last executing test programs:

3.216336879s ago: executing program 3 (id=42189):
r0 = socket$kcm(0x2, 0x922000000001, 0x106)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_config_ext={0x3, 0x830b}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6}, {0x27, 0x0, 0x0, 0x700}}, [@printk={@lli, {}, {0x5}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x40}, {0x25}}], {{0x4, 0x1, 0x9, 0x3, 0x2}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x25, &(0x7f00000002c0)=r1, 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0x4, 0x404, 0x9}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0xd, 0x3, 0x4, 0x7, 0x1, r3, 0x15b4}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000180)={r4, &(0x7f0000000040), 0x0}, 0x20)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001206", 0x2e}], 0x1}, 0x48000)

3.158560181s ago: executing program 2 (id=42201):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x6, 0x5}, 0x50)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000080)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="b60a0000ffffffff6111240000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffc42}, 0x58)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[@cred={{0x1c}}], 0x20}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

2.53710086s ago: executing program 3 (id=42192):
perf_event_open(0x0, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r1, 0x1, 0x41, 0x0, 0x0)
recvmsg$kcm(r1, 0x0, 0x2042)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x959, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu<5\x00\x00\x00\x00')
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800bac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

2.53670263s ago: executing program 2 (id=42204):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x104046, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x4010)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x42, 0x40, 0xc2, 0x1}, 0x48)
r1 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xbcc, 0xb0000}, 0x10806, 0x0, 0x0, 0x0, 0x8, 0xfffffffd, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78ac02ca3cdf6a662db1c9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea5080000000cdcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12282ce24463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda3453602004535a976eacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a191852c9ae031db044b2353199546609f9f69a6cfefdf879d447df53f3b9b70d10355b00300000000000000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ff000000d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea684533dc6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f88735fce5115dc83ed73d8ee4a91322608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf5000000000000fa08ad0731c4b839688b22c4da2a6bc4cf45dbeea042f9b33393f85a0417854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296ac2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692ba74b531b65c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b03ed84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf5392882df78b0983e662dc0cb64b77f3f006b6b25443197ae93f0be6de5a703d003f00720943c0e4b33af"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000000640), 0x1003, r0}, 0x38)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x10000)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

2.389338635s ago: executing program 4 (id=42193):
r0 = perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x7, 0x64}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x5a2119bf86ff29ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x0, 0x3, 0x3, 0x5}, 0x10}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x4c02, 0x0)
r1 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r2 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0xfdef)
close(r2)
recvmsg(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001bc0)=""/4096, 0x1000}], 0x1}, 0x10020)

2.375429685s ago: executing program 1 (id=42194):
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x1000, 0x2, 0xffffff81, 0x5, 0x40, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000020000883795c04a31ba377a1b2cc32b38d37400"/57, 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x88)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00"/11], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x10, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r1, &(0x7f0000000340)={&(0x7f00000000c0)=@in6={0xa, 0x4e22, 0xffffffff, @dev={0xfe, 0x80, '\x00', 0xc}, 0x7}, 0x80, 0x0}, 0x200ce0c0)
socket$kcm(0x2, 0x922000000001, 0x106)
sendmsg$inet(r1, &(0x7f00000010c0)={0x0, 0x0, 0x0}, 0x4040040)

2.186682081s ago: executing program 4 (id=42195):
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000100000000a500000000000018490000fe"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x19, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa7e3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x2e0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x12, 0x0, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b3114", 0x0, 0x0, 0x3}, 0x50)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="93430000520033d087277b9b108b4ab51c"], 0xfe33)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1c00000018"], 0xfe33)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40841, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x1, 0x4}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x10006}]}, 0x94)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030030000b12d25a80648c2594f90224fc60100c034002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

2.185725971s ago: executing program 0 (id=42211):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
close(0xffffffffffffffff)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)}], 0x1}, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000f00"], 0x48)
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x23, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x400882d)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
sendmsg$sock(r1, &(0x7f00000000c0)={&(0x7f0000000040)=@phonet={0x23, 0x0, 0x0, 0x24}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x102}}], 0x18}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)=[{0x0, 0xe00}], 0x1}, 0x2002)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89ed, 0x0)

2.169137572s ago: executing program 1 (id=42196):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x2, 0x1, 0x7}, {0x0, 0x3, 0xfffffffd, 0x1}, {0x5, 0x21, 0x10, 0x8}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0x0, 0x9, 0x60cb01f8, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280), 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040), 0x4)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x2100)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90124fc60100c020c0c000400053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

2.015796836s ago: executing program 0 (id=42198):
socket$kcm(0x11, 0x2, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x4044, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000013006bcd9e3fe3dc6e48aa31086b876c0c0000007ea60264160af3653c001c000d0000008bc3a0e69ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.982806168s ago: executing program 4 (id=42199):
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)=@generic={0x0}, 0x18)
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, 0x0, 0x0)
sendmsg$kcm(r0, 0x0, 0x200400c4)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x9}, {&(0x7f0000000200)="68cabf2dfb58fc0a01008888ffff0200258f", 0x12}], 0x2}, 0x4000000)
close(r1)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, 0x0, 0x0)

1.936078179s ago: executing program 1 (id=42202):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000230000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000002000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0a00000004000000060000008000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000db90de7b34ce18b729d165605f66668a3d4d3d7e727e39c32f664cdd0b8eb62fe2d00059fadd42e6da57de173e65ab0418c9f7b8845b543b2ca559657cfd4dbb0446ea29bccda38015d6db831c166425ecbb2e0c0cd4be78f7133e1687e756532b"], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x5, 0x3, 0x8, 0x9, 0x0, 0x7ff, 0x4008, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x4}, 0x3648, 0x5, 0x2, 0x2, 0x9, 0x94, 0x4, 0x0, 0xff, 0x0, 0x4}, 0x0, 0xb, 0xffffffffffffffff, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="120000007f00000004000000"], 0x50)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={0x0, 0x0, 0x18}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000440)={r2, &(0x7f00000002c0), 0x0}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)="e2c5cf426f", &(0x7f0000000080), 0x619, r0}, 0x38)

1.935916329s ago: executing program 3 (id=42205):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="89000000120081ae08060cdc03", 0xd}], 0x1}, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000002, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x9, 0x5c9d}, 0x82, 0x2, 0xfffffffe, 0x3, 0x6, 0x0, 0xa4d0, 0x0, 0xfffffffc, 0x0, 0x1}, 0x0, 0x4, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x2f}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x6e, &(0x7f0000000000)=r3, 0x10)
r4 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x84, 0x22, &(0x7f0000000000)=r7, 0x10)

1.855712741s ago: executing program 2 (id=42206):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x400000, 0x0, 0x0, 0x0, 0xe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x5, 0x80, 0x0, 0x80, 0x0, 0x0, 0x0, 0x80040000, 0x40080, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x80, 0x2000000000000, 0x3, 0x0, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
r4 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000000c0)=r4, 0x4)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4)

1.844751542s ago: executing program 0 (id=42207):
perf_event_open(0x0, 0x0, 0xfffffffffdffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907003675f37538e486dd6317ce623900fe800000002000e0865a6596aff57b00000000000000000000000000ac1414"], 0xfe1b)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="850020000000000018100000", @ANYRES32, @ANYBLOB="1700000000000000950000000000000045"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}, [@call={0x27}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'tunl0\x00'})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))

1.810594383s ago: executing program 4 (id=42209):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
close(r0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000022c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3ff, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0}, 0x50)
socket$kcm(0x10, 0x2, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8918, &(0x7f0000000000)={r1})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="120000000d0000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000400)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000002c0)={r4, &(0x7f0000000000), &(0x7f0000000500)=""/216}, 0x20)

1.738827885s ago: executing program 0 (id=42210):
r0 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r1 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[], 0x101d0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0x1458}, 0x48800)
r2 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r3 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x1458}, 0x48800)
close(0x3)

1.070149216s ago: executing program 3 (id=42212):
r0 = perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x7, 0x64}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x5a2119bf86ff29ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x0, 0x3, 0x3, 0x5}, 0x10}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x4c02, 0x0)
r1 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r2 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0xfdef)
close(r2)
recvmsg(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001bc0)=""/4096, 0x1000}], 0x1}, 0x10020)

1.069974266s ago: executing program 4 (id=42213):
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x1000, 0x2, 0xffffff81, 0x5, 0x40, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000020000883795c04a31ba377a1b2cc32b38d37400"/57, 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x88)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00"/11], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x10, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r1, &(0x7f0000000340)={&(0x7f00000000c0)=@in6={0xa, 0x4e22, 0xffffffff, @dev={0xfe, 0x80, '\x00', 0xc}, 0x7}, 0x80, 0x0}, 0x200ce0c0)
socket$kcm(0x2, 0x922000000001, 0x106)
sendmsg$inet(r1, &(0x7f00000010c0)={0x0, 0x0, 0x0}, 0x4040040)

1.069334636s ago: executing program 0 (id=42222):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="89000000120081ae08060cdc03", 0xd}], 0x1}, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000002, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x9, 0x5c9d}, 0x82, 0x2, 0xfffffffe, 0x3, 0x6, 0x0, 0xa4d0, 0x0, 0xfffffffc, 0x0, 0x1}, 0x0, 0x4, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x2f}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x6e, &(0x7f0000000000)=r3, 0x10)
r4 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x84, 0x22, &(0x7f0000000000)=r7, 0x10)

1.068774996s ago: executing program 1 (id=42214):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
recvmsg$unix(r1, 0x0, 0x2020)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f0000000a40)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdf\x85\xaac{\x8c\x8ffp`-\xcd\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\t\xed\x13q2\xdd\xaf\xcc\xeeR\xf2/\x00\x00E>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\xcb\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xcc\xca\x04\x00\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x03\x00\x00\x00\x00\x00\x00\x00\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\xf3\xcf\x17\xf5\x86%\x7f\xec\xb2\xc5E\x00\xb2e\xa8\xf1<\xb2\xc82\xbf=o\x00\x00\x00\x00E\x00\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x922A\x95\x8e\xbc\xc8<s,\xb023Z{\x9f\xc2\x94+e?\x87\x95\x8e\r\t\x0er\x92\xe2\t\xc4S\xd4\xd2\x87.&`\x95\'=0\r\xd2n\xf5\xcd\x9b\x15Oo\xd8Nj0\xe2\xe5A\xb2\xc3\xf7\xc8\xe7 \"+\xd6\x9e\x18\xec\xb7H\xf9\vd\xebE\x9dtI\xe5\xb5\x8e3\x19<\xdeS\xf4\xe6\xba\x0er\xfc]\xcbd@\xe8R#(u\xe1\x9b\xb7\xd5\x82\xab;\xdb\xa2\x9e\xe8W;\x86\x89\x99\xa1\x99\x1b\xbd\xaf\x11\xcf\x1d\xb5n\xe3&\x1b Z|\x18\n/\xe4\x83\xb5\xdd\xed\xd8\xba\xe8\x8d{@\xd1\x00\x00\x00\x00\x00')

1.068632706s ago: executing program 2 (id=42215):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
close(0xffffffffffffffff)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)}], 0x1}, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000f00"], 0x48)
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x23, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x400882d)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
sendmsg$sock(r1, &(0x7f00000000c0)={&(0x7f0000000040)=@phonet={0x23, 0x0, 0x0, 0x24}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x102}}], 0x18}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)=[{0x0, 0xe00}], 0x1}, 0x2002)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89ed, 0x0)

202.657953ms ago: executing program 0 (id=42216):
perf_event_open(0x0, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r1, 0x1, 0x41, 0x0, 0x0)
recvmsg$kcm(r1, 0x0, 0x2042)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x959, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu<5\x00\x00\x00\x00')
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800bac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

202.446273ms ago: executing program 2 (id=42217):
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000100000000a500000000000018490000fe"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x19, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa7e3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x2e0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x12, 0x0, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b3114", 0x0, 0x0, 0x3}, 0x50)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="93430000520033d087277b9b108b4ab51c"], 0xfe33)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1c00000018"], 0xfe33)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40841, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x1, 0x4}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x10006}]}, 0x94)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030030000b12d25a80648c2594f90224fc60100c034002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

202.275363ms ago: executing program 3 (id=42218):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x2, 0x1, 0x7}, {0x0, 0x3, 0xfffffffd, 0x1}, {0x5, 0x21, 0x10, 0x8}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0x0, 0x9, 0x60cb01f8, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280), 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040), 0x4)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x2100)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90124fc60100c020c0c000400053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

202.103263ms ago: executing program 4 (id=42219):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x104046, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x4010)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x42, 0x40, 0xc2, 0x1}, 0x48)
r1 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xbcc, 0xb0000}, 0x10806, 0x0, 0x0, 0x0, 0x8, 0xfffffffd, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78ac02ca3cdf6a662db1c9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea5080000000cdcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12282ce24463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda3453602004535a976eacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a191852c9ae031db044b2353199546609f9f69a6cfefdf879d447df53f3b9b70d10355b00300000000000000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ff000000d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea684533dc6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f88735fce5115dc83ed73d8ee4a91322608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf5000000000000fa08ad0731c4b839688b22c4da2a6bc4cf45dbeea042f9b33393f85a0417854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296ac2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692ba74b531b65c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b03ed84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf5392882df78b0983e662dc0cb64b77f3f006b6b25443197ae93f0be6de5a703d003f00720943c0e4b33af"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000000640), 0x1003, r0}, 0x38)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x10000)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)

194.059043ms ago: executing program 1 (id=42220):
socket$kcm(0x11, 0x2, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x4044, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000013006bcd9e3fe3dc6e48aa31086b876c0c0000007ea60264160af3653c001c000d0000008bc3a0e69ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

58.317947ms ago: executing program 2 (id=42221):
socket$kcm(0x21, 0x2, 0x2)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x401c5820, &(0x7f0000000580)=0xa4)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000b80)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|C\b\x00\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdd\x85\xaac{\x8c\x8ffp`-\xcd\xf6jh\xbf\x9c\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\xdd\xcc\xeeR\xf2/\xba\fE>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\x8b\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xbb\xca^\xf9\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x96\x86\xdb\xa9\xd3\x01\xb2\xc7\xf8G\x069\x90,\xda\xf6\xc5\xcd\xec\xa3B\xc3\"4\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\x7f\xec\xb2\xc5E\x00\xdd\xf2e\xa8\xf1<\xb2\xc82\xbf=o\x00`\xc1A\'\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x92\xbb\xe3Y\x97\xc2')
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32=0x1], 0x48)
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r2})
perf_event_open(0x0, 0x0, 0x10, r0, 0xa)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8916, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000001000)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed@n\x00\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xf3\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x9c\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1')

29.354169ms ago: executing program 3 (id=42223):
r0 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r1 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[], 0x101d0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0x1458}, 0x48800)
r2 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r3 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x1458}, 0x48800)
close(0x3)

0s ago: executing program 1 (id=42224):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffd, 0x1, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x100, 0x3, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000010000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000014c0)={0x5, 0x80, 0x0, 0xff, 0xff, 0xfc, 0x0, 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x1590, 0x0, 0x0, 0x1, 0x4, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f00000014c0)={0x5, 0x80, 0x0, 0xfe, 0xff, 0x5, 0x0, 0x1, 0x80100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x1590, 0x0, 0x8, 0x3, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r1, 0x0, 0x0}, 0x10)
syz_clone(0x0, &(0x7f00000009c0)="cf478a4396b70432a8bd0071d19511e7777c95ee9450a8461e1b91476f81fc9c4fddee41fe41cb26034e659249a8c126b8b739ea7fdebe0954d298acc42d54299e50491a9a8125612f1e7ccd36fd5d9ada755d44662a3c7de0199b073b51a82caf41da97e939fef4d92c64d7c91dfc23aebfd9a8e1d07714491cffbb6f6b91a9d7", 0x81, &(0x7f0000000a80), &(0x7f0000000ac0), &(0x7f0000000b00)="01a7b05c43770a4c9f27d3b8620963bae99a883b918240f816d60d186c8d88b12a0dc3f414345c26ce16083c1852870ff41e13ace309eb1a690d63ea9d1032d6c3d8042f7089d1b2e67f183b0a4e1ba00fea45f7d25dc0d90a4b889f24969daa3f892a78380c64da7fb2fdc91ad4d036e34f4aeec8de2a83b98d8e91fee2416c4124f6ecaba227f2d1c1662081a448e4ff0053c936456133051f96bc9f046c2e38786db89257559ede561e902843c0207105c4e1e4c1f174785b7b")
r3 = perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80720, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')

kernel console output (not intermixed with test programs):

