last executing test programs:

8.532645767s ago: executing program 3 (id=1591):
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)="6000000022007f029e607dd75fcb520000a124b244de91f7f414adcf41bfafdd1b1e93c6292aefa3ca89563a63fb94b2584ca2faa20f2c308b0fe298acec10e3019e1e26e6efd0166e6c1b01132e5423294ac2f4d53c3870c3068461957e5357", 0x60}], 0x1, 0x0, 0x0, 0x6}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x5, 0x100000, 0x0, 0x2}, {0x10020002, 0x1, 0x0, 0x2}]}, 0x94)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f0000000340)=r4, 0x4)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x10506, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x1000000000000801, 0x1}, 0x7402, 0x0, 0x0, 0x9, 0x0, 0xffffffff, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a9"], 0xfdef)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000000000950000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r6)
r7 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r7, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
recvmsg$unix(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x10000)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x3, [@const={0x0, 0x0, 0x0, 0x9, 0x3}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @fwd={0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2}}]}, {0x0, [0x61]}}, 0x0, 0x5b}, 0x28)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)

5.784799515s ago: executing program 0 (id=1604):
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa, 0x1880}, 0x48)
r0 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000002d40)={&(0x7f0000000240)=@caif=@dgm={0x25, 0x1, 0x8}, 0xffffffffffffff15, &(0x7f0000002c80)}, 0x40)

5.671234879s ago: executing program 0 (id=1606):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400e9ffb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x11, 0x200000000000002, 0x300)
socket$kcm(0xa, 0x922000000003, 0x11)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x5452, &(0x7f0000000a40)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdf\x85\xaac{\x8c\x8ffp`-\xcd\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\t\xed\x13q2\xdd\xaf\xcc\xeeR\xf2/\x00\x00E>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\xcb\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xcc\xca\x04\x00\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x03\x00\x00\x00\x00\x00\x00\x00\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\xf3\xcf\x17\xf5\x86%\x7f\xec\xb2\xc5E\x00\xb2e\xa8\xf1<\xb2\xc82\xbf=o\x00\x00\x00\x00E\x00\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x922A\x95\x8e\xbc\xc8<s,\xb023Z{\x9f\xc2\x94+e?\x87\x95\x8e\r\t\x0er\x92\xe2\t\xc4S\xd4\xd2\x87.&`\x95\'=0\r\xd2n\xf5\xcd\x9b\x15Oo\xd8Nj0\xe2\xe5A\xb2\xc3\xf7\xc8\xe7 \"+\xd6\x9e\x18\xec\xb7H\xf9\vd\xebE\x9dtI\xe5\xb5\x8e3\x19<\xdeS\xf4\xe6\xba\x0er\xfc]\xcbd@\xe8R#(u\xe1\x9b\xb7\xd5\x82\xab;\xdb\xa2\x9e\xe8W;\x86\x89\x99\xa1\x99\x1b\xbd\xaf\x11\xcf\x1d\xb5n\xe3&\x1b Z|\x18\n/\xe4\x83\xb5\xdd\xed\xd8\xba\xe8\x8d{@\xd1\x00\x00\x00\x00\x00')
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x4b04}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000640)="80", 0x1}], 0x1}, 0x7c)
sendmsg$inet(r2, &(0x7f0000000440)={&(0x7f00000005c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000840)="9c", 0x1}], 0x1}, 0x10)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000000)={0x5, &(0x7f0000000180)=[{0x49, 0x0, 0x3, 0x4}, {0x1, 0x0, 0x0, 0xfffffffe}, {0x4, 0x0, 0x0, 0x9}, {0xfffe, 0x0, 0x0, 0x1}, {0x6, 0x0, 0x8}]})

5.405012107s ago: executing program 3 (id=1609):
perf_event_open(&(0x7f0000001c40)={0x2, 0x80, 0xed, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x9, 0x4}, 0x0, 0x7, 0x3f, 0x3, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xb, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xe1, 0x361}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x2102)
write$cgroup_subtree(r2, &(0x7f00000006c0)=ANY=[@ANYBLOB="8f03000000000060007538e486dd630ace2211057300fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)

5.342612559s ago: executing program 3 (id=1611):
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)="6000000022007f029e607dd75fcb520000a124b244de91f7f414adcf41bfafdd1b1e93c6292aefa3ca89563a63fb94b2584ca2faa20f2c308b0fe298acec10e3019e1e26e6efd0166e6c1b01132e5423294ac2f4d53c3870c3068461957e5357", 0x60}], 0x1, 0x0, 0x0, 0x6}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x5, 0x100000, 0x0, 0x2}, {0x10020002, 0x1, 0x0, 0x2}]}, 0x94)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f0000000340)=r4, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a9"], 0xfdef)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, 0x0)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000000000950000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r6)
r7 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r7, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmsg$unix(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x10000)

4.729431229s ago: executing program 0 (id=1617):
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)="6000000022007f029e607dd75fcb520000a124b244de91f7f414adcf41bfafdd1b1e93c6292aefa3ca89563a63fb94b2584ca2faa20f2c308b0fe298acec10e3019e1e26e6efd0166e6c1b01132e5423294ac2f4d53c3870c3068461957e5357", 0x60}], 0x1, 0x0, 0x0, 0x6}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x5, 0x100000, 0x0, 0x2}, {0x10020002, 0x1, 0x0, 0x2}]}, 0x94)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f0000000340)=r4, 0x4)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x10506, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x1000000000000801, 0x1}, 0x7402, 0x0, 0x0, 0x9, 0x0, 0xffffffff, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a9"], 0xfdef)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000000000950000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r6)
r7 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r7, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
recvmsg$unix(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x10000)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x3, [@const={0x0, 0x0, 0x0, 0x9, 0x3}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @fwd={0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2}}]}, {0x0, [0x61]}}, 0x0, 0x5b}, 0x28)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)

4.404816319s ago: executing program 2 (id=1621):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080))
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="d8000000180081084e81f783db4cb9040a073f0006007c09e8fc55a10a0015000600142603600e120800020081000401a8000180f2ffffff000000fd035c0461c1d67f6f94007134cf6efb803fa007a290457f0189b316277ce06bbaceac3c2fb14c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775820d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace0d81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETOFFLOAD(r3, 0x400454d0, 0x1d)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000001400000014000000040000000100f234f13b00000000000000000000ce07600fd5a1d5b8e7ab8a207eeabb910cf3b8572ef965951451d5dca4430be6855d6361639213dfb118893c4e5b8603edb68b0ae8eb35c420463046ebb243fb03487dff372c17c2e50f1fca34a14ed9de2ac3e05449a2cb3b5e6c3e7236bad1f64ed4d0b92c789da671add5c09ad6d9d65db42a422b1e1b8e164fb561cde57baf72813d33bad20eb48abe7b2823e48ec285362e11740698883101cd13a3332b215d8a00d24dd91e968aa537d702dfcf43c50362e49d621ed5a1e99383847f14f6dbdfaa70b28d33"], 0x0, 0x30, 0x0, 0x1}, 0x28)
r4 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r4, 0x84, 0x77, &(0x7f0000000000), 0x62)
socket$kcm(0xa, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
socket$kcm(0x10, 0x2, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$unix(r5, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01}}}], 0x20, 0x1}, 0x4001)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x7, 0x3a)
r6 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r7 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r7, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r7, &(0x7f0000000040)=ANY=[], 0x101d0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4.306451302s ago: executing program 3 (id=1622):
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x6, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffff}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000000000000000000001000000850000002700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002280)={r1, 0x0, 0xe, 0x0, &(0x7f0000000040)="0200100000000300000a6e000000", 0x0, 0x57af, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x6c0bd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6c9, 0x3, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000040)}, 0x20)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10d, 0xd, &(0x7f0000000000), 0x4)
socket$kcm(0x2, 0x3, 0x2)

3.869093746s ago: executing program 3 (id=1624):
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)="6000000022007f029e607dd75fcb520000a124b244de91f7f414adcf41bfafdd1b1e93c6292aefa3ca89563a63fb94b2584ca2faa20f2c308b0fe298acec10e3019e1e26e6efd0166e6c1b01132e5423294ac2f4d53c3870c3068461957e5357", 0x60}], 0x1, 0x0, 0x0, 0x6}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x5, 0x100000, 0x0, 0x2}, {0x10020002, 0x1, 0x0, 0x2}]}, 0x94)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f0000000340)=r4, 0x4)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x10506, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x1000000000000801, 0x1}, 0x7402, 0x0, 0x0, 0x9, 0x0, 0xffffffff, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a9"], 0xfdef)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, 0x0)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000000000950000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r6)
r7 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r7, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmsg$unix(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x10000)

2.071295024s ago: executing program 1 (id=1626):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x48881)
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x3, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = getpid()
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000001a00)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x90b5, 0x0, 0x0, 0x8, 0x0, 0x1}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000480), &(0x7f00000004c0)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001f80)={{r4}, &(0x7f0000001980), &(0x7f0000001f40)=r3}, 0x20)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd63"], 0xcfa4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001880)={0x8, <r6=>0x0}, 0x8)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000018c0)={0x0, 0x7f, 0x8}, 0xc)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001900)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4, '\x00', 0x0, r2, 0x0, 0x4, 0x5}, 0x50)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001d40)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, r2, 0x1, 0x3, 0x2}, 0x50)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001dc0)=@base={0x1a, 0x6, 0x0, 0x2ab3, 0x26, 0x1, 0x9, '\x00', 0x0, r2, 0x0, 0x3, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001e80)={0xc, 0x6, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4ec, 0x0, 0x0, 0x0, 0x3}, [@alu={0x7, 0x0, 0xc, 0x6, 0x0, 0x20}, @initr0={0x18, 0x0, 0x0, 0x0, 0x17ab, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f0000000440)='syzkaller\x00', 0x7fffffff, 0xe4, &(0x7f0000001700)=""/228, 0x41000, 0x10, '\x00', 0x0, @fallback=0x10, r2, 0x8, &(0x7f0000001800)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000001840)={0x3, 0x4, 0xfffff56a, 0x2}, 0x10, r6, r5, 0x0, &(0x7f0000001e40)=[r7, r8, r0, r9, r10]}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={<r11=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x859d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5a38405e, 0x5}, 0x10a194, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r12 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r12, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="0204000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
sendmsg$kcm(r11, &(0x7f00000019c0)={&(0x7f0000000300)=@in={0x2, 0x4e22, @loopback}, 0x80, &(0x7f00000016c0)=[{&(0x7f0000000380)="d8f30afcd8240283c35ed91d581dd49e35cb00524d5a6a434e0df0356c29fb7b7d5ac53bd6741bfad40bef2f64de2ad2f4400a2cb11b5d27ef7e75e7bbda6bfb60a41938026cc72649541292456bd9d3dcd9a438d49abeb0e134372839eaa525daaa9b48ca363f2b8b6daa01de8a84e0358e8c2df83299571a36f118beb9febea9abfb19", 0x84}, {&(0x7f0000000500)="4655e1db4e4a4145297a1fd8cfd3916360555f0d22916c728038a825edf12d97b5d13dc31517ba7742f1bd74612cd9acf4943e20d803977b19651bd9674039856e0bfd2ce735c6cc9e107b046a01eac7ce7bcaa13d4f96ba76eb0a28fa4f5016ec6a49c68cf2803cf307d6f4c6d5dcd436be206d874ba82d6a5ae5c8c94b6f47a1ffd7583b3f", 0x86}, {&(0x7f00000006c0)="3d110f1d335756dd166c5ecbd8c4b1099703c87f528a700ef44e9db8a6a781e343df9b8b73b796e4ec702594fdf67cec69d87e34665b9997e65bec9febf4953a4e4bed0e9f3ec7c78b16166843ccaab8d57afef50662cda9469235e721972c047033e93b2d1a5989e95fcf42105fe764af89d4e894ae533b376fb8d9ac0a511dcc568017e6d0b91e27d3ae839d25ddeb52b0e0e5ae8fc353da59b5144a693f9ca3292b57d24e1d30f3e648e70593784ed174976582295a697ba581263fd0b046d38a8eb40915a30f6fa05ee7913ffc8b82cf9e8a8ff74140dec819eec64dd36ce8fa3cea4a50e2ea7e030df8b42abb44d6ed4832ddd0213a10d3e4ba7193a6c45992a7109be7e4357b09378495edfc74f17604e88885fa449f2c6726e11d6f993c34c9310109c70c8e5a118276b3a18f48c0777dcbd58c3a2dc85844536ae67876c1dcc313bf370fb6caf2887a4e796e2e5948c533a1c28a2564346f85186ae084d5cd4b5070a51bb637c8a1101d12aa5e366ebfaf48142e95d98f34213b32dca4bab68603f2d643baac5673b31806b2c2e68f8383adf703723965f3ee76f8b9c4f7e8b5806c3fa4881182efffef8f1a463f72f68d127aa99e9de726718973aedc5ea290971c81759f6dbd3fe03d8e5af1cfa42a878f5bf8f14befa929d66877ab5a9f721cf35796a0eceaab5b38cd0b150ee82d18e205b328421924b22b6dad024a4e750c8ac5b67830abe752edac0ce033f9e8492055f032a7f16d4a628c0deff5e005d25054750e406ab6bd9c935aa3642f198218f5315655e70402b3a7a9663c864c5a9f0b4a5a9b4fa4ec80d4415e3f8a28325a6137e60e05321f24d0b6803e767b1c8a7ed8f684300c33372101e34d5520d6c07e996954ef6e4891015589fac1e277462d009fba6e8d2a9e279bb423ef1ce19c8abd9fa74c4267495355feaff42ec14a74821988a1a9c0992fce34c3edee174d168637bdf8a4862cf4004d307ba010e79b63096de0f88659ee2338b046363eeb57b8e458466a4a315a5bb172e68afb41ad83cca0ce8cce06c1bb278b404e01df4731f0550034149ad471344165ba7b3512f99a70291eb82b7a3f2299b0d19f67f3405bfa56eab7033380976ee702fded30c590918f82ac47ee0edd8e8070fc1391323d272f300390087c55e04f7a6964037435644d9b2fbef77d96af6f641c7bda1c1d3e56c13793452ed30650250f1790dd401e929a1f1b99c12c8426ff0116ce1e055eab112aa2d05d35ad7e57299ecc0df47bd66522ea21491601788cb803805bc8f7ffc1f711169e5c91e603dc19ab40879230c691e0b781ae467427d083d49ae74df727c22a79b4a3010f3d5fbc69cdbdff5e09c199d65336bbf02be92416303c98a20133b93593ddef364a29152f11643bcbfa8250e41c4140f56a38f24420bc3194bd03c7c086b21041c1ba4184cf427244ff24a4b41bb0a737f3cdf5deb19782979ba82bda569ec42a48ed20dc93ad19393728465d254f3c996f9259e521117f3ab85815be99697c009d6454aa311e28d28a69d19c1e8b3d0d675c6e182bb74e8800c79c6bf9c8e4247befe132524dc926a8aee4a02561cdee99466507c384318cddfcac2988b70d8af84f558cdc5f6f1568adbdfd74c265c600701fd02362db80d918c99387869d4dd22cc44ddbf6189cec42cc5374dee6b9185d3e50924f8cc44feb619738bf24c291b14e5ccb1e175a2a5fe32c5c01f921e5fdde56d321ac6da79bc3ef604ef79e67711625b5ebab25cd9f5a54eab6cc0c18e6b4d2ceb8b07e3243d5a5e2cc356eb7b5ad755da85edb54563395f54a9fff580fd1c7bb8c3b17cb2c18a4014c2b4747db6859e71f777a1ef4964e1207e4fb693344d8c1ebf383846882a20e9736c695b040dcb2c1e00c08bf1ad0e625aaca027cab859a871f5ce7243d42d15ff1f8899d6f68b29ce16d402c41dc8e9379b5c4e3e2228d4da4b3deace264379449d0eb87772b975413b43824eaba0617387e870ce087ca048ea018f9b63a525412df2f6473940587b077af9710462a36f6016a4d06e06b1a4ddad37f87fa277a2e0cc930ee1b91b0e127e46a8423c4bde523c3a8806d622aca2985cd3041620980504b83caeb4a4ff8128f92bc0d0561c684576bf271eeadea6c1cdfb6f9b17b9cd0e83292f45960e8760f13fb565428405d3f3b8a475daba0869d7ecfe839f659dd5e15799e85bbeb44d864026bdabd3c56306cf199967fc179add72a292c013e2f257e63563cfcb6ee05d44c9fe34f8da1ff88f46098e3559d10cf7fa083f6666b8543017ac80ccc1f808bd959f27897e4c57e7b20ff34337c156c06987a52bec1a3e4bf76cfa686dbdc250907b4742db962446d993c178ecc0c4ee383248317d5e2dbb611a6f2d61809ea95d4c590627a3b9e7c9f4c5410b13f4c030a0f0e5b71f04b80592e3441f588b820ad5cf468c8532f37b19fc33cbf2490940ddad147de7318355cccd13f32d742caa503c7cf80c06b54ee4e26cfd12b59264393a2af98b01bb9ce680649d6aee9322ad79735b52d26832444e624376271ab331678ead20f8e9756667406cbe581ab2be932183eda3c6b4cc0312893df9c5363bad25ca3c84791a68441a58f19082c14dff90d5715d951310fed7be931db7a2f6b19be4456acfd5209f6bfaaf4446575ea23f5be7b570bbc060323974b992fdaa51ebfdfbf2ed8633f77ae5271acbb199f5f4e28f5e7bc8061c32a0a445ec7189feb3ac36aa3201f5b1c23978b261fc9a9ce4e19528d615099c54ebe3d472d6634b688eb17aa072f3b2dc151dd8128919d89c41f54d36e0da6d2e81fa16a1c5841a6c4544fca5acf06b37775e40e4b9b24134fcfea53a0ff615a71582c8d7d1dfa16a6ffe534005975ff9d7f693ba0507a89a319e6b6fc24e8b5e01d5636e359a505a4fee51c4115d5260d08a2e6946ff0fb9cae7b8ffbf980309d8b9816c20d356a8363c2a528b69cb844b8259ba959c58056b30fbab980536eadc26ecf01dd907cc9f689a8ceaa92f8648afd2d31ce58ac76fd7fe0f35afda97d5c29c32c9e6c440054d4f4f69077f247fcfc4d040a98e174f04bb0c76ee301f05c299cd6e71ade8e73a6583ef97d18b12fdf91fdaa672c8c394b5f03b903b1ba34670bc7a2c00f3ad45d53082a5d65e4cf4a16a01fdfcb9b4e6a93ca06636faad7bde419a2e45c4b670414493eb42caec444ab72d1cc6f5f2799bc6397e6948084c3c8926f1f3ce832aba16547f137737a42c26242ad5c90e29e62d34cae86b0ddcb6c45af5fd5fb946566102a5829ab69d576e3404e0ecef72e1ccde1d811e5319837f46f4138da10c7b0ecc7cbbf6375ce63bbc6d405ea43cf169477dc6b8a70114bdf3dfb741807cfc88921869d455caba0fad875c531f71d0dcc1290b630c6fba8614847427e868b17375acf047562ded4ef16d18483da914041b6c2a085279950b1bfdcf4853c37dd574bb08890096456b1b6e12835a44cf78a4de6f802e30a5ac069c42570e3e649b10db0c25bae78cc80b2c5b6ceb52b68100f2d81fc2f687af1463e9eaa5a7c42f60a7d11c11b8479fdb9023284404fc095ab01de37f2230cc311bd0732c9cabadcbeb30a2c0babe2923b3d6e563ac00cf1ff0c40f6b0c16f2996f93647a78ca5910f7970d78e5ef4fee33923f55068d374b6fd40494dd4f2cf24e612631dc188ecd3955087ca40e4d219829107c56467b04d223c178f034b80b5dc7b05d077cf70097779ebf3abb29c59c79f8efebdcbec71d767ba9c938efa9fde19c316135f22a1389ebfd2ad90185244e4f0fa158610b78a6d8f0d78a0e1258054e84580baf6dd6f0659aac242a9763f33a894f7f15dabba5e4afed966334132aa1fbf4c1ba21c454a8300113c2818153a22f0c4daa3afb72d1f8471a46becf6c50aa2a922f98801757df97d6d848a27b28ff60b43b1da0b6e6debb85a61189890a62b998dba12c4b30e178320b62a3d49417d28ce73df6f6d3f93167385524a7742b48ec8364f64f10f40c7628f08629485b13a57acf47e234795727897e23f848bf965b11128e3ab058ef946c49b93463afcda2420d26815d54b92d353f1566bc3b366caafa18595b75a51658e2e116c5da3324b1b1e8f2756b760f161fb2fc234f464cdf6459b82d1901376cf48aeac10f133e141fbb31ed05809a1ff598a1ef4b7aa024ddb77ede25d713467b62a6b98b75c1431d249fa776bf6a280a4eb573a775d8112e448ffbaf69fd33ea90664a13ccc182d33d375117ea87284705b94c1ad07fb3473b32c90fd5861bb3c7079a09ce2ebd8bb29869c17492e2c617eadefc7d3638f61629b78d24169114241cd34f32224dba10bc6971871438a7a50ae2c27c6dadb24a1ca1cb76096254b08192d6e1c9fd764d0612078bab8a8cea70cef01f431612906403fcc0e6f319915c4c5dabafa5d13071b9d289abc5881a3c51004b7b6e3d3dd9421802e240e905faca583bf58c9bbe27b4579ca7bfc87645914e948c45a958e67b6b5ab5ed59b1e25139cc7d884f485e5d0a582e29bb55b11cad27a1fb5d64b3ae8113cdcbb82eb92e3581f5a4f6f188f7de5a9f1e944322f3b1087cd1ea84c34ee221d92fc47447955f84349f2ea4b039c4e8499731dc2ca7bb59befba66d29248be0ec1c4c9554c8ed73317b3bee0433a099e3a873b9159bf2156d9c848c283315f59f2a56b952742e7b8310e49bfad9a513875aa44ec608c800ec54021ec8ec6a8559a5b9fb5729ef0016a8a9351c04f8e5ccb821c1013bcd7901527d8da4e5a9ee53f42d0803602fb45a60b6c97742cf8276f88ca2abcef5f68750c21c71632204951e795cae44339d32b9552411c2837f3b3765908a260344bf6a72dacf1bc0ddc5a835e1cea0b4f41f4b9d9b9d6fc292d4341151faa1f784ed901679f8a73c9ec467e2ffc960ea5f79af21dec20857ae48fce11edae454a22cefcd405d0eacf4b3720fbb18fd36e5ba3ecaed0a3ec4f147f8e2c09786dbac6398f8e6d1c93afc454e221cad3bcaf96dcea6d85a2eb525f0e1b4fe7490338d981f32aacc3a1ab3d05f1b1a629101c3688ab124339ef2802d99790c3cf9e9f68cb1557497aa33925771eb1a88e9c59993cf81497fd0d6f1bda0bb7337720a5ec35dd3dbfe1bea8ef1708f396b1b09fc269d1515f7665a4cc11a1c17d70fdd65ed4076e080f476e6138b2c9975eaf1283441618e75e2fa464d3cc3743f70b0913af4f371d5ed488ce19fe7f7336117dd3235b788ecd6976c585282a6b0cebff80a21ebf19f9a20b995fdd57d9e584d972abed09823db30e8644c821f40c9bc55cda6ed0b20da1b39ef3202dbd933205a2ec8ade504b4ab44a47bf8454c5791c33b6387b15875897aeea1bad511d1535934a2d14743dc2169160093e3394a637cf4cb336a86db4282f1b9006e2cba2239328f10cba29a94a9d264a23e1e23998e95431f747315c0dbbfe21dc0918c7e2e95bb5615ae5c828d39994e17c2444384853a3cba7e0bb1c30dfa36003c14e53bd9ff4be81f9eb5ce37653994c56d206788bb293d491d6bf97727d36e9c058b5076d1ec71ca2617fe40c7c9f2924dfbed7c46502a6ad07843fc07282aae2e80d749d42a1f86dec305451360f932f0da293fbfc35c6e96b4fb60855a9606d0831a58c0fb63446f1c97b21290714c944ed4e7fccb41fb55efc5f6dda930538456ef1f22db0ecdb459467154c29d01ec77dfc4a1937d00c58260ecda5dc6e5f14ba11ec8ff25112b085dbefff3a57", 0x1000}], 0x3, &(0x7f0000001a80)=ANY=[@ANYBLOB="18000000000000000000000000000100d4413a9dd20000003800000000000000010000000700000016c5f290fdf7dda4f8f482bd22fbb2b451953bd503029a3380718d492b2b5576d38e1b78ea227e00e8000000000000001801000001000000db1532c1286d92331b2a4c2e8baa07fa27d5b1caa08222a42862d428fac35d72098f239df5cdc4bad8992e024005885fc1801cc46841c0db86f602be252ec67d78fbd0d8fdffb41d225f4a77a5f9ca87d44351db0183b615db485d44ccc043cecf0c644c5bac2b8d386157cad31a5e446606adfa17c67bb453022de2c065c4dbc8316597b3134e59c2cf2ca51e8a1141591d40294b0ec06413ae6695bf60e29b9ba057c3a8043a831eab36f710e85a5f955d2faca9ebf41e49e4b847d920dc4a080efc9e350a52f58df3253184126f07967840000000000070000000000000009300000008000000a8f67c486aab67d8498d5e60400426ed86f5eef35b6fa227c968699521ba6236bb5211574c2a8e4fc7bd84ca2b6c414facf80adcfdf55c5dc01be42729d175d7ba0b0b59cd6a481d367e1f4d0ae9ae208be43a4972ffc5cc9e9b800000000000580000000000000000000000ff0300001e447437105dfb6e12f8529cf79122934a465abef821ed82ea24aade8db39372134bd4247517b927fb98607ecc13e44582b38c97673e611bd3998341af4f00731eb6f760e221b800b00000000000000004010000fffeffff8c8992708a392601df587ef08c04216ce6e0efdcbe996a0dbf5ba264c99987dab1beea684e55fbcdb836bc57def888a5f17ef8f38d499cd802fb08d9642904cbb43f599a4e6710e11db1d5d5e7e270da65a22b3a78a61e5be34eedddcdbafc8b162c4667ef61367c8cc96e439fa9cf5fcc00e96cd7c31a028b192f2ef941649169bf977dba725f623a07386d121d1e4dbe9b28c31feeff71a7abbf2d93313161c3b517a79a5ebf02e560822d5b000000"], 0x2b0}, 0x4000080)

