last executing test programs:

4.421333179s ago: executing program 3 (id=2887):
r0 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
bpf$ITER_CREATE(0x21, &(0x7f0000000040)={r0}, 0x8) (async)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040)={r0}, 0x8)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1d, 0x14, &(0x7f00000000c0)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @jmp={0x5, 0x0, 0x9, 0x6, 0x2, 0xc, 0x10}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}, @map_fd={0x18, 0x6, 0x1, 0x0, r1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_val={0x18, 0xb, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0xc405}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7f}}], &(0x7f0000000180)='GPL\x00', 0x4, 0xd1, &(0x7f00000001c0)=""/209, 0x41100, 0x28, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f00000002c0)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000300)={0x0, 0x5, 0xc7bf, 0x8}, 0x10, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000340)=[r1, r1, 0x1, r1, r1], &(0x7f0000000380)=[{0x5, 0x2, 0xf, 0x4}], 0x10, 0x8}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000580)={@cgroup=<r3=>r1, 0x2b, 0x0, 0x1, &(0x7f0000000480)=[0x0, 0x0], 0x2, 0x0, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r4=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000005c0)={@ifindex, r2, 0x2f, 0x200f, r1, @value=r0, @void, @void, @void, r4}, 0x20)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000600)={r2, r1}, 0xc)
r5 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)=@o_path={&(0x7f0000000640)='./file0\x00', 0x0, 0x0, r2}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@bloom_filter={0x1e, 0x9, 0x4, 0x9, 0x40442, 0xffffffffffffffff, 0xfffff2db, '\x00', 0x0, r1, 0x5, 0x2, 0x5, 0xb}, 0x50)
recvmsg(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000740)=""/249, 0xf9}, {&(0x7f0000000840)=""/15, 0xf}, {&(0x7f0000000880)=""/4096, 0x1000}], 0x3}, 0x21)
recvmsg$kcm(r1, &(0x7f0000001bc0)={&(0x7f0000001900)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000001980)=""/120, 0x78}, {&(0x7f0000001a00)=""/74, 0x4a}, {&(0x7f0000001a80)=""/153, 0x99}], 0x3, &(0x7f0000001b80)=""/31, 0x1f}, 0x40000000)
close(r5)
openat$cgroup_ro(r3, &(0x7f0000001c00)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0) (async)
r7 = openat$cgroup_ro(r3, &(0x7f0000001c00)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001cc0)={r6, 0x58, &(0x7f0000001c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=@bloom_filter={0x1e, 0x4, 0x8e, 0x8, 0x2, r1, 0x0, '\x00', r8, r7, 0x4, 0x1, 0x4, 0xc}, 0x50) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=@bloom_filter={0x1e, 0x4, 0x8e, 0x8, 0x2, r1, 0x0, '\x00', r8, r7, 0x4, 0x1, 0x4, 0xc}, 0x50)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001dc0)=@generic={&(0x7f0000001d80)='./file0\x00', r6}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001e80)={{r9}, &(0x7f0000001e00), &(0x7f0000001e40)=r2}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001e80)={{r9, <r10=>0xffffffffffffffff}, &(0x7f0000001e00), &(0x7f0000001e40)=r2}, 0x20)
close(r10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001ec0))
recvmsg$unix(r7, &(0x7f0000003400)={&(0x7f0000001f00), 0x6e, &(0x7f0000003300)=[{&(0x7f0000001f80)=""/4096, 0x1000}, {&(0x7f0000002f80)=""/234, 0xea}, {&(0x7f0000003080)=""/76, 0x4c}, {&(0x7f0000003100)=""/29, 0x1d}, {&(0x7f0000003140)=""/165, 0xa5}, {&(0x7f0000003200)=""/213, 0xd5}], 0x6, &(0x7f0000003380)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}, 0x10100) (async)
recvmsg$unix(r7, &(0x7f0000003400)={&(0x7f0000001f00), 0x6e, &(0x7f0000003300)=[{&(0x7f0000001f80)=""/4096, 0x1000}, {&(0x7f0000002f80)=""/234, 0xea}, {&(0x7f0000003080)=""/76, 0x4c}, {&(0x7f0000003100)=""/29, 0x1d}, {&(0x7f0000003140)=""/165, 0xa5}, {&(0x7f0000003200)=""/213, 0xd5}], 0x6, &(0x7f0000003380)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, <r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff, <r14=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}, 0x10100)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000037c0)={r9, 0x58, &(0x7f0000003740)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000037c0)={r9, 0x58, &(0x7f0000003740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r15=>0x0}}, 0x10)
sendmsg$inet(r1, &(0x7f0000003900)={&(0x7f0000003440)={0x2, 0x4e21, @private=0xa010102}, 0x10, &(0x7f0000003700)=[{&(0x7f0000003480)="fb239426c1457f428f152702526db319548fc52fd0294242c9237dcd0611d55c5f8d1e07ee6919a0fe58fe730b919be655f0ac80727715e8fac0293494b901e4a155c61e7515774bcbfd0da1ab5a67df8614bf4df05e13aa921e973e10fb678adaf94814573fc8149f70dc90db2b192a469eae642e580472ac5dba2d270d081f54eabb933a395adcb4bd0a87f391f50bc784f013b8b19b22c7b0f5a6813cdf6b673a911322546d0c621c488c411a9829576f88e0d34823b0378f4c4c491786", 0xbf}, {&(0x7f0000003540)="96a274a3388d7ba82a2dd5ce4c4dbdad20ebf19c6f4b3543a14b689edf67bec6985a2d83b9c84d5e428137b629aea9311951b799cff35e4e2b4a92c6d011c748f97305aca9104a3ae9513311a1a554267b38af2b59eaef74f035ec319e5f87753766c64a9e490b59ad4b5c0e0f14d47fb2699fd80280bad278ac752be1c53290363098168daefcc9f82ea38674a72a6336415b696b", 0x95}, {&(0x7f0000003600)="bc0a5832b62918ea6c03612207e500522693ab4b7206a39b671cd92290a694b0bc2d8890b12ecc1086bfb3af761e5ad8cc0c82fb72ffd5dbd3642d890a9ffb5a7589c110a952490a5bb1db9584dc751543e052f5f668edb2638eeef87e6e596639f06f03f966865bab5e923546b31256ec6221609b2a95fb9dc0e852e3458a1c791a2fa5ba81359bb33fdacc2b03d7f19e0676", 0x93}, {&(0x7f00000036c0)="9eaa9584b703140c726c8ae8f9e3178ab18f4e9d3dd14e6e2f58abfcfb40bdf16530a01093e1743dee4805", 0x2b}], 0x4, &(0x7f0000003800)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r15, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2a}}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xd}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x200}}, @ip_ttl={{0x14, 0x0, 0x2, 0x40}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_retopts={{0x20, 0x0, 0x7, {[@lsrr={0x83, 0xf, 0x25, [@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf9}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}], 0xe8}, 0x14000000)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000003980)=@generic={&(0x7f0000003940)='./file0\x00', r1}, 0x18) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000003980)=@generic={&(0x7f0000003940)='./file0\x00', r1}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000003a00)=@generic={&(0x7f00000039c0)='./file0\x00', r14}, 0x18)
bpf$ITER_CREATE(0x21, &(0x7f0000003a40)={r12}, 0x8) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000003a40)={r12}, 0x8)
ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000003a80))
openat$cgroup_ro(r13, &(0x7f0000003ac0)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r13, &(0x7f0000003ac0)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000003b00)={@ifindex=r15, r5, 0x23, 0xa, r11, @void, @value=r1, @void, @void, r4}, 0x20) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000003b00)={@ifindex=r15, r5, 0x23, 0xa, r11, @void, @value=r1, @void, @void, r4}, 0x20)
ioctl$TUNGETVNETBE(r14, 0x800454df, &(0x7f0000003b40)=0x3b)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000003b80)={0xffffffffffffffff}, 0x4)

4.005149127s ago: executing program 3 (id=2889):
perf_event_open(&(0x7f0000000080)={0x1, 0x41, 0x2, 0x0, 0x0, 0x0, 0x0, 0x91c, 0x4156, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffff8, 0x1}, 0x12640, 0x0, 0xfffffffe, 0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x16, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, @perf_config_ext={0x5, 0x5ea2}, 0x100000, 0xca, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1000001}, 0x11000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000001000)='ns/pid_for_children\x00')
r3 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r3, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000800)="e9", 0x1}, {&(0x7f00000017c0)="ea0189bdebb0c16d420ee9b95082abd6431cc7afc22c4a6b8adecef68f76bd81a86e89f9c80e5c868a12b09e", 0x2c}], 0x2, &(0x7f0000000100)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @loopback}}}], 0x20}, 0xe900)
close(0x3)
syz_open_procfs$namespace(0x0, &(0x7f0000000240)='ns/pid\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000380)='ns/uts\x00')
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000200)=ANY=[@ANYRES8=r2, @ANYRES8=r5], 0x12)
perf_event_open(&(0x7f0000000080)={0x1, 0x41, 0x2, 0x0, 0x0, 0x0, 0x0, 0x91c, 0x4156, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffff8, 0x1}, 0x12640, 0x0, 0xfffffffe, 0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x408)
syz_clone(0xc4201100, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0)

3.333660172s ago: executing program 1 (id=2894):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000680)='^\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f00000005c0)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000000400)=[{&(0x7f0000000100)=""/124, 0x7c}, {&(0x7f0000000280)=""/103, 0x67}, {&(0x7f0000000300)=""/214, 0xd6}], 0x3, &(0x7f0000000440)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r3=>0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x148}, 0x2)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000006c0)={0xffffffffffffffff, r3}, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x14, 0x4, 0x8, 0x5, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000040)={r4, &(0x7f0000000680), &(0x7f0000000600)=""/73}, 0x28)

2.713741285s ago: executing program 0 (id=2898):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002140)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0000002079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b7000000000000009500010000000000060054cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a0972aa087975333a78170cefbb1b4cb451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5b787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745dba9a53a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fb87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b9243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fb4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7e58ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a629a770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eee46eb20c20bb82aa31771cd379ec83554cea5e6539d85b980e358d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284bc80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b69192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b577a007f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c07953cbe1ad1a7c5a0850920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002157a3609b6fd9843ee19ec647249a9375de5858818f3c2432e6ced4380217ac51a84a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd809269f816fa748b20ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4c526a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f9289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f05714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc30935455f6de5b64bcdfaf8ac04ce96c421e5dbc85e168d3559ab13df98163e39e4065e65a2f43412535d6f7c09830f3a086535bd07820e690d2755768612bb7330a8b285f2585892eaffbb43991d40feb5dd0700"/2734], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) (async)
socketpair(0x22, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000003c0)={&(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000240)="f61d5880192b0ad3b6f626e7e8aacdae0158d31b90a895ee06d4b4cbb4e856f2e886d1f6788aa26f458a0bcabb658ba11ad9b1775fddf83b81eaed2e850360cb415f9e920f1a17938fe8a1a8c94d10bc3dee784378fbac395acd81b9a113a12c24aa8e5b41384bca95cf8c8e202536cabd4e82ccf74c55f414188e7dc522aedede97b2038dc01d44169f7173ab157aaa2a4db07bf365c831bd857a70597188e4a8", 0xa1}], 0x1, &(0x7f0000000340)=[@ip_ttl={{0x14, 0x0, 0x2, 0x5c}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xe850}}], 0x50}, 0x20000040) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r0, 0xc0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0}}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020032000b35d25a806f8c6394f90424fc602f0009000a740200053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

2.381007497s ago: executing program 0 (id=2900):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000300)='%pi6   \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000001c0)={r1}, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x10, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000005000000b7080000000000007b8af8ff00000000b70800000e0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYBLOB="0000000000000000b708"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x480783, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x7602, 0x3ff, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0) (async)
recvmsg$kcm(r5, &(0x7f0000002d40)={0x0, 0x0, &(0x7f0000002c80)=[{&(0x7f0000001840)=""/234, 0xea}, {&(0x7f0000001940)=""/184, 0xb8}, {&(0x7f0000001a00)=""/4096, 0x1000}, {&(0x7f00000007c0)=""/44, 0x2c}], 0x4}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140)={0x0, r5}, 0x8) (async, rerun: 32)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94) (rerun: 32)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r6, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0400000004000000040000000500010000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000004fcef6a3029e5304e077fdd98742a213f38e9e09069d94d1cdec82480e583edec13c6728fe43ae186186e4ca3eeb7ab4099396615d8efd7eedffd5ea66b950836a59db505c84870343ffc2a84f1729086ee5c81ea1", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r7, 0x58, &(0x7f0000000340)={0x0, <r8=>0x0}}, 0x10) (rerun: 32)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={r8}, 0xc) (async)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$sock(r3, &(0x7f0000001940)={0x0, 0x0, 0x0}, 0x20000000)

2.216554749s ago: executing program 1 (id=2901):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000340)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r7}, &(0x7f0000000280), &(0x7f0000000240)=r4}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f00000000c0)=r8, 0x4)
sendmsg$inet(r6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
close(r1)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x103000, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r9 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e37000c11802f2ff4072f00", 0x33fe0}], 0x1, 0x0, 0x0, 0x35}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x5452, &(0x7f00000006c0)='\x02;\xe5\b\x00\x1c\x9c\x00\x00\x00\x00\x00\x00\x91\xecB\xdcZ\xe5\xbd$\x05\x90\xa9\xf3\xc7\xcb\xb7\xf0\xa1;#\x989\xe9\x12\xdf^6T\xdf\xcd\x02\xc5\xb0\xba\x12\'QXp\t\xfc\xf3\x01\x02\xbc\xbf\xc0\xf0\x10\xee\xd3\\yy\xa4\xf9\xe8\x00\xdd\xe97 0_\xe4]W\xf7~\xacVK\xc9t\x9e+:\x85\xef\x94\x0e\x19\x9cV[N.\xeb\x9fJ>\xd9\x99\x88\xd8\xdd\xb8Y\xc3$\xc6\x93\v\x04REY\xf4\xea\xf2\xcd\xcd.\x16\x861\xa1\v\x8d\x8e\x84R\xa6\x83\x84\xc0\x01e\xc3\xc8\xcc?\xc8?\x19\xb2\xa2\xe1\xac<\xe9f\x11\xff3\xc7\x19\x9e\x19\xf5-\xfe\xbd\xae\xbbR\x82\x16\xf9\x15S\x03U\xe0\xd8t\xe3%96')
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)

2.157866942s ago: executing program 3 (id=2902):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x6, 0x4, 0xfff, 0x7, 0x88, 0xffffffffffffffff, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc)

2.125284265s ago: executing program 0 (id=2903):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000050000000000000000000000850000000500000085000000d0"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

2.115392565s ago: executing program 2 (id=2904):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x5, 0x8, 0x8, 0x8, 0x0, 0x1, 0x1}, 0x50)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000000)="1beb41e0ff28c51002579a261075", 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/219, 0xdb}, {&(0x7f0000001b40)=""/4050, 0xfd2}, {&(0x7f0000000b00)=""/4101, 0x1005}, {&(0x7f0000003240)=""/212, 0xd4}], 0x4}, 0x100)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000080000850000002d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000001c0)="2e00000010008102b78cc358f86515e00000000025000000e3bd6efb4400490009002e0010000000ba8000051201", 0x2e}], 0x1}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@cgroup, 0x5, 0x0, 0xde31, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0], <r5=>0x0}, 0x40)
r6 = socket$kcm(0x11, 0xa, 0x300)
sendmsg$inet(r6, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x4e23, @empty}, 0x10, 0x0}, 0x10040000)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000a40), 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000880)={@fallback=r6, r3, 0x20, 0x2010, 0x0, @value=r7, @void, @void, @void, r5}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000440)=""/183}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x210})
socket$kcm(0xf, 0x3, 0x2)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000090400000000000000000000010500000008000000000000000000000300000000020000000200000012000000000000000000000b"], 0x0, 0x5a}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x40}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r9, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
sendmsg(r2, &(0x7f0000002d00)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000003c0)="4f80cc14c308aa4f30669b304e3135643a3ae4b52f30be40e5c3ab9a7fb2f5626c914fed4d01de67de2c49e009b3eb", 0x2f}, {&(0x7f0000000600)="7ab6b52409ad3976f70542d08d2f589dc7d8bf05e45c653075327dc3f8ad6109b5ecb7ac6819fd578d6b27e403e27cdfbdb3c0cb0baaee2df4e66aef56ad7dbb9601d46148ecb5a31c39ac3a6c8ef4cdd0bd6105b4341a1df6f0378f2424aa6d31b351d4ded0770abc6e7e669aa0262202554cb774c3c5fed13e3bd0de8998cf6b8863e941eb0643168e7ac8e609615d8cd2b49f9fc36e268d322337bd38694ccfa060c742d602ea0dd9e56ea5bfd2004c7fe7442e0a3a04e0f6aa2dfdca", 0xbe}], 0x2, &(0x7f0000002b40)=[{0x20, 0x110, 0x5, "c65588eda01cd83527ea"}, {0x30, 0x113, 0xf1, "6dd0f44277ac5333dc5a2e09aa2faa03624468b11078f36e80bf5b56a623"}, {0xb0, 0x104, 0x9966ca4c, "cbecb6ee24227aa20d8080525634190a06a8712cc8000546297fc607507aa6d793d953bd8f490baed302705ded6a508b51891590eb6b7de05ab0d0e80399fb40b4e221e00d4c2543217935f85de5870c96b5a5f5f5760db6c879231f588033f790aa0fa991c2a14117bd14291825701c5dfd1505a104215afe972ddb02746a76a29e4ee6b12ffe01ba23c1fa00f547b43eaae71962c09d6e5990"}, {0xb8, 0x113, 0x864, "6a3952d3211b046cca9b511b4dcf6a13165fa50016d032a0385ee179078e6bdcdc2cc2cb49961d0f1f5cdecfafbbc0b1d7d6e5167342c649666d40da488c801fd866b18b6e5909b7abbcbc6cadddf17101f304abe75f9a314ba4a4c2babcf104023e79bc0753eddd7d459b7aafd0b535db773d6313728c64698bd2bc3434735036acc4b0153985dee112788e83ed4d8af1717f9cf00fe2ccbc1ca1766391cad35b0da491da9bee2f"}], 0x1b8}, 0x4f9b33ff65dfb2ed)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x2148, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, @perf_config_ext, 0x800, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2ff}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.946080637s ago: executing program 0 (id=2905):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x13, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000040000000000000005000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r0}, 0xc)

1.945839017s ago: executing program 3 (id=2906):
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/166}, 0x20)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0000009db11f9a797476690d1c05bf437d637486dbb0029b036b3ee95e426230dcc3c8913149ff0448a62442f8731be43a221b24c67dc96ca3a8f71e7cbd94d1f390399ce37750d255f009b72e0099d9e9f70f50501310656937e04c2247405c9ea2d7c9b151c79c9fa7c1ed19eb4ab193d0e0fb59ef067535dd308a5d428b0beb8519a80b9e4386c4943271e8c7c904da460c3b48570b446584e5120677aefdeef74b0da358013f465d05c91ce3b1e32b33891b10d137bb3a041bddcda13d8cc1bfd2b810246641fd0f30d8d311da60034e8c68107d86ed8067011bf49a803eb3e2bc81d164a49e2e22aa36741b633da5db5b8f97de02e3f8c5f22043c4a34a4fe8bb0eeadd9a1ee0464dcc26bf6813f53756120a07d99968aff4d564ab13354239f693ba639b8b0ee938cf734fb63498a70f3d622aac1d0000000000000000000000ca2ea30a87e4d602374ae652521e0675fb99d7b6f1456ecf01af69a1d926746e68e50bc9ab8e6fd59486458f11a56583445b48cb1524", @ANYRES64=r0], 0x48)
syz_clone(0x10eb22f000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x20800000, 0x0, 0x4b, 0x0, 0x0, 0x0)
syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x1091, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3ada}, 0x10060, 0x8, 0x0, 0x0, 0x1, 0xffff0000, 0x0, 0x0, 0x102ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000080))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000200), 0x0}, 0x20)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080))
r3 = getpid()
syz_open_procfs$namespace(r3, &(0x7f00000000c0)='ns/uts\x00')