094': attribute type 29 has an invalid length.
[ 2011.216271][T23194] netlink: 'syz.3.39094': attribute type 29 has an invalid length.
[ 2011.267017][T23195] netlink: 'syz.3.39094': attribute type 29 has an invalid length.
[ 2011.406499][T23199] netlink: 132 bytes leftover after parsing attributes in process `syz.0.39106'.
[ 2011.708169][T23208] device syzkaller0 entered promiscuous mode
[ 2011.758435][T23211] netlink: 'syz.2.39101': attribute type 1 has an invalid length.
[ 2011.793897][T23211] netlink: 'syz.2.39101': attribute type 4 has an invalid length.
[ 2011.846522][T23211] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.39101'.
[ 2012.118078][T23227] netlink: 'syz.0.39108': attribute type 29 has an invalid length.
[ 2012.146016][T23227] netlink: 'syz.0.39108': attribute type 29 has an invalid length.
[ 2012.167169][T23227] netlink: 'syz.0.39108': attribute type 29 has an invalid length.
[ 2012.718157][T23250] device syzkaller0 entered promiscuous mode
[ 2012.733850][T23252] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.39119'.
[ 2013.569770][T23296] device syzkaller0 entered promiscuous mode
[ 2013.746857][T23302] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.39137'.
[ 2014.535815][T23336] netlink: 4 bytes leftover after parsing attributes in process `syz.2.39151'.
[ 2014.594160][T23339] device syzkaller0 entered promiscuous mode
[ 2015.392333][T23382] device syz_tun entered promiscuous mode
[ 2015.533495][T23385] netlink: 208188 bytes leftover after parsing attributes in process `syz.1.39175'.
[ 2015.814055][T23403] netlink: 132 bytes leftover after parsing attributes in process `syz.4.39183'.
[ 2015.829104][T23403] netlink: 132 bytes leftover after parsing attributes in process `syz.4.39183'.
[ 2015.845696][T23403] netlink: 156 bytes leftover after parsing attributes in process `syz.4.39183'.
[ 2015.961230][T23411] netlink: 4 bytes leftover after parsing attributes in process `syz.4.39196'.
[ 2016.271739][T23429] netlink: 132 bytes leftover after parsing attributes in process `syz.3.39192'.
[ 2017.110572][T23468] netlink: 132 bytes leftover after parsing attributes in process `syz.4.39210'.
[ 2017.324901][T23484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.39218'.
[ 2018.389138][T23529] __sock_release: fasync list not empty!
[ 2018.788490][T23547] __nla_validate_parse: 1 callbacks suppressed
[ 2018.788533][T23547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.39245'.
[ 2018.975595][T23555] netlink: 132 bytes leftover after parsing attributes in process `syz.1.39248'.
[ 2019.207238][T23571] netlink: 63503 bytes leftover after parsing attributes in process `syz.1.39256'.
[ 2019.764757][T23605] validate_nla: 11 callbacks suppressed
[ 2019.764777][T23605] netlink: 'syz.3.39271': attribute type 10 has an invalid length.
[ 2019.806061][T23605] device syz_tun entered promiscuous mode
[ 2020.128066][T23629] netlink: 4 bytes leftover after parsing attributes in process `syz.3.39280'.
[ 2020.159736][T23626] netlink: 'syz.2.39279': attribute type 4 has an invalid length.
[ 2020.188423][T23626] netlink: 208188 bytes leftover after parsing attributes in process `syz.2.39279'.
[ 2020.378063][T23640] netlink: 132 bytes leftover after parsing attributes in process `syz.0.39286'.
[ 2020.412443][T23640] netlink: 'syz.0.39286': attribute type 12 has an invalid length.
[ 2020.496781][T23640] netlink: 132 bytes leftover after parsing attributes in process `syz.0.39286'.
[ 2020.527852][T23649] netlink: 'syz.0.39286': attribute type 21 has an invalid length.
[ 2020.538889][T23649] netlink: 156 bytes leftover after parsing attributes in process `syz.0.39286'.
[ 2020.553726][T23646] netlink: 'syz.4.39288': attribute type 10 has an invalid length.
[ 2020.562267][T23646] device syz_tun entered promiscuous mode
[ 2020.695766][T23653] __sock_release: fasync list not empty!
[ 2020.777205][T23662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.39296'.
[ 2020.901514][T23666] netlink: 'syz.3.39298': attribute type 4 has an invalid length.
[ 2020.963387][T23666] netlink: 208188 bytes leftover after parsing attributes in process `syz.3.39298'.
[ 2021.430938][T23686] netlink: 'syz.1.39307': attribute type 10 has an invalid length.
[ 2021.456003][T23686] device syz_tun entered promiscuous mode
[ 2021.570437][T23695] __sock_release: fasync list not empty!
[ 2023.272431][T23787] netlink: 'syz.4.39352': attribute type 10 has an invalid length.
[ 2023.322944][T23787] team0: Device wg1 is of different type
[ 2023.391713][T23786] delete_channel: no stack
[ 2023.822097][T23806] __nla_validate_parse: 7 callbacks suppressed
[ 2023.822116][T23806] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.39363'.
[ 2024.396602][T23830] netlink: 60 bytes leftover after parsing attributes in process `syz.1.39372'.
[ 2024.579132][T23840] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.39376'.
[ 2025.147502][T23865] netlink: 60 bytes leftover after parsing attributes in process `syz.2.39387'.
[ 2025.421984][T23884] netlink: 212912 bytes leftover after parsing attributes in process `syz.0.39396'.
[ 2025.431821][T23884] openvswitch: netlink: Key type 4112 is out of range max 29
[ 2025.457538][T23885] netlink: 'syz.3.39395': attribute type 10 has an invalid length.
[ 2025.511142][T23885] team0: Device wg1 is of different type
[ 2025.605384][T23882] delete_channel: no stack
[ 2025.964486][T23915] netlink: 125732 bytes leftover after parsing attributes in process `syz.3.39410'.
[ 2026.030881][T23918] netlink: 63503 bytes leftover after parsing attributes in process `syz.4.39411'.
[ 2027.165886][T23949] netlink: 212912 bytes leftover after parsing attributes in process `syz.3.39423'.
[ 2027.183390][T23949] openvswitch: netlink: Key type 4112 is out of range max 29
[ 2027.564004][T23964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.39440'.
[ 2028.028928][T23995] netlink: 63503 bytes leftover after parsing attributes in process `syz.1.39438'.
[ 2028.045861][T23996] openvswitch: netlink: Key type 4112 is out of range max 29
[ 2030.016478][T24072] __nla_validate_parse: 1 callbacks suppressed
[ 2030.016498][T24072] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.39473'.
[ 2030.717720][T24105] device syzkaller0 entered promiscuous mode
[ 2031.144992][T24127] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.39496'.
[ 2031.334813][T24132] netlink: 'syz.0.39512': attribute type 10 has an invalid length.
[ 2031.380147][T24132] team0: Device wg1 is of different type
[ 2031.440389][T24131] delete_channel: no stack
[ 2031.660999][T24146] netlink: 'syz.0.39506': attribute type 3 has an invalid length.
[ 2031.675030][T24146] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.39506'.
[ 2031.849665][T24152] device syzkaller0 entered promiscuous mode
[ 2032.416134][T24177] netlink: 'syz.2.39519': attribute type 10 has an invalid length.
[ 2032.460840][T24177] team0: Device wg1 is of different type
[ 2032.552096][T24172] delete_channel: no stack
[ 2032.946609][T24205] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.39532'.
[ 2033.197738][T24212] device syzkaller0 entered promiscuous mode
[ 2033.339047][T24222] netlink: 'syz.1.39537': attribute type 10 has an invalid length.
[ 2033.395500][T24222] team0: Device wg1 is of different type
[ 2033.465891][T24221] delete_channel: no stack
[ 2034.855672][T24269] netlink: 'syz.3.39556': attribute type 3 has an invalid length.
[ 2034.878432][T24269] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.39556'.
[ 2035.069711][T24277] device syzkaller0 entered promiscuous mode
[ 2035.408570][T24284] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.39563'.
[ 2035.609279][T24292] netlink: 'syz.4.39566': attribute type 10 has an invalid length.
[ 2035.695558][T24292] team0: Device wg1 is of different type
[ 2035.773608][T24291] delete_channel: no stack
[ 2036.074085][T24304] device syzkaller0 entered promiscuous mode
[ 2036.157559][T24312] netlink: 'syz.1.39575': attribute type 3 has an invalid length.
[ 2036.173269][T24312] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.39575'.
[ 2036.334271][T24317] netlink: 'syz.0.39577': attribute type 12 has an invalid length.
[ 2036.361087][T24317] netlink: 132 bytes leftover after parsing attributes in process `syz.0.39577'.
[ 2036.375210][T24324] netlink: 'syz.0.39577': attribute type 3 has an invalid length.
[ 2036.412253][T24324] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.39577'.
[ 2036.553359][T24332] netlink: 'syz.1.39582': attribute type 10 has an invalid length.
[ 2036.600651][T24332] team0: Device wg1 is of different type
[ 2036.722468][T24331] delete_channel: no stack
[ 2036.897984][T24343] netlink: 'syz.4.39586': attribute type 3 has an invalid length.
[ 2036.921496][T24347] device syzkaller0 entered promiscuous mode
[ 2036.943542][T24343] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.39586'.
[ 2036.964656][T24349] netlink: 'syz.0.39599': attribute type 10 has an invalid length.
[ 2036.999204][T24349] team0: Device wg1 is of different type
[ 2037.066388][T24348] delete_channel: no stack
[ 2037.356600][T24358] netlink: 'syz.0.39602': attribute type 10 has an invalid length.
[ 2037.408666][T24358] team0: Device wg1 is of different type
[ 2037.475511][T24357] delete_channel: no stack
[ 2037.485714][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 2037.492113][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 2037.664969][T24372] netlink: 'syz.2.39608': attribute type 10 has an invalid length.
[ 2037.735576][T24378] netlink: 'syz.1.39598': attribute type 3 has an invalid length.
[ 2037.760931][T24378] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.39598'.
[ 2038.459070][T24371] delete_channel: no stack
[ 2038.616985][T24372] team0: Device wg1 is of different type
[ 2038.626668][T24376] netlink: 'syz.1.39598': attribute type 12 has an invalid length.
[ 2038.643219][T24376] netlink: 132 bytes leftover after parsing attributes in process `syz.1.39598'.
[ 2039.070662][T24397] device syzkaller0 entered promiscuous mode
[ 2039.080129][T24400] netlink: 'syz.2.39605': attribute type 3 has an invalid length.
[ 2039.117457][T24400] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.39605'.
[ 2040.002335][T24432] netlink: 'syz.2.39617': attribute type 12 has an invalid length.
[ 2040.023303][T24432] netlink: 132 bytes leftover after parsing attributes in process `syz.2.39617'.
[ 2040.058104][T24433] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.39617'.
[ 2040.458824][T24448] __nla_validate_parse: 1 callbacks suppressed
[ 2040.458863][T24448] netlink: 17279 bytes leftover after parsing attributes in process `syz.4.39625'.
[ 2040.981070][T24462] netlink: 132 bytes leftover after parsing attributes in process `syz.4.39633'.
[ 2041.008765][T24463] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.39633'.
[ 2041.241155][T24471] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.39638'.
[ 2043.337362][T24503] validate_nla: 5 callbacks suppressed
[ 2043.337397][T24503] netlink: 'syz.3.39647': attribute type 12 has an invalid length.
[ 2043.363148][T24503] netlink: 132 bytes leftover after parsing attributes in process `syz.3.39647'.
[ 2043.397021][T24506] netlink: 'syz.3.39647': attribute type 3 has an invalid length.
[ 2043.424963][T24506] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.39647'.
[ 2044.416717][T24539] netlink: 'syz.3.39666': attribute type 3 has an invalid length.
[ 2044.476965][T24539] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.39666'.
[ 2045.545753][T24574] netlink: 17279 bytes leftover after parsing attributes in process `syz.0.39682'.
[ 2045.608832][T24576] device syzkaller0 entered promiscuous mode
[ 2046.565456][T24612] netlink: 17279 bytes leftover after parsing attributes in process `syz.3.39697'.
[ 2047.078061][T24634] netlink: 'syz.4.39706': attribute type 3 has an invalid length.
[ 2047.091408][T24634] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.39706'.
[ 2047.177569][T24630] device syzkaller0 entered promiscuous mode
[ 2047.423226][T24644] netlink: 'syz.4.39710': attribute type 1 has an invalid length.
[ 2047.473092][T24644] netlink: 'syz.4.39710': attribute type 3 has an invalid length.
[ 2047.489868][T24649] netlink: 'syz.2.39713': attribute type 12 has an invalid length.
[ 2047.515756][T24649] netlink: 132 bytes leftover after parsing attributes in process `syz.2.39713'.
[ 2047.560366][T24644] netlink: 132 bytes leftover after parsing attributes in process `syz.4.39710'.
[ 2047.577968][T24649] netlink: 'syz.2.39713': attribute type 3 has an invalid length.
[ 2047.599649][T24649] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.39713'.
[ 2047.664692][T24658] device syzkaller0 entered promiscuous mode
[ 2048.627041][T24672] netlink: 'syz.3.39721': attribute type 3 has an invalid length.
[ 2048.644408][T24672] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.39721'.
[ 2049.373868][T24689] netlink: 'syz.1.39730': attribute type 12 has an invalid length.
[ 2049.382326][T24689] netlink: 132 bytes leftover after parsing attributes in process `syz.1.39730'.
[ 2049.403896][T24698] netlink: 'syz.1.39730': attribute type 3 has an invalid length.
[ 2049.439490][T24698] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.39730'.
[ 2049.655905][T24708] netlink: 'syz.1.39737': attribute type 3 has an invalid length.
[ 2049.666861][T24708] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.39737'.
[ 2050.962649][T24735] netlink: 'syz.1.39757': attribute type 3 has an invalid length.
[ 2050.991308][T24735] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.39757'.
[ 2051.571630][T24748] netlink: 'syz.4.39753': attribute type 9 has an invalid length.
[ 2051.597475][T24748] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.39753'.
[ 2052.089034][T24757] netlink: 'syz.4.39753': attribute type 9 has an invalid length.
[ 2052.124321][T24757] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.39753'.
[ 2054.144016][T24791] netlink: 'syz.1.39767': attribute type 3 has an invalid length.
[ 2054.181921][T24791] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.39767'.
[ 2054.909477][T24804] netlink: 'syz.1.39777': attribute type 9 has an invalid length.
[ 2054.943286][T24804] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.39777'.
[ 2055.319317][T24810] netlink: 'syz.1.39777': attribute type 9 has an invalid length.
[ 2055.400604][T24810] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.39777'.
[ 2055.915679][T24834] netlink: 209608 bytes leftover after parsing attributes in process `syz.1.39788'.
[ 2056.039357][T24841] netlink: 'syz.0.39799': attribute type 9 has an invalid length.
[ 2056.060932][T24841] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.39799'.
[ 2058.066064][T24842] netlink: 'syz.0.39799': attribute type 9 has an invalid length.
[ 2058.113107][T24842] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.39799'.
[ 2059.477739][T24875] device syzkaller0 entered promiscuous mode
[ 2060.012639][T24891] netlink: 144 bytes leftover after parsing attributes in process `syz.2.39811'.
[ 2060.037419][T24891] device team_slave_0 left promiscuous mode
[ 2060.054757][T24891] team0: Port device team_slave_0 removed
[ 2060.082018][T24891] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 2061.412257][T24921] device syzkaller0 entered promiscuous mode
[ 2061.745328][T24937] netlink: 144 bytes leftover after parsing attributes in process `syz.0.39828'.
[ 2061.825111][T24937] device team_slave_0 left promiscuous mode
[ 2063.080009][T24937] team0: Port device team_slave_0 removed
[ 2063.104393][T24937] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 2063.726775][T24975] device syzkaller0 entered promiscuous mode
[ 2064.121147][T24982] device syzkaller0 entered promiscuous mode
[ 2068.808950][T25061] netlink: 76 bytes leftover after parsing attributes in process `syz.2.39880'.
[ 2070.417841][T25113] device syzkaller0 entered promiscuous mode
[ 2070.429993][T25115] netlink: 'syz.1.39899': attribute type 3 has an invalid length.
[ 2070.493922][T25115] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.39899'.
[ 2071.589825][T25145] netlink: 'syz.4.39917': attribute type 3 has an invalid length.
[ 2071.636988][T25145] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.39917'.
[ 2071.876129][T25152] netlink: 76 bytes leftover after parsing attributes in process `syz.1.39920'.
[ 2072.186862][T25154] device syzkaller0 entered promiscuous mode
[ 2072.918391][T25175] netlink: 212168 bytes leftover after parsing attributes in process `syz.4.39928'.
[ 2073.189984][T25182] netlink: 76 bytes leftover after parsing attributes in process `syz.4.39931'.
[ 2073.329423][T25188] netlink: 'syz.0.39932': attribute type 3 has an invalid length.
[ 2073.339616][T25188] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.39932'.
[ 2073.931616][T25200] device syzkaller0 entered promiscuous mode
[ 2074.088810][T25207] netlink: 76 bytes leftover after parsing attributes in process `syz.0.39944'.
[ 2075.578405][T25241] netlink: 212168 bytes leftover after parsing attributes in process `syz.3.39968'.
[ 2075.873860][T25249] device syzkaller0 entered promiscuous mode
[ 2076.720401][T25272] device syzkaller0 entered promiscuous mode
[ 2076.937811][T25289] netlink: 'syz.4.39978': attribute type 39 has an invalid length.
[ 2078.036783][T25316] device syzkaller0 entered promiscuous mode
[ 2079.165505][T25341] device syzkaller0 entered promiscuous mode
[ 2080.775189][T25394] netlink: 212168 bytes leftover after parsing attributes in process `syz.0.40021'.
[ 2080.991743][T25397] netlink: 128 bytes leftover after parsing attributes in process `syz.1.40024'.
[ 2081.008691][T25397] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[ 2081.029755][T25412] netlink: 'syz.2.40030': attribute type 21 has an invalid length.
[ 2081.038097][T25412] netlink: 'syz.2.40030': attribute type 12 has an invalid length.
[ 2081.046399][T25412] netlink: 'syz.2.40030': attribute type 13 has an invalid length.
[ 2081.056411][T25412] netlink: 'syz.2.40030': attribute type 14 has an invalid length.
[ 2081.064598][T25412] netlink: 'syz.2.40030': attribute type 15 has an invalid length.
[ 2081.074571][T25412] netlink: 'syz.2.40030': attribute type 16 has an invalid length.
[ 2081.093420][T25412] netlink: 12926 bytes leftover after parsing attributes in process `syz.2.40030'.
[ 2081.261501][T25422] netlink: 830 bytes leftover after parsing attributes in process `syz.1.40034'.
[ 2081.827564][T25437] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.40042'.
[ 2082.290339][T25437] netlink: 8446 bytes leftover after parsing attributes in process `syz.1.40042'.
[ 2082.399428][T25449] netlink: 'syz.0.40047': attribute type 21 has an invalid length.
[ 2082.415274][T25449] netlink: 'syz.0.40047': attribute type 12 has an invalid length.
[ 2082.425671][T25449] netlink: 'syz.0.40047': attribute type 13 has an invalid length.