2.017913886s ago: executing program 2 (id=1627):
socket$kcm(0x21, 0x2, 0x2)
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_bp={0x0, 0x5}, 0x0, 0x1, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, @perf_config_ext={0xffffffffffffff7f}, 0x111311, 0x1, 0x0, 0x1, 0x20000, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000001905418724c5984ab5986700"/32], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x5}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xffffff7f, 0x0, 0x1}, 0x50)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0xd, 0x4, &(0x7f0000000380)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x39}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
close(r2)
socket$kcm(0x29, 0x5, 0x0)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, &(0x7f0000000200)=""/105, 0x0, &(0x7f0000000580)="bca13f58108937270789108abef62fc69699d33b5b5ef0def2fb77dbb117902c28122e2f2fb8ac793c47db676efd92aeacef4f223cdb490d7eaa0860b0f1abaaad5a58cd7e5855b48a7272e2854fda05f41a005d555f788cac0ce588812f48ec13a49b934fcfa64f4862f43adc0335ee9a202360de774f6123ff", 0x7, r2, 0x4}, 0x38)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x6, 0xd}, 0x0, 0x80000, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x4861}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$SIOCSIFHWADDR(r2, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000040)="d80000001a0081044e81f782db4cb904021d08007b490d4f1e81f8d815000100e000000103600e12080005007a010401a8001600200003400400", 0x3a}], 0x1}, 0x4000000)
r3 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001900599c6d0e00009bd028ef8020ab0700040005234538ba55"], 0xfe33)
r4 = socket$kcm(0xa, 0x2, 0x3a)
sendmsg$kcm(r4, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000780)="80005b020eaa", 0x6}], 0x1, 0x0, 0x0, 0x900}, 0x0)
recvmsg(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xf}, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.666335117s ago: executing program 1 (id=1628):
socket$kcm(0x2, 0x3, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x40, 0x0, 0x5, 0x400100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000009000000000000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000800008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x21}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='(!\x00')
socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000040), 0x101, r3}, 0x38)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
gettid()
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x1, 0xf, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x1d}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000000), &(0x7f0000000140)=r5}, 0x20)
r9 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x842}, 0x114905, 0x4, 0x0, 0x1, 0x3, 0xffffffff, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r9, 0x40042408, r10)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000001300)={0x0, 0xf00, &(0x7f0000000080)=[{&(0x7f00000001c0)="d80000003e0081064e81ff83db4cb9040a1d080006007c09e8fc55a10a0015040400142603600e1208000f00000004bcb3d26f000800024004000000035c0461c1d67f6f94007134cf9df359d4aae88a22dab59e7a8f46236efb8000a007a264cf6ad4161f3e4e7ce06bbace8017cbec4c2ee5a7cef4090000001fb71b27d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ea37b00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffff05c1c9b6278754ca397c388b0dd6e4edef3d93", 0xd8}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f00000000c0), 0x4)
sendmsg$inet(r7, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r12 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r12, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d80000001c0081054e81f782db44b904021d08040e000000200d10a118000c000600142603600e1208000f0000810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee0800080e408e8d8ef52a98516277ce06ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad8099639cace81ed0bffec193e2a9ecbee5de6ccd4d6e4ed6f3d93452a92954b43370e970189", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)

1.665873237s ago: executing program 0 (id=1629):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0xff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5e6f8a6df01f948e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x1a49, 0xf2f3}, 0x42, 0xc8, 0x0, 0x1, 0x65, 0x0, 0x211, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="8fedcb7907031175f37538e486dd630080fc00000000db5b686158bbcfe8875a060300001123000000000000000000000000ac1414aa89"], 0xfdef)

1.592764609s ago: executing program 0 (id=1630):
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)="6000000022007f029e607dd75fcb520000a124b244de91f7f414adcf41bfafdd1b1e93c6292aefa3ca89563a63fb94b2584ca2faa20f2c308b0fe298acec10e3019e1e26e6efd0166e6c1b01132e5423294ac2f4d53c3870c3068461957e5357", 0x60}], 0x1, 0x0, 0x0, 0x6}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x5, 0x100000, 0x0, 0x2}, {0x10020002, 0x1, 0x0, 0x2}]}, 0x94)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f0000000340)=r4, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a9"], 0xfdef)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, 0x0)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000000000950000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r6)
r7 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r7, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmsg$unix(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x10000)

1.530073001s ago: executing program 1 (id=1631):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/16], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r3)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r5 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r4}, 0x8)
close(r5)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r4, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={r5, r4, 0x0, r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x10, 0x17, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x5}, [@btf_id={0x18, 0x6, 0x3, 0x0, 0x2}, @ldst={0x3, 0x3, 0x3, 0x7, 0x2, 0x10, 0x8}, @exit, @map_fd={0x18, 0x3, 0x1, 0x0, r3}, @jmp={0x5, 0x1, 0x9, 0x3, 0x15, 0x4, 0xfffffffffffffffc}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffbff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}]}, &(0x7f00000005c0)='GPL\x00', 0x1, 0x75, &(0x7f0000000740)=""/117, 0x41100, 0x20, '\x00', r2, @fallback=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000840)={0x1, 0x8, 0x81, 0x5}, 0x10, r1, r0, 0x0, &(0x7f0000000880)=[r5], 0x0, 0x10, 0x400}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x2c9a4080, 0x0, 0x1f, 0x0, 0x0, 0xfffffffffffffffc)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r2}, 0x94)
r6 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r6, &(0x7f00000004c0)={&(0x7f00000000c0)={0x2, 0x4e24, @rand_addr=0x6}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000100)='dB', 0x2}], 0x1}, 0x22044880)
sendmsg$inet(r6, &(0x7f0000002700)={&(0x7f0000000040)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000080)}], 0x1}, 0x8040)
sendmsg$inet(r6, &(0x7f0000000300)={&(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000280)=[{&(0x7f00000001c0)="e9", 0x34000}], 0x1}, 0x8054)

1.068864156s ago: executing program 2 (id=1632):
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x6, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffff}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000000000000000000001000000850000002700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002280)={r1, 0x0, 0xe, 0x0, &(0x7f0000000040)="0200100000000300000a6e000000", 0x0, 0x57af, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x6c0bd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6c9, 0x3, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000040)}, 0x20)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10d, 0xd, &(0x7f0000000000), 0x4)
socket$kcm(0x2, 0x3, 0x2)

974.283119ms ago: executing program 2 (id=1633):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_tracing={0x1a, 0x28, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x8923}, @ringbuf_query, @map_val={0x18, 0x6, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, @generic={0x4, 0x2, 0x0, 0x9, 0x8001}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}]}, &(0x7f0000000140)='GPL\x00', 0x80000000, 0x61, &(0x7f0000000180)=""/97, 0x40f00, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x1, 0x401, 0x7}, 0x10, 0x1057e, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000071003f00000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000080)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000480)=0x1, 0x12)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x13, &(0x7f0000000980)=@raw=[@ldst={0x1, 0x1, 0x0, 0x7, 0x8, 0xfffffffffffffffc, 0xfffffffffffffff0}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @alu={0x7, 0x1, 0x7, 0x2, 0x6, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0x6}], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x20, '\x00', 0x0, @fallback=0x431006c9eafbadf7, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x0, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x800000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x0, 0xc1, 0xb3, &(0x7f00000005c0)="0c40784b967c4920e650be660deb893639701aeda7eec73073f7d5853bcd14bc6aff3c3ff60b9bd40bc651263aeb162d780eecfb249cff56b1fc35d38ceccb680fe08fa73ca62fe6c003296896197d0336465b54f86299b2851b76d5d1506cfba3a1369d7c23da8d100e4c9ee88abca2abd53e72d70f0ad720ce5868d10362fde66309b8dfa4977833620d1c83e7588b73e03de10fdec276a584c4e21b03de842b7f86ca4978a3a4bb6b70162755c2e5481a8a36860ccb7d91e994ae2788a1a547", &(0x7f00000006c0)=""/179, 0x4, 0x0, 0xe8, 0x50, &(0x7f0000000780)="9d1c81c911843e4de2bdfdafc9d91906834a88a13e15b5f8c135927d946b2d1d57f220d5e0c65162c7f6328744b96d3224542e5e458eb547d80c7c95d148fc325943a753cb5c8f55c28c01014ec8f465204c1a4ea032ef7ae7e343cc69bf3dbb9f4fe860e77eef1c13e4b20cdb718b83e56af298573f1410f44e232f3c6c58561e033556c04683055e686204decbe1781ba50228f806b87fa8ac47fddbabfc15cdb4f9910426a3c7280a02c945bfac69a34018e12ac350a5ec50035e3d75ca1fb4acab3ba9afb61cf67d695f082a973cf72e93c0a7d8593d3601cf0df0c3e3ad29db267d6c5c0e4e", &(0x7f0000000880)="34d7db0488237a15947f3c8382fd53119a4ece1c834bb946f51b40ec85d9f74587a0c19dd868c9f91e42d1522483da8ae9606956bcb6e2a042fd8fd9dce54d45fade1c0c43e5abcfce6a1e6f7bea1384", 0x0, 0x0, 0x9}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f0000000780)={'pim6reg0\x00', 0x400})
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001ec0)=""/4092, 0xffc}, {&(0x7f0000000300)=""/192, 0xc0}, {&(0x7f0000000e80)=""/49, 0x31}, {&(0x7f0000000240)=""/140, 0x8c}], 0x4}, 0x0)
recvmsg$kcm(r7, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
write$cgroup_int(r6, &(0x7f00000000c0)=0x80000003, 0x12)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x50)