1.552914884s ago: executing program 0 (id=2907):
r0 = socket$kcm(0x29, 0x5, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x100904, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r4, &(0x7f00000029c0)={&(0x7f0000000100)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000002780)=[{&(0x7f00000006c0)='{', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r4, &(0x7f0000001e80)={&(0x7f0000001040)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000000340)=[{&(0x7f0000002080)='&:Ee\x00', 0x5}], 0x1}, 0x8050) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000000)="c9f7b986f2ca3a0800e370723eae", 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58, &(0x7f0000000000)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000700)={&(0x7f0000000240)=@can={0x1d, r6}, 0x80, &(0x7f00000004c0)=[{&(0x7f00000002c0)="d6e1f53ec812ba75e68e149d833c85ed28214ecbbf7fc7a6924569f266b272dc8ec2706d410a67ca738032083048145012efd371a1a97df60376ba9255f8f6a6888d2c03ad43f225e078c9dd7f1482629d21069680bb3f755aaaaecd3c27476c48dd45893711264faf32fbcafdf155d8a12ffbf36981ba2abc526f571d9e770e29bdb2dd65bbcbadbcbb5f5c0be24e7b1950b2b8330e57ecd1349609d8a998d0f5399affadf1617994dd15886b1f40c728af41f1ed18e1ce946170ca03100ef03fc90fca0c5315c92a2ba478d1ae1700b628dfc54c", 0xd5}, {&(0x7f00000003c0)="e8a3ff172cc65217ca1b81bb82c98e7f75c57e88e267927eb547f54341208b3fce720df5bf488865707b6dfc67c04a1b6074b50713d718f56fcfe1a5", 0x3c}, {&(0x7f0000000400)="fd4944c98ad57df218f458e4343af8804bf5018d86054b8c7f57542c698115ea32d7c99eb5c3b4ccf10df15bd3ff8039b755902fabdedad8bfc02af9d18613cd911ea75620b2d3ddf60d66be2955d939ae81e28382e7ca1534aa9db77ecb87b2d4371cbc294d3c9967bb33abcbdd25036b1893d9b15d19f73cfbe2f19f154df8a3144e1161eb52a391a15d5a9cbc458b759ffc42823daf8d407b267967313e807e373d67d70d515d44b56c9eba7039b7a29ae0f33a8e5dc7284846", 0xbb}], 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="e0000000000000000000000001000000df4129729fb065ccef92835d506cae874bf6b506dfb2c508cb86881f6907a6d639442cb3f36ee1ca0e078d254080a2a53a91801d3dc00e56598adbd4c4a52cee14b33b6951c9f42afbf4b9c2ed44e42fa125c4dc55046ae55424609988605f275b38453828526bb05bf85cd85f2179dc7f6c45c0e3838fb8f7d1b2d04961ca0567afafa0b568c2e44088b4203344da5d37c005175c327ea91c7fcbf3ebd5e93459a6a3f71b0bf888325226546924ed72628cab568fa44d745b1b06e1d2262eaa53c07fca28e69ee30772d91cdd2b91766e00f8000000000000000d01000004000000204dc97fa9851bd61ec0afb178578d30b1330764c96229fe74b060073b2a6474f50a3810d8056bf1e5fa24fa13449c96f66de266b85dcae830f4e2a5ad08519d24298c36f9047e7c8491b5b4d1133f9da99b118a89486efee8851ea00c4faf5e6f775728518f93e5032c07cd616b23b407793d76db06156963491716c62738dd5cc20471ab81b8f0df5e11873374d49a26171043c6b9d9ed8c2e6c938c3b9ac7cfe654e0c165e5ddc17fdfea5002133227855075a11d5c1e7e815ad600a03ed1f9eabd1a574f50b45efb906c762a6775cd8171da34c1d8fef824848d0e736529eff31ee8a23e0000"], 0x1d8}, 0x20008805)
r7 = openat$cgroup_ro(r4, &(0x7f0000000640)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0xffffffffffffffff, <r8=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) (async)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r10, r9}, 0xc) (async)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, r9, 0xb5, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x4}, 0x50) (async)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.memory_pressure\x00', 0x26e1, 0x0)
write$cgroup_subtree(r12, &(0x7f00000008c0)={[{0x2b, 'rdma'}, {0x2d, 'net'}, {0x2d, 'devices'}, {0x2d, 'io'}, {0x2d, 'cpu'}, {0x2b, 'net'}, {0x2b, 'cpuset'}, {0x2d, 'freezer'}, {0x2d, 'rlimit'}, {0x2b, 'io'}]}, 0x3f) (async)
r13 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r13, 0x1, 0x3e, &(0x7f00000002c0)=r12, 0x161) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000880)={0x8, <r14=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1d, 0x11, &(0x7f0000000540)=ANY=[@ANYRES16=r5, @ANYRES32=r11, @ANYBLOB="000000009960e45d850000009a0000005d3ffcff080000007da5fcff0000000018120000", @ANYRES32=r12, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000600)='GPL\x00', 0x3, 0xda, &(0x7f0000000640)=""/218, 0x40f00, 0x22, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, &(0x7f0000000740)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000780)={0x5, 0x0, 0xfffffffa, 0x6}, 0x10, r14, 0xffffffffffffffff, 0x0, &(0x7f00000009c0)=[r10, r9, r8, r8, 0xffffffffffffffff], 0x0, 0x10, 0x2}, 0x94) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000a40)={{0xffffffffffffffff, <r15=>0xffffffffffffffff}, &(0x7f0000000980), &(0x7f0000000a00)='%pI4   \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x15, 0x18, &(0x7f0000000500)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @map_idx_val={0x18, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @map_val={0x18, 0x2, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0xa, 0x5, 0x0, 0x1}], &(0x7f00000005c0)='syzkaller\x00', 0x6, 0x3f, &(0x7f0000000600)=""/63, 0x41100, 0x0, '\x00', r6, @fallback=0x2b, r7, 0x8, &(0x7f0000000680)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000940)={0x1, 0x8, 0x513d, 0xe0}, 0x10, r14, r2, 0x3, &(0x7f0000000a80)=[r1, r1, r1, r15, r1, r1, r1, r1, r1], &(0x7f0000000ac0)=[{0x0, 0x4, 0x7, 0x5}, {0x3, 0x5, 0x8, 0x5}, {0x3, 0x2, 0x4, 0x2}], 0x10, 0x7}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_lsm={0x1d, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)

1.421809953s ago: executing program 1 (id=2908):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000940)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62d57c08a90b189d190c341035de53a9a13608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be428ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600d8ded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bce38ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2d03aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c710bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c87acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b907d25379897e851e7106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10e53a9f792ecb28ec39cdafa3eff63de2a7f50d042667820f6f86f276afb2b8132301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3bd9b1d742e334319c8979ce67c7a1f8924017e73bcf1ae3ed821a4b9839725000000000000000000000000000000f0ce2bf979256f99e89e05d466843d32b983d19cfa3c2a04e9f48311b786927c6c2d505637cad9ae8ae32fbee21a721e38edf6e80ff33a3a3cef251918374de4d4636348ef77a7bad1e8250117d604f59921f29bda75f135865bdc3e10906562e01af1fef96e49b969eaf4ec6b4c51fa2dcc7c1a117243fd64d641426e6a582fcda4be9f58724d4a66e46c032e6f6b3d46fb9616b4b6efc5d083e003fdcf3d78fea7ee48b2a5cc89"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) (async, rerun: 32)
r1 = syz_clone(0xc0030180, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 32)
r2 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xef, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000100), 0x2}, 0x100860, 0x0, 0x3, 0x0, 0x0, 0x800000, 0x2000, 0x0, 0x0, 0x0, 0x40}, r1, 0x0, r2, 0x7)
socketpair(0x1, 0x1, 0x0, &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="000000003255ffe900a8e3c357b4336e3d59c5aa37ed4e9eef3408f2b74be3e58219f49384375cf2c7a4b19cba53d8fa4f20ed038c5931f5c8a5e34de590543f4375869a630bc863d27d8ed8a0f116b66a003442fc6dc28bb7917ee779420508698597dd4abcffd0c0392764a51448f2261b", @ANYRES32=0x0], 0x50) (async)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpid()
r5 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x8, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x9}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff274, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) (async, rerun: 32)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r4, r5, 0x0, 0x0, 0x0}, 0x30) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x7) (rerun: 64)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r7) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)}, 0x9cdc2384056b48b8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0900000003000008040001ba1b007eb8a9cc5500", @ANYRES32, @ANYBLOB='\x00'/17, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000186df4b1768c36153d42", @ANYRES32, @ANYBLOB="1c00000000000300000000000000010045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'tunl0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x17, 0x4, 0x5, 0x3, 0x21000, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5}, 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r8=>0xffffffffffffffff}) (async)
socketpair$unix(0x1, 0x1, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f1, &(0x7f0000000080)) (async, rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000040)="05806ab382844306d758e60803dc", 0x0, 0x6b2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (rerun: 64)

1.262534424s ago: executing program 0 (id=2909):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008188040f46ecdb4cb9cca7480e1212000000e3bd012a128748b429021627e305dd2b7a146efb4400", 0x2e}], 0x1}, 0x4048004)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240), 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x10, &(0x7f0000001000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000640)='syzkaller\x00', 0x6, 0x8e, &(0x7f00000002c0)=""/142}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x2000000000000290, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xf, 0x0, 0xfffffffffffffffe, 0x41000, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair(0x29, 0x1, 0xffffa278, &(0x7f0000000000))
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x31)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004004f55b0c45df47ea60000000000003d6c4fbce6d9426ae4b47de38685048cd392a022cc26ceef96fe3c934cc0cc9013d3a5bfbb7e5f1eac0b00e03861f98a6de8b88e6ceb7389eb0d049e563c4afaf17f77dfe628f965bae79682148f40160b3a4d5e2145d3500f3bf8fd46aa15bddb47b1d0a610bf1ebbb603f3c8d74328df2fe317e14f2549dc6c28bb3780500a5c7d09e8d0899c6f7bcae38789766130b34db7b0acb14aad33", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806e50000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000200), &(0x7f00000003c0)=r5}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r4, &(0x7f0000000140), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xc}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x48}], {0x95, 0x0, 0x9}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
recvmsg(r6, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x300}, 0x1f00)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000740)={r6, 0x20, &(0x7f0000000700)={&(0x7f0000000580)=""/163, 0xa3, <r8=>0x0, &(0x7f0000000680)=""/75, 0x4b}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000780)=r8, 0x4)
sendmsg$tipc(r7, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg$tipc(r7, &(0x7f0000000340)={&(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xc0090}, 0x4000000)
mkdir(&(0x7f0000000000)='./file\x00', 0x0)
mkdir(0x0, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
write$cgroup_pressure(r9, &(0x7f0000000180)={'some', 0x20, 0x1e8, 0x20, 0x2c}, 0x2f)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, r4, 0x101, '\x00', 0x0, r9, 0x4, 0x2, 0x2}, 0x50)

1.262020884s ago: executing program 2 (id=2910):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x4044}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff00000000000400008510000002000000850000002300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(r3, 0x6, 0x25, &(0x7f0000000200), 0x4)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')

1.112086344s ago: executing program 2 (id=2911):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x3b}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141607029f034d2f87e5890c6aab845013f2325f1a39018303178da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

889.435119ms ago: executing program 1 (id=2912):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101380, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f00000007c0)={'netdevsim0\x00', @broadcast})
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0)=0x1)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="250a0000000000006111640000000000180000000000000000000000000000009500000000000000b60e2a860d31726d42eeea87854afc193470ed4042f784f9098273f4fe1956c146dedb98285f3f81977e89b0622254f447b6a8b8114792af9695d44fc41908955f29f9d70b1905190a2e1212"], &(0x7f0000000000)='GPL\x00'}, 0x80)

725.92193ms ago: executing program 2 (id=2913):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000050000000000000000000000850000000500000085000000d0"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

723.2558ms ago: executing program 3 (id=2914):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x6, 0x4, 0xfff, 0x7, 0x88, 0xffffffffffffffff, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc)

572.617261ms ago: executing program 2 (id=2915):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x13, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000040000000000000005000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r0}, 0xc)

476.255607ms ago: executing program 1 (id=2916):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000001880)="5c00000016006bab9a3fe3d46e17aa0a046b876c050048007ea60864160af36504bb4a43eee80fd1716dbbbc001a0038001d001931a0e69ce517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bba1", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4000000)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000d00)=""/242, 0xfffffd63}, {&(0x7f0000000240)=""/205, 0xcd}, {&(0x7f0000000380)=""/210, 0xd2}, {&(0x7f00000006c0)=""/188, 0xc9}, {&(0x7f0000000f40)=""/213, 0xd5}, {&(0x7f0000002100)=""/4077, 0xfed}, {&(0x7f00000007c0)=""/211, 0xd3}, {&(0x7f0000000b00)=""/231, 0xe7}, {&(0x7f0000000480)=""/176, 0xb0}, {&(0x7f0000000c00)=""/208, 0xd0}], 0xa}, 0x40012100)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="0f000200000000000000000000000000e5ff0000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x3, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x40000}, [@call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000640)=r3, 0x4)
sendmsg$unix(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0xc000090)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x10002)
r6 = socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket$kcm(0x15, 0x2, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x3c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r8, 0x27, 0x28, 0x0, &(0x7f00000007c0)="f8ad48cc02cb29dcc8007f5b86dd96d15b6621c3fd70497376d427bcc4b90ef87a93ea92a6300100", 0x0, 0x22, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x180, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff8e}, 0x0, 0x3fffffffffffe, 0xffffffffffffffff, 0x0)
r9 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r9, 0x11, 0x65, &(0x7f0000000640), 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
close(r11)
recvmsg$unix(r10, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r12=>0xffffffffffffffff]}}], 0x18}, 0x10020)
write$cgroup_subtree(r12, &(0x7f0000000200)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce818d036c00fe08fff500000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="89000000120081ae08060cdc030ec0007f03e3f70003000140e2ffca1b1f00f0000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120c000200040000000400446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
r13 = bpf$ITER_CREATE(0x21, &(0x7f0000000340)={r12}, 0x8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000008c0)=@o_path={&(0x7f0000000180)='./file0\x00', r13, 0x4000, r8}, 0x18)

302.678949ms ago: executing program 2 (id=2917):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffffffffffff0000, 0x8}, 0x103400, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x5452, &(0x7f00000006c0)='\x02;\xe5\b\x00\x1c\x9c\x00\x00\x00\x00\x00\x00\x91\xecB\xdcZ\xe5\xbd$\x05\x90\xa9\xf3\xc7\xcb\xb7\xf0\xa1;#\x989\xe9\x12\xdf^6T\xdf\xcd\x02\xc5\xb0\xba\x12\'QXp\t\xfc\xf3\x01\x02\xbc\xbf\xc0\xf0\x10\xee\xd3\\yy\xa4\xf9\xe8\x00\xdd\xe97 0_\xe4]W\xf7~\xacVK\xc9t\x9e+:\x85\xef\x94\x0e\x19\x9cV[N.\xeb\x9fJ>\xd9\x99\x88\xd8\xdd\xb8Y\xc3$\xc6\x93\v\x04REY\xf4\xea\xf2\xcd\xcd.\x16\x861\xa1\v\x8d\x8e\x84R\xa6\x83\x84\xc0\x01e\xc3\xc8\xcc?\xc8?\x19\xb2\xa2\xe1\xac<\xe9f\x11\xff3\xc7\x19\x9e\x19\xf5-\xfe\xbd\xae\xbbR\x82\x16\xf9\x15S\x03U\xe0\xd8t\xe3%96')
r5 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
ioctl$TUNGETFEATURES(r4, 0x5452, &(0x7f00000013c0))
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e37000c11802f2ff4072f00", 0x33fe0}], 0x1, 0x0, 0x0, 0x35}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f00000006c0)='\x02;\xe5\b\x00\x1c\x9c\x00\x00\x00\x00\x00\x00\x91\xecB\xdcZ\xe5\xbd$\x05\x90\xa9\xf3\xc7\xcb\xb7\xf0\xa1;#\x989\xe9\x12\xdf^6T\xdf\xcd\x02\xc5\xb0\xba\x12\'QXp\t\xfc\xf3\x01\x02\xbc\xbf\xc0\xf0\x10\xee\xd3\\yy\xa4\xf9\xe8\x00\xdd\xe97 0_\xe4]W\xf7~\xacVK\xc9t\x9e+:\x85\xef\x94\x0e\x19\x9cV[N.\xeb\x9fJ>\xd9\x99\x88\xd8\xdd\xb8Y\xc3$\xc6\x93\v\x04REY\xf4\xea\xf2\xcd\xcd.\x16\x861\xa1\v\x8d\x8e\x84R\xa6\x83\x84\xc0\x01e\xc3\xc8\xcc?\xc8?\x19\xb2\xa2\xe1\xac<\xe9f\x11\xff3\xc7\x19\x9e\x19\xf5-\xfe\xbd\xae\xbbR\x82\x16\xf9\x15S\x03U\xe0\xd8t\xe3%96')
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x18, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000feffffff000000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180000000b0000000000000007000000578902000000004212b31b73472185f76e970094b01800080000002ebaa0eded8c2061c122818ad76f89cab7a5127ff24d1adeb70e7ba8da6a29a4c1abb0d0309aef38a28be1636cc4b6f48469792cf3538beb704abe6e3914277aebd02bf6506cc3d1761527d7c619702d9d683769df44dd59a66070f311a6dc22aefb3e5c741337be427333581d5bc275de6c93fd608994dd116a34f6009000007d09a7c880c174a33aa7887ef1684a565df48acceb9b3bae7711568c38ffc5400e9af46b", @ANYRES32=r1, @ANYBLOB="0000000001000000635132000000000018000000010000000000000002000000bf91000000000000b70200000000000085000000a7593a09b7000000000000009500000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x0, 0x3, 0x0, 0xe}, 0x10, 0x0, 0x0, 0x2, &(0x7f00000002c0)=[r0, r1, r0, r0, r1], &(0x7f0000000300)=[{0x0, 0x3}, {0x5, 0x1, 0xf}], 0x10, 0x800}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000500)={@cgroup=r0, 0x6, 0x0, 0x9, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000440)=[0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x62}, 0x94)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000500)={@ifindex, 0x13, 0x1, 0x46cb, &(0x7f0000000040)=[0x0], 0x1, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300), <r10=>0x0}, 0x40)
r11 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$inet(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)="ef", 0x1}], 0x1}, 0x48014)
sendmsg(r11, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003140)}, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000040)={0x6, <r12=>0x0}, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r12}, 0x4)
recvmsg$unix(r1, &(0x7f0000000b40)={&(0x7f0000000580)=@abs, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000900)=""/197, 0xc5}], 0x1, &(0x7f0000000a40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xe0}, 0x2100)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)=ANY=[@ANYRES32=r11, @ANYRES32=r8, @ANYBLOB='\"\x00\x00\x00+\x00\x00\x00', @ANYRES32=r9, @ANYBLOB="b772dd2dff0a0acb94a93d28a13e2dd50d36c4cb8e6184e3dccab24ec107cb597d24dbff010000017c9408", @ANYRES32=r12, @ANYRES64=r10], 0x20)

202.035386ms ago: executing program 3 (id=2918):
r0 = socket$kcm(0x11, 0xa, 0x300)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x4e23, @empty}, 0x10, 0x0}, 0x10040000) (async)
sendmsg$inet(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x4e23, @empty}, 0x10, 0x0}, 0x10040000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], &(0x7f00000005c0)='GPL\x00'}, 0x90)

0s ago: executing program 1 (id=2919):
r0 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa16ae, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x2}, 0x90, 0xa4, 0x2, 0x5, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="07000000040000001800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0x6a0a1, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x7, 0x0, 0x0, 0x0, 0x63, 0x11, 0x6d}, [@ldst={0x7}]}, &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

kernel console output (not intermixed with test programs):