[ 2082.447719][T25449] netlink: 'syz.0.40047': attribute type 14 has an invalid length.
[ 2082.466201][T25449] netlink: 'syz.0.40047': attribute type 15 has an invalid length.
[ 2082.487056][T25449] netlink: 'syz.0.40047': attribute type 16 has an invalid length.
[ 2082.503074][T25449] netlink: 12926 bytes leftover after parsing attributes in process `syz.0.40047'.
[ 2082.808051][T25470] netlink: 128 bytes leftover after parsing attributes in process `syz.2.40056'.
[ 2082.835395][T25470] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2082.888601][T25470] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 2083.040829][T25485] netlink: 128 bytes leftover after parsing attributes in process `syz.0.40071'.
[ 2083.054161][T25485] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[ 2083.187389][T25494] netlink: 'syz.3.40064': attribute type 21 has an invalid length.
[ 2083.197249][T25494] netlink: 'syz.3.40064': attribute type 12 has an invalid length.
[ 2083.212381][T25494] netlink: 'syz.3.40064': attribute type 13 has an invalid length.
[ 2083.222137][T25494] netlink: 'syz.3.40064': attribute type 14 has an invalid length.
[ 2083.231514][T25494] netlink: 12926 bytes leftover after parsing attributes in process `syz.3.40064'.
[ 2083.823822][T25528] device syzkaller0 entered promiscuous mode
[ 2083.977272][T25536] device sit0 entered promiscuous mode
[ 2084.846354][T25568] device syzkaller0 entered promiscuous mode
[ 2086.746212][T25614] __nla_validate_parse: 6 callbacks suppressed
[ 2086.746231][T25614] netlink: 830 bytes leftover after parsing attributes in process `syz.4.40114'.
[ 2089.858928][T25648] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.40126'.
[ 2089.887875][T25650] device sit0 entered promiscuous mode
[ 2090.028149][T25648] netlink: 8446 bytes leftover after parsing attributes in process `syz.0.40126'.
[ 2090.094240][T25662] netlink: 65027 bytes leftover after parsing attributes in process `syz.2.40133'.
[ 2090.351993][T25664] device syzkaller0 entered promiscuous mode
[ 2090.630631][T25680] validate_nla: 7 callbacks suppressed
[ 2090.630654][T25680] netlink: 'syz.2.40140': attribute type 3 has an invalid length.
[ 2090.648222][T25680] netlink: 132 bytes leftover after parsing attributes in process `syz.2.40140'.
[ 2090.910163][T25694] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.40146'.
[ 2090.958575][T25694] netlink: 8446 bytes leftover after parsing attributes in process `syz.4.40146'.
[ 2091.069519][T25698] netlink: 'syz.2.40147': attribute type 21 has an invalid length.
[ 2094.004535][T25712] netlink: 830 bytes leftover after parsing attributes in process `syz.3.40150'.
[ 2094.461706][T25731] netlink: 'syz.3.40157': attribute type 3 has an invalid length.
[ 2094.481540][T25731] netlink: 132 bytes leftover after parsing attributes in process `syz.3.40157'.
[ 2094.526395][T25723] device syzkaller0 entered promiscuous mode
[ 2098.028885][T25755] netlink: 'syz.3.40168': attribute type 21 has an invalid length.
[ 2098.578195][T25771] device syzkaller0 entered promiscuous mode
[ 2098.614346][T25778] device sit0 left promiscuous mode
[ 2098.692321][T25784] device sit0 entered promiscuous mode
[ 2098.936299][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 2098.942771][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 2098.989511][T25797] netlink: 207508 bytes leftover after parsing attributes in process `syz.3.40190'.
[ 2099.816583][T25825] netlink: 'syz.0.40201': attribute type 1 has an invalid length.
[ 2099.899528][T25827] device sit0 entered promiscuous mode
[ 2100.290742][T25843] netlink: 207508 bytes leftover after parsing attributes in process `syz.4.40208'.
[ 2100.438668][T25837] device syzkaller0 entered promiscuous mode
[ 2102.105621][T25882] device sit0 entered promiscuous mode
[ 2102.275779][T25886] netlink: 207508 bytes leftover after parsing attributes in process `syz.2.40226'.
[ 2102.571123][T25890] device syzkaller0 entered promiscuous mode
[ 2106.583592][T25931] netlink: 'syz.1.40246': attribute type 21 has an invalid length.
[ 2106.692472][T25935] netlink: 'syz.3.40248': attribute type 1 has an invalid length.
[ 2106.742674][T25941] netlink: 'syz.4.40252': attribute type 7 has an invalid length.
[ 2110.162129][T25965] �: port 1(team0) entered blocking state
[ 2110.179570][T25965] �: port 1(team0) entered disabled state
[ 2110.266588][T25977] netlink: 'syz.3.40270': attribute type 10 has an invalid length.
[ 2110.323389][T25973] netlink: 'syz.2.40267': attribute type 1 has an invalid length.
[ 2110.341884][T25980] netlink: 'syz.0.40268': attribute type 21 has an invalid length.
[ 2110.642494][T26005] device sit0 left promiscuous mode
[ 2110.708916][T26010] device sit0 entered promiscuous mode
[ 2110.892529][T26013] �: port 1(team0) entered blocking state
[ 2110.909867][T26013] �: port 1(team0) entered disabled state
[ 2110.956355][T26015] netlink: 'syz.2.40287': attribute type 2 has an invalid length.
[ 2110.964572][T26015] netlink: 'syz.2.40287': attribute type 11 has an invalid length.
[ 2110.972839][T26015] netlink: 198172 bytes leftover after parsing attributes in process `syz.2.40287'.
[ 2110.994583][T26017] netlink: 'syz.1.40286': attribute type 1 has an invalid length.
[ 2111.510976][T26030] netlink: 'syz.4.40290': attribute type 21 has an invalid length.
[ 2112.129457][T26047] �: port 1(team0) entered blocking state
[ 2112.135787][T26047] �: port 1(team0) entered disabled state
[ 2112.161212][T26050] netlink: 'syz.1.40297': attribute type 153 has an invalid length.
[ 2112.204785][T26050] netlink: 69544 bytes leftover after parsing attributes in process `syz.1.40297'.
[ 2112.219690][T26052] netlink: 'syz.2.40303': attribute type 41 has an invalid length.
[ 2112.403283][T26065] netlink: 'syz.1.40310': attribute type 21 has an invalid length.
[ 2112.629363][T26067] netlink: 'syz.2.40312': attribute type 10 has an invalid length.
[ 2112.984141][T26074] device syzkaller0 entered promiscuous mode
[ 2114.077048][T26113] device sit0 left promiscuous mode
[ 2114.142348][T26111] netlink: 'syz.4.40329': attribute type 10 has an invalid length.
[ 2114.184573][T26113] device sit0 entered promiscuous mode
[ 2114.750448][T26123] netlink: 'syz.1.40333': attribute type 2 has an invalid length.
[ 2114.760430][T26123] netlink: 'syz.1.40333': attribute type 11 has an invalid length.
[ 2114.772064][T26123] netlink: 198172 bytes leftover after parsing attributes in process `syz.1.40333'.
[ 2115.464630][T26133] netlink: 'syz.3.40336': attribute type 1 has an invalid length.
[ 2115.479928][T26133] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.40336'.
[ 2115.657019][T26149] device sit0 left promiscuous mode
[ 2115.786289][T26154] device sit0 entered promiscuous mode
[ 2116.921533][T26191] netlink: 'syz.1.40361': attribute type 1 has an invalid length.
[ 2116.940023][T26191] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.40361'.
[ 2120.082178][T26208] netlink: 'syz.2.40369': attribute type 153 has an invalid length.
[ 2120.115631][T26208] netlink: 69544 bytes leftover after parsing attributes in process `syz.2.40369'.
[ 2121.007513][T26228] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.40379'.
[ 2121.194622][T26226] netlink: 'syz.4.40378': attribute type 10 has an invalid length.
[ 2121.256196][T26238] netlink: 'syz.0.40382': attribute type 10 has an invalid length.
[ 2122.482709][T26275] netlink: 'syz.3.40394': attribute type 10 has an invalid length.
[ 2122.513420][T26277] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.40396'.
[ 2124.919083][T26331] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 2124.926469][T26331] IPv6: NLM_F_CREATE should be set when creating new route
[ 2124.933800][T26331] IPv6: NLM_F_CREATE should be set when creating new route
[ 2124.941067][T26331] IPv6: NLM_F_CREATE should be set when creating new route
[ 2124.951242][T26330] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.40416'.
[ 2125.020474][T26328] netlink: 'syz.0.40412': attribute type 10 has an invalid length.
[ 2125.060862][T26335] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.40418'.
[ 2125.080486][T26328] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2125.189956][T26328] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2125.198208][T26328] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2125.238502][T26328] device bridge0 entered promiscuous mode
[ 2125.256288][T26328] team0: Port device bridge0 added
[ 2128.437315][T26346] netlink: 'syz.0.40434': attribute type 1 has an invalid length.
[ 2128.470703][T26346] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.40434'.
[ 2128.899256][T26363] netlink: 'syz.0.40428': attribute type 153 has an invalid length.
[ 2128.957344][T26363] netlink: 69544 bytes leftover after parsing attributes in process `syz.0.40428'.
[ 2131.868047][T26380] device syzkaller0 entered promiscuous mode
[ 2131.940289][T26387] netlink: 'syz.3.40439': attribute type 10 has an invalid length.
[ 2134.876592][T26387] device vxcan1 entered promiscuous mode
[ 2134.883379][T26387] team0: Device vxcan1 is of different type
[ 2135.871909][T26395] device sit0 left promiscuous mode
[ 2135.907635][T26398] device sit0 entered promiscuous mode
[ 2136.087585][T26406] netlink: 60 bytes leftover after parsing attributes in process `syz.1.40447'.
[ 2136.098496][T26406] netlink: 60 bytes leftover after parsing attributes in process `syz.1.40447'.
[ 2136.115032][T26406] netlink: 60 bytes leftover after parsing attributes in process `syz.1.40447'.
[ 2136.186417][T26414] netlink: 'syz.4.40446': attribute type 153 has an invalid length.
[ 2136.196440][T26414] netlink: 69544 bytes leftover after parsing attributes in process `syz.4.40446'.
[ 2137.150839][T26436] netlink: 'syz.4.40453': attribute type 16 has an invalid length.
[ 2137.165904][T26436] netlink: 156 bytes leftover after parsing attributes in process `syz.4.40453'.
[ 2137.286741][T26442] netlink: 208188 bytes leftover after parsing attributes in process `syz.0.40458'.
[ 2137.332017][T26442] netlink: 4 bytes leftover after parsing attributes in process `syz.0.40458'.
[ 2137.571048][T26461] netlink: 208188 bytes leftover after parsing attributes in process `syz.3.40474'.
[ 2137.592920][T26469] netlink: 'syz.0.40473': attribute type 16 has an invalid length.
[ 2137.615695][T26469] netlink: 156 bytes leftover after parsing attributes in process `syz.0.40473'.
[ 2137.641478][T26461] netlink: 4 bytes leftover after parsing attributes in process `syz.3.40474'.
[ 2138.294114][T26509] device syzkaller0 entered promiscuous mode
[ 2138.327207][T26519] netlink: 'syz.3.40484': attribute type 16 has an invalid length.
[ 2139.880046][T26574] device lo left promiscuous mode
[ 2139.936944][T26574] Q�6�`Ҙ: renamed from lo
[ 2139.982863][T26574] netlink: 'syz.2.40500': attribute type 16 has an invalid length.
[ 2143.200370][T26598] __nla_validate_parse: 15 callbacks suppressed
[ 2143.200391][T26598] netlink: 60 bytes leftover after parsing attributes in process `syz.0.40508'.
[ 2143.322272][T26607] netlink: 208188 bytes leftover after parsing attributes in process `syz.1.40512'.
[ 2143.339388][T26607] netlink: 4 bytes leftover after parsing attributes in process `syz.1.40512'.
[ 2143.571071][T26629] netlink: 'syz.1.40519': attribute type 16 has an invalid length.
[ 2143.609916][T26629] netlink: 156 bytes leftover after parsing attributes in process `syz.1.40519'.
[ 2143.879170][T26645] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.40523'.
[ 2143.946993][T26651] netlink: 'syz.1.40534': attribute type 16 has an invalid length.
[ 2143.969277][T26651] netlink: 156 bytes leftover after parsing attributes in process `syz.1.40534'.
[ 2144.211850][T26661] netlink: 'syz.4.40527': attribute type 10 has an invalid length.
[ 2147.144988][T26661] device vxcan1 entered promiscuous mode
[ 2147.150731][T26661] team0: Device vxcan1 is of different type
[ 2148.171714][T26677] netlink: 128 bytes leftover after parsing attributes in process `syz.1.40549'.
[ 2148.192365][T26677] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2148.731438][T26707] netlink: 'syz.3.40548': attribute type 29 has an invalid length.
[ 2148.761381][T26707] netlink: 'syz.3.40548': attribute type 29 has an invalid length.
[ 2148.877757][T26716] netlink: 'syz.1.40552': attribute type 10 has an invalid length.
[ 2148.893198][T26716] netlink: 40 bytes leftover after parsing attributes in process `syz.1.40552'.
[ 2148.905753][T26716] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2148.944362][T26719] netlink: 'syz.3.40553': attribute type 3 has an invalid length.
[ 2148.978905][T26719] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.40553'.
[ 2149.145507][T26725] netlink: 'syz.0.40555': attribute type 10 has an invalid length.
[ 2149.672655][T26745] netlink: 128 bytes leftover after parsing attributes in process `syz.4.40564'.
[ 2149.686696][T26745] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2149.809792][T26747] netlink: 'syz.0.40565': attribute type 29 has an invalid length.
[ 2149.835757][T26753] netlink: 'syz.2.40567': attribute type 3 has an invalid length.
[ 2149.859815][T26753] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.40567'.
[ 2149.942466][T26747] netlink: 'syz.0.40565': attribute type 29 has an invalid length.
[ 2150.109002][T26766] netlink: 'syz.4.40574': attribute type 10 has an invalid length.
[ 2150.308484][T26778] netlink: 128 bytes leftover after parsing attributes in process `syz.3.40578'.
[ 2150.346176][T26778] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2150.439182][T26789] netlink: 'syz.2.40581': attribute type 29 has an invalid length.
[ 2150.736973][T26791] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.40584'.
[ 2151.001769][T26806] netlink: 1047 bytes leftover after parsing attributes in process `syz.4.40591'.
[ 2151.023904][T26806] bridge_slave_1: default FDB implementation only supports local addresses
[ 2152.062829][T26825] netlink: 128 bytes leftover after parsing attributes in process `syz.2.40597'.
[ 2152.085343][T26825] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2152.361885][T26840] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.40602'.
[ 2152.414167][T26842] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.40604'.
[ 2152.437371][T26842] bridge_slave_1: default FDB implementation only supports local addresses
[ 2155.959936][T26872] netlink: 128 bytes leftover after parsing attributes in process `syz.0.40614'.
[ 2156.000737][T26872] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2156.069813][T26877] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.40616'.
[ 2156.197598][T26881] validate_nla: 4 callbacks suppressed
[ 2156.197640][T26881] netlink: 'syz.0.40618': attribute type 3 has an invalid length.
[ 2156.224052][T26881] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.40618'.
[ 2156.510106][T26892] netlink: 199824 bytes leftover after parsing attributes in process `syz.3.40623'.
[ 2156.755382][T26898] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.40634'.
[ 2157.411873][T26923] netlink: 128 bytes leftover after parsing attributes in process `syz.3.40629'.
[ 2157.431077][T26923] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2157.480066][T26928] netlink: 'syz.1.40632': attribute type 3 has an invalid length.
[ 2157.503227][T26928] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.40632'.
[ 2159.426633][T26966] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.40645'.
[ 2159.453116][T26968] netlink: 128 bytes leftover after parsing attributes in process `syz.1.40648'.
[ 2159.530385][T26968] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2159.663647][T26977] netlink: 'syz.4.40651': attribute type 3 has an invalid length.
[ 2159.688161][T26977] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.40651'.
[ 2160.365503][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 2160.371908][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 2164.284391][T27025] __nla_validate_parse: 1 callbacks suppressed
[ 2164.284413][T27025] netlink: 128 bytes leftover after parsing attributes in process `syz.3.40665'.
[ 2164.365054][T27033] netlink: 'syz.0.40668': attribute type 3 has an invalid length.
[ 2164.404757][T27025] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2164.422430][T27033] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.40668'.
[ 2164.810395][T27042] netlink: 'syz.4.40684': attribute type 3 has an invalid length.
[ 2164.912160][T27042] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.40684'.
[ 2165.290479][T27049] netlink: 'syz.2.40687': attribute type 3 has an invalid length.
[ 2165.384789][T27049] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.40687'.
[ 2166.589517][T27086] device 
 entered promiscuous mode
[ 2166.876427][T27095] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.40691'.
[ 2166.896477][T27095] bridge_slave_1: default FDB implementation only supports local addresses
[ 2168.296134][T27146] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.40711'.
[ 2168.317341][T27146] bridge_slave_1: default FDB implementation only supports local addresses
[ 2169.196369][T27159] device syzkaller0 entered promiscuous mode
[ 2169.621854][T27185] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.40723'.
[ 2169.738298][T27190] device syzkaller0 entered promiscuous mode
[ 2169.779891][T27190] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[ 2170.449730][T27219] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.40740'.
[ 2170.479851][T27219] bridge_slave_1: default FDB implementation only supports local addresses
[ 2174.167205][T27262] netlink: 'syz.0.40757': attribute type 10 has an invalid length.
[ 2177.037141][T27262] device hsr_slave_0 entered promiscuous mode
[ 2177.053943][T27262] team0: Port device hsr_slave_0 added
[ 2177.260969][T27274] netlink: 60 bytes leftover after parsing attributes in process `syz.4.40763'.
[ 2177.290723][T27274] netlink: 60 bytes leftover after parsing attributes in process `syz.4.40763'.
[ 2177.318668][T27274] netlink: 60 bytes leftover after parsing attributes in process `syz.4.40763'.
[ 2177.443360][T27282] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.40766'.
[ 2177.619600][T27295] sock: sock_set_timeout: `syz.0.40772' (pid 27295) tries to set negative timeout
[ 2178.086215][T27317] netlink: 'syz.3.40781': attribute type 10 has an invalid length.
[ 2178.920151][T27315] delete_channel: no stack
[ 2178.927020][T27317] team0: Device wg1 is of different type
[ 2179.012556][T27336] netlink: 'syz.0.40787': attribute type 10 has an invalid length.
[ 2187.882371][T27481] netlink: 'syz.1.40845': attribute type 10 has an invalid length.
[ 2187.928336][T27481] device hsr_slave_0 entered promiscuous mode
[ 2187.995870][T27481] team0: Port device hsr_slave_0 added
[ 2190.342599][T27524] netlink: 'syz.3.40860': attribute type 10 has an invalid length.