764.023176ms ago: executing program 3 (id=1634):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400e9ffb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x11, 0x200000000000002, 0x300)
socket$kcm(0xa, 0x922000000003, 0x11)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x5452, &(0x7f0000000a40)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdf\x85\xaac{\x8c\x8ffp`-\xcd\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\t\xed\x13q2\xdd\xaf\xcc\xeeR\xf2/\x00\x00E>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\xcb\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xcc\xca\x04\x00\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x03\x00\x00\x00\x00\x00\x00\x00\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\xf3\xcf\x17\xf5\x86%\x7f\xec\xb2\xc5E\x00\xb2e\xa8\xf1<\xb2\xc82\xbf=o\x00\x00\x00\x00E\x00\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x922A\x95\x8e\xbc\xc8<s,\xb023Z{\x9f\xc2\x94+e?\x87\x95\x8e\r\t\x0er\x92\xe2\t\xc4S\xd4\xd2\x87.&`\x95\'=0\r\xd2n\xf5\xcd\x9b\x15Oo\xd8Nj0\xe2\xe5A\xb2\xc3\xf7\xc8\xe7 \"+\xd6\x9e\x18\xec\xb7H\xf9\vd\xebE\x9dtI\xe5\xb5\x8e3\x19<\xdeS\xf4\xe6\xba\x0er\xfc]\xcbd@\xe8R#(u\xe1\x9b\xb7\xd5\x82\xab;\xdb\xa2\x9e\xe8W;\x86\x89\x99\xa1\x99\x1b\xbd\xaf\x11\xcf\x1d\xb5n\xe3&\x1b Z|\x18\n/\xe4\x83\xb5\xdd\xed\xd8\xba\xe8\x8d{@\xd1\x00\x00\x00\x00\x00')
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x4b04}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000640)="80", 0x1}], 0x1}, 0x7c)
sendmsg$inet(r2, &(0x7f0000000440)={&(0x7f00000005c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000840)="9c", 0x1}], 0x1}, 0x10)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000000)={0x5, &(0x7f0000000180)=[{0x49, 0x0, 0x3, 0x4}, {0x1, 0x0, 0x0, 0xfffffffe}, {0x4, 0x0, 0x0, 0x9}, {0xfffe, 0x0, 0x0, 0x1}, {0x6, 0x0, 0x8}]})

669.962379ms ago: executing program 0 (id=1635):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000400)={r0, &(0x7f0000000340)}, 0x20)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000940)={&(0x7f0000000340)="954bfa9854b5d6304fc2e17ce9e31f7b7d7bf8120690551b1ce5ec159980e0ec42e6c352da98be0dd3f93ed101528bd931d42cf3ee7fa412ed83e1384ef38c7e7526a145005fefb91f7117bbc67999ff5797e90c9ae6fbaf63dc0ea0af07be354921f22bf22c2d9603b745251506ee417e7e32d733352b88f632e7822a494792611e38badd3b7c37efa23598138d2fe77027685b225bc61aff0e25fb6d15047b8735ae431bf644ea32d8443d93fe21474d4e942f1b999753a75db921ef63293c1c00fe40742e53eb3dc33de429de7e0b84f4aaee93d0ae6c483f434ca7a25ac5f810f6b86a6746f4103a2ec0082da1753b254d238e5a93fe67", &(0x7f00000006c0)=""/162, &(0x7f0000000780)="4dc209b90acd842800f563f05191106777457fd2724d676041d2a6e1308726a5cbf929ba37e43f160e0fb6e8d76d5f53c5aef075a1f1e13409900a0f534c6d51de97d4aa1f220ba5cce5a720acca2a3395ed60928b0291de6d97a166978c3f7b73e0810b55b9ae7515506da18f217cb742b5206efbd7f8277dbb6522a77d56", &(0x7f0000000900)="6791e4e910445324eb7be34e9b5c73262a0e2e061c9d7c420cad6ff5d4cc0387abfc32054da1ba96", 0x5, r0}, 0x38)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2006}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0xfc, 0x0, 0x400000000004, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x0, 0x17}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000240)="2705020059feff000600002fb96dbcf706e105000700810000008100accb", 0x1e}, {&(0x7f00000002c0)="88a8", 0x2}, {&(0x7f00000005c0)="ac37979d1e439e19a3fab5e73acb3e944e5067314670e86878ea780b34a68a9f01b15a9ff9522b89b6c88218d5f257529aa4e34fab88a671ab48b27ac6a4207fe8a270d3d5b82f100a392980a058dddf565e7deaddd88af7ee746b611a2c5033762a03a3b3e135cf3e1b253385ed8c0de1a820324943afbf72b1509334a4815debe79c5d881fe356404ebd716994cc31b9279965133894ceca066cba08977bfd328ee08749c20449017c661b7cfb27f29f4c2a5ef569403ee926899deada9ab15aba6b7054dc68cf2a65ca130aa11ca288230c24a6f2cd9a865615ce0bdeceb0d07f6a9b693d9aea5629b7578a843b98a8", 0xf1}], 0x3}, 0x0)
recvmsg$kcm(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffe}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2006}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0xfc, 0x0, 0x400000000004, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x2000, 0x32, 0x43a1bd76, 0x7, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x29, 0x2d, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000027c0)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000009000000004000000000000000a00000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0xe, 0x0, &(0x7f0000000300)="e02742e8680d85ff978276fcf294", 0x0, 0x4002, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5d33, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x4}, 0xc001, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf2020000000000015000200000000103d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff07006702000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)

577.049882ms ago: executing program 1 (id=1636):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="5c0000007a006bcd9e3fe3dc6e08000007000000feffff7f7ea60864160af36504005425198bc3488bc3a0e69ee517d34460bc24eab556a705251e6182949a3651f668c3664402682fb6e27bbfa83b5cae0300c9f4d1938037e786a6", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x2048840) (fail_nth: 8)

564.936392ms ago: executing program 2 (id=1637):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x20801, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000))
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x8)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="660a00000000000061114c000000000000b7f04bc8"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)=@generic={&(0x7f0000000200)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xc, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000080000007a1e122c178fff756368f0e80ca0a5065c827bf3e8094e012100000000009500000000000000"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311fe1f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x1, @perf_bp={0x0, 0xa}, 0x0, 0x7, 0x43a1bd78, 0x9, 0x9, 0x6, 0xfffd, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280), 0x5}, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r2}, 0x8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000100)="178d048604bf0bfb1945d7430008", 0x0, 0x503, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x4)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000680)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a61331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010000080c00bdad01409bbc7a46e39a8285dcdf121766794d009163ce955fed0009d78f0a9487e2b49e33538afaeb2713f450ebd010a20ff27fff7f27cda9a358800dbf1c4f43a16337aead6fb3b3d617d4c297915fb123dfe17b211dbc9ce663cef39bf8df47b3ac33053ba582515e2eec4141fce33980b2ede8463f4f7730b8b384c4904710dde7da9e88f68b3342000daaf5817357ad0da1e00af95f63b50474079c4afa65491d3e9166ef57116afa346c14ea883f28514cb6957865d76ee956dd6ab0f9034cfc7716f02730", 0x11c}], 0x1}, 0x40040)

307.05013ms ago: executing program 2 (id=1638):
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)="6000000022007f029e607dd75fcb520000a124b244de91f7f414adcf41bfafdd1b1e93c6292aefa3ca89563a63fb94b2584ca2faa20f2c308b0fe298acec10e3019e1e26e6efd0166e6c1b01132e5423294ac2f4d53c3870c3068461957e5357", 0x60}], 0x1, 0x0, 0x0, 0x6}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x5, 0x100000, 0x0, 0x2}, {0x10020002, 0x1, 0x0, 0x2}]}, 0x94)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f0000000340)=r4, 0x4)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x10506, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x1000000000000801, 0x1}, 0x7402, 0x0, 0x0, 0x9, 0x0, 0xffffffff, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a9"], 0xfdef)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000000000950000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r6)
r7 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r7, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
recvmsg$unix(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x10000)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x3, [@const={0x0, 0x0, 0x0, 0x9, 0x3}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @fwd={0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2}}]}, {0x0, [0x61]}}, 0x0, 0x5b}, 0x28)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)

185.049845ms ago: executing program 1 (id=1639):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0xff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5e6f8a6df01f948e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x1a49, 0xf2f3}, 0x42, 0xc8, 0x0, 0x1, 0x65, 0x0, 0x211, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="8fedcb7907031175f37538e486dd630080fc00000000db5b686158bbcfe8875a060300001123000000000000000000000000ac1414aa89"], 0xfdef)