0x7f676e59c819
[  403.955696][T13671] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  403.975343][T13671] RSP: 002b:00007f676f46a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  403.983803][T13671] RAX: ffffffffffffffda RBX: 00007f676e815fa0 RCX: 00007f676e59c819
[  403.991823][T13671] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  403.999815][T13671] RBP: 00007f676e632c91 R08: 0000000000000000 R09: 0000000000000000
[  404.007806][T13671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  404.015797][T13671] R13: 00007f676e816038 R14: 00007f676e815fa0 R15: 00007ffd544f0ea8
[  404.023839][T13671]  </TASK>
[  404.497190][T13704] netlink: 'syz.3.2238': attribute type 1 has an invalid length.
[  404.771784][T13710] mac80211_hwsim hwsim7 ..ãc¤±: renamed from wlan1
[  405.034467][T13719] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  405.076574][T13719] CPU: 0 PID: 13719 Comm: syz.3.2243 Not tainted syzkaller #0
[  405.084129][T13719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  405.094266][T13719] Call Trace:
[  405.097610][T13719]  <TASK>
[  405.100592][T13719]  dump_stack_lvl+0x18c/0x250
[  405.105347][T13719]  ? show_regs_print_info+0x20/0x20
[  405.110623][T13719]  ? load_image+0x420/0x420
[  405.115245][T13719]  sysfs_warn_dup+0x8e/0xa0
[  405.119815][T13719]  sysfs_do_create_link_sd+0xc0/0x110
[  405.125259][T13719]  device_add_class_symlinks+0x1cf/0x240
[  405.130976][T13719]  device_add+0x507/0xc20
[  405.135387][T13719]  wiphy_register+0x1dad/0x2ae0
[  405.140382][T13719]  ? cfg80211_event_work+0x40/0x40
[  405.145543][T13719]  ? minstrel_ht_alloc+0x88a/0x990
[  405.150759][T13719]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  405.156922][T13719]  ieee80211_register_hw+0x3464/0x4250
[  405.162532][T13719]  ? ieee80211_tasklet_handler+0x20/0x20
[  405.168219][T13719]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  405.174187][T13719]  ? __debug_object_init+0xec/0x450
[  405.179459][T13719]  ? __asan_memset+0x22/0x40
[  405.184115][T13719]  ? __hrtimer_init+0x186/0x270
[  405.189045][T13719]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  405.194925][T13719]  ? mac80211_hwsim_free+0x220/0x220
[  405.200262][T13719]  ? rcu_is_watching+0x15/0xb0
[  405.205096][T13719]  ? kstrndup+0xbd/0x140
[  405.209440][T13719]  hwsim_new_radio_nl+0xdc9/0x1a90
[  405.214641][T13719]  ? __nla_validate+0x50/0x50
[  405.219430][T13719]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  405.225884][T13719]  ? __nla_parse+0x40/0x50
[  405.230376][T13719]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  405.236797][T13719]  genl_family_rcv_msg_doit+0x211/0x310
[  405.242410][T13719]  ? end_current_label_crit_section+0x170/0x170
[  405.248735][T13719]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  405.254723][T13719]  ? bpf_lsm_capable+0x9/0x10
[  405.259466][T13719]  ? security_capable+0x89/0xb0
[  405.264414][T13719]  genl_rcv_msg+0x619/0x7a0
[  405.269004][T13719]  ? genl_bind+0x360/0x360
[  405.273475][T13719]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  405.279867][T13719]  ? perf_trace_lock+0x304/0x3b0
[  405.284919][T13719]  netlink_rcv_skb+0x241/0x4d0
[  405.289757][T13719]  ? genl_bind+0x360/0x360
[  405.294246][T13719]  ? netlink_ack+0x1180/0x1180
[  405.299122][T13719]  ? __lock_acquire+0x7d40/0x7d40
[  405.304205][T13719]  ? net_generic+0x1e/0x240
[  405.308790][T13719]  ? down_read+0x1ac/0x2e0
[  405.313271][T13719]  genl_rcv+0x28/0x40
[  405.317300][T13719]  netlink_unicast+0x751/0x8d0
[  405.322170][T13719]  netlink_sendmsg+0x8d0/0xbf0
[  405.326990][T13719]  ? perf_trace_lock+0x304/0x3b0
[  405.332011][T13719]  ? netlink_getsockopt+0x590/0x590
[  405.337298][T13719]  ? aa_sock_msg_perm+0x94/0x150
[  405.342312][T13719]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  405.347658][T13719]  ? security_socket_sendmsg+0x80/0xa0
[  405.353167][T13719]  ? netlink_getsockopt+0x590/0x590
[  405.358434][T13719]  ____sys_sendmsg+0x5ba/0x960
[  405.363280][T13719]  ? __asan_memset+0x22/0x40
[  405.367933][T13719]  ? __sys_sendmsg_sock+0x30/0x30
[  405.373007][T13719]  ? __import_iovec+0x5f2/0x850
[  405.377951][T13719]  ? import_iovec+0x73/0xa0
[  405.382527][T13719]  ___sys_sendmsg+0x2a6/0x360
[  405.387285][T13719]  ? __sys_sendmsg+0x2a0/0x2a0
[  405.392303][T13719]  __se_sys_sendmsg+0x1c2/0x2b0
[  405.397222][T13719]  ? __x64_sys_sendmsg+0x80/0x80
[  405.402281][T13719]  ? lockdep_hardirqs_on+0x98/0x150
[  405.407556][T13719]  do_syscall_64+0x55/0xa0
[  405.412017][T13719]  ? clear_bhb_loop+0x40/0x90
[  405.416760][T13719]  ? clear_bhb_loop+0x40/0x90
[  405.421502][T13719]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  405.427447][T13719] RIP: 0033:0x7f43dfd9c819
[  405.431919][T13719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  405.451588][T13719] RSP: 002b:00007f43e0bf7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  405.460086][T13719] RAX: ffffffffffffffda RBX: 00007f43e0015fa0 RCX: 00007f43dfd9c819
[  405.468120][T13719] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  405.476153][T13719] RBP: 00007f43dfe32c91 R08: 0000000000000000 R09: 0000000000000000
[  405.484186][T13719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  405.492212][T13719] R13: 00007f43e0016038 R14: 00007f43e0015fa0 R15: 00007ffea9c5ab68
[  405.500303][T13719]  </TASK>
[  405.750261][T13728] tc_dump_action: action bad kind
[  405.796571][T13734] netlink: 'syz.2.2248': attribute type 10 has an invalid length.
[  406.234088][T13754] netlink: 'syz.2.2252': attribute type 9 has an invalid length.
[  406.713557][T13767] netlink: 'syz.1.2257': attribute type 29 has an invalid length.
[  406.738893][T13767] netlink: 'syz.1.2257': attribute type 29 has an invalid length.
[  406.823827][T13769] netlink: 'syz.1.2257': attribute type 29 has an invalid length.
[  406.872707][T13767] __nla_validate_parse: 5 callbacks suppressed
[  406.872727][T13767] netlink: 65047 bytes leftover after parsing attributes in process `syz.1.2257'.
[  406.921365][T13769] netlink: 'syz.1.2257': attribute type 29 has an invalid length.
[  407.240294][ T5805] page_pool_release_retry() stalled pool shutdown 1 inflight 60 sec
[  408.183935][T13818] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2271'.
[  411.298491][T13841] netlink: 'syz.1.2275': attribute type 28 has an invalid length.
[  411.307405][T13841] netlink: 'syz.1.2275': attribute type 4 has an invalid length.
[  411.316719][T13841] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2275'.
[  412.413053][T13863] netlink: 'syz.0.2283': attribute type 1 has an invalid length.
[  412.587839][T13870] netlink: 'syz.1.2284': attribute type 29 has an invalid length.
[  412.597904][T13870] netlink: 'syz.1.2284': attribute type 3 has an invalid length.
[  412.636304][T13870] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2284'.
[  412.884002][T13879] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2286'.
[  413.720312][T13887] netlink: 'syz.3.2289': attribute type 10 has an invalid length.
[  413.744240][T13887] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2289'.
[  413.931299][T13905] delete_channel: no stack
[  417.301807][T13919] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2302'.
[  418.526609][T13956] netlink: 65051 bytes leftover after parsing attributes in process `syz.1.2309'.
[  418.553348][T13958] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.2310'.
[  418.581292][T13956] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.2309'.
[  418.673385][T13971] sctp: [Deprecated]: syz.1.2309 (pid 13971) Use of struct sctp_assoc_value in delayed_ack socket option.
[  418.673385][T13971] Use struct sctp_sack_info instead
[  419.169208][T13999] netlink: 'syz.2.2320': attribute type 3 has an invalid length.
[  419.177455][T13999] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2320'.
[  419.534081][T14012] netlink: 'syz.2.2322': attribute type 4 has an invalid length.
[  419.610737][T14012] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2322'.
[  419.807133][T14015] net_ratelimit: 333 callbacks suppressed
[  419.807170][T14015] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  420.252957][T14047] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2333'.
[  420.349081][T14049] netlink: 'syz.3.2334': attribute type 21 has an invalid length.
[  420.369092][T14049] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2334'.
[  420.416789][T14052] IPv6: NLM_F_CREATE should be specified when creating new route
[  421.277100][T14064] netpci0: tun_chr_ioctl cmd 1074025672
[  421.283848][T14064] netpci0: ignored: set checksum enabled
[  421.292572][T14064] netpci0: tun_chr_ioctl cmd 1074025677
[  421.305960][T14064] netpci0: linktype set to 769
[  421.365487][T14068] netlink: 209592 bytes leftover after parsing attributes in process `syz.3.2342'.
[  421.437154][T14074] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2344'.
[  422.250498][T14118] mac80211_hwsim hwsim14 wlan1: entered allmulticast mode
[  422.310336][T14118] netlink: 'syz.2.2358': attribute type 9 has an invalid length.
[  422.330276][T14118] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2358'.
[  422.548407][T14133] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes.
[  422.945901][T14143] netlink: 'syz.2.2367': attribute type 29 has an invalid length.
[  422.967595][T14143] netlink: 'syz.2.2367': attribute type 29 has an invalid length.
[  423.900596][T14186] wg2: entered promiscuous mode
[  423.920711][T14186] wg2: entered allmulticast mode
[  424.542959][T14204] netlink: 'syz.2.2386': attribute type 10 has an invalid length.
[  424.544201][T14205] netlink: 'syz.2.2386': attribute type 29 has an invalid length.
[  424.619824][T14204] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  424.659805][T14204] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  424.689226][T14204] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  424.719265][T14204] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  424.780636][T14204] geneve0: entered promiscuous mode
[  424.864801][T14204] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  424.889622][T14204] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  424.909369][T14204] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  424.930090][T14204] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  425.003875][T14204] geneve0: entered allmulticast mode
[  425.037178][T14204] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  425.048851][T14205] netlink: 'syz.2.2386': attribute type 29 has an invalid length.
[  425.075386][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  425.087146][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  425.099624][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  425.124672][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  425.140138][   T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  425.157375][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  425.392890][T14217] netlink: 'syz.1.2388': attribute type 64 has an invalid length.
[  425.416695][ T7641] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.493049][T14218] netlink: 'syz.2.2389': attribute type 10 has an invalid length.
[  425.547128][T14216] __nla_validate_parse: 3 callbacks suppressed
[  425.547144][T14216] netlink: 10 bytes leftover after parsing attributes in process `syz.2.2389'.
[  425.593064][T14217] netlink: 'syz.1.2388': attribute type 64 has an invalid length.
[  425.691792][ T7641] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.862776][ T7641] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.943098][T14210] chnl_net:caif_netlink_parms(): no params data found
[  426.095374][ T7641] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.390416][T14210] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.397694][T14210] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.405409][T14210] bridge_slave_0: entered allmulticast mode
[  426.412829][T14210] bridge_slave_0: entered promiscuous mode
[  426.421517][T14210] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.428677][T14210] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.436957][T14210] bridge_slave_1: entered allmulticast mode
[  426.444382][T14210] bridge_slave_1: entered promiscuous mode
[  426.535887][T14210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  426.574397][T14210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  426.703941][T14210] team0: Port device team_slave_0 added
[  426.732227][T14210] team0: Port device team_slave_1 added
[  426.808279][T14210] batman_adv: batadv0: Adding interface: batadv_slave_0
[  426.817488][T14210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  426.851205][T14210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  426.932786][T14210] batman_adv: batadv0: Adding interface: batadv_slave_1
[  426.940528][T14210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  426.981024][T14210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  427.077661][T14264] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2401'.
[  427.157516][T14264] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2401'.
[  427.239767][   T51] Bluetooth: hci1: command tx timeout
[  427.384264][T14210] hsr_slave_0: entered promiscuous mode
[  427.396029][T14210] hsr_slave_1: entered promiscuous mode
[  429.019873][T14314] netlink: 'syz.3.2411': attribute type 10 has an invalid length.
[  429.033750][T14314] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2411'.
[  429.045015][T14314] veth0_macvtap: left promiscuous mode
[  429.143015][T14319] netlink: 'syz.1.2412': attribute type 6 has an invalid length.
[  429.321222][   T51] Bluetooth: hci1: command tx timeout
[  430.731974][T14360] netlink: 'syz.1.2420': attribute type 29 has an invalid length.
[  430.987741][T14360] netlink: 'syz.1.2420': attribute type 29 has an invalid length.
[  431.227758][T14210] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  431.306972][T14210] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  431.325724][T14210] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  431.399735][   T51] Bluetooth: hci1: command tx timeout
[  431.506713][T14369] netlink: 'syz.3.2421': attribute type 10 has an invalid length.
[  431.515075][T14210] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  431.541888][T14370] netlink: 'syz.3.2421': attribute type 10 has an invalid length.
[  431.616219][ T7641] hsr_slave_0: left promiscuous mode
[  431.648298][ T7641] hsr_slave_1: left promiscuous mode
[  431.671345][ T7641] bridge_slave_1: left allmulticast mode
[  431.685863][ T7641] bridge_slave_1: left promiscuous mode
[  431.701131][ T7641] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.731229][ T7641] bridge_slave_0: left allmulticast mode
[  431.741431][ T7641] bridge_slave_0: left promiscuous mode
[  431.753654][ T7641] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.635786][ T7641] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  432.720897][ T7641] .` (unregistering): (slave 
1
@ÿ): Releasing backup interface
[  433.291487][ T7641] .` (unregistering): (slave bridge0): Releasing backup interface
[  433.300580][ T7641] .` (unregistering): Released all slaves
[  433.480171][   T51] Bluetooth: hci1: command tx timeout
[  435.295558][T14388] netlink: 'syz.1.2423': attribute type 41 has an invalid length.
[  435.488467][T14210] 8021q: adding VLAN 0 to HW filter on device bond0
[  435.611420][T14210] 8021q: adding VLAN 0 to HW filter on device team0
[  435.639864][ T7635] bridge0: port 1(bridge_slave_0) entered blocking state
[  435.647052][ T7635] bridge0: port 1(bridge_slave_0) entered forwarding state
[  435.674511][ T7630] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.681717][ T7630] bridge0: port 2(bridge_slave_1) entered forwarding state
[  436.145773][T14210] 8021q: adding VLAN 0 to HW filter on device batadv0
[  436.216446][T14210] veth0_vlan: entered promiscuous mode
[  436.255719][T14210] veth1_vlan: entered promiscuous mode
[  436.316201][T14210] veth0_macvtap: entered promiscuous mode
[  436.327209][T14210] veth1_macvtap: entered promiscuous mode
[  436.382589][T14210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  436.394010][T14210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  436.411818][T14210] batman_adv: batadv0: Interface activated: batadv_slave_0
[  436.424059][T14210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  436.436047][T14210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  436.449174][T14210] batman_adv: batadv0: Interface activated: batadv_slave_1
[  436.484621][T14210] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  436.495237][T14210] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  436.507127][T14210] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  436.518408][T14210] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  436.558032][T14433] C: renamed from team_slave_0 (while UP)
[  436.567125][T14433] netlink: 'syz.1.2434': attribute type 3 has an invalid length.
[  436.579605][T14433] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2434'.
[  436.588686][T14433] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  436.814192][ T7630] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  436.836803][ T7630] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  436.919011][ T7661] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  436.964749][ T7661] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  437.826786][T14458] netlink: 'syz.0.2440': attribute type 12 has an invalid length.
[  437.849597][T14458] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2440'.
[  437.937044][ T7622] tipc: Subscription rejected, illegal request
[  438.541241][ T5772] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  438.560683][ T5772] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  438.569061][ T5772] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  438.578621][ T5772] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  438.613688][ T5772] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  438.621833][ T5772] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  440.207125][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  440.213816][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  440.661895][T14496] netlink: 'syz.1.2451': attribute type 12 has an invalid length.
[  440.670364][T14496] netlink: 'syz.1.2451': attribute type 15 has an invalid length.
[  440.681458][ T5772] Bluetooth: hci4: command tx timeout
[  440.835762][T14507] netlink: 129384 bytes leftover after parsing attributes in process `syz.0.2454'.
[  441.025277][T14483] chnl_net:caif_netlink_parms(): no params data found
[  441.506817][T14525] netlink: 'syz.1.2458': attribute type 8 has an invalid length.
[  441.523635][T14525] netlink: 'syz.1.2458': attribute type 1 has an invalid length.
[  441.555940][T14525] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2458'.
[  441.642465][T14483] bridge0: port 1(bridge_slave_0) entered blocking state
[  441.654685][T14483] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.664878][T14483] bridge_slave_0: entered allmulticast mode
[  441.680864][T14483] bridge_slave_0: entered promiscuous mode
[  441.698412][T14483] bridge0: port 2(bridge_slave_1) entered blocking state
[  441.710582][T14483] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.728404][T14483] bridge_slave_1: entered allmulticast mode
[  441.747511][T14483] bridge_slave_1: entered promiscuous mode
[  442.027904][T14483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  442.141763][T14483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  442.304650][T14560] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2465'.
[  442.365761][T14483] team0: Port device team_slave_0 added
[  442.376863][T14560] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2465'.
[  442.453092][T14483] team0: Port device team_slave_1 added
[  442.602549][T14567] -1: renamed from syzkaller0
[  442.667228][T14483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  442.698740][T14483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  442.750755][T14483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  442.759675][ T5772] Bluetooth: hci4: command tx timeout
[  442.792144][T14483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  442.805024][T14483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  442.835631][T14483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  442.966711][T14483] hsr_slave_0: entered promiscuous mode
[  442.988584][T14483] hsr_slave_1: entered promiscuous mode
[  443.010323][T14483] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  443.017948][T14483] Cannot create hsr debugfs directory
[  443.097208][T14588] netlink: 'syz.2.2472': attribute type 1 has an invalid length.
[  443.122797][T14588] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.2472'.
[  444.346598][T14621] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2477'.
[  444.412379][T14625] netlink: 10 bytes leftover after parsing attributes in process `syz.2.2477'.
[  444.839661][ T5772] Bluetooth: hci4: command tx timeout
[  445.754087][ T7630] veth1_macvtap: left promiscuous mode
[  446.919730][ T5772] Bluetooth: hci4: command tx timeout
[  449.232834][ T7630] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  449.281781][ T7630] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  449.485044][ T7630] bond0 (unregistering): Released all slaves
[  449.534048][T14674] netlink: 'syz.2.2487': attribute type 21 has an invalid length.
[  449.560255][T14674] IPv6: NLM_F_CREATE should be specified when creating new route
[  449.690161][T14680] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2489'.
[  449.727282][T14682] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2489'.
[  449.757037][T14681] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.2488'.
[  449.846426][T14681] netlink: 8454 bytes leftover after parsing attributes in process `syz.1.2488'.
[  449.915048][T14681] netlink: 'syz.1.2488': attribute type 1 has an invalid length.
[  449.947365][T14681] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.2488'.
[  449.977402][T14483] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  450.013702][T14483] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  450.052883][T14483] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  450.130433][T14483] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  450.231376][T14693] netlink: 'syz.0.2498': attribute type 3 has an invalid length.
[  450.249737][T14693] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2498'.
[  450.331819][T14483] 8021q: adding VLAN 0 to HW filter on device bond0