[ 2190.977086][T27524] device hsr_slave_0 entered promiscuous mode
[ 2190.993906][T27524] team0: Port device hsr_slave_0 added
[ 2192.442421][T27570] netlink: 'syz.4.40878': attribute type 10 has an invalid length.
[ 2197.378576][T27618] netlink: 763 bytes leftover after parsing attributes in process `syz.1.40898'.
[ 2197.764368][T27634] device syzkaller0 entered promiscuous mode
[ 2198.699524][T27653] netlink: 14 bytes leftover after parsing attributes in process `syz.3.40916'.
[ 2203.039770][T27690] device syzkaller0 entered promiscuous mode
[ 2204.381965][T27749] netlink: 763 bytes leftover after parsing attributes in process `syz.4.40959'.
[ 2204.728658][T27763] device syzkaller0 entered promiscuous mode
[ 2205.873538][T27809] device syzkaller0 entered promiscuous mode
[ 2206.301525][T27823] netlink: 'syz.0.40990': attribute type 3 has an invalid length.
[ 2206.641511][T27830] netlink: 'syz.1.40992': attribute type 10 has an invalid length.
[ 2206.860928][T27830] device wlan1 entered promiscuous mode
[ 2206.959256][T27830] team0: Port device wlan1 added
[ 2207.048411][T27829] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2207.130008][T27838] device syzkaller0 entered promiscuous mode
[ 2207.143383][T27838] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[ 2207.636188][T27846] device syzkaller0 entered promiscuous mode
[ 2208.392067][T27862] netlink: 'syz.2.41006': attribute type 10 has an invalid length.
[ 2208.435571][T27862] team0: Device wg1 is of different type
[ 2208.586931][T27861] delete_channel: no stack
[ 2208.864570][T27877] netlink: 'syz.2.41012': attribute type 9 has an invalid length.
[ 2208.872656][T27877] netlink: 165200 bytes leftover after parsing attributes in process `syz.2.41012'.
[ 2209.050122][T27882] netlink: 'syz.2.41012': attribute type 9 has an invalid length.
[ 2209.066132][T27882] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.41012'.
[ 2209.360151][T27886] device syzkaller0 entered promiscuous mode
[ 2209.381684][T27886] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[ 2209.930466][T27903] netlink: 'syz.1.41022': attribute type 2 has an invalid length.
[ 2209.950232][T27903] netlink: 198692 bytes leftover after parsing attributes in process `syz.1.41022'.
[ 2210.151239][T27907] netlink: 'syz.0.41023': attribute type 10 has an invalid length.
[ 2210.276241][T27907] team0: Device wg1 is of different type
[ 2210.457822][T27906] delete_channel: no stack
[ 2211.596704][T27932] device syzkaller0 entered promiscuous mode
[ 2211.614507][T27932] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[ 2212.731235][T27949] netlink: 'syz.4.41039': attribute type 3 has an invalid length.
[ 2213.462155][T27968] netlink: 'syz.3.41044': attribute type 10 has an invalid length.
[ 2213.567134][T27968] device wlan1 entered promiscuous mode
[ 2213.607182][T27968] team0: Port device wlan1 added
[ 2213.682124][T27966] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2213.762205][T27973] netlink: 'syz.4.41047': attribute type 9 has an invalid length.
[ 2213.812795][T27973] netlink: 165200 bytes leftover after parsing attributes in process `syz.4.41047'.
[ 2213.960725][T27970] netlink: 'syz.4.41047': attribute type 9 has an invalid length.
[ 2214.002617][T27970] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.41047'.
[ 2214.145989][T27981] netlink: 'syz.1.41049': attribute type 10 has an invalid length.
[ 2214.196953][T27981] team0: Device wg1 is of different type
[ 2214.393809][T27978] delete_channel: no stack
[ 2215.660398][T28011] netlink: 'syz.1.41074': attribute type 4 has an invalid length.
[ 2215.700335][T28011] netlink: 'syz.1.41074': attribute type 1 has an invalid length.
[ 2215.708782][T28011] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.41074'.
[ 2215.875155][T28023] netlink: 'syz.0.41065': attribute type 9 has an invalid length.
[ 2215.917140][T28023] netlink: 165200 bytes leftover after parsing attributes in process `syz.0.41065'.
[ 2216.162298][T28014] device syzkaller0 entered promiscuous mode
[ 2216.259534][T28021] netlink: 'syz.0.41065': attribute type 9 has an invalid length.
[ 2216.317141][T28021] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.41065'.
[ 2217.856751][T28059] netlink: 'syz.3.41083': attribute type 4 has an invalid length.
[ 2217.867890][T28059] netlink: 'syz.3.41083': attribute type 1 has an invalid length.
[ 2217.876528][T28059] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.41083'.
[ 2218.648342][T28082] device syzkaller0 entered promiscuous mode
[ 2218.721795][T28091] netlink: 'syz.2.41099': attribute type 4 has an invalid length.
[ 2218.730141][T28091] netlink: 'syz.2.41099': attribute type 1 has an invalid length.
[ 2218.766826][T28091] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.41099'.
[ 2219.180482][T28108] netlink: 180 bytes leftover after parsing attributes in process `syz.0.41105'.
[ 2220.119422][T28137] netlink: 'syz.4.41113': attribute type 4 has an invalid length.
[ 2220.213675][T28137] netlink: 'syz.4.41113': attribute type 1 has an invalid length.
[ 2220.243596][T28137] netlink: 181400 bytes leftover after parsing attributes in process `syz.4.41113'.
[ 2220.329557][T28139] device syzkaller0 entered promiscuous mode
[ 2220.602758][T28148] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.41120'.
[ 2220.623165][T28148] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.41120'.
[ 2220.632519][T28148] netlink: 2 bytes leftover after parsing attributes in process `syz.2.41120'.
[ 2220.735721][T28155] netlink: 'syz.1.41119': attribute type 9 has an invalid length.
[ 2220.785985][T28155] netlink: 165200 bytes leftover after parsing attributes in process `syz.1.41119'.
[ 2220.970496][T28158] netlink: 'syz.1.41119': attribute type 9 has an invalid length.
[ 2220.993226][T28158] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.41119'.
[ 2221.823309][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 2221.829822][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 2222.437583][T28198] netlink: 'syz.3.41137': attribute type 9 has an invalid length.
[ 2222.495945][T28198] netlink: 165200 bytes leftover after parsing attributes in process `syz.3.41137'.
[ 2222.582683][T28203] netlink: 'syz.4.41140': attribute type 10 has an invalid length.
[ 2222.595711][T28203] netlink: 55 bytes leftover after parsing attributes in process `syz.4.41140'.
[ 2222.688481][T28201] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.41137'.
[ 2223.424047][T28232] validate_nla: 1 callbacks suppressed
[ 2223.424066][T28232] netlink: 'syz.1.41152': attribute type 4 has an invalid length.
[ 2223.508156][T28232] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.41152'.
[ 2223.760959][T28237] netlink: 'syz.4.41155': attribute type 9 has an invalid length.
[ 2223.773133][T28237] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.41155'.
[ 2223.860077][T28236] netlink: 'syz.4.41155': attribute type 9 has an invalid length.
[ 2223.910397][T28236] netlink: 165200 bytes leftover after parsing attributes in process `syz.4.41155'.
[ 2224.720665][T28250] delete_channel: no stack
[ 2224.905705][T28270] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.41168'.
[ 2224.923320][T28270] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.41168'.
[ 2225.507224][T28305] netlink: 'syz.2.41183': attribute type 4 has an invalid length.
[ 2226.821521][T28352] netlink: 'syz.0.41205': attribute type 4 has an invalid length.
[ 2226.915485][T28352] __nla_validate_parse: 2 callbacks suppressed
[ 2226.915523][T28352] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.41205'.
[ 2228.635105][T28404] netlink: 'syz.4.41227': attribute type 9 has an invalid length.
[ 2228.681582][T28404] netlink: 165200 bytes leftover after parsing attributes in process `syz.4.41227'.
[ 2228.820568][T28407] netlink: 'syz.4.41227': attribute type 9 has an invalid length.
[ 2228.850302][T28407] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.41227'.
[ 2229.370478][T28429] netlink: 'syz.4.41237': attribute type 3 has an invalid length.
[ 2229.412676][T28429] netlink: 13435 bytes leftover after parsing attributes in process `syz.4.41237'.
[ 2229.752535][T28451] device syzkaller0 left promiscuous mode
[ 2230.999084][T28499] netlink: 'syz.3.41265': attribute type 3 has an invalid length.
[ 2231.036078][T28499] netlink: 13435 bytes leftover after parsing attributes in process `syz.3.41265'.
[ 2231.402837][T28514] netlink: 10 bytes leftover after parsing attributes in process `syz.0.41272'.
[ 2231.667021][T28521] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.41277'.
[ 2231.940569][T28534] netlink: 'syz.2.41281': attribute type 3 has an invalid length.
[ 2231.960817][T28534] netlink: 13435 bytes leftover after parsing attributes in process `syz.2.41281'.
[ 2232.924874][T28565] netlink: 'syz.4.41295': attribute type 9 has an invalid length.
[ 2232.954627][T28565] netlink: 165200 bytes leftover after parsing attributes in process `syz.4.41295'.
[ 2233.087323][T28567] netlink: 'syz.4.41295': attribute type 9 has an invalid length.
[ 2233.133165][T28567] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.41295'.
[ 2235.545812][T28581] device bridge_slave_0 left promiscuous mode
[ 2235.566614][T28581] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2235.705704][T28581] device bridge0 left promiscuous mode
[ 2235.775832][T28581] team0: Port device bridge0 removed
[ 2237.467864][T28652] netlink: 10 bytes leftover after parsing attributes in process `syz.2.41332'.
[ 2238.391068][T28680] netlink: 132 bytes leftover after parsing attributes in process `syz.3.41344'.
[ 2238.409156][T28680] netlink: 60 bytes leftover after parsing attributes in process `syz.3.41344'.
[ 2238.420047][T28680] netlink: 60 bytes leftover after parsing attributes in process `syz.3.41344'.
[ 2238.453101][T28680] netlink: 60 bytes leftover after parsing attributes in process `syz.3.41344'.
[ 2239.240280][T28703] netlink: 10 bytes leftover after parsing attributes in process `syz.3.41350'.
[ 2240.542265][T28737] netlink: 10 bytes leftover after parsing attributes in process `syz.1.41368'.
[ 2241.671582][T28773] netlink: 191416 bytes leftover after parsing attributes in process `syz.0.41383'.
[ 2241.687583][T28773] netlink: 'syz.0.41383': attribute type 3 has an invalid length.
[ 2241.699532][T28773] netlink: 16770 bytes leftover after parsing attributes in process `syz.0.41383'.
[ 2241.712230][T28773] netlink: 'syz.0.41383': attribute type 1 has an invalid length.
[ 2242.072658][T28784] netlink: 10 bytes leftover after parsing attributes in process `syz.4.41385'.
[ 2243.172818][T28831] netlink: 10 bytes leftover after parsing attributes in process `syz.4.41404'.
[ 2243.371913][T28837] netlink: 121460 bytes leftover after parsing attributes in process `syz.4.41409'.
[ 2243.395712][T28837] netlink: 22856 bytes leftover after parsing attributes in process `syz.4.41409'.
[ 2243.777557][T28862] netlink: 10 bytes leftover after parsing attributes in process `syz.2.41421'.
[ 2247.949705][T28903] netlink: 10 bytes leftover after parsing attributes in process `syz.2.41434'.
[ 2247.988495][T28909] netlink: 208188 bytes leftover after parsing attributes in process `syz.4.41435'.
[ 2248.054007][T28908] netlink: 121460 bytes leftover after parsing attributes in process `syz.1.41437'.
[ 2248.087572][T28908] netlink: 22856 bytes leftover after parsing attributes in process `syz.1.41437'.
[ 2248.171513][T28911] netlink: 10 bytes leftover after parsing attributes in process `syz.2.41449'.
[ 2248.514262][T28924] netlink: 10 bytes leftover after parsing attributes in process `syz.1.41455'.
[ 2248.921320][T28946] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.41452'.
[ 2248.968115][T28946] netlink: 22856 bytes leftover after parsing attributes in process `syz.2.41452'.
[ 2249.073923][T28956] netlink: 132 bytes leftover after parsing attributes in process `syz.0.41458'.
[ 2249.109612][T28956] netlink: 60 bytes leftover after parsing attributes in process `syz.0.41458'.
[ 2249.176562][T28960] netlink: 10 bytes leftover after parsing attributes in process `syz.1.41459'.
[ 2249.197567][T28956] netlink: 60 bytes leftover after parsing attributes in process `syz.0.41458'.
[ 2249.224629][T28963] netlink: 60 bytes leftover after parsing attributes in process `syz.0.41458'.
[ 2252.699475][T28995] netlink: 121460 bytes leftover after parsing attributes in process `syz.3.41472'.
[ 2252.723270][T28995] netlink: 22856 bytes leftover after parsing attributes in process `syz.3.41472'.
[ 2252.963748][T29006] device syzkaller0 entered promiscuous mode
[ 2256.069265][T29015] netlink: 'syz.0.41494': attribute type 10 has an invalid length.
[ 2256.077878][T29015] __nla_validate_parse: 4 callbacks suppressed
[ 2256.077893][T29015] netlink: 40 bytes leftover after parsing attributes in process `syz.0.41494'.
[ 2256.094003][T29015] �: port 1(team0) entered disabled state
[ 2256.105995][T29015] bridge0: port 2(team0) entered blocking state
[ 2256.112355][T29015] bridge0: port 2(team0) entered disabled state
[ 2256.121816][T29015] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 2260.493596][T29097] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.41515'.
[ 2260.583160][T29103] netlink: 'syz.3.41518': attribute type 21 has an invalid length.
[ 2260.736025][T29109] netlink: 'syz.1.41523': attribute type 3 has an invalid length.
[ 2260.763102][T29109] netlink: 'syz.1.41523': attribute type 1 has an invalid length.
[ 2260.771492][T29109] netlink: 132 bytes leftover after parsing attributes in process `syz.1.41523'.
[ 2260.871766][T29115] netlink: 'syz.0.41524': attribute type 21 has an invalid length.
[ 2260.915216][T29115] netlink: 16166 bytes leftover after parsing attributes in process `syz.0.41524'.
[ 2260.935674][T29117] device sit0 left promiscuous mode
[ 2261.070018][T29124] device sit0 entered promiscuous mode
[ 2261.801534][T29151] netlink: 'syz.2.41540': attribute type 21 has an invalid length.
[ 2261.833359][T29149] netlink: 'syz.0.41538': attribute type 2 has an invalid length.
[ 2261.876528][T29155] netlink: 'syz.4.41541': attribute type 10 has an invalid length.
[ 2261.920085][T29152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2262.522846][T29170] netlink: 'syz.4.41549': attribute type 39 has an invalid length.
[ 2263.466052][T29197] netlink: 168 bytes leftover after parsing attributes in process `syz.0.41558'.
[ 2263.499457][T29200] netlink: 'syz.2.41560': attribute type 11 has an invalid length.
[ 2263.583506][T29200] netlink: 'syz.2.41560': attribute type 1 has an invalid length.
[ 2263.604319][T29202] netlink: 'syz.1.41559': attribute type 21 has an invalid length.
[ 2263.633888][T29200] netlink: 'syz.2.41560': attribute type 1 has an invalid length.
[ 2263.641812][T29200] netlink: 'syz.2.41560': attribute type 2 has an invalid length.
[ 2263.736739][T29200] netlink: 198236 bytes leftover after parsing attributes in process `syz.2.41560'.
[ 2267.642671][T29253] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.41581'.
[ 2267.651023][T29254] netlink: 'syz.4.41579': attribute type 21 has an invalid length.
[ 2267.798083][T29260] netlink: 'syz.2.41583': attribute type 3 has an invalid length.
[ 2267.819425][T29260] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.41583'.
[ 2267.838834][T29262] netlink: 'syz.0.41582': attribute type 39 has an invalid length.
[ 2270.205771][T29262] device veth0_macvtap left promiscuous mode
[ 2270.603122][T29281] netlink: 'syz.1.41591': attribute type 2 has an invalid length.
[ 2270.640286][T29283] bridge0: port 2(batadv0) entered blocking state
[ 2270.657898][T29283] bridge0: port 2(batadv0) entered disabled state
[ 2270.677340][T29283] device batadv0 entered promiscuous mode
[ 2271.045424][T18211] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 2271.055298][T18211] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 2273.303293][T29285] device sit0 left promiscuous mode
[ 2273.504037][T29286] device sit0 entered promiscuous mode
[ 2274.531818][T29304] netlink: 'syz.0.41594': attribute type 21 has an invalid length.
[ 2274.559553][T29302] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.41605'.
[ 2274.616055][T29302] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2274.636035][T29302] CPU: 1 PID: 29302 Comm: syz.1.41605 Not tainted syzkaller #0
[ 2274.643672][T29302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2274.653805][T29302] Call Trace:
[ 2274.657145][T29302]  <TASK>
[ 2274.660108][T29302]  dump_stack_lvl+0x188/0x250
[ 2274.664833][T29302]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2274.671038][T29302]  ? show_regs_print_info+0x20/0x20
[ 2274.676300][T29302]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2274.682556][T29302]  sysfs_warn_dup+0x8a/0xa0
[ 2274.687125][T29302]  sysfs_do_create_link_sd+0xc0/0x110
[ 2274.692658][T29302]  device_add+0x7f6/0x1000
[ 2274.697142][T29302]  wiphy_register+0x1e81/0x2c30
[ 2274.702072][T29302]  ? cfg80211_event_work+0x40/0x40
[ 2274.707238][T29302]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2274.713491][T29302]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2274.719029][T29302]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2274.724719][T29302]  ? rcu_is_watching+0x11/0xa0
[ 2274.729534][T29302]  ? memset+0x1e/0x40
[ 2274.733554][T29302]  ? hrtimer_init+0x10c/0x220
[ 2274.738282][T29302]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2274.744093][T29302]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2274.749502][T29302]  genl_rcv_msg+0xcea/0xf90
[ 2274.754048][T29302]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2274.760264][T29302]  ? genl_bind+0x380/0x380
[ 2274.764749][T29302]  ? verify_lock_unused+0x140/0x140
[ 2274.769996][T29302]  ? rcu_preempt_deferred_qs_irqrestore+0x868/0xc30
[ 2274.776653][T29302]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2274.783226][T29302]  netlink_rcv_skb+0x1f5/0x440
[ 2274.788059][T29302]  ? genl_bind+0x380/0x380
[ 2274.792526][T29302]  ? netlink_ack+0xb50/0xb50
[ 2274.797163][T29302]  ? __lock_acquire+0x7d10/0x7d10
[ 2274.802249][T29302]  ? down_read+0x1aa/0x2e0
[ 2274.806714][T29302]  genl_rcv+0x24/0x40
[ 2274.810741][T29302]  netlink_unicast+0x774/0x920
[ 2274.815566][T29302]  netlink_sendmsg+0x8ba/0xbe0
[ 2274.820382][T29302]  ? netlink_getsockopt+0x570/0x570
[ 2274.825635][T29302]  ? aa_sock_msg_perm+0x94/0x150
[ 2274.830616][T29302]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2274.835939][T29302]  ? security_socket_sendmsg+0x7c/0xa0
[ 2274.841445][T29302]  ? netlink_getsockopt+0x570/0x570
[ 2274.846699][T29302]  ____sys_sendmsg+0x5b7/0x8f0
[ 2274.851522][T29302]  ? __sys_sendmsg_sock+0x30/0x30
[ 2274.856596][T29302]  ? import_iovec+0x6f/0xa0
[ 2274.861160][T29302]  ___sys_sendmsg+0x236/0x2e0
[ 2274.865902][T29302]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2274.870731][T29302]  ? ktime_get_real_ts64+0x440/0x440
[ 2274.876090][T29302]  __se_sys_sendmsg+0x1af/0x290