0s ago: executing program 1 (id=1640):
socket$kcm(0x21, 0x2, 0x2)
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_bp={0x0, 0x5}, 0x0, 0x1, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, @perf_config_ext={0xffffffffffffff7f}, 0x111311, 0x1, 0x0, 0x1, 0x20000, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000001905418724c5984ab5986700"/32], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x5}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xffffff7f, 0x0, 0x1}, 0x50)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0xd, 0x4, &(0x7f0000000380)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x39}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
close(r2)
socket$kcm(0x29, 0x5, 0x0)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000340)={0x0, &(0x7f0000000200)=""/105, 0x0, &(0x7f0000000580)="bca13f58108937270789108abef62fc69699d33b5b5ef0def2fb77dbb117902c28122e2f2fb8ac793c47db676efd92aeacef4f223cdb490d7eaa0860b0f1abaaad5a58cd7e5855b48a7272e2854fda05f41a005d555f788cac0ce588812f48ec13a49b934fcfa64f4862f43adc0335ee9a202360de774f6123ff", 0x7, r2, 0x4}, 0x38)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x6, 0xd}, 0x0, 0x80000, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x4861}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$SIOCSIFHWADDR(r2, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000040)="d80000001a0081044e81f782db4cb904021d08007b490d4f1e81f8d815000100e000000103600e12080005007a010401a8001600200003400400", 0x3a}], 0x1}, 0x4000000)
r3 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001900599c6d0e00009bd028ef8020ab0700040005234538ba55"], 0xfe33)
r4 = socket$kcm(0xa, 0x2, 0x3a)
sendmsg$kcm(r4, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000780)="80005b020eaa4d", 0x7}], 0x1, 0x0, 0x0, 0x900}, 0x0)
recvmsg(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xf}, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  184.977710][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  185.557481][ T7906] netlink: 'syz.3.774': attribute type 16 has an invalid length.
[  185.602456][ T7906] netlink: 'syz.3.774': attribute type 3 has an invalid length.
[  185.641117][ T7906] __nla_validate_parse: 3 callbacks suppressed
[  185.641132][ T7906] netlink: 132 bytes leftover after parsing attributes in process `syz.3.774'.
[  186.428387][ T7924] netlink: 'syz.2.784': attribute type 1 has an invalid length.
[  186.467298][ T7924] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.784'.
[  186.722096][ T7935] FAULT_INJECTION: forcing a failure.
[  186.722096][ T7935] name failslab, interval 1, probability 0, space 0, times 0
[  186.759793][ T7935] CPU: 1 PID: 7935 Comm: syz.2.787 Not tainted syzkaller #0
[  186.767136][ T7935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  186.777209][ T7935] Call Trace:
[  186.780494][ T7935]  <TASK>
[  186.783431][ T7935]  dump_stack_lvl+0x18c/0x250
[  186.788119][ T7935]  ? show_regs_print_info+0x20/0x20
[  186.793321][ T7935]  ? load_image+0x420/0x420
[  186.797841][ T7935]  ? __might_sleep+0xe0/0xe0
[  186.802446][ T7935]  ? __lock_acquire+0x7d40/0x7d40
[  186.807483][ T7935]  should_fail_ex+0x39d/0x4d0
[  186.812180][ T7935]  should_failslab+0x9/0x20
[  186.816695][ T7935]  slab_pre_alloc_hook+0x59/0x310
[  186.821730][ T7935]  ? apparmor_sk_alloc_security+0x77/0x100
[  186.827544][ T7935]  __kmem_cache_alloc_node+0x53/0x250
[  186.832926][ T7935]  ? apparmor_sk_alloc_security+0x77/0x100
[  186.838740][ T7935]  kmalloc_trace+0x2a/0xe0
[  186.843170][ T7935]  apparmor_sk_alloc_security+0x77/0x100
[  186.848808][ T7935]  security_sk_alloc+0x6e/0xa0
[  186.853579][ T7935]  sk_prot_alloc+0x101/0x210
[  186.858173][ T7935]  ? sk_alloc+0x24/0x360
[  186.862422][ T7935]  sk_alloc+0x3a/0x360
[  186.866496][ T7935]  ? bpf_ctx_init+0x163/0x1a0
[  186.871174][ T7935]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  186.876729][ T7935]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  186.882105][ T7935]  ? __fget_files+0x28/0x4b0
[  186.886697][ T7935]  ? __fget_files+0x28/0x4b0
[  186.891295][ T7935]  ? __fget_files+0x43d/0x4b0
[  186.895987][ T7935]  ? cpu_online+0x60/0x60
[  186.900317][ T7935]  bpf_prog_test_run+0x321/0x390
[  186.905263][ T7935]  __sys_bpf+0x49d/0x890
[  186.909509][ T7935]  ? bpf_link_show_fdinfo+0x390/0x390
[  186.914894][ T7935]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  186.921063][ T7935]  __x64_sys_bpf+0x7c/0x90
[  186.925484][ T7935]  do_syscall_64+0x55/0xb0
[  186.929904][ T7935]  ? clear_bhb_loop+0x40/0x90
[  186.934584][ T7935]  ? clear_bhb_loop+0x40/0x90
[  186.939266][ T7935]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  186.945164][ T7935] RIP: 0033:0x7fe94d59ce59
[  186.949587][ T7935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  186.969199][ T7935] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  186.977620][ T7935] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  186.985593][ T7935] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 000000000000000a
[  186.993563][ T7935] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  187.001536][ T7935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.009505][ T7935] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  187.017490][ T7935]  </TASK>
[  187.931400][   T48] wlan1: Trigger new scan to find an IBSS to join
[  189.520938][ T7950] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.793'.
[  189.614007][ T7956] netlink: 'syz.0.795': attribute type 1 has an invalid length.
[  189.629213][ T7956] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.795'.
[  189.932207][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  190.971424][   T11] wlan1: Trigger new scan to find an IBSS to join
[  190.988942][   T48] wlan1: Creating new IBSS network, BSSID ce:62:ba:69:ba:0d
[  191.291529][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  191.302152][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  191.302580][ T5085] Bluetooth: hci1: command 0x0406 tx timeout
[  191.308208][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  191.912431][   T48] wlan1: Creating new IBSS network, BSSID 16:81:2d:2f:f6:09
[  192.256894][ T8006] netlink: 'syz.1.804': attribute type 2 has an invalid length.
[  192.271339][ T8006] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.804'.
[  194.362605][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  194.368980][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  194.585995][ T8027] netlink: 'syz.1.810': attribute type 1 has an invalid length.
[  194.643143][ T8027] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.810'.
[  197.930003][ T8058] netlink: 'syz.2.817': attribute type 10 has an invalid length.
[  197.969133][ T8058] mac80211_hwsim hwsim4 wlan1: left allmulticast mode
[  198.010103][ T8058] mac80211_hwsim hwsim4 wlan1: entered promiscuous mode
[  198.033614][ T8058] team0: Port device wlan1 added
[  198.375507][ T8054] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.515490][ T8068] netlink: 65051 bytes leftover after parsing attributes in process `syz.3.821'.
[  198.803359][ T8075] netlink: 'syz.2.824': attribute type 21 has an invalid length.
[  198.811132][ T8075] netlink: 128 bytes leftover after parsing attributes in process `syz.2.824'.
[  198.927133][ T8082] FAULT_INJECTION: forcing a failure.
[  198.927133][ T8082] name failslab, interval 1, probability 0, space 0, times 0
[  198.998685][ T8082] CPU: 0 PID: 8082 Comm: syz.0.826 Not tainted syzkaller #0
[  199.006023][ T8082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  199.016092][ T8082] Call Trace:
[  199.019396][ T8082]  <TASK>
[  199.022343][ T8082]  dump_stack_lvl+0x18c/0x250
[  199.027043][ T8082]  ? sctp_sendmsg+0x15d2/0x2910
[  199.031918][ T8082]  ? ___sys_sendmsg+0x2a6/0x360
[  199.036790][ T8082]  ? show_regs_print_info+0x20/0x20
[  199.042007][ T8082]  ? load_image+0x420/0x420
[  199.046548][ T8082]  should_fail_ex+0x39d/0x4d0
[  199.051255][ T8082]  should_failslab+0x9/0x20
[  199.055778][ T8082]  slab_pre_alloc_hook+0x59/0x310
[  199.060828][ T8082]  ? sctp_add_bind_addr+0x8c/0x360
[  199.065964][ T8082]  __kmem_cache_alloc_node+0x53/0x250
[  199.071365][ T8082]  ? sctp_add_bind_addr+0x8c/0x360
[  199.076495][ T8082]  kmalloc_trace+0x2a/0xe0
[  199.080943][ T8082]  sctp_add_bind_addr+0x8c/0x360
[  199.085904][ T8082]  sctp_copy_local_addr_list+0x315/0x4f0
[  199.091551][ T8082]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  199.097267][ T8082]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  199.103331][ T8082]  ? sctp_v4_is_any+0x35/0x60
[  199.107995][ T8082]  ? sctp_copy_one_addr+0x8c/0x350
[  199.113098][ T8082]  sctp_bind_addr_copy+0xb3/0x3c0
[  199.118117][ T8082]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  199.124442][ T8082]  sctp_connect_new_asoc+0x2f9/0x6a0
[  199.129724][ T8082]  ? __sctp_connect+0xd80/0xd80
[  199.134573][ T8082]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  199.140110][ T8082]  ? security_sctp_bind_connect+0x89/0xb0
[  199.145828][ T8082]  sctp_sendmsg+0x15d2/0x2910
[  199.150507][ T8082]  ? sctp_getsockopt+0xb60/0xb60
[  199.155432][ T8082]  ? aa_sk_perm+0x83c/0x970
[  199.159927][ T8082]  ? aa_af_perm+0x330/0x330
[  199.164418][ T8082]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  199.170823][ T8082]  ? sock_rps_record_flow+0x19/0x3f0
[  199.176102][ T8082]  ? inet_sendmsg+0xe9/0x2f0
[  199.180685][ T8082]  ? inet_send_prepare+0x260/0x260
[  199.185790][ T8082]  ____sys_sendmsg+0x5ba/0x960
[  199.190545][ T8082]  ? __lock_acquire+0x7d40/0x7d40
[  199.195564][ T8082]  ? __asan_memset+0x22/0x40
[  199.200143][ T8082]  ? __sys_sendmsg_sock+0x30/0x30
[  199.205151][ T8082]  ? __import_iovec+0x5f2/0x850
[  199.209994][ T8082]  ? import_iovec+0x73/0xa0
[  199.214489][ T8082]  ___sys_sendmsg+0x2a6/0x360
[  199.219159][ T8082]  ? __sys_sendmsg+0x2a0/0x2a0
[  199.223945][ T8082]  __se_sys_sendmsg+0x1c2/0x2b0
[  199.228788][ T8082]  ? __x64_sys_sendmsg+0x80/0x80
[  199.233726][ T8082]  ? syscall_enter_from_user_mode+0x2e/0x80
[  199.239616][ T8082]  do_syscall_64+0x55/0xb0
[  199.244020][ T8082]  ? clear_bhb_loop+0x40/0x90
[  199.248689][ T8082]  ? clear_bhb_loop+0x40/0x90
[  199.253355][ T8082]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  199.259240][ T8082] RIP: 0033:0x7f9257f9ce59
[  199.263644][ T8082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  199.283238][ T8082] RSP: 002b:00007f9258f48028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  199.291641][ T8082] RAX: ffffffffffffffda RBX: 00007f9258215fa0 RCX: 00007f9257f9ce59
[  199.299597][ T8082] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000012
[  199.307567][ T8082] RBP: 00007f9258f48090 R08: 0000000000000000 R09: 0000000000000000
[  199.315528][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  199.323484][ T8082] R13: 00007f9258216038 R14: 00007f9258215fa0 R15: 00007ffdcdb4e108
[  199.331467][ T8082]  </TASK>
[  201.946581][   T48] wlan1: Trigger new scan to find an IBSS to join
[  203.682556][ T8112] netlink: 65051 bytes leftover after parsing attributes in process `syz.0.836'.
[  205.932236][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  206.170413][ T8148] netlink: 65051 bytes leftover after parsing attributes in process `syz.1.846'.
[  206.507561][ T8150] netlink: 'syz.0.847': attribute type 21 has an invalid length.
[  206.561623][ T8150] netlink: 128 bytes leftover after parsing attributes in process `syz.0.847'.
[  208.264172][ T2927] wlan1: Creating new IBSS network, BSSID 46:84:17:f8:25:19
[  208.873744][ T8158] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.848'.
[  209.195890][ T8165] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.850'.
[  209.240102][ T8165] netlink: zone id is out of range
[  209.252947][ T8165] netlink: del zone limit has 8 unknown bytes
[  210.036281][ T8170] syzkaller0: entered promiscuous mode
[  210.071740][ T8170] syzkaller0: entered allmulticast mode
[  210.149639][ T8174] FAULT_INJECTION: forcing a failure.
[  210.149639][ T8174] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.258065][ T8174] CPU: 1 PID: 8174 Comm: syz.2.852 Not tainted syzkaller #0
[  210.265443][ T8174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  210.275546][ T8174] Call Trace:
[  210.278875][ T8174]  <TASK>
[  210.281845][ T8174]  dump_stack_lvl+0x18c/0x250
[  210.286668][ T8174]  ? show_regs_print_info+0x20/0x20
[  210.291921][ T8174]  ? load_image+0x420/0x420
[  210.296493][ T8174]  ? __might_fault+0xaa/0x120
[  210.301222][ T8174]  ? __lock_acquire+0x7d40/0x7d40
[  210.306309][ T8174]  should_fail_ex+0x39d/0x4d0
[  210.311060][ T8174]  _copy_from_iter+0x1d9/0x12e0
[  210.315961][ T8174]  ? __virt_addr_valid+0x18c/0x540
[  210.321126][ T8174]  ? __lock_acquire+0x7d40/0x7d40
[  210.326193][ T8174]  ? rcu_is_watching+0x15/0xb0
[  210.331023][ T8174]  ? copyout_mc+0x70/0x70
[  210.335405][ T8174]  ? __virt_addr_valid+0x18c/0x540
[  210.340570][ T8174]  ? __virt_addr_valid+0x18c/0x540
[  210.345734][ T8174]  ? __virt_addr_valid+0x469/0x540
[  210.350904][ T8174]  ? __check_object_size+0x506/0xa20
[  210.356252][ T8174]  kcm_sendmsg+0xd95/0x28b0
[  210.360917][ T8174]  ? kcm_getsockopt+0x280/0x280
[  210.365809][ T8174]  ? aa_sock_msg_perm+0x94/0x150
[  210.370768][ T8174]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  210.376060][ T8174]  ? security_socket_sendmsg+0x80/0xa0
[  210.381528][ T8174]  ? kcm_getsockopt+0x280/0x280
[  210.386394][ T8174]  ____sys_sendmsg+0x5ba/0x960
[  210.391188][ T8174]  ? __asan_memset+0x22/0x40
[  210.395804][ T8174]  ? __sys_sendmsg_sock+0x30/0x30
[  210.400839][ T8174]  ? __import_iovec+0x5f2/0x850
[  210.405718][ T8174]  ? import_iovec+0x73/0xa0
[  210.410242][ T8174]  ___sys_sendmsg+0x2a6/0x360
[  210.414948][ T8174]  ? get_pid_task+0x20/0x1e0
[  210.419589][ T8174]  ? __sys_sendmsg+0x2a0/0x2a0
[  210.424419][ T8174]  ? __lock_acquire+0x7d40/0x7d40
[  210.429516][ T8174]  __se_sys_sendmsg+0x1c2/0x2b0
[  210.434390][ T8174]  ? __x64_sys_sendmsg+0x80/0x80
[  210.439376][ T8174]  ? lockdep_hardirqs_on+0x98/0x150
[  210.444602][ T8174]  do_syscall_64+0x55/0xb0
[  210.449033][ T8174]  ? clear_bhb_loop+0x40/0x90
[  210.453720][ T8174]  ? clear_bhb_loop+0x40/0x90
[  210.458410][ T8174]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  210.464309][ T8174] RIP: 0033:0x7fe94d59ce59
[  210.468730][ T8174] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  210.488339][ T8174] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.496777][ T8174] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  210.504760][ T8174] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 0000000000000003
[  210.512739][ T8174] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  210.520713][ T8174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.528687][ T8174] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  210.536699][ T8174]  </TASK>
[  212.438868][ T2911] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  217.478751][ T8198] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.860'.
[  218.342913][ T8200] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  218.370767][ T8204] netlink: 16098 bytes leftover after parsing attributes in process `syz.1.861'.
[  218.676436][ T8211] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.864'.
[  218.696824][ T8211] netlink: zone id is out of range
[  218.707574][ T8211] netlink: del zone limit has 8 unknown bytes
[  219.580578][ T8227] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  219.612704][ T8227] netlink: 16098 bytes leftover after parsing attributes in process `syz.3.871'.
[  220.721002][ T8234] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  220.743581][ T8234] netlink: 16098 bytes leftover after parsing attributes in process `syz.0.874'.
[  220.869251][ T8240] netlink: 'syz.0.876': attribute type 11 has an invalid length.
[  220.877182][ T8240] netlink: 210780 bytes leftover after parsing attributes in process `syz.0.876'.
[  220.887069][ T8239] netlink: 'syz.0.876': attribute type 11 has an invalid length.
[  220.898874][ T8239] netlink: 210780 bytes leftover after parsing attributes in process `syz.0.876'.
[  220.981497][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  221.127252][ T8244] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.877'.
[  221.137986][ T8244] netlink: zone id is out of range
[  221.144751][ T8244] netlink: del zone limit has 8 unknown bytes
[  221.933078][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  222.302946][ T8256] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  222.406015][ T8256] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.881'.
[  222.973497][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  223.154189][ T8270] FAULT_INJECTION: forcing a failure.
[  223.154189][ T8270] name failslab, interval 1, probability 0, space 0, times 0
[  223.183638][ T8270] CPU: 1 PID: 8270 Comm: syz.2.886 Not tainted syzkaller #0
[  223.190987][ T8270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  223.201074][ T8270] Call Trace:
[  223.204391][ T8270]  <TASK>
[  223.207355][ T8270]  dump_stack_lvl+0x18c/0x250
[  223.212086][ T8270]  ? show_regs_print_info+0x20/0x20
[  223.217329][ T8270]  ? load_image+0x420/0x420
[  223.221895][ T8270]  ? __might_sleep+0xe0/0xe0
[  223.226538][ T8270]  ? __lock_acquire+0x7d40/0x7d40
[  223.231632][ T8270]  should_fail_ex+0x39d/0x4d0
[  223.236368][ T8270]  should_failslab+0x9/0x20
[  223.240915][ T8270]  slab_pre_alloc_hook+0x59/0x310
[  223.245976][ T8270]  ? lockdep_hardirqs_on+0x98/0x150
[  223.251201][ T8270]  kmem_cache_alloc_node+0x60/0x320
[  223.256426][ T8270]  ? __alloc_skb+0x103/0x2c0
[  223.261031][ T8270]  __alloc_skb+0x103/0x2c0
[  223.265464][ T8270]  netlink_ack+0x376/0x1180
[  223.269997][ T8270]  ? __dev_queue_xmit+0x265/0x3660
[  223.275131][ T8270]  ? netlink_dump+0xe50/0xe50
[  223.279819][ T8270]  ? ref_tracker_free+0x690/0x840
[  223.284876][ T8270]  netlink_rcv_skb+0x2c5/0x4d0
[  223.289650][ T8270]  ? rtnetlink_bind+0x80/0x80
[  223.294343][ T8270]  ? netlink_ack+0x1180/0x1180
[  223.299142][ T8270]  ? __lock_acquire+0x7d40/0x7d40
[  223.304188][ T8270]  ? netlink_deliver_tap+0x2e/0x1b0
[  223.309404][ T8270]  netlink_unicast+0x751/0x8d0
[  223.314200][ T8270]  netlink_sendmsg+0x8d0/0xbf0
[  223.318992][ T8270]  ? netlink_getsockopt+0x590/0x590
[  223.324202][ T8270]  ? aa_sock_msg_perm+0x94/0x150
[  223.329150][ T8270]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  223.334441][ T8270]  ? security_socket_sendmsg+0x80/0xa0
[  223.339902][ T8270]  ? netlink_getsockopt+0x590/0x590