[  450.356895][T14699] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2492'.
[  450.390912][T14483] 8021q: adding VLAN 0 to HW filter on device team0
[  450.446575][ T7635] bridge0: port 1(bridge_slave_0) entered blocking state
[  450.453820][ T7635] bridge0: port 1(bridge_slave_0) entered forwarding state
[  450.489270][ T7635] bridge0: port 2(bridge_slave_1) entered blocking state
[  450.496498][ T7635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  450.789755][T14716] netlink: 192436 bytes leftover after parsing attributes in process `syz.2.2495'.
[  450.831263][T14716] openvswitch: netlink: Message has 20476 unknown bytes.
[  450.954231][T14716] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2495'.
[  450.978562][T14716] openvswitch: netlink: Geneve opt len 5 is not a multiple of 4.
[  451.204046][T14483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  451.330260][T14483] veth0_vlan: entered promiscuous mode
[  451.358092][T14483] veth1_vlan: entered promiscuous mode
[  451.441573][T14483] veth0_macvtap: entered promiscuous mode
[  451.465194][T14483] veth1_macvtap: entered promiscuous mode
[  451.516882][T14483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  451.549440][T14483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.588126][T14483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  451.613064][T14483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.635254][T14483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  451.662882][T14483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  451.673659][T14483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.694511][T14483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  451.716419][T14483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  451.741666][T14483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  451.764397][T14745] syz.1.2502 (14745) used obsolete PPPIOCDETACH ioctl
[  451.809224][T14483] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  451.827630][T14483] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  451.847382][T14483] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  451.856463][T14483] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  451.985111][ T7622] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.007719][ T7622] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.077646][ T7622] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.095229][ T7622] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.565790][T14782] sctp: [Deprecated]: syz.3.2443 (pid 14782) Use of struct sctp_assoc_value in delayed_ack socket option.
[  452.565790][T14782] Use struct sctp_sack_info instead
[  452.983936][T14791] netlink: 'syz.2.2509': attribute type 2 has an invalid length.
[  452.991950][T14791] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2509'.
[  453.785688][T14816] netlink: 'syz.0.2515': attribute type 10 has an invalid length.
[  453.926399][T14816] team0: Device veth1_macvtap failed to register rx_handler
[  454.469680][T14840] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  454.849976][T14860] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2523'.
[  455.148037][T14871] netlink: 16022 bytes leftover after parsing attributes in process `syz.3.2527'.
[  456.664917][T14901] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.2534'.
[  456.699656][T14901] bridge_slave_1: default FDB implementation only supports local addresses
[  457.295013][T14906] netlink: 'syz.0.2537': attribute type 21 has an invalid length.
[  457.318972][T14906] netlink: 'syz.0.2537': attribute type 1 has an invalid length.
[  457.339617][T14906] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2537'.
[  457.397795][T14906] netlink: 'syz.0.2537': attribute type 4 has an invalid length.
[  457.427903][T14906] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2537'.
[  457.781053][T14912] netlink: 'syz.1.2539': attribute type 4 has an invalid length.
[  457.790272][T14912] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2539'.
[  457.857682][T14926] syzkaller0: entered promiscuous mode
[  457.863385][T14926] syzkaller0: entered allmulticast mode
[  458.088265][T14926] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2541'.
[  460.332072][T14940] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2545'.
[  460.347773][T14958] netlink: 'syz.3.2552': attribute type 21 has an invalid length.
[  460.361044][T14957] netlink: 'syz.3.2552': attribute type 21 has an invalid length.
[  460.534401][T14974] netlink: 14719 bytes leftover after parsing attributes in process `syz.3.2555'.
[  460.989104][T14992] netlink: 'syz.0.2562': attribute type 2 has an invalid length.
[  460.997144][T14992] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.2562'.
[  461.212502][T14998] netlink: 'syz.3.2565': attribute type 21 has an invalid length.
[  461.224664][T14998] netlink: 'syz.3.2565': attribute type 21 has an invalid length.
[  461.577164][T15011] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2569'.
[  461.601739][T15011] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  461.629641][T15011] CPU: 1 PID: 15011 Comm: syz.2.2569 Not tainted syzkaller #0
[  461.637188][T15011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  461.647271][T15011] Call Trace:
[  461.650578][T15011]  <TASK>
[  461.653531][T15011]  dump_stack_lvl+0x18c/0x250
[  461.658251][T15011]  ? show_regs_print_info+0x20/0x20
[  461.663493][T15011]  ? load_image+0x420/0x420
[  461.668501][T15011]  sysfs_warn_dup+0x8e/0xa0
[  461.673034][T15011]  sysfs_do_create_link_sd+0xc0/0x110
[  461.678432][T15011]  device_add_class_symlinks+0x1cf/0x240
[  461.684105][T15011]  device_add+0x507/0xc20
[  461.688485][T15011]  wiphy_register+0x1dad/0x2ae0
[  461.693424][T15011]  ? cfg80211_event_work+0x40/0x40
[  461.698550][T15011]  ? minstrel_ht_alloc+0x88a/0x990
[  461.703717][T15011]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  461.709830][T15011]  ieee80211_register_hw+0x3464/0x4250
[  461.715386][T15011]  ? ieee80211_tasklet_handler+0x20/0x20
[  461.721044][T15011]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  461.726979][T15011]  ? __debug_object_init+0xec/0x450
[  461.732224][T15011]  ? __asan_memset+0x22/0x40
[  461.736844][T15011]  ? __hrtimer_init+0x186/0x270
[  461.741734][T15011]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  461.747551][T15011]  ? mac80211_hwsim_free+0x220/0x220
[  461.752892][T15011]  ? rcu_is_watching+0x15/0xb0
[  461.757689][T15011]  ? kstrndup+0xbd/0x140
[  461.761997][T15011]  hwsim_new_radio_nl+0xdc9/0x1a90
[  461.767161][T15011]  ? __nla_validate+0x50/0x50
[  461.771905][T15011]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  461.778307][T15011]  ? __nla_parse+0x40/0x50
[  461.782760][T15011]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  461.789175][T15011]  genl_family_rcv_msg_doit+0x211/0x310
[  461.794747][T15011]  ? end_current_label_crit_section+0x170/0x170
[  461.801029][T15011]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  461.807030][T15011]  ? bpf_lsm_capable+0x9/0x10
[  461.811732][T15011]  ? security_capable+0x89/0xb0
[  461.816655][T15011]  genl_rcv_msg+0x619/0x7a0
[  461.821218][T15011]  ? genl_bind+0x360/0x360
[  461.825673][T15011]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  461.832050][T15011]  ? perf_trace_lock+0x304/0x3b0
[  461.837050][T15011]  netlink_rcv_skb+0x241/0x4d0
[  461.841850][T15011]  ? genl_bind+0x360/0x360
[  461.846301][T15011]  ? netlink_ack+0x1180/0x1180
[  461.851134][T15011]  ? __lock_acquire+0x7d40/0x7d40
[  461.856211][T15011]  ? down_read+0x1ac/0x2e0
[  461.860659][T15011]  genl_rcv+0x28/0x40
[  461.864666][T15011]  netlink_unicast+0x751/0x8d0
[  461.869504][T15011]  netlink_sendmsg+0x8d0/0xbf0
[  461.874294][T15011]  ? perf_trace_lock+0x304/0x3b0
[  461.879272][T15011]  ? netlink_getsockopt+0x590/0x590
[  461.884605][T15011]  ? aa_sock_msg_perm+0x94/0x150
[  461.889803][T15011]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  461.895140][T15011]  ? security_socket_sendmsg+0x80/0xa0
[  461.900633][T15011]  ? netlink_getsockopt+0x590/0x590
[  461.905877][T15011]  ____sys_sendmsg+0x5ba/0x960
[  461.910692][T15011]  ? __asan_memset+0x22/0x40
[  461.915311][T15011]  ? __sys_sendmsg_sock+0x30/0x30
[  461.920358][T15011]  ? __import_iovec+0x5f2/0x850
[  461.925311][T15011]  ? import_iovec+0x73/0xa0
[  461.929869][T15011]  ___sys_sendmsg+0x2a6/0x360
[  461.934638][T15011]  ? __sys_sendmsg+0x2a0/0x2a0
[  461.939667][T15011]  __se_sys_sendmsg+0x1c2/0x2b0
[  461.944557][T15011]  ? __x64_sys_sendmsg+0x80/0x80
[  461.949569][T15011]  ? lockdep_hardirqs_on+0x98/0x150
[  461.954894][T15011]  do_syscall_64+0x55/0xa0
[  461.959329][T15011]  ? clear_bhb_loop+0x40/0x90
[  461.964061][T15011]  ? clear_bhb_loop+0x40/0x90
[  461.968783][T15011]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  461.974715][T15011] RIP: 0033:0x7f6430b9c819
[  461.979158][T15011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  461.998805][T15011] RSP: 002b:00007f642edf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  462.007262][T15011] RAX: ffffffffffffffda RBX: 00007f6430e15fa0 RCX: 00007f6430b9c819
[  462.015382][T15011] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  462.023518][T15011] RBP: 00007f6430c32c91 R08: 0000000000000000 R09: 0000000000000000
[  462.031639][T15011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  462.039640][T15011] R13: 00007f6430e16038 R14: 00007f6430e15fa0 R15: 00007ffd0ede7b38
[  462.047699][T15011]  </TASK>
[  462.232956][T15019] FAULT_INJECTION: forcing a failure.
[  462.232956][T15019] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  462.275577][T15019] CPU: 0 PID: 15019 Comm: syz.0.2571 Not tainted syzkaller #0
[  462.283132][T15019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  462.293262][T15019] Call Trace:
[  462.296600][T15019]  <TASK>
[  462.299578][T15019]  dump_stack_lvl+0x18c/0x250
[  462.304339][T15019]  ? show_regs_print_info+0x20/0x20
[  462.309611][T15019]  ? load_image+0x420/0x420
[  462.314188][T15019]  ? __might_fault+0xaa/0x120
[  462.318933][T15019]  ? __lock_acquire+0x7d40/0x7d40
[  462.324036][T15019]  should_fail_ex+0x39d/0x4d0
[  462.328805][T15019]  _copy_from_user+0x2f/0xe0
[  462.333459][T15019]  ___sys_sendmsg+0x1c7/0x360
[  462.338215][T15019]  ? __sys_sendmsg+0x2a0/0x2a0
[  462.343114][T15019]  ? __lock_acquire+0x7d40/0x7d40
[  462.348300][T15019]  __se_sys_sendmsg+0x1c2/0x2b0
[  462.353221][T15019]  ? __x64_sys_sendmsg+0x80/0x80
[  462.358279][T15019]  ? lockdep_hardirqs_on+0x98/0x150
[  462.363572][T15019]  do_syscall_64+0x55/0xa0
[  462.368032][T15019]  ? clear_bhb_loop+0x40/0x90
[  462.372736][T15019]  ? clear_bhb_loop+0x40/0x90
[  462.377440][T15019]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  462.383383][T15019] RIP: 0033:0x7f1a8eb9c819
[  462.387823][T15019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  462.407453][T15019] RSP: 002b:00007f1a8fa73028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  462.415894][T15019] RAX: ffffffffffffffda RBX: 00007f1a8ee15fa0 RCX: 00007f1a8eb9c819
[  462.423893][T15019] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  462.431889][T15019] RBP: 00007f1a8fa73090 R08: 0000000000000000 R09: 0000000000000000
[  462.439883][T15019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  462.448259][T15019] R13: 00007f1a8ee16038 R14: 00007f1a8ee15fa0 R15: 00007ffff60893b8
[  462.456296][T15019]  </TASK>
[  462.526015][T15023] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2573'.
[  462.843637][T15033] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.2576'.
[  463.554013][T15055] netlink: 'syz.1.2581': attribute type 10 has an invalid length.
[  463.568543][T15055] team0: Device ipvlan1 failed to register rx_handler
[  463.649398][T15056] netlink: 'syz.0.2580': attribute type 21 has an invalid length.
[  463.665198][T15056] netlink: 'syz.0.2580': attribute type 1 has an invalid length.
[  463.686665][T15064] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2580'.
[  463.855222][T15066] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2583'.
[  463.896310][T15068] FAULT_INJECTION: forcing a failure.
[  463.896310][T15068] name failslab, interval 1, probability 0, space 0, times 0
[  463.916907][T15068] CPU: 0 PID: 15068 Comm: syz.1.2584 Not tainted syzkaller #0
[  463.924463][T15068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  463.934574][T15068] Call Trace:
[  463.937912][T15068]  <TASK>
[  463.940898][T15068]  dump_stack_lvl+0x18c/0x250
[  463.945654][T15068]  ? show_regs_print_info+0x20/0x20
[  463.950920][T15068]  ? load_image+0x420/0x420
[  463.955502][T15068]  ? __might_sleep+0xe0/0xe0
[  463.960166][T15068]  ? __lock_acquire+0x7d40/0x7d40
[  463.965279][T15068]  should_fail_ex+0x39d/0x4d0
[  463.970047][T15068]  should_failslab+0x9/0x20
[  463.974608][T15068]  slab_pre_alloc_hook+0x59/0x310
[  463.979700][T15068]  ? __get_vm_area_node+0x125/0x370
[  463.984977][T15068]  __kmem_cache_alloc_node+0x53/0x250
[  463.990430][T15068]  ? __get_vm_area_node+0x125/0x370
[  463.995704][T15068]  kmalloc_node_trace+0x26/0xe0
[  464.000635][T15068]  __get_vm_area_node+0x125/0x370
[  464.005750][T15068]  __vmalloc_node_range+0x36e/0x1330
[  464.011107][T15068]  ? netlink_sendmsg+0x602/0xbf0
[  464.016110][T15068]  ? netlink_insert+0x109f/0x13a0
[  464.021271][T15068]  ? netlink_data_ready+0x10/0x10
[  464.026382][T15068]  ? free_vm_area+0x50/0x50
[  464.030989][T15068]  ? netlink_sendmsg+0x602/0xbf0
[  464.036047][T15068]  vmalloc+0x79/0x90
[  464.040008][T15068]  ? netlink_sendmsg+0x602/0xbf0
[  464.045017][T15068]  netlink_sendmsg+0x602/0xbf0
[  464.049852][T15068]  ? perf_trace_lock+0x304/0x3b0
[  464.054886][T15068]  ? netlink_getsockopt+0x590/0x590
[  464.060158][T15068]  ? aa_sock_msg_perm+0x94/0x150
[  464.065159][T15068]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  464.070511][T15068]  ? security_socket_sendmsg+0x80/0xa0
[  464.076028][T15068]  ? netlink_getsockopt+0x590/0x590
[  464.081318][T15068]  ____sys_sendmsg+0x5ba/0x960
[  464.086192][T15068]  ? __asan_memset+0x22/0x40
[  464.090846][T15068]  ? __sys_sendmsg_sock+0x30/0x30
[  464.095926][T15068]  ? __import_iovec+0x5f2/0x850
[  464.100879][T15068]  ? import_iovec+0x73/0xa0
[  464.105461][T15068]  ___sys_sendmsg+0x2a6/0x360
[  464.110224][T15068]  ? __sys_sendmsg+0x2a0/0x2a0
[  464.115172][T15068]  ? __lock_acquire+0x7d40/0x7d40
[  464.120355][T15068]  __se_sys_sendmsg+0x1c2/0x2b0
[  464.125269][T15068]  ? __x64_sys_sendmsg+0x80/0x80
[  464.130320][T15068]  ? lockdep_hardirqs_on+0x98/0x150
[  464.135592][T15068]  do_syscall_64+0x55/0xa0
[  464.140057][T15068]  ? clear_bhb_loop+0x40/0x90
[  464.144787][T15068]  ? clear_bhb_loop+0x40/0x90
[  464.149525][T15068]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  464.155468][T15068] RIP: 0033:0x7f676e59c819
[  464.159941][T15068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  464.179614][T15068] RSP: 002b:00007f676f46a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  464.188108][T15068] RAX: ffffffffffffffda RBX: 00007f676e815fa0 RCX: 00007f676e59c819
[  464.196234][T15068] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  464.204267][T15068] RBP: 00007f676f46a090 R08: 0000000000000000 R09: 0000000000000000
[  464.212302][T15068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  464.220338][T15068] R13: 00007f676e816038 R14: 00007f676e815fa0 R15: 00007ffd544f0ea8
[  464.228429][T15068]  </TASK>
[  464.238384][T15066] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  464.254158][T15068] syz.1.2584: vmalloc error: size 213312, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  464.272627][T15066] CPU: 1 PID: 15066 Comm: syz.2.2583 Not tainted syzkaller #0
[  464.280180][T15066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  464.290299][T15066] Call Trace:
[  464.293636][T15066]  <TASK>
[  464.296629][T15066]  dump_stack_lvl+0x18c/0x250
[  464.301401][T15066]  ? show_regs_print_info+0x20/0x20
[  464.306682][T15066]  ? load_image+0x420/0x420
[  464.311322][T15066]  sysfs_warn_dup+0x8e/0xa0
[  464.315884][T15066]  sysfs_do_create_link_sd+0xc0/0x110
[  464.321326][T15066]  device_add_class_symlinks+0x1cf/0x240
[  464.327031][T15066]  device_add+0x507/0xc20
[  464.331449][T15066]  wiphy_register+0x1dad/0x2ae0
[  464.336444][T15066]  ? cfg80211_event_work+0x40/0x40
[  464.341634][T15066]  ? minstrel_ht_alloc+0x88a/0x990
[  464.346944][T15066]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  464.353107][T15066]  ieee80211_register_hw+0x3464/0x4250
[  464.358720][T15066]  ? ieee80211_tasklet_handler+0x20/0x20
[  464.364425][T15066]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  464.370389][T15066]  ? __debug_object_init+0xec/0x450
[  464.375671][T15066]  ? __asan_memset+0x22/0x40
[  464.380346][T15066]  ? __hrtimer_init+0x186/0x270
[  464.385290][T15066]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  464.391138][T15066]  ? mac80211_hwsim_free+0x220/0x220
[  464.396452][T15066]  ? rcu_is_watching+0x15/0xb0
[  464.401242][T15066]  ? kstrndup+0xbd/0x140
[  464.405535][T15066]  hwsim_new_radio_nl+0xdc9/0x1a90
[  464.410688][T15066]  ? __nla_validate+0x50/0x50
[  464.415433][T15066]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  464.421818][T15066]  ? __nla_parse+0x40/0x50
[  464.426274][T15066]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  464.432646][T15066]  genl_family_rcv_msg_doit+0x211/0x310
[  464.438229][T15066]  ? end_current_label_crit_section+0x170/0x170
[  464.444769][T15066]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  464.450707][T15066]  ? bpf_lsm_capable+0x9/0x10
[  464.455415][T15066]  ? security_capable+0x89/0xb0
[  464.460319][T15066]  genl_rcv_msg+0x619/0x7a0
[  464.464868][T15066]  ? genl_bind+0x360/0x360
[  464.469304][T15066]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  464.475658][T15066]  ? perf_trace_lock+0x304/0x3b0
[  464.480650][T15066]  netlink_rcv_skb+0x241/0x4d0
[  464.485447][T15066]  ? genl_bind+0x360/0x360
[  464.489898][T15066]  ? netlink_ack+0x1180/0x1180
[  464.494730][T15066]  ? __lock_acquire+0x7d40/0x7d40
[  464.499804][T15066]  ? down_read+0x1ac/0x2e0
[  464.504255][T15066]  genl_rcv+0x28/0x40
[  464.508252][T15066]  netlink_unicast+0x751/0x8d0
[  464.513166][T15066]  netlink_sendmsg+0x8d0/0xbf0
[  464.517953][T15066]  ? perf_trace_lock+0x304/0x3b0
[  464.522946][T15066]  ? netlink_getsockopt+0x590/0x590
[  464.528187][T15066]  ? aa_sock_msg_perm+0x94/0x150
[  464.533164][T15066]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  464.538472][T15066]  ? security_socket_sendmsg+0x80/0xa0
[  464.543949][T15066]  ? netlink_getsockopt+0x590/0x590
[  464.549196][T15066]  ____sys_sendmsg+0x5ba/0x960
[  464.554037][T15066]  ? __asan_memset+0x22/0x40
[  464.558650][T15066]  ? __sys_sendmsg_sock+0x30/0x30
[  464.563691][T15066]  ? __import_iovec+0x5f2/0x850
[  464.568592][T15066]  ? import_iovec+0x73/0xa0
[  464.573131][T15066]  ___sys_sendmsg+0x2a6/0x360
[  464.577845][T15066]  ? __sys_sendmsg+0x2a0/0x2a0
[  464.582792][T15066]  __se_sys_sendmsg+0x1c2/0x2b0
[  464.587677][T15066]  ? __x64_sys_sendmsg+0x80/0x80
[  464.592704][T15066]  ? lockdep_hardirqs_on+0x98/0x150
[  464.597941][T15066]  do_syscall_64+0x55/0xa0
[  464.602378][T15066]  ? clear_bhb_loop+0x40/0x90
[  464.607075][T15066]  ? clear_bhb_loop+0x40/0x90
[  464.611782][T15066]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  464.617702][T15066] RIP: 0033:0x7f6430b9c819
[  464.622144][T15066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  464.641768][T15066] RSP: 002b:00007f642edf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  464.650302][T15066] RAX: ffffffffffffffda RBX: 00007f6430e15fa0 RCX: 00007f6430b9c819
[  464.658292][T15066] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  464.666301][T15066] RBP: 00007f6430c32c91 R08: 0000000000000000 R09: 0000000000000000
[  464.674292][T15066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  464.682282][T15066] R13: 00007f6430e16038 R14: 00007f6430e15fa0 R15: 00007ffd0ede7b38
[  464.690327][T15066]  </TASK>
[  464.749682][T15068] CPU: 1 PID: 15068 Comm: syz.1.2584 Not tainted syzkaller #0
[  464.757225][T15068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  464.767314][T15068] Call Trace:
[  464.770618][T15068]  <TASK>
[  464.773571][T15068]  dump_stack_lvl+0x18c/0x250
[  464.778285][T15068]  ? show_regs_print_info+0x20/0x20
[  464.783527][T15068]  ? load_image+0x420/0x420
[  464.788064][T15068]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  464.794508][T15068]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  464.801052][T15068]  warn_alloc+0x246/0x340
[  464.805419][T15068]  ? __get_vm_area_node+0x125/0x370
[  464.810647][T15068]  ? zone_watermark_ok_safe+0x230/0x230
[  464.816205][T15068]  ? rcu_is_watching+0x15/0xb0
[  464.820979][T15068]  ? __get_vm_area_node+0x356/0x370
[  464.826184][T15068]  __vmalloc_node_range+0x393/0x1330
[  464.831474][T15068]  ? netlink_insert+0x109f/0x13a0
[  464.836513][T15068]  ? netlink_data_ready+0x10/0x10
[  464.841544][T15068]  ? free_vm_area+0x50/0x50
[  464.846049][T15068]  ? netlink_sendmsg+0x602/0xbf0
[  464.850990][T15068]  vmalloc+0x79/0x90
[  464.854882][T15068]  ? netlink_sendmsg+0x602/0xbf0
[  464.859826][T15068]  netlink_sendmsg+0x602/0xbf0
[  464.864623][T15068]  ? perf_trace_lock+0x304/0x3b0
[  464.869562][T15068]  ? netlink_getsockopt+0x590/0x590
[  464.874782][T15068]  ? aa_sock_msg_perm+0x94/0x150
[  464.879725][T15068]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  464.885005][T15068]  ? security_socket_sendmsg+0x80/0xa0
[  464.890463][T15068]  ? netlink_getsockopt+0x590/0x590
[  464.895665][T15068]  ____sys_sendmsg+0x5ba/0x960
[  464.900457][T15068]  ? __asan_memset+0x22/0x40
[  464.905074][T15068]  ? __sys_sendmsg_sock+0x30/0x30
[  464.910108][T15068]  ? __import_iovec+0x5f2/0x850
[  464.914979][T15068]  ? import_iovec+0x73/0xa0
[  464.919488][T15068]  ___sys_sendmsg+0x2a6/0x360
[  464.924170][T15068]  ? __sys_sendmsg+0x2a0/0x2a0
[  464.928949][T15068]  ? __lock_acquire+0x7d40/0x7d40
[  464.934032][T15068]  __se_sys_sendmsg+0x1c2/0x2b0
[  464.938902][T15068]  ? __x64_sys_sendmsg+0x80/0x80
[  464.943861][T15068]  ? lockdep_hardirqs_on+0x98/0x150
[  464.949155][T15068]  do_syscall_64+0x55/0xa0
[  464.953574][T15068]  ? clear_bhb_loop+0x40/0x90
[  464.958250][T15068]  ? clear_bhb_loop+0x40/0x90
[  464.962929][T15068]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  464.968826][T15068] RIP: 0033:0x7f676e59c819
[  464.973238][T15068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  464.992841][T15068] RSP: 002b:00007f676f46a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  465.001261][T15068] RAX: ffffffffffffffda RBX: 00007f676e815fa0 RCX: 00007f676e59c819