[ 2274.881022][T29302]  ? __x64_sys_sendmsg+0x80/0x80
[ 2274.885998][T29302]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2274.892045][T29302]  ? lockdep_hardirqs_on+0x94/0x140
[ 2274.897314][T29302]  do_syscall_64+0x4c/0xa0
[ 2274.901768][T29302]  ? clear_bhb_loop+0x30/0x80
[ 2274.906489][T29302]  ? clear_bhb_loop+0x30/0x80
[ 2274.911227][T29302]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2274.917163][T29302] RIP: 0033:0x7f8a79c76e59
[ 2274.921625][T29302] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2274.941271][T29302] RSP: 002b:00007f8a77ed0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2274.949756][T29302] RAX: ffffffffffffffda RBX: 00007f8a79eeffa0 RCX: 00007f8a79c76e59
[ 2274.957777][T29302] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2274.965788][T29302] RBP: 00007f8a79d0cd6f R08: 0000000000000000 R09: 0000000000000000
[ 2274.973800][T29302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2274.981894][T29302] R13: 00007f8a79ef0038 R14: 00007f8a79eeffa0 R15: 00007ffd57aa9638
[ 2274.989931][T29302]  </TASK>
[ 2275.028667][T29307] netlink: 'syz.2.41598': attribute type 10 has an invalid length.
[ 2276.238028][T29307] device geneve1 entered promiscuous mode
[ 2276.266778][T29307] team0: Port device geneve1 added
[ 2276.272604][T29311] netlink: 'syz.3.41599': attribute type 10 has an invalid length.
[ 2277.484902][T29311] device team0 left promiscuous mode
[ 2277.490276][T29311] device team_slave_0 left promiscuous mode
[ 2277.496683][T29311] device team_slave_1 left promiscuous mode
[ 2277.523098][T29311] device virt_wifi0 left promiscuous mode
[ 2277.529039][T29311] device hsr_slave_0 left promiscuous mode
[ 2277.538270][T29311] device wlan1 left promiscuous mode
[ 2277.544013][T29311] �: port 1(team0) entered disabled state
[ 2277.768779][T29315] netlink: 'syz.2.41600': attribute type 39 has an invalid length.
[ 2277.837163][T29315] device veth0_macvtap left promiscuous mode
[ 2278.252391][T29334] netlink: 'syz.4.41609': attribute type 29 has an invalid length.
[ 2278.307842][T29334] netlink: 'syz.4.41609': attribute type 29 has an invalid length.
[ 2278.327932][T29340] netlink: 'syz.4.41609': attribute type 29 has an invalid length.
[ 2278.368908][T29334] netlink: 'syz.4.41609': attribute type 1 has an invalid length.
[ 2278.387821][T29334] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.41609'.
[ 2278.468874][T29348] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.41616'.
[ 2278.589556][T29350] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.41617'.
[ 2278.632467][T29350] netlink: 6320 bytes leftover after parsing attributes in process `syz.1.41617'.
[ 2278.727911][T29350] netlink: 6 bytes leftover after parsing attributes in process `syz.1.41617'.
[ 2278.770437][T29350] tc_dump_action: action bad kind
[ 2281.550341][T29386] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.41630'.
[ 2281.571889][T29386] netlink: 6332 bytes leftover after parsing attributes in process `syz.4.41630'.
[ 2281.638371][T29390] netlink: 'syz.0.41632': attribute type 7 has an invalid length.
[ 2281.677654][T29390] netlink: 'syz.0.41632': attribute type 1 has an invalid length.
[ 2281.727727][T29390] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.41632'.
[ 2281.895638][T29399] device sit0 left promiscuous mode
[ 2281.908608][T29402] netlink: 'syz.2.41638': attribute type 29 has an invalid length.
[ 2282.007027][T29402] netlink: 'syz.2.41638': attribute type 29 has an invalid length.
[ 2282.023357][T29407] netlink: 'syz.2.41638': attribute type 29 has an invalid length.
[ 2282.029350][T29412] netlink: 'syz.2.41638': attribute type 1 has an invalid length.
[ 2282.094441][T29399] device sit0 entered promiscuous mode
[ 2282.155265][T29412] netlink: 157116 bytes leftover after parsing attributes in process `syz.2.41638'.
[ 2282.605871][T29434] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.41646'.
[ 2282.630942][T29434] netlink: 6332 bytes leftover after parsing attributes in process `syz.3.41646'.
[ 2282.822385][T29441] netlink: 'syz.2.41650': attribute type 7 has an invalid length.
[ 2282.898626][T29441] netlink: 'syz.2.41650': attribute type 1 has an invalid length.
[ 2282.907497][T29441] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.41650'.
[ 2283.047848][T29451] device sit0 left promiscuous mode
[ 2283.283445][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 2283.289885][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 2283.323361][T29459] device sit0 entered promiscuous mode
[ 2283.879579][T29472] netlink: 'syz.3.41659': attribute type 29 has an invalid length.
[ 2283.926344][T29472] netlink: 'syz.3.41659': attribute type 29 has an invalid length.
[ 2283.974545][T29478] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.41662'.
[ 2283.989240][T29472] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.41659'.
[ 2284.033291][T29478] netlink: 6332 bytes leftover after parsing attributes in process `syz.0.41662'.
[ 2284.173323][T29486] device veth0_macvtap left promiscuous mode
[ 2284.346518][T29499] device sit0 left promiscuous mode
[ 2284.403170][T29498] tc_dump_action: action bad kind
[ 2284.506230][T29499] device sit0 entered promiscuous mode
[ 2284.998892][T29528] device sit0 left promiscuous mode
[ 2285.089350][T29531] device sit0 entered promiscuous mode
[ 2285.976055][T29544] device sit0 left promiscuous mode
[ 2286.064954][T29545] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2286.072653][T29545] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2288.129889][T29551] device sit0 entered promiscuous mode
[ 2288.282641][T29562] validate_nla: 8 callbacks suppressed
[ 2288.282663][T29562] netlink: 'syz.4.41701': attribute type 29 has an invalid length.
[ 2289.328303][T29592] __nla_validate_parse: 9 callbacks suppressed
[ 2289.328341][T29592] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.41697'.
[ 2289.895793][T29598] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.41703'.
[ 2290.010509][T29598] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2290.065280][T29598] CPU: 0 PID: 29598 Comm: syz.3.41703 Not tainted syzkaller #0
[ 2290.072906][T29598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2290.083017][T29598] Call Trace:
[ 2290.086336][T29598]  <TASK>
[ 2290.089301][T29598]  dump_stack_lvl+0x188/0x250
[ 2290.094023][T29598]  ? show_regs_print_info+0x20/0x20
[ 2290.099262][T29598]  ? load_image+0x400/0x400
[ 2290.103820][T29598]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2290.109925][T29598]  ? sysfs_warn_dup+0x61/0xa0
[ 2290.114669][T29598]  sysfs_warn_dup+0x8a/0xa0
[ 2290.119221][T29598]  sysfs_do_create_link_sd+0xc0/0x110
[ 2290.124630][T29598]  device_add+0x7f6/0x1000
[ 2290.129106][T29598]  wiphy_register+0x1e81/0x2c30
[ 2290.134023][T29598]  ? cfg80211_event_work+0x40/0x40
[ 2290.139171][T29598]  ? minstrel_ht_alloc+0x808/0x980
[ 2290.144321][T29598]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2290.150418][T29598]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2290.155918][T29598]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2290.161583][T29598]  ? rcu_is_watching+0x11/0xa0
[ 2290.166367][T29598]  ? memset+0x1e/0x40
[ 2290.170370][T29598]  ? hrtimer_init+0x10c/0x220
[ 2290.175079][T29598]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2290.180848][T29598]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2290.185913][T29598]  genl_rcv_msg+0xcea/0xf90
[ 2290.190449][T29598]  ? genl_bind+0x380/0x380
[ 2290.194898][T29598]  ? __dev_queue_xmit+0x1cbf/0x2f80
[ 2290.200118][T29598]  ? verify_lock_unused+0x140/0x140
[ 2290.205404][T29598]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2290.211955][T29598]  netlink_rcv_skb+0x1f5/0x440
[ 2290.216746][T29598]  ? genl_bind+0x380/0x380
[ 2290.221191][T29598]  ? netlink_ack+0xb50/0xb50
[ 2290.225808][T29598]  ? down_read+0x1aa/0x2e0
[ 2290.230253][T29598]  genl_rcv+0x24/0x40
[ 2290.234260][T29598]  netlink_unicast+0x774/0x920
[ 2290.239053][T29598]  netlink_sendmsg+0x8ba/0xbe0
[ 2290.243850][T29598]  ? netlink_getsockopt+0x570/0x570
[ 2290.249081][T29598]  ? netlink_getsockopt+0x570/0x570
[ 2290.254298][T29598]  ____sys_sendmsg+0x5b7/0x8f0
[ 2290.259094][T29598]  ? __sys_sendmsg_sock+0x30/0x30
[ 2290.264150][T29598]  ? import_iovec+0x6f/0xa0
[ 2290.268689][T29598]  ___sys_sendmsg+0x236/0x2e0
[ 2290.273400][T29598]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2290.278227][T29598]  __se_sys_sendmsg+0x1af/0x290
[ 2290.283106][T29598]  ? __x64_sys_sendmsg+0x80/0x80
[ 2290.288070][T29598]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2290.294087][T29598]  ? lockdep_hardirqs_on+0x94/0x140
[ 2290.299312][T29598]  do_syscall_64+0x4c/0xa0
[ 2290.303744][T29598]  ? clear_bhb_loop+0x30/0x80
[ 2290.308440][T29598]  ? clear_bhb_loop+0x30/0x80
[ 2290.313146][T29598]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2290.319063][T29598] RIP: 0033:0x7fdd1d946e59
[ 2290.323503][T29598] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2290.343135][T29598] RSP: 002b:00007fdd1bba0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2290.351570][T29598] RAX: ffffffffffffffda RBX: 00007fdd1dbbffa0 RCX: 00007fdd1d946e59
[ 2290.359564][T29598] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2290.367563][T29598] RBP: 00007fdd1d9dcd6f R08: 0000000000000000 R09: 0000000000000000
[ 2290.375549][T29598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2290.383539][T29598] R13: 00007fdd1dbc0038 R14: 00007fdd1dbbffa0 R15: 00007ffc81aa1768
[ 2290.391548][T29598]  </TASK>
[ 2293.439973][T29633] netlink: 'syz.0.41718': attribute type 29 has an invalid length.
[ 2293.520894][T29635] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.41720'.
[ 2293.545265][T29633] netlink: 'syz.0.41718': attribute type 29 has an invalid length.
[ 2293.585939][T29636] netlink: 'syz.0.41718': attribute type 29 has an invalid length.
[ 2293.850756][T29640] netlink: 'syz.0.41718': attribute type 1 has an invalid length.
[ 2293.863235][T29640] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.41718'.
[ 2293.873465][T29645] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.41724'.
[ 2293.910494][T29645] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2293.919291][T29645] CPU: 1 PID: 29645 Comm: syz.2.41724 Not tainted syzkaller #0
[ 2293.926888][T29645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2293.936987][T29645] Call Trace:
[ 2293.940306][T29645]  <TASK>
[ 2293.943265][T29645]  dump_stack_lvl+0x188/0x250
[ 2293.947986][T29645]  ? show_regs_print_info+0x20/0x20
[ 2293.953224][T29645]  ? load_image+0x400/0x400
[ 2293.957771][T29645]  sysfs_warn_dup+0x8a/0xa0
[ 2293.962300][T29645]  sysfs_do_create_link_sd+0xc0/0x110
[ 2293.967698][T29645]  device_add+0x7f6/0x1000
[ 2293.972150][T29645]  wiphy_register+0x1e81/0x2c30
[ 2293.977040][T29645]  ? cfg80211_event_work+0x40/0x40
[ 2293.982178][T29645]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2293.988366][T29645]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2293.993866][T29645]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2293.999531][T29645]  ? rcu_is_watching+0x11/0xa0
[ 2294.004319][T29645]  ? memset+0x1e/0x40
[ 2294.008317][T29645]  ? hrtimer_init+0x10c/0x220
[ 2294.013018][T29645]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2294.018796][T29645]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2294.023877][T29645]  genl_rcv_msg+0xcea/0xf90
[ 2294.028413][T29645]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2294.034605][T29645]  ? genl_bind+0x380/0x380
[ 2294.039052][T29645]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2294.045057][T29645]  ? lock_chain_count+0x20/0x20
[ 2294.049935][T29645]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2294.056110][T29645]  ? lockdep_hardirqs_on+0x94/0x140
[ 2294.061343][T29645]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2294.067524][T29645]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2294.074060][T29645]  ? lock_acquire+0x208/0x400
[ 2294.078763][T29645]  netlink_rcv_skb+0x1f5/0x440
[ 2294.083555][T29645]  ? genl_bind+0x380/0x380
[ 2294.087995][T29645]  ? netlink_ack+0xb50/0xb50
[ 2294.092601][T29645]  ? __lock_acquire+0x7d10/0x7d10
[ 2294.097649][T29645]  ? down_read+0x1aa/0x2e0
[ 2294.102089][T29645]  genl_rcv+0x24/0x40
[ 2294.106090][T29645]  netlink_unicast+0x774/0x920
[ 2294.110890][T29645]  netlink_sendmsg+0x8ba/0xbe0
[ 2294.115676][T29645]  ? lockdep_hardirqs_on+0x94/0x140
[ 2294.120903][T29645]  ? netlink_getsockopt+0x570/0x570
[ 2294.126118][T29645]  ? netlink_getsockopt+0x570/0x570
[ 2294.131344][T29645]  ? netlink_getsockopt+0x570/0x570
[ 2294.136559][T29645]  ____sys_sendmsg+0x5b7/0x8f0
[ 2294.141355][T29645]  ? __sys_sendmsg_sock+0x30/0x30
[ 2294.146413][T29645]  ? import_iovec+0x6f/0xa0
[ 2294.150944][T29645]  ___sys_sendmsg+0x236/0x2e0
[ 2294.155673][T29645]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2294.160491][T29645]  __se_sys_sendmsg+0x1af/0x290
[ 2294.165370][T29645]  ? __x64_sys_sendmsg+0x80/0x80
[ 2294.170351][T29645]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2294.176277][T29645]  do_syscall_64+0x4c/0xa0
[ 2294.180718][T29645]  ? clear_bhb_loop+0x30/0x80
[ 2294.185412][T29645]  ? clear_bhb_loop+0x30/0x80
[ 2294.190116][T29645]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2294.196034][T29645] RIP: 0033:0x7fd3ac021e59
[ 2294.200473][T29645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2294.220093][T29645] RSP: 002b:00007fd3aa27b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2294.228530][T29645] RAX: ffffffffffffffda RBX: 00007fd3ac29afa0 RCX: 00007fd3ac021e59
[ 2294.236526][T29645] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2294.244520][T29645] RBP: 00007fd3ac0b7d6f R08: 0000000000000000 R09: 0000000000000000
[ 2294.252506][T29645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2294.260493][T29645] R13: 00007fd3ac29b038 R14: 00007fd3ac29afa0 R15: 00007ffca2c65f78
[ 2294.268507][T29645]  </TASK>
[ 2294.324372][T29648] netlink: 'syz.4.41727': attribute type 3 has an invalid length.
[ 2294.334957][T29648] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.41727'.
[ 2294.418998][T29651] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2294.428905][T29651] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2294.443718][T29651] device batadv0 left promiscuous mode
[ 2294.449603][T29651] bridge0: port 2(batadv0) entered disabled state
[ 2298.044689][T29737] netlink: 'syz.1.41763': attribute type 29 has an invalid length.
[ 2298.135694][T29737] netlink: 'syz.1.41763': attribute type 29 has an invalid length.
[ 2298.146274][T29743] netlink: 'syz.1.41763': attribute type 1 has an invalid length.
[ 2298.182500][T29743] netlink: 157116 bytes leftover after parsing attributes in process `syz.1.41763'.
[ 2298.195689][T29740] netlink: 'syz.1.41763': attribute type 29 has an invalid length.
[ 2298.814863][T29753] netlink: 'syz.2.41781': attribute type 3 has an invalid length.
[ 2298.847139][T29753] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.41781'.
[ 2299.175533][T29765] netlink: 'syz.3.41787': attribute type 3 has an invalid length.
[ 2299.219151][T29765] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.41787'.
[ 2299.863748][T29799] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.41789'.
[ 2299.907994][T29799] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[ 2300.409803][T29806] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.41793'.
[ 2300.422073][T29808] netlink: 'syz.1.41794': attribute type 3 has an invalid length.
[ 2300.453523][T29806] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2300.468449][T29808] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.41794'.
[ 2300.475066][T29806] CPU: 1 PID: 29806 Comm: syz.4.41793 Not tainted syzkaller #0
[ 2300.485563][T29806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2300.495667][T29806] Call Trace:
[ 2300.498985][T29806]  <TASK>
[ 2300.502059][T29806]  dump_stack_lvl+0x188/0x250
[ 2300.506784][T29806]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2300.512998][T29806]  ? show_regs_print_info+0x20/0x20
[ 2300.518232][T29806]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2300.524569][T29806]  ? dump_stack+0x5/0x20
[ 2300.528866][T29806]  sysfs_warn_dup+0x8a/0xa0
[ 2300.533416][T29806]  sysfs_do_create_link_sd+0xc0/0x110
[ 2300.538835][T29806]  device_add+0x7f6/0x1000
[ 2300.543309][T29806]  wiphy_register+0x1e81/0x2c30
[ 2300.548222][T29806]  ? cfg80211_event_work+0x40/0x40
[ 2300.553374][T29806]  ? minstrel_ht_alloc+0x808/0x980
[ 2300.558541][T29806]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2300.564669][T29806]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2300.570416][T29806]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2300.576111][T29806]  ? hrtimer_init+0x76/0x220
[ 2300.580758][T29806]  ? __sanitizer_cov_trace_const_cmp4+0x32/0x80
[ 2300.587153][T29806]  ? hrtimer_init+0x10c/0x220
[ 2300.591888][T29806]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2300.597794][T29806]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2300.602878][T29806]  genl_rcv_msg+0xcea/0xf90
[ 2300.607418][T29806]  ? lock_chain_count+0x20/0x20
[ 2300.612320][T29806]  ? genl_bind+0x380/0x380
[ 2300.616789][T29806]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2300.622817][T29806]  ? lock_chain_count+0x20/0x20
[ 2300.627719][T29806]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2300.633919][T29806]  ? lockdep_hardirqs_on+0x94/0x140
[ 2300.639169][T29806]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2300.645378][T29806]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2300.651939][T29806]  ? lock_acquire+0x208/0x400
[ 2300.656666][T29806]  netlink_rcv_skb+0x1f5/0x440
[ 2300.661483][T29806]  ? genl_bind+0x380/0x380
[ 2300.665989][T29806]  ? netlink_ack+0xb50/0xb50
[ 2300.670616][T29806]  ? __lock_acquire+0x7d10/0x7d10
[ 2300.675734][T29806]  ? down_read+0x1aa/0x2e0
[ 2300.680208][T29806]  genl_rcv+0x24/0x40
[ 2300.684228][T29806]  netlink_unicast+0x774/0x920
[ 2300.689044][T29806]  netlink_sendmsg+0x8ba/0xbe0
[ 2300.693857][T29806]  ? netlink_getsockopt+0x570/0x570
[ 2300.699095][T29806]  ? aa_sock_msg_perm+0x94/0x150
[ 2300.704078][T29806]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2300.709412][T29806]  ? security_socket_sendmsg+0x7c/0xa0
[ 2300.714913][T29806]  ? netlink_getsockopt+0x570/0x570
[ 2300.720147][T29806]  ____sys_sendmsg+0x5b7/0x8f0
[ 2300.724966][T29806]  ? __sys_sendmsg_sock+0x30/0x30
[ 2300.730047][T29806]  ? import_iovec+0x6f/0xa0
[ 2300.734603][T29806]  ___sys_sendmsg+0x236/0x2e0
[ 2300.739336][T29806]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2300.744165][T29806]  ? ktime_get_real_ts64+0x440/0x440
[ 2300.749518][T29806]  __se_sys_sendmsg+0x1af/0x290
[ 2300.754419][T29806]  ? __x64_sys_sendmsg+0x80/0x80
[ 2300.759414][T29806]  ? lockdep_hardirqs_on+0x94/0x140
