da47a4c36603b55cf779ff030a9414fd0a1ec5e49c424795da04e6adb9a5e01dd771bf841c7a5cedc03b7a4c2733aab4087d8383442104566229df2fcc12cfca85b6cd6949b94d582def2ac3b22ada7c22980287adcaa7123764dd5d1f23605a1aa77f23560f48bb29d2e6c3d2d20370e59ab695dad58d5faedbef978109a4248de02bf1f0f56468c4334f60839752445f8f3014c19da69795f5968a8a7f03bcee144842b38bb1288a93811283e01dc43f1e11713f76538c6855dd9cb047829bda4c82ccad9baa812ea2fdc762c2416751183bade3d0c4d775f4f53dfd922e38a78bcd44f276f871366a07bbb4bbd4ec0580fe3b52cdb07b808bd901dea5b25cc0b3f5ebbb0ebe21a9575828d8011ef76c6c391ffa6db9bc6fd7bde5ca1f7ab8f40d28b3404c1206ed2069bf05f45692f690cd1026247253cc4ffa5a785cc14ed65996f009c3dbc077bc67c37e067480ff73d517dd7797835f2cb7cc25a98c2f4889e5d6744d2e1dcdc18d3a096150b6f8dba289b186773c600fd1474832f8b265fa8e07667b412ac9fca80dc849ddb1ea8e10d213f0479e795fb0024964cf1e65078d5723243cdd3256fb9fd5251f27a1815fa1c69304f4c3555bd5d5e07c4f59802d9bb202420d6177bd937a85ea51219dba814c90ac490306ddbd50858bc597d1832dfccf3a455a1ee4e286bd497a4d2beeed84386596dcc74be271ccd63155d14a458c10f0fccc42d409a9aaa95f68070e55f1eb085a8bfd5f7ba271e6839f577b92f354d08c8f9bbb4958043bd4ed254f62c3f52464c74d0b902ee106ffa5b4479a076e4b758570ac45059ec862c10657448b501117aee010c7c9166c4ec8a3363b1b93d48ffd5f2fc1603aa7974d0d6d8118bbe20822b46e47dfe97f2828b760bf040e743778da5cf87af2e70030e97ed3296ad1a354a92b742098146368b7f85a8b6048748da322632c24e1f1b6678e3b22cb3673410fb41bc3367f3ace20a5b5b00e4e2ec6aa192ea8d85062ea0f1507714062f1e8500e3f9d1ea977314d8faa77b1f9717d53676055a2caeb54c7e544caa366cf3bf0a96e628979378f966ea2783661ef295ddacfc38f90154f674389bbe09c5851aade84502b4683acebd4bbf09c6d37fc88c4c23de3d9379bda04", 0x501}], 0x1}, 0x4044004)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000400)="a5d0", 0x1650}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

0s ago: executing program 3 (id=2758):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xfe123, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_config_ext={0xd, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3, 0x1}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r5)
r6 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x66137, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000ec0)=@base={0x9, 0x1, 0x56d, 0x4, 0x42, 0xffffffffffffffff, 0x1000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r8}, 0x38)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000280)={<r9=>0xffffffffffffffff})
recvmsg(r9, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000680)=""/140, 0x8c}], 0x1, &(0x7f0000002f40)=""/229, 0xe5}, 0x40000004)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001300)={0x6, 0xa, &(0x7f0000000dc0)=ANY=[@ANYBLOB="185700001000000000000000000000002529fffff0ffffff850000006e000000850000009600000000000023baffff0c00"/75], &(0x7f0000000e40)='GPL\x00', 0x3, 0x3a, &(0x7f0000000e80)=""/58, 0x1f00, 0x74, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001240)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000001280)={0x5, 0xf, 0x0, 0xfffffff2}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f00000012c0), 0x10, 0x4}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xc}, 0x10a602, 0x0, 0x0, 0x9, 0x5, 0x8000, 0xfff7, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x6, 0x20, &(0x7f0000000780)=ANY=[@ANYBLOB="18300000040000000000000000000000b7080000000000007b8af8ff00000000b7080000225300007b8af0ff00060000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000800000085000000a500000018680000050000000000000004000000180000005125000000000000638f000018220000", @ANYRES32=r2, @ANYBLOB="000000000100000018610000070000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000600000085000000060000009500000000000000"], &(0x7f0000000880)='syzkaller\x00', 0x101, 0xe9, &(0x7f00000008c0)=""/233, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000009c0)={0x5, 0x10, 0x2, 0x9}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000a00)=[{0x1, 0x5, 0x0, 0x8}, {0x6, 0x3, 0xf, 0x7}, {0x3, 0x1, 0xd, 0x7}, {0x0, 0x5, 0x4, 0x5}, {0x5, 0x4, 0x4, 0x3}, {0x5, 0x3, 0xa, 0x3}, {0x5, 0x1, 0xf, 0xb}], 0x10, 0xe}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000c00)={0xffffffffffffffff, r1, 0x0, r10}, 0x10)
sendmsg(r9, &(0x7f0000000d80)={&(0x7f0000000180)=@l2={0x1f, 0x8, @none, 0x200, 0x3}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000380)}, {&(0x7f00000003c0)="cd501517784f966e877ae0cba97312b61b60810cc24c7b5f636fb8832f20bc82a9b8e632ab84e4971c9fc073224ebdf8cc3640d45ec49dc300d6", 0x3a}], 0x2, &(0x7f0000001040)=ANY=[@ANYBLOB="b0000000000000008800000009000000ae8de05bea0f8e58ccd07f441ce3e38eda7c6ad5c8f9c7baa6508fc5e0850163c692e9f74b9a889ec987a6125f1713ab9e3b968dd498d9e01cc971d42b8167d5d29b8d9eb07e5cf425418c8d1a087e48e68afe9f456286382ec4d18ec87f17530b9723381cba3cf637ba87be52e150b9a881f13fc57819f0cf1954ca23a24e7d51643481ace0881cdf737b5aee15b851631f6441d05aa3b31d5768c40000000058000000000000008400000003000000b6373efd19b119668d5dbc8b464d8d9eaa843748f86941ec6b5ccda7a25d590783ecbc06d966eefb7d7ec2ad5091a1d9b89add2a6a18eb5a13f54896f86f211568c000000000000088f99963cfbee71f2a81f2cd388a7910629a1e67b7351561d74683fb6e13904049c7ac4b9f85f5dacd301d0a3ddcbf0582dad968ccbde4d65de37ad4334def1383df217d241a5a93dd0af30fb9add912596b5b7e9a2b536c2d1a4818f9529fae9f55b02a798f9841435d6443898333209afb885abed9409d8b4a906c36f0cedb9516837fafe6c35d1bff9b8bba22e702164e4a7199a2c8772ba5f93613629fccaaff35f91055ef55734d8e101ddf04c38c37bb823179d86fd118f872c1e5794142ef3a7d2e89347d12"], 0x108}, 0x84)
r11 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r12, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e0ffff200000000021000aac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r11, 0x40042408, r12)
sendmsg$tipc(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="e909000000747a9bab1ccbda126d1d347f32977d0fca647cd8921ba460d8eb0a5612a6ecdb0000000000000000005400dd4da300e021f5767186799af720b27ef5ddc50180008b6c2ff74ec4bffc57504e3df152b5c421bc9aaeaac4b96faa8cbf2e40137d0d7de6fe3a2bef44da6cbfc054356adcf7f0a231b046c717fe54", 0x7f}, {&(0x7f0000000b00)="9b11a80b974e60df4aa8901d6aa0b636089fc5d73337e44e3e6f85e35d8e171720", 0x21}], 0x2, 0x0, 0x0, 0x400c800}, 0x4000000)

kernel console output (not intermixed with test programs):

/0x8d0
[  842.154743][T12969]  netlink_sendmsg+0x8d0/0xbf0
[  842.159592][T12969]  ? perf_trace_lock+0x304/0x3b0
[  842.164640][T12969]  ? netlink_getsockopt+0x590/0x590
[  842.169927][T12969]  ? aa_sock_msg_perm+0x94/0x150
[  842.174970][T12969]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  842.180502][T12969]  ? security_socket_sendmsg+0x80/0xa0
[  842.186119][T12969]  ? netlink_getsockopt+0x590/0x590
[  842.191398][T12969]  ____sys_sendmsg+0x5ba/0x960
[  842.196361][T12969]  ? __asan_memset+0x22/0x40
[  842.201160][T12969]  ? __sys_sendmsg_sock+0x30/0x30
[  842.206272][T12969]  ? __import_iovec+0x5f2/0x850
[  842.211219][T12969]  ? import_iovec+0x73/0xa0
[  842.215826][T12969]  ___sys_sendmsg+0x2a6/0x360
[  842.220615][T12969]  ? __sys_sendmsg+0x2a0/0x2a0
[  842.225605][T12969]  __se_sys_sendmsg+0x1c2/0x2b0
[  842.230639][T12969]  ? __x64_sys_sendmsg+0x80/0x80
[  842.235704][T12969]  ? lockdep_hardirqs_on+0x98/0x150
[  842.241014][T12969]  do_syscall_64+0x55/0xb0
[  842.245780][T12969]  ? clear_bhb_loop+0x40/0x90
[  842.246357][T12971] syz.1.2359[12971] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  842.250496][T12969]  ? clear_bhb_loop+0x40/0x90
[  842.250532][T12969]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  842.272616][T12969] RIP: 0033:0x7f9aee59ce59
[  842.276978][T12971] syz.1.2359[12971] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  842.277166][T12969] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  842.277193][T12969] RSP: 002b:00007f9aef4c6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  842.316753][T12969] RAX: ffffffffffffffda RBX: 00007f9aee816090 RCX: 00007f9aee59ce59
[  842.324806][T12969] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[  842.333026][T12969] RBP: 00007f9aee632d6f R08: 0000000000000000 R09: 0000000000000000
[  842.341234][T12969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  842.349246][T12969] R13: 00007f9aee816128 R14: 00007f9aee816090 R15: 00007ffebbe8f358
[  842.357294][T12969]  </TASK>
[  842.437777][T12971] netlink: 'syz.1.2359': attribute type 3 has an invalid length.
[  842.473191][T12971] netlink: 135800 bytes leftover after parsing attributes in process `syz.1.2359'.
[  843.077544][T12980] netlink: 'syz.3.2361': attribute type 10 has an invalid length.
[  843.130163][T12980] team0: Device wg1 is of different type
[  843.201920][T12984] netlink: 'syz.2.2363': attribute type 39 has an invalid length.
[  843.583364][T13002] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2368'.
[  843.909417][T12996] team0 (unregistering): Port device team_slave_0 removed
[  843.956658][T12996] team0 (unregistering): Port device team_slave_1 removed
[  844.027885][T13009] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2370'.
[  844.052673][T13009] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  844.061556][T13009] CPU: 0 PID: 13009 Comm: syz.3.2370 Not tainted syzkaller #0
[  844.069113][T13009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  844.079253][T13009] Call Trace:
[  844.082619][T13009]  <TASK>
[  844.085832][T13009]  dump_stack_lvl+0x18c/0x250
[  844.090612][T13009]  ? show_regs_print_info+0x20/0x20
[  844.096000][T13009]  ? load_image+0x420/0x420
[  844.100629][T13009]  sysfs_warn_dup+0x8e/0xa0
[  844.105217][T13009]  sysfs_do_create_link_sd+0xc0/0x110
[  844.110672][T13009]  device_add_class_symlinks+0x1cf/0x240
[  844.116416][T13009]  device_add+0x507/0xc50
[  844.120840][T13009]  wiphy_register+0x1dad/0x2ae0
[  844.125820][T13009]  ? cfg80211_event_work+0x40/0x40
[  844.131011][T13009]  ? minstrel_ht_alloc+0x88a/0x990
[  844.136204][T13009]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  844.142346][T13009]  ieee80211_register_hw+0x3464/0x4250
[  844.147919][T13009]  ? ieee80211_tasklet_handler+0x20/0x20
[  844.154061][T13009]  ? _raw_spin_unlock_irqrestore+0x111/0x120
[  844.160130][T13009]  ? __debug_object_init+0xec/0x450
[  844.165408][T13009]  ? __asan_memset+0x22/0x40
[  844.170052][T13009]  ? __hrtimer_init+0x186/0x270
[  844.174956][T13009]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  844.180768][T13009]  ? mac80211_hwsim_free+0x220/0x220
[  844.186102][T13009]  ? rcu_is_watching+0x15/0xb0
[  844.190924][T13009]  ? kstrndup+0xbd/0x140
[  844.195228][T13009]  hwsim_new_radio_nl+0xdc9/0x1a90
[  844.200408][T13009]  ? __nla_validate+0x50/0x50
[  844.205160][T13009]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  844.211588][T13009]  ? __nla_parse+0x40/0x50
[  844.216077][T13009]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  844.222772][T13009]  genl_family_rcv_msg_doit+0x211/0x310
[  844.228508][T13009]  ? end_current_label_crit_section+0x170/0x170
[  844.234995][T13009]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  844.240984][T13009]  ? bpf_lsm_capable+0x9/0x10
[  844.245717][T13009]  ? security_capable+0x89/0xb0
[  844.250653][T13009]  genl_rcv_msg+0x619/0x7a0
[  844.255232][T13009]  ? genl_bind+0x360/0x360
[  844.259693][T13009]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  844.266073][T13009]  ? perf_trace_lock+0x304/0x3b0
[  844.271087][T13009]  netlink_rcv_skb+0x241/0x4d0
[  844.275907][T13009]  ? genl_bind+0x360/0x360
[  844.280378][T13009]  ? netlink_ack+0x1180/0x1180
[  844.285211][T13009]  ? __lock_acquire+0x7d40/0x7d40
[  844.290286][T13009]  ? net_generic+0x1e/0x240
[  844.294837][T13009]  ? down_read+0x1ac/0x2e0
[  844.299397][T13009]  genl_rcv+0x28/0x40
[  844.303444][T13009]  netlink_unicast+0x751/0x8d0
[  844.308272][T13009]  netlink_sendmsg+0x8d0/0xbf0
[  844.313090][T13009]  ? perf_trace_lock+0x304/0x3b0
[  844.318103][T13009]  ? netlink_getsockopt+0x590/0x590
[  844.323359][T13009]  ? aa_sock_msg_perm+0x94/0x150
[  844.328349][T13009]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  844.333680][T13009]  ? security_socket_sendmsg+0x80/0xa0
[  844.339175][T13009]  ? netlink_getsockopt+0x590/0x590
[  844.344416][T13009]  ____sys_sendmsg+0x5ba/0x960
[  844.349238][T13009]  ? __asan_memset+0x22/0x40
[  844.353877][T13009]  ? __sys_sendmsg_sock+0x30/0x30
[  844.358939][T13009]  ? __import_iovec+0x5f2/0x850
[  844.363940][T13009]  ? import_iovec+0x73/0xa0
[  844.368493][T13009]  ___sys_sendmsg+0x2a6/0x360
[  844.373236][T13009]  ? __sys_sendmsg+0x2a0/0x2a0
[  844.378084][T13009]  ? trace_call_bpf+0xc3/0x6c0
[  844.382969][T13009]  __se_sys_sendmsg+0x1c2/0x2b0
[  844.387894][T13009]  ? __x64_sys_sendmsg+0x80/0x80
[  844.392913][T13009]  ? lockdep_hardirqs_on+0x98/0x150
[  844.398167][T13009]  do_syscall_64+0x55/0xb0
[  844.402761][T13009]  ? clear_bhb_loop+0x40/0x90
[  844.407510][T13009]  ? clear_bhb_loop+0x40/0x90
[  844.412266][T13009]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  844.418282][T13009] RIP: 0033:0x7f8de6d9ce59
[  844.422770][T13009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  844.442619][T13009] RSP: 002b:00007f8de7be3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  844.451084][T13009] RAX: ffffffffffffffda RBX: 00007f8de7015fa0 RCX: 00007f8de6d9ce59
[  844.459100][T13009] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  844.467135][T13009] RBP: 00007f8de6e32d6f R08: 0000000000000000 R09: 0000000000000000
[  844.475216][T13009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  844.483253][T13009] R13: 00007f8de7016038 R14: 00007f8de7015fa0 R15: 00007ffc5ac6e038
[  844.491316][T13009]  </TASK>
[  844.808640][T13015] validate_nla: 4 callbacks suppressed
[  844.808686][T13015] netlink: 'syz.1.2372': attribute type 2 has an invalid length.
[  844.830863][T13015] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2372'.
[  844.905479][T13020] netlink: 'syz.3.2374': attribute type 39 has an invalid length.
[  845.072293][T13027] netlink: 'syz.3.2376': attribute type 39 has an invalid length.
[  845.222497][T13026] netlink: 'syz.2.2377': attribute type 4 has an invalid length.
[  845.230720][T13026] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2377'.
[  845.548607][T13037] Â: renamed from pim6reg1
[  845.778937][T13042] netlink: 'syz.3.2382': attribute type 10 has an invalid length.
[  845.816987][T13042] team0: Device wg1 is of different type
[  846.108554][ T5779] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  846.118410][ T5779] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  846.127786][ T5779] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  846.144951][ T5779] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  846.160895][ T5779] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  846.169081][ T5779] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  846.203311][T11890] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.277120][T11890] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.336347][T11890] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.402240][T11890] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.455993][T13044] chnl_net:caif_netlink_parms(): no params data found
[  846.663149][T13044] bridge0: port 1(bridge_slave_0) entered blocking state
[  846.670379][T13044] bridge0: port 1(bridge_slave_0) entered disabled state
[  846.713672][T13044] bridge_slave_0: entered allmulticast mode
[  846.721351][T13044] bridge_slave_0: entered promiscuous mode
[  846.795554][T13044] bridge0: port 2(bridge_slave_1) entered blocking state
[  846.814818][T13044] bridge0: port 2(bridge_slave_1) entered disabled state
[  846.842441][T13044] bridge_slave_1: entered allmulticast mode
[  846.884324][T13044] bridge_slave_1: entered promiscuous mode
[  846.954467][T13053] netlink: 'syz.2.2385': attribute type 10 has an invalid length.
[  847.015830][T13055] netlink: 'syz.0.2391': attribute type 10 has an invalid length.
[  847.070295][T13057] netlink: 'syz.3.2383': attribute type 10 has an invalid length.
[  847.496026][T13057] team0 (unregistering): Port device team_slave_0 removed
[  848.252935][T12658] Bluetooth: hci0: command tx timeout
[  849.285831][T13057] team0 (unregistering): Port device team_slave_1 removed
[  849.327620][T13057] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.354836][T13057] team0 (unregistering): Port device bridge0 removed
[  849.425061][T13044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  849.459093][T13044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  849.681739][T13095] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2397'.