[  465.009233][T15068] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  465.017202][T15068] RBP: 00007f676f46a090 R08: 0000000000000000 R09: 0000000000000000
[  465.025180][T15068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.033154][T15068] R13: 00007f676e816038 R14: 00007f676e815fa0 R15: 00007ffd544f0ea8
[  465.041224][T15068]  </TASK>
[  465.099924][T15068] Mem-Info:
[  465.103624][T15068] active_anon:26858 inactive_anon:0 isolated_anon:0
[  465.103624][T15068]  active_file:18879 inactive_file:40091 isolated_file:0
[  465.103624][T15068]  unevictable:768 dirty:241 writeback:0
[  465.103624][T15068]  slab_reclaimable:11053 slab_unreclaimable:94364
[  465.103624][T15068]  mapped:34289 shmem:18093 pagetables:626
[  465.103624][T15068]  sec_pagetables:0 bounce:0
[  465.103624][T15068]  kernel_misc_reclaimable:0
[  465.103624][T15068]  free:1321282 free_pcp:8532 free_cma:0
[  465.168531][T15068] Node 0 active_anon:108532kB inactive_anon:0kB active_file:65892kB inactive_file:160164kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:133192kB dirty:960kB writeback:0kB shmem:72036kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10744kB pagetables:2504kB sec_pagetables:0kB all_unreclaimable? no
[  465.239615][T15068] Node 1 active_anon:0kB inactive_anon:0kB active_file:9624kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:3964kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  465.265149][T15074] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2586'.
[  465.299618][T15068] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  465.357846][T15068] lowmem_reserve[]: 0 2521 2522 2522 2522
[  465.372750][T15068] Node 0 DMA32 free:1379108kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:114896kB inactive_anon:0kB active_file:65892kB inactive_file:159332kB unevictable:1536kB writepending:956kB present:3129332kB managed:2586956kB mlocked:0kB bounce:0kB free_pcp:17992kB local_pcp:5672kB free_cma:0kB
[  465.419444][T15068] lowmem_reserve[]: 0 0 0 0 0
[  465.429501][T15068] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:4kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  465.476689][T15068] lowmem_reserve[]: 0 0 0 0 0
[  465.497050][T15068] Node 1 Normal free:3883096kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:9624kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:15776kB local_pcp:7872kB free_cma:0kB
[  465.569260][T15068] lowmem_reserve[]: 0 0 0 0 0
[  465.598218][T15068] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  465.614818][T15068] Node 0 DMA32: 2*4kB (UM) 6*8kB (UM) 64*16kB (UME) 736*32kB (UE) 986*64kB (UME) 684*128kB (UE) 176*256kB (UME) 63*512kB (UME) 27*1024kB (UM) 8*2048kB (UME) 262*4096kB (UM) = 1369784kB
[  465.674071][T15068] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  465.697507][T15085] netlink: 'syz.2.2590': attribute type 4 has an invalid length.
[  465.706538][T15085] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2590'.
[  465.708773][T15068] Node 1 Normal: 260*4kB (UE) 57*8kB (UME) 38*16kB (UE) 143*32kB (UME) 39*64kB (UME) 9*128kB (UME) 0*256kB 0*512kB 2*1024kB (ME) 2*2048kB (ME) 944*4096kB (UM) = 3883096kB
[  465.755427][T15068] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  465.775370][T15068] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  465.790032][T15068] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  465.809450][T15068] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  465.839669][T15068] 82763 total pagecache pages
[  465.844399][T15068] 0 pages in swap cache
[  465.858839][T15068] Free swap  = 124996kB
[  465.864089][T15068] Total swap = 124996kB
[  465.868634][T15068] 2097051 pages RAM
[  465.890981][T15068] 0 pages HighMem/MovableOnly
[  465.910892][T15068] 416926 pages reserved
[  465.925312][T15087] netlink: 184 bytes leftover after parsing attributes in process `syz.2.2591'.
[  465.926266][T15068] 0 pages cma reserved
[  466.001931][T15087] netlink: 'syz.2.2591': attribute type 10 has an invalid length.
[  466.023946][T15087] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2591'.
[  466.070158][T15087] batadv0: entered promiscuous mode
[  466.075690][T15087] batadv0: entered allmulticast mode
[  466.113148][T15087] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  466.538672][T15101] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2595'.
[  466.608170][T15101] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[  466.875657][T15109] netlink: 'syz.3.2597': attribute type 10 has an invalid length.
[  467.268933][T15109] team0 (unregistering): Port device team_slave_0 removed
[  467.403577][T15109] team0 (unregistering): Port device team_slave_1 removed
[  471.629832][T15193] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.2621'.
[  471.854177][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.864172][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.874096][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.883964][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.893814][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.903633][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.913489][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.923454][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.933334][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  471.943054][T15197] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  472.757892][ T5772] Bluetooth: hci1: unexpected event 0x01 length: 151 > 1
[  473.414518][T15240] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.2633'.
[  473.435952][T15235] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2632'.
[  473.611099][T15235] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2632'.
[  474.062158][T15245] netlink: 'syz.2.2635': attribute type 4 has an invalid length.
[  474.076793][T15245] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2635'.
[  474.238172][T15245] .`: renamed from bond0 (while UP)
[  474.555027][T15263] netlink: 'syz.3.2638': attribute type 1 has an invalid length.
[  474.563844][T15248] netlink: 'syz.2.2635': attribute type 10 has an invalid length.
[  474.595403][T15263] netlink: 'syz.3.2638': attribute type 2 has an invalid length.
[  474.607775][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  474.622313][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  474.639160][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  474.647755][T15263] netlink: 'syz.3.2638': attribute type 2 has an invalid length.
[  474.657556][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  474.667911][   T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  474.675697][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  474.698482][T15263] netlink: 'syz.3.2638': attribute type 3 has an invalid length.
[  474.711007][T15263] netlink: 'syz.3.2638': attribute type 4 has an invalid length.
[  474.783202][T15263] netlink: 'syz.3.2638': attribute type 5 has an invalid length.
[  474.816689][T15270] netlink: 'syz.2.2639': attribute type 11 has an invalid length.
[  474.816962][T15263] netlink: 'syz.3.2638': attribute type 6 has an invalid length.
[  474.834937][T15263] netlink: 126304 bytes leftover after parsing attributes in process `syz.3.2638'.
[  474.844453][T15270] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2639'.
[  475.047257][ T7661] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.152544][T15266] chnl_net:caif_netlink_parms(): no params data found
[  475.207550][ T7661] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.317319][T15295] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.2645'.
[  475.332713][ T7661] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.492020][ T7661] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.536780][T15266] bridge0: port 1(bridge_slave_0) entered blocking state
[  475.546383][T15266] bridge0: port 1(bridge_slave_0) entered disabled state
[  475.566544][T15266] bridge_slave_0: entered allmulticast mode
[  475.573987][T15266] bridge_slave_0: entered promiscuous mode
[  475.594525][T15266] bridge0: port 2(bridge_slave_1) entered blocking state
[  475.609982][T15266] bridge0: port 2(bridge_slave_1) entered disabled state
[  475.617251][T15266] bridge_slave_1: entered allmulticast mode
[  475.641840][T15266] bridge_slave_1: entered promiscuous mode
[  475.708532][T15266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  475.753853][T15266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  475.947791][T15266] team0: Port device team_slave_0 added
[  475.968164][T15266] team0: Port device team_slave_1 added
[  476.253187][T15266] batman_adv: batadv0: Adding interface: batadv_slave_0
[  476.283518][T15266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  476.316372][T15266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  476.420076][T15266] batman_adv: batadv0: Adding interface: batadv_slave_1
[  476.437446][T15266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  476.520306][T15266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  476.767346][   T51] Bluetooth: hci2: command tx timeout
[  477.455369][T15266] hsr_slave_0: entered promiscuous mode
[  477.551062][T15266] hsr_slave_1: entered promiscuous mode
[  477.576544][T15266] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  477.599246][T15266] Cannot create hsr debugfs directory
[  477.921042][ T7661] gretap0 (unregistering): left allmulticast mode
[  477.927525][ T7661] gretap0 (unregistering): left promiscuous mode
[  477.948721][ T7661] Ÿë
: port 1(gretap0) entered disabled state
[  478.847201][   T51] Bluetooth: hci2: command tx timeout
[  479.288526][ T7661] hsr_slave_0: left promiscuous mode
[  479.332508][ T7661] veth0_macvtap: left promiscuous mode
[  479.340823][ T7661] veth1_vlan: left promiscuous mode
[  479.349433][ T7661] veth0_vlan: left promiscuous mode
[  480.924639][   T51] Bluetooth: hci2: command tx timeout
[  481.074852][ T7661] team0 (unregistering): Port device team_slave_1 removed
[  481.148318][ T7661] team0 (unregistering): Port device C removed
[  481.203667][ T7661] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  481.542061][ T7661] team0 (unregistering): Port device dummy0 removed
[  481.572542][ T7661] bond0 (unregistering): (slave team0): Releasing backup interface
[  481.612653][ T7661] bond0 (unregistering): Released all slaves
[  481.687411][T15547] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2750'.
[  481.713505][T15266] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  481.737932][T15266] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  481.801752][T15266] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  481.850643][T15266] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  482.136504][T15266] 8021q: adding VLAN 0 to HW filter on device bond0
[  482.170662][T15266] 8021q: adding VLAN 0 to HW filter on device team0
[  482.230701][ T3428] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.237912][ T3428] bridge0: port 1(bridge_slave_0) entered forwarding state
[  482.271395][ T3428] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.278554][ T3428] bridge0: port 2(bridge_slave_1) entered forwarding state
[  482.377240][T15569] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.2758'.
[  483.374458][   T51] Bluetooth: hci2: command tx timeout
[  483.897426][T15266] 8021q: adding VLAN 0 to HW filter on device batadv0
[  484.277572][T15266] veth0_vlan: entered promiscuous mode
[  484.368479][T15266] veth1_vlan: entered promiscuous mode
[  484.527684][T15600] validate_nla: 7 callbacks suppressed
[  484.527703][T15600] netlink: 'syz.2.2762': attribute type 1 has an invalid length.
[  484.571826][T15600] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.2762'.
[  484.596566][T15603] netlink: 'syz.2.2762': attribute type 11 has an invalid length.
[  484.620404][T15266] veth0_macvtap: entered promiscuous mode
[  484.631793][T15603] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.2762'.
[  484.639111][T15266] veth1_macvtap: entered promiscuous mode
[  484.717030][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.735700][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.759741][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.787153][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.817974][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.845376][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.873046][T15266] batman_adv: batadv0: Interface activated: batadv_slave_0
[  485.351397][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.369194][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.398211][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.417472][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.427869][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.445715][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.459106][T15266] batman_adv: batadv0: Interface activated: batadv_slave_1
[  485.568183][T15266] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  485.589987][T15266] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  485.598925][T15266] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  485.612121][T15266] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  485.635337][T15603] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  485.644034][T15603] CPU: 1 PID: 15603 Comm: syz.2.2762 Not tainted syzkaller #0
[  485.651543][T15603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  485.661628][T15603] Call Trace:
[  485.664933][T15603]  <TASK>
[  485.667876][T15603]  dump_stack_lvl+0x18c/0x250
[  485.672708][T15603]  ? show_regs_print_info+0x20/0x20
[  485.677922][T15603]  ? load_image+0x420/0x420
[  485.682480][T15603]  sysfs_warn_dup+0x8e/0xa0
[  485.687019][T15603]  sysfs_do_create_link_sd+0xc0/0x110
[  485.692435][T15603]  device_add_class_symlinks+0x1cf/0x240
[  485.698119][T15603]  device_add+0x507/0xc20
[  485.702500][T15603]  wiphy_register+0x1dad/0x2ae0
[  485.707415][T15603]  ? cfg80211_event_work+0x40/0x40
[  485.712568][T15603]  ? minstrel_ht_alloc+0x88a/0x990
[  485.717729][T15603]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  485.723837][T15603]  ieee80211_register_hw+0x3464/0x4250
[  485.729353][T15603]  ? ieee80211_tasklet_handler+0x20/0x20
[  485.735020][T15603]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  485.740962][T15603]  ? __debug_object_init+0xec/0x450
[  485.746212][T15603]  ? __asan_memset+0x22/0x40
[  485.750846][T15603]  ? __hrtimer_init+0x186/0x270
[  485.755737][T15603]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  485.761532][T15603]  ? mac80211_hwsim_free+0x220/0x220
[  485.766856][T15603]  ? rcu_is_watching+0x15/0xb0
[  485.771665][T15603]  ? kstrndup+0xbd/0x140
[  485.775961][T15603]  hwsim_new_radio_nl+0xdc9/0x1a90
[  485.781121][T15603]  ? __nla_validate+0x50/0x50
[  485.785853][T15603]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  485.792232][T15603]  ? __nla_parse+0x40/0x50
[  485.796760][T15603]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  485.803133][T15603]  genl_family_rcv_msg_doit+0x211/0x310
[  485.808709][T15603]  ? end_current_label_crit_section+0x170/0x170
[  485.814995][T15603]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  485.820923][T15603]  ? bpf_lsm_capable+0x9/0x10
[  485.825626][T15603]  ? security_capable+0x89/0xb0
[  485.830515][T15603]  genl_rcv_msg+0x619/0x7a0
[  485.835048][T15603]  ? genl_bind+0x360/0x360
[  485.839483][T15603]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  485.845832][T15603]  ? perf_trace_lock+0xfc/0x3b0
[  485.850707][T15603]  netlink_rcv_skb+0x241/0x4d0
[  485.855494][T15603]  ? genl_bind+0x360/0x360
[  485.859926][T15603]  ? netlink_ack+0x1180/0x1180
[  485.864730][T15603]  ? __lock_acquire+0x7d40/0x7d40
[  485.869784][T15603]  ? down_read+0x1ac/0x2e0
[  485.874217][T15603]  genl_rcv+0x28/0x40
[  485.878213][T15603]  netlink_unicast+0x751/0x8d0
[  485.883010][T15603]  netlink_sendmsg+0x8d0/0xbf0
[  485.887957][T15603]  ? netlink_getsockopt+0x590/0x590
[  485.893216][T15603]  ? aa_sock_msg_perm+0x94/0x150
[  485.898204][T15603]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  485.903558][T15603]  ? security_socket_sendmsg+0x80/0xa0
[  485.909041][T15603]  ? netlink_getsockopt+0x590/0x590
[  485.914274][T15603]  ____sys_sendmsg+0x5ba/0x960
[  485.919064][T15603]  ? __asan_memset+0x22/0x40
[  485.923681][T15603]  ? __sys_sendmsg_sock+0x30/0x30
[  485.928722][T15603]  ? __import_iovec+0x5f2/0x850
[  485.933594][T15603]  ? import_iovec+0x73/0xa0
[  485.938116][T15603]  ___sys_sendmsg+0x2a6/0x360
[  485.942813][T15603]  ? __sys_sendmsg+0x2a0/0x2a0
[  485.947644][T15603]  __se_sys_sendmsg+0x1c2/0x2b0
[  485.952516][T15603]  ? __x64_sys_sendmsg+0x80/0x80
[  485.957485][T15603]  ? lockdep_hardirqs_on+0x98/0x150
[  485.962711][T15603]  do_syscall_64+0x55/0xa0
[  485.967145][T15603]  ? clear_bhb_loop+0x40/0x90
[  485.971842][T15603]  ? clear_bhb_loop+0x40/0x90
[  485.976536][T15603]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  485.982531][T15603] RIP: 0033:0x7f6430b9c819
[  485.986960][T15603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  486.006606][T15603] RSP: 002b:00007f642edd5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.015136][T15603] RAX: ffffffffffffffda RBX: 00007f6430e16090 RCX: 00007f6430b9c819
[  486.023118][T15603] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  486.031106][T15603] RBP: 00007f6430c32c91 R08: 0000000000000000 R09: 0000000000000000
[  486.039085][T15603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  486.047065][T15603] R13: 00007f6430e16128 R14: 00007f6430e16090 R15: 00007ffd0ede7b38
[  486.055064][T15603]  </TASK>
[  486.210106][T15626] netlink: 'syz.2.2764': attribute type 1 has an invalid length.
[  486.238177][T15623] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2763'.
[  486.391997][T15634] netlink: 'syz.3.2766': attribute type 25 has an invalid length.
[  486.425614][T15634] netlink: 'syz.3.2766': attribute type 3 has an invalid length.
[  486.450370][T15634] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2766'.
[  486.475899][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.499061][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  486.591402][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.640698][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  486.783537][T15647] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2769'.
[  486.794906][T15653] netlink: 'syz.0.2770': attribute type 10 has an invalid length.
[  486.885111][T15653] team0: Device wg1 is of different type
[  486.936164][T15647] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  486.966823][T15647] CPU: 0 PID: 15647 Comm: syz.2.2769 Not tainted syzkaller #0
[  486.974447][T15647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  486.984624][T15647] Call Trace:
[  486.988022][T15647]  <TASK>
[  486.991066][T15647]  dump_stack_lvl+0x18c/0x250
[  486.996112][T15647]  ? show_regs_print_info+0x20/0x20
[  487.001676][T15647]  ? load_image+0x420/0x420
[  487.006851][T15647]  sysfs_warn_dup+0x8e/0xa0
[  487.011501][T15647]  sysfs_do_create_link_sd+0xc0/0x110
[  487.017027][T15647]  device_add_class_symlinks+0x1cf/0x240
[  487.022822][T15647]  device_add+0x507/0xc20
[  487.027345][T15647]  wiphy_register+0x1dad/0x2ae0
[  487.032522][T15647]  ? cfg80211_event_work+0x40/0x40
[  487.037765][T15647]  ? minstrel_ht_alloc+0x88a/0x990
[  487.043094][T15647]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  487.049348][T15647]  ieee80211_register_hw+0x3464/0x4250
[  487.055148][T15647]  ? ieee80211_tasklet_handler+0x20/0x20
[  487.060911][T15647]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  487.066977][T15647]  ? __debug_object_init+0xec/0x450
[  487.072360][T15647]  ? __asan_memset+0x22/0x40
[  487.077111][T15647]  ? __hrtimer_init+0x186/0x270
[  487.082139][T15647]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  487.088195][T15647]  ? mac80211_hwsim_free+0x220/0x220
[  487.093601][T15647]  ? rcu_is_watching+0x15/0xb0
[  487.098495][T15647]  ? kstrndup+0xbd/0x140
[  487.102949][T15647]  hwsim_new_radio_nl+0xdc9/0x1a90
[  487.108253][T15647]  ? __nla_validate+0x50/0x50
[  487.113179][T15647]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  487.119740][T15647]  ? __nla_parse+0x40/0x50
[  487.124319][T15647]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  487.130806][T15647]  genl_family_rcv_msg_doit+0x211/0x310
[  487.136482][T15647]  ? end_current_label_crit_section+0x170/0x170
[  487.142831][T15647]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  487.148857][T15647]  ? bpf_lsm_capable+0x9/0x10
[  487.153598][T15647]  ? security_capable+0x89/0xb0
[  487.158579][T15647]  genl_rcv_msg+0x619/0x7a0
[  487.163205][T15647]  ? genl_bind+0x360/0x360
[  487.167699][T15647]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  487.174124][T15647]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  487.180783][T15647]  ? ref_tracker_free+0x690/0x840
[  487.185951][T15647]  netlink_rcv_skb+0x241/0x4d0
[  487.190806][T15647]  ? genl_bind+0x360/0x360
[  487.195312][T15647]  ? netlink_ack+0x1180/0x1180
[  487.200250][T15647]  ? __lock_acquire+0x7d40/0x7d40
[  487.205417][T15647]  ? down_read+0x1ac/0x2e0
[  487.209939][T15647]  genl_rcv+0x28/0x40
[  487.213984][T15647]  netlink_unicast+0x751/0x8d0
[  487.218904][T15647]  netlink_sendmsg+0x8d0/0xbf0
[  487.223815][T15647]  ? netlink_getsockopt+0x590/0x590
[  487.229119][T15647]  ? aa_sock_msg_perm+0x94/0x150
[  487.234154][T15647]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  487.239507][T15647]  ? security_socket_sendmsg+0x80/0xa0
[  487.245075][T15647]  ? netlink_getsockopt+0x590/0x590
[  487.250367][T15647]  ____sys_sendmsg+0x5ba/0x960
[  487.255261][T15647]  ? __asan_memset+0x22/0x40
[  487.259929][T15647]  ? __sys_sendmsg_sock+0x30/0x30
[  487.265015][T15647]  ? __import_iovec+0x5f2/0x850
[  487.270004][T15647]  ? import_iovec+0x73/0xa0
[  487.274609][T15647]  ___sys_sendmsg+0x2a6/0x360
[  487.279416][T15647]  ? __sys_sendmsg+0x2a0/0x2a0
[  487.284426][T15647]  ? debug_mutex_init+0x38/0x70
[  487.289543][T15647]  __se_sys_sendmsg+0x1c2/0x2b0
[  487.294495][T15647]  ? __x64_sys_sendmsg+0x80/0x80
[  487.299631][T15647]  ? lockdep_hardirqs_on+0x98/0x150
[  487.304938][T15647]  do_syscall_64+0x55/0xa0
[  487.309425][T15647]  ? clear_bhb_loop+0x40/0x90
[  487.314188][T15647]  ? clear_bhb_loop+0x40/0x90
[  487.318953][T15647]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  487.324921][T15647] RIP: 0033:0x7f6430b9c819