[ 2300.764693][T29806]  do_syscall_64+0x4c/0xa0
[ 2300.769146][T29806]  ? clear_bhb_loop+0x30/0x80
[ 2300.773863][T29806]  ? clear_bhb_loop+0x30/0x80
[ 2300.778587][T29806]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2300.784520][T29806] RIP: 0033:0x7f34d00aee59
[ 2300.788973][T29806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2300.808618][T29806] RSP: 002b:00007f34ce308028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2300.817077][T29806] RAX: ffffffffffffffda RBX: 00007f34d0327fa0 RCX: 00007f34d00aee59
[ 2300.825087][T29806] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2300.833099][T29806] RBP: 00007f34d0144d6f R08: 0000000000000000 R09: 0000000000000000
[ 2300.841106][T29806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2300.849114][T29806] R13: 00007f34d0328038 R14: 00007f34d0327fa0 R15: 00007ffcd89243c8
[ 2300.857148][T29806]  </TASK>
[ 2301.059935][T29817] netlink: 'syz.2.41807': attribute type 10 has an invalid length.
[ 2301.073652][T29817] netlink: 168 bytes leftover after parsing attributes in process `syz.2.41807'.
[ 2301.318287][T29831] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.41799'.
[ 2301.378516][T29834] netlink: 'syz.2.41799': attribute type 3 has an invalid length.
[ 2301.396899][T29834] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.41799'.
[ 2301.466501][T29836] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2301.608372][T29849] netlink: 763 bytes leftover after parsing attributes in process `syz.3.41821'.
[ 2301.704260][T29850] netlink: 'syz.0.41808': attribute type 3 has an invalid length.
[ 2301.721217][T29850] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.41808'.
[ 2302.042854][T29860] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.41810'.
[ 2302.125600][T29860] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2302.150466][T29860] CPU: 0 PID: 29860 Comm: syz.0.41810 Not tainted syzkaller #0
[ 2302.158081][T29860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2302.168177][T29860] Call Trace:
[ 2302.171493][T29860]  <TASK>
[ 2302.174455][T29860]  dump_stack_lvl+0x188/0x250
[ 2302.179287][T29860]  ? show_regs_print_info+0x20/0x20
[ 2302.184535][T29860]  ? load_image+0x400/0x400
[ 2302.189086][T29860]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2302.195207][T29860]  ? sysfs_warn_dup+0x61/0xa0
[ 2302.199935][T29860]  sysfs_warn_dup+0x8a/0xa0
[ 2302.204475][T29860]  sysfs_do_create_link_sd+0xc0/0x110
[ 2302.209887][T29860]  device_add+0x7f6/0x1000
[ 2302.214355][T29860]  wiphy_register+0x1e81/0x2c30
[ 2302.219267][T29860]  ? cfg80211_event_work+0x40/0x40
[ 2302.224425][T29860]  ? minstrel_ht_alloc+0x808/0x980
[ 2302.229592][T29860]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2302.235714][T29860]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2302.241253][T29860]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2302.246929][T29860]  ? hrtimer_init+0x90/0x220
[ 2302.251572][T29860]  ? __sanitizer_cov_trace_const_cmp4+0x32/0x80
[ 2302.257862][T29860]  ? hrtimer_init+0x10c/0x220
[ 2302.262599][T29860]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2302.268390][T29860]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2302.273475][T29860]  genl_rcv_msg+0xcea/0xf90
[ 2302.278034][T29860]  ? genl_bind+0x380/0x380
[ 2302.282504][T29860]  ? verify_lock_unused+0x140/0x140
[ 2302.287750][T29860]  ? rcu_preempt_deferred_qs_irqrestore+0x868/0xc30
[ 2302.294386][T29860]  ? perf_trace_run_bpf_submit+0xf3/0x1c0
[ 2302.300154][T29860]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2302.306727][T29860]  netlink_rcv_skb+0x1f5/0x440
[ 2302.311527][T29860]  ? genl_bind+0x380/0x380
[ 2302.315982][T29860]  ? netlink_ack+0xb50/0xb50
[ 2302.320598][T29860]  ? lockdep_hardirqs_on+0x94/0x140
[ 2302.325845][T29860]  ? down_read+0x1aa/0x2e0
[ 2302.330309][T29860]  genl_rcv+0x24/0x40
[ 2302.334337][T29860]  netlink_unicast+0x774/0x920
[ 2302.339155][T29860]  netlink_sendmsg+0x8ba/0xbe0
[ 2302.343969][T29860]  ? lockdep_hardirqs_on+0x94/0x140
[ 2302.349235][T29860]  ? netlink_getsockopt+0x570/0x570
[ 2302.354482][T29860]  ? security_socket_sendmsg+0x56/0xa0
[ 2302.360084][T29860]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2302.365414][T29860]  ? security_socket_sendmsg+0x7c/0xa0
[ 2302.370915][T29860]  ? netlink_getsockopt+0x570/0x570
[ 2302.376155][T29860]  ____sys_sendmsg+0x5b7/0x8f0
[ 2302.380971][T29860]  ? __sys_sendmsg_sock+0x30/0x30
[ 2302.386045][T29860]  ? import_iovec+0x6f/0xa0
[ 2302.390592][T29860]  ___sys_sendmsg+0x236/0x2e0
[ 2302.395331][T29860]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2302.400186][T29860]  __se_sys_sendmsg+0x1af/0x290
[ 2302.405084][T29860]  ? __x64_sys_sendmsg+0x80/0x80
[ 2302.410076][T29860]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2302.416118][T29860]  ? lockdep_hardirqs_on+0x94/0x140
[ 2302.421364][T29860]  do_syscall_64+0x4c/0xa0
[ 2302.425819][T29860]  ? clear_bhb_loop+0x30/0x80
[ 2302.430537][T29860]  ? clear_bhb_loop+0x30/0x80
[ 2302.435254][T29860]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2302.441187][T29860] RIP: 0033:0x7fbf6b85ce59
[ 2302.445639][T29860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2302.465296][T29860] RSP: 002b:00007fbf69ab6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2302.473795][T29860] RAX: ffffffffffffffda RBX: 00007fbf6bad5fa0 RCX: 00007fbf6b85ce59
[ 2302.481809][T29860] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2302.489822][T29860] RBP: 00007fbf6b8f2d6f R08: 0000000000000000 R09: 0000000000000000
[ 2302.497837][T29860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2302.505849][T29860] R13: 00007fbf6bad6038 R14: 00007fbf6bad5fa0 R15: 00007ffe83fafbf8
[ 2302.513987][T29860]  </TASK>
[ 2302.675415][T29869] netlink: 'syz.2.41816': attribute type 10 has an invalid length.
[ 2302.687293][T29869] device geneve0 entered promiscuous mode
[ 2302.933872][T29883] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.41825'.
[ 2302.951942][T29883] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[ 2303.124645][T29887] netlink: 'syz.1.41827': attribute type 3 has an invalid length.
[ 2303.192771][T29896] netlink: 'syz.4.41831': attribute type 10 has an invalid length.
[ 2303.270134][T29900] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2303.365843][T29902] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2303.374894][T29902] CPU: 0 PID: 29902 Comm: syz.4.41833 Not tainted syzkaller #0
[ 2303.382498][T29902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2303.392595][T29902] Call Trace:
[ 2303.395910][T29902]  <TASK>
[ 2303.398874][T29902]  dump_stack_lvl+0x188/0x250
[ 2303.403601][T29902]  ? show_regs_print_info+0x20/0x20
[ 2303.408846][T29902]  ? load_image+0x400/0x400
[ 2303.413402][T29902]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2303.419505][T29902]  ? sysfs_warn_dup+0x61/0xa0
[ 2303.424235][T29902]  sysfs_warn_dup+0x8a/0xa0
[ 2303.428783][T29902]  sysfs_do_create_link_sd+0xc0/0x110
[ 2303.434216][T29902]  device_add+0x7f6/0x1000
[ 2303.438701][T29902]  wiphy_register+0x1e81/0x2c30
[ 2303.443625][T29902]  ? cfg80211_event_work+0x40/0x40
[ 2303.448778][T29902]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2303.454993][T29902]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2303.460524][T29902]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2303.466204][T29902]  ? hrtimer_init+0x1c1/0x220
[ 2303.470919][T29902]  ? kasan_check_range+0x26/0x290
[ 2303.476057][T29902]  ? memset+0x1e/0x40
[ 2303.480057][T29902]  ? hrtimer_init+0x10c/0x220
[ 2303.484760][T29902]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2303.490529][T29902]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2303.495593][T29902]  genl_rcv_msg+0xcea/0xf90
[ 2303.500136][T29902]  ? genl_bind+0x380/0x380
[ 2303.504584][T29902]  ? verify_lock_unused+0x140/0x140
[ 2303.509811][T29902]  ? rcu_preempt_deferred_qs_irqrestore+0x868/0xc30
[ 2303.516424][T29902]  ? perf_trace_run_bpf_submit+0xf3/0x1c0
[ 2303.522165][T29902]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2303.528709][T29902]  netlink_rcv_skb+0x1f5/0x440
[ 2303.533493][T29902]  ? genl_bind+0x380/0x380
[ 2303.537925][T29902]  ? netlink_ack+0xb50/0xb50
[ 2303.542530][T29902]  ? lockdep_hardirqs_on+0x94/0x140
[ 2303.547763][T29902]  ? down_read+0x1aa/0x2e0
[ 2303.552207][T29902]  genl_rcv+0x24/0x40
[ 2303.556207][T29902]  netlink_unicast+0x774/0x920
[ 2303.560998][T29902]  netlink_sendmsg+0x8ba/0xbe0
[ 2303.565789][T29902]  ? netlink_getsockopt+0x570/0x570
[ 2303.571014][T29902]  ? aa_sock_msg_perm+0x94/0x150
[ 2303.575982][T29902]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2303.581294][T29902]  ? security_socket_sendmsg+0x7c/0xa0
[ 2303.586774][T29902]  ? netlink_getsockopt+0x570/0x570
[ 2303.591987][T29902]  ____sys_sendmsg+0x5b7/0x8f0
[ 2303.596779][T29902]  ? __sys_sendmsg_sock+0x30/0x30
[ 2303.601830][T29902]  ? import_iovec+0x6f/0xa0
[ 2303.606356][T29902]  ___sys_sendmsg+0x236/0x2e0
[ 2303.611072][T29902]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2303.615889][T29902]  __se_sys_sendmsg+0x1af/0x290
[ 2303.620757][T29902]  ? __x64_sys_sendmsg+0x80/0x80
[ 2303.625709][T29902]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2303.631724][T29902]  ? lockdep_hardirqs_on+0x94/0x140
[ 2303.636984][T29902]  do_syscall_64+0x4c/0xa0
[ 2303.641426][T29902]  ? clear_bhb_loop+0x30/0x80
[ 2303.646118][T29902]  ? clear_bhb_loop+0x30/0x80
[ 2303.650819][T29902]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2303.656736][T29902] RIP: 0033:0x7f34d00aee59
[ 2303.661176][T29902] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2303.680804][T29902] RSP: 002b:00007f34ce308028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2303.689255][T29902] RAX: ffffffffffffffda RBX: 00007f34d0327fa0 RCX: 00007f34d00aee59
[ 2303.697256][T29902] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2303.705255][T29902] RBP: 00007f34d0144d6f R08: 0000000000000000 R09: 0000000000000000
[ 2303.713249][T29902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2303.721236][T29902] R13: 00007f34d0328038 R14: 00007f34d0327fa0 R15: 00007ffcd89243c8
[ 2303.729244][T29902]  </TASK>
[ 2304.146303][T29929] netlink: 'syz.3.41846': attribute type 29 has an invalid length.
[ 2304.173891][T29929] netlink: 'syz.3.41846': attribute type 29 has an invalid length.
[ 2304.197610][T29932] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2304.221203][T29929] netlink: 'syz.3.41846': attribute type 29 has an invalid length.
[ 2304.247868][T29929] netlink: 'syz.3.41846': attribute type 1 has an invalid length.
[ 2304.441771][T29946] netlink: 'syz.4.41852': attribute type 10 has an invalid length.
[ 2304.478187][T29946] device geneve0 entered promiscuous mode
[ 2304.640722][T29949] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2304.659838][T29949] CPU: 1 PID: 29949 Comm: syz.2.41854 Not tainted syzkaller #0
[ 2304.667544][T29949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2304.677648][T29949] Call Trace:
[ 2304.680964][T29949]  <TASK>
[ 2304.683932][T29949]  dump_stack_lvl+0x188/0x250
[ 2304.688671][T29949]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2304.694873][T29949]  ? show_regs_print_info+0x20/0x20
[ 2304.700112][T29949]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2304.706528][T29949]  ? dump_stack+0x5/0x20
[ 2304.710830][T29949]  sysfs_warn_dup+0x8a/0xa0
[ 2304.715379][T29949]  sysfs_do_create_link_sd+0xc0/0x110
[ 2304.720795][T29949]  device_add+0x7f6/0x1000
[ 2304.725273][T29949]  wiphy_register+0x1e81/0x2c30
[ 2304.730194][T29949]  ? cfg80211_event_work+0x40/0x40
[ 2304.735356][T29949]  ? minstrel_ht_alloc+0x808/0x980
[ 2304.740523][T29949]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2304.746644][T29949]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2304.752169][T29949]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2304.757839][T29949]  ? lockdep_hardirqs_on+0x94/0x140
[ 2304.763096][T29949]  ? rcu_is_watching+0x11/0xa0
[ 2304.767902][T29949]  ? memset+0x1e/0x40
[ 2304.771935][T29949]  ? hrtimer_init+0x10c/0x220
[ 2304.776675][T29949]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2304.782461][T29949]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2304.787553][T29949]  genl_rcv_msg+0xcea/0xf90
[ 2304.792126][T29949]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2304.798336][T29949]  ? genl_bind+0x380/0x380
[ 2304.802811][T29949]  ? verify_lock_unused+0x140/0x140
[ 2304.808080][T29949]  ? rcu_preempt_deferred_qs_irqrestore+0x868/0xc30
[ 2304.814737][T29949]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2304.821311][T29949]  netlink_rcv_skb+0x1f5/0x440
[ 2304.826123][T29949]  ? genl_bind+0x380/0x380
[ 2304.830585][T29949]  ? netlink_ack+0xb50/0xb50
[ 2304.835215][T29949]  ? __lock_acquire+0x7d10/0x7d10
[ 2304.840277][T29949]  ? down_read+0x1aa/0x2e0
[ 2304.844744][T29949]  genl_rcv+0x24/0x40
[ 2304.848750][T29949]  netlink_unicast+0x774/0x920
[ 2304.853543][T29949]  netlink_sendmsg+0x8ba/0xbe0
[ 2304.858328][T29949]  ? lockdep_hardirqs_on+0x94/0x140
[ 2304.863556][T29949]  ? netlink_getsockopt+0x570/0x570
[ 2304.868781][T29949]  ? bpf_lsm_socket_accept+0x10/0x10
[ 2304.874108][T29949]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2304.879417][T29949]  ? security_socket_sendmsg+0x7c/0xa0
[ 2304.884933][T29949]  ? netlink_getsockopt+0x570/0x570
[ 2304.890255][T29949]  ____sys_sendmsg+0x5b7/0x8f0
[ 2304.895052][T29949]  ? __sys_sendmsg_sock+0x30/0x30
[ 2304.900115][T29949]  ? import_iovec+0x6f/0xa0
[ 2304.904639][T29949]  ___sys_sendmsg+0x236/0x2e0
[ 2304.909347][T29949]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2304.914142][T29949]  ? ktime_get_real_ts64+0x440/0x440
[ 2304.919464][T29949]  __se_sys_sendmsg+0x1af/0x290
[ 2304.924335][T29949]  ? __x64_sys_sendmsg+0x80/0x80
[ 2304.929306][T29949]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2304.935233][T29949]  do_syscall_64+0x4c/0xa0
[ 2304.939674][T29949]  ? clear_bhb_loop+0x30/0x80
[ 2304.944371][T29949]  ? clear_bhb_loop+0x30/0x80
[ 2304.949116][T29949]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2304.955031][T29949] RIP: 0033:0x7fd3ac021e59
[ 2304.959472][T29949] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2304.979100][T29949] RSP: 002b:00007fd3aa27b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2304.987532][T29949] RAX: ffffffffffffffda RBX: 00007fd3ac29afa0 RCX: 00007fd3ac021e59
[ 2304.995526][T29949] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2305.003518][T29949] RBP: 00007fd3ac0b7d6f R08: 0000000000000000 R09: 0000000000000000
[ 2305.011509][T29949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2305.019493][T29949] R13: 00007fd3ac29b038 R14: 00007fd3ac29afa0 R15: 00007ffca2c65f78
[ 2305.027506][T29949]  </TASK>
[ 2305.447294][T29970] netlink: 'syz.0.41862': attribute type 29 has an invalid length.
[ 2305.477521][T29970] netlink: 'syz.0.41862': attribute type 29 has an invalid length.
[ 2305.515889][T29970] netlink: 'syz.0.41862': attribute type 29 has an invalid length.
[ 2305.613129][T29970] netlink: 'syz.0.41862': attribute type 1 has an invalid length.
[ 2305.627242][T29970] __nla_validate_parse: 7 callbacks suppressed
[ 2305.627296][T29970] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.41862'.
[ 2305.826126][T29981] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.41868'.
[ 2305.902630][T29981] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2305.927281][T29981] CPU: 1 PID: 29981 Comm: syz.1.41868 Not tainted syzkaller #0
[ 2305.934917][T29981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2305.945041][T29981] Call Trace:
[ 2305.948371][T29981]  <TASK>
[ 2305.951356][T29981]  dump_stack_lvl+0x188/0x250
[ 2305.956106][T29981]  ? show_regs_print_info+0x20/0x20
[ 2305.961372][T29981]  ? load_image+0x400/0x400
[ 2305.965985][T29981]  sysfs_warn_dup+0x8a/0xa0
[ 2305.970564][T29981]  sysfs_do_create_link_sd+0xc0/0x110
[ 2305.976002][T29981]  device_add+0x7f6/0x1000
[ 2305.980525][T29981]  wiphy_register+0x1e81/0x2c30
[ 2305.985511][T29981]  ? cfg80211_event_work+0x40/0x40
[ 2305.990693][T29981]  ? minstrel_ht_alloc+0x808/0x980
[ 2305.995895][T29981]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2306.002069][T29981]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2306.007655][T29981]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2306.013378][T29981]  ? rcu_is_watching+0x11/0xa0
[ 2306.018215][T29981]  ? memset+0x1e/0x40
[ 2306.022258][T29981]  ? hrtimer_init+0x10c/0x220
[ 2306.027014][T29981]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2306.032866][T29981]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2306.038004][T29981]  genl_rcv_msg+0xcea/0xf90
[ 2306.042627][T29981]  ? genl_bind+0x380/0x380
[ 2306.047125][T29981]  ? __bpf_trace_bpf_trace_printk+0x20/0x20
[ 2306.053187][T29981]  ? verify_lock_unused+0x140/0x140
[ 2306.058470][T29981]  ? perf_trace_run_bpf_submit+0x124/0x1c0
[ 2306.064354][T29981]  ? perf_trace_lock+0x301/0x390
[ 2306.069365][T29981]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2306.075991][T29981]  netlink_rcv_skb+0x1f5/0x440
[ 2306.080828][T29981]  ? genl_bind+0x380/0x380
[ 2306.085311][T29981]  ? netlink_ack+0xb50/0xb50
[ 2306.089967][T29981]  ? __lock_acquire+0x7d10/0x7d10
[ 2306.095088][T29981]  ? down_read+0x1aa/0x2e0
[ 2306.099583][T29981]  genl_rcv+0x24/0x40
[ 2306.103622][T29981]  netlink_unicast+0x774/0x920
[ 2306.108481][T29981]  netlink_sendmsg+0x8ba/0xbe0
[ 2306.113380][T29981]  ? netlink_getsockopt+0x570/0x570
[ 2306.118645][T29981]  ? aa_sock_msg_perm+0x94/0x150
[ 2306.123662][T29981]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2306.128999][T29981]  ? security_socket_sendmsg+0x7c/0xa0
[ 2306.134523][T29981]  ? netlink_getsockopt+0x570/0x570
[ 2306.139783][T29981]  ____sys_sendmsg+0x5b7/0x8f0
[ 2306.144651][T29981]  ? __sys_sendmsg_sock+0x30/0x30
[ 2306.149772][T29981]  ? import_iovec+0x6f/0xa0
[ 2306.154353][T29981]  ___sys_sendmsg+0x236/0x2e0
[ 2306.159134][T29981]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2306.164123][T29981]  __se_sys_sendmsg+0x1af/0x290
[ 2306.169055][T29981]  ? __x64_sys_sendmsg+0x80/0x80
[ 2306.174113][T29981]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2306.180084][T29981]  do_syscall_64+0x4c/0xa0
[ 2306.184556][T29981]  ? clear_bhb_loop+0x30/0x80
[ 2306.189294][T29981]  ? clear_bhb_loop+0x30/0x80
[ 2306.194046][T29981]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2306.199998][T29981] RIP: 0033:0x7f8a79c76e59
[ 2306.204479][T29981] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2306.224143][T29981] RSP: 002b:00007f8a77ed0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2306.232630][T29981] RAX: ffffffffffffffda RBX: 00007f8a79eeffa0 RCX: 00007f8a79c76e59
[ 2306.240656][T29981] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2306.248706][T29981] RBP: 00007f8a79d0cd6f R08: 0000000000000000 R09: 0000000000000000