[  223.345116][ T8270]  ____sys_sendmsg+0x5ba/0x960
[  223.349901][ T8270]  ? __asan_memset+0x22/0x40
[  223.354500][ T8270]  ? __sys_sendmsg_sock+0x30/0x30
[  223.359551][ T8270]  ? __import_iovec+0x5f2/0x850
[  223.364446][ T8270]  ? import_iovec+0x73/0xa0
[  223.368972][ T8270]  ___sys_sendmsg+0x2a6/0x360
[  223.373660][ T8270]  ? get_pid_task+0x20/0x1e0
[  223.378273][ T8270]  ? __sys_sendmsg+0x2a0/0x2a0
[  223.383089][ T8270]  ? __lock_acquire+0x7d40/0x7d40
[  223.388174][ T8270]  __se_sys_sendmsg+0x1c2/0x2b0
[  223.393046][ T8270]  ? __x64_sys_sendmsg+0x80/0x80
[  223.398032][ T8270]  ? lockdep_hardirqs_on+0x98/0x150
[  223.403247][ T8270]  do_syscall_64+0x55/0xb0
[  223.407687][ T8270]  ? clear_bhb_loop+0x40/0x90
[  223.412389][ T8270]  ? clear_bhb_loop+0x40/0x90
[  223.417088][ T8270]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  223.422989][ T8270] RIP: 0033:0x7fe94d59ce59
[  223.427416][ T8270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  223.447046][ T8270] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.455474][ T8270] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  223.463450][ T8270] RDX: 0000000004000000 RSI: 0000200000000040 RDI: 0000000000000003
[  223.471425][ T8270] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  223.479425][ T8270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.487425][ T8270] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  223.495446][ T8270]  </TASK>
[  224.983024][ T2993] wlan1: Trigger new scan to find an IBSS to join
[  225.941580][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  225.942943][   T48] wlan1: Trigger new scan to find an IBSS to join
[  226.843169][ T8295] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  226.998465][ T8295] netlink: 16098 bytes leftover after parsing attributes in process `syz.1.894'.
[  227.003580][   T11] wlan1: Trigger new scan to find an IBSS to join
[  227.112011][   T11] wlan1: Creating new IBSS network, BSSID f6:d3:d4:2e:35:16
[  228.514802][ T2993] wlan1: Creating new IBSS network, BSSID 7e:4b:b6:2a:ea:ae
[  228.987700][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  230.008973][ T2993] wlan1: Creating new IBSS network, BSSID 52:6e:32:d2:06:d1
[  230.894802][   T48] wlan1: Trigger new scan to find an IBSS to join
[  231.528772][ T8327] netlink: 16098 bytes leftover after parsing attributes in process `syz.3.903'.
[  233.017581][ T8334] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.905'.
[  233.931621][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  235.251024][   T48] wlan1: Creating new IBSS network, BSSID 9e:aa:6a:79:8c:48
[  237.680686][ T8371] netlink: 'syz.2.915': attribute type 1 has an invalid length.
[  237.694914][ T8371] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.915'.
[  245.025827][ T8418] ªªªªªª: renamed from vlan0 (while UP)
[  248.470752][ T8436] netlink: 'syz.3.933': attribute type 1 has an invalid length.
[  248.499994][ T8436] netlink: 199820 bytes leftover after parsing attributes in process `syz.3.933'.
[  248.820863][ T8438] delete_channel: no stack
[  257.966991][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  257.973511][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  259.836170][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  259.875739][ T2911] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  260.055094][   T48] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  260.564817][ T8493] netlink: 'syz.3.951': attribute type 16 has an invalid length.
[  260.611706][ T8493] netlink: 168 bytes leftover after parsing attributes in process `syz.3.951'.
[  261.103906][ T8496] netlink: 'syz.2.953': attribute type 27 has an invalid length.
[  261.211426][ T8496] netlink: 'syz.2.953': attribute type 4 has an invalid length.
[  261.295062][ T8496] netlink: 152 bytes leftover after parsing attributes in process `syz.2.953'.
[  264.830013][ T8522] netlink: 'syz.3.959': attribute type 21 has an invalid length.
[  264.864738][ T8522] netlink: 128 bytes leftover after parsing attributes in process `syz.3.959'.
[  265.279421][   T48] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  265.700092][ T8534] netlink: 55 bytes leftover after parsing attributes in process `syz.0.963'.
[  266.335061][ T8546] netlink: 140 bytes leftover after parsing attributes in process `syz.2.964'.
[  266.381486][ T8546] netlink: 10 bytes leftover after parsing attributes in process `syz.2.964'.
[  266.429915][ T8546] bond0: (slave bond_slave_0): Releasing backup interface
[  266.473554][ T8546] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  266.547312][ T8541] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  266.617509][ T8544] netlink: 'syz.3.965': attribute type 3 has an invalid length.
[  266.634470][ T8544] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.965'.
[  268.078535][ T8578] netlink: 'syz.0.976': attribute type 16 has an invalid length.
[  268.128914][ T8578] netlink: 168 bytes leftover after parsing attributes in process `syz.0.976'.
[  268.891675][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  269.126820][ T8584] FAULT_INJECTION: forcing a failure.
[  269.126820][ T8584] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.143175][ T8584] CPU: 0 PID: 8584 Comm: syz.0.979 Not tainted syzkaller #0
[  269.150490][ T8584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  269.160569][ T8584] Call Trace:
[  269.163861][ T8584]  <TASK>
[  269.166798][ T8584]  dump_stack_lvl+0x18c/0x250
[  269.171497][ T8584]  ? show_regs_print_info+0x20/0x20
[  269.176709][ T8584]  ? load_image+0x420/0x420
[  269.181227][ T8584]  ? __might_fault+0xaa/0x120
[  269.185910][ T8584]  ? __lock_acquire+0x7d40/0x7d40
[  269.191014][ T8584]  ? __local_bh_enable_ip+0x13a/0x1c0
[  269.196407][ T8584]  ? _local_bh_enable+0xa0/0xa0
[  269.201249][ T8584]  should_fail_ex+0x39d/0x4d0
[  269.205923][ T8584]  copy_fpstate_to_sigframe+0xa05/0xc60
[  269.211471][ T8584]  ? copy_fpstate_to_sigframe+0x191/0xc60
[  269.217186][ T8584]  ? fpregs_set+0x370/0x370
[  269.221693][ T8584]  ? fpu__alloc_mathframe+0xa7/0x120
[  269.226973][ T8584]  get_sigframe+0x5e2/0x7d0
[  269.231476][ T8584]  ? load_gs_index+0x1a0/0x1a0
[  269.236234][ T8584]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  269.242202][ T8584]  ? get_signal+0x11f5/0x13f0
[  269.246869][ T8584]  x64_setup_rt_frame+0x15e/0xc40
[  269.251888][ T8584]  ? _raw_spin_unlock_irq+0x23/0x50
[  269.257075][ T8584]  ? lockdep_hardirqs_on+0x98/0x150
[  269.262264][ T8584]  ? perf_trace_preemptirq_template+0xac/0x330
[  269.268426][ T8584]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  269.274401][ T8584]  ? sigaltstack_size_valid+0x1e0/0x1e0
[  269.279944][ T8584]  ? arch_do_signal_or_restart+0x3b1/0x800
[  269.285747][ T8584]  arch_do_signal_or_restart+0x42c/0x800
[  269.291378][ T8584]  ? get_sigframe_size+0x20/0x20
[  269.296312][ T8584]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  269.302303][ T8584]  ? exit_to_user_mode_loop+0x3b/0x110
[  269.307765][ T8584]  exit_to_user_mode_loop+0x70/0x110
[  269.313043][ T8584]  exit_to_user_mode_prepare+0xee/0x180
[  269.318581][ T8584]  irqentry_exit_to_user_mode+0x9/0x30
[  269.324028][ T8584]  exc_general_protection+0x168/0x1f0
[  269.329397][ T8584]  ? do_syscall_64+0x61/0xb0
[  269.333976][ T8584]  asm_exc_general_protection+0x26/0x30
[  269.339519][ T8584] RIP: 0033:0x7f9257f7bbf9
[  269.343935][ T8584] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 <c5> fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66
[  269.363530][ T8584] RSP: 002b:00007f9258f478a8 EFLAGS: 00010283
[  269.369585][ T8584] RAX: 0000000000000999 RBX: 00007f9258f47de0 RCX: 2f666c65732f636f
[  269.377554][ T8584] RDX: 9999999999999999 RSI: 00007f925805d0c0 RDI: 9999999999999999
[  269.385515][ T8584] RBP: 9999999999999999 R08: 00007f9258f48010 R09: 00000000ffffffff
[  269.393478][ T8584] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  269.401438][ T8584] R13: 0000000000000073 R14: 00007f92580320dd R15: 00007f9258f47ea0
[  269.409410][ T8584]  </TASK>
[  269.480302][ T8585] netlink: 140 bytes leftover after parsing attributes in process `syz.3.978'.
[  270.250393][ T8602] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.985'.
[  270.922465][ T8611] netlink: 'syz.2.987': attribute type 16 has an invalid length.
[  270.971499][ T8611] netlink: 168 bytes leftover after parsing attributes in process `syz.2.987'.
[  272.042030][ T8613] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  272.056982][ T8614] netlink: 'syz.1.988': attribute type 3 has an invalid length.
[  272.065162][ T8614] netlink: 16066 bytes leftover after parsing attributes in process `syz.1.988'.
[  272.213034][ T8617] netlink: 55 bytes leftover after parsing attributes in process `syz.3.989'.
[  272.662069][ T8620] batman_adv: The newly added mac address (56:56:82:6e:da:aa) already exists on: batadv_slave_0
[  272.692828][ T8620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.777219][ T8629] netlink: 140 bytes leftover after parsing attributes in process `syz.1.991'.
[  272.791401][ T8629] netlink: 10 bytes leftover after parsing attributes in process `syz.1.991'.
[  272.806918][ T8629] bond0: (slave bond_slave_0): Releasing backup interface
[  272.831556][ T8629] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  273.109342][ T8641] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.994'.
[  273.453047][ T8654] netlink: 'syz.0.1000': attribute type 10 has an invalid length.
[  273.566379][ T8654] team0 (unregistering): Port device team_slave_0 removed
[  273.600932][ T8654] team0 (unregistering): Port device team_slave_1 removed
[  273.645911][ T8654] team0 (unregistering): Port device dummy0 removed
[  273.714377][ T8658] netlink: 55 bytes leftover after parsing attributes in process `syz.2.1002'.
[  273.867987][ T8659] batman_adv: The newly added mac address (56:56:82:6e:da:aa) already exists on: batadv_slave_0
[  273.884482][ T8659] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.895326][ T8659] batman_adv: The newly added mac address (56:56:82:6e:da:aa) already exists on: batadv_slave_0
[  273.906777][ T8659] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.932917][   T48] wlan1: Trigger new scan to find an IBSS to join
[  274.355310][ T8669] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1006'.
[  275.931625][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  277.429176][   T48] wlan1: Creating new IBSS network, BSSID ea:b8:21:71:8e:37
[  277.595202][ T8681] netlink: 'syz.1.1011': attribute type 21 has an invalid length.
[  277.603177][ T8681] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1011'.
[  277.618024][ T8683] netlink: 'syz.3.1013': attribute type 2 has an invalid length.
[  277.642315][ T8683] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1013'.
[  278.149775][ T8699] netlink: 'syz.2.1012': attribute type 6 has an invalid length.
[  278.167201][ T8698] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.1019'.
[  278.186632][ T8699] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1012'.
[  278.614454][ T8713] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  278.759295][ T8715] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  278.898412][ T8725] netlink: 'syz.0.1029': attribute type 21 has an invalid length.
[  279.036579][ T8730] netlink: 'syz.0.1031': attribute type 21 has an invalid length.
[  279.045947][ T8730] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1031'.
[  279.346523][ T8736] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1041'.
[  279.397513][ T8732] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.1032'.
[  279.431048][ T8736] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.454476][ T8736] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.473621][ T8736] bond0 (unregistering): Released all slaves
[  279.535272][ T8742] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.1036'.
[  279.560670][ T8740] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  279.757888][ T8749] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  279.829175][ T8753] syzkaller0: entered allmulticast mode
[  280.084395][ T8768] netlink: 'syz.1.1047': attribute type 10 has an invalid length.
[  280.093235][ T8768] netlink: 65015 bytes leftover after parsing attributes in process `syz.1.1047'.
[  280.136677][ T8764] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.1046'.
[  280.516134][ T8775] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  280.891545][ T2911] wlan1: Trigger new scan to find an IBSS to join
[  281.490987][ T8782] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  281.585140][ T8786] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  282.220726][ T8806] netlink: 'syz.0.1063': attribute type 19 has an invalid length.
[  282.705397][ T8818] FAULT_INJECTION: forcing a failure.
[  282.705397][ T8818] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.725156][ T8818] CPU: 1 PID: 8818 Comm: syz.2.1068 Not tainted syzkaller #0
[  282.732560][ T8818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  282.742626][ T8818] Call Trace:
[  282.745914][ T8818]  <TASK>
[  282.748856][ T8818]  dump_stack_lvl+0x18c/0x250
[  282.753552][ T8818]  ? show_regs_print_info+0x20/0x20
[  282.758761][ T8818]  ? load_image+0x420/0x420
[  282.763281][ T8818]  ? __might_fault+0xaa/0x120
[  282.767971][ T8818]  ? __lock_acquire+0x7d40/0x7d40
[  282.773016][ T8818]  should_fail_ex+0x39d/0x4d0
[  282.777716][ T8818]  _copy_to_user+0x2f/0xa0
[  282.782148][ T8818]  generic_map_lookup_batch+0x860/0xc60
[  282.787719][ T8818]  ? bpf_map_update_value+0x720/0x720
[  282.793108][ T8818]  ? __fdget+0x180/0x210
[  282.797370][ T8818]  ? bpf_map_update_value+0x720/0x720
[  282.802750][ T8818]  bpf_map_do_batch+0x2cb/0x610
[  282.807621][ T8818]  __sys_bpf+0x7d7/0x890
[  282.811876][ T8818]  ? bpf_link_show_fdinfo+0x390/0x390
[  282.817284][ T8818]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  282.823473][ T8818]  __x64_sys_bpf+0x7c/0x90
[  282.827907][ T8818]  do_syscall_64+0x55/0xb0
[  282.832334][ T8818]  ? clear_bhb_loop+0x40/0x90
[  282.837030][ T8818]  ? clear_bhb_loop+0x40/0x90
[  282.841726][ T8818]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  282.847720][ T8818] RIP: 0033:0x7fe94d59ce59
[  282.852168][ T8818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  282.871763][ T8818] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  282.880160][ T8818] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  282.888111][ T8818] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  282.896067][ T8818] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  282.904027][ T8818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.911981][ T8818] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  282.919948][ T8818]  </TASK>
[  283.010221][ T8821] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  283.177207][ T8828] __nla_validate_parse: 1 callbacks suppressed
[  283.177223][ T8828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1071'.
[  283.301105][ T8834] netlink: 'syz.1.1075': attribute type 2 has an invalid length.
[  283.309620][ T8834] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1075'.
[  283.678355][ T8847] netlink: 'syz.0.1079': attribute type 10 has an invalid length.
[  283.695123][ T8847] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1079'.
[  283.935163][   T48] wlan1: Trigger new scan to find an IBSS to join
[  286.361363][ T8849] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  286.695384][ T8863] FAULT_INJECTION: forcing a failure.
[  286.695384][ T8863] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.741336][ T8863] CPU: 1 PID: 8863 Comm: syz.3.1087 Not tainted syzkaller #0
[  286.748764][ T8863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  286.758841][ T8863] Call Trace:
[  286.762138][ T8863]  <TASK>
[  286.765082][ T8863]  dump_stack_lvl+0x18c/0x250
[  286.769779][ T8863]  ? show_regs_print_info+0x20/0x20
[  286.774982][ T8863]  ? load_image+0x420/0x420
[  286.779487][ T8863]  ? __might_fault+0xaa/0x120
[  286.784158][ T8863]  ? __lock_acquire+0x7d40/0x7d40
[  286.789180][ T8863]  should_fail_ex+0x39d/0x4d0
[  286.793860][ T8863]  _copy_from_user+0x2f/0xe0
[  286.798445][ T8863]  dev_ethtool+0xc6/0x18d0
[  286.802868][ T8863]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  286.809109][ T8863]  ? __lock_acquire+0x7d40/0x7d40
[  286.814128][ T8863]  ? __might_fault+0xaa/0x120
[  286.818794][ T8863]  ? full_name_hash+0x92/0xe0
[  286.823471][ T8863]  ? dev_load+0x21/0x1f0
[  286.827709][ T8863]  dev_ioctl+0x392/0x1140
[  286.832036][ T8863]  sock_do_ioctl+0x239/0x310
[  286.836620][ T8863]  ? sock_show_fdinfo+0xb0/0xb0
[  286.841475][ T8863]  sock_ioctl+0x5ba/0x7e0
[  286.845797][ T8863]  ? sock_poll+0x3e0/0x3e0
[  286.850211][ T8863]  ? bpf_lsm_file_ioctl+0x9/0x10
[  286.855139][ T8863]  ? security_file_ioctl+0x80/0xa0
[  286.860240][ T8863]  ? sock_poll+0x3e0/0x3e0
[  286.864647][ T8863]  __se_sys_ioctl+0xfd/0x170
[  286.869233][ T8863]  do_syscall_64+0x55/0xb0
[  286.873643][ T8863]  ? clear_bhb_loop+0x40/0x90
[  286.878314][ T8863]  ? clear_bhb_loop+0x40/0x90
[  286.882994][ T8863]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  286.888878][ T8863] RIP: 0033:0x7fd47639ce59
[  286.893286][ T8863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  286.912884][ T8863] RSP: 002b:00007fd4745f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  286.921288][ T8863] RAX: ffffffffffffffda RBX: 00007fd476615fa0 RCX: 00007fd47639ce59
[  286.929249][ T8863] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000001b
[  286.937210][ T8863] RBP: 00007fd4745f6090 R08: 0000000000000000 R09: 0000000000000000
[  286.945171][ T8863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.953130][ T8863] R13: 00007fd476616038 R14: 00007fd476615fa0 R15: 00007ffe51f65b28
[  286.961103][ T8863]  </TASK>
[  286.992354][   T48] wlan1: Trigger new scan to find an IBSS to join
[  287.091373][ T8873] netlink: 'syz.2.1090': attribute type 21 has an invalid length.
[  287.100540][ T8873] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1090'.
[  287.329720][ T8881] netlink: 'syz.3.1093': attribute type 21 has an invalid length.
[  287.337785][ T8881] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1093'.
[  287.932527][ T8884] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  287.980230][ T8888] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1102'.
[  287.996099][ T8888] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1102'.
[  288.009282][ T8888] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1102'.