[  487.329422][T15647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  487.349105][T15647] RSP: 002b:00007f642edf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  487.357637][T15647] RAX: ffffffffffffffda RBX: 00007f6430e15fa0 RCX: 00007f6430b9c819
[  487.365714][T15647] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  487.373780][T15647] RBP: 00007f6430c32c91 R08: 0000000000000000 R09: 0000000000000000
[  487.381820][T15647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  487.389855][T15647] R13: 00007f6430e16038 R14: 00007f6430e15fa0 R15: 00007ffd0ede7b38
[  487.398012][T15647]  </TASK>
[  487.442855][T15654] netlink: 'syz.0.2770': attribute type 10 has an invalid length.
[  487.456593][T15654] team0: Device wg1 is of different type
[  487.666128][T15664] netlink: 192952 bytes leftover after parsing attributes in process `syz.1.2772'.
[  487.733254][T15664] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[  488.021233][T15687] sit0: entered promiscuous mode
[  488.030983][T15687] sit0: entered allmulticast mode
[  488.087485][T15687] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2776'.
[  488.886632][ T5772] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  488.897355][ T5772] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  488.919697][ T5772] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  488.947097][ T5772] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  488.956205][ T5772] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  488.971648][ T5772] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  489.089845][T15731] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2785'.
[  489.107821][ T7622] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.214477][T15737] netlink: 2814 bytes leftover after parsing attributes in process `syz.1.2787'.
[  489.232322][T15731] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[  489.255629][T15737] netlink: 2814 bytes leftover after parsing attributes in process `syz.1.2787'.
[  489.290182][ T7622] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.441602][ T7622] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.546853][ T7622] .`: (slave netdevsim0): Releasing backup interface
[  489.554987][ T7622] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[  489.564902][ T7622] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[  489.577992][ T7622] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.777307][T15719] chnl_net:caif_netlink_parms(): no params data found
[  490.006167][T15719] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.030297][T15719] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.052381][T15719] bridge_slave_0: entered allmulticast mode
[  490.074001][T15719] bridge_slave_0: entered promiscuous mode
[  490.096975][T15719] bridge0: port 2(bridge_slave_1) entered blocking state
[  490.116481][T15719] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.145920][T15719] bridge_slave_1: entered allmulticast mode
[  490.167678][T15719] bridge_slave_1: entered promiscuous mode
[  490.270417][T15719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.310031][T15719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  490.423719][T15719] team0: Port device team_slave_0 added
[  490.458752][T15719] team0: Port device team_slave_1 added
[  490.540578][T15719] batman_adv: batadv0: Adding interface: batadv_slave_0
[  490.547728][T15719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  490.581817][T15719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  490.606596][T15719] batman_adv: batadv0: Adding interface: batadv_slave_1
[  490.618933][T15719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  490.649410][T15719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  490.999702][   T51] Bluetooth: hci0: command tx timeout
[  492.644817][T15719] hsr_slave_0: entered promiscuous mode
[  492.654483][T15719] hsr_slave_1: entered promiscuous mode
[  492.661778][T15719] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  492.669971][T15719] Cannot create hsr debugfs directory
[  493.089775][   T51] Bluetooth: hci0: command tx timeout
[  493.144879][T15770] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2795'.
[  493.240740][T15772] 
@ÿ: renamed from bond_slave_0 (while UP)
[  493.288408][T15777] netlink: 'syz.1.2797': attribute type 6 has an invalid length.
[  493.304829][T15777] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2797'.
[  493.341061][T15770] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  493.349098][T15770] CPU: 0 PID: 15770 Comm: syz.0.2795 Not tainted syzkaller #0
[  493.356626][T15770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  493.366731][T15770] Call Trace:
[  493.370072][T15770]  <TASK>
[  493.373025][T15770]  dump_stack_lvl+0x18c/0x250
[  493.377729][T15770]  ? show_regs_print_info+0x20/0x20
[  493.383006][T15770]  ? load_image+0x420/0x420
[  493.387647][T15770]  sysfs_warn_dup+0x8e/0xa0
[  493.392227][T15770]  sysfs_do_create_link_sd+0xc0/0x110
[  493.397666][T15770]  device_add_class_symlinks+0x1cf/0x240
[  493.403390][T15770]  device_add+0x507/0xc20
[  493.407796][T15770]  wiphy_register+0x1dad/0x2ae0
[  493.412820][T15770]  ? cfg80211_event_work+0x40/0x40
[  493.418020][T15770]  ? minstrel_ht_alloc+0x88a/0x990
[  493.423259][T15770]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  493.429433][T15770]  ieee80211_register_hw+0x3464/0x4250
[  493.435086][T15770]  ? ieee80211_tasklet_handler+0x20/0x20
[  493.440803][T15770]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  493.446812][T15770]  ? __debug_object_init+0xec/0x450
[  493.452123][T15770]  ? __asan_memset+0x22/0x40
[  493.456816][T15770]  ? __hrtimer_init+0x186/0x270
[  493.461771][T15770]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  493.463856][T15787] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.2798'.
[  493.467617][T15770]  ? mac80211_hwsim_free+0x220/0x220
[  493.467709][T15770]  ? rcu_is_watching+0x15/0xb0
[  493.467745][T15770]  ? kstrndup+0xbd/0x140
[  493.467818][T15770]  hwsim_new_radio_nl+0xdc9/0x1a90
[  493.467873][T15770]  ? __nla_validate+0x50/0x50
[  493.467956][T15770]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  493.468047][T15770]  ? __nla_parse+0x40/0x50
[  493.468089][T15770]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  493.518802][T15770]  genl_family_rcv_msg_doit+0x211/0x310
[  493.524427][T15770]  ? end_current_label_crit_section+0x170/0x170
[  493.530842][T15770]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  493.536859][T15770]  ? bpf_lsm_capable+0x9/0x10
[  493.541673][T15770]  ? security_capable+0x89/0xb0
[  493.546594][T15770]  genl_rcv_msg+0x619/0x7a0
[  493.551177][T15770]  ? genl_bind+0x360/0x360
[  493.555660][T15770]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  493.562071][T15770]  ? perf_trace_lock+0x304/0x3b0
[  493.567070][T15770]  netlink_rcv_skb+0x241/0x4d0
[  493.571862][T15770]  ? genl_bind+0x360/0x360
[  493.576296][T15770]  ? netlink_ack+0x1180/0x1180
[  493.581104][T15770]  ? __lock_acquire+0x7d40/0x7d40
[  493.586169][T15770]  ? down_read+0x1ac/0x2e0
[  493.590701][T15770]  genl_rcv+0x28/0x40
[  493.594712][T15770]  netlink_unicast+0x751/0x8d0
[  493.599580][T15770]  netlink_sendmsg+0x8d0/0xbf0
[  493.604412][T15770]  ? perf_trace_lock+0x304/0x3b0
[  493.609420][T15770]  ? netlink_getsockopt+0x590/0x590
[  493.614648][T15770]  ? aa_sock_msg_perm+0x94/0x150
[  493.619603][T15770]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  493.624901][T15770]  ? security_socket_sendmsg+0x80/0xa0
[  493.630378][T15770]  ? netlink_getsockopt+0x590/0x590
[  493.635633][T15770]  ____sys_sendmsg+0x5ba/0x960
[  493.640439][T15770]  ? __asan_memset+0x22/0x40
[  493.645049][T15770]  ? __sys_sendmsg_sock+0x30/0x30
[  493.650104][T15770]  ? __import_iovec+0x5f2/0x850
[  493.655064][T15770]  ? import_iovec+0x73/0xa0
[  493.659655][T15770]  ___sys_sendmsg+0x2a6/0x360
[  493.664513][T15770]  ? __sys_sendmsg+0x2a0/0x2a0
[  493.669424][T15770]  ? debug_mutex_init+0x38/0x70
[  493.674376][T15770]  __se_sys_sendmsg+0x1c2/0x2b0
[  493.679252][T15770]  ? __x64_sys_sendmsg+0x80/0x80
[  493.684260][T15770]  ? lockdep_hardirqs_on+0x98/0x150
[  493.689484][T15770]  do_syscall_64+0x55/0xa0
[  493.693911][T15770]  ? clear_bhb_loop+0x40/0x90
[  493.698602][T15770]  ? clear_bhb_loop+0x40/0x90
[  493.703344][T15770]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  493.709301][T15770] RIP: 0033:0x7f1a8eb9c819
[  493.713763][T15770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  493.733414][T15770] RSP: 002b:00007f1a8fa73028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  493.741899][T15770] RAX: ffffffffffffffda RBX: 00007f1a8ee15fa0 RCX: 00007f1a8eb9c819
[  493.749975][T15770] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  493.758006][T15770] RBP: 00007f1a8ec32c91 R08: 0000000000000000 R09: 0000000000000000
[  493.766016][T15770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  493.774025][T15770] R13: 00007f1a8ee16038 R14: 00007f1a8ee15fa0 R15: 00007ffff60893b8
[  493.782079][T15770]  </TASK>
[  494.228523][T15802] netlink: 'syz.0.2801': attribute type 9 has an invalid length.
[  494.261681][T15802] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2801'.
[  494.778222][T15824] netlink: 'syz.3.2805': attribute type 3 has an invalid length.
[  494.807500][T15824] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2805'.
[  495.159533][   T51] Bluetooth: hci0: command tx timeout
[  495.266216][T15835] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2807'.
[  495.306635][T15719] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  495.333317][T15835] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  495.362084][T15835] CPU: 1 PID: 15835 Comm: syz.3.2807 Not tainted syzkaller #0
[  495.369651][T15835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  495.379783][T15835] Call Trace:
[  495.383131][T15835]  <TASK>
[  495.386098][T15835]  dump_stack_lvl+0x18c/0x250
[  495.390857][T15835]  ? show_regs_print_info+0x20/0x20
[  495.396144][T15835]  ? load_image+0x420/0x420
[  495.400789][T15835]  sysfs_warn_dup+0x8e/0xa0
[  495.405368][T15835]  sysfs_do_create_link_sd+0xc0/0x110
[  495.410817][T15835]  device_add_class_symlinks+0x1cf/0x240
[  495.416556][T15835]  device_add+0x507/0xc20
[  495.420987][T15835]  wiphy_register+0x1dad/0x2ae0
[  495.426003][T15835]  ? cfg80211_event_work+0x40/0x40
[  495.431188][T15835]  ? minstrel_ht_alloc+0x88a/0x990
[  495.436393][T15835]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  495.442529][T15835]  ieee80211_register_hw+0x3464/0x4250
[  495.448087][T15835]  ? ieee80211_tasklet_handler+0x20/0x20
[  495.453748][T15835]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  495.459688][T15835]  ? __debug_object_init+0xec/0x450
[  495.464933][T15835]  ? __asan_memset+0x22/0x40
[  495.469561][T15835]  ? __hrtimer_init+0x186/0x270
[  495.474456][T15835]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  495.480279][T15835]  ? mac80211_hwsim_free+0x220/0x220
[  495.485588][T15835]  ? rcu_is_watching+0x15/0xb0
[  495.490391][T15835]  ? kstrndup+0xbd/0x140
[  495.494704][T15835]  hwsim_new_radio_nl+0xdc9/0x1a90
[  495.499897][T15835]  ? __nla_validate+0x50/0x50
[  495.504687][T15835]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  495.511085][T15835]  ? __nla_parse+0x40/0x50
[  495.515545][T15835]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  495.521938][T15835]  genl_family_rcv_msg_doit+0x211/0x310
[  495.527517][T15835]  ? end_current_label_crit_section+0x170/0x170
[  495.533801][T15835]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  495.539750][T15835]  ? bpf_lsm_capable+0x9/0x10
[  495.544457][T15835]  ? security_capable+0x89/0xb0
[  495.549369][T15835]  genl_rcv_msg+0x619/0x7a0
[  495.553964][T15835]  ? genl_bind+0x360/0x360
[  495.558420][T15835]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  495.564795][T15835]  ? perf_trace_lock+0x304/0x3b0
[  495.569815][T15835]  netlink_rcv_skb+0x241/0x4d0
[  495.574636][T15835]  ? genl_bind+0x360/0x360
[  495.579087][T15835]  ? netlink_ack+0x1180/0x1180
[  495.583925][T15835]  ? __lock_acquire+0x7d40/0x7d40
[  495.589006][T15835]  ? down_read+0x1ac/0x2e0
[  495.593456][T15835]  genl_rcv+0x28/0x40
[  495.597464][T15835]  netlink_unicast+0x751/0x8d0
[  495.602303][T15835]  netlink_sendmsg+0x8d0/0xbf0
[  495.607100][T15835]  ? perf_trace_lock+0x304/0x3b0
[  495.612097][T15835]  ? netlink_getsockopt+0x590/0x590
[  495.617347][T15835]  ? aa_sock_msg_perm+0x94/0x150
[  495.622327][T15835]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  495.627639][T15835]  ? security_socket_sendmsg+0x80/0xa0
[  495.633126][T15835]  ? netlink_getsockopt+0x590/0x590
[  495.638371][T15835]  ____sys_sendmsg+0x5ba/0x960
[  495.643226][T15835]  ? __asan_memset+0x22/0x40
[  495.647852][T15835]  ? __sys_sendmsg_sock+0x30/0x30
[  495.652925][T15835]  ? __import_iovec+0x5f2/0x850
[  495.657857][T15835]  ? import_iovec+0x73/0xa0
[  495.662423][T15835]  ___sys_sendmsg+0x2a6/0x360
[  495.667169][T15835]  ? __sys_sendmsg+0x2a0/0x2a0
[  495.672053][T15835]  ? trace_call_bpf+0xc3/0x6c0
[  495.676881][T15835]  ? debug_mutex_init+0x38/0x70
[  495.681876][T15835]  __se_sys_sendmsg+0x1c2/0x2b0
[  495.686801][T15835]  ? __x64_sys_sendmsg+0x80/0x80
[  495.691835][T15835]  ? lockdep_hardirqs_on+0x98/0x150
[  495.697080][T15835]  do_syscall_64+0x55/0xa0
[  495.701538][T15835]  ? clear_bhb_loop+0x40/0x90
[  495.706244][T15835]  ? clear_bhb_loop+0x40/0x90
[  495.710956][T15835]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  495.716873][T15835] RIP: 0033:0x7f15fa19c819
[  495.721323][T15835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  495.741316][T15835] RSP: 002b:00007f15f83f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  495.749766][T15835] RAX: ffffffffffffffda RBX: 00007f15fa415fa0 RCX: 00007f15fa19c819
[  495.757759][T15835] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  495.765756][T15835] RBP: 00007f15fa232c91 R08: 0000000000000000 R09: 0000000000000000
[  495.773768][T15835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  495.781764][T15835] R13: 00007f15fa416038 R14: 00007f15fa415fa0 R15: 00007ffde391eb58
[  495.789925][T15835]  </TASK>
[  495.921914][T15719] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  495.950790][T15719] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  495.979638][T15719] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  496.501915][T15855] netlink: 'syz.3.2811': attribute type 25 has an invalid length.
[  496.536710][T15855] netlink: 'syz.3.2811': attribute type 29 has an invalid length.
[  496.575244][T15719] 8021q: adding VLAN 0 to HW filter on device bond0
[  496.645866][T15719] 8021q: adding VLAN 0 to HW filter on device team0
[  496.720257][ T7635] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.727438][ T7635] bridge0: port 1(bridge_slave_0) entered forwarding state
[  496.815110][ T7635] bridge0: port 2(bridge_slave_1) entered blocking state
[  496.822325][ T7635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  497.239693][   T51] Bluetooth: hci0: command tx timeout
[  497.563742][ T7622] hsr_slave_0: left promiscuous mode
[  497.608575][ T7622] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  497.619786][ T7622] batman_adv: batadv0: Removing interface: batadv_slave_0
[  497.635041][ T7622] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  497.642586][ T7622] batman_adv: batadv0: Removing interface: batadv_slave_1
[  497.762748][T15875] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2817'.
[  498.067000][ T7622] .` (unregistering): (slave geneve0): Releasing backup interface
[  498.077767][ T7622] geneve0 (unregistering): left allmulticast mode
[  498.437307][ T7622] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  498.447567][ T7622] bond_slave_1 (unregistering): left promiscuous mode
[  498.455967][ T7622] bond_slave_1 (unregistering): left allmulticast mode
[  498.496872][ T7622] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  498.505776][ T7622] bond_slave_0 (unregistering): left promiscuous mode
[  498.515261][ T7622] bond_slave_0 (unregistering): left allmulticast mode
[  498.788064][ T7622] .` (unregistering): Released all slaves
[  498.902818][T15875] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  498.914771][T15875] CPU: 0 PID: 15875 Comm: syz.1.2817 Not tainted syzkaller #0
[  498.922295][T15875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  498.932421][T15875] Call Trace:
[  498.935719][T15875]  <TASK>
[  498.938679][T15875]  dump_stack_lvl+0x18c/0x250
[  498.943397][T15875]  ? show_regs_print_info+0x20/0x20
[  498.948637][T15875]  ? load_image+0x420/0x420
[  498.953177][T15875]  sysfs_warn_dup+0x8e/0xa0
[  498.957732][T15875]  sysfs_do_create_link_sd+0xc0/0x110
[  498.963113][T15875]  device_add_class_symlinks+0x1cf/0x240
[  498.968757][T15875]  device_add+0x507/0xc20
[  498.973105][T15875]  wiphy_register+0x1dad/0x2ae0
[  498.977975][T15875]  ? cfg80211_event_work+0x40/0x40
[  498.983088][T15875]  ? minstrel_ht_alloc+0x88a/0x990
[  498.988218][T15875]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  498.994292][T15875]  ieee80211_register_hw+0x3464/0x4250
[  498.999787][T15875]  ? ieee80211_tasklet_handler+0x20/0x20
[  499.005419][T15875]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  499.011333][T15875]  ? __debug_object_init+0xec/0x450
[  499.016565][T15875]  ? __asan_memset+0x22/0x40
[  499.021179][T15875]  ? __hrtimer_init+0x186/0x270
[  499.026086][T15875]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  499.031852][T15875]  ? mac80211_hwsim_free+0x220/0x220
[  499.037147][T15875]  ? rcu_is_watching+0x15/0xb0
[  499.041922][T15875]  ? kstrndup+0xbd/0x140
[  499.046178][T15875]  hwsim_new_radio_nl+0xdc9/0x1a90
[  499.051312][T15875]  ? __nla_validate+0x50/0x50
[  499.056005][T15875]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  499.062353][T15875]  ? __nla_parse+0x40/0x50
[  499.066803][T15875]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  499.073184][T15875]  genl_family_rcv_msg_doit+0x211/0x310
[  499.078752][T15875]  ? end_current_label_crit_section+0x170/0x170
[  499.085007][T15875]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  499.090910][T15875]  ? bpf_lsm_capable+0x9/0x10
[  499.095589][T15875]  ? security_capable+0x89/0xb0
[  499.100455][T15875]  genl_rcv_msg+0x619/0x7a0
[  499.104977][T15875]  ? genl_bind+0x360/0x360
[  499.109400][T15875]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  499.115818][T15875]  ? perf_trace_lock+0x304/0x3b0
[  499.120765][T15875]  netlink_rcv_skb+0x241/0x4d0
[  499.125535][T15875]  ? genl_bind+0x360/0x360
[  499.129983][T15875]  ? netlink_ack+0x1180/0x1180
[  499.134776][T15875]  ? __lock_acquire+0x7d40/0x7d40
[  499.139813][T15875]  ? down_read+0x1ac/0x2e0
[  499.144233][T15875]  genl_rcv+0x28/0x40
[  499.148211][T15875]  netlink_unicast+0x751/0x8d0
[  499.152991][T15875]  netlink_sendmsg+0x8d0/0xbf0
[  499.157767][T15875]  ? perf_trace_lock+0x304/0x3b0
[  499.162714][T15875]  ? netlink_getsockopt+0x590/0x590
[  499.167917][T15875]  ? aa_sock_msg_perm+0x94/0x150
[  499.172871][T15875]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  499.178155][T15875]  ? security_socket_sendmsg+0x80/0xa0
[  499.183616][T15875]  ? netlink_getsockopt+0x590/0x590
[  499.188826][T15875]  ____sys_sendmsg+0x5ba/0x960
[  499.193594][T15875]  ? __asan_memset+0x22/0x40
[  499.198220][T15875]  ? __sys_sendmsg_sock+0x30/0x30
[  499.203264][T15875]  ? __import_iovec+0x5f2/0x850
[  499.208137][T15875]  ? import_iovec+0x73/0xa0
[  499.212650][T15875]  ___sys_sendmsg+0x2a6/0x360
[  499.217346][T15875]  ? __sys_sendmsg+0x2a0/0x2a0
[  499.222132][T15875]  ? trace_call_bpf+0xc3/0x6c0
[  499.226922][T15875]  __se_sys_sendmsg+0x1c2/0x2b0
[  499.231794][T15875]  ? __x64_sys_sendmsg+0x80/0x80
[  499.236759][T15875]  ? lockdep_hardirqs_on+0x98/0x150
[  499.241974][T15875]  do_syscall_64+0x55/0xa0
[  499.246420][T15875]  ? clear_bhb_loop+0x40/0x90
[  499.251119][T15875]  ? clear_bhb_loop+0x40/0x90
[  499.255806][T15875]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  499.261707][T15875] RIP: 0033:0x7f55fe59c819
[  499.266125][T15875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  499.285742][T15875] RSP: 002b:00007f55ff47f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  499.294159][T15875] RAX: ffffffffffffffda RBX: 00007f55fe815fa0 RCX: 00007f55fe59c819
[  499.302131][T15875] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  499.310106][T15875] RBP: 00007f55fe632c91 R08: 0000000000000000 R09: 0000000000000000
[  499.318077][T15875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  499.326061][T15875] R13: 00007f55fe816038 R14: 00007f55fe815fa0 R15: 00007ffc86669f48
[  499.334067][T15875]  </TASK>
[  499.423406][T15719] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  501.650093][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  501.656451][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  501.961384][T15894] netlink: 'syz.0.2830': attribute type 6 has an invalid length.
[  501.971272][T15894] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2830'.
[  502.065245][T15719] 8021q: adding VLAN 0 to HW filter on device batadv0
[  502.159531][T15901] netlink: 'syz.3.2825': attribute type 46 has an invalid length.
[  502.181648][T15719] veth0_vlan: entered promiscuous mode
[  502.208816][T15719] veth1_vlan: entered promiscuous mode
[  502.285697][T15719] veth0_macvtap: entered promiscuous mode
[  502.315462][T15719] veth1_macvtap: entered promiscuous mode
[  502.357439][T15719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  502.370091][T15719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  502.385371][T15719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  502.396127][T15719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  502.406548][T15719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  502.436490][T15719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  502.457046][T15719] batman_adv: batadv0: Interface activated: batadv_slave_0
[  502.476453][T15910] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2829'.
[  502.496041][T15719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  502.513941][T15719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  502.531965][T15719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  502.543975][T15719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  502.554136][T15719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  502.564846][T15719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  502.576440][T15719] batman_adv: batadv0: Interface activated: batadv_slave_1