[ 2306.256727][T29981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2306.264757][T29981] R13: 00007f8a79ef0038 R14: 00007f8a79eeffa0 R15: 00007ffd57aa9638
[ 2306.272835][T29981]  </TASK>
[ 2306.296251][T29988] netlink: 'syz.0.41869': attribute type 10 has an invalid length.
[ 2306.347468][T29988] device geneve0 entered promiscuous mode
[ 2306.468773][T29993] delete_channel: no stack
[ 2306.750291][T30010] netlink: 168 bytes leftover after parsing attributes in process `syz.1.41877'.
[ 2306.864210][T30012] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.41880'.
[ 2307.056889][T30018] delete_channel: no stack
[ 2307.100069][T30025] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.41887'.
[ 2307.162304][T30025] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2307.192346][T30025] CPU: 1 PID: 30025 Comm: syz.1.41887 Not tainted syzkaller #0
[ 2307.200063][T30025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2307.210149][T30025] Call Trace:
[ 2307.213451][T30025]  <TASK>
[ 2307.216408][T30025]  dump_stack_lvl+0x188/0x250
[ 2307.221116][T30025]  ? show_regs_print_info+0x20/0x20
[ 2307.226334][T30025]  ? load_image+0x400/0x400
[ 2307.230869][T30025]  sysfs_warn_dup+0x8a/0xa0
[ 2307.235408][T30025]  sysfs_do_create_link_sd+0xc0/0x110
[ 2307.240802][T30025]  device_add+0x7f6/0x1000
[ 2307.245251][T30025]  wiphy_register+0x1e81/0x2c30
[ 2307.250141][T30025]  ? cfg80211_event_work+0x40/0x40
[ 2307.255276][T30025]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2307.261465][T30025]  ? ieee80211_register_hw+0x28c0/0x3af0
[ 2307.267129][T30025]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2307.272629][T30025]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2307.278292][T30025]  ? hrtimer_init+0x9f/0x220
[ 2307.282916][T30025]  ? __sanitizer_cov_trace_pc+0x4/0x60
[ 2307.288406][T30025]  ? hrtimer_init+0x10c/0x220
[ 2307.293112][T30025]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2307.298869][T30025]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2307.303941][T30025]  genl_rcv_msg+0xcea/0xf90
[ 2307.308479][T30025]  ? genl_bind+0x380/0x380
[ 2307.312927][T30025]  ? __dev_queue_xmit+0x1cbf/0x2f80
[ 2307.318147][T30025]  ? verify_lock_unused+0x140/0x140
[ 2307.323373][T30025]  ? perf_trace_run_bpf_submit+0xf3/0x1c0
[ 2307.329126][T30025]  ? perf_trace_preemptirq_template+0x2aa/0x360
[ 2307.335505][T30025]  ? mark_lock+0x94/0x320
[ 2307.339862][T30025]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2307.346396][T30025]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2307.352406][T30025]  netlink_rcv_skb+0x1f5/0x440
[ 2307.357184][T30025]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2307.363365][T30025]  ? genl_bind+0x380/0x380
[ 2307.367815][T30025]  ? netlink_ack+0xb50/0xb50
[ 2307.372432][T30025]  ? down_read+0x18e/0x2e0
[ 2307.376867][T30025]  ? down_read+0x19d/0x2e0
[ 2307.381307][T30025]  ? down_read+0x1aa/0x2e0
[ 2307.385743][T30025]  genl_rcv+0x24/0x40
[ 2307.389759][T30025]  netlink_unicast+0x774/0x920
[ 2307.394652][T30025]  netlink_sendmsg+0x8ba/0xbe0
[ 2307.399443][T30025]  ? netlink_getsockopt+0x570/0x570
[ 2307.404677][T30025]  ? netlink_getsockopt+0x570/0x570
[ 2307.409896][T30025]  ____sys_sendmsg+0x5b7/0x8f0
[ 2307.414685][T30025]  ? __sys_sendmsg_sock+0x30/0x30
[ 2307.419742][T30025]  ? import_iovec+0x6f/0xa0
[ 2307.424266][T30025]  ___sys_sendmsg+0x236/0x2e0
[ 2307.428984][T30025]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2307.433815][T30025]  __se_sys_sendmsg+0x1af/0x290
[ 2307.438688][T30025]  ? __x64_sys_sendmsg+0x80/0x80
[ 2307.443662][T30025]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2307.449590][T30025]  do_syscall_64+0x4c/0xa0
[ 2307.454028][T30025]  ? clear_bhb_loop+0x30/0x80
[ 2307.458727][T30025]  ? clear_bhb_loop+0x30/0x80
[ 2307.463424][T30025]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2307.469333][T30025] RIP: 0033:0x7f8a79c76e59
[ 2307.473772][T30025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2307.493395][T30025] RSP: 002b:00007f8a77ed0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2307.501829][T30025] RAX: ffffffffffffffda RBX: 00007f8a79eeffa0 RCX: 00007f8a79c76e59
[ 2307.509827][T30025] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2307.517814][T30025] RBP: 00007f8a79d0cd6f R08: 0000000000000000 R09: 0000000000000000
[ 2307.525810][T30025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2307.533826][T30025] R13: 00007f8a79ef0038 R14: 00007f8a79eeffa0 R15: 00007ffd57aa9638
[ 2307.541851][T30025]  </TASK>
[ 2307.791092][T30035] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.41892'.
[ 2307.846879][T30038] netlink: 168 bytes leftover after parsing attributes in process `syz.3.41893'.
[ 2307.857250][T30041] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.41892'.
[ 2307.973935][T30044] netlink: 157116 bytes leftover after parsing attributes in process `syz.2.41895'.
[ 2308.227428][T30053] delete_channel: no stack
[ 2308.524693][T30068] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.41903'.
[ 2308.602579][T30068] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2308.645956][T30068] CPU: 0 PID: 30068 Comm: syz.3.41903 Not tainted syzkaller #0
[ 2308.653582][T30068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2308.663699][T30068] Call Trace:
[ 2308.667024][T30068]  <TASK>
[ 2308.669988][T30068]  dump_stack_lvl+0x188/0x250
[ 2308.675041][T30068]  ? show_regs_print_info+0x20/0x20
[ 2308.680303][T30068]  ? load_image+0x400/0x400
[ 2308.684863][T30068]  sysfs_warn_dup+0x8a/0xa0
[ 2308.689414][T30068]  sysfs_do_create_link_sd+0xc0/0x110
[ 2308.694836][T30068]  device_add+0x7f6/0x1000
[ 2308.699309][T30068]  wiphy_register+0x1e81/0x2c30
[ 2308.704238][T30068]  ? cfg80211_event_work+0x40/0x40
[ 2308.709402][T30068]  ? minstrel_ht_alloc+0x808/0x980
[ 2308.714667][T30068]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2308.720799][T30068]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2308.726327][T30068]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2308.732025][T30068]  ? rcu_is_watching+0x11/0xa0
[ 2308.736836][T30068]  ? memset+0x1e/0x40
[ 2308.740862][T30068]  ? hrtimer_init+0x10c/0x220
[ 2308.745597][T30068]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2308.751382][T30068]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2308.756474][T30068]  genl_rcv_msg+0xcea/0xf90
[ 2308.761039][T30068]  ? genl_bind+0x380/0x380
[ 2308.765524][T30068]  ? mark_lock+0x94/0x320
[ 2308.769897][T30068]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2308.775931][T30068]  ? lock_chain_count+0x20/0x20
[ 2308.780839][T30068]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2308.787043][T30068]  ? lockdep_hardirqs_on+0x94/0x140
[ 2308.792293][T30068]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2308.798861][T30068]  ? netlink_rcv_skb+0x1d4/0x440
[ 2308.803859][T30068]  netlink_rcv_skb+0x1f5/0x440
[ 2308.808668][T30068]  ? genl_bind+0x380/0x380
[ 2308.813136][T30068]  ? netlink_ack+0xb50/0xb50
[ 2308.817781][T30068]  ? __lock_acquire+0x7d10/0x7d10
[ 2308.822854][T30068]  ? down_read+0x1aa/0x2e0
[ 2308.827317][T30068]  genl_rcv+0x24/0x40
[ 2308.831349][T30068]  netlink_unicast+0x774/0x920
[ 2308.836210][T30068]  netlink_sendmsg+0x8ba/0xbe0
[ 2308.841025][T30068]  ? netlink_getsockopt+0x570/0x570
[ 2308.846268][T30068]  ? aa_sock_msg_perm+0x94/0x150
[ 2308.851251][T30068]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2308.856583][T30068]  ? security_socket_sendmsg+0x7c/0xa0
[ 2308.862092][T30068]  ? netlink_getsockopt+0x570/0x570
[ 2308.867339][T30068]  ____sys_sendmsg+0x5b7/0x8f0
[ 2308.872162][T30068]  ? __sys_sendmsg_sock+0x30/0x30
[ 2308.877264][T30068]  ? import_iovec+0x6f/0xa0
[ 2308.881821][T30068]  ___sys_sendmsg+0x236/0x2e0
[ 2308.886644][T30068]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2308.891476][T30068]  ? ktime_get_real_ts64+0x440/0x440
[ 2308.896829][T30068]  __se_sys_sendmsg+0x1af/0x290
[ 2308.901741][T30068]  ? __x64_sys_sendmsg+0x80/0x80
[ 2308.906748][T30068]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2308.912691][T30068]  do_syscall_64+0x4c/0xa0
[ 2308.917155][T30068]  ? clear_bhb_loop+0x30/0x80
[ 2308.921869][T30068]  ? clear_bhb_loop+0x30/0x80
[ 2308.926613][T30068]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2308.932634][T30068] RIP: 0033:0x7fdd1d946e59
[ 2308.937094][T30068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2308.956770][T30068] RSP: 002b:00007fdd1bba0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2308.965234][T30068] RAX: ffffffffffffffda RBX: 00007fdd1dbbffa0 RCX: 00007fdd1d946e59
[ 2308.973253][T30068] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2308.981269][T30068] RBP: 00007fdd1d9dcd6f R08: 0000000000000000 R09: 0000000000000000
[ 2308.989285][T30068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2308.997298][T30068] R13: 00007fdd1dbc0038 R14: 00007fdd1dbbffa0 R15: 00007ffc81aa1768
[ 2309.005333][T30068]  </TASK>
[ 2309.193591][T30074] validate_nla: 12 callbacks suppressed
[ 2309.193630][T30074] netlink: 'syz.0.41906': attribute type 10 has an invalid length.
[ 2309.359389][T30084] netlink: 'syz.2.41910': attribute type 29 has an invalid length.
[ 2309.383644][T30084] netlink: 'syz.2.41910': attribute type 29 has an invalid length.
[ 2309.435237][T30085] netlink: 'syz.2.41910': attribute type 29 has an invalid length.
[ 2309.468790][T30084] netlink: 'syz.2.41910': attribute type 1 has an invalid length.
[ 2309.760415][T30093] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2309.807848][T30093] CPU: 1 PID: 30093 Comm: syz.0.41923 Not tainted syzkaller #0
[ 2309.815481][T30093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2309.825570][T30093] Call Trace:
[ 2309.828882][T30093]  <TASK>
[ 2309.831842][T30093]  dump_stack_lvl+0x188/0x250
[ 2309.836559][T30093]  ? show_regs_print_info+0x20/0x20
[ 2309.841813][T30093]  ? load_image+0x400/0x400
[ 2309.846374][T30093]  sysfs_warn_dup+0x8a/0xa0
[ 2309.850917][T30093]  sysfs_do_create_link_sd+0xc0/0x110
[ 2309.856381][T30093]  device_add+0x7f6/0x1000
[ 2309.860849][T30093]  wiphy_register+0x1e81/0x2c30
[ 2309.865771][T30093]  ? cfg80211_event_work+0x40/0x40
[ 2309.870930][T30093]  ? minstrel_ht_alloc+0x808/0x980
[ 2309.876194][T30093]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2309.882317][T30093]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2309.887833][T30093]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2309.893514][T30093]  ? hrtimer_init+0xdb/0x220
[ 2309.898149][T30093]  ? hrtimer_init+0x107/0x220
[ 2309.902869][T30093]  ? hrtimer_init+0x10c/0x220
[ 2309.907588][T30093]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2309.913377][T30093]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2309.918467][T30093]  genl_rcv_msg+0xcea/0xf90
[ 2309.923020][T30093]  ? genl_bind+0x380/0x380
[ 2309.927484][T30093]  ? __dev_queue_xmit+0x1cbf/0x2f80
[ 2309.932722][T30093]  ? verify_lock_unused+0x140/0x140
[ 2309.937983][T30093]  ? perf_trace_preemptirq_template+0x2bc/0x360
[ 2309.944271][T30093]  ? irqentry_enter+0x33/0x50
[ 2309.948998][T30093]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2309.955567][T30093]  netlink_rcv_skb+0x1f5/0x440
[ 2309.960386][T30093]  ? genl_bind+0x380/0x380
[ 2309.964846][T30093]  ? netlink_ack+0xb50/0xb50
[ 2309.969476][T30093]  ? __lock_acquire+0x7d10/0x7d10
[ 2309.974548][T30093]  ? down_read+0x1aa/0x2e0
[ 2309.979013][T30093]  genl_rcv+0x24/0x40
[ 2309.983034][T30093]  netlink_unicast+0x774/0x920
[ 2309.987852][T30093]  netlink_sendmsg+0x8ba/0xbe0
[ 2309.992671][T30093]  ? netlink_getsockopt+0x570/0x570
[ 2309.997908][T30093]  ? aa_sock_msg_perm+0x94/0x150
[ 2310.002888][T30093]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2310.008210][T30093]  ? security_socket_sendmsg+0x7c/0xa0
[ 2310.013714][T30093]  ? netlink_getsockopt+0x570/0x570
[ 2310.018951][T30093]  ____sys_sendmsg+0x5b7/0x8f0
[ 2310.023775][T30093]  ? __sys_sendmsg_sock+0x30/0x30
[ 2310.028851][T30093]  ? import_iovec+0x6f/0xa0
[ 2310.033400][T30093]  ___sys_sendmsg+0x236/0x2e0
[ 2310.038130][T30093]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2310.042950][T30093]  ? __fget_files+0x384/0x480
[ 2310.047730][T30093]  __se_sys_sendmsg+0x1af/0x290
[ 2310.052623][T30093]  ? __x64_sys_sendmsg+0x80/0x80
[ 2310.057615][T30093]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2310.063560][T30093]  do_syscall_64+0x4c/0xa0
[ 2310.068019][T30093]  ? clear_bhb_loop+0x30/0x80
[ 2310.072729][T30093]  ? clear_bhb_loop+0x30/0x80
[ 2310.077456][T30093]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2310.083407][T30093] RIP: 0033:0x7fbf6b85ce59
[ 2310.087860][T30093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2310.107501][T30093] RSP: 002b:00007fbf69ab6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2310.115959][T30093] RAX: ffffffffffffffda RBX: 00007fbf6bad5fa0 RCX: 00007fbf6b85ce59
[ 2310.123980][T30093] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2310.131991][T30093] RBP: 00007fbf6b8f2d6f R08: 0000000000000000 R09: 0000000000000000
[ 2310.140000][T30093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2310.148005][T30093] R13: 00007fbf6bad6038 R14: 00007fbf6bad5fa0 R15: 00007ffe83fafbf8
[ 2310.156040][T30093]  </TASK>
[ 2310.353726][T30100] delete_channel: no stack
[ 2310.503698][T30104] IPv6: Can't replace route, no match found
[ 2310.976670][T30123] netlink: 'syz.1.41922': attribute type 10 has an invalid length.
[ 2311.014714][T30122] netlink: 'syz.4.41925': attribute type 29 has an invalid length.
[ 2311.043695][T30123] device geneve0 entered promiscuous mode
[ 2311.114568][T30122] netlink: 'syz.4.41925': attribute type 29 has an invalid length.
[ 2311.144297][T30127] netlink: 'syz.4.41925': attribute type 29 has an invalid length.
[ 2311.184592][T30129] netlink: 'syz.4.41925': attribute type 1 has an invalid length.
[ 2311.192473][T30129] __nla_validate_parse: 5 callbacks suppressed
[ 2311.192489][T30129] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.41925'.
[ 2311.320528][T30134] netlink: 212168 bytes leftover after parsing attributes in process `syz.0.41929'.
[ 2312.142321][T30144] netlink: 144 bytes leftover after parsing attributes in process `syz.4.41932'.
[ 2312.200298][T30144] device team_slave_0 left promiscuous mode
[ 2312.223598][T30144] team0: Port device team_slave_0 removed
[ 2312.260418][T30144] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 2312.911614][T30170] netlink: 212168 bytes leftover after parsing attributes in process `syz.2.41943'.
[ 2313.997935][T30199] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.41951'.
[ 2314.033231][T30199] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2314.065776][T30199] CPU: 0 PID: 30199 Comm: syz.2.41951 Not tainted syzkaller #0
[ 2314.073389][T30199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2314.083490][T30199] Call Trace:
[ 2314.086799][T30199]  <TASK>
[ 2314.089764][T30199]  dump_stack_lvl+0x188/0x250
[ 2314.094480][T30199]  ? show_regs_print_info+0x20/0x20
[ 2314.099713][T30199]  ? load_image+0x400/0x400
[ 2314.104272][T30199]  sysfs_warn_dup+0x8a/0xa0
[ 2314.108811][T30199]  sysfs_do_create_link_sd+0xc0/0x110
[ 2314.114223][T30199]  device_add+0x7f6/0x1000
[ 2314.118696][T30199]  wiphy_register+0x1e81/0x2c30
[ 2314.123606][T30199]  ? cfg80211_event_work+0x40/0x40
[ 2314.128753][T30199]  ? minstrel_ht_alloc+0x808/0x980
[ 2314.133909][T30199]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2314.140058][T30199]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2314.145579][T30199]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2314.151380][T30199]  ? rcu_is_watching+0x11/0xa0
[ 2314.156184][T30199]  ? memset+0x1e/0x40
[ 2314.160197][T30199]  ? hrtimer_init+0x10c/0x220
[ 2314.164923][T30199]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2314.170706][T30199]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2314.175804][T30199]  genl_rcv_msg+0xcea/0xf90
[ 2314.180386][T30199]  ? genl_bind+0x380/0x380
[ 2314.184845][T30199]  ? __bpf_trace_bpf_trace_printk+0x20/0x20
[ 2314.190786][T30199]  ? __dev_queue_xmit+0x1cbf/0x2f80
[ 2314.196018][T30199]  ? verify_lock_unused+0x140/0x140
[ 2314.201263][T30199]  ? perf_trace_run_bpf_submit+0x124/0x1c0
[ 2314.207115][T30199]  ? perf_trace_lock+0x301/0x390
[ 2314.212067][T30199]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2314.218605][T30199]  netlink_rcv_skb+0x1f5/0x440
[ 2314.223407][T30199]  ? genl_bind+0x380/0x380
[ 2314.227975][T30199]  ? netlink_ack+0xb50/0xb50
[ 2314.232598][T30199]  ? __lock_acquire+0x7d10/0x7d10
[ 2314.237665][T30199]  ? down_read+0x1aa/0x2e0
[ 2314.242141][T30199]  genl_rcv+0x24/0x40
[ 2314.246158][T30199]  netlink_unicast+0x774/0x920
[ 2314.250979][T30199]  netlink_sendmsg+0x8ba/0xbe0
[ 2314.255809][T30199]  ? netlink_getsockopt+0x570/0x570
[ 2314.261066][T30199]  ? aa_sock_msg_perm+0x94/0x150
[ 2314.266048][T30199]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2314.271371][T30199]  ? security_socket_sendmsg+0x7c/0xa0
[ 2314.276871][T30199]  ? netlink_getsockopt+0x570/0x570
[ 2314.282112][T30199]  ____sys_sendmsg+0x5b7/0x8f0
[ 2314.286936][T30199]  ? __sys_sendmsg_sock+0x30/0x30
[ 2314.292018][T30199]  ? import_iovec+0x6f/0xa0
[ 2314.296573][T30199]  ___sys_sendmsg+0x236/0x2e0
[ 2314.301319][T30199]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2314.306139][T30199]  ? trace_event_raw_event_lock+0x270/0x270
[ 2314.312102][T30199]  __se_sys_sendmsg+0x1af/0x290
[ 2314.317014][T30199]  ? __x64_sys_sendmsg+0x80/0x80
[ 2314.321993][T30199]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2314.328058][T30199]  ? lockdep_hardirqs_on+0x94/0x140
[ 2314.333304][T30199]  do_syscall_64+0x4c/0xa0
[ 2314.337761][T30199]  ? clear_bhb_loop+0x30/0x80
[ 2314.342480][T30199]  ? clear_bhb_loop+0x30/0x80
[ 2314.347207][T30199]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2314.353146][T30199] RIP: 0033:0x7fd3ac021e59
[ 2314.357603][T30199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2314.377269][T30199] RSP: 002b:00007fd3aa25a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2314.385742][T30199] RAX: ffffffffffffffda RBX: 00007fd3ac29b090 RCX: 00007fd3ac021e59
[ 2314.393754][T30199] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2314.401764][T30199] RBP: 00007fd3ac0b7d6f R08: 0000000000000000 R09: 0000000000000000
[ 2314.409785][T30199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2314.417796][T30199] R13: 00007fd3ac29b128 R14: 00007fd3ac29b090 R15: 00007ffca2c65f78
[ 2314.425829][T30199]  </TASK>
[ 2314.772169][T30216] netlink: 163260 bytes leftover after parsing attributes in process `syz.3.41962'.
[ 2314.861766][T30220] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.41970'.
[ 2314.958662][T30220] netlink: del zone limit has 8 unknown bytes
[ 2314.993688][T30223] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.41974'.
[ 2315.038160][T30226] netlink: 'syz.3.41963': attribute type 10 has an invalid length.