[  849.791396][T13044] team0: Port device team_slave_0 added
[  849.821901][T13044] team0: Port device team_slave_1 added
[  849.838333][T13092] netlink: 'syz.3.2390': attribute type 4 has an invalid length.
[  849.884791][T13092] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2390'.
[  850.022255][T13095] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  850.030996][T13095] CPU: 1 PID: 13095 Comm: syz.0.2397 Not tainted syzkaller #0
[  850.038553][T13095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  850.048679][T13095] Call Trace:
[  850.052021][T13095]  <TASK>
[  850.055026][T13095]  dump_stack_lvl+0x18c/0x250
[  850.059792][T13095]  ? show_regs_print_info+0x20/0x20
[  850.065070][T13095]  ? load_image+0x420/0x420
[  850.069665][T13095]  sysfs_warn_dup+0x8e/0xa0
[  850.074238][T13095]  sysfs_do_create_link_sd+0xc0/0x110
[  850.079731][T13095]  device_add_class_symlinks+0x1cf/0x240
[  850.085464][T13095]  device_add+0x507/0xc50
[  850.089902][T13095]  wiphy_register+0x1dad/0x2ae0
[  850.094891][T13095]  ? cfg80211_event_work+0x40/0x40
[  850.100090][T13095]  ? minstrel_ht_alloc+0x88a/0x990
[  850.105318][T13095]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  850.111494][T13095]  ieee80211_register_hw+0x3464/0x4250
[  850.117104][T13095]  ? ieee80211_tasklet_handler+0x20/0x20
[  850.122803][T13095]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  850.128756][T13095]  ? __debug_object_init+0xec/0x450
[  850.134138][T13095]  ? __asan_memset+0x22/0x40
[  850.138783][T13095]  ? __hrtimer_init+0x186/0x270
[  850.143697][T13095]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  850.149510][T13095]  ? mac80211_hwsim_free+0x220/0x220
[  850.154838][T13095]  ? rcu_is_watching+0x15/0xb0
[  850.159648][T13095]  ? kstrndup+0xbd/0x140
[  850.163974][T13095]  hwsim_new_radio_nl+0xdc9/0x1a90
[  850.169196][T13095]  ? __nla_validate+0x50/0x50
[  850.173966][T13095]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  850.180423][T13095]  ? __nla_parse+0x40/0x50
[  850.185010][T13095]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  850.191401][T13095]  genl_family_rcv_msg_doit+0x211/0x310
[  850.196995][T13095]  ? end_current_label_crit_section+0x170/0x170
[  850.203481][T13095]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  850.209449][T13095]  ? bpf_lsm_capable+0x9/0x10
[  850.214184][T13095]  ? security_capable+0x89/0xb0
[  850.219162][T13095]  genl_rcv_msg+0x619/0x7a0
[  850.223733][T13095]  ? genl_bind+0x360/0x360
[  850.228217][T13095]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  850.234619][T13095]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  850.241293][T13095]  netlink_rcv_skb+0x241/0x4d0
[  850.246114][T13095]  ? genl_bind+0x360/0x360
[  850.250575][T13095]  ? netlink_ack+0x1180/0x1180
[  850.255402][T13095]  ? __lock_acquire+0x7d40/0x7d40
[  850.260483][T13095]  ? down_read+0x1ac/0x2e0
[  850.264952][T13095]  genl_rcv+0x28/0x40
[  850.268976][T13095]  netlink_unicast+0x751/0x8d0
[  850.273806][T13095]  netlink_sendmsg+0x8d0/0xbf0
[  850.278608][T13095]  ? perf_trace_lock+0x304/0x3b0
[  850.283787][T13095]  ? netlink_getsockopt+0x590/0x590
[  850.289035][T13095]  ? aa_sock_msg_perm+0x94/0x150
[  850.294046][T13095]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  850.299401][T13095]  ? security_socket_sendmsg+0x80/0xa0
[  850.304912][T13095]  ? netlink_getsockopt+0x590/0x590
[  850.310163][T13095]  ____sys_sendmsg+0x5ba/0x960
[  850.314988][T13095]  ? __asan_memset+0x22/0x40
[  850.319714][T13095]  ? __sys_sendmsg_sock+0x30/0x30
[  850.324787][T13095]  ? __import_iovec+0x5f2/0x850
[  850.329698][T13095]  ? import_iovec+0x73/0xa0
[  850.334350][T13095]  ___sys_sendmsg+0x2a6/0x360
[  850.339094][T13095]  ? __sys_sendmsg+0x2a0/0x2a0
[  850.343938][T13095]  ? debug_mutex_init+0x38/0x70
[  850.348962][T13095]  __se_sys_sendmsg+0x1c2/0x2b0
[  850.353903][T13095]  ? __x64_sys_sendmsg+0x80/0x80
[  850.358981][T13095]  ? lockdep_hardirqs_on+0x98/0x150
[  850.364305][T13095]  do_syscall_64+0x55/0xb0
[  850.368793][T13095]  ? clear_bhb_loop+0x40/0x90
[  850.373518][T13095]  ? clear_bhb_loop+0x40/0x90
[  850.378334][T13095]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  850.384289][T13095] RIP: 0033:0x7f9aee59ce59
[  850.388746][T13095] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  850.408486][T13095] RSP: 002b:00007f9aef4c6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  850.416984][T13095] RAX: ffffffffffffffda RBX: 00007f9aee816090 RCX: 00007f9aee59ce59
[  850.425004][T13095] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[  850.433032][T13095] RBP: 00007f9aee632d6f R08: 0000000000000000 R09: 0000000000000000
[  850.441170][T13095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  850.449547][T13095] R13: 00007f9aee816128 R14: 00007f9aee816090 R15: 00007ffebbe8f358
[  850.457624][T13095]  </TASK>
[  850.474046][T12658] Bluetooth: hci0: command tx timeout
[  850.540113][T13100] FAULT_INJECTION: forcing a failure.
[  850.540113][T13100] name failslab, interval 1, probability 0, space 0, times 0
[  850.552943][T13100] CPU: 1 PID: 13100 Comm: syz.3.2393 Not tainted syzkaller #0
[  850.560465][T13100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  850.570583][T13100] Call Trace:
[  850.573913][T13100]  <TASK>
[  850.576899][T13100]  dump_stack_lvl+0x18c/0x250
[  850.581634][T13100]  ? show_regs_print_info+0x20/0x20
[  850.586893][T13100]  ? load_image+0x420/0x420
[  850.591444][T13100]  ? __might_sleep+0xe0/0xe0
[  850.596091][T13100]  ? __lock_acquire+0x7d40/0x7d40
[  850.601173][T13100]  ? mark_lock+0x94/0x320
[  850.605570][T13100]  should_fail_ex+0x39d/0x4d0
[  850.610327][T13100]  should_failslab+0x9/0x20
[  850.614944][T13100]  slab_pre_alloc_hook+0x59/0x310
[  850.620051][T13100]  ? __get_vm_area_node+0x125/0x370
[  850.625318][T13100]  __kmem_cache_alloc_node+0x53/0x250
[  850.630767][T13100]  ? __get_vm_area_node+0x125/0x370
[  850.636038][T13100]  kmalloc_node_trace+0x26/0xe0
[  850.640962][T13100]  __get_vm_area_node+0x125/0x370
[  850.646070][T13100]  __vmalloc_node_range+0x36e/0x1330
[  850.651602][T13100]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  850.657207][T13100]  ? mark_lock+0x94/0x320
[  850.661643][T13100]  ? __lock_acquire+0x1347/0x7d40
[  850.666735][T13100]  ? verify_lock_unused+0x140/0x140
[  850.672010][T13100]  ? free_vm_area+0x50/0x50
[  850.676622][T13100]  ? end_current_label_crit_section+0x170/0x170
[  850.682977][T13100]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  850.683261][T13044] batman_adv: batadv0: Adding interface: batadv_slave_0
[  850.688561][T13100]  __vmalloc+0x7a/0x90
[  850.688592][T13100]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  850.705251][T13100]  bpf_prog_alloc_no_stats+0x47/0x440
[  850.710696][T13100]  ? bpf_prog_alloc+0x2b/0x1a0
[  850.715540][T13100]  bpf_prog_alloc+0x3d/0x1a0
[  850.720209][T13100]  bpf_prog_load+0x6eb/0x1670
[  850.725059][T13100]  ? map_freeze+0x420/0x420
[  850.727306][T13044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  850.729604][T13100]  ? __might_fault+0xaa/0x120
[  850.760319][T13100]  ? __lock_acquire+0x7d40/0x7d40
[  850.765414][T13100]  ? file_end_write+0x159/0x250
[  850.770337][T13100]  ? __might_fault+0xaa/0x120
[  850.775252][T13100]  ? __might_fault+0xc6/0x120
[  850.779992][T13100]  ? __might_fault+0xaa/0x120
[  850.784756][T13100]  ? bpf_lsm_bpf+0x9/0x10
[  850.789148][T13100]  ? security_bpf+0x7e/0xa0
[  850.793720][T13100]  __sys_bpf+0x5ba/0x890
[  850.798017][T13100]  ? bpf_link_show_fdinfo+0x390/0x390
[  850.803462][T13100]  ? lock_chain_count+0x20/0x20
[  850.808369][T13100]  __x64_sys_bpf+0x7c/0x90
[  850.812827][T13100]  do_syscall_64+0x55/0xb0
[  850.817289][T13100]  ? clear_bhb_loop+0x40/0x90
[  850.821992][T13100]  ? clear_bhb_loop+0x40/0x90
[  850.826698][T13100]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  850.832631][T13100] RIP: 0033:0x7f8de6d9ce59
[  850.837092][T13100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  850.856735][T13100] RSP: 002b:00007f8de7be3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  850.865195][T13100] RAX: ffffffffffffffda RBX: 00007f8de7015fa0 RCX: 00007f8de6d9ce59
[  850.873206][T13100] RDX: 0000000000000094 RSI: 0000200000000d00 RDI: 0000000000000005
[  850.881308][T13100] RBP: 00007f8de7be3090 R08: 0000000000000000 R09: 0000000000000000
[  850.889328][T13100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  850.897331][T13100] R13: 00007f8de7016038 R14: 00007f8de7015fa0 R15: 00007ffc5ac6e038
[  850.905444][T13100]  </TASK>
[  850.909621][T13044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  850.922157][T13100] syz.3.2393: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  850.939397][T13100] CPU: 0 PID: 13100 Comm: syz.3.2393 Not tainted syzkaller #0
[  850.946937][T13100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  850.957122][T13100] Call Trace:
[  850.960427][T13100]  <TASK>
[  850.963386][T13100]  dump_stack_lvl+0x18c/0x250
[  850.968099][T13100]  ? show_regs_print_info+0x20/0x20
[  850.973378][T13100]  ? load_image+0x420/0x420
[  850.977940][T13100]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  850.984414][T13100]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  850.990968][T13100]  warn_alloc+0x246/0x340
[  850.995353][T13100]  ? __get_vm_area_node+0x125/0x370
[  851.000597][T13100]  ? zone_watermark_ok_safe+0x230/0x230
[  851.006202][T13100]  ? rcu_is_watching+0x15/0xb0
[  851.011022][T13100]  ? __get_vm_area_node+0x356/0x370
[  851.016307][T13100]  __vmalloc_node_range+0x393/0x1330
[  851.021659][T13100]  ? mark_lock+0x94/0x320
[  851.026047][T13100]  ? __lock_acquire+0x1347/0x7d40
[  851.031116][T13100]  ? verify_lock_unused+0x140/0x140
[  851.036365][T13100]  ? free_vm_area+0x50/0x50
[  851.040904][T13100]  ? end_current_label_crit_section+0x170/0x170
[  851.047199][T13100]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  851.052782][T13100]  __vmalloc+0x7a/0x90
[  851.056907][T13100]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  851.062481][T13100]  bpf_prog_alloc_no_stats+0x47/0x440
[  851.067967][T13100]  ? bpf_prog_alloc+0x2b/0x1a0
[  851.072784][T13100]  bpf_prog_alloc+0x3d/0x1a0
[  851.077612][T13100]  bpf_prog_load+0x6eb/0x1670
[  851.082357][T13100]  ? map_freeze+0x420/0x420
[  851.086918][T13100]  ? __might_fault+0xaa/0x120
[  851.091754][T13100]  ? __lock_acquire+0x7d40/0x7d40
[  851.096831][T13100]  ? file_end_write+0x159/0x250
[  851.101734][T13100]  ? __might_fault+0xaa/0x120
[  851.106443][T13100]  ? __might_fault+0xc6/0x120
[  851.111157][T13100]  ? __might_fault+0xaa/0x120
[  851.115956][T13100]  ? bpf_lsm_bpf+0x9/0x10
[  851.120336][T13100]  ? security_bpf+0x7e/0xa0
[  851.124916][T13100]  __sys_bpf+0x5ba/0x890
[  851.129195][T13100]  ? bpf_link_show_fdinfo+0x390/0x390
[  851.134634][T13100]  ? lock_chain_count+0x20/0x20
[  851.139557][T13100]  __x64_sys_bpf+0x7c/0x90
[  851.144026][T13100]  do_syscall_64+0x55/0xb0
[  851.148497][T13100]  ? clear_bhb_loop+0x40/0x90
[  851.153206][T13100]  ? clear_bhb_loop+0x40/0x90
[  851.157913][T13100]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  851.163853][T13100] RIP: 0033:0x7f8de6d9ce59
[  851.168294][T13100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  851.187933][T13100] RSP: 002b:00007f8de7be3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  851.196376][T13100] RAX: ffffffffffffffda RBX: 00007f8de7015fa0 RCX: 00007f8de6d9ce59
[  851.204467][T13100] RDX: 0000000000000094 RSI: 0000200000000d00 RDI: 0000000000000005
[  851.212467][T13100] RBP: 00007f8de7be3090 R08: 0000000000000000 R09: 0000000000000000
[  851.220465][T13100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  851.228462][T13100] R13: 00007f8de7016038 R14: 00007f8de7015fa0 R15: 00007ffc5ac6e038
[  851.236476][T13100]  </TASK>
[  851.248298][T13100] Mem-Info:
[  851.251738][T13100] active_anon:5297 inactive_anon:0 isolated_anon:0
[  851.251738][T13100]  active_file:17671 inactive_file:40229 isolated_file:0
[  851.251738][T13100]  unevictable:768 dirty:208 writeback:0
[  851.251738][T13100]  slab_reclaimable:10885 slab_unreclaimable:92408
[  851.251738][T13100]  mapped:24614 shmem:1367 pagetables:506
[  851.251738][T13100]  sec_pagetables:0 bounce:0
[  851.251738][T13100]  kernel_misc_reclaimable:0
[  851.251738][T13100]  free:1343999 free_pcp:9735 free_cma:0
[  851.297466][T13100] Node 0 active_anon:21188kB inactive_anon:0kB active_file:70684kB inactive_file:160712kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98456kB dirty:828kB writeback:0kB shmem:3932kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10604kB pagetables:2024kB sec_pagetables:0kB all_unreclaimable? no
[  851.340813][T13100] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  851.384047][T13100] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  851.416055][T13044] batman_adv: batadv0: Adding interface: batadv_slave_1
[  851.424846][T13044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  851.452134][T13044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  851.467906][T13100] lowmem_reserve[]: 0 2521 2522 2522 2522
[  851.475056][T13100] Node 0 DMA32 free:1467740kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:20952kB inactive_anon:0kB active_file:70684kB inactive_file:159888kB unevictable:1536kB writepending:824kB present:3129332kB managed:2586928kB mlocked:0kB bounce:0kB free_pcp:22460kB local_pcp:1880kB free_cma:0kB
[  851.520073][T13100] lowmem_reserve[]: 0 0 0 0 0
[  851.573318][T13100] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:4kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[  851.631140][T13100] lowmem_reserve[]: 0 0 0 0 0
[  851.636147][T13100] Node 1 Normal free:3892896kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:16640kB local_pcp:3904kB free_cma:0kB
[  851.689225][T13044] hsr_slave_0: entered promiscuous mode
[  851.709351][T13100] lowmem_reserve[]: 0 0 0 0 0
[  851.716743][T13100] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  851.749121][T13044] hsr_slave_1: entered promiscuous mode
[  851.758521][T13044] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  851.769199][T13100] Node 0 DMA32: 2*4kB (UM) 7*8kB (M) 2172*16kB (UME) 871*32kB (UM) 256*64kB (UM) 205*128kB (UME) 79*256kB (UME) 21*512kB (UME) 12*1024kB (UM) 8*2048kB (UM) 318*4096kB (UM) = 1467488kB
[  851.795261][T13044] Cannot create hsr debugfs directory
[  851.838697][T13100] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  851.858836][T13105] netlink: 'syz.0.2394': attribute type 10 has an invalid length.
[  851.868738][T13100] Node 1 Normal: 260*4kB (UME) 72*8kB (UME) 49*16kB (UME) 188*32kB (UME) 57*64kB (UME) 9*128kB (UME) 1*256kB (M) 1*512kB (U) 2*1024kB (UE) 1*2048kB (E) 946*4096kB (M) = 3892896kB
[  851.901570][T13103] netlink: 'syz.2.2395': attribute type 10 has an invalid length.
[  851.913086][T13100] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  851.949435][T13100] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  851.972204][T13100] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  852.016240][T13100] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  852.038421][T13100] 59267 total pagecache pages
[  852.049538][T13100] 0 pages in swap cache
[  852.061488][T13100] Free swap  = 124996kB
[  852.065889][T13100] Total swap = 124996kB
[  852.070100][T13100] 2097051 pages RAM
[  852.074087][T13100] 0 pages HighMem/MovableOnly
[  852.078803][T13100] 416933 pages reserved
[  852.099294][T13100] 0 pages cma reserved
[  852.483284][T12658] Bluetooth: hci0: command tx timeout
[  853.463545][T13136] netlink: 'syz.0.2401': attribute type 4 has an invalid length.
[  853.471471][T13136] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2401'.
[  853.889974][T13147] netlink: 'syz.0.2402': attribute type 2 has an invalid length.
[  853.915796][T13147] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2402'.
[  854.137337][T13155] FAULT_INJECTION: forcing a failure.