[  502.598636][T15910] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  502.607808][T15910] CPU: 1 PID: 15910 Comm: syz.3.2829 Not tainted syzkaller #0
[  502.615359][T15910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  502.625478][T15910] Call Trace:
[  502.628816][T15910]  <TASK>
[  502.631806][T15910]  dump_stack_lvl+0x18c/0x250
[  502.636570][T15910]  ? show_regs_print_info+0x20/0x20
[  502.641846][T15910]  ? load_image+0x420/0x420
[  502.646475][T15910]  sysfs_warn_dup+0x8e/0xa0
[  502.651047][T15910]  sysfs_do_create_link_sd+0xc0/0x110
[  502.656499][T15910]  device_add_class_symlinks+0x1cf/0x240
[  502.662219][T15910]  device_add+0x507/0xc20
[  502.666650][T15910]  wiphy_register+0x1dad/0x2ae0
[  502.671647][T15910]  ? cfg80211_event_work+0x40/0x40
[  502.676827][T15910]  ? minstrel_ht_alloc+0x88a/0x990
[  502.682047][T15910]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  502.688220][T15910]  ieee80211_register_hw+0x3464/0x4250
[  502.693801][T15910]  ? ieee80211_tasklet_handler+0x20/0x20
[  502.699467][T15910]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  502.705490][T15910]  ? __debug_object_init+0xec/0x450
[  502.710733][T15910]  ? __asan_memset+0x22/0x40
[  502.715355][T15910]  ? __hrtimer_init+0x186/0x270
[  502.720292][T15910]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  502.726135][T15910]  ? mac80211_hwsim_free+0x220/0x220
[  502.731447][T15910]  ? rcu_is_watching+0x15/0xb0
[  502.736240][T15910]  ? kstrndup+0xbd/0x140
[  502.740543][T15910]  hwsim_new_radio_nl+0xdc9/0x1a90
[  502.745696][T15910]  ? __nla_validate+0x50/0x50
[  502.750437][T15910]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  502.756828][T15910]  ? __nla_parse+0x40/0x50
[  502.761283][T15910]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  502.767655][T15910]  genl_family_rcv_msg_doit+0x211/0x310
[  502.773228][T15910]  ? end_current_label_crit_section+0x170/0x170
[  502.779521][T15910]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  502.785473][T15910]  ? bpf_lsm_capable+0x9/0x10
[  502.790178][T15910]  ? security_capable+0x89/0xb0
[  502.795086][T15910]  genl_rcv_msg+0x619/0x7a0
[  502.799645][T15910]  ? genl_bind+0x360/0x360
[  502.804088][T15910]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  502.810449][T15910]  ? perf_trace_lock+0x304/0x3b0
[  502.815440][T15910]  netlink_rcv_skb+0x241/0x4d0
[  502.820238][T15910]  ? genl_bind+0x360/0x360
[  502.824682][T15910]  ? netlink_ack+0x1180/0x1180
[  502.829517][T15910]  ? __lock_acquire+0x7d40/0x7d40
[  502.834588][T15910]  ? down_read+0x1ac/0x2e0
[  502.839036][T15910]  genl_rcv+0x28/0x40
[  502.843039][T15910]  netlink_unicast+0x751/0x8d0
[  502.847901][T15910]  netlink_sendmsg+0x8d0/0xbf0
[  502.852729][T15910]  ? perf_trace_lock+0x304/0x3b0
[  502.857979][T15910]  ? netlink_getsockopt+0x590/0x590
[  502.863690][T15910]  ? aa_sock_msg_perm+0x94/0x150
[  502.868676][T15910]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  502.873997][T15910]  ? security_socket_sendmsg+0x80/0xa0
[  502.879484][T15910]  ? netlink_getsockopt+0x590/0x590
[  502.884730][T15910]  ____sys_sendmsg+0x5ba/0x960
[  502.889554][T15910]  ? __asan_memset+0x22/0x40
[  502.894187][T15910]  ? __sys_sendmsg_sock+0x30/0x30
[  502.899235][T15910]  ? __import_iovec+0x5f2/0x850
[  502.904137][T15910]  ? import_iovec+0x73/0xa0
[  502.908674][T15910]  ___sys_sendmsg+0x2a6/0x360
[  502.913423][T15910]  ? __sys_sendmsg+0x2a0/0x2a0
[  502.918359][T15910]  __se_sys_sendmsg+0x1c2/0x2b0
[  502.923283][T15910]  ? __x64_sys_sendmsg+0x80/0x80
[  502.928308][T15910]  ? lockdep_hardirqs_on+0x98/0x150
[  502.933547][T15910]  do_syscall_64+0x55/0xa0
[  502.937983][T15910]  ? clear_bhb_loop+0x40/0x90
[  502.942683][T15910]  ? clear_bhb_loop+0x40/0x90
[  502.947393][T15910]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  502.953315][T15910] RIP: 0033:0x7f15fa19c819
[  502.957757][T15910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  502.977424][T15910] RSP: 002b:00007f15f83f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  502.985869][T15910] RAX: ffffffffffffffda RBX: 00007f15fa415fa0 RCX: 00007f15fa19c819
[  502.993869][T15910] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  503.001890][T15910] RBP: 00007f15fa232c91 R08: 0000000000000000 R09: 0000000000000000
[  503.009924][T15910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  503.017936][T15910] R13: 00007f15fa416038 R14: 00007f15fa415fa0 R15: 00007ffde391eb58
[  503.026001][T15910]  </TASK>
[  503.078342][T15719] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  503.095243][T15719] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  503.111914][T15719] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  503.127131][T15719] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  503.410476][ T7630] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  503.418318][ T7630] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  503.648235][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  503.677438][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  504.590301][T15933] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2775'.
[  504.735152][T15949] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2840'.
[  504.758409][T15949] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  504.766711][T15949] CPU: 0 PID: 15949 Comm: syz.3.2840 Not tainted syzkaller #0
[  504.774253][T15949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  504.784382][T15949] Call Trace:
[  504.787713][T15949]  <TASK>
[  504.790705][T15949]  dump_stack_lvl+0x18c/0x250
[  504.795488][T15949]  ? show_regs_print_info+0x20/0x20
[  504.800766][T15949]  ? load_image+0x420/0x420
[  504.805422][T15949]  sysfs_warn_dup+0x8e/0xa0
[  504.810000][T15949]  sysfs_do_create_link_sd+0xc0/0x110
[  504.815453][T15949]  device_add_class_symlinks+0x1cf/0x240
[  504.821182][T15949]  device_add+0x507/0xc20
[  504.825717][T15949]  wiphy_register+0x1dad/0x2ae0
[  504.830746][T15949]  ? cfg80211_event_work+0x40/0x40
[  504.835951][T15949]  ? minstrel_ht_alloc+0x88a/0x990
[  504.841193][T15949]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  504.847352][T15949]  ieee80211_register_hw+0x3464/0x4250
[  504.852988][T15949]  ? ieee80211_tasklet_handler+0x20/0x20
[  504.858682][T15949]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  504.864666][T15949]  ? __debug_object_init+0xec/0x450
[  504.869970][T15949]  ? __asan_memset+0x22/0x40
[  504.874645][T15949]  ? __hrtimer_init+0x186/0x270
[  504.879584][T15949]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  504.885466][T15949]  ? mac80211_hwsim_free+0x220/0x220
[  504.890827][T15949]  ? rcu_is_watching+0x15/0xb0
[  504.895685][T15949]  ? kstrndup+0xbd/0x140
[  504.900058][T15949]  hwsim_new_radio_nl+0xdc9/0x1a90
[  504.905283][T15949]  ? __nla_validate+0x50/0x50
[  504.910097][T15949]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  504.916561][T15949]  ? __nla_parse+0x40/0x50
[  504.921101][T15949]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  504.927631][T15949]  genl_family_rcv_msg_doit+0x211/0x310
[  504.933256][T15949]  ? end_current_label_crit_section+0x170/0x170
[  504.939605][T15949]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  504.945603][T15949]  ? bpf_lsm_capable+0x9/0x10
[  504.950347][T15949]  ? security_capable+0x89/0xb0
[  504.955311][T15949]  genl_rcv_msg+0x619/0x7a0
[  504.959950][T15949]  ? genl_bind+0x360/0x360
[  504.964448][T15949]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  504.970864][T15949]  ? perf_trace_lock+0x304/0x3b0
[  504.975920][T15949]  netlink_rcv_skb+0x241/0x4d0
[  504.980782][T15949]  ? genl_bind+0x360/0x360
[  504.985280][T15949]  ? netlink_ack+0x1180/0x1180
[  504.990189][T15949]  ? __lock_acquire+0x7d40/0x7d40
[  504.995328][T15949]  ? down_read+0x1ac/0x2e0
[  504.999836][T15949]  genl_rcv+0x28/0x40
[  505.003909][T15949]  netlink_unicast+0x751/0x8d0
[  505.008806][T15949]  netlink_sendmsg+0x8d0/0xbf0
[  505.013645][T15949]  ? perf_trace_lock+0x304/0x3b0
[  505.018688][T15949]  ? netlink_getsockopt+0x590/0x590
[  505.023985][T15949]  ? aa_sock_msg_perm+0x94/0x150
[  505.029026][T15949]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  505.034391][T15949]  ? security_socket_sendmsg+0x80/0xa0
[  505.039943][T15949]  ? netlink_getsockopt+0x590/0x590
[  505.045238][T15949]  ____sys_sendmsg+0x5ba/0x960
[  505.050117][T15949]  ? __asan_memset+0x22/0x40
[  505.054783][T15949]  ? __sys_sendmsg_sock+0x30/0x30
[  505.059874][T15949]  ? __import_iovec+0x5f2/0x850
[  505.064857][T15949]  ? import_iovec+0x73/0xa0
[  505.069446][T15949]  ___sys_sendmsg+0x2a6/0x360
[  505.074216][T15949]  ? __sys_sendmsg+0x2a0/0x2a0
[  505.079273][T15949]  __se_sys_sendmsg+0x1c2/0x2b0
[  505.084209][T15949]  ? __x64_sys_sendmsg+0x80/0x80
[  505.089300][T15949]  ? lockdep_hardirqs_on+0x98/0x150
[  505.094598][T15949]  do_syscall_64+0x55/0xa0
[  505.099083][T15949]  ? clear_bhb_loop+0x40/0x90
[  505.103827][T15949]  ? clear_bhb_loop+0x40/0x90
[  505.108598][T15949]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  505.114565][T15949] RIP: 0033:0x7f15fa19c819
[  505.119047][T15949] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  505.130373][T15956] netlink: 'syz.1.2841': attribute type 21 has an invalid length.
[  505.138688][T15949] RSP: 002b:00007f15f83f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  505.138726][T15949] RAX: ffffffffffffffda RBX: 00007f15fa415fa0 RCX: 00007f15fa19c819
[  505.138747][T15949] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  505.138764][T15949] RBP: 00007f15fa232c91 R08: 0000000000000000 R09: 0000000000000000
[  505.179090][T15949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  505.187134][T15949] R13: 00007f15fa416038 R14: 00007f15fa415fa0 R15: 00007ffde391eb58
[  505.195257][T15949]  </TASK>
[  505.239352][T15954] netlink: 209820 bytes leftover after parsing attributes in process `syz.2.2842'.
[  505.477403][T15961] netlink: 184 bytes leftover after parsing attributes in process `syz.1.2841'.
[  505.617521][T15966] syzkaller0: entered promiscuous mode
[  505.626932][T15966] syzkaller0: entered allmulticast mode
[  506.635506][T15980] syz.3.2849[15980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  506.635752][T15980] syz.3.2849[15980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  508.269799][T15978] IPv6: Can't replace route, no match found
[  508.291662][T15979] netlink: 65027 bytes leftover after parsing attributes in process `syz.3.2849'.
[  509.219263][T16012] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2852'.
[  509.244973][T16012] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  509.255276][T16012] CPU: 0 PID: 16012 Comm: syz.0.2852 Not tainted syzkaller #0
[  509.262859][T16012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  509.272987][T16012] Call Trace:
[  509.276332][T16012]  <TASK>
[  509.279324][T16012]  dump_stack_lvl+0x18c/0x250
[  509.284095][T16012]  ? show_regs_print_info+0x20/0x20
[  509.289380][T16012]  ? load_image+0x420/0x420
[  509.294014][T16012]  sysfs_warn_dup+0x8e/0xa0
[  509.298584][T16012]  sysfs_do_create_link_sd+0xc0/0x110
[  509.304018][T16012]  device_add_class_symlinks+0x1cf/0x240
[  509.309754][T16012]  device_add+0x507/0xc20
[  509.314177][T16012]  wiphy_register+0x1dad/0x2ae0
[  509.319171][T16012]  ? cfg80211_event_work+0x40/0x40
[  509.324349][T16012]  ? minstrel_ht_alloc+0x88a/0x990
[  509.329568][T16012]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  509.335733][T16012]  ieee80211_register_hw+0x3464/0x4250
[  509.341360][T16012]  ? ieee80211_tasklet_handler+0x20/0x20
[  509.347149][T16012]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  509.353124][T16012]  ? __debug_object_init+0xec/0x450
[  509.358403][T16012]  ? __asan_memset+0x22/0x40
[  509.363076][T16012]  ? __hrtimer_init+0x186/0x270
[  509.368020][T16012]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  509.373879][T16012]  ? mac80211_hwsim_free+0x220/0x220
[  509.379200][T16012]  ? rcu_is_watching+0x15/0xb0
[  509.383997][T16012]  ? kstrndup+0xbd/0x140
[  509.388308][T16012]  hwsim_new_radio_nl+0xdc9/0x1a90
[  509.393464][T16012]  ? __nla_validate+0x50/0x50
[  509.398201][T16012]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  509.404624][T16012]  ? __nla_parse+0x40/0x50
[  509.409079][T16012]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  509.415479][T16012]  genl_family_rcv_msg_doit+0x211/0x310
[  509.421065][T16012]  ? end_current_label_crit_section+0x170/0x170
[  509.427355][T16012]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  509.433396][T16012]  ? bpf_lsm_capable+0x9/0x10
[  509.438104][T16012]  ? security_capable+0x89/0xb0
[  509.443020][T16012]  genl_rcv_msg+0x619/0x7a0
[  509.447580][T16012]  ? genl_bind+0x360/0x360
[  509.452030][T16012]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  509.458402][T16012]  ? perf_trace_lock+0x304/0x3b0
[  509.463404][T16012]  netlink_rcv_skb+0x241/0x4d0
[  509.468216][T16012]  ? genl_bind+0x360/0x360
[  509.472666][T16012]  ? netlink_ack+0x1180/0x1180
[  509.477500][T16012]  ? __lock_acquire+0x7d40/0x7d40
[  509.482580][T16012]  ? down_read+0x1ac/0x2e0
[  509.487031][T16012]  genl_rcv+0x28/0x40
[  509.491044][T16012]  netlink_unicast+0x751/0x8d0
[  509.495901][T16012]  netlink_sendmsg+0x8d0/0xbf0
[  509.500697][T16012]  ? perf_trace_lock+0x304/0x3b0
[  509.505712][T16012]  ? netlink_getsockopt+0x590/0x590
[  509.510974][T16012]  ? aa_sock_msg_perm+0x94/0x150
[  509.515966][T16012]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  509.521283][T16012]  ? security_socket_sendmsg+0x80/0xa0
[  509.526766][T16012]  ? netlink_getsockopt+0x590/0x590
[  509.532013][T16012]  ____sys_sendmsg+0x5ba/0x960
[  509.536848][T16012]  ? __asan_memset+0x22/0x40
[  509.541470][T16012]  ? __sys_sendmsg_sock+0x30/0x30
[  509.546572][T16012]  ? __import_iovec+0x5f2/0x850
[  509.551480][T16012]  ? import_iovec+0x73/0xa0
[  509.556022][T16012]  ___sys_sendmsg+0x2a6/0x360
[  509.560758][T16012]  ? __sys_sendmsg+0x2a0/0x2a0
[  509.565659][T16012]  ? debug_mutex_init+0x38/0x70
[  509.570904][T16012]  __se_sys_sendmsg+0x1c2/0x2b0
[  509.575816][T16012]  ? __x64_sys_sendmsg+0x80/0x80
[  509.580846][T16012]  ? lockdep_hardirqs_on+0x98/0x150
[  509.586090][T16012]  do_syscall_64+0x55/0xa0
[  509.590531][T16012]  ? clear_bhb_loop+0x40/0x90
[  509.595234][T16012]  ? clear_bhb_loop+0x40/0x90
[  509.599972][T16012]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  509.605909][T16012] RIP: 0033:0x7f1a8eb9c819
[  509.610370][T16012] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  509.630016][T16012] RSP: 002b:00007f1a8fa73028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  509.638463][T16012] RAX: ffffffffffffffda RBX: 00007f1a8ee15fa0 RCX: 00007f1a8eb9c819
[  509.646460][T16012] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  509.654454][T16012] RBP: 00007f1a8ec32c91 R08: 0000000000000000 R09: 0000000000000000
[  509.662454][T16012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  509.670449][T16012] R13: 00007f1a8ee16038 R14: 00007f1a8ee15fa0 R15: 00007ffff60893b8
[  509.678491][T16012]  </TASK>
[  509.855564][T16029] netlink: 'syz.1.2863': attribute type 10 has an invalid length.
[  509.995365][T16029] veth0_vlan: left promiscuous mode
[  510.014200][T16029] veth0_vlan: entered promiscuous mode
[  510.026368][T16029] team0: Device veth0_vlan failed to register rx_handler
[  510.120953][T16037] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.2866'.
[  510.135163][T16041] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2867'.
[  510.399935][T16047] netlink: 'syz.3.2868': attribute type 10 has an invalid length.
[  510.446331][T16047] batman_adv: batadv0: Adding interface: netdevsim0
[  510.455104][T16047] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  510.488523][T16047] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  510.512394][T16057] netlink: 'syz.0.2871': attribute type 1 has an invalid length.
[  510.539954][T16057] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.2871'.
[  510.721158][T16053] delete_channel: no stack
[  510.729777][T16062] netlink: 'syz.0.2872': attribute type 46 has an invalid length.
[  511.431586][T16077] netlink: 'syz.2.2877': attribute type 22 has an invalid length.
[  511.703967][T16094] syz.1.2881[16094] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  511.704103][T16094] syz.1.2881[16094] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  511.849076][T16115] netlink: 'syz.3.2885': attribute type 2 has an invalid length.
[  511.995817][T16120] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2886'.
[  512.031650][T16120] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  512.059581][T16120] CPU: 1 PID: 16120 Comm: syz.1.2886 Not tainted syzkaller #0
[  512.067145][T16120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  512.077271][T16120] Call Trace:
[  512.080619][T16120]  <TASK>
[  512.083617][T16120]  dump_stack_lvl+0x18c/0x250
[  512.088383][T16120]  ? show_regs_print_info+0x20/0x20
[  512.093649][T16120]  ? load_image+0x420/0x420
[  512.098260][T16120]  sysfs_warn_dup+0x8e/0xa0
[  512.102823][T16120]  sysfs_do_create_link_sd+0xc0/0x110
[  512.108252][T16120]  device_add_class_symlinks+0x1cf/0x240
[  512.113937][T16120]  device_add+0x507/0xc20
[  512.118317][T16120]  wiphy_register+0x1dad/0x2ae0
[  512.123251][T16120]  ? cfg80211_event_work+0x40/0x40
[  512.128387][T16120]  ? minstrel_ht_alloc+0x88a/0x990
[  512.133565][T16120]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  512.139679][T16120]  ieee80211_register_hw+0x3464/0x4250
[  512.145238][T16120]  ? ieee80211_tasklet_handler+0x20/0x20
[  512.150894][T16120]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  512.156826][T16120]  ? __debug_object_init+0xec/0x450
[  512.162076][T16120]  ? __asan_memset+0x22/0x40
[  512.166710][T16120]  ? __hrtimer_init+0x186/0x270
[  512.171607][T16120]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  512.177475][T16120]  ? mac80211_hwsim_free+0x220/0x220
[  512.182799][T16120]  ? rcu_is_watching+0x15/0xb0
[  512.187623][T16120]  ? kstrndup+0xbd/0x140
[  512.191931][T16120]  hwsim_new_radio_nl+0xdc9/0x1a90
[  512.197073][T16120]  ? trace_event_raw_event_preemptirq_template+0x1f0/0x1f0
[  512.204295][T16120]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  512.210336][T16120]  ? mark_lock+0x94/0x320
[  512.214728][T16120]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  512.221109][T16120]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  512.227292][T16120]  ? lockdep_hardirqs_on+0x98/0x150
[  512.232522][T16120]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  512.238749][T16120]  genl_family_rcv_msg_doit+0x211/0x310
[  512.244333][T16120]  ? end_current_label_crit_section+0x170/0x170
[  512.250629][T16120]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  512.256578][T16120]  ? bpf_lsm_capable+0x9/0x10
[  512.261281][T16120]  ? security_capable+0x89/0xb0
[  512.266188][T16120]  genl_rcv_msg+0x619/0x7a0
[  512.270750][T16120]  ? genl_bind+0x360/0x360
[  512.275189][T16120]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  512.281550][T16120]  ? perf_trace_lock+0x304/0x3b0
[  512.286564][T16120]  netlink_rcv_skb+0x241/0x4d0
[  512.291365][T16120]  ? genl_bind+0x360/0x360
[  512.295810][T16120]  ? netlink_ack+0x1180/0x1180
[  512.300646][T16120]  ? __lock_acquire+0x7d40/0x7d40
[  512.305730][T16120]  ? down_read+0x1ac/0x2e0
[  512.310189][T16120]  genl_rcv+0x28/0x40
[  512.314200][T16120]  netlink_unicast+0x751/0x8d0
[  512.319024][T16120]  netlink_sendmsg+0x8d0/0xbf0
[  512.323818][T16120]  ? perf_trace_lock+0x304/0x3b0
[  512.328799][T16120]  ? netlink_getsockopt+0x590/0x590
[  512.334036][T16120]  ? aa_sock_msg_perm+0x94/0x150
[  512.339011][T16120]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  512.344325][T16120]  ? security_socket_sendmsg+0x80/0xa0
[  512.349814][T16120]  ? netlink_getsockopt+0x590/0x590
[  512.355048][T16120]  ____sys_sendmsg+0x5ba/0x960
[  512.359857][T16120]  ? __asan_memset+0x22/0x40
[  512.364479][T16120]  ? __sys_sendmsg_sock+0x30/0x30
[  512.369530][T16120]  ? __import_iovec+0x5f2/0x850
[  512.374431][T16120]  ? import_iovec+0x73/0xa0
[  512.378969][T16120]  ___sys_sendmsg+0x2a6/0x360
[  512.383694][T16120]  ? __sys_sendmsg+0x2a0/0x2a0
[  512.388658][T16120]  __se_sys_sendmsg+0x1c2/0x2b0
[  512.393551][T16120]  ? __x64_sys_sendmsg+0x80/0x80
[  512.398560][T16120]  ? lockdep_hardirqs_on+0x98/0x150
[  512.403798][T16120]  do_syscall_64+0x55/0xa0
[  512.408234][T16120]  ? clear_bhb_loop+0x40/0x90
[  512.412940][T16120]  ? clear_bhb_loop+0x40/0x90
[  512.417650][T16120]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  512.423574][T16120] RIP: 0033:0x7f55fe59c819
[  512.428025][T16120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  512.447671][T16120] RSP: 002b:00007f55ff47f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  512.456136][T16120] RAX: ffffffffffffffda RBX: 00007f55fe815fa0 RCX: 00007f55fe59c819
[  512.464187][T16120] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  512.472179][T16120] RBP: 00007f55fe632c91 R08: 0000000000000000 R09: 0000000000000000
[  512.480174][T16120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  512.488162][T16120] R13: 00007f55fe816038 R14: 00007f55fe815fa0 R15: 00007ffc86669f48
[  512.496203][T16120]  </TASK>
[  512.792379][T16120] netlink: 11254 bytes leftover after parsing attributes in process `syz.1.2886'.
[  512.793097][   T51] Bluetooth: hci4: ISO packet for unknown connection handle 14
[  513.019502][T16136] netlink: 'syz.2.2891': attribute type 10 has an invalid length.
[  513.107681][T16136] team0: Port device geneve1 added
[  513.467490][T16148] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2895'.
[  513.507989][T16148] netlink: 'syz.2.2895': attribute type 10 has an invalid length.
[  513.628518][T16148] 8021q: adding VLAN 0 to HW filter on device team0
[  513.675440][T16148] bond0: (slave team0): Enslaving as an active interface with an up link
[  514.027311][T16156] netlink: 'syz.0.2898': attribute type 9 has an invalid length.
[  514.049274][T16156] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.2898'.
[  514.468954][T16170] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2901'.
[  514.496621][T16170] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  514.521261][T16170] CPU: 0 PID: 16170 Comm: syz.1.2901 Not tainted syzkaller #0
[  514.528838][T16170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  514.538960][T16170] Call Trace:
[  514.542293][T16170]  <TASK>
[  514.545284][T16170]  dump_stack_lvl+0x18c/0x250
[  514.550073][T16170]  ? show_regs_print_info+0x20/0x20
[  514.555532][T16170]  ? load_image+0x420/0x420