[ 2315.086002][T30226] device geneve0 entered promiscuous mode
[ 2315.161837][T30223] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[ 2315.185839][T30223] CPU: 1 PID: 30223 Comm: syz.1.41974 Not tainted syzkaller #0
[ 2315.193462][T30223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2315.203552][T30223] Call Trace:
[ 2315.206862][T30223]  <TASK>
[ 2315.209823][T30223]  dump_stack_lvl+0x188/0x250
[ 2315.214550][T30223]  ? show_regs_print_info+0x20/0x20
[ 2315.219788][T30223]  ? load_image+0x400/0x400
[ 2315.224350][T30223]  ? _printk+0x8/0x130
[ 2315.228455][T30223]  sysfs_warn_dup+0x8a/0xa0
[ 2315.232994][T30223]  sysfs_do_create_link_sd+0xc0/0x110
[ 2315.238398][T30223]  device_add+0x7f6/0x1000
[ 2315.242860][T30223]  wiphy_register+0x1e81/0x2c30
[ 2315.247769][T30223]  ? cfg80211_event_work+0x40/0x40
[ 2315.252922][T30223]  ? minstrel_ht_alloc+0x808/0x980
[ 2315.258076][T30223]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[ 2315.264184][T30223]  ieee80211_register_hw+0x2aa1/0x3af0
[ 2315.269702][T30223]  ? ieee80211_tasklet_handler+0x20/0x20
[ 2315.275379][T30223]  ? rcu_is_watching+0x11/0xa0
[ 2315.280172][T30223]  ? memset+0x1e/0x40
[ 2315.284183][T30223]  ? hrtimer_init+0x10c/0x220
[ 2315.288955][T30223]  mac80211_hwsim_new_radio+0x20d3/0x4080
[ 2315.294741][T30223]  hwsim_new_radio_nl+0xa6f/0xc40
[ 2315.299824][T30223]  genl_rcv_msg+0xcea/0xf90
[ 2315.304360][T30223]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2315.310562][T30223]  ? genl_bind+0x380/0x380
[ 2315.315023][T30223]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2315.321059][T30223]  ? lock_chain_count+0x20/0x20
[ 2315.325950][T30223]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2315.332183][T30223]  ? lockdep_hardirqs_on+0x94/0x140
[ 2315.337425][T30223]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2315.343626][T30223]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[ 2315.350184][T30223]  ? lock_acquire+0x208/0x400
[ 2315.354913][T30223]  netlink_rcv_skb+0x1f5/0x440
[ 2315.359717][T30223]  ? genl_bind+0x380/0x380
[ 2315.364193][T30223]  ? netlink_ack+0xb50/0xb50
[ 2315.368828][T30223]  ? __lock_acquire+0x7d10/0x7d10
[ 2315.373934][T30223]  ? down_read+0x1aa/0x2e0
[ 2315.378424][T30223]  genl_rcv+0x24/0x40
[ 2315.382442][T30223]  netlink_unicast+0x774/0x920
[ 2315.387251][T30223]  netlink_sendmsg+0x8ba/0xbe0
[ 2315.392074][T30223]  ? netlink_getsockopt+0x570/0x570
[ 2315.397315][T30223]  ? aa_sock_msg_perm+0x94/0x150
[ 2315.402293][T30223]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2315.407622][T30223]  ? security_socket_sendmsg+0x7c/0xa0
[ 2315.413121][T30223]  ? netlink_getsockopt+0x570/0x570
[ 2315.418352][T30223]  ____sys_sendmsg+0x5b7/0x8f0
[ 2315.423171][T30223]  ? __sys_sendmsg_sock+0x30/0x30
[ 2315.428248][T30223]  ? import_iovec+0x6f/0xa0
[ 2315.432798][T30223]  ___sys_sendmsg+0x236/0x2e0
[ 2315.437537][T30223]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2315.442391][T30223]  __se_sys_sendmsg+0x1af/0x290
[ 2315.447295][T30223]  ? __x64_sys_sendmsg+0x80/0x80
[ 2315.452284][T30223]  ? lockdep_hardirqs_on+0x94/0x140
[ 2315.457543][T30223]  do_syscall_64+0x4c/0xa0
[ 2315.462000][T30223]  ? clear_bhb_loop+0x30/0x80
[ 2315.466731][T30223]  ? clear_bhb_loop+0x30/0x80
[ 2315.471445][T30223]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2315.477378][T30223] RIP: 0033:0x7f8a79c76e59
[ 2315.481829][T30223] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2315.501502][T30223] RSP: 002b:00007f8a77ed0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2315.509960][T30223] RAX: ffffffffffffffda RBX: 00007f8a79eeffa0 RCX: 00007f8a79c76e59
[ 2315.517969][T30223] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2315.525981][T30223] RBP: 00007f8a79d0cd6f R08: 0000000000000000 R09: 0000000000000000
[ 2315.533993][T30223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2315.541996][T30223] R13: 00007f8a79ef0038 R14: 00007f8a79eeffa0 R15: 00007ffd57aa9638
[ 2315.550064][T30223]  </TASK>
[ 2316.032593][T30237] IPv6: Can't replace route, no match found
[ 2316.680951][T30262] netlink: 'syz.2.41980': attribute type 17 has an invalid length.
[ 2316.710555][T30262] netlink: 152 bytes leftover after parsing attributes in process `syz.2.41980'.
[ 2316.727872][T30264] netlink: 'syz.4.41981': attribute type 2 has an invalid length.
[ 2316.735805][T30262] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[ 2316.754536][T30264] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.41981'.
[ 2317.641568][T30301] netlink: 144 bytes leftover after parsing attributes in process `syz.3.41996'.
[ 2317.666617][T30301] team0: Port device team_slave_0 removed
[ 2317.683450][T30301] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 2317.731138][T30307] netlink: 'syz.0.41999': attribute type 2 has an invalid length.
[ 2317.749273][T30307] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.41999'.
[ 2317.843244][T30309] netlink: 'syz.4.42000': attribute type 17 has an invalid length.
[ 2317.864790][T30309] netlink: 152 bytes leftover after parsing attributes in process `syz.4.42000'.
[ 2317.883293][T30309] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[ 2318.526572][T30344] netlink: 'syz.1.42017': attribute type 2 has an invalid length.
[ 2318.573099][T30344] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.42017'.
[ 2318.750845][T30346] netlink: 144 bytes leftover after parsing attributes in process `syz.0.42015'.
[ 2318.762718][T30346] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 2318.786803][T30351] netlink: 'syz.3.42018': attribute type 17 has an invalid length.
[ 2318.813198][T30351] netlink: 152 bytes leftover after parsing attributes in process `syz.3.42018'.
[ 2318.831093][T30351] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[ 2318.949334][T30355] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.42022'.
[ 2318.972817][T30355] netlink: del zone limit has 8 unknown bytes
[ 2319.077026][T30360] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.42025'.
[ 2319.271787][T30369] netlink: del zone limit has 8 unknown bytes
[ 2319.661211][T30384] netlink: 'syz.2.42033': attribute type 1 has an invalid length.
[ 2319.692725][T30386] netlink: 'syz.1.42035': attribute type 17 has an invalid length.
[ 2319.706524][T30386] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[ 2319.782471][T30394] netlink: 'syz.0.42037': attribute type 10 has an invalid length.
[ 2320.372989][T30418] IPv6: Can't replace route, no match found
[ 2320.662050][T30430] validate_nla: 1 callbacks suppressed
[ 2320.662075][T30430] netlink: 'syz.0.42051': attribute type 17 has an invalid length.
[ 2320.676752][T30430] A link change request failed with some changes committed already. Interface Q�6�`Ҙ may have been left with an inconsistent configuration, please check.
[ 2321.389617][T30469] netlink: 'syz.1.42072': attribute type 10 has an invalid length.
[ 2321.424406][T30469] device team0 left promiscuous mode
[ 2321.445271][T30469] device team_slave_0 left promiscuous mode
[ 2321.451481][T30469] device team_slave_1 left promiscuous mode
[ 2321.471009][T30469] device virt_wifi0 left promiscuous mode
[ 2321.477490][T30469] device hsr_slave_0 left promiscuous mode
[ 2321.483986][T30469] device wlan1 left promiscuous mode
[ 2321.526065][T30469] team0: Cannot enslave team device to itself
[ 2323.468418][T30551] __nla_validate_parse: 5 callbacks suppressed
[ 2323.468453][T30551] netlink: 199824 bytes leftover after parsing attributes in process `syz.0.42104'.
[ 2323.967364][T30583] IPv6: Can't replace route, no match found
[ 2325.770035][T30639] IPv6: Can't replace route, no match found
[ 2326.320345][T30658] netlink: 144 bytes leftover after parsing attributes in process `syz.1.42143'.
[ 2326.367760][T30658] team0: Port device team_slave_0 removed
[ 2326.378608][T30658] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 2326.575382][T30671] netlink: 'syz.2.42165': attribute type 10 has an invalid length.
[ 2326.586469][T30671] device team0 left promiscuous mode
[ 2326.591837][T30671] device team_slave_1 left promiscuous mode
[ 2326.598951][T30671] device wlan1 left promiscuous mode
[ 2326.605025][T30671] device virt_wifi0 left promiscuous mode
[ 2326.611102][T30671] device geneve1 left promiscuous mode
[ 2326.629080][T30671] team0: Cannot enslave team device to itself
[ 2326.662604][T30674] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.42154'.
[ 2326.968221][T30692] netlink: 199824 bytes leftover after parsing attributes in process `syz.3.42162'.
[ 2327.164862][T30708] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.42171'.
[ 2327.183731][T30708] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.42171'.
[ 2327.350858][T30713] IPv6: Can't replace route, no match found
[ 2327.873314][T30716] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.42173'.
[ 2328.249768][T30728] netlink: 199824 bytes leftover after parsing attributes in process `syz.1.42179'.
[ 2328.426387][T30742] netlink: 'syz.2.42186': attribute type 28 has an invalid length.
[ 2328.512462][T30752] netlink: 144 bytes leftover after parsing attributes in process `syz.2.42187'.
[ 2328.522624][T30752] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 2329.329930][T30767] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.42192'.
[ 2329.709437][T30782] netlink: 'syz.1.42196': attribute type 1 has an invalid length.
[ 2329.720231][T30784] netlink: 199824 bytes leftover after parsing attributes in process `syz.4.42195'.
[ 2329.754112][T30782] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.42196'.
[ 2329.855877][T30786] netlink: 'syz.0.42198': attribute type 28 has an invalid length.
[ 2331.630624][T30825] netlink: 'syz.3.42218': attribute type 1 has an invalid length.
[ 2331.632572][T30821] netlink: 199824 bytes leftover after parsing attributes in process `syz.2.42217'.
[ 2331.663707][T30825] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.42218'.
[ 2331.676085][T30823] netlink: 'syz.1.42220': attribute type 28 has an invalid length.
[ 2331.700019][T30827] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.42216'.
[ 2331.963202][    C1] 
[ 2331.963213][    C1] ================================
[ 2331.963219][    C1] WARNING: inconsistent lock state
[ 2331.963245][    C1] syzkaller #0 Not tainted
[ 2331.963256][    C1] --------------------------------
[ 2331.963261][    C1] inconsistent {INITIAL USE} -> {IN-NMI} usage.
[ 2331.963278][    C1] syz.1.42224/30835 [HC1[1]:SC0[0]:HE0:SE1] takes:
[ 2331.963303][    C1] ffffffff8c450238 (kernfs_rename_lock){....}-{2:2}, at: kernfs_path_from_node+0x84/0xb30
[ 2331.963446][    C1] {INITIAL USE} state was registered at:
[ 2331.963461][    C1]   lock_acquire+0x19e/0x400
[ 2331.963485][    C1]   _raw_spin_lock_irq+0xab/0xf0
[ 2331.963505][    C1]   kernfs_rename_ns+0x52a/0x930
[ 2331.963526][    C1]   sysfs_rename_link_ns+0x171/0x1b0
[ 2331.963544][    C1]   device_rename+0x11c/0x1a0
[ 2331.963564][    C1]   dev_change_name+0x2dd/0xbf0
[ 2331.963581][    C1]   do_setlink+0xa4e/0x3d60
[ 2331.963630][    C1]   rtnl_newlink+0x1658/0x1a50
[ 2331.963651][    C1]   rtnetlink_rcv_msg+0x844/0xf30
[ 2331.963672][    C1]   netlink_rcv_skb+0x1f5/0x440
[ 2331.963691][    C1]   netlink_unicast+0x774/0x920
[ 2331.963707][    C1]   netlink_sendmsg+0x8ba/0xbe0
[ 2331.963724][    C1]   __sys_sendto+0x46d/0x620
[ 2331.963744][    C1]   __x64_sys_sendto+0xda/0xf0
[ 2331.963764][    C1]   do_syscall_64+0x4c/0xa0
[ 2331.963783][    C1]   entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2331.963804][    C1] irq event stamp: 1024
[ 2331.963811][    C1] hardirqs last  enabled at (1023): [<ffffffff89e00d46>] asm_sysvec_reschedule_ipi+0x16/0x20
[ 2331.963838][    C1] hardirqs last disabled at (1024): [<ffffffff89bd56d9>] noist_exc_debug+0x49/0x120
[ 2331.963864][    C1] softirqs last  enabled at (476): [<ffffffff812c3145>] local_bh_enable+0x5/0x20
[ 2331.963944][    C1] softirqs last disabled at (474): [<ffffffff812c3125>] local_bh_disable+0x5/0x20
[ 2331.963969][    C1] 
[ 2331.963969][    C1] other info that might help us debug this:
[ 2331.963976][    C1]  Possible unsafe locking scenario:
[ 2331.963976][    C1] 
[ 2331.963981][    C1]        CPU0
[ 2331.963983][    C1]        ----
[ 2331.963987][    C1]   lock(kernfs_rename_lock);
[ 2331.964000][    C1]   <Interrupt>
[ 2331.964004][    C1]     lock(kernfs_rename_lock);
[ 2331.964016][    C1] 
[ 2331.964016][    C1]  *** DEADLOCK ***
[ 2331.964016][    C1] 
[ 2331.964020][    C1] 2 locks held by syz.1.42224/30835:
[ 2331.964032][    C1]  #0: ffffffff8c31f360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x9/0x30
[ 2331.964139][    C1]  #1: ffffffff8c31f360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x9/0x30
[ 2331.964187][    C1] 
[ 2331.964187][    C1] stack backtrace:
[ 2331.964194][    C1] CPU: 1 PID: 30835 Comm: syz.1.42224 Not tainted syzkaller #0
[ 2331.964215][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 2331.964228][    C1] Call Trace:
[ 2331.964235][    C1]  <#DB>
[ 2331.964283][    C1]  dump_stack_lvl+0x188/0x250
[ 2331.964321][    C1]  ? show_regs_print_info+0x20/0x20
[ 2331.964371][    C1]  ? print_usage_bug+0x42a/0x690
[ 2331.964394][    C1]  ? verify_lock_unused+0x18/0x140
[ 2331.964437][    C1]  lock_acquire+0x2c3/0x400
[ 2331.964476][    C1]  ? kernfs_path_from_node+0x84/0xb30
[ 2331.964509][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 2331.964546][    C1]  ? trace_event_raw_event_lock+0x270/0x270
[ 2331.964574][    C1]  ? verify_lock_unused+0x18/0x140
[ 2331.964614][    C1]  _raw_spin_lock_irqsave+0xb0/0x100
[ 2331.964635][    C1]  ? kernfs_path_from_node+0x84/0xb30
[ 2331.964660][    C1]  ? _raw_spin_lock+0x40/0x40
[ 2331.964678][    C1]  ? rcu_is_watching+0x11/0xa0
[ 2331.964703][    C1]  ? lock_release+0xb5/0x8a0
[ 2331.964722][    C1]  ? __page_memcg+0x140/0x140
[ 2331.964779][    C1]  ? rcu_lock_acquire+0x30/0x30
[ 2331.964814][    C1]  kernfs_path_from_node+0x84/0xb30
[ 2331.964839][    C1]  ? __lock_acquire+0x7d10/0x7d10
[ 2331.964874][    C1]  ? kernfs_name+0xc0/0xc0
[ 2331.964933][    C1]  get_mm_memcg_path+0xba/0x330
[ 2331.965022][    C1]  __mmap_lock_do_trace_start_locking+0xe2/0x2f0
[ 2331.965061][    C1]  ? __bpf_trace_mmap_lock_released+0x30/0x30
[ 2331.965174][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[ 2331.965221][    C1]  stack_map_get_build_id_offset+0x562/0x860
[ 2331.965301][    C1]  ? __pcpu_freelist_pop+0x470/0x470
[ 2331.965358][    C1]  ? __bpf_get_stackid+0x920/0x920
[ 2331.965395][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 2331.965434][    C1]  __bpf_get_stackid+0x55d/0x920
[ 2331.965490][    C1]  bpf_prog_12712c88fd19bd5b+0x21/0x5d0
[ 2331.965515][    C1]  bpf_overflow_handler+0x1c2/0x4a0
[ 2331.965543][    C1]  ? perf_get_page_size+0x430/0x430
[ 2331.965579][    C1]  ? perf_event_switch_output+0x730/0x730
[ 2331.965602][    C1]  ? trace_call_bpf+0x515/0x5b0
[ 2331.965652][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[ 2331.965688][    C1]  __perf_event_overflow+0x364/0x530
[ 2331.965735][    C1]  perf_bp_event+0x276/0x320
[ 2331.965766][    C1]  ? perf_trace_lock_acquire+0x340/0x3e0
[ 2331.965799][    C1]  ? perf_event_free_bpf_prog+0x110/0x110
[ 2331.965918][    C1]  ? rcu_lock_acquire+0x9/0x30
[ 2331.965953][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 2331.966007][    C1]  hw_breakpoint_exceptions_notify+0x21a/0x470
[ 2331.966049][    C1]  atomic_notifier_call_chain+0x15d/0x280
[ 2331.966094][    C1]  notify_die+0x141/0x1a0
[ 2331.966129][    C1]  ? srcu_init_notifier_head+0x90/0x90
[ 2331.966177][    C1]  ? exc_debug+0x6e/0x130
[ 2331.966204][    C1]  ? trace_hardirqs_off_finish+0x24/0x1f0
[ 2331.966242][    C1]  notify_debug+0x20/0x30
[ 2331.966282][    C1]  exc_debug+0xcf/0x130
[ 2331.966319][    C1]  asm_exc_debug+0x1a/0x40
[ 2331.966340][    C1] RIP: 0010:__get_user_nocheck_8+0x9/0x13
[ 2331.966373][    C1] Code: 90 0f 01 cb 0f ae e8 0f b7 10 31 c0 0f 01 ca c3 90 0f 01 cb 0f ae e8 8b 10 31 c0 0f 01 ca c3 90 90 0f 01 cb 0f ae e8 48 8b 10 <31> c0 0f 01 ca c3 90 0f 01 ca 31 d2 48 c7 c0 f2 ff ff ff c3 00 00
[ 2331.966391][    C1] RSP: 0000:ffffc90002ecf740 EFLAGS: 00040802
[ 2331.966411][    C1] RAX: 0000200000000300 RBX: 0000000000000000 RCX: ffff888052ff8000
[ 2331.966426][    C1] RDX: 00006370692f736e RSI: 0000200000000300 RDI: 00007fffffffeff0
[ 2331.966442][    C1] RBP: 0000000000000001 R08: 000000000000007f R09: 0000000000000000
[ 2331.966455][    C1] R10: dffffc0000000000 R11: fffff520005d9f47 R12: 0000200000000300
[ 2331.966470][    C1] R13: 00007fffffffeff0 R14: 00000000ffffffff R15: dffffc0000000000
[ 2331.966536][    C1]  </#DB>
[ 2331.966544][    C1]  <TASK>
[ 2331.966550][    C1]  perf_callchain_user+0x40e/0xfd0
[ 2331.966643][    C1]  ? get_callchain_entry+0x181/0x3b0
[ 2331.966676][    C1]  get_perf_callchain+0x33d/0x460
[ 2331.966711][    C1]  ? put_callchain_entry+0xb0/0xb0
[ 2331.966754][    C1]  ? __perf_event_header__init_id+0x3f0/0x500
[ 2331.966792][    C1]  perf_prepare_sample+0x352/0x1cd0
[ 2331.966849][    C1]  ? perf_callchain+0x190/0x190
[ 2331.966905][    C1]  perf_event_output_forward+0x185/0x2e0
[ 2331.966940][    C1]  ? perf_get_page_size+0x430/0x430
[ 2331.967006][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[ 2331.967041][    C1]  __perf_event_overflow+0x364/0x530
[ 2331.967086][    C1]  perf_bp_event+0x276/0x320
[ 2331.967109][    C1]  ? verify_lock_unused+0x140/0x140
[ 2331.967138][    C1]  ? perf_trace_lock_acquire+0x340/0x3e0
[ 2331.967168][    C1]  ? perf_event_free_bpf_prog+0x110/0x110
[ 2331.967298][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 2331.967351][    C1]  hw_breakpoint_exceptions_notify+0x152/0x470
[ 2331.967391][    C1]  atomic_notifier_call_chain+0x15d/0x280
[ 2331.967433][    C1]  notify_die+0x141/0x1a0
[ 2331.967467][    C1]  ? srcu_init_notifier_head+0x90/0x90
[ 2331.967488][    C1]  ? account_other_time+0x64/0x280
[ 2331.967579][    C1]  ? vtime_user_exit+0x2c8/0x3e0
[ 2331.967614][    C1]  ? rcu_is_watching+0x11/0xa0
[ 2331.967648][    C1]  notify_debug+0x20/0x30
[ 2331.967669][    C1]  noist_exc_debug+0x73/0x120
[ 2331.967705][    C1]  asm_exc_debug+0x2f/0x40
[ 2331.967724][    C1] RIP: 0033:0x7f8a79c55bfd
[ 2331.967749][    C1] Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 c5 fd 74 0f <c5> fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66 90 f3 0f bc
[ 2331.967766][    C1] RSP: 002b:00007f8a77ecf8a8 EFLAGS: 00000283
[ 2331.967783][    C1] RAX: 0000000000000300 RBX: 00007f8a77ecfde0 RCX: 2f666c65732f636f
[ 2331.967798][    C1] RDX: 0000200000000300 RSI: 00007f8a79d37140 RDI: 0000200000000300
[ 2331.967812][    C1] RBP: 0000200000000300 R08: 00007f8a77ed0010 R09: 00000000ffffffff
[ 2331.967827][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 2331.967839][    C1] R13: 0000000000000073 R14: 00007f8a79d0c0dd R15: 00007f8a77ecfea0
[ 2331.967904][    C1]  </TASK>