[  854.137337][T13155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  854.176931][T13155] CPU: 0 PID: 13155 Comm: syz.2.2404 Not tainted syzkaller #0
[  854.184488][T13155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  854.194616][T13155] Call Trace:
[  854.197962][T13155]  <TASK>
[  854.200959][T13155]  dump_stack_lvl+0x18c/0x250
[  854.205718][T13155]  ? show_regs_print_info+0x20/0x20
[  854.210987][T13155]  ? load_image+0x420/0x420
[  854.215564][T13155]  ? __might_fault+0xaa/0x120
[  854.220311][T13155]  ? __lock_acquire+0x7d40/0x7d40
[  854.225415][T13155]  should_fail_ex+0x39d/0x4d0
[  854.230167][T13155]  _copy_to_iter+0x1ce/0x1120
[  854.234925][T13155]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  854.240928][T13155]  ? lockdep_hardirqs_on+0x98/0x150
[  854.246210][T13155]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  854.252168][T13155]  ? _raw_spin_unlock+0x40/0x40
[  854.257081][T13155]  ? iov_iter_init+0x1e0/0x1e0
[  854.261917][T13155]  ? __virt_addr_valid+0x18c/0x540
[  854.267109][T13155]  ? __virt_addr_valid+0x469/0x540
[  854.272374][T13155]  ? __phys_addr_symbol+0x2f/0x70
[  854.277475][T13155]  __skb_datagram_iter+0x2ff/0x780
[  854.282646][T13155]  ? skb_copy_datagram_iter+0x200/0x200
[  854.288344][T13155]  skb_copy_datagram_iter+0xb1/0x200
[  854.293693][T13155]  rawv6_recvmsg+0x487/0xce0
[  854.298365][T13155]  ? rawv6_sendmsg+0x1770/0x1770
[  854.303370][T13155]  ? aa_sk_perm+0x83c/0x970
[  854.307930][T13155]  ? verify_lock_unused+0x140/0x140
[  854.313243][T13155]  sock_common_recvmsg+0xfa/0x190
[  854.318337][T13155]  ? sock_common_getsockopt+0xb0/0xb0
[  854.323775][T13155]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  854.329210][T13155]  ? security_socket_recvmsg+0x89/0xb0
[  854.334731][T13155]  ? sock_common_getsockopt+0xb0/0xb0
[  854.340263][T13155]  ____sys_recvmsg+0x2ce/0x5e0
[  854.345123][T13155]  ? __sys_recvmsg_sock+0x50/0x50
[  854.350242][T13155]  ? import_iovec+0x73/0xa0
[  854.354834][T13155]  ___sys_recvmsg+0x216/0x590
[  854.359599][T13155]  ? __sys_recvmsg+0x2a0/0x2a0
[  854.364444][T13155]  ? ksys_write+0x1c4/0x260
[  854.369038][T13155]  ? __fget_files+0x43d/0x4b0
[  854.373829][T13155]  __x64_sys_recvmsg+0x20c/0x2e0
[  854.378854][T13155]  ? ___sys_recvmsg+0x590/0x590
[  854.383799][T13155]  ? lockdep_hardirqs_on+0x98/0x150
[  854.389170][T13155]  do_syscall_64+0x55/0xb0
[  854.393655][T13155]  ? clear_bhb_loop+0x40/0x90
[  854.398382][T13155]  ? clear_bhb_loop+0x40/0x90
[  854.403117][T13155]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  854.409107][T13155] RIP: 0033:0x7fb2f979ce59
[  854.413583][T13155] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  854.433256][T13155] RSP: 002b:00007fb2fa62b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  854.441749][T13155] RAX: ffffffffffffffda RBX: 00007fb2f9a15fa0 RCX: 00007fb2f979ce59
[  854.449781][T13155] RDX: 0000000000000040 RSI: 0000200000001a00 RDI: 0000000000000003
[  854.457819][T13155] RBP: 00007fb2fa62b090 R08: 0000000000000000 R09: 0000000000000000
[  854.465853][T13155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.473883][T13155] R13: 00007fb2f9a16038 R14: 00007fb2f9a15fa0 R15: 00007ffe919e6fb8
[  854.481929][T13155]  </TASK>
[  854.563647][T12658] Bluetooth: hci0: command tx timeout
[  854.734869][T13162] netlink: 'syz.3.2405': attribute type 10 has an invalid length.
[  854.776606][T13044] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  854.818615][T13044] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  854.842232][T11890] veth0_to_team: left allmulticast mode
[  854.860898][T11890] veth0_to_team: left promiscuous mode
[  854.868507][T11890] Ÿë
: port 1(veth0_to_team) entered disabled state
[  854.895819][T11890] hsr_slave_0: left promiscuous mode
[  854.902246][T11890] bridge_slave_1: left allmulticast mode
[  854.908624][T11890] bridge_slave_1: left promiscuous mode
[  854.923228][T11890] bridge0: port 2(bridge_slave_1) entered disabled state
[  854.950798][T11890] bridge_slave_0: left allmulticast mode
[  854.958435][T11890] bridge_slave_0: left promiscuous mode
[  854.973676][T11890] bridge0: port 1(bridge_slave_0) entered disabled state
[  855.012393][T11890] veth1_macvtap: left allmulticast mode
[  855.018795][T11890] veth1_macvtap: left promiscuous mode
[  855.029080][T11890] veth0_macvtap: left promiscuous mode
[  855.587141][T11890] team0 (unregistering): Port device team_slave_1 removed
[  855.635011][T11890] team0 (unregistering): Port device team_slave_0 removed
[  856.002308][T11890] team0 (unregistering): Port device bridge0 removed
[  856.132344][T13044] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  856.151345][T13164] netlink: 'syz.2.2406': attribute type 10 has an invalid length.
[  856.171142][T13166] netlink: 'syz.0.2407': attribute type 10 has an invalid length.
[  856.214996][T13174] netlink: 'syz.3.2409': attribute type 4 has an invalid length.
[  856.263953][T13174] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2409'.
[  856.311984][T13044] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  856.709512][T13044] 8021q: adding VLAN 0 to HW filter on device bond0
[  856.823536][T13044] 8021q: adding VLAN 0 to HW filter on device team0
[  856.864955][T11923] bridge0: port 1(bridge_slave_0) entered blocking state
[  856.872227][T11923] bridge0: port 1(bridge_slave_0) entered forwarding state
[  856.963164][T11923] bridge0: port 2(bridge_slave_1) entered blocking state
[  856.971328][T11923] bridge0: port 2(bridge_slave_1) entered forwarding state
[  857.219104][T13044] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  857.239868][T13044] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  858.956623][T13198] netlink: 'syz.3.2413': attribute type 2 has an invalid length.
[  858.993346][T13198] netlink: 1045 bytes leftover after parsing attributes in process `syz.3.2413'.
[  859.279131][T13044] 8021q: adding VLAN 0 to HW filter on device batadv0
[  859.489469][T13044] veth0_vlan: entered promiscuous mode
[  859.508144][T13044] veth1_vlan: entered promiscuous mode
[  859.666525][T13044] veth0_macvtap: entered promiscuous mode
[  859.677676][T13044] veth1_macvtap: entered promiscuous mode
[  859.703609][T13044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  859.714497][T13044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  859.724880][T13044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  859.736361][T13044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  859.750288][T13044] batman_adv: batadv0: Interface activated: batadv_slave_0
[  859.766270][T13044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  859.785564][T13044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  859.798055][T13044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  859.809276][T13044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  859.838124][T13044] batman_adv: batadv0: Interface activated: batadv_slave_1
[  859.861732][T13044] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  859.890653][T13044] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  859.903580][T13044] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  859.912455][T13044] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  859.984210][T13212] netlink: 'syz.3.2414': attribute type 2 has an invalid length.
[  860.010469][T13212] netlink: 1045 bytes leftover after parsing attributes in process `syz.3.2414'.
[  860.198156][T13213] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2415'.
[  860.215493][T13213] netlink: 'syz.2.2415': attribute type 28 has an invalid length.
[  860.239941][T11913] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  860.249597][T13213] netlink: 'syz.2.2415': attribute type 29 has an invalid length.
[  860.273844][T11913] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  860.283598][T13213] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2415'.
[  860.442416][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  860.473201][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  860.707859][T13228] netlink: 'syz.1.2381': attribute type 2 has an invalid length.
[  860.724810][T13228] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2381'.
[  861.616738][ T5774] .`: (slave syz_tun): Releasing backup interface
[  861.799672][ T5779] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  861.809626][ T5779] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  861.818349][ T5779] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  861.830892][ T5779] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  861.840912][ T5779] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  861.850275][ T5779] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  861.892228][T13246] netlink: 'syz.1.2418': attribute type 10 has an invalid length.
[  862.019957][T13246] team0: Device wg1 is of different type
[  862.378272][T13257] netlink: 'syz.0.2419': attribute type 4 has an invalid length.
[  862.415878][T13257] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2419'.
[  862.496995][T11916] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.709325][T11916] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.801454][T11916] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.846116][T13248] chnl_net:caif_netlink_parms(): no params data found
[  862.968586][T11916] .`: (slave netdevsim0): Releasing backup interface
[  863.002097][T11916] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  863.142004][T13248] bridge0: port 1(bridge_slave_0) entered blocking state
[  863.182408][T13248] bridge0: port 1(bridge_slave_0) entered disabled state
[  863.232178][T13248] bridge_slave_0: entered allmulticast mode
[  863.286097][T13248] bridge_slave_0: entered promiscuous mode
[  863.327851][T13248] bridge0: port 2(bridge_slave_1) entered blocking state
[  863.365232][T13248] bridge0: port 2(bridge_slave_1) entered disabled state
[  863.396637][T13248] bridge_slave_1: entered allmulticast mode
[  863.416950][T13248] bridge_slave_1: entered promiscuous mode
[  863.474922][T13292] netlink: 'syz.2.2426': attribute type 2 has an invalid length.
[  863.503239][T13292] netlink: 1045 bytes leftover after parsing attributes in process `syz.2.2426'.
[  863.584272][T13248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  863.641921][T13248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  863.825226][T13248] team0: Port device team_slave_0 added
[  863.872637][T13248] team0: Port device team_slave_1 added
[  863.933080][ T5779] Bluetooth: hci3: command tx timeout
[  864.151663][T13248] batman_adv: batadv0: Adding interface: batadv_slave_0
[  864.162510][T13248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  864.200945][T13248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  864.221998][T13248] batman_adv: batadv0: Adding interface: batadv_slave_1
[  864.229549][T13248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  864.282942][T13248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  864.440379][T13307] netlink: 'syz.0.2435': attribute type 2 has an invalid length.
[  864.466433][T13307] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2435'.
[  864.715937][T13248] hsr_slave_0: entered promiscuous mode
[  864.738749][T13248] hsr_slave_1: entered promiscuous mode
[  864.750838][T13248] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  864.760740][T13248] Cannot create hsr debugfs directory
[  865.812613][T13328] netlink: 'syz.0.2428': attribute type 4 has an invalid length.
[  865.854398][T13328] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2428'.
[  866.003423][ T5779] Bluetooth: hci3: command tx timeout
[  866.140097][T13335] netlink: 'syz.2.2429': attribute type 10 has an invalid length.
[  866.396754][T11916] bridge_slave_0: left allmulticast mode
[  866.410816][T11916] bridge_slave_0: left promiscuous mode
[  866.430240][T11916] bridge0: port 1(bridge_slave_0) entered disabled state
[  866.481572][T11916] veth0_macvtap: left promiscuous mode
[  866.491580][T11916] veth1_vlan: left promiscuous mode
[  868.083885][ T5779] Bluetooth: hci3: command tx timeout
[  869.587129][T13362] FAULT_INJECTION: forcing a failure.
[  869.587129][T13362] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  869.600494][T13362] CPU: 0 PID: 13362 Comm: syz.1.2438 Not tainted syzkaller #0
[  869.608031][T13362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  869.618150][T13362] Call Trace:
[  869.621483][T13362]  <TASK>
[  869.624470][T13362]  dump_stack_lvl+0x18c/0x250
[  869.629214][T13362]  ? show_regs_print_info+0x20/0x20
[  869.634477][T13362]  ? load_image+0x420/0x420
[  869.639044][T13362]  ? __lock_acquire+0x7d40/0x7d40
[  869.644129][T13362]  ? snprintf+0xe9/0x140
[  869.648441][T13362]  should_fail_ex+0x39d/0x4d0
[  869.653191][T13362]  _copy_to_user+0x2f/0xa0
[  869.657671][T13362]  simple_read_from_buffer+0xe7/0x150
[  869.663107][T13362]  proc_fail_nth_read+0x1e8/0x260
[  869.668190][T13362]  ? proc_fault_inject_write+0x360/0x360
[  869.673895][T13362]  ? fsnotify_perm+0x271/0x5e0
[  869.678688][T13362]  ? proc_fault_inject_write+0x360/0x360
[  869.684368][T13362]  vfs_read+0x28b/0x970
[  869.688562][T13362]  ? kernel_read+0x1e0/0x1e0
[  869.693198][T13362]  ? __fget_files+0x28/0x4b0
[  869.697828][T13362]  ? __fget_files+0x28/0x4b0
[  869.702454][T13362]  ? __fget_files+0x43d/0x4b0
[  869.707172][T13362]  ? __fdget_pos+0x2a3/0x330
[  869.711807][T13362]  ? ksys_read+0x75/0x260
[  869.716180][T13362]  ksys_read+0x150/0x260
[  869.720483][T13362]  ? vfs_write+0x990/0x990
[  869.725226][T13362]  ? lockdep_hardirqs_on+0x98/0x150
[  869.730517][T13362]  do_syscall_64+0x55/0xb0
[  869.734976][T13362]  ? clear_bhb_loop+0x40/0x90
[  869.739690][T13362]  ? clear_bhb_loop+0x40/0x90
[  869.744396][T13362]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  869.750326][T13362] RIP: 0033:0x7f7f9eb5d68e
[  869.754775][T13362] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  869.774424][T13362] RSP: 002b:00007f7f9fa90fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  869.782877][T13362] RAX: ffffffffffffffda RBX: 00007f7f9fa916c0 RCX: 00007f7f9eb5d68e
[  869.790900][T13362] RDX: 000000000000000f RSI: 00007f7f9fa910a0 RDI: 0000000000000005
[  869.798905][T13362] RBP: 00007f7f9fa91090 R08: 0000000000000000 R09: 0000000000000000
[  869.806923][T13362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  869.814930][T13362] R13: 00007f7f9ee16038 R14: 00007f7f9ee15fa0 R15: 00007ffeb33a4a78
[  869.823120][T13362]  </TASK>
[  869.893898][T13365] netlink: 'syz.2.2437': attribute type 2 has an invalid length.
[  869.901808][T13365] netlink: 1045 bytes leftover after parsing attributes in process `syz.2.2437'.
[  870.060113][T11916] .` (unregistering): (slave macvlan0): Releasing backup interface
[  870.173923][ T5779] Bluetooth: hci3: command tx timeout
[  870.416891][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  870.426117][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  870.787622][T11916] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  870.881854][T11916] .` (unregistering): (slave bridge_slave_1): Releasing backup interface
[  871.082515][T11916] .` (unregistering): Released all slaves
[  871.187710][T13248] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  871.198588][T13248] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  871.218027][T13369] netlink: 'syz.1.2439': attribute type 4 has an invalid length.
[  871.243809][T13369] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2439'.
[  871.283410][T13369] .`: renamed from bond0 (while UP)
[  871.320195][T13248] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  871.366993][T13248] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  871.496932][T13374] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2440'.
[  871.532228][T13374] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  871.546332][T13374] CPU: 1 PID: 13374 Comm: syz.2.2440 Not tainted syzkaller #0
[  871.553940][T13374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  871.564154][T13374] Call Trace:
[  871.567563][T13374]  <TASK>
[  871.570530][T13374]  dump_stack_lvl+0x18c/0x250
[  871.575264][T13374]  ? show_regs_print_info+0x20/0x20
[  871.580513][T13374]  ? load_image+0x420/0x420
[  871.585084][T13374]  sysfs_warn_dup+0x8e/0xa0
[  871.589628][T13374]  sysfs_do_create_link_sd+0xc0/0x110
[  871.595063][T13374]  device_add_class_symlinks+0x1cf/0x240
[  871.600750][T13374]  device_add+0x507/0xc50
[  871.605175][T13374]  wiphy_register+0x1dad/0x2ae0
[  871.610197][T13374]  ? cfg80211_event_work+0x40/0x40
[  871.615361][T13374]  ? minstrel_ht_alloc+0x88a/0x990
[  871.620541][T13374]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  871.626679][T13374]  ieee80211_register_hw+0x3464/0x4250
[  871.632238][T13374]  ? ieee80211_tasklet_handler+0x20/0x20
[  871.638014][T13374]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  871.643999][T13374]  ? __debug_object_init+0xec/0x450
[  871.649259][T13374]  ? __asan_memset+0x22/0x40
[  871.654024][T13374]  ? __hrtimer_init+0x186/0x270
[  871.658920][T13374]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  871.664742][T13374]  ? mac80211_hwsim_free+0x220/0x220
[  871.670069][T13374]  ? rcu_is_watching+0x15/0xb0
[  871.674886][T13374]  ? kstrndup+0xbd/0x140
[  871.679199][T13374]  hwsim_new_radio_nl+0xdc9/0x1a90
[  871.684371][T13374]  ? __nla_validate+0x50/0x50
[  871.689138][T13374]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  871.695589][T13374]  ? __nla_parse+0x40/0x50
[  871.700232][T13374]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  871.706641][T13374]  genl_family_rcv_msg_doit+0x211/0x310
[  871.712238][T13374]  ? end_current_label_crit_section+0x170/0x170
[  871.718559][T13374]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  871.724713][T13374]  ? bpf_lsm_capable+0x9/0x10
[  871.729453][T13374]  ? security_capable+0x89/0xb0
[  871.734369][T13374]  genl_rcv_msg+0x619/0x7a0
[  871.738941][T13374]  ? genl_bind+0x360/0x360
[  871.743402][T13374]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  871.749775][T13374]  ? perf_trace_lock+0x304/0x3b0
[  871.754806][T13374]  netlink_rcv_skb+0x241/0x4d0
[  871.759620][T13374]  ? genl_bind+0x360/0x360
[  871.764081][T13374]  ? netlink_ack+0x1180/0x1180
[  871.768912][T13374]  ? __lock_acquire+0x7d40/0x7d40
[  871.773979][T13374]  ? net_generic+0x1e/0x240
[  871.778525][T13374]  ? down_read+0x1ac/0x2e0
[  871.782990][T13374]  genl_rcv+0x28/0x40
[  871.787049][T13374]  netlink_unicast+0x751/0x8d0
[  871.791879][T13374]  netlink_sendmsg+0x8d0/0xbf0
[  871.796698][T13374]  ? perf_trace_lock+0x304/0x3b0
[  871.801717][T13374]  ? netlink_getsockopt+0x590/0x590
[  871.807137][T13374]  ? aa_sock_msg_perm+0x94/0x150
[  871.812124][T13374]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  871.817461][T13374]  ? security_socket_sendmsg+0x80/0xa0
[  871.823055][T13374]  ? netlink_getsockopt+0x590/0x590
[  871.828311][T13374]  ____sys_sendmsg+0x5ba/0x960
[  871.833137][T13374]  ? __asan_memset+0x22/0x40
[  871.837773][T13374]  ? __sys_sendmsg_sock+0x30/0x30
[  871.842936][T13374]  ? __import_iovec+0x5f2/0x850
[  871.847842][T13374]  ? import_iovec+0x73/0xa0
[  871.852474][T13374]  ___sys_sendmsg+0x2a6/0x360
[  871.857210][T13374]  ? __sys_sendmsg+0x2a0/0x2a0
[  871.862124][T13374]  __se_sys_sendmsg+0x1c2/0x2b0
[  871.867055][T13374]  ? __x64_sys_sendmsg+0x80/0x80
[  871.872065][T13374]  ? lockdep_hardirqs_on+0x98/0x150
[  871.877322][T13374]  do_syscall_64+0x55/0xb0
[  871.881785][T13374]  ? clear_bhb_loop+0x40/0x90
[  871.886499][T13374]  ? clear_bhb_loop+0x40/0x90
[  871.891224][T13374]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  871.897179][T13374] RIP: 0033:0x7fb2f979ce59
[  871.901632][T13374] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  871.921696][T13374] RSP: 002b:00007fb2fa60a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  871.930174][T13374] RAX: ffffffffffffffda RBX: 00007fb2f9a16090 RCX: 00007fb2f979ce59
[  871.938190][T13374] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[  871.946294][T13374] RBP: 00007fb2f9832d6f R08: 0000000000000000 R09: 0000000000000000
[  871.954306][T13374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  871.962310][T13374] R13: 00007fb2f9a16128 R14: 00007fb2f9a16090 R15: 00007ffe919e6fb8
[  871.970348][T13374]  </TASK>
[  872.146459][T13248] 8021q: adding VLAN 0 to HW filter on device bond0
[  872.199801][T13248] 8021q: adding VLAN 0 to HW filter on device team0
[  872.221598][T11923] bridge0: port 1(bridge_slave_0) entered blocking state
[  872.228989][T11923] bridge0: port 1(bridge_slave_0) entered forwarding state
[  872.285733][T11923] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.293006][T11923] bridge0: port 2(bridge_slave_1) entered forwarding state
[  872.326149][T13385] FAULT_INJECTION: forcing a failure.