[  288.027997][ T8888] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1102'.
[  288.971442][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  288.978067][   T48] wlan1: Trigger new scan to find an IBSS to join
[  290.923913][ T2911] wlan1: Creating new IBSS network, BSSID 26:33:20:d8:1d:f1
[  291.230247][ T8897] netlink: 65051 bytes leftover after parsing attributes in process `syz.1.1098'.
[  291.470536][ T8908] netlink: 'syz.2.1104': attribute type 10 has an invalid length.
[  291.511062][ T8908] team0: left promiscuous mode
[  291.523190][ T8908] team_slave_0: left promiscuous mode
[  291.528894][ T8908] team_slave_1: left promiscuous mode
[  291.561958][ T8908] mac80211_hwsim hwsim4 wlan1: left promiscuous mode
[  291.595853][ T8908] 8021q: adding VLAN 0 to HW filter on device team0
[  291.617644][ T8908] bond0: (slave team0): Enslaving as an active interface with an up link
[  291.769845][ T8905] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  291.825518][ T8912] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  291.924258][ T8905] syz.0.1103 (8905) used greatest stack depth: 18536 bytes left
[  291.932093][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  291.995899][ T8920] netlink: 'syz.0.1108': attribute type 21 has an invalid length.
[  292.004540][ T8920] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1108'.
[  292.067807][ T8922] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1109'.
[  292.077230][ T8922] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1109'.
[  292.089413][ T8922] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1109'.
[  292.103544][ T8922] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1109'.
[  292.172291][ T8925] netlink: 'syz.2.1110': attribute type 29 has an invalid length.
[  292.180402][ T8925] netlink: 'syz.2.1110': attribute type 29 has an invalid length.
[  292.190003][ T8925] netlink: 'syz.2.1110': attribute type 29 has an invalid length.
[  292.206193][ T8925] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.1110'.
[  292.216277][ T8925] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.1110'.
[  292.225850][ T8925] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1110'.
[  292.236770][ T8925] netlink: 'syz.2.1110': attribute type 29 has an invalid length.
[  292.247083][ T8925] netlink: 'syz.2.1110': attribute type 29 has an invalid length.
[  292.268111][ T8925] netlink: 'syz.2.1110': attribute type 29 has an invalid length.
[  292.372787][ T8927] netlink: 'syz.2.1111': attribute type 21 has an invalid length.
[  292.394205][ T8927] netlink: 'syz.2.1111': attribute type 4 has an invalid length.
[  292.402065][ T8927] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1111'.
[  292.779308][ T8941] FAULT_INJECTION: forcing a failure.
[  292.779308][ T8941] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.806792][ T8941] CPU: 0 PID: 8941 Comm: syz.2.1117 Not tainted syzkaller #0
[  292.814200][ T8941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  292.824264][ T8941] Call Trace:
[  292.827548][ T8941]  <TASK>
[  292.830482][ T8941]  dump_stack_lvl+0x18c/0x250
[  292.835171][ T8941]  ? show_regs_print_info+0x20/0x20
[  292.840376][ T8941]  ? load_image+0x420/0x420
[  292.844893][ T8941]  ? __might_fault+0xaa/0x120
[  292.849580][ T8941]  ? __lock_acquire+0x7d40/0x7d40
[  292.854617][ T8941]  should_fail_ex+0x39d/0x4d0
[  292.859312][ T8941]  _copy_from_user+0x2f/0xe0
[  292.863919][ T8941]  ___sys_sendmsg+0x1c7/0x360
[  292.868605][ T8941]  ? get_pid_task+0x20/0x1e0
[  292.873210][ T8941]  ? __sys_sendmsg+0x2a0/0x2a0
[  292.878000][ T8941]  ? __lock_acquire+0x7d40/0x7d40
[  292.883057][ T8941]  __se_sys_sendmsg+0x1c2/0x2b0
[  292.887920][ T8941]  ? __x64_sys_sendmsg+0x80/0x80
[  292.892878][ T8941]  ? lockdep_hardirqs_on+0x98/0x150
[  292.898093][ T8941]  do_syscall_64+0x55/0xb0
[  292.902511][ T8941]  ? clear_bhb_loop+0x40/0x90
[  292.907196][ T8941]  ? clear_bhb_loop+0x40/0x90
[  292.911882][ T8941]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  292.917793][ T8941] RIP: 0033:0x7fe94d59ce59
[  292.922218][ T8941] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  292.941847][ T8941] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  292.950277][ T8941] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  292.958264][ T8941] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000003
[  292.966243][ T8941] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  292.974208][ T8941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.982167][ T8941] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  292.990140][ T8941]  </TASK>
[  293.000922][ T2911] wlan1: Trigger new scan to find an IBSS to join
[  293.735810][ T8953] FAULT_INJECTION: forcing a failure.
[  293.735810][ T8953] name failslab, interval 1, probability 0, space 0, times 0
[  293.748713][ T8953] CPU: 1 PID: 8953 Comm: syz.3.1121 Not tainted syzkaller #0
[  293.756107][ T8953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  293.766182][ T8953] Call Trace:
[  293.769726][ T8953]  <TASK>
[  293.772656][ T8953]  dump_stack_lvl+0x18c/0x250
[  293.777330][ T8953]  ? show_regs_print_info+0x20/0x20
[  293.782527][ T8953]  ? load_image+0x420/0x420
[  293.787023][ T8953]  ? perf_tp_event+0x13d7/0x1520
[  293.791957][ T8953]  ? perf_trace_run_bpf_submit+0x1c0/0x1c0
[  293.797755][ T8953]  should_fail_ex+0x39d/0x4d0
[  293.802439][ T8953]  should_failslab+0x9/0x20
[  293.806937][ T8953]  slab_pre_alloc_hook+0x59/0x310
[  293.811961][ T8953]  kmem_cache_alloc+0x5a/0x2d0
[  293.816716][ T8953]  ? skb_clone+0x1eb/0x370
[  293.821123][ T8953]  skb_clone+0x1eb/0x370
[  293.825361][ T8953]  bpf_clone_redirect+0x167/0x4a0
[  293.830385][ T8953]  bpf_prog_c9d58f5b8698340d+0x5e/0x63
[  293.835837][ T8953]  ? perf_output_sample+0x8a0/0x2130
[  293.841116][ T8953]  ? perf_trace_preemptirq_template+0x269/0x330
[  293.847356][ T8953]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  293.853328][ T8953]  ? lockdep_softirqs_on+0x580/0x580
[  293.858603][ T8953]  ? lock_chain_count+0x20/0x20
[  293.863452][ T8953]  ? __local_bh_disable_ip+0x108/0x1a0
[  293.868904][ T8953]  ? __cant_sleep+0x220/0x220
[  293.873573][ T8953]  ? __local_bh_enable_ip+0x13a/0x1c0
[  293.878932][ T8953]  ? _local_bh_enable+0xa0/0xa0
[  293.883784][ T8953]  ? bpf_test_timer_continue+0x135/0x380
[  293.889408][ T8953]  ? bpf_test_run+0x174/0x870
[  293.894077][ T8953]  bpf_test_run+0x2df/0x870
[  293.898593][ T8953]  ? bpf_test_run+0x174/0x870
[  293.903268][ T8953]  ? convert___skb_to_skb+0x590/0x590
[  293.908635][ T8953]  ? eth_get_headlen+0x210/0x210
[  293.913564][ T8953]  ? slab_build_skb+0x25f/0x3f0
[  293.918404][ T8953]  ? convert___skb_to_skb+0x3d/0x590
[  293.923685][ T8953]  bpf_prog_test_run_skb+0xad2/0x12b0
[  293.929089][ T8953]  ? cpu_online+0x60/0x60
[  293.933415][ T8953]  bpf_prog_test_run+0x321/0x390
[  293.938348][ T8953]  __sys_bpf+0x49d/0x890
[  293.942585][ T8953]  ? bpf_link_show_fdinfo+0x390/0x390
[  293.947962][ T8953]  ? lock_chain_count+0x20/0x20
[  293.952804][ T8953]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  293.958787][ T8953]  __x64_sys_bpf+0x7c/0x90
[  293.963196][ T8953]  do_syscall_64+0x55/0xb0
[  293.967601][ T8953]  ? clear_bhb_loop+0x40/0x90
[  293.972273][ T8953]  ? clear_bhb_loop+0x40/0x90
[  293.976942][ T8953]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.982830][ T8953] RIP: 0033:0x7fd47639ce59
[  293.987237][ T8953] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  294.006839][ T8953] RSP: 002b:00007fd4745f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  294.015248][ T8953] RAX: ffffffffffffffda RBX: 00007fd476615fa0 RCX: 00007fd47639ce59
[  294.023214][ T8953] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  294.031176][ T8953] RBP: 00007fd4745f6090 R08: 0000000000000000 R09: 0000000000000000
[  294.039141][ T8953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  294.047103][ T8953] R13: 00007fd476616038 R14: 00007fd476615fa0 R15: 00007ffe51f65b28
[  294.055171][ T8953]  </TASK>
[  294.064268][   T42] wlan1: Trigger new scan to find an IBSS to join
[  294.232578][   T48] wlan1: Creating new IBSS network, BSSID 8e:21:95:e5:c4:a7
[  294.265868][ T8963] FAULT_INJECTION: forcing a failure.
[  294.265868][ T8963] name failslab, interval 1, probability 0, space 0, times 0
[  294.279927][ T8957] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  294.291473][ T8963] CPU: 1 PID: 8963 Comm: syz.1.1123 Not tainted syzkaller #0
[  294.298880][ T8963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  294.308947][ T8963] Call Trace:
[  294.312226][ T8963]  <TASK>
[  294.315150][ T8963]  dump_stack_lvl+0x18c/0x250
[  294.319825][ T8963]  ? show_regs_print_info+0x20/0x20
[  294.325016][ T8963]  ? load_image+0x420/0x420
[  294.329518][ T8963]  ? __might_sleep+0xe0/0xe0
[  294.334103][ T8963]  ? __lock_acquire+0x7d40/0x7d40
[  294.339126][ T8963]  should_fail_ex+0x39d/0x4d0
[  294.343804][ T8963]  should_failslab+0x9/0x20
[  294.348303][ T8963]  slab_pre_alloc_hook+0x59/0x310
[  294.353333][ T8963]  ? __lock_acquire+0x7d40/0x7d40
[  294.358353][ T8963]  ? dev_ethtool+0x129/0x18d0
[  294.363027][ T8963]  __kmem_cache_alloc_node+0x53/0x250
[  294.368396][ T8963]  ? __might_fault+0xaa/0x120
[  294.373066][ T8963]  ? dev_ethtool+0x129/0x18d0
[  294.377737][ T8963]  kmalloc_trace+0x2a/0xe0
[  294.382149][ T8963]  dev_ethtool+0x129/0x18d0
[  294.386650][ T8963]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  294.392885][ T8963]  ? __lock_acquire+0x7d40/0x7d40
[  294.397903][ T8963]  ? __might_fault+0xaa/0x120
[  294.402570][ T8963]  ? full_name_hash+0x92/0xe0
[  294.407244][ T8963]  ? dev_load+0x21/0x1f0
[  294.411484][ T8963]  dev_ioctl+0x392/0x1140
[  294.415808][ T8963]  sock_do_ioctl+0x239/0x310
[  294.420391][ T8963]  ? sock_show_fdinfo+0xb0/0xb0
[  294.425247][ T8963]  sock_ioctl+0x5ba/0x7e0
[  294.429571][ T8963]  ? sock_poll+0x3e0/0x3e0
[  294.433988][ T8963]  ? bpf_lsm_file_ioctl+0x9/0x10
[  294.438915][ T8963]  ? security_file_ioctl+0x80/0xa0
[  294.444036][ T8963]  ? sock_poll+0x3e0/0x3e0
[  294.448455][ T8963]  __se_sys_ioctl+0xfd/0x170
[  294.453044][ T8963]  do_syscall_64+0x55/0xb0
[  294.457449][ T8963]  ? clear_bhb_loop+0x40/0x90
[  294.462122][ T8963]  ? clear_bhb_loop+0x40/0x90
[  294.466797][ T8963]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  294.472689][ T8963] RIP: 0033:0x7fbee899ce59
[  294.477098][ T8963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  294.496704][ T8963] RSP: 002b:00007fbee990d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  294.505112][ T8963] RAX: ffffffffffffffda RBX: 00007fbee8c15fa0 RCX: 00007fbee899ce59
[  294.513072][ T8963] RDX: 0000200000000040 RSI: 0000000000008946 RDI: 0000000000000008
[  294.521033][ T8963] RBP: 00007fbee990d090 R08: 0000000000000000 R09: 0000000000000000
[  294.528995][ T8963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.536955][ T8963] R13: 00007fbee8c16038 R14: 00007fbee8c15fa0 R15: 00007ffe11705c88
[  294.544929][ T8963]  </TASK>
[  294.728929][ T8974] FAULT_INJECTION: forcing a failure.
[  294.728929][ T8974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.742509][ T8974] CPU: 1 PID: 8974 Comm: syz.2.1127 Not tainted syzkaller #0
[  294.749909][ T8974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  294.759983][ T8974] Call Trace:
[  294.763280][ T8974]  <TASK>
[  294.766225][ T8974]  dump_stack_lvl+0x18c/0x250
[  294.770930][ T8974]  ? show_regs_print_info+0x20/0x20
[  294.776152][ T8974]  ? load_image+0x420/0x420
[  294.780684][ T8974]  ? __might_fault+0xaa/0x120
[  294.785361][ T8974]  ? __lock_acquire+0x7d40/0x7d40
[  294.790384][ T8974]  should_fail_ex+0x39d/0x4d0
[  294.795073][ T8974]  _copy_from_user+0x2f/0xe0
[  294.799675][ T8974]  ___sys_sendmsg+0x1c7/0x360
[  294.804353][ T8974]  ? __sys_sendmsg+0x2a0/0x2a0
[  294.809131][ T8974]  ? __lock_acquire+0x7d40/0x7d40
[  294.814177][ T8974]  __se_sys_sendmsg+0x1c2/0x2b0
[  294.819025][ T8974]  ? __x64_sys_sendmsg+0x80/0x80
[  294.823973][ T8974]  ? lockdep_hardirqs_on+0x98/0x150
[  294.829170][ T8974]  do_syscall_64+0x55/0xb0
[  294.833581][ T8974]  ? clear_bhb_loop+0x40/0x90
[  294.838254][ T8974]  ? clear_bhb_loop+0x40/0x90
[  294.842930][ T8974]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  294.848819][ T8974] RIP: 0033:0x7fe94d59ce59
[  294.853229][ T8974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  294.872830][ T8974] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.881246][ T8974] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  294.889215][ T8974] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000004
[  294.897177][ T8974] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  294.905143][ T8974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.913107][ T8974] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  294.921176][ T8974]  </TASK>
[  295.660087][ T9007] ipvlan0: entered allmulticast mode
[  295.671236][ T9007] veth0_vlan: entered allmulticast mode
[  295.745403][ T9009] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  295.942624][ T2911] wlan1: Trigger new scan to find an IBSS to join
[  296.973509][   T48] wlan1: Trigger new scan to find an IBSS to join
[  297.943431][   T48] wlan1: Trigger new scan to find an IBSS to join
[  298.285887][ T1134] wlan1: Creating new IBSS network, BSSID 36:4f:35:04:d9:9d
[  298.610054][ T9019] validate_nla: 3 callbacks suppressed
[  298.610070][ T9019] netlink: 'syz.3.1145': attribute type 10 has an invalid length.
[  298.651613][ T9019] team0: left promiscuous mode
[  298.656457][ T9019] team_slave_1: left promiscuous mode
[  298.904057][ T9029] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  298.925632][ T9029] __nla_validate_parse: 10 callbacks suppressed
[  298.925677][ T9029] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.1150'.
[  298.977795][ T9033] netlink: 'syz.3.1151': attribute type 21 has an invalid length.
[  298.997501][ T9033] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1151'.
[  299.009666][ T9031] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.1149'.
[  299.863886][ T9052] FAULT_INJECTION: forcing a failure.
[  299.863886][ T9052] name failslab, interval 1, probability 0, space 0, times 0
[  299.876615][ T9052] CPU: 0 PID: 9052 Comm: syz.0.1158 Not tainted syzkaller #0
[  299.884014][ T9052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  299.894076][ T9052] Call Trace:
[  299.897356][ T9052]  <TASK>
[  299.900287][ T9052]  dump_stack_lvl+0x18c/0x250
[  299.904975][ T9052]  ? show_regs_print_info+0x20/0x20
[  299.910172][ T9052]  ? load_image+0x420/0x420
[  299.914690][ T9052]  ? __kmem_cache_alloc_node+0x13a/0x250
[  299.920332][ T9052]  ? netdev_core_pick_tx+0x340/0x340
[  299.925628][ T9052]  should_fail_ex+0x39d/0x4d0
[  299.930320][ T9052]  should_failslab+0x9/0x20
[  299.934830][ T9052]  slab_pre_alloc_hook+0x59/0x310
[  299.939869][ T9052]  kmem_cache_alloc+0x5a/0x2d0
[  299.944634][ T9052]  ? skb_clone+0x1eb/0x370
[  299.949062][ T9052]  skb_clone+0x1eb/0x370
[  299.953313][ T9052]  bpf_clone_redirect+0x167/0x4a0
[  299.958356][ T9052]  bpf_prog_6893982b85ceadf7+0x5e/0x63
[  299.963820][ T9052]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  299.969808][ T9052]  ? perf_trace_preemptirq_template+0xac/0x330
[  299.975973][ T9052]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  299.981954][ T9052]  ? lockdep_softirqs_on+0x580/0x580
[  299.987238][ T9052]  ? lock_chain_count+0x20/0x20
[  299.992086][ T9052]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  299.998341][ T9052]  ? __local_bh_disable_ip+0x108/0x1a0
[  300.003800][ T9052]  ? __cant_sleep+0x220/0x220
[  300.008475][ T9052]  ? __local_bh_enable_ip+0x13a/0x1c0
[  300.013844][ T9052]  ? _local_bh_enable+0xa0/0xa0
[  300.018699][ T9052]  ? bpf_test_timer_continue+0x135/0x380
[  300.024334][ T9052]  ? bpf_test_run+0x174/0x870
[  300.029015][ T9052]  bpf_test_run+0x2df/0x870
[  300.033538][ T9052]  ? bpf_test_run+0x174/0x870
[  300.038220][ T9052]  ? convert___skb_to_skb+0x590/0x590
[  300.043597][ T9052]  ? eth_get_headlen+0x210/0x210
[  300.048541][ T9052]  ? bpf_prog_test_run_skb+0x7ad/0x12b0
[  300.054083][ T9052]  ? convert___skb_to_skb+0x3d/0x590
[  300.059372][ T9052]  bpf_prog_test_run_skb+0xad2/0x12b0
[  300.064770][ T9052]  ? cpu_online+0x60/0x60
[  300.069104][ T9052]  bpf_prog_test_run+0x321/0x390
[  300.074046][ T9052]  __sys_bpf+0x49d/0x890
[  300.078291][ T9052]  ? bpf_link_show_fdinfo+0x390/0x390
[  300.083684][ T9052]  ? lock_chain_count+0x20/0x20
[  300.088549][ T9052]  __x64_sys_bpf+0x7c/0x90
[  300.092980][ T9052]  do_syscall_64+0x55/0xb0
[  300.097394][ T9052]  ? clear_bhb_loop+0x40/0x90
[  300.102073][ T9052]  ? clear_bhb_loop+0x40/0x90
[  300.106757][ T9052]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  300.112649][ T9052] RIP: 0033:0x7f9257f9ce59
[  300.117069][ T9052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  300.136674][ T9052] RSP: 002b:00007f9258f48028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  300.145089][ T9052] RAX: ffffffffffffffda RBX: 00007f9258215fa0 RCX: 00007f9257f9ce59
[  300.153059][ T9052] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  300.161028][ T9052] RBP: 00007f9258f48090 R08: 0000000000000000 R09: 0000000000000000
[  300.168994][ T9052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  300.176959][ T9052] R13: 00007f9258216038 R14: 00007f9258215fa0 R15: 00007ffdcdb4e108
[  300.184953][ T9052]  </TASK>
[  300.470750][ T9060] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.1161'.
[  300.820582][ T9080] FAULT_INJECTION: forcing a failure.
[  300.820582][ T9080] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.834049][ T9080] CPU: 1 PID: 9080 Comm: syz.2.1170 Not tainted syzkaller #0
[  300.841451][ T9080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  300.851521][ T9080] Call Trace:
[  300.854815][ T9080]  <TASK>
[  300.857762][ T9080]  dump_stack_lvl+0x18c/0x250
[  300.862454][ T9080]  ? show_regs_print_info+0x20/0x20
[  300.867656][ T9080]  ? load_image+0x420/0x420
[  300.872185][ T9080]  ? __might_fault+0xaa/0x120
[  300.876886][ T9080]  ? __lock_acquire+0x7d40/0x7d40
[  300.881937][ T9080]  should_fail_ex+0x39d/0x4d0
[  300.886647][ T9080]  _copy_from_user+0x2f/0xe0
[  300.891263][ T9080]  ___sys_sendmsg+0x1c7/0x360
[  300.895960][ T9080]  ? get_pid_task+0x20/0x1e0
[  300.900592][ T9080]  ? __sys_sendmsg+0x2a0/0x2a0
[  300.905394][ T9080]  ? __lock_acquire+0x7d40/0x7d40
[  300.910469][ T9080]  __se_sys_sendmsg+0x1c2/0x2b0
[  300.915348][ T9080]  ? __x64_sys_sendmsg+0x80/0x80