[  514.560166][T16170]  sysfs_warn_dup+0x8e/0xa0
[  514.564739][T16170]  sysfs_do_create_link_sd+0xc0/0x110
[  514.570448][T16170]  device_add_class_symlinks+0x1cf/0x240
[  514.576175][T16170]  device_add+0x507/0xc20
[  514.580601][T16170]  wiphy_register+0x1dad/0x2ae0
[  514.585603][T16170]  ? cfg80211_event_work+0x40/0x40
[  514.590750][T16170]  ? minstrel_ht_alloc+0x88a/0x990
[  514.595947][T16170]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  514.602103][T16170]  ieee80211_register_hw+0x3464/0x4250
[  514.607716][T16170]  ? ieee80211_tasklet_handler+0x20/0x20
[  514.613404][T16170]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  514.619377][T16170]  ? __debug_object_init+0xec/0x450
[  514.624659][T16170]  ? __asan_memset+0x22/0x40
[  514.629331][T16170]  ? __hrtimer_init+0x186/0x270
[  514.634251][T16170]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  514.640084][T16170]  ? mac80211_hwsim_free+0x220/0x220
[  514.645398][T16170]  ? rcu_is_watching+0x15/0xb0
[  514.650191][T16170]  ? kstrndup+0xbd/0x140
[  514.654488][T16170]  hwsim_new_radio_nl+0xdc9/0x1a90
[  514.659641][T16170]  ? __nla_validate+0x50/0x50
[  514.664386][T16170]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  514.670780][T16170]  ? __nla_parse+0x40/0x50
[  514.675234][T16170]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  514.681613][T16170]  genl_family_rcv_msg_doit+0x211/0x310
[  514.687186][T16170]  ? end_current_label_crit_section+0x170/0x170
[  514.693469][T16170]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  514.699416][T16170]  ? bpf_lsm_capable+0x9/0x10
[  514.704125][T16170]  ? security_capable+0x89/0xb0
[  514.709024][T16170]  genl_rcv_msg+0x619/0x7a0
[  514.713574][T16170]  ? genl_bind+0x360/0x360
[  514.718013][T16170]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  514.724380][T16170]  ? perf_trace_lock+0x304/0x3b0
[  514.729375][T16170]  netlink_rcv_skb+0x241/0x4d0
[  514.734183][T16170]  ? genl_bind+0x360/0x360
[  514.738628][T16170]  ? netlink_ack+0x1180/0x1180
[  514.743458][T16170]  ? __lock_acquire+0x7d40/0x7d40
[  514.748534][T16170]  ? down_read+0x1ac/0x2e0
[  514.752985][T16170]  genl_rcv+0x28/0x40
[  514.756985][T16170]  netlink_unicast+0x751/0x8d0
[  514.761811][T16170]  netlink_sendmsg+0x8d0/0xbf0
[  514.766601][T16170]  ? perf_trace_lock+0x304/0x3b0
[  514.771589][T16170]  ? netlink_getsockopt+0x590/0x590
[  514.776829][T16170]  ? aa_sock_msg_perm+0x94/0x150
[  514.781804][T16170]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  514.787111][T16170]  ? security_socket_sendmsg+0x80/0xa0
[  514.792586][T16170]  ? netlink_getsockopt+0x590/0x590
[  514.797816][T16170]  ____sys_sendmsg+0x5ba/0x960
[  514.802648][T16170]  ? __asan_memset+0x22/0x40
[  514.807284][T16170]  ? __sys_sendmsg_sock+0x30/0x30
[  514.812326][T16170]  ? __import_iovec+0x5f2/0x850
[  514.817223][T16170]  ? import_iovec+0x73/0xa0
[  514.821788][T16170]  ___sys_sendmsg+0x2a6/0x360
[  514.826613][T16170]  ? __sys_sendmsg+0x2a0/0x2a0
[  514.831568][T16170]  __se_sys_sendmsg+0x1c2/0x2b0
[  514.836472][T16170]  ? __x64_sys_sendmsg+0x80/0x80
[  514.841516][T16170]  ? lockdep_hardirqs_on+0x98/0x150
[  514.846755][T16170]  do_syscall_64+0x55/0xa0
[  514.851195][T16170]  ? clear_bhb_loop+0x40/0x90
[  514.855904][T16170]  ? clear_bhb_loop+0x40/0x90
[  514.860619][T16170]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  514.866624][T16170] RIP: 0033:0x7f55fe59c819
[  514.871068][T16170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  514.890708][T16170] RSP: 002b:00007f55ff47f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  514.899153][T16170] RAX: ffffffffffffffda RBX: 00007f55fe815fa0 RCX: 00007f55fe59c819
[  514.907143][T16170] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000c
[  514.915144][T16170] RBP: 00007f55fe632c91 R08: 0000000000000000 R09: 0000000000000000
[  514.923145][T16170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  514.931142][T16170] R13: 00007f55fe816038 R14: 00007f55fe815fa0 R15: 00007ffc86669f48
[  514.939187][T16170]  </TASK>
[  514.979972][T16176] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2904'.
[  515.008044][T16176] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2904'.
[  515.036377][T16176] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2904'.
[  515.057899][T16176] netlink: 'syz.2.2904': attribute type 46 has an invalid length.
[  515.076013][T16176] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2904'.
[  515.448763][T16199] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2909'.
[  515.810454][T16209] netdevsim netdevsim1 ÿÿÿÿÿÿ: renamed from netdevsim0 (while UP)
[  516.429297][T16221] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2917'.
[  516.878070][T16226] ==================================================================
[  516.886180][T16226] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6bf/0x900
[  516.894025][T16226] Write of size 72 at addr ffff88805e53b210 by task syz.1.2919/16226
[  516.902113][T16226] 
[  516.904441][T16226] CPU: 1 PID: 16226 Comm: syz.1.2919 Not tainted syzkaller #0
[  516.911911][T16226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  516.921979][T16226] Call Trace:
[  516.925271][T16226]  <TASK>
[  516.928208][T16226]  dump_stack_lvl+0x18c/0x250
[  516.932897][T16226]  ? __lock_acquire+0x7d40/0x7d40
[  516.937923][T16226]  ? show_regs_print_info+0x20/0x20
[  516.943122][T16226]  ? load_image+0x420/0x420
[  516.947621][T16226]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  516.953075][T16226]  ? __virt_addr_valid+0x18c/0x540
[  516.958188][T16226]  ? __virt_addr_valid+0x469/0x540
[  516.963292][T16226]  print_report+0xa8/0x210
[  516.967711][T16226]  ? __bpf_get_stackid+0x6bf/0x900
[  516.972817][T16226]  kasan_report+0x117/0x150
[  516.977401][T16226]  ? __bpf_get_stackid+0x6bf/0x900
[  516.982507][T16226]  kasan_check_range+0x241/0x290
[  516.987441][T16226]  ? __bpf_get_stackid+0x6bf/0x900
[  516.993073][T16226]  __asan_memcpy+0x40/0x70
[  516.997484][T16226]  __bpf_get_stackid+0x6bf/0x900
[  517.002427][T16226]  bpf_get_stackid_pe+0x343/0x410
[  517.007452][T16226]  bpf_prog_02c92f715e75ceb8+0x30/0x45
[  517.012906][T16226]  bpf_overflow_handler+0x1fc/0x510
[  517.018110][T16226]  ? bpf_overflow_handler+0xde/0x510
[  517.023401][T16226]  ? tp_perf_event_destroy+0x20/0x20
[  517.028682][T16226]  ? __perf_event_account_interrupt+0x187/0x280
[  517.034915][T16226]  __perf_event_overflow+0x447/0x630
[  517.040192][T16226]  ? mark_lock+0x94/0x320
[  517.044515][T16226]  perf_swevent_overflow+0x268/0x340
[  517.049819][T16226]  ? mark_lock+0x94/0x320
[  517.054154][T16226]  ? perf_event_switch_output+0x790/0x790
[  517.059888][T16226]  ? rcu_is_watching+0x15/0xb0
[  517.064655][T16226]  perf_swevent_event+0x45c/0x570
[  517.069679][T16226]  ? perf_tp_event+0x1520/0x1520
[  517.074614][T16226]  ___perf_sw_event+0x4a7/0x730
[  517.079463][T16226]  ? ___perf_sw_event+0x199/0x730
[  517.084488][T16226]  ? perf_swevent_put_recursion_context+0xb0/0xb0
[  517.090900][T16226]  ? __lock_acquire+0x1347/0x7d40
[  517.095960][T16226]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  517.101934][T16226]  ? lock_chain_count+0x20/0x20
[  517.106779][T16226]  __perf_sw_event+0x139/0x270
[  517.111544][T16226]  do_user_addr_fault+0x123e/0x12c0
[  517.116743][T16226]  ? rcu_is_watching+0x15/0xb0
[  517.121515][T16226]  exc_page_fault+0x64/0x100
[  517.126105][T16226]  asm_exc_page_fault+0x26/0x30
[  517.130952][T16226] RIP: 0010:rep_movs_alternative+0x33/0x90
[  517.136755][T16226] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  517.156360][T16226] RSP: 0018:ffffc9000c83edd0 EFLAGS: 00050202
[  517.162421][T16226] RAX: 2064696c61766e69 RBX: 000000000000002b RCX: 000000000000002b
[  517.170382][T16226] RDX: 0000000000000000 RSI: ffff88802dcf068c RDI: 000000000000cf3d
[  517.178429][T16226] RBP: ffff88802dcf0688 R08: ffff88802dcf06b6 R09: 1ffff11005b9e0d6
[  517.186486][T16226] R10: dffffc0000000000 R11: ffffed1005b9e0d7 R12: 000000000000cf68
[  517.194447][T16226] R13: ffff88802dcf068c R14: 000000000000cf3d R15: ffff88802dcf068c
[  517.202417][T16226]  _copy_to_user+0x85/0xa0
[  517.206832][T16226]  bpf_verifier_vlog+0x45c/0x870
[  517.211800][T16226]  verbose+0x11e/0x1a0
[  517.215867][T16226]  ? check_func_arg_reg_off+0x2f0/0x2f0
[  517.221408][T16226]  ? check_ptr_alignment+0x41a/0x6c0
[  517.226690][T16226]  ? sk_filter_is_valid_access+0x7d0/0x920
[  517.232494][T16226]  check_ctx_access+0x251/0x440
[  517.237362][T16226]  ? __mark_reg_known+0x230/0x230
[  517.242382][T16226]  ? is_bpf_text_address+0x26/0x2a0
[  517.247577][T16226]  check_mem_access+0xa18/0x19f0
[  517.252519][T16226]  do_check+0x5de9/0xdbf0
[  517.256845][T16226]  ? stack_trace_save+0xaa/0x100
[  517.261778][T16226]  ? kasan_set_track+0x4e/0x70
[  517.266536][T16226]  ? __sys_bpf+0x5ba/0x890
[  517.270944][T16226]  ? __x64_sys_bpf+0x7c/0x90
[  517.275535][T16226]  ? init_func_state+0x2cf0/0x2cf0
[  517.280640][T16226]  ? __asan_memset+0x22/0x40
[  517.285224][T16226]  ? init_func_state+0x1dba/0x2cf0
[  517.290334][T16226]  do_check_common+0xadb/0x13e0
[  517.295186][T16226]  bpf_check+0x658e/0xeba0
[  517.299608][T16226]  ? __lock_acquire+0x1273/0x7d40
[  517.304622][T16226]  ? bpf_get_btf_vmlinux+0x20/0x20
[  517.309732][T16226]  ? mark_lock+0x94/0x320
[  517.314054][T16226]  ? __lock_acquire+0x1347/0x7d40
[  517.319088][T16226]  ? verify_lock_unused+0x140/0x140
[  517.324285][T16226]  ? verify_lock_unused+0x140/0x140
[  517.329484][T16226]  ? verify_lock_unused+0x140/0x140
[  517.334681][T16226]  ? pcpu_memcg_post_alloc_hook+0xef/0x3f0
[  517.340572][T16226]  ? __lock_acquire+0x7d40/0x7d40
[  517.345681][T16226]  ? perf_trace_preemptirq_template+0xac/0x330
[  517.351829][T16226]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  517.357806][T16226]  ? lock_chain_count+0x20/0x20
[  517.362646][T16226]  ? seqcount_lockdep_reader_access+0x12b/0x1d0
[  517.368879][T16226]  ? lockdep_hardirqs_on+0x98/0x150
[  517.374066][T16226]  ? ktime_get_with_offset+0x103/0x330
[  517.379516][T16226]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  517.385743][T16226]  ? ktime_get_real_ts64+0x440/0x440
[  517.391028][T16226]  ? do_raw_spin_unlock+0x121/0x230
[  517.396224][T16226]  ? bpf_obj_name_cpy+0x194/0x1e0
[  517.401253][T16226]  bpf_prog_load+0x1163/0x1670
[  517.406013][T16226]  ? map_freeze+0x420/0x420
[  517.410513][T16226]  ? __might_fault+0xaa/0x120
[  517.415176][T16226]  ? __might_fault+0xc6/0x120
[  517.419841][T16226]  ? __might_fault+0xaa/0x120
[  517.424510][T16226]  ? bpf_lsm_bpf+0x9/0x10
[  517.428829][T16226]  ? security_bpf+0x7e/0xa0
[  517.433417][T16226]  __sys_bpf+0x5ba/0x890
[  517.437650][T16226]  ? bpf_link_show_fdinfo+0x390/0x390
[  517.443092][T16226]  ? lock_chain_count+0x20/0x20
[  517.447939][T16226]  __x64_sys_bpf+0x7c/0x90
[  517.452349][T16226]  do_syscall_64+0x55/0xa0
[  517.456759][T16226]  ? clear_bhb_loop+0x40/0x90
[  517.461427][T16226]  ? clear_bhb_loop+0x40/0x90
[  517.466099][T16226]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  517.471984][T16226] RIP: 0033:0x7f55fe59c819
[  517.476385][T16226] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  517.495981][T16226] RSP: 002b:00007f55ff47f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  517.504387][T16226] RAX: ffffffffffffffda RBX: 00007f55fe815fa0 RCX: 00007f55fe59c819
[  517.512350][T16226] RDX: 0000000000000023 RSI: 000020000000e000 RDI: 0000000000000005
[  517.520328][T16226] RBP: 00007f55fe632c91 R08: 0000000000000000 R09: 0000000000000000
[  517.528295][T16226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  517.536255][T16226] R13: 00007f55fe816038 R14: 00007f55fe815fa0 R15: 00007ffc86669f48
[  517.544227][T16226]  </TASK>
[  517.547235][T16226] 
[  517.549543][T16226] Allocated by task 16226:
[  517.553947][T16226]  kasan_set_track+0x4e/0x70
[  517.558619][T16226]  __kasan_kmalloc+0x8f/0xa0
[  517.563311][T16226]  __kmalloc_node+0xb4/0x230
[  517.567896][T16226]  bpf_map_area_alloc+0x5e/0x110
[  517.572824][T16226]  prealloc_elems_and_freelist+0x86/0x1c0
[  517.578536][T16226]  stack_map_alloc+0x33a/0x4c0
[  517.583299][T16226]  map_create+0x877/0x12f0
[  517.587714][T16226]  __sys_bpf+0x651/0x890
[  517.591947][T16226]  __x64_sys_bpf+0x7c/0x90
[  517.596350][T16226]  do_syscall_64+0x55/0xa0
[  517.600756][T16226]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  517.606642][T16226] 
[  517.608953][T16226] The buggy address belongs to the object at ffff88805e53b200
[  517.608953][T16226]  which belongs to the cache kmalloc-cg-64 of size 64
[  517.623079][T16226] The buggy address is located 16 bytes inside of
[  517.623079][T16226]  allocated 40-byte region [ffff88805e53b200, ffff88805e53b228)
[  517.637042][T16226] 
[  517.639355][T16226] The buggy address belongs to the physical page:
[  517.645781][T16226] page:ffffea0001794ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5e53b
[  517.655925][T16226] memcg:ffff88807de7f601
[  517.660154][T16226] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[  517.667682][T16226] page_type: 0xffffffff()
[  517.671998][T16226] raw: 00fff00000000800 ffff888017c4da00 ffffea0001784ac0 0000000000000002
[  517.680569][T16226] raw: 0000000000000000 0000000080200020 00000001ffffffff ffff88807de7f601
[  517.689136][T16226] page dumped because: kasan: bad access detected
[  517.695538][T16226] page_owner tracks the page as allocated
[  517.701239][T16226] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112800(GFP_NOWAIT|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 15815, tgid 15814 (syz.3.2803), ts 494628769044, free_ts 494623295991
[  517.721109][T16226]  post_alloc_hook+0x1c1/0x200
[  517.725875][T16226]  get_page_from_freelist+0x1951/0x19e0
[  517.731407][T16226]  __alloc_pages+0x1f0/0x460
[  517.735993][T16226]  alloc_slab_page+0x5d/0x160
[  517.740659][T16226]  new_slab+0x87/0x2d0
[  517.744720][T16226]  ___slab_alloc+0xc5d/0x12f0
[  517.749403][T16226]  __kmem_cache_alloc_node+0x19e/0x250
[  517.754856][T16226]  __kmalloc_node+0xa4/0x230
[  517.759437][T16226]  bpf_map_kmalloc_node+0xbc/0x1b0
[  517.764541][T16226]  trie_update_elem+0x169/0xea0
[  517.769383][T16226]  bpf_map_update_value+0x660/0x720
[  517.774572][T16226]  generic_map_update_batch+0x5ec/0x810
[  517.780105][T16226]  bpf_map_do_batch+0x3d7/0x610
[  517.784944][T16226]  __sys_bpf+0x381/0x890
[  517.789175][T16226]  __x64_sys_bpf+0x7c/0x90
[  517.793580][T16226]  do_syscall_64+0x55/0xa0
[  517.797980][T16226] page last free stack trace:
[  517.802637][T16226]  free_unref_page_prepare+0x7b2/0x8c0
[  517.808095][T16226]  free_unref_page+0x32/0x2e0
[  517.812767][T16226]  vfree+0x1a6/0x320
[  517.816649][T16226]  process_scheduled_works+0xa5d/0x15d0
[  517.822187][T16226]  worker_thread+0xa55/0xfc0
[  517.826769][T16226]  kthread+0x2fa/0x390
[  517.830824][T16226]  ret_from_fork+0x48/0x80
[  517.835227][T16226]  ret_from_fork_asm+0x11/0x20
[  517.839985][T16226] 
[  517.842303][T16226] Memory state around the buggy address:
[  517.847921][T16226]  ffff88805e53b100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  517.855970][T16226]  ffff88805e53b180: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[  517.864017][T16226] >ffff88805e53b200: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[  517.872062][T16226]                                   ^
[  517.877417][T16226]  ffff88805e53b280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  517.885463][T16226]  ffff88805e53b300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  517.893506][T16226] ==================================================================
[  517.901558][T16226] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  517.908732][T16226] CPU: 1 PID: 16226 Comm: syz.1.2919 Not tainted syzkaller #0
[  517.916177][T16226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  517.926222][T16226] Call Trace:
[  517.929491][T16226]  <TASK>
[  517.932412][T16226]  dump_stack_lvl+0x18c/0x250
[  517.937088][T16226]  ? show_regs_print_info+0x20/0x20
[  517.942283][T16226]  ? load_image+0x420/0x420
[  517.946788][T16226]  panic+0x2dc/0x730
[  517.950703][T16226]  ? __lock_acquire+0x7d40/0x7d40
[  517.955720][T16226]  ? bpf_jit_dump+0xd0/0xd0
[  517.960228][T16226]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  517.966116][T16226]  ? _raw_spin_unlock+0x40/0x40
[  517.970958][T16226]  ? __bpf_get_stackid+0x6bf/0x900
[  517.976072][T16226]  check_panic_on_warn+0x84/0xa0
[  517.981002][T16226]  ? __bpf_get_stackid+0x6bf/0x900
[  517.986103][T16226]  end_report+0x6f/0x130
[  517.990350][T16226]  kasan_report+0x128/0x150
[  517.994843][T16226]  ? __bpf_get_stackid+0x6bf/0x900
[  517.999948][T16226]  kasan_check_range+0x241/0x290
[  518.004871][T16226]  ? __bpf_get_stackid+0x6bf/0x900
[  518.009972][T16226]  __asan_memcpy+0x40/0x70
[  518.014402][T16226]  __bpf_get_stackid+0x6bf/0x900
[  518.019358][T16226]  bpf_get_stackid_pe+0x343/0x410
[  518.024395][T16226]  bpf_prog_02c92f715e75ceb8+0x30/0x45
[  518.029847][T16226]  bpf_overflow_handler+0x1fc/0x510
[  518.035042][T16226]  ? bpf_overflow_handler+0xde/0x510
[  518.040324][T16226]  ? tp_perf_event_destroy+0x20/0x20
[  518.045612][T16226]  ? __perf_event_account_interrupt+0x187/0x280
[  518.051848][T16226]  __perf_event_overflow+0x447/0x630
[  518.057124][T16226]  ? mark_lock+0x94/0x320
[  518.061463][T16226]  perf_swevent_overflow+0x268/0x340
[  518.066748][T16226]  ? mark_lock+0x94/0x320
[  518.071071][T16226]  ? perf_event_switch_output+0x790/0x790
[  518.076784][T16226]  ? rcu_is_watching+0x15/0xb0
[  518.081558][T16226]  perf_swevent_event+0x45c/0x570
[  518.086600][T16226]  ? perf_tp_event+0x1520/0x1520
[  518.091546][T16226]  ___perf_sw_event+0x4a7/0x730
[  518.096399][T16226]  ? ___perf_sw_event+0x199/0x730
[  518.101414][T16226]  ? perf_swevent_put_recursion_context+0xb0/0xb0
[  518.107822][T16226]  ? __lock_acquire+0x1347/0x7d40
[  518.112849][T16226]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  518.118822][T16226]  ? lock_chain_count+0x20/0x20
[  518.123670][T16226]  __perf_sw_event+0x139/0x270
[  518.128430][T16226]  do_user_addr_fault+0x123e/0x12c0
[  518.133636][T16226]  ? rcu_is_watching+0x15/0xb0
[  518.138402][T16226]  exc_page_fault+0x64/0x100
[  518.142990][T16226]  asm_exc_page_fault+0x26/0x30
[  518.147838][T16226] RIP: 0010:rep_movs_alternative+0x33/0x90
[  518.153640][T16226] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  518.173248][T16226] RSP: 0018:ffffc9000c83edd0 EFLAGS: 00050202
[  518.179311][T16226] RAX: 2064696c61766e69 RBX: 000000000000002b RCX: 000000000000002b
[  518.187273][T16226] RDX: 0000000000000000 RSI: ffff88802dcf068c RDI: 000000000000cf3d
[  518.195343][T16226] RBP: ffff88802dcf0688 R08: ffff88802dcf06b6 R09: 1ffff11005b9e0d6
[  518.203303][T16226] R10: dffffc0000000000 R11: ffffed1005b9e0d7 R12: 000000000000cf68
[  518.211264][T16226] R13: ffff88802dcf068c R14: 000000000000cf3d R15: ffff88802dcf068c
[  518.219241][T16226]  _copy_to_user+0x85/0xa0
[  518.223653][T16226]  bpf_verifier_vlog+0x45c/0x870
[  518.228595][T16226]  verbose+0x11e/0x1a0
[  518.232659][T16226]  ? check_func_arg_reg_off+0x2f0/0x2f0
[  518.238196][T16226]  ? check_ptr_alignment+0x41a/0x6c0
[  518.243478][T16226]  ? sk_filter_is_valid_access+0x7d0/0x920
[  518.249275][T16226]  check_ctx_access+0x251/0x440
[  518.254127][T16226]  ? __mark_reg_known+0x230/0x230
[  518.259146][T16226]  ? is_bpf_text_address+0x26/0x2a0
[  518.264340][T16226]  check_mem_access+0xa18/0x19f0
[  518.269275][T16226]  do_check+0x5de9/0xdbf0
[  518.273597][T16226]  ? stack_trace_save+0xaa/0x100
[  518.278531][T16226]  ? kasan_set_track+0x4e/0x70
[  518.283323][T16226]  ? __sys_bpf+0x5ba/0x890
[  518.287738][T16226]  ? __x64_sys_bpf+0x7c/0x90
[  518.292330][T16226]  ? init_func_state+0x2cf0/0x2cf0
[  518.297439][T16226]  ? __asan_memset+0x22/0x40
[  518.302045][T16226]  ? init_func_state+0x1dba/0x2cf0
[  518.307152][T16226]  do_check_common+0xadb/0x13e0
[  518.312012][T16226]  bpf_check+0x658e/0xeba0
[  518.316433][T16226]  ? __lock_acquire+0x1273/0x7d40
[  518.321445][T16226]  ? bpf_get_btf_vmlinux+0x20/0x20
[  518.326552][T16226]  ? mark_lock+0x94/0x320
[  518.330874][T16226]  ? __lock_acquire+0x1347/0x7d40
[  518.335894][T16226]  ? verify_lock_unused+0x140/0x140
[  518.341095][T16226]  ? verify_lock_unused+0x140/0x140
[  518.346284][T16226]  ? verify_lock_unused+0x140/0x140
[  518.351474][T16226]  ? pcpu_memcg_post_alloc_hook+0xef/0x3f0
[  518.357443][T16226]  ? __lock_acquire+0x7d40/0x7d40
[  518.362464][T16226]  ? perf_trace_preemptirq_template+0xac/0x330
[  518.368617][T16226]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  518.374597][T16226]  ? lock_chain_count+0x20/0x20
[  518.379444][T16226]  ? seqcount_lockdep_reader_access+0x12b/0x1d0
[  518.385690][T16226]  ? lockdep_hardirqs_on+0x98/0x150
[  518.390901][T16226]  ? ktime_get_with_offset+0x103/0x330
[  518.396369][T16226]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  518.402622][T16226]  ? ktime_get_real_ts64+0x440/0x440
[  518.407922][T16226]  ? do_raw_spin_unlock+0x121/0x230
[  518.413145][T16226]  ? bpf_obj_name_cpy+0x194/0x1e0
[  518.418185][T16226]  bpf_prog_load+0x1163/0x1670
[  518.422961][T16226]  ? map_freeze+0x420/0x420
[  518.427467][T16226]  ? __might_fault+0xaa/0x120
[  518.432137][T16226]  ? __might_fault+0xc6/0x120
[  518.436803][T16226]  ? __might_fault+0xaa/0x120
[  518.441466][T16226]  ? bpf_lsm_bpf+0x9/0x10
[  518.445814][T16226]  ? security_bpf+0x7e/0xa0
[  518.450312][T16226]  __sys_bpf+0x5ba/0x890
[  518.454546][T16226]  ? bpf_link_show_fdinfo+0x390/0x390
[  518.459923][T16226]  ? lock_chain_count+0x20/0x20
[  518.464766][T16226]  __x64_sys_bpf+0x7c/0x90
[  518.469171][T16226]  do_syscall_64+0x55/0xa0
[  518.473574][T16226]  ? clear_bhb_loop+0x40/0x90
[  518.478259][T16226]  ? clear_bhb_loop+0x40/0x90
[  518.482947][T16226]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  518.488844][T16226] RIP: 0033:0x7f55fe59c819
[  518.493361][T16226] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  518.512963][T16226] RSP: 002b:00007f55ff47f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  518.521373][T16226] RAX: ffffffffffffffda RBX: 00007f55fe815fa0 RCX: 00007f55fe59c819
[  518.529344][T16226] RDX: 0000000000000023 RSI: 000020000000e000 RDI: 0000000000000005
[  518.537314][T16226] RBP: 00007f55fe632c91 R08: 0000000000000000 R09: 0000000000000000
[  518.545273][T16226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  518.553236][T16226] R13: 00007f55fe816038 R14: 00007f55fe815fa0 R15: 00007ffc86669f48
[  518.561209][T16226]  </TASK>
[  518.564350][T16226] Kernel Offset: disabled
[  518.568662][T16226] Rebooting in 86400 seconds..