[  872.326149][T13385] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  872.369950][T13385] CPU: 0 PID: 13385 Comm: syz.0.2448 Not tainted syzkaller #0
[  872.377507][T13385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  872.387621][T13385] Call Trace:
[  872.390957][T13385]  <TASK>
[  872.393925][T13385]  dump_stack_lvl+0x18c/0x250
[  872.398662][T13385]  ? show_regs_print_info+0x20/0x20
[  872.404264][T13385]  ? load_image+0x420/0x420
[  872.408816][T13385]  ? __might_fault+0xaa/0x120
[  872.413543][T13385]  ? __lock_acquire+0x7d40/0x7d40
[  872.418637][T13385]  should_fail_ex+0x39d/0x4d0
[  872.423395][T13385]  _copy_to_user+0x2f/0xa0
[  872.427858][T13385]  bpf_test_finish+0x4e7/0x650
[  872.432665][T13385]  ? dst_hold+0x70/0x70
[  872.436955][T13385]  ? convert_skb_to___skb+0x420/0x420
[  872.442458][T13385]  ? _copy_from_user+0x41/0xe0
[  872.447263][T13385]  ? rep_movs_alternative+0x4a/0x90
[  872.452505][T13385]  bpf_prog_test_run_xdp+0x8a9/0x10e0
[  872.457932][T13385]  ? dev_put+0x80/0x80
[  872.462048][T13385]  ? dev_put+0x80/0x80
[  872.466157][T13385]  bpf_prog_test_run+0x321/0x390
[  872.471133][T13385]  __sys_bpf+0x49d/0x890
[  872.475407][T13385]  ? bpf_link_show_fdinfo+0x390/0x390
[  872.480824][T13385]  ? lock_chain_count+0x20/0x20
[  872.485716][T13385]  __x64_sys_bpf+0x7c/0x90
[  872.490183][T13385]  do_syscall_64+0x55/0xb0
[  872.494630][T13385]  ? clear_bhb_loop+0x40/0x90
[  872.499336][T13385]  ? clear_bhb_loop+0x40/0x90
[  872.504052][T13385]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  872.509994][T13385] RIP: 0033:0x7f9aee59ce59
[  872.514446][T13385] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  872.534089][T13385] RSP: 002b:00007f9aef4e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  872.542551][T13385] RAX: ffffffffffffffda RBX: 00007f9aee815fa0 RCX: 00007f9aee59ce59
[  872.550589][T13385] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  872.558613][T13385] RBP: 00007f9aef4e7090 R08: 0000000000000000 R09: 0000000000000000
[  872.566615][T13385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  872.574612][T13385] R13: 00007f9aee816038 R14: 00007f9aee815fa0 R15: 00007ffebbe8f358
[  872.582631][T13385]  </TASK>
[  872.646392][T13389] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2449'.
[  873.041677][T13395] netlink: 'syz.0.2442': attribute type 10 has an invalid length.
[  873.327132][T13248] 8021q: adding VLAN 0 to HW filter on device batadv0
[  873.416032][T13248] veth0_vlan: entered promiscuous mode
[  873.436297][T13248] veth1_vlan: entered promiscuous mode
[  873.520401][T13248] veth0_macvtap: entered promiscuous mode
[  873.548895][T13248] veth1_macvtap: entered promiscuous mode
[  873.566404][T13408] netlink: 'syz.1.2444': attribute type 10 has an invalid length.
[  873.601402][T13408] team0: Device wg1 is of different type
[  873.694155][T13248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  873.704950][T13248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  873.718040][T13248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  873.729152][T13248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  873.739588][T13248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  873.768203][T13248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  873.798477][T13248] batman_adv: batadv0: Interface activated: batadv_slave_0
[  873.838302][T13248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  873.862796][T13248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  873.881401][T13248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  873.892040][T13248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  873.902794][T13248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  873.913907][T13248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  873.942255][T13248] batman_adv: batadv0: Interface activated: batadv_slave_1
[  873.972440][T13413] netlink: 'syz.0.2446': attribute type 2 has an invalid length.
[  873.986223][T13413] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2446'.
[  874.001633][T13248] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  874.018425][T13248] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  874.039290][T13248] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  874.048773][T13248] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  876.783661][T13418] netlink: 'syz.1.2447': attribute type 2 has an invalid length.
[  876.792607][T13418] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2447'.
[  876.814919][T11923] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  876.833361][T11923] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  876.908543][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  876.921062][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  877.393321][T13433] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2454'.
[  877.430939][T13433] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  877.473256][T13433] CPU: 0 PID: 13433 Comm: syz.0.2454 Not tainted syzkaller #0
[  877.480851][T13433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  877.491086][T13433] Call Trace:
[  877.494439][T13433]  <TASK>
[  877.497456][T13433]  dump_stack_lvl+0x18c/0x250
[  877.502331][T13433]  ? show_regs_print_info+0x20/0x20
[  877.507629][T13433]  ? load_image+0x420/0x420
[  877.512532][T13433]  sysfs_warn_dup+0x8e/0xa0
[  877.517124][T13433]  sysfs_do_create_link_sd+0xc0/0x110
[  877.522597][T13433]  device_add_class_symlinks+0x1cf/0x240
[  877.528343][T13433]  device_add+0x507/0xc50
[  877.532786][T13433]  wiphy_register+0x1dad/0x2ae0
[  877.537797][T13433]  ? cfg80211_event_work+0x40/0x40
[  877.543012][T13433]  ? minstrel_ht_alloc+0x88a/0x990
[  877.548239][T13433]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  877.554416][T13433]  ieee80211_register_hw+0x3464/0x4250
[  877.560032][T13433]  ? ieee80211_tasklet_handler+0x20/0x20
[  877.565754][T13433]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  877.571753][T13433]  ? __debug_object_init+0xec/0x450
[  877.577041][T13433]  ? __asan_memset+0x22/0x40
[  877.581709][T13433]  ? __hrtimer_init+0x186/0x270
[  877.586635][T13433]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  877.592491][T13433]  ? mac80211_hwsim_free+0x220/0x220
[  877.597838][T13433]  ? rcu_is_watching+0x15/0xb0
[  877.602701][T13433]  ? kstrndup+0xbd/0x140
[  877.607041][T13433]  hwsim_new_radio_nl+0xdc9/0x1a90
[  877.612229][T13433]  ? __nla_validate+0x50/0x50
[  877.616989][T13433]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  877.623412][T13433]  ? __nla_parse+0x40/0x50
[  877.627885][T13433]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  877.634304][T13433]  genl_family_rcv_msg_doit+0x211/0x310
[  877.639910][T13433]  ? end_current_label_crit_section+0x170/0x170
[  877.646222][T13433]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  877.652192][T13433]  ? bpf_lsm_capable+0x9/0x10
[  877.656933][T13433]  ? security_capable+0x89/0xb0
[  877.661885][T13433]  genl_rcv_msg+0x619/0x7a0
[  877.666470][T13433]  ? genl_bind+0x360/0x360
[  877.670975][T13433]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  877.677370][T13433]  ? perf_trace_lock+0x304/0x3b0
[  877.682393][T13433]  netlink_rcv_skb+0x241/0x4d0
[  877.687216][T13433]  ? genl_bind+0x360/0x360
[  877.691714][T13433]  ? netlink_ack+0x1180/0x1180
[  877.696559][T13433]  ? __lock_acquire+0x7d40/0x7d40
[  877.701657][T13433]  ? down_read+0x1ac/0x2e0
[  877.706151][T13433]  genl_rcv+0x28/0x40
[  877.710281][T13433]  netlink_unicast+0x751/0x8d0
[  877.715121][T13433]  netlink_sendmsg+0x8d0/0xbf0
[  877.720019][T13433]  ? perf_trace_lock+0x304/0x3b0
[  877.725037][T13433]  ? netlink_getsockopt+0x590/0x590
[  877.730298][T13433]  ? aa_sock_msg_perm+0x94/0x150
[  877.735306][T13433]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  877.740645][T13433]  ? security_socket_sendmsg+0x80/0xa0
[  877.746172][T13433]  ? netlink_getsockopt+0x590/0x590
[  877.751432][T13433]  ____sys_sendmsg+0x5ba/0x960
[  877.756269][T13433]  ? __asan_memset+0x22/0x40
[  877.760927][T13433]  ? __sys_sendmsg_sock+0x30/0x30
[  877.766021][T13433]  ? __import_iovec+0x5f2/0x850
[  877.770950][T13433]  ? import_iovec+0x73/0xa0
[  877.775515][T13433]  ___sys_sendmsg+0x2a6/0x360
[  877.780271][T13433]  ? __sys_sendmsg+0x2a0/0x2a0
[  877.785227][T13433]  __se_sys_sendmsg+0x1c2/0x2b0
[  877.790153][T13433]  ? __x64_sys_sendmsg+0x80/0x80
[  877.795183][T13433]  ? lockdep_hardirqs_on+0x98/0x150
[  877.800456][T13433]  do_syscall_64+0x55/0xb0
[  877.804933][T13433]  ? clear_bhb_loop+0x40/0x90
[  877.809662][T13433]  ? clear_bhb_loop+0x40/0x90
[  877.814492][T13433]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  877.820447][T13433] RIP: 0033:0x7f9aee59ce59
[  877.824918][T13433] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  877.844628][T13433] RSP: 002b:00007f9aef4c6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  877.853204][T13433] RAX: ffffffffffffffda RBX: 00007f9aee816090 RCX: 00007f9aee59ce59
[  877.861241][T13433] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[  877.869454][T13433] RBP: 00007f9aee632d6f R08: 0000000000000000 R09: 0000000000000000
[  877.877485][T13433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  877.885605][T13433] R13: 00007f9aee816128 R14: 00007f9aee816090 R15: 00007ffebbe8f358
[  877.893689][T13433]  </TASK>
[  878.301041][T12658] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  878.313714][T12658] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  878.323886][T12658] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  878.333079][T12658] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  878.341603][T12658] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  878.354614][T12658] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  880.414824][ T5779] Bluetooth: hci2: command tx timeout
[  881.449011][T11923] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.487547][T13439] netlink: 'syz.1.2456': attribute type 10 has an invalid length.
[  881.506866][T13439] team0: Device wg1 is of different type
[  881.674616][T11923] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.781324][T11923] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.871526][T11923] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.051998][T13437] chnl_net:caif_netlink_parms(): no params data found
[  882.274996][T13461] netlink: 'syz.1.2461': attribute type 10 has an invalid length.
[  882.483011][ T5779] Bluetooth: hci2: command tx timeout
[  884.562897][ T5779] Bluetooth: hci2: command tx timeout
[  885.203230][T13461] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  885.245674][T13459] netlink: 'syz.3.2460': attribute type 10 has an invalid length.
[  885.346961][T13459] team0: Device wg1 is of different type
[  885.378118][T13482] netlink: 'syz.1.2463': attribute type 2 has an invalid length.
[  885.386272][T13482] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2463'.
[  885.867372][T13437] bridge0: port 1(bridge_slave_0) entered blocking state
[  885.881377][T13437] bridge0: port 1(bridge_slave_0) entered disabled state
[  885.903045][T13437] bridge_slave_0: entered allmulticast mode
[  885.929618][T13437] bridge_slave_0: entered promiscuous mode
[  886.057595][T13437] bridge0: port 2(bridge_slave_1) entered blocking state
[  886.078457][T13437] bridge0: port 2(bridge_slave_1) entered disabled state
[  886.098614][T13437] bridge_slave_1: entered allmulticast mode
[  886.114528][T13437] bridge_slave_1: entered promiscuous mode
[  886.350890][T13437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  886.385457][T13437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  886.642949][ T5779] Bluetooth: hci2: command tx timeout
[  886.751158][T13437] team0: Port device team_slave_0 added
[  886.780898][T13437] team0: Port device team_slave_1 added
[  886.853529][T13505] netlink: 'syz.3.2469': attribute type 10 has an invalid length.
[  886.899755][T13505] team0: Device wg1 is of different type
[  887.098114][T13437] batman_adv: batadv0: Adding interface: batadv_slave_0
[  887.109328][T13437] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  887.152796][T13437] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  887.262370][T13437] batman_adv: batadv0: Adding interface: batadv_slave_1
[  887.282982][T13437] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  887.353184][T13437] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  887.378935][T13516] netlink: 'syz.1.2470': attribute type 4 has an invalid length.
[  887.397664][T13516] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2470'.
[  887.780460][T13437] hsr_slave_0: entered promiscuous mode
[  887.818020][T13437] hsr_slave_1: entered promiscuous mode
[  890.711759][T13437] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  890.725472][T13437] Cannot create hsr debugfs directory
[  891.088269][T11923] hsr_slave_0: left promiscuous mode
[  891.094874][T11923] hsr_slave_1: left promiscuous mode
[  891.102033][T11923] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  891.116844][T11923] batman_adv: batadv0: Removing interface: batadv_slave_0
[  891.132648][T11923] batman_adv: batadv0: Interface deactivated: 
€Â0
[  891.140628][T11923] batman_adv: batadv0: Removing interface: 
€Â0
[  891.175860][T11923] veth1_macvtap: left promiscuous mode
[  891.188201][T11923] veth0_macvtap: left promiscuous mode
[  891.194060][T11923] veth1_vlan: left promiscuous mode
[  891.199393][T11923] veth0_vlan: left promiscuous mode
[  893.008379][T13551] netlink: 'syz.0.2474': attribute type 2 has an invalid length.
[  893.060067][T13551] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2474'.
[  893.568636][T13437] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  893.583549][T13437] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  893.597544][T13437] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  893.645981][T13437] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  893.904076][T13437] 8021q: adding VLAN 0 to HW filter on device bond0
[  893.975032][T13437] 8021q: adding VLAN 0 to HW filter on device team0
[  894.008510][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  894.015799][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  894.066041][T11890] bridge0: port 2(bridge_slave_1) entered blocking state
[  894.073309][T11890] bridge0: port 2(bridge_slave_1) entered forwarding state
[  894.215334][T13577] netlink: 'syz.0.2479': attribute type 33 has an invalid length.
[  894.231142][T13577] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2479'.
[  894.256590][T13574] netlink: 'syz.3.2478': attribute type 10 has an invalid length.
[  894.404913][T13574] team0: Device wg1 is of different type
[  895.529858][T13437] 8021q: adding VLAN 0 to HW filter on device batadv0
[  895.789770][T13437] veth0_vlan: entered promiscuous mode
[  895.869767][T13437] veth1_vlan: entered promiscuous mode
[  896.269762][T13437] veth0_macvtap: entered promiscuous mode
[  896.330964][T13437] veth1_macvtap: entered promiscuous mode
[  896.372461][T13437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.383151][T13437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.393630][T13437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.412972][T13437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.427753][T13437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.438679][T13437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.475307][T13437] batman_adv: batadv0: Interface activated: batadv_slave_0
[  896.554545][T13437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  896.579500][T13437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.596240][T13437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.610055][T13437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.620420][T13437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.632302][T13437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.646952][T13437] batman_adv: batadv0: Interface activated: batadv_slave_1
[  896.679051][T13437] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  896.707606][T13437] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  896.726697][T13437] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  896.740792][T13623] netlink: 'syz.0.2484': attribute type 2 has an invalid length.
[  896.750250][T13437] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  896.753569][T13623] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2484'.
[  897.044344][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  897.073377][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  897.130437][T11888] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  897.157389][T11888] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  898.243465][T13652] netlink: 'syz.3.2491': attribute type 10 has an invalid length.
[  898.677260][T12658] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  898.686706][T12658] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  898.701719][T12658] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  898.718989][T12658] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  898.727824][T12658] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  898.738272][T12658] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  898.811087][T13652] team0: Device wg1 is of different type
[  900.804216][ T5779] Bluetooth: hci4: command tx timeout
[  901.537763][T11890] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  901.691558][T11890] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  901.910744][T11890] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  902.092602][T11890] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  902.641322][T13656] chnl_net:caif_netlink_parms(): no params data found
[  902.883144][ T5779] Bluetooth: hci4: command tx timeout
[  902.988151][T13656] bridge0: port 1(bridge_slave_0) entered blocking state
[  902.997469][T13656] bridge0: port 1(bridge_slave_0) entered disabled state
[  903.005354][T13656] bridge_slave_0: entered allmulticast mode
[  903.014495][T13656] bridge_slave_0: entered promiscuous mode
[  903.023835][T13656] bridge0: port 2(bridge_slave_1) entered blocking state
[  903.031057][T13656] bridge0: port 2(bridge_slave_1) entered disabled state
[  903.038620][T13656] bridge_slave_1: entered allmulticast mode
[  903.047812][T13656] bridge_slave_1: entered promiscuous mode
[  903.271788][T13656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  903.474811][T13656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  903.671209][T13656] team0: Port device team_slave_0 added
[  903.738257][T13656] team0: Port device team_slave_1 added
[  903.776824][T13721] netlink: 'syz.1.2498': attribute type 2 has an invalid length.