[  300.920323][ T9080]  ? lockdep_hardirqs_on+0x98/0x150
[  300.925549][ T9080]  do_syscall_64+0x55/0xb0
[  300.929996][ T9080]  ? clear_bhb_loop+0x40/0x90
[  300.934698][ T9080]  ? clear_bhb_loop+0x40/0x90
[  300.939403][ T9080]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  300.945316][ T9080] RIP: 0033:0x7fe94d59ce59
[  300.949748][ T9080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  300.969374][ T9080] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  300.977803][ T9080] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  300.985781][ T9080] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000004
[  300.993764][ T9080] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  301.001766][ T9080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.009741][ T9080] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  301.017740][ T9080]  </TASK>
[  301.024138][   T11] wlan1: Trigger new scan to find an IBSS to join
[  301.028884][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  301.282088][ T9096] netlink: 'syz.3.1176': attribute type 3 has an invalid length.
[  301.291077][ T9096] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1176'.
[  301.975566][ T9111] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  302.011125][ T9111] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.1180'.
[  302.926738][ T9137] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  302.996032][ T9143] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.1191'.
[  303.408925][ T9151] FAULT_INJECTION: forcing a failure.
[  303.408925][ T9151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.479323][ T9151] CPU: 0 PID: 9151 Comm: syz.2.1193 Not tainted syzkaller #0
[  303.486759][ T9151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  303.496828][ T9151] Call Trace:
[  303.500124][ T9151]  <TASK>
[  303.503069][ T9151]  dump_stack_lvl+0x18c/0x250
[  303.507773][ T9151]  ? show_regs_print_info+0x20/0x20
[  303.512989][ T9151]  ? load_image+0x420/0x420
[  303.517513][ T9151]  ? __might_fault+0xaa/0x120
[  303.522209][ T9151]  ? __lock_acquire+0x7d40/0x7d40
[  303.527261][ T9151]  ? __lock_acquire+0x7d40/0x7d40
[  303.532310][ T9151]  should_fail_ex+0x39d/0x4d0
[  303.537009][ T9151]  _copy_from_user+0x2f/0xe0
[  303.541620][ T9151]  perf_copy_attr+0x16a/0x840
[  303.546325][ T9151]  __se_sys_perf_event_open+0x11b/0x1c50
[  303.551983][ T9151]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  303.557810][ T9151]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  303.563473][ T9151]  ? lock_chain_count+0x20/0x20
[  303.568343][ T9151]  ? lockdep_hardirqs_on+0x98/0x150
[  303.573555][ T9151]  ? __x64_sys_perf_event_open+0x20/0xc0
[  303.579214][ T9151]  do_syscall_64+0x55/0xb0
[  303.583656][ T9151]  ? clear_bhb_loop+0x40/0x90
[  303.588351][ T9151]  ? clear_bhb_loop+0x40/0x90
[  303.593049][ T9151]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  303.598968][ T9151] RIP: 0033:0x7fe94d59ce59
[  303.603396][ T9151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  303.623114][ T9151] RSP: 002b:00007fe94b7f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  303.631546][ T9151] RAX: ffffffffffffffda RBX: 00007fe94d816180 RCX: 00007fe94d59ce59
[  303.639530][ T9151] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  303.647518][ T9151] RBP: 00007fe94b7f6090 R08: 0000000000000000 R09: 0000000000000000
[  303.655503][ T9151] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  303.663487][ T9151] R13: 00007fe94d816218 R14: 00007fe94d816180 R15: 00007ffd9e4082d8
[  303.671490][ T9151]  </TASK>
[  305.932608][ T2911] wlan1: Trigger new scan to find an IBSS to join
[  305.933421][   T11] wlan1: Trigger new scan to find an IBSS to join
[  306.182922][ T9157] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  306.226889][ T9157] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.1196'.
[  306.380637][ T9173] FAULT_INJECTION: forcing a failure.
[  306.380637][ T9173] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  306.461379][ T9173] CPU: 1 PID: 9173 Comm: syz.2.1200 Not tainted syzkaller #0
[  306.468811][ T9173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  306.478886][ T9173] Call Trace:
[  306.482188][ T9173]  <TASK>
[  306.485137][ T9173]  dump_stack_lvl+0x18c/0x250
[  306.489838][ T9173]  ? show_regs_print_info+0x20/0x20
[  306.495041][ T9173]  ? load_image+0x420/0x420
[  306.499555][ T9173]  ? __lock_acquire+0x7d40/0x7d40
[  306.504584][ T9173]  ? snprintf+0xe9/0x140
[  306.508834][ T9173]  should_fail_ex+0x39d/0x4d0
[  306.513516][ T9173]  _copy_to_user+0x2f/0xa0
[  306.517933][ T9173]  simple_read_from_buffer+0xe7/0x150
[  306.523310][ T9173]  proc_fail_nth_read+0x1e8/0x260
[  306.528331][ T9173]  ? proc_fault_inject_write+0x360/0x360
[  306.533962][ T9173]  ? fsnotify_perm+0x271/0x5e0
[  306.538720][ T9173]  ? proc_fault_inject_write+0x360/0x360
[  306.544350][ T9173]  vfs_read+0x28b/0x970
[  306.548507][ T9173]  ? kernel_read+0x1e0/0x1e0
[  306.553094][ T9173]  ? __fget_files+0x28/0x4b0
[  306.557681][ T9173]  ? __fget_files+0x28/0x4b0
[  306.562264][ T9173]  ? __fget_files+0x43d/0x4b0
[  306.566941][ T9173]  ? __fdget_pos+0x2a3/0x330
[  306.571523][ T9173]  ? ksys_read+0x75/0x260
[  306.575847][ T9173]  ksys_read+0x150/0x260
[  306.580082][ T9173]  ? vfs_write+0x990/0x990
[  306.584495][ T9173]  ? lockdep_hardirqs_on+0x98/0x150
[  306.589687][ T9173]  do_syscall_64+0x55/0xb0
[  306.594095][ T9173]  ? clear_bhb_loop+0x40/0x90
[  306.598763][ T9173]  ? clear_bhb_loop+0x40/0x90
[  306.603434][ T9173]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  306.609317][ T9173] RIP: 0033:0x7fe94d55d68e
[  306.613729][ T9173] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  306.633338][ T9173] RSP: 002b:00007fe94e36ffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  306.641745][ T9173] RAX: ffffffffffffffda RBX: 00007fe94e3706c0 RCX: 00007fe94d55d68e
[  306.649706][ T9173] RDX: 000000000000000f RSI: 00007fe94e3700a0 RDI: 0000000000000005
[  306.657669][ T9173] RBP: 00007fe94e370090 R08: 0000000000000000 R09: 0000000000000000
[  306.665630][ T9173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.673595][ T9173] R13: 00007fe94d816128 R14: 00007fe94d816090 R15: 00007ffd9e4082d8
[  306.681569][ T9173]  </TASK>
[  306.974460][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  307.105264][ T9187] netlink: 'syz.1.1208': attribute type 21 has an invalid length.
[  307.117508][ T9187] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1208'.
[  307.136593][ T9187] netlink: 16182 bytes leftover after parsing attributes in process `syz.1.1208'.
[  307.147941][ T9187] netlink: 184 bytes leftover after parsing attributes in process `syz.1.1208'.
[  307.159315][   T11] wlan1: Creating new IBSS network, BSSID 86:e8:8c:11:b3:7e
[  307.163018][ T9187] netlink: 'syz.1.1208': attribute type 10 has an invalid length.
[  307.175981][ T9187] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1208'.
[  307.187671][ T9187] batadv0: entered promiscuous mode
[  307.195371][ T9187] batadv0: entered allmulticast mode
[  307.209184][ T9187] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  307.510102][ T9206] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  307.530661][ T9206] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.1212'.
[  307.877383][ T9213] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  307.884269][ T9213] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  308.561626][ T9227] netlink: 'syz.2.1220': attribute type 21 has an invalid length.
[  308.570131][ T9227] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1220'.
[  308.635662][ T9229] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  308.652524][ T9229] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.1222'.
[  308.727210][ T9231] FAULT_INJECTION: forcing a failure.
[  308.727210][ T9231] name failslab, interval 1, probability 0, space 0, times 0
[  308.746775][ T9231] CPU: 0 PID: 9231 Comm: syz.2.1223 Not tainted syzkaller #0
[  308.754184][ T9231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  308.764250][ T9231] Call Trace:
[  308.767533][ T9231]  <TASK>
[  308.770464][ T9231]  dump_stack_lvl+0x18c/0x250
[  308.775148][ T9231]  ? show_regs_print_info+0x20/0x20
[  308.780346][ T9231]  ? load_image+0x420/0x420
[  308.784852][ T9231]  ? __might_sleep+0xe0/0xe0
[  308.789437][ T9231]  ? __lock_acquire+0x7d40/0x7d40
[  308.794459][ T9231]  should_fail_ex+0x39d/0x4d0
[  308.799140][ T9231]  should_failslab+0x9/0x20
[  308.803642][ T9231]  slab_pre_alloc_hook+0x59/0x310
[  308.808667][ T9231]  ? sk_prot_alloc+0xe7/0x210
[  308.813342][ T9231]  ? sk_prot_alloc+0xe7/0x210
[  308.818015][ T9231]  __kmem_cache_alloc_node+0x53/0x250
[  308.823387][ T9231]  ? sk_prot_alloc+0xe7/0x210
[  308.828057][ T9231]  __kmalloc+0xa4/0x230
[  308.832220][ T9231]  sk_prot_alloc+0xe7/0x210
[  308.836718][ T9231]  ? sk_alloc+0x24/0x360
[  308.840961][ T9231]  sk_alloc+0x3a/0x360
[  308.845027][ T9231]  ? bpf_ctx_init+0x163/0x1a0
[  308.849696][ T9231]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  308.855238][ T9231]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  308.860606][ T9231]  ? __fget_files+0x28/0x4b0
[  308.865189][ T9231]  ? __fget_files+0x28/0x4b0
[  308.869780][ T9231]  ? __fget_files+0x43d/0x4b0
[  308.874458][ T9231]  ? cpu_online+0x60/0x60
[  308.878780][ T9231]  bpf_prog_test_run+0x321/0x390
[  308.883712][ T9231]  __sys_bpf+0x49d/0x890
[  308.887948][ T9231]  ? bpf_link_show_fdinfo+0x390/0x390
[  308.893322][ T9231]  ? lock_chain_count+0x20/0x20
[  308.898187][ T9231]  __x64_sys_bpf+0x7c/0x90
[  308.902614][ T9231]  do_syscall_64+0x55/0xb0
[  308.907021][ T9231]  ? clear_bhb_loop+0x40/0x90
[  308.911692][ T9231]  ? clear_bhb_loop+0x40/0x90
[  308.916361][ T9231]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  308.922253][ T9231] RIP: 0033:0x7fe94d59ce59
[  308.926658][ T9231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  308.946257][ T9231] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  308.954663][ T9231] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  308.962626][ T9231] RDX: 0000000000000050 RSI: 0000200000000380 RDI: 000000000000000a
[  308.970585][ T9231] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  308.978545][ T9231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.986507][ T9231] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  308.994485][ T9231]  </TASK>
[  309.018899][ T9230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  309.912088][ T9236] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  309.936630][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  310.262161][ T9250] netlink: 'syz.1.1228': attribute type 10 has an invalid length.
[  310.305910][ T9250] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1228'.
[  310.367848][ T9258] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1230'.
[  310.769166][ T9267] netlink: 'syz.3.1233': attribute type 21 has an invalid length.
[  310.897586][ T9266] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  310.922791][ T1134] wlan1: Creating new IBSS network, BSSID da:72:b2:50:25:0b
[  311.374485][ T9276] __nla_validate_parse: 3 callbacks suppressed
[  311.374514][ T9276] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.1237'.
[  311.670275][ T9290] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  311.687585][ T9290] batman_adv: batadv0: Removing interface: batadv_slave_0
[  311.712875][ T9290] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  311.730694][ T9290] batman_adv: batadv0: Removing interface: batadv_slave_1
[  311.854690][ T9288] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1241'.
[  312.993541][ T9306] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  313.014349][ T9308] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.1246'.
[  313.612514][ T9319] netlink: 'syz.3.1250': attribute type 21 has an invalid length.
[  313.620756][ T9319] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1250'.
[  314.362556][ T9335] FAULT_INJECTION: forcing a failure.
[  314.362556][ T9335] name failslab, interval 1, probability 0, space 0, times 0
[  314.375509][ T9335] CPU: 0 PID: 9335 Comm: syz.0.1255 Not tainted syzkaller #0
[  314.382899][ T9335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  314.392964][ T9335] Call Trace:
[  314.396238][ T9335]  <TASK>
[  314.399159][ T9335]  dump_stack_lvl+0x18c/0x250
[  314.403850][ T9335]  ? show_regs_print_info+0x20/0x20
[  314.409058][ T9335]  ? load_image+0x420/0x420
[  314.413576][ T9335]  should_fail_ex+0x39d/0x4d0
[  314.418259][ T9335]  should_failslab+0x9/0x20
[  314.422755][ T9335]  slab_pre_alloc_hook+0x59/0x310
[  314.427792][ T9335]  kmem_cache_alloc+0x5a/0x2d0
[  314.432567][ T9335]  ? skb_clone+0x1eb/0x370
[  314.436999][ T9335]  skb_clone+0x1eb/0x370
[  314.441238][ T9335]  ? dev_queue_xmit_nit+0x212/0xbb0
[  314.446438][ T9335]  dev_queue_xmit_nit+0x24d/0xbb0
[  314.451455][ T9335]  ? dev_queue_xmit_nit+0x2d/0xbb0
[  314.456560][ T9335]  ? validate_xmit_skb+0x949/0xf60
[  314.461668][ T9335]  dev_hard_start_xmit+0x148/0x740
[  314.466781][ T9335]  __dev_queue_xmit+0x19a3/0x3660
[  314.471808][ T9335]  ? __dev_queue_xmit+0x265/0x3660
[  314.476918][ T9335]  ? slab_post_alloc_hook+0x8a/0x4b0
[  314.482197][ T9335]  ? netdev_core_pick_tx+0x340/0x340
[  314.487470][ T9335]  ? rcu_is_watching+0x15/0xb0
[  314.492232][ T9335]  ? skb_release_data+0x1d1/0x7b0
[  314.497262][ T9335]  __bpf_tx_skb+0x189/0x250
[  314.501759][ T9335]  bpf_clone_redirect+0x30f/0x4a0
[  314.506786][ T9335]  bpf_prog_c6f54bbad6dab1ee+0x5e/0x63
[  314.512236][ T9335]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  314.518209][ T9335]  ? perf_trace_preemptirq_template+0xac/0x330
[  314.524361][ T9335]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  314.530329][ T9335]  ? lockdep_softirqs_on+0x580/0x580
[  314.535605][ T9335]  ? lock_chain_count+0x20/0x20
[  314.540441][ T9335]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  314.546679][ T9335]  ? __local_bh_disable_ip+0x108/0x1a0
[  314.552126][ T9335]  ? __cant_sleep+0x220/0x220
[  314.556790][ T9335]  ? __local_bh_enable_ip+0x13a/0x1c0
[  314.562148][ T9335]  ? _local_bh_enable+0xa0/0xa0
[  314.566988][ T9335]  ? bpf_test_timer_continue+0x135/0x380
[  314.572612][ T9335]  ? bpf_test_run+0x174/0x870
[  314.577277][ T9335]  bpf_test_run+0x2df/0x870
[  314.581778][ T9335]  ? bpf_test_run+0x174/0x870
[  314.586444][ T9335]  ? convert___skb_to_skb+0x590/0x590
[  314.591808][ T9335]  ? eth_get_headlen+0x210/0x210
[  314.596735][ T9335]  ? slab_build_skb+0x25f/0x3f0
[  314.601581][ T9335]  ? convert___skb_to_skb+0x3d/0x590
[  314.606854][ T9335]  bpf_prog_test_run_skb+0xad2/0x12b0
[  314.612226][ T9335]  ? cpu_online+0x60/0x60
[  314.616544][ T9335]  bpf_prog_test_run+0x321/0x390
[  314.621475][ T9335]  __sys_bpf+0x49d/0x890
[  314.625708][ T9335]  ? bpf_link_show_fdinfo+0x390/0x390
[  314.631078][ T9335]  ? lock_chain_count+0x20/0x20
[  314.635927][ T9335]  __x64_sys_bpf+0x7c/0x90
[  314.640358][ T9335]  do_syscall_64+0x55/0xb0
[  314.644780][ T9335]  ? clear_bhb_loop+0x40/0x90
[  314.649461][ T9335]  ? clear_bhb_loop+0x40/0x90
[  314.654145][ T9335]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  314.660035][ T9335] RIP: 0033:0x7f9257f9ce59
[  314.664440][ T9335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  314.684038][ T9335] RSP: 002b:00007f9258f48028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  314.692442][ T9335] RAX: ffffffffffffffda RBX: 00007f9258215fa0 RCX: 00007f9257f9ce59
[  314.700406][ T9335] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  314.708364][ T9335] RBP: 00007f9258f48090 R08: 0000000000000000 R09: 0000000000000000
[  314.716324][ T9335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  314.724284][ T9335] R13: 00007f9258216038 R14: 00007f9258215fa0 R15: 00007ffdcdb4e108
[  314.732257][ T9335]  </TASK>
[  314.981815][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  315.197509][ T9342] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  315.252406][ T9345] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.1258'.
[  315.408664][ T9352] netlink: 61963 bytes leftover after parsing attributes in process `syz.0.1262'.
[  315.958618][ T9361] netlink: 65047 bytes leftover after parsing attributes in process `syz.3.1264'.
[  316.395519][ T9366] netlink: 'syz.1.1266': attribute type 21 has an invalid length.
[  316.415800][ T9366] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1266'.
[  316.449788][ T9368] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1267'.
[  316.484157][ T9368] team0: Port device team_slave_0 removed
[  316.493950][ T9368] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  316.576662][ T9367] delete_channel: no stack
[  317.218360][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  317.225556][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  317.435968][ T9385] netlink: 65047 bytes leftover after parsing attributes in process `syz.2.1274'.
[  317.457920][ T9386] netlink: 'syz.3.1272': attribute type 10 has an invalid length.
[  317.481499][ T9386] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1272'.
[  317.938800][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  318.609352][ T9391] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  318.643706][ T9393] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.1283'.
[  318.725993][ T9401] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1277'.
[  318.754811][ T9401] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  318.803982][ T9400] delete_channel: no stack
[  318.975014][ T9409] netlink: 'syz.1.1281': attribute type 29 has an invalid length.
[  319.006029][ T9409] netlink: 'syz.1.1281': attribute type 29 has an invalid length.
[  319.027204][ T9409] netlink: 'syz.1.1281': attribute type 29 has an invalid length.
[  319.046339][ T9409] netlink: 'syz.1.1281': attribute type 29 has an invalid length.
[  319.069003][ T9409] netlink: 'syz.1.1281': attribute type 29 has an invalid length.
[  319.096500][ T9409] netlink: 763 bytes leftover after parsing attributes in process `syz.1.1281'.
[  319.190257][ T9413] netlink: 65047 bytes leftover after parsing attributes in process `syz.0.1284'.
[  319.575452][ T9425] netlink: 'syz.0.1288': attribute type 21 has an invalid length.
[  319.583766][ T9425] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1288'.
[  320.180683][ T9433] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1291'.
[  320.190111][ T9433] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  320.208754][ T9432] delete_channel: no stack