[  903.804419][T13721] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2498'.
[  903.963556][T13656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  903.980824][T13656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  904.038894][T13656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  904.093675][T13656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  904.100703][T13656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  904.194323][T13656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  904.967673][ T5779] Bluetooth: hci4: command tx timeout
[  907.043097][ T5779] Bluetooth: hci4: command tx timeout
[  907.092571][T13656] hsr_slave_0: entered promiscuous mode
[  907.108387][T13656] hsr_slave_1: entered promiscuous mode
[  907.147675][T13656] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  907.159916][T13656] Cannot create hsr debugfs directory
[  907.780133][T13758] sit0: entered allmulticast mode
[  908.112864][T11890] hsr_slave_0: left promiscuous mode
[  908.134907][T11890] hsr_slave_1: left promiscuous mode
[  908.148569][T11890] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  908.156467][T11890] batman_adv: batadv0: Removing interface: batadv_slave_0
[  908.179549][T11890] batman_adv: batadv0: Interface deactivated: 
€Â0
[  908.192764][T11890] batman_adv: batadv0: Removing interface: 
€Â0
[  908.210818][T11890] bridge_slave_1: left allmulticast mode
[  908.229334][T11890] bridge_slave_1: left promiscuous mode
[  908.242977][T11890] bridge0: port 2(bridge_slave_1) entered disabled state
[  908.255324][T11890] bridge_slave_0: left allmulticast mode
[  908.282990][T11890] bridge_slave_0: left promiscuous mode
[  908.295555][T11890] bridge0: port 1(bridge_slave_0) entered disabled state
[  908.343761][T11890] veth0_macvtap: left promiscuous mode
[  908.352535][T11890] veth1_vlan: left promiscuous mode
[  908.365696][T11890] veth0_vlan: left promiscuous mode
[  909.678016][T13761] sit0: entered promiscuous mode
[  909.908457][T13785] netlink: 'syz.3.2509': attribute type 2 has an invalid length.
[  909.948532][T13785] netlink: 1045 bytes leftover after parsing attributes in process `syz.3.2509'.
[  910.960950][T13808] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2511'.
[  910.997974][T13808] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  911.136285][T13656] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  911.169392][T13656] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  911.188268][T13656] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  911.222133][T13656] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  911.463449][T13656] 8021q: adding VLAN 0 to HW filter on device bond0
[  911.495386][T13656] 8021q: adding VLAN 0 to HW filter on device team0
[  911.515396][T11923] bridge0: port 1(bridge_slave_0) entered blocking state
[  911.522638][T11923] bridge0: port 1(bridge_slave_0) entered forwarding state
[  911.561059][T11923] bridge0: port 2(bridge_slave_1) entered blocking state
[  911.568529][T11923] bridge0: port 2(bridge_slave_1) entered forwarding state
[  912.207432][T13656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  912.324570][T13656] veth0_vlan: entered promiscuous mode
[  912.365251][T13656] veth1_vlan: entered promiscuous mode
[  912.447662][T13656] veth0_macvtap: entered promiscuous mode
[  912.479720][T13656] veth1_macvtap: entered promiscuous mode
[  912.539683][T13656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  912.563055][T13656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  912.583112][T13656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  912.594816][T13656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  912.605876][T13656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  912.654814][T13656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  912.680986][T13656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  912.709749][T13656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  912.737464][T13656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  912.752826][T13656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  912.781028][T13656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  912.802897][T13656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  912.832731][T13656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  912.855475][T13656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  912.888445][T13656] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  912.912895][T13656] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  912.921694][T13656] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  912.954988][T13656] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  913.125499][T13854] netlink: 'syz.3.2518': attribute type 2 has an invalid length.
[  913.154898][T13854] netlink: 1045 bytes leftover after parsing attributes in process `syz.3.2518'.
[  913.291567][T11890] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  913.343117][T11890] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  913.488836][T11888] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  913.513571][T11888] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  914.547629][T13884] FAULT_INJECTION: forcing a failure.
[  914.547629][T13884] name failslab, interval 1, probability 0, space 0, times 0
[  914.561390][T13884] CPU: 1 PID: 13884 Comm: syz.1.2524 Not tainted syzkaller #0
[  914.568962][T13884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  914.579074][T13884] Call Trace:
[  914.582402][T13884]  <TASK>
[  914.585379][T13884]  dump_stack_lvl+0x18c/0x250
[  914.590120][T13884]  ? show_regs_print_info+0x20/0x20
[  914.595378][T13884]  ? load_image+0x420/0x420
[  914.599958][T13884]  ? __might_sleep+0xe0/0xe0
[  914.604610][T13884]  ? __lock_acquire+0x7d40/0x7d40
[  914.609695][T13884]  should_fail_ex+0x39d/0x4d0
[  914.614443][T13884]  should_failslab+0x9/0x20
[  914.619000][T13884]  slab_pre_alloc_hook+0x59/0x310
[  914.624089][T13884]  ? ip_setup_cork+0x22e/0x860
[  914.628929][T13884]  __kmem_cache_alloc_node+0x53/0x250
[  914.634361][T13884]  ? ip_setup_cork+0x22e/0x860
[  914.639187][T13884]  kmalloc_trace+0x2a/0xe0
[  914.643676][T13884]  ip_setup_cork+0x22e/0x860
[  914.648329][T13884]  ip_make_skb+0x157/0x440
[  914.652803][T13884]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  914.657703][T13884]  ? ip_flush_pending_frames+0x250/0x250
[  914.663414][T13884]  udp_sendmsg+0x1ade/0x23b0
[  914.668082][T13884]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  914.672988][T13884]  ? udp_cmsg_send+0x350/0x350
[  914.677810][T13884]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  914.683825][T13884]  ? lock_chain_count+0x20/0x20
[  914.688702][T13884]  ? inet_sendmsg+0x14b/0x2f0
[  914.693417][T13884]  ? __local_bh_enable_ip+0x13a/0x1c0
[  914.698818][T13884]  ? _local_bh_enable+0xa0/0xa0
[  914.703701][T13884]  ? inet_sendmsg+0x14b/0x2f0
[  914.708415][T13884]  ? inet_sendmsg+0x14b/0x2f0
[  914.713139][T13884]  ? inet_send_prepare+0x260/0x260
[  914.718305][T13884]  ____sys_sendmsg+0x5ba/0x960
[  914.723135][T13884]  ? __sys_sendmsg_sock+0x30/0x30
[  914.728192][T13884]  ? __import_iovec+0x3fa/0x850
[  914.733088][T13884]  ? import_iovec+0x73/0xa0
[  914.737626][T13884]  ___sys_sendmsg+0x2a6/0x360
[  914.742335][T13884]  ? __sys_sendmsg+0x2a0/0x2a0
[  914.747142][T13884]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  914.753431][T13884]  __se_sys_sendmsg+0x1c2/0x2b0
[  914.758314][T13884]  ? __x64_sys_sendmsg+0x80/0x80
[  914.763309][T13884]  ? lockdep_hardirqs_on+0x98/0x150
[  914.768575][T13884]  do_syscall_64+0x55/0xb0
[  914.773055][T13884]  ? clear_bhb_loop+0x40/0x90
[  914.777763][T13884]  ? clear_bhb_loop+0x40/0x90
[  914.782492][T13884]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  914.788426][T13884] RIP: 0033:0x7f7f9eb9ce59
[  914.792873][T13884] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  914.812512][T13884] RSP: 002b:00007f7f9fa91028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  914.820963][T13884] RAX: ffffffffffffffda RBX: 00007f7f9ee15fa0 RCX: 00007f7f9eb9ce59
[  914.828967][T13884] RDX: 0000000000000000 RSI: 0000200000007940 RDI: 000000000000003a
[  914.836976][T13884] RBP: 00007f7f9fa91090 R08: 0000000000000000 R09: 0000000000000000
[  914.845065][T13884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  914.853062][T13884] R13: 00007f7f9ee16038 R14: 00007f7f9ee15fa0 R15: 00007ffeb33a4a78
[  914.861083][T13884]  </TASK>
[  917.245626][T13887] bond0: entered promiscuous mode
[  917.262254][T13887] bond_slave_0: entered promiscuous mode
[  917.268731][T13887] bond_slave_1: entered promiscuous mode
[  917.642138][T13899] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  917.675140][T13899] syzkaller0: entered promiscuous mode
[  917.680728][T13899] syzkaller0: entered allmulticast mode
[  920.200207][T13899] netlink: 'syz.2.2529': attribute type 10 has an invalid length.
[  920.210773][T13899] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2529'.
[  920.245071][T13899] bridge0: port 3(bond0) entered blocking state
[  920.251510][T13899] bridge0: port 3(bond0) entered disabled state
[  920.288903][T13899] bond0: entered allmulticast mode
[  920.342853][T13899] bond_slave_0: entered allmulticast mode
[  920.348677][T13899] bond_slave_1: entered allmulticast mode
[  920.409408][T13899] bridge0: port 3(bond0) entered blocking state
[  920.415933][T13899] bridge0: port 3(bond0) entered forwarding state
[  921.080517][T13913] netlink: 'syz.1.2540': attribute type 3 has an invalid length.
[  921.091421][T13913] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2540'.
[  923.021147][T13920] netlink: 'syz.0.2533': attribute type 4 has an invalid length.
[  923.031559][T13920] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2533'.
[  923.050637][T13920] .`: renamed from bond0 (while UP)
[  923.110571][T13924] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  923.131545][T13924] batman_adv: batadv0: Removing interface: batadv_slave_0
[  923.160907][T13924] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  923.181293][T13924] batman_adv: batadv0: Removing interface: batadv_slave_1
[  926.388463][T13934] netlink: 'syz.2.2538': attribute type 2 has an invalid length.
[  926.446064][T13934] netlink: 1045 bytes leftover after parsing attributes in process `syz.2.2538'.
[  927.599572][T13955] netlink: 'syz.0.2544': attribute type 2 has an invalid length.
[  927.608310][T13955] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2544'.
[  927.790974][T13959] netlink: 'syz.3.2545': attribute type 1 has an invalid length.
[  927.802967][T13959] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.2545'.
[  927.990347][T13962] netlink: 'syz.1.2546': attribute type 4 has an invalid length.
[  928.015421][T13962] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2546'.
[  931.166888][T13967] FAULT_INJECTION: forcing a failure.
[  931.166888][T13967] name failslab, interval 1, probability 0, space 0, times 0
[  931.191298][T13967] CPU: 1 PID: 13967 Comm: syz.1.2548 Not tainted syzkaller #0
[  931.198976][T13967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  931.209112][T13967] Call Trace:
[  931.212472][T13967]  <TASK>
[  931.215514][T13967]  dump_stack_lvl+0x18c/0x250
[  931.220317][T13967]  ? show_regs_print_info+0x20/0x20
[  931.225615][T13967]  ? load_image+0x420/0x420
[  931.230213][T13967]  ? __might_sleep+0xe0/0xe0
[  931.234892][T13967]  ? __lock_acquire+0x7d40/0x7d40
[  931.240059][T13967]  should_fail_ex+0x39d/0x4d0
[  931.244863][T13967]  should_failslab+0x9/0x20
[  931.249462][T13967]  slab_pre_alloc_hook+0x59/0x310
[  931.254577][T13967]  ? __lock_acquire+0x7d40/0x7d40
[  931.259706][T13967]  kmem_cache_alloc_node+0x60/0x320
[  931.264995][T13967]  ? __alloc_skb+0x103/0x2c0
[  931.269695][T13967]  __alloc_skb+0x103/0x2c0
[  931.274210][T13967]  netlink_sendmsg+0x66a/0xbf0
[  931.279101][T13967]  ? perf_trace_lock+0x304/0x3b0
[  931.284165][T13967]  ? netlink_getsockopt+0x590/0x590
[  931.289550][T13967]  ? aa_sock_msg_perm+0x94/0x150
[  931.294596][T13967]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  931.299986][T13967]  ? security_socket_sendmsg+0x80/0xa0
[  931.305526][T13967]  ? netlink_getsockopt+0x590/0x590
[  931.310846][T13967]  ____sys_sendmsg+0x5ba/0x960
[  931.315729][T13967]  ? __asan_memset+0x22/0x40
[  931.320418][T13967]  ? __sys_sendmsg_sock+0x30/0x30
[  931.325522][T13967]  ? __import_iovec+0x5f2/0x850
[  931.330491][T13967]  ? import_iovec+0x73/0xa0
[  931.335117][T13967]  ___sys_sendmsg+0x2a6/0x360
[  931.339911][T13967]  ? __sys_sendmsg+0x2a0/0x2a0
[  931.344840][T13967]  ? __lock_acquire+0x7d40/0x7d40
[  931.350038][T13967]  __se_sys_sendmsg+0x1c2/0x2b0
[  931.354994][T13967]  ? __x64_sys_sendmsg+0x80/0x80
[  931.360081][T13967]  ? lockdep_hardirqs_on+0x98/0x150
[  931.365398][T13967]  do_syscall_64+0x55/0xb0
[  931.369900][T13967]  ? clear_bhb_loop+0x40/0x90
[  931.374662][T13967]  ? clear_bhb_loop+0x40/0x90
[  931.379433][T13967]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  931.385442][T13967] RIP: 0033:0x7f7f9eb9ce59
[  931.389967][T13967] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  931.409656][T13967] RSP: 002b:00007f7f9fa91028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  931.418202][T13967] RAX: ffffffffffffffda RBX: 00007f7f9ee15fa0 RCX: 00007f7f9eb9ce59
[  931.426255][T13967] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000000000000005
[  931.434308][T13967] RBP: 00007f7f9fa91090 R08: 0000000000000000 R09: 0000000000000000
[  931.442346][T13967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  931.450393][T13967] R13: 00007f7f9ee16038 R14: 00007f7f9ee15fa0 R15: 00007ffeb33a4a78
[  931.458509][T13967]  </TASK>
[  931.660776][T13970] netlink: 'syz.0.2550': attribute type 2 has an invalid length.
[  931.710968][T13970] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2550'.
[  932.109996][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  932.116794][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  933.172273][T13994] netlink: 172 bytes leftover after parsing attributes in process `syz.1.2556'.
[  933.851036][T14014] netlink: 'syz.0.2563': attribute type 2 has an invalid length.
[  933.870039][T14014] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2563'.
[  936.769685][T14031] netlink: 'syz.3.2569': attribute type 10 has an invalid length.
[  936.808792][T14031] team0: Device wg1 is of different type
[  937.825144][T14033] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2568'.
[  938.221304][T14053] netlink: 'syz.1.2575': attribute type 12 has an invalid length.
[  938.242192][T14053] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2575'.
[  938.698383][T14061] netlink: 'syz.0.2577': attribute type 2 has an invalid length.
[  938.713020][T14061] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2577'.
[  941.231871][T14056] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2575'.
[  941.279777][T14056] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  942.817567][T14091] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2584'.
[  942.893053][T14091] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2584'.
[  944.397596][T14085] netlink: 'syz.0.2590': attribute type 4 has an invalid length.
[  944.434027][T14085] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2590'.
[  944.772041][T14104] netlink: 'syz.3.2587': attribute type 2 has an invalid length.
[  944.789684][T14104] netlink: 1045 bytes leftover after parsing attributes in process `syz.3.2587'.
[  948.256475][T14122] netlink: 172 bytes leftover after parsing attributes in process `syz.0.2591'.
[  951.768186][T14141] netlink: 'syz.3.2598': attribute type 2 has an invalid length.
[  951.776176][T14141] netlink: 1045 bytes leftover after parsing attributes in process `syz.3.2598'.
[  952.401662][T14148] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2600'.
[  952.911226][T14168] netlink: 'syz.1.2602': attribute type 1 has an invalid length.
[  952.935922][T14168] netlink: 'syz.1.2602': attribute type 3 has an invalid length.
[  952.950321][T14168] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2602'.
[  955.623471][T14152] netlink: 'syz.1.2602': attribute type 21 has an invalid length.
[  956.075545][T14182] FAULT_INJECTION: forcing a failure.
[  956.075545][T14182] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  956.203123][T14184] lo: entered allmulticast mode
[  956.232967][T14182] CPU: 0 PID: 14182 Comm: syz.0.2609 Not tainted syzkaller #0
[  956.240786][T14182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  956.250905][T14182] Call Trace:
[  956.254241][T14182]  <TASK>
[  956.257218][T14182]  dump_stack_lvl+0x18c/0x250
[  956.261966][T14182]  ? show_regs_print_info+0x20/0x20
[  956.267222][T14182]  ? load_image+0x420/0x420
[  956.271788][T14182]  ? __might_fault+0xaa/0x120
[  956.276527][T14182]  ? __lock_acquire+0x7d40/0x7d40
[  956.281618][T14182]  should_fail_ex+0x39d/0x4d0
[  956.286371][T14182]  _copy_from_user+0x2f/0xe0
[  956.291027][T14182]  ___sys_recvmsg+0x176/0x590
[  956.295771][T14182]  ? __sys_recvmsg+0x2a0/0x2a0
[  956.300599][T14182]  ? ktime_get+0x7f/0x280
[  956.305019][T14182]  ? __fget_files+0x43d/0x4b0
[  956.309775][T14182]  __x64_sys_recvmsg+0x20c/0x2e0
[  956.314768][T14182]  ? hrtimer_interrupt+0x7bb/0x9c0
[  956.319947][T14182]  ? ___sys_recvmsg+0x590/0x590
[  956.324878][T14182]  ? lockdep_hardirqs_on+0x98/0x150
[  956.330250][T14182]  do_syscall_64+0x55/0xb0
[  956.334828][T14182]  ? clear_bhb_loop+0x40/0x90
[  956.339584][T14182]  ? clear_bhb_loop+0x40/0x90
[  956.344315][T14182]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  956.350267][T14182] RIP: 0033:0x7f149e39ce59
[  956.354731][T14182] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  956.374396][T14182] RSP: 002b:00007f149f235028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  956.382970][T14182] RAX: ffffffffffffffda RBX: 00007f149e615fa0 RCX: 00007f149e39ce59
[  956.391017][T14182] RDX: 0000000000002082 RSI: 0000200000000300 RDI: 0000000000000004
[  956.399245][T14182] RBP: 00007f149f235090 R08: 0000000000000000 R09: 0000000000000000
[  956.407268][T14182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  956.415300][T14182] R13: 00007f149e616038 R14: 00007f149e615fa0 R15: 00007ffd727fa9a8
[  956.423342][T14182]  </TASK>
[  956.478951][T14184] lo: entered promiscuous mode
[  956.487066][T14184] lo: left allmulticast mode
[  956.714963][T14190] netlink: 'syz.0.2613': attribute type 2 has an invalid length.
[  956.736453][T14190] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2613'.
[  957.411036][T14206] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2616'.
[  957.458820][T14206] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  957.766029][T14213] netlink: 'syz.2.2617': attribute type 21 has an invalid length.
[  957.984009][T14222] netlink: 'syz.2.2617': attribute type 1 has an invalid length.
[  958.008915][T14222] netlink: 'syz.2.2617': attribute type 3 has an invalid length.
[  958.023109][T14222] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2617'.
[  960.689502][T14226] lo: entered allmulticast mode
[  960.731229][T14231] lo: entered promiscuous mode
[  960.747246][T14231] lo: left allmulticast mode
[  960.970791][T14244] FAULT_INJECTION: forcing a failure.
[  960.970791][T14244] name failslab, interval 1, probability 0, space 0, times 0
[  961.009536][T14244] CPU: 0 PID: 14244 Comm: syz.1.2626 Not tainted syzkaller #0
[  961.017112][T14244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  961.027241][T14244] Call Trace:
[  961.030591][T14244]  <TASK>
[  961.033590][T14244]  dump_stack_lvl+0x18c/0x250
[  961.038355][T14244]  ? show_regs_print_info+0x20/0x20
[  961.043640][T14244]  ? load_image+0x420/0x420
[  961.048217][T14244]  ? __might_sleep+0xe0/0xe0
[  961.052921][T14244]  ? __lock_acquire+0x7d40/0x7d40
[  961.058166][T14244]  should_fail_ex+0x39d/0x4d0
[  961.062988][T14244]  should_failslab+0x9/0x20
[  961.067606][T14244]  slab_pre_alloc_hook+0x59/0x310
[  961.072762][T14244]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  961.078578][T14244]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  961.084366][T14244]  __kmem_cache_alloc_node+0x53/0x250
[  961.089844][T14244]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  961.095632][T14244]  __kmalloc+0xa4/0x230
[  961.099881][T14244]  tomoyo_realpath_from_path+0xe3/0x5d0
[  961.105557][T14244]  tomoyo_path_number_perm+0x248/0x620
[  961.111083][T14244]  ? tomoyo_path_number_perm+0x217/0x620
[  961.116789][T14244]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  961.122326][T14244]  ? ksys_write+0x1c4/0x260
[  961.127045][T14244]  ? __fget_files+0x28/0x4b0
[  961.131707][T14244]  ? __fget_files+0x28/0x4b0
[  961.136424][T14244]  security_file_ioctl+0x70/0xa0
[  961.141449][T14244]  __se_sys_ioctl+0x48/0x170
[  961.146140][T14244]  do_syscall_64+0x55/0xb0
[  961.150644][T14244]  ? clear_bhb_loop+0x40/0x90
[  961.155381][T14244]  ? clear_bhb_loop+0x40/0x90
[  961.160131][T14244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  961.166091][T14244] RIP: 0033:0x7f7f9eb9ce59
[  961.170578][T14244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  961.190346][T14244] RSP: 002b:00007f7f9fa91028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  961.198836][T14244] RAX: ffffffffffffffda RBX: 00007f7f9ee15fa0 RCX: 00007f7f9eb9ce59
[  961.206872][T14244] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000005
[  961.214943][T14244] RBP: 00007f7f9fa91090 R08: 0000000000000000 R09: 0000000000000000
[  961.222988][T14244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  961.231046][T14244] R13: 00007f7f9ee16038 R14: 00007f7f9ee15fa0 R15: 00007ffeb33a4a78
[  961.239162][T14244]  </TASK>
[  961.270524][T14240] netlink: 'syz.0.2623': attribute type 10 has an invalid length.
[  961.307712][T14244] ERROR: Out of memory at tomoyo_realpath_from_path.
[  962.013690][T14240] team0: Device wg1 is of different type
[  962.052980][T14243] netlink: 'syz.3.2625': attribute type 4 has an invalid length.
[  962.078595][T14243] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2625'.
[  962.124615][T14243] .`: renamed from bond0 (while UP)
[  962.179470][T14252] netlink: 'syz.2.2628': attribute type 2 has an invalid length.
[  962.223026][T14252] netlink: 1045 bytes leftover after parsing attributes in process `syz.2.2628'.
[  962.436800][T14263] FAULT_INJECTION: forcing a failure.
[  962.436800][T14263] name failslab, interval 1, probability 0, space 0, times 0
[  962.450593][T14263] CPU: 1 PID: 14263 Comm: syz.0.2632 Not tainted syzkaller #0
[  962.458125][T14263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  962.469097][T14263] Call Trace:
[  962.472429][T14263]  <TASK>
[  962.475409][T14263]  dump_stack_lvl+0x18c/0x250
[  962.480152][T14263]  ? show_regs_print_info+0x20/0x20
[  962.485512][T14263]  ? load_image+0x420/0x420
[  962.490077][T14263]  ? __might_sleep+0xe0/0xe0
[  962.494731][T14263]  ? __lock_acquire+0x7d40/0x7d40
[  962.499832][T14263]  should_fail_ex+0x39d/0x4d0
[  962.504674][T14263]  should_failslab+0x9/0x20
[  962.509251][T14263]  slab_pre_alloc_hook+0x59/0x310
[  962.514343][T14263]  kmem_cache_alloc_node+0x60/0x320
[  962.519597][T14263]  ? __alloc_skb+0x103/0x2c0
[  962.524247][T14263]  __alloc_skb+0x103/0x2c0
[  962.528730][T14263]  tipc_msg_build+0x161/0xee0
[  962.533482][T14263]  ? tipc_node_find+0x3bb/0x490
[  962.538402][T14263]  ? tipc_node_find+0xb4/0x490
[  962.543221][T14263]  ? skb_copy_to_linear_data_offset+0x60/0x60
[  962.549365][T14263]  __tipc_sendmsg+0x1903/0x2bb0
[  962.554299][T14263]  ? rht_unlock+0x1d0/0x1d0
[  962.558875][T14263]  ? mark_lock+0x94/0x320
[  962.563256][T14263]  ? verify_lock_unused+0x140/0x140
[  962.568517][T14263]  ? verify_lock_unused+0x140/0x140
[  962.573816][T14263]  ? __might_sleep+0xe0/0xe0
[  962.578492][T14263]  ? mark_lock+0x94/0x320
[  962.582881][T14263]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  962.588928][T14263]  ? __local_bh_enable_ip+0x13a/0x1c0
[  962.594349][T14263]  ? lockdep_hardirqs_on+0x98/0x150
[  962.599608][T14263]  ? wait_woken+0x180/0x180
[  962.604166][T14263]  ? _local_bh_enable+0xa0/0xa0
[  962.609080][T14263]  tipc_sendmsg+0x55/0x70
[  962.613469][T14263]  ? tipc_recvmsg+0x1400/0x1400
[  962.618391][T14263]  ____sys_sendmsg+0x5ba/0x960
[  962.623222][T14263]  ? __asan_memset+0x22/0x40
[  962.627863][T14263]  ? __sys_sendmsg_sock+0x30/0x30
[  962.632971][T14263]  ? __import_iovec+0x3fa/0x850
[  962.637885][T14263]  ? import_iovec+0x73/0xa0
[  962.642437][T14263]  ___sys_sendmsg+0x2a6/0x360
[  962.647265][T14263]  ? get_pid_task+0x20/0x1e0
[  962.651918][T14263]  ? __sys_sendmsg+0x2a0/0x2a0
[  962.656755][T14263]  ? __lock_acquire+0x7d40/0x7d40
[  962.661873][T14263]  __se_sys_sendmsg+0x1c2/0x2b0
[  962.666787][T14263]  ? __x64_sys_sendmsg+0x80/0x80
[  962.671799][T14263]  ? lockdep_hardirqs_on+0x98/0x150
[  962.677065][T14263]  do_syscall_64+0x55/0xb0
[  962.681534][T14263]  ? clear_bhb_loop+0x40/0x90
[  962.686258][T14263]  ? clear_bhb_loop+0x40/0x90
[  962.691022][T14263]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  962.696989][T14263] RIP: 0033:0x7f149e39ce59
[  962.701491][T14263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  962.721164][T14263] RSP: 002b:00007f149f235028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  962.729725][T14263] RAX: ffffffffffffffda RBX: 00007f149e615fa0 RCX: 00007f149e39ce59
[  962.737749][T14263] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000004
[  962.745855][T14263] RBP: 00007f149f235090 R08: 0000000000000000 R09: 0000000000000000
[  962.753879][T14263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  962.761913][T14263] R13: 00007f149e616038 R14: 00007f149e615fa0 R15: 00007ffd727fa9a8
[  962.769969][T14263]  </TASK>
[  963.000261][T14268] netlink: 'syz.0.2633': attribute type 21 has an invalid length.
[  963.185040][T14276] netlink: 'syz.0.2633': attribute type 1 has an invalid length.
[  963.212831][T14276] netlink: 'syz.0.2633': attribute type 3 has an invalid length.
[  963.220647][T14276] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2633'.
[  965.290777][T14271] lo: left promiscuous mode
[  965.302846][T14271] lo: entered allmulticast mode
[  965.381838][T14280] lo: entered promiscuous mode
[  965.393966][T14280] lo: left allmulticast mode
[  965.706917][T14288] netlink: 'syz.0.2638': attribute type 4 has an invalid length.
[  965.754318][T14288] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2638'.
[  965.899983][T14286] netlink: 'syz.1.2637': attribute type 10 has an invalid length.
[  965.934053][T14286] team0: Device wg1 is of different type
[  966.031149][T14296] netlink: 'syz.3.2641': attribute type 2 has an invalid length.
[  966.039636][T14296] netlink: 1045 bytes leftover after parsing attributes in process `syz.3.2641'.
[  969.474116][T14317] lo: entered allmulticast mode
[  969.545366][T14320] lo: entered promiscuous mode
[  969.560425][T14320] lo: left allmulticast mode
[  969.724114][T14328] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2651'.
[  969.763059][T12658] Bluetooth: hci0: command 0x0406 tx timeout
[  969.784518][T14326] netlink: 'syz.2.2650': attribute type 4 has an invalid length.
[  969.792756][T14326] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2650'.
[  970.302439][T14326] .`: renamed from bond0 (while UP)
[  970.364605][T14335] netlink: 'syz.0.2653': attribute type 2 has an invalid length.
[  970.405154][T14335] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.2653'.
[  970.484921][T14326] bridge0: port 3(.`) entered disabled state
[  970.585006][T14336] netlink: 'syz.3.2654': attribute type 10 has an invalid length.
[  970.593979][T14326] syz.2.2650 (14326) used greatest stack depth: 17384 bytes left
[  970.619608][T14336] team0: Device wg1 is of different type
[  970.915499][T14344] netlink: 149044 bytes leftover after parsing attributes in process `syz.2.2657'.
[  974.309672][T14363] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2662'.
[  974.334775][T14363] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  974.433025][T14363] batman_adv: batadv0: Removing interface: batadv_slave_0
[  974.449953][T14363] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  974.462456][T14363] batman_adv: batadv0: Removing interface: batadv_slave_1
[  974.644514][T14371] netlink: 'syz.2.2665': attribute type 2 has an invalid length.
[  974.667679][T14371] netlink: 1045 bytes leftover after parsing attributes in process `syz.2.2665'.
[  974.752242][T14364] netlink: 'syz.1.2664': attribute type 4 has an invalid length.
[  974.770964][T14364] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2664'.
[  975.721752][T14380] netlink: 'syz.2.2668': attribute type 10 has an invalid length.
[  975.761397][T14383] netlink: 149044 bytes leftover after parsing attributes in process `syz.0.2669'.
[  975.895025][T14380] team0: Device wg1 is of different type
[  976.010992][T14387] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  976.033335][T14387] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  976.053034][T14387] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  976.157136][T14392] netlink: 'syz.0.2672': attribute type 10 has an invalid length.
[  976.188188][T14392] team0: Device wg1 is of different type
[  977.042223][T14399] netlink: 'syz.1.2674': attribute type 27 has an invalid length.
[  979.662222][T14404] netlink: 'syz.2.2676': attribute type 2 has an invalid length.
[  979.673459][T14404] netlink: 1045 bytes leftover after parsing attributes in process `syz.2.2676'.
[  979.714567][T14405] netlink: 'syz.0.2675': attribute type 21 has an invalid length.
[  979.723731][T14405] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2675'.
[  980.050621][T14410] netlink: 'syz.3.2679': attribute type 10 has an invalid length.
[  980.075148][T14410] bridge0: port 2(bridge_slave_1) entered disabled state
[  980.083704][T14410] bridge0: port 1(bridge_slave_0) entered disabled state
[  980.111096][T14410] bridge0: port 2(bridge_slave_1) entered blocking state
[  980.119312][T14410] bridge0: port 2(bridge_slave_1) entered forwarding state
[  980.127665][T14410] bridge0: port 1(bridge_slave_0) entered blocking state
[  980.134877][T14410] bridge0: port 1(bridge_slave_0) entered forwarding state
[  980.165045][T14410] team0: Port device bridge0 added
[  980.453474][T14418] netlink: 149044 bytes leftover after parsing attributes in process `syz.1.2680'.
[  980.626776][T14429] netlink: 'syz.2.2691': attribute type 2 has an invalid length.
[  980.635275][T14429] netlink: 1045 bytes leftover after parsing attributes in process `syz.2.2691'.
[  980.728161][T14427] netlink: 'syz.3.2682': attribute type 10 has an invalid length.
[  980.765328][T14427] team0: Device wg1 is of different type
[  983.724493][T14441] netlink: 'syz.2.2685': attribute type 6 has an invalid length.
[  983.732294][T14441] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2685'.
[  983.961778][T14446] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2686'.
[  983.980900][T14446] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  983.998296][T14446] batman_adv: batadv0: Removing interface: batadv_slave_0
[  984.148410][T14452] netlink: 'syz.0.2696': attribute type 1 has an invalid length.
[  984.167049][T14452] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.2696'.
[  984.253839][T14453] netlink: 'syz.0.2696': attribute type 1 has an invalid length.
[  984.262891][T14453] netlink: 'syz.0.2696': attribute type 3 has an invalid length.
[  984.271128][T14453] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2696'.
[  985.123286][T12658] Bluetooth: hci3: command 0x0406 tx timeout
[  986.897175][T14446] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  986.908625][T14446] batman_adv: batadv0: Removing interface: batadv_slave_1
[  986.985564][T14450] netlink: 'syz.3.2687': attribute type 27 has an invalid length.
[  986.996350][T14453] netlink: 'syz.0.2696': attribute type 5 has an invalid length.
[  987.004597][T14449] netlink: 'syz.0.2696': attribute type 1 has an invalid length.
[  987.012412][T14449] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.2696'.
[  987.171202][T14459] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.2690'.
[  987.198225][T14456] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  987.221830][T14456] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  987.234009][T14456] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  987.762120][T14470] netlink: 'syz.1.2695': attribute type 2 has an invalid length.
[  987.774777][T14470] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2695'.
[  988.162143][T14489] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.2700'.
[  988.187311][T14489] netlink: 3064 bytes leftover after parsing attributes in process `syz.3.2700'.
[  988.209946][T14490] netlink: 'syz.3.2700': attribute type 1 has an invalid length.
[  988.222823][T14490] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.2700'.
[  988.254195][T14491] netlink: 'syz.0.2701': attribute type 27 has an invalid length.
[  988.380632][T14490] netlink: 'syz.3.2700': attribute type 1 has an invalid length.
[  988.429017][T14490] netlink: 'syz.3.2700': attribute type 3 has an invalid length.
[  988.442081][T14490] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2700'.
[  988.480214][T14489] netlink: 'syz.3.2700': attribute type 5 has an invalid length.
[  988.855756][T14498] FAULT_INJECTION: forcing a failure.
[  988.855756][T14498] name failslab, interval 1, probability 0, space 0, times 0
[  988.871457][T14498] CPU: 0 PID: 14498 Comm: syz.1.2704 Not tainted syzkaller #0
[  988.879250][T14498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  988.889382][T14498] Call Trace:
[  988.892700][T14498]  <TASK>
[  988.895672][T14498]  dump_stack_lvl+0x18c/0x250
[  988.900447][T14498]  ? show_regs_print_info+0x20/0x20
[  988.905709][T14498]  ? load_image+0x420/0x420
[  988.910288][T14498]  ? __might_sleep+0xe0/0xe0
[  988.914948][T14498]  ? __lock_acquire+0x7d40/0x7d40
[  988.920033][T14498]  ? verify_lock_unused+0x140/0x140
[  988.925299][T14498]  should_fail_ex+0x39d/0x4d0
[  988.930047][T14498]  should_failslab+0x9/0x20
[  988.934702][T14498]  slab_pre_alloc_hook+0x59/0x310
[  988.939883][T14498]  ? bpf_prog_test_run_skb+0x245/0x18c0
[  988.945487][T14498]  ? bpf_prog_test_run_skb+0x245/0x18c0
[  988.951127][T14498]  __kmem_cache_alloc_node+0x53/0x250
[  988.956568][T14498]  ? bpf_prog_test_run_skb+0x245/0x18c0
[  988.962181][T14498]  __kmalloc+0xa4/0x230
[  988.966408][T14498]  bpf_prog_test_run_skb+0x245/0x18c0
[  988.971933][T14498]  ? __fget_files+0x28/0x4b0
[  988.976574][T14498]  ? __fget_files+0x28/0x4b0
[  988.981215][T14498]  ? __fget_files+0x43d/0x4b0
[  988.985979][T14498]  ? cpu_online+0x60/0x60
[  988.990373][T14498]  bpf_prog_test_run+0x321/0x390
[  988.995367][T14498]  __sys_bpf+0x49d/0x890
[  988.999681][T14498]  ? bpf_link_show_fdinfo+0x390/0x390
[  989.005140][T14498]  ? lock_chain_count+0x20/0x20
[  989.010062][T14498]  __x64_sys_bpf+0x7c/0x90
[  989.014534][T14498]  do_syscall_64+0x55/0xb0
[  989.019010][T14498]  ? clear_bhb_loop+0x40/0x90
[  989.023740][T14498]  ? clear_bhb_loop+0x40/0x90
[  989.028468][T14498]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  989.034420][T14498] RIP: 0033:0x7f7f9eb9ce59
[  989.038965][T14498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  989.058633][T14498] RSP: 002b:00007f7f9fa91028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  989.067110][T14498] RAX: ffffffffffffffda RBX: 00007f7f9ee15fa0 RCX: 00007f7f9eb9ce59
[  989.075125][T14498] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  989.083145][T14498] RBP: 00007f7f9fa91090 R08: 0000000000000000 R09: 0000000000000000
[  989.091157][T14498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  989.099176][T14498] R13: 00007f7f9ee16038 R14: 00007f7f9ee15fa0 R15: 00007ffeb33a4a78
[  989.107211][T14498]  </TASK>
[  991.351723][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  991.443173][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  991.518965][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  991.603043][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  991.662965][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  991.733067][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  991.839865][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  991.952988][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  992.018720][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  992.115531][T14511] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[  992.335920][T14520] netlink: 'syz.1.2710': attribute type 2 has an invalid length.
[  992.351509][T14520] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2710'.
[  993.010783][T14524] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  993.020182][T14524] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  993.030957][T14524] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  993.144719][T14529] netlink: 'syz.3.2713': attribute type 10 has an invalid length.
[  993.290064][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  993.303196][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  993.782456][T14529] bridge0: port 2(bridge_slave_1) entered disabled state
[  993.789861][T14529] bridge0: port 1(bridge_slave_0) entered disabled state
[  994.077490][T14546] FAULT_INJECTION: forcing a failure.
[  994.077490][T14546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  994.100487][T14546] CPU: 1 PID: 14546 Comm: syz.3.2717 Not tainted syzkaller #0
[  994.108027][T14546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  994.118215][T14546] Call Trace:
[  994.121531][T14546]  <TASK>
[  994.124493][T14546]  dump_stack_lvl+0x18c/0x250
[  994.129215][T14546]  ? show_regs_print_info+0x20/0x20
[  994.134446][T14546]  ? load_image+0x420/0x420
[  994.138975][T14546]  ? __might_fault+0xaa/0x120
[  994.143685][T14546]  ? __lock_acquire+0x7d40/0x7d40
[  994.148752][T14546]  should_fail_ex+0x39d/0x4d0
[  994.153495][T14546]  _copy_from_user+0x2f/0xe0
[  994.158127][T14546]  __sys_bpf+0x23e/0x890
[  994.162405][T14546]  ? bpf_link_show_fdinfo+0x390/0x390
[  994.167821][T14546]  ? lock_chain_count+0x20/0x20
[  994.172721][T14546]  __x64_sys_bpf+0x7c/0x90
[  994.177191][T14546]  do_syscall_64+0x55/0xb0
[  994.181640][T14546]  ? clear_bhb_loop+0x40/0x90
[  994.186345][T14546]  ? clear_bhb_loop+0x40/0x90
[  994.191058][T14546]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  994.196990][T14546] RIP: 0033:0x7f9b1a59ce59
[  994.201435][T14546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  994.221098][T14546] RSP: 002b:00007f9b1b4fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  994.229558][T14546] RAX: ffffffffffffffda RBX: 00007f9b1a815fa0 RCX: 00007f9b1a59ce59
[  994.237562][T14546] RDX: 0000000000000050 RSI: 0000200000000100 RDI: 000000000000000a
[  994.245573][T14546] RBP: 00007f9b1b4fe090 R08: 0000000000000000 R09: 0000000000000000
[  994.253600][T14546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  994.261710][T14546] R13: 00007f9b1a816038 R14: 00007f9b1a815fa0 R15: 00007ffd273e4cc8
[  994.269733][T14546]  </TASK>
[  998.796435][T14565] vlan1: entered promiscuous mode
[  998.801568][T14565] FAULT_INJECTION: forcing a failure.
[  998.801568][T14565] name failslab, interval 1, probability 0, space 0, times 0
[  998.828861][T14565] CPU: 1 PID: 14565 Comm: syz.1.2724 Not tainted syzkaller #0
[  998.836416][T14565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  998.846528][T14565] Call Trace:
[  998.849850][T14565]  <TASK>
[  998.852827][T14565]  dump_stack_lvl+0x18c/0x250
[  998.857603][T14565]  ? show_regs_print_info+0x20/0x20
[  998.862870][T14565]  ? load_image+0x420/0x420
[  998.867448][T14565]  should_fail_ex+0x39d/0x4d0
[  998.872216][T14565]  should_failslab+0x9/0x20
[  998.876788][T14565]  slab_pre_alloc_hook+0x59/0x310
[  998.881895][T14565]  kmem_cache_alloc_node+0x60/0x320
[  998.887169][T14565]  ? __alloc_skb+0x103/0x2c0
[  998.891815][T14565]  __alloc_skb+0x103/0x2c0
[  998.896288][T14565]  rtmsg_ifinfo_build_skb+0x8c/0x260
[  998.901638][T14565]  rtmsg_ifinfo+0x8c/0x1a0
[  998.906207][T14565]  __dev_notify_flags+0xf3/0x310
[  998.911211][T14565]  ? __dev_change_flags+0x6a0/0x6a0
[  998.916471][T14565]  ? __netdev_printk+0x34d/0x4a0
[  998.921476][T14565]  ? netdev_info+0x11f/0x170
[  998.926122][T14565]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  998.932165][T14565]  __dev_set_promiscuity+0x18e/0x5c0
[  998.937513][T14565]  ? __local_bh_enable_ip+0x13a/0x1c0
[  998.942945][T14565]  dev_set_promiscuity+0x50/0xe0
[  998.947925][T14565]  ? vlan_dev_hard_start_xmit+0x5e0/0x5e0
[  998.953687][T14565]  __dev_set_promiscuity+0x40d/0x5c0
[  998.959019][T14565]  __dev_change_flags+0x428/0x6a0
[  998.964069][T14565]  ? __mutex_lock+0x4f9/0xcc0
[  998.968781][T14565]  ? dev_get_flags+0x1c0/0x1c0
[  998.973570][T14565]  ? mutex_lock_nested+0x20/0x20
[  998.978547][T14565]  dev_change_flags+0x88/0x1a0
[  998.983350][T14565]  dev_ioctl+0x7b4/0x1140
[  998.987721][T14565]  sock_do_ioctl+0x239/0x310
[  998.992384][T14565]  ? sock_show_fdinfo+0xb0/0xb0
[  998.997287][T14565]  sock_ioctl+0x5ba/0x7e0
[  999.001671][T14565]  ? sock_poll+0x3e0/0x3e0
[  999.006142][T14565]  ? bpf_lsm_file_ioctl+0x9/0x10
[  999.011130][T14565]  ? security_file_ioctl+0x80/0xa0
[  999.016288][T14565]  ? sock_poll+0x3e0/0x3e0
[  999.020791][T14565]  __se_sys_ioctl+0xfd/0x170
[  999.025527][T14565]  do_syscall_64+0x55/0xb0
[  999.029993][T14565]  ? clear_bhb_loop+0x40/0x90
[  999.034793][T14565]  ? clear_bhb_loop+0x40/0x90
[  999.039536][T14565]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  999.045475][T14565] RIP: 0033:0x7f7f9eb9ce59
[  999.049930][T14565] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  999.069566][T14565] RSP: 002b:00007f7f9fa91028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  999.078026][T14565] RAX: ffffffffffffffda RBX: 00007f7f9ee15fa0 RCX: 00007f7f9eb9ce59
[  999.086029][T14565] RDX: 0000200000000100 RSI: 0000000000008914 RDI: 0000000000000004
[  999.094035][T14565] RBP: 00007f7f9fa91090 R08: 0000000000000000 R09: 0000000000000000
[  999.102038][T14565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  999.110043][T14565] R13: 00007f7f9ee16038 R14: 00007f7f9ee15fa0 R15: 00007ffeb33a4a78
[  999.118085][T14565]  </TASK>
[  999.166761][T14565] vlan1: entered allmulticast mode
[  999.172087][T14565] veth0_vlan: entered allmulticast mode
[  999.187492][T14567] netlink: 'syz.3.2725': attribute type 2 has an invalid length.
[  999.203967][T14567] netlink: 1045 bytes leftover after parsing attributes in process `syz.3.2725'.
[  999.324100][T14570] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.2726'.
[  999.349828][T14570] netlink: 3064 bytes leftover after parsing attributes in process `syz.2.2726'.
[  999.369500][T14576] netlink: 'syz.2.2726': attribute type 1 has an invalid length.
[  999.392853][T14576] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.2726'.
[  999.494532][T14580] netlink: 'syz.0.2728': attribute type 41 has an invalid length.
[  999.522097][T14570] netlink: 'syz.2.2726': attribute type 1 has an invalid length.
[  999.533447][T14570] netlink: 'syz.2.2726': attribute type 3 has an invalid length.
[  999.541794][T14570] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2726'.
[  999.559713][T14570] netlink: 'syz.2.2726': attribute type 5 has an invalid length.
[ 1000.065447][T14593] netlink: 'syz.1.2742': attribute type 2 has an invalid length.
[ 1000.074068][T14593] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2742'.
[ 1000.341380][T14602] FAULT_INJECTION: forcing a failure.
[ 1000.341380][T14602] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.361286][T14602] CPU: 1 PID: 14602 Comm: syz.1.2737 Not tainted syzkaller #0
[ 1000.368840][T14602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1000.378967][T14602] Call Trace:
[ 1000.382294][T14602]  <TASK>
[ 1000.385277][T14602]  dump_stack_lvl+0x18c/0x250
[ 1000.390033][T14602]  ? show_regs_print_info+0x20/0x20
[ 1000.395294][T14602]  ? load_image+0x420/0x420
[ 1000.399865][T14602]  ? __might_sleep+0xe0/0xe0
[ 1000.404516][T14602]  ? __lock_acquire+0x7d40/0x7d40
[ 1000.409609][T14602]  should_fail_ex+0x39d/0x4d0
[ 1000.414450][T14602]  should_failslab+0x9/0x20
[ 1000.419017][T14602]  slab_pre_alloc_hook+0x59/0x310
[ 1000.424111][T14602]  ? __lock_acquire+0x7d40/0x7d40
[ 1000.429202][T14602]  kmem_cache_alloc_node+0x60/0x320
[ 1000.434476][T14602]  ? __alloc_skb+0x103/0x2c0
[ 1000.439132][T14602]  __alloc_skb+0x103/0x2c0
[ 1000.443614][T14602]  netlink_sendmsg+0x66a/0xbf0
[ 1000.448458][T14602]  ? netlink_getsockopt+0x590/0x590
[ 1000.453725][T14602]  ? aa_sock_msg_perm+0x94/0x150
[ 1000.458740][T14602]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1000.464126][T14602]  ? security_socket_sendmsg+0x80/0xa0
[ 1000.469638][T14602]  ? netlink_getsockopt+0x590/0x590
[ 1000.474893][T14602]  ____sys_sendmsg+0x5ba/0x960
[ 1000.479728][T14602]  ? __asan_memset+0x22/0x40
[ 1000.484441][T14602]  ? __sys_sendmsg_sock+0x30/0x30
[ 1000.489533][T14602]  ? __import_iovec+0x5f2/0x850
[ 1000.494460][T14602]  ? import_iovec+0x73/0xa0
[ 1000.499031][T14602]  ___sys_sendmsg+0x2a6/0x360
[ 1000.503790][T14602]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1000.508645][T14602]  ? __lock_acquire+0x7d40/0x7d40
[ 1000.513753][ T5779] Bluetooth: hci2: command 0x0406 tx timeout
[ 1000.513760][T14602]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1000.524671][T14602]  ? __x64_sys_sendmsg+0x80/0x80
[ 1000.529687][T14602]  ? lockdep_hardirqs_on+0x98/0x150
[ 1000.534984][T14602]  do_syscall_64+0x55/0xb0
[ 1000.539461][T14602]  ? clear_bhb_loop+0x40/0x90
[ 1000.544188][T14602]  ? clear_bhb_loop+0x40/0x90
[ 1000.548923][T14602]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1000.554892][T14602] RIP: 0033:0x7f7f9eb9ce59
[ 1000.559374][T14602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1000.579218][T14602] RSP: 002b:00007f7f9fa91028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1000.587777][T14602] RAX: ffffffffffffffda RBX: 00007f7f9ee15fa0 RCX: 00007f7f9eb9ce59
[ 1000.595804][T14602] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[ 1000.603828][T14602] RBP: 00007f7f9fa91090 R08: 0000000000000000 R09: 0000000000000000
[ 1000.611847][T14602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1000.619872][T14602] R13: 00007f7f9ee16038 R14: 00007f7f9ee15fa0 R15: 00007ffeb33a4a78
[ 1000.627929][T14602]  </TASK>
[ 1003.582902][T14622] netlink: 'syz.1.2744': attribute type 2 has an invalid length.
[ 1003.593742][T14622] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2744'.
[ 1003.828421][T14626] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.2745'.
[ 1003.991818][T14635] netlink: 763 bytes leftover after parsing attributes in process `syz.3.2749'.
[ 1004.037472][T14632] netlink: 'syz.0.2747': attribute type 10 has an invalid length.
[ 1004.118224][T14632] team0: Device wg1 is of different type
[ 1007.367314][T14655] FAULT_INJECTION: forcing a failure.
[ 1007.367314][T14655] name failslab, interval 1, probability 0, space 0, times 0
[ 1007.380459][T14655] CPU: 0 PID: 14655 Comm: syz.0.2753 Not tainted syzkaller #0
[ 1007.387978][T14655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1007.398221][T14655] Call Trace:
[ 1007.401599][T14655]  <TASK>
[ 1007.404581][T14655]  dump_stack_lvl+0x18c/0x250
[ 1007.409329][T14655]  ? show_regs_print_info+0x20/0x20
[ 1007.414586][T14655]  ? load_image+0x420/0x420
[ 1007.419169][T14655]  should_fail_ex+0x39d/0x4d0
[ 1007.423944][T14655]  should_failslab+0x9/0x20
[ 1007.428512][T14655]  slab_pre_alloc_hook+0x59/0x310
[ 1007.433581][T14655]  ? perf_trace_lock+0xfc/0x3b0
[ 1007.438480][T14655]  kmem_cache_alloc+0x5a/0x2d0
[ 1007.443297][T14655]  ? inet_frag_find+0x8f8/0x1ec0
[ 1007.448303][T14655]  inet_frag_find+0x8f8/0x1ec0
[ 1007.453115][T14655]  ? ip6frag_obj_hashfn+0x20/0x20
[ 1007.458186][T14655]  ? inet_frag_find+0x138/0x1ec0
[ 1007.463186][T14655]  ? inet_frag_destroy_rcu+0xc0/0xc0
[ 1007.468540][T14655]  ? nf_frag_pernet+0x23/0x230
[ 1007.473354][T14655]  ? nf_frag_pernet+0x23/0x230
[ 1007.478183][T14655]  nf_ct_frag6_gather+0x709/0x1eb0
[ 1007.483457][T14655]  ? verify_lock_unused+0x140/0x140
[ 1007.488704][T14655]  ? ipv6_defrag+0x3a0/0x3a0
[ 1007.493359][T14655]  ? __skb_flow_dissect+0x1f6/0x6dd0
[ 1007.498797][T14655]  ? verify_lock_unused+0x140/0x140
[ 1007.504142][T14655]  ipv6_defrag+0x2a9/0x3a0
[ 1007.508607][T14655]  ? defrag6_net_exit+0xb0/0xb0
[ 1007.513524][T14655]  nf_hook_slow_list+0x276/0x5b0
[ 1007.519072][T14655]  ? nf_hook_slow+0x200/0x200
[ 1007.523844][T14655]  ip6_sublist_rcv+0x103e/0x1150
[ 1007.528843][T14655]  ? rcu_read_unlock+0x8c/0xa0
[ 1007.533738][T14655]  ? ip6_sublist_rcv+0xebd/0x1150
[ 1007.538807][T14655]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.543889][T14655]  ? ipv6_list_rcv+0x450/0x450
[ 1007.548700][T14655]  ? net_zcopy_put_abort+0x90/0x90
[ 1007.553853][T14655]  ? ip6_rcv_core+0xc5/0x1740
[ 1007.558582][T14655]  ipv6_list_rcv+0x3f5/0x450
[ 1007.563223][T14655]  ? NF_HOOK+0x3b0/0x3b0
[ 1007.567513][T14655]  ? NF_HOOK+0x3b0/0x3b0
[ 1007.571793][T14655]  __netif_receive_skb_list_core+0x583/0x750
[ 1007.577876][T14655]  ? set_rps_cpu+0x6a0/0x6a0
[ 1007.582502][T14655]  ? read_tsc+0x9/0x20
[ 1007.586615][T14655]  netif_receive_skb_list_internal+0x943/0xca0
[ 1007.592821][T14655]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.597894][T14655]  ? netif_receive_skb_list_internal+0x4b1/0xca0
[ 1007.604266][T14655]  ? netif_receive_skb_core+0x230/0x230
[ 1007.609941][T14655]  ? eth_type_trans+0x382/0x730
[ 1007.614844][T14655]  napi_complete_done+0x329/0x820
[ 1007.619905][T14655]  ? __napi_schedule_irqoff+0x90/0x90
[ 1007.625395][T14655]  ? rcu_is_watching+0x15/0xb0
[ 1007.630196][T14655]  ? napi_gro_frags+0x865/0xea0
[ 1007.635098][T14655]  tun_get_user+0x270e/0x3ca0
[ 1007.639823][T14655]  ? tun_get_user+0x24d9/0x3ca0
[ 1007.644732][T14655]  ? rcu_read_unlock+0xa0/0xa0
[ 1007.649549][T14655]  ? tun_get+0x1c/0x2e0
[ 1007.653742][T14655]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.658833][T14655]  ? tun_get+0x1c/0x2e0
[ 1007.663036][T14655]  tun_chr_write_iter+0x119/0x200
[ 1007.668111][T14655]  vfs_write+0x46c/0x990
[ 1007.672405][T14655]  ? file_end_write+0x250/0x250
[ 1007.677302][T14655]  ? __fget_files+0x43d/0x4b0
[ 1007.682027][T14655]  ? __fdget_pos+0x1d8/0x330
[ 1007.686741][T14655]  ? ksys_write+0x75/0x260
[ 1007.691208][T14655]  ksys_write+0x150/0x260
[ 1007.695582][T14655]  ? __ia32_sys_read+0x90/0x90
[ 1007.700387][T14655]  ? lockdep_hardirqs_on+0x98/0x150
[ 1007.705628][T14655]  do_syscall_64+0x55/0xb0
[ 1007.710079][T14655]  ? clear_bhb_loop+0x40/0x90
[ 1007.714784][T14655]  ? clear_bhb_loop+0x40/0x90
[ 1007.719504][T14655]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1007.725437][T14655] RIP: 0033:0x7f149e39ce59
[ 1007.729909][T14655] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1007.749558][T14655] RSP: 002b:00007f149f214028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1007.758012][T14655] RAX: ffffffffffffffda RBX: 00007f149e616090 RCX: 00007f149e39ce59
[ 1007.766123][T14655] RDX: 0000000000000066 RSI: 0000200000000000 RDI: 0000000000000004
[ 1007.774128][T14655] RBP: 00007f149f214090 R08: 0000000000000000 R09: 0000000000000000
[ 1007.782135][T14655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1007.790140][T14655] R13: 00007f149e616128 R14: 00007f149e616090 R15: 00007ffd727fa9a8
[ 1007.798159][T14655]  </TASK>
[ 1007.950334][T14660] netlink: 'syz.1.2756': attribute type 2 has an invalid length.
[ 1007.991913][T14660] netlink: 1045 bytes leftover after parsing attributes in process `syz.1.2756'.
[ 1008.066815][T14663] ==================================================================
[ 1008.074972][T14663] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6bf/0x900
[ 1008.082852][T14663] Write of size 72 at addr ffff88802df5d490 by task syz.3.2758/14663
[ 1008.090989][T14663] 
[ 1008.093345][T14663] CPU: 1 PID: 14663 Comm: syz.3.2758 Not tainted syzkaller #0
[ 1008.100823][T14663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1008.110918][T14663] Call Trace:
[ 1008.114208][T14663]  <TASK>
[ 1008.117153][T14663]  dump_stack_lvl+0x18c/0x250
[ 1008.121851][T14663]  ? __lock_acquire+0x7d40/0x7d40
[ 1008.126902][T14663]  ? show_regs_print_info+0x20/0x20
[ 1008.132129][T14663]  ? load_image+0x420/0x420
[ 1008.136649][T14663]  ? _raw_spin_lock_irqsave+0xc0/0x100
[ 1008.142161][T14663]  ? __virt_addr_valid+0x18c/0x540
[ 1008.147303][T14663]  ? __virt_addr_valid+0x469/0x540
[ 1008.152556][T14663]  print_report+0xa8/0x210
[ 1008.157113][T14663]  ? __bpf_get_stackid+0x6bf/0x900
[ 1008.162366][T14663]  kasan_report+0x117/0x150
[ 1008.166957][T14663]  ? __bpf_get_stackid+0x6bf/0x900
[ 1008.172145][T14663]  kasan_check_range+0x241/0x290
[ 1008.177123][T14663]  ? __bpf_get_stackid+0x6bf/0x900
[ 1008.182296][T14663]  __asan_memcpy+0x40/0x70
[ 1008.186771][T14663]  __bpf_get_stackid+0x6bf/0x900
[ 1008.191750][T14663]  bpf_get_stackid_pe+0x343/0x410
[ 1008.196803][T14663]  bpf_prog_a448e89f4c9ad9d1+0x30/0x4a
[ 1008.202313][T14663]  bpf_overflow_handler+0x1fc/0x510
[ 1008.207571][T14663]  ? lock_chain_count+0x20/0x20
[ 1008.212453][T14663]  ? bpf_overflow_handler+0xde/0x510
[ 1008.217782][T14663]  ? tp_perf_event_destroy+0x20/0x20
[ 1008.223129][T14663]  ? perf_trace_preemptirq_template+0xac/0x330
[ 1008.229360][T14663]  ? __perf_event_account_interrupt+0x187/0x280
[ 1008.235652][T14663]  __perf_event_overflow+0x447/0x630
[ 1008.240975][T14663]  perf_swevent_event+0x319/0x570
[ 1008.246081][T14663]  ? perf_tp_event+0x1520/0x1520
[ 1008.251066][T14663]  ___perf_sw_event+0x4a7/0x730
[ 1008.256031][T14663]  ? ___perf_sw_event+0x199/0x730
[ 1008.261071][T14663]  ? perf_swevent_put_recursion_context+0xb0/0xb0
[ 1008.267506][T14663]  ? __lock_acquire+0x1347/0x7d40
[ 1008.272554][T14663]  ? rep_movs_alternative+0x4a/0x90
[ 1008.277783][T14663]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1008.283796][T14663]  ? lock_chain_count+0x20/0x20
[ 1008.288679][T14663]  ? lockdep_hardirqs_on+0x98/0x150
[ 1008.293922][T14663]  __perf_sw_event+0x139/0x270
[ 1008.298706][T14663]  do_user_addr_fault+0x123e/0x12c0
[ 1008.303928][T14663]  ? rcu_is_watching+0x15/0xb0
[ 1008.308755][T14663]  exc_page_fault+0x64/0x100
[ 1008.313373][T14663]  asm_exc_page_fault+0x26/0x30
[ 1008.318253][T14663] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1008.324098][T14663] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[ 1008.343756][T14663] RSP: 0018:ffffc90010b77bd0 EFLAGS: 00050206
[ 1008.349850][T14663] RAX: ffffffff842a7f01 RBX: 000000000000056d RCX: 00000000000004ed
[ 1008.357871][T14663] RDX: 0000000000000001 RSI: 0000200000002000 RDI: ffff88801b2a0080
[ 1008.365869][T14663] RBP: ffffc90010b77d20 R08: 0000000000000004 R09: 0000000000000005
[ 1008.373872][T14663] R10: dffffc0000000000 R11: ffffed10036540ad R12: 00002000000024ed
[ 1008.381888][T14663] R13: 1ffff9200216efbd R14: ffff88801b2a0000 R15: 0000200000001f80
[ 1008.389888][T14663]  ? _copy_from_user+0x41/0xe0
[ 1008.394682][T14663]  _copy_from_user+0x8b/0xe0
[ 1008.399307][T14663]  generic_map_update_batch+0x59a/0x810
[ 1008.404873][T14663]  ? rcu_read_unlock+0xa0/0xa0
[ 1008.409682][T14663]  ? __fdget+0x180/0x210
[ 1008.413973][T14663]  ? rcu_read_unlock+0xa0/0xa0
[ 1008.418788][T14663]  bpf_map_do_batch+0x3d7/0x610
[ 1008.423674][T14663]  __sys_bpf+0x381/0x890
[ 1008.427963][T14663]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1008.433384][T14663]  ? lock_chain_count+0x20/0x20
[ 1008.438259][T14663]  __x64_sys_bpf+0x7c/0x90
[ 1008.442702][T14663]  do_syscall_64+0x55/0xb0
[ 1008.447157][T14663]  ? clear_bhb_loop+0x40/0x90
[ 1008.451862][T14663]  ? clear_bhb_loop+0x40/0x90
[ 1008.456585][T14663]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1008.462511][T14663] RIP: 0033:0x7f9b1a59ce59
[ 1008.466961][T14663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1008.486605][T14663] RSP: 002b:00007f9b1b4fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1008.495167][T14663] RAX: ffffffffffffffda RBX: 00007f9b1a815fa0 RCX: 00007f9b1a59ce59
[ 1008.503185][T14663] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[ 1008.511183][T14663] RBP: 00007f9b1a632d6f R08: 0000000000000000 R09: 0000000000000000
[ 1008.519181][T14663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1008.527332][T14663] R13: 00007f9b1a816038 R14: 00007f9b1a815fa0 R15: 00007ffd273e4cc8
[ 1008.535354][T14663]  </TASK>
[ 1008.538432][T14663] 
[ 1008.540767][T14663] Allocated by task 14663:
[ 1008.545192][T14663]  kasan_set_track+0x4e/0x70
[ 1008.549823][T14663]  __kasan_kmalloc+0x8f/0xa0
[ 1008.554448][T14663]  __kmalloc_node+0xb4/0x230
[ 1008.559098][T14663]  bpf_map_area_alloc+0x5e/0x110
[ 1008.564095][T14663]  prealloc_elems_and_freelist+0x86/0x1c0
[ 1008.569860][T14663]  stack_map_alloc+0x33a/0x4c0
[ 1008.574678][T14663]  map_create+0x877/0x12f0
[ 1008.579132][T14663]  __sys_bpf+0x651/0x890
[ 1008.583410][T14663]  __x64_sys_bpf+0x7c/0x90
[ 1008.587860][T14663]  do_syscall_64+0x55/0xb0
[ 1008.592290][T14663]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1008.598208][T14663] 
[ 1008.600541][T14663] Last potentially related work creation:
[ 1008.606262][T14663]  kasan_save_stack+0x3e/0x60
[ 1008.610959][T14663]  __kasan_record_aux_stack+0xaf/0xc0
[ 1008.616438][T14663]  call_rcu+0x153/0x950
[ 1008.620618][T14663]  nf_unregister_net_hooks+0xcb/0x130
[ 1008.626023][T14663]  cleanup_net+0x70a/0xbb0
[ 1008.630487][T14663]  process_scheduled_works+0xa5d/0x15d0
[ 1008.636073][T14663]  worker_thread+0xa55/0xfc0
[ 1008.640684][T14663]  kthread+0x2fa/0x390
[ 1008.644783][T14663]  ret_from_fork+0x48/0x80
[ 1008.649245][T14663]  ret_from_fork_asm+0x11/0x20
[ 1008.654093][T14663] 
[ 1008.656456][T14663] The buggy address belongs to the object at ffff88802df5d480
[ 1008.656456][T14663]  which belongs to the cache kmalloc-cg-64 of size 64
[ 1008.670636][T14663] The buggy address is located 16 bytes inside of
[ 1008.670636][T14663]  allocated 40-byte region [ffff88802df5d480, ffff88802df5d4a8)
[ 1008.684646][T14663] 
[ 1008.687005][T14663] The buggy address belongs to the physical page:
[ 1008.693457][T14663] page:ffffea0000b7d740 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802df5d400 pfn:0x2df5d
[ 1008.705017][T14663] memcg:ffff888023f73a01
[ 1008.709284][T14663] ksm flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 1008.717215][T14663] page_type: 0xffffffff()
[ 1008.721560][T14663] raw: 00fff00000000800 ffff888017c4da00 ffffea00006ac100 0000000000000003
[ 1008.730167][T14663] raw: ffff88802df5d400 000000008020001a 00000001ffffffff ffff888023f73a01
[ 1008.738757][T14663] page dumped because: kasan: bad access detected
[ 1008.745187][T14663] page_owner tracks the page as allocated
[ 1008.750909][T14663] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 11913, tgid 11913 (kworker/u4:23), ts 790815545368, free_ts 790751292317
[ 1008.769589][T14663]  post_alloc_hook+0x1c1/0x200
[ 1008.774391][T14663]  get_page_from_freelist+0x1951/0x19e0
[ 1008.779968][T14663]  __alloc_pages+0x1f0/0x460
[ 1008.784570][T14663]  alloc_slab_page+0x5d/0x160
[ 1008.789256][T14663]  new_slab+0x87/0x2d0
[ 1008.793364][T14663]  ___slab_alloc+0xc5d/0x12f0
[ 1008.798055][T14663]  __kmem_cache_alloc_node+0x19e/0x250
[ 1008.803528][T14663]  __kmalloc_node+0xa4/0x230
[ 1008.808130][T14663]  kvmalloc_node+0x70/0x180
[ 1008.812660][T14663]  __nf_hook_entries_try_shrink+0x310/0x6d0
[ 1008.818584][T14663]  __nf_unregister_net_hook+0x4e1/0x6e0
[ 1008.824161][T14663]  nf_unregister_net_hooks+0xcb/0x130
[ 1008.829574][T14663]  nf_ct_netns_put+0x2d2/0x520
[ 1008.834355][T14663]  nf_conncount_destroy+0x41/0x150
[ 1008.839511][T14663]  ovs_ct_exit+0x9c/0x200
[ 1008.843882][T14663]  ovs_exit_net+0xed/0x7a0
[ 1008.848305][T14663] page last free stack trace:
[ 1008.852983][T14663]  free_unref_page_prepare+0x7b2/0x8c0
[ 1008.858505][T14663]  free_unref_page_list+0xbe/0x860
[ 1008.863650][T14663]  release_pages+0x1f7a/0x2200
[ 1008.868429][T14663]  tlb_flush_mmu+0x379/0x510
[ 1008.873047][T14663]  tlb_finish_mmu+0xf9/0x220
[ 1008.877673][T14663]  exit_mmap+0x428/0xb90
[ 1008.881929][T14663]  __mmput+0x118/0x3c0
[ 1008.886005][T14663]  exit_mm+0x24a/0x350
[ 1008.890164][T14663]  do_exit+0x8dd/0x2460
[ 1008.894357][T14663]  do_group_exit+0x21b/0x2d0
[ 1008.899002][T14663]  __x64_sys_exit_group+0x3f/0x40
[ 1008.904059][T14663]  do_syscall_64+0x55/0xb0
[ 1008.908493][T14663]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1008.914422][T14663] 
[ 1008.916760][T14663] Memory state around the buggy address:
[ 1008.922403][T14663]  ffff88802df5d380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1008.930501][T14663]  ffff88802df5d400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1008.938600][T14663] >ffff88802df5d480: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[ 1008.946675][T14663]                                   ^
[ 1008.952060][T14663]  ffff88802df5d500: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1008.960144][T14663]  ffff88802df5d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1008.968220][T14663] ==================================================================
[ 1008.976299][T14663] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1008.983508][T14663] CPU: 1 PID: 14663 Comm: syz.3.2758 Not tainted syzkaller #0
[ 1008.991002][T14663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1009.001192][T14663] Call Trace:
[ 1009.004561][T14663]  <TASK>
[ 1009.007517][T14663]  dump_stack_lvl+0x18c/0x250
[ 1009.012229][T14663]  ? show_regs_print_info+0x20/0x20
[ 1009.017452][T14663]  ? load_image+0x420/0x420
[ 1009.021980][T14663]  panic+0x2dc/0x730
[ 1009.025924][T14663]  ? __lock_acquire+0x7d40/0x7d40
[ 1009.030999][T14663]  ? bpf_jit_dump+0xd0/0xd0
[ 1009.035546][T14663]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1009.041465][T14663]  ? _raw_spin_unlock+0x40/0x40
[ 1009.046345][T14663]  ? __bpf_get_stackid+0x6bf/0x900
[ 1009.051479][T14663]  check_panic_on_warn+0x84/0xa0
[ 1009.056454][T14663]  ? __bpf_get_stackid+0x6bf/0x900
[ 1009.061621][T14663]  end_report+0x6f/0x130
[ 1009.065908][T14663]  kasan_report+0x128/0x150
[ 1009.070433][T14663]  ? __bpf_get_stackid+0x6bf/0x900
[ 1009.075578][T14663]  kasan_check_range+0x241/0x290
[ 1009.080561][T14663]  ? __bpf_get_stackid+0x6bf/0x900
[ 1009.085743][T14663]  __asan_memcpy+0x40/0x70
[ 1009.090183][T14663]  __bpf_get_stackid+0x6bf/0x900
[ 1009.095173][T14663]  bpf_get_stackid_pe+0x343/0x410
[ 1009.100214][T14663]  bpf_prog_a448e89f4c9ad9d1+0x30/0x4a
[ 1009.105687][T14663]  bpf_overflow_handler+0x1fc/0x510
[ 1009.110903][T14663]  ? lock_chain_count+0x20/0x20
[ 1009.115871][T14663]  ? bpf_overflow_handler+0xde/0x510
[ 1009.121347][T14663]  ? tp_perf_event_destroy+0x20/0x20
[ 1009.126676][T14663]  ? perf_trace_preemptirq_template+0xac/0x330
[ 1009.132891][T14663]  ? __perf_event_account_interrupt+0x187/0x280
[ 1009.139173][T14663]  __perf_event_overflow+0x447/0x630
[ 1009.144526][T14663]  perf_swevent_event+0x319/0x570
[ 1009.149583][T14663]  ? perf_tp_event+0x1520/0x1520
[ 1009.154552][T14663]  ___perf_sw_event+0x4a7/0x730
[ 1009.159428][T14663]  ? ___perf_sw_event+0x199/0x730
[ 1009.164471][T14663]  ? perf_swevent_put_recursion_context+0xb0/0xb0
[ 1009.170902][T14663]  ? __lock_acquire+0x1347/0x7d40
[ 1009.175963][T14663]  ? rep_movs_alternative+0x4a/0x90
[ 1009.181209][T14663]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1009.187236][T14663]  ? lock_chain_count+0x20/0x20
[ 1009.192104][T14663]  ? lockdep_hardirqs_on+0x98/0x150
[ 1009.197342][T14663]  __perf_sw_event+0x139/0x270
[ 1009.202132][T14663]  do_user_addr_fault+0x123e/0x12c0
[ 1009.207357][T14663]  ? rcu_is_watching+0x15/0xb0
[ 1009.212148][T14663]  exc_page_fault+0x64/0x100
[ 1009.216761][T14663]  asm_exc_page_fault+0x26/0x30
[ 1009.221633][T14663] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1009.227478][T14663] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[ 1009.247120][T14663] RSP: 0018:ffffc90010b77bd0 EFLAGS: 00050206
[ 1009.253235][T14663] RAX: ffffffff842a7f01 RBX: 000000000000056d RCX: 00000000000004ed
[ 1009.261221][T14663] RDX: 0000000000000001 RSI: 0000200000002000 RDI: ffff88801b2a0080
[ 1009.269205][T14663] RBP: ffffc90010b77d20 R08: 0000000000000004 R09: 0000000000000005
[ 1009.277187][T14663] R10: dffffc0000000000 R11: ffffed10036540ad R12: 00002000000024ed
[ 1009.285169][T14663] R13: 1ffff9200216efbd R14: ffff88801b2a0000 R15: 0000200000001f80
[ 1009.293154][T14663]  ? _copy_from_user+0x41/0xe0
[ 1009.297937][T14663]  _copy_from_user+0x8b/0xe0
[ 1009.302540][T14663]  generic_map_update_batch+0x59a/0x810
[ 1009.308101][T14663]  ? rcu_read_unlock+0xa0/0xa0
[ 1009.312906][T14663]  ? __fdget+0x180/0x210
[ 1009.317164][T14663]  ? rcu_read_unlock+0xa0/0xa0
[ 1009.321997][T14663]  bpf_map_do_batch+0x3d7/0x610
[ 1009.326911][T14663]  __sys_bpf+0x381/0x890
[ 1009.331176][T14663]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1009.336586][T14663]  ? lock_chain_count+0x20/0x20
[ 1009.341473][T14663]  __x64_sys_bpf+0x7c/0x90
[ 1009.345919][T14663]  do_syscall_64+0x55/0xb0
[ 1009.350360][T14663]  ? clear_bhb_loop+0x40/0x90
[ 1009.355053][T14663]  ? clear_bhb_loop+0x40/0x90
[ 1009.359751][T14663]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1009.365708][T14663] RIP: 0033:0x7f9b1a59ce59
[ 1009.370143][T14663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1009.389876][T14663] RSP: 002b:00007f9b1b4fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1009.398336][T14663] RAX: ffffffffffffffda RBX: 00007f9b1a815fa0 RCX: 00007f9b1a59ce59
[ 1009.406331][T14663] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[ 1009.414322][T14663] RBP: 00007f9b1a632d6f R08: 0000000000000000 R09: 0000000000000000
[ 1009.422317][T14663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1009.430329][T14663] R13: 00007f9b1a816038 R14: 00007f9b1a815fa0 R15: 00007ffd273e4cc8
[ 1009.438322][T14663]  </TASK>
[ 1009.441959][T14663] Kernel Offset: disabled
[ 1009.446313][T14663] Rebooting in 86400 seconds..