[  320.487835][ T9441] tc_dump_action: action bad kind
[  320.500941][ T9441] 
@0Ù: renamed from bond_slave_1
[  320.624377][ T9443] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  320.641811][ T9443] netlink: 'syz.1.1296': attribute type 3 has an invalid length.
[  320.805210][ T9451] netlink: 'syz.2.1299': attribute type 29 has an invalid length.
[  320.813867][ T9451] netlink: 'syz.2.1299': attribute type 29 has an invalid length.
[  320.824295][ T9451] netlink: 'syz.2.1299': attribute type 29 has an invalid length.
[  321.068035][ T9462] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  321.533647][ T9474] : port 1(ip6gretap0) entered blocking state
[  321.539983][ T9474] : port 1(ip6gretap0) entered disabled state
[  321.561674][ T9474] ip6gretap0: entered allmulticast mode
[  321.570236][ T9474] ip6gretap0: entered promiscuous mode
[  321.867890][ T9494] __nla_validate_parse: 5 callbacks suppressed
[  321.867914][ T9494] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1314'.
[  321.977078][ T9503] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  322.017055][ T9503] netlink: 16066 bytes leftover after parsing attributes in process `syz.0.1318'.
[  322.893045][   T11] wlan1: Trigger new scan to find an IBSS to join
[  322.901314][ T2911] wlan1: Trigger new scan to find an IBSS to join
[  323.372635][ T9545] FAULT_INJECTION: forcing a failure.
[  323.372635][ T9545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.421347][ T9545] CPU: 1 PID: 9545 Comm: syz.2.1335 Not tainted syzkaller #0
[  323.428816][ T9545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  323.438904][ T9545] Call Trace:
[  323.442212][ T9545]  <TASK>
[  323.445175][ T9545]  dump_stack_lvl+0x18c/0x250
[  323.449896][ T9545]  ? show_regs_print_info+0x20/0x20
[  323.455133][ T9545]  ? load_image+0x420/0x420
[  323.459684][ T9545]  ? __lock_acquire+0x7d40/0x7d40
[  323.464746][ T9545]  ? snprintf+0xe9/0x140
[  323.469033][ T9545]  should_fail_ex+0x39d/0x4d0
[  323.473760][ T9545]  _copy_to_user+0x2f/0xa0
[  323.478222][ T9545]  simple_read_from_buffer+0xe7/0x150
[  323.483640][ T9545]  proc_fail_nth_read+0x1e8/0x260
[  323.488692][ T9545]  ? proc_fault_inject_write+0x360/0x360
[  323.494336][ T9545]  ? fsnotify_perm+0x271/0x5e0
[  323.499117][ T9545]  ? proc_fault_inject_write+0x360/0x360
[  323.504770][ T9545]  vfs_read+0x28b/0x970
[  323.508947][ T9545]  ? kernel_read+0x1e0/0x1e0
[  323.513546][ T9545]  ? __fget_files+0x28/0x4b0
[  323.518138][ T9545]  ? __fget_files+0x28/0x4b0
[  323.522732][ T9545]  ? __fget_files+0x43d/0x4b0
[  323.527422][ T9545]  ? __fdget_pos+0x2a3/0x330
[  323.532013][ T9545]  ? ksys_read+0x75/0x260
[  323.536349][ T9545]  ksys_read+0x150/0x260
[  323.540603][ T9545]  ? vfs_write+0x990/0x990
[  323.545032][ T9545]  ? lockdep_hardirqs_on+0x98/0x150
[  323.550238][ T9545]  do_syscall_64+0x55/0xb0
[  323.554650][ T9545]  ? clear_bhb_loop+0x40/0x90
[  323.559329][ T9545]  ? clear_bhb_loop+0x40/0x90
[  323.564007][ T9545]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  323.569897][ T9545] RIP: 0033:0x7fe94d55d68e
[  323.574312][ T9545] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  323.593915][ T9545] RSP: 002b:00007fe94e390fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  323.602329][ T9545] RAX: ffffffffffffffda RBX: 00007fe94e3916c0 RCX: 00007fe94d55d68e
[  323.610296][ T9545] RDX: 000000000000000f RSI: 00007fe94e3910a0 RDI: 0000000000000006
[  323.618265][ T9545] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  323.626229][ T9545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.634194][ T9545] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  323.642183][ T9545]  </TASK>
[  324.032386][ T9556] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  324.086940][ T9557] validate_nla: 8 callbacks suppressed
[  324.086957][ T9557] netlink: 'syz.3.1338': attribute type 3 has an invalid length.
[  324.102090][ T9557] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.1338'.
[  324.334161][ T9567] netlink: 'syz.1.1341': attribute type 10 has an invalid length.
[  324.351311][ T9567] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1341'.
[  324.655517][ T9569] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1343'.
[  324.727245][ T9569] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  324.755513][ T9569] bond0 (unregistering): (slave team0): Releasing backup interface
[  324.777299][ T9569] bond0 (unregistering): Released all slaves
[  324.971484][   T48] wlan1: Trigger new scan to find an IBSS to join
[  325.931396][   T48] wlan1: Trigger new scan to find an IBSS to join
[  326.055647][ T9598] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1354'.
[  326.071134][ T9597] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  326.095122][ T9597] netlink: 'syz.2.1353': attribute type 3 has an invalid length.
[  326.106980][ T9597] netlink: 16066 bytes leftover after parsing attributes in process `syz.2.1353'.
[  327.088774][ T9634] netlink: 'syz.0.1367': attribute type 9 has an invalid length.
[  327.096703][ T9634] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1367'.
[  327.211781][ T9636] netlink: 'syz.0.1367': attribute type 9 has an invalid length.
[  327.224660][ T9636] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1367'.
[  327.931923][ T2911] wlan1: Trigger new scan to find an IBSS to join
[  327.933682][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  328.109945][ T9643] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1370'.
[  328.391437][ T9650] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  328.406716][ T9650] netlink: 'syz.3.1372': attribute type 3 has an invalid length.
[  328.414956][ T9650] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.1372'.
[  328.881739][ T2927] wlan1: Creating new IBSS network, BSSID 86:5d:c6:1d:1a:d1
[  328.891929][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  329.333104][ T9673] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1381'.
[  329.344482][ T9673] netlink: 'syz.3.1381': attribute type 12 has an invalid length.
[  329.352613][ T9673] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1381'.
[  329.671452][ T9685] netlink: 'syz.3.1387': attribute type 1 has an invalid length.
[  329.683499][ T9685] netlink: 199820 bytes leftover after parsing attributes in process `syz.3.1387'.
[  329.804600][ T9694] FAULT_INJECTION: forcing a failure.
[  329.804600][ T9694] name failslab, interval 1, probability 0, space 0, times 0
[  329.818530][ T9694] CPU: 0 PID: 9694 Comm: syz.1.1391 Not tainted syzkaller #0
[  329.825936][ T9694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  329.835995][ T9694] Call Trace:
[  329.839298][ T9694]  <TASK>
[  329.842223][ T9694]  dump_stack_lvl+0x18c/0x250
[  329.846901][ T9694]  ? show_regs_print_info+0x20/0x20
[  329.852101][ T9694]  ? load_image+0x420/0x420
[  329.856605][ T9694]  ? __might_sleep+0xe0/0xe0
[  329.861194][ T9694]  ? __lock_acquire+0x7d40/0x7d40
[  329.866223][ T9694]  should_fail_ex+0x39d/0x4d0
[  329.870901][ T9694]  should_failslab+0x9/0x20
[  329.875405][ T9694]  slab_pre_alloc_hook+0x59/0x310
[  329.880430][ T9694]  ? page_pool_create+0x71/0x5c0
[  329.885366][ T9694]  __kmem_cache_alloc_node+0x53/0x250
[  329.890746][ T9694]  ? page_pool_create+0x71/0x5c0
[  329.895685][ T9694]  kmalloc_node_trace+0x26/0xe0
[  329.900537][ T9694]  page_pool_create+0x71/0x5c0
[  329.905301][ T9694]  bpf_test_run_xdp_live+0x203/0x1b20
[  329.910676][ T9694]  ? 0xffffffffa00044c0
[  329.914825][ T9694]  ? 0xffffffffa00044c0
[  329.918969][ T9694]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[  329.924856][ T9694]  ? 0xffffffffa00044c0
[  329.929007][ T9694]  ? xdp_convert_md_to_buff+0x330/0x330
[  329.934567][ T9694]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  329.940804][ T9694]  ? _copy_from_user+0xa5/0xe0
[  329.945563][ T9694]  ? bpf_test_init+0x119/0x140
[  329.950317][ T9694]  ? xdp_convert_md_to_buff+0x5b/0x330
[  329.955771][ T9694]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[  329.961143][ T9694]  ? lock_chain_count+0x20/0x20
[  329.965992][ T9694]  ? dev_put+0x80/0x80
[  329.970063][ T9694]  ? dev_put+0x80/0x80
[  329.974128][ T9694]  bpf_prog_test_run+0x321/0x390
[  329.979067][ T9694]  __sys_bpf+0x49d/0x890
[  329.983304][ T9694]  ? bpf_link_show_fdinfo+0x390/0x390
[  329.988688][ T9694]  ? lock_chain_count+0x20/0x20
[  329.993531][ T9694]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  329.999510][ T9694]  __x64_sys_bpf+0x7c/0x90
[  330.003924][ T9694]  do_syscall_64+0x55/0xb0
[  330.008335][ T9694]  ? clear_bhb_loop+0x40/0x90
[  330.013009][ T9694]  ? clear_bhb_loop+0x40/0x90
[  330.017687][ T9694]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  330.023575][ T9694] RIP: 0033:0x7fbee899ce59
[  330.027985][ T9694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.047582][ T9694] RSP: 002b:00007fbee990d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  330.056011][ T9694] RAX: ffffffffffffffda RBX: 00007fbee8c15fa0 RCX: 00007fbee899ce59
[  330.063976][ T9694] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  330.071941][ T9694] RBP: 00007fbee990d090 R08: 0000000000000000 R09: 0000000000000000
[  330.079907][ T9694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.087871][ T9694] R13: 00007fbee8c16038 R14: 00007fbee8c15fa0 R15: 00007ffe11705c88
[  330.095846][ T9694]  </TASK>
[  330.107238][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  330.118801][ T2911] wlan1: Creating new IBSS network, BSSID d6:1f:0a:31:64:d3
[  330.219152][ T9698] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  330.262338][ T9696] netlink: 'syz.0.1389': attribute type 3 has an invalid length.
[  330.272798][ T9696] netlink: 16066 bytes leftover after parsing attributes in process `syz.0.1389'.
[  330.283471][ T5774] Bluetooth: hci2: ISO packet for unknown connection handle 11
[  330.297268][ T9704] FAULT_INJECTION: forcing a failure.
[  330.297268][ T9704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  330.317194][ T9704] CPU: 1 PID: 9704 Comm: syz.3.1394 Not tainted syzkaller #0
[  330.324585][ T9704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  330.334647][ T9704] Call Trace:
[  330.337932][ T9704]  <TASK>
[  330.340861][ T9704]  dump_stack_lvl+0x18c/0x250
[  330.345537][ T9704]  ? show_regs_print_info+0x20/0x20
[  330.350733][ T9704]  ? load_image+0x420/0x420
[  330.355241][ T9704]  ? __might_fault+0xaa/0x120
[  330.359915][ T9704]  ? __lock_acquire+0x7d40/0x7d40
[  330.364941][ T9704]  should_fail_ex+0x39d/0x4d0
[  330.369622][ T9704]  _copy_from_user+0x2f/0xe0
[  330.374212][ T9704]  bpf_prog_test_run_skb+0x266/0x12b0
[  330.379579][ T9704]  ? __fget_files+0x28/0x4b0
[  330.384166][ T9704]  ? __fget_files+0x28/0x4b0
[  330.388755][ T9704]  ? __fget_files+0x43d/0x4b0
[  330.393437][ T9704]  ? cpu_online+0x60/0x60
[  330.397764][ T9704]  bpf_prog_test_run+0x321/0x390
[  330.402701][ T9704]  __sys_bpf+0x49d/0x890
[  330.406941][ T9704]  ? bpf_link_show_fdinfo+0x390/0x390
[  330.412334][ T9704]  ? lock_chain_count+0x20/0x20
[  330.417205][ T9704]  __x64_sys_bpf+0x7c/0x90
[  330.421629][ T9704]  do_syscall_64+0x55/0xb0
[  330.426053][ T9704]  ? clear_bhb_loop+0x40/0x90
[  330.430732][ T9704]  ? clear_bhb_loop+0x40/0x90
[  330.435415][ T9704]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  330.441317][ T9704] RIP: 0033:0x7fd47639ce59
[  330.445732][ T9704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.465335][ T9704] RSP: 002b:00007fd4745f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  330.473743][ T9704] RAX: ffffffffffffffda RBX: 00007fd476615fa0 RCX: 00007fd47639ce59
[  330.481709][ T9704] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  330.489676][ T9704] RBP: 00007fd4745f6090 R08: 0000000000000000 R09: 0000000000000000
[  330.497647][ T9704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.505613][ T9704] R13: 00007fd476616038 R14: 00007fd476615fa0 R15: 00007ffe51f65b28
[  330.513595][ T9704]  </TASK>
[  330.975639][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  331.191987][ T9722] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1398'.
[  332.277471][ T9739] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1404'.
[  332.323744][ T9742] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  332.375382][ T9745] netlink: 'syz.1.1408': attribute type 21 has an invalid length.
[  332.389082][ T9742] netlink: 'syz.2.1406': attribute type 3 has an invalid length.
[  332.397762][ T9745] netlink: 16174 bytes leftover after parsing attributes in process `syz.1.1408'.
[  332.408891][ T9742] netlink: 16066 bytes leftover after parsing attributes in process `syz.2.1406'.
[  333.031570][   T11] wlan1: Trigger new scan to find an IBSS to join
[  333.045635][ T9754] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1410'.
[  333.222238][ T9754] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.244929][ T9754] bond0 (unregistering): Released all slaves
[  333.717106][ T9769] lo: entered allmulticast mode
[  333.723823][ T9766] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1414'.
[  333.746744][ T9769] lo: entered promiscuous mode
[  333.758192][ T9769] lo: left allmulticast mode
[  333.784833][ T9766] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  334.150007][ T9778] FAULT_INJECTION: forcing a failure.
[  334.150007][ T9778] name failslab, interval 1, probability 0, space 0, times 0
[  334.178601][ T9778] CPU: 0 PID: 9778 Comm: syz.0.1418 Not tainted syzkaller #0
[  334.186040][ T9778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  334.196128][ T9778] Call Trace:
[  334.199429][ T9778]  <TASK>
[  334.202383][ T9778]  dump_stack_lvl+0x18c/0x250
[  334.207092][ T9778]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  334.213278][ T9778]  ? show_regs_print_info+0x20/0x20
[  334.218501][ T9778]  ? load_image+0x420/0x420
[  334.223040][ T9778]  ? should_fail_ex+0x322/0x4d0
[  334.227934][ T9778]  should_fail_ex+0x39d/0x4d0
[  334.232650][ T9778]  should_failslab+0x9/0x20
[  334.237176][ T9778]  slab_pre_alloc_hook+0x59/0x310
[  334.242228][ T9778]  ? __lock_acquire+0x7d40/0x7d40
[  334.247271][ T9778]  kmem_cache_alloc_node+0x60/0x320
[  334.252485][ T9778]  ? __alloc_skb+0x103/0x2c0
[  334.257092][ T9778]  __alloc_skb+0x103/0x2c0
[  334.261511][ T9778]  netlink_sendmsg+0x66a/0xbf0
[  334.266283][ T9778]  ? netlink_getsockopt+0x590/0x590
[  334.271482][ T9778]  ? aa_sock_msg_perm+0x94/0x150
[  334.276421][ T9778]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  334.281711][ T9778]  ? security_socket_sendmsg+0x80/0xa0
[  334.287177][ T9778]  ? netlink_getsockopt+0x590/0x590
[  334.292377][ T9778]  ____sys_sendmsg+0x5ba/0x960
[  334.297138][ T9778]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  334.303297][ T9778]  ? __asan_memset+0x22/0x40
[  334.307888][ T9778]  ? __sys_sendmsg_sock+0x30/0x30
[  334.312905][ T9778]  ? __import_iovec+0x3fa/0x850
[  334.317795][ T9778]  ? import_iovec+0x73/0xa0
[  334.322295][ T9778]  ___sys_sendmsg+0x2a6/0x360
[  334.326969][ T9778]  ? __sys_sendmsg+0x2a0/0x2a0
[  334.331764][ T9778]  __se_sys_sendmsg+0x1c2/0x2b0
[  334.336613][ T9778]  ? __x64_sys_sendmsg+0x80/0x80
[  334.341559][ T9778]  do_syscall_64+0x55/0xb0
[  334.345968][ T9778]  ? clear_bhb_loop+0x40/0x90
[  334.350639][ T9778]  ? clear_bhb_loop+0x40/0x90
[  334.355311][ T9778]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  334.361206][ T9778] RIP: 0033:0x7f9257f9ce59
[  334.365623][ T9778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  334.385229][ T9778] RSP: 002b:00007f9258f48028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  334.393638][ T9778] RAX: ffffffffffffffda RBX: 00007f9258215fa0 RCX: 00007f9257f9ce59
[  334.401608][ T9778] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  334.409574][ T9778] RBP: 00007f9258f48090 R08: 0000000000000000 R09: 0000000000000000
[  334.417541][ T9778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.425509][ T9778] R13: 00007f9258216038 R14: 00007f9258215fa0 R15: 00007ffdcdb4e108
[  334.433488][ T9778]  </TASK>
[  334.498908][ T9782] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  334.519867][ T9782] netlink: 'syz.1.1419': attribute type 3 has an invalid length.
[  334.532644][ T9782] netlink: 16066 bytes leftover after parsing attributes in process `syz.1.1419'.
[  334.630506][ T9787] netlink: 'syz.0.1421': attribute type 1 has an invalid length.
[  334.638778][ T9787] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.1421'.
[  334.971876][   T48] wlan1: Trigger new scan to find an IBSS to join
[  335.150944][ T9798] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1425'.
[  335.278935][ T9804] netlink: 'syz.1.1427': attribute type 11 has an invalid length.
[  335.295201][ T9804] netlink: 212832 bytes leftover after parsing attributes in process `syz.1.1427'.
[  335.946824][ T2911] wlan1: Trigger new scan to find an IBSS to join
[  336.419998][ T9829] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  336.455006][ T9829] netlink: 'syz.0.1434': attribute type 3 has an invalid length.
[  336.477419][ T9829] netlink: 16066 bytes leftover after parsing attributes in process `syz.0.1434'.
[  336.906223][ T2927] wlan1: Creating new IBSS network, BSSID c6:49:ac:37:0f:9f
[  336.972453][   T11] wlan1: Trigger new scan to find an IBSS to join
[  337.288171][ T9856] netlink: 'syz.0.1442': attribute type 5 has an invalid length.
[  337.333749][ T9858] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1443'.
[  337.347209][ T9858] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  337.357038][ T9858] CPU: 0 PID: 9858 Comm: syz.0.1443 Not tainted syzkaller #0
[  337.364450][ T9858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  337.374528][ T9858] Call Trace:
[  337.377831][ T9858]  <TASK>
[  337.380785][ T9858]  dump_stack_lvl+0x18c/0x250
[  337.385499][ T9858]  ? show_regs_print_info+0x20/0x20
[  337.390707][ T9858]  ? load_image+0x420/0x420
[  337.395295][ T9858]  sysfs_warn_dup+0x8e/0xa0
[  337.399825][ T9858]  sysfs_do_create_link_sd+0xc0/0x110
[  337.405210][ T9858]  device_add_class_symlinks+0x1cf/0x240
[  337.410895][ T9858]  device_add+0x507/0xc50
[  337.415261][ T9858]  wiphy_register+0x1dad/0x2ae0
[  337.420139][ T9858]  ? cfg80211_event_work+0x40/0x40
[  337.425273][ T9858]  ? minstrel_ht_alloc+0x88a/0x990
[  337.430404][ T9858]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  337.436490][ T9858]  ieee80211_register_hw+0x3464/0x4250
[  337.441999][ T9858]  ? ieee80211_tasklet_handler+0x20/0x20
[  337.447653][ T9858]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  337.453571][ T9858]  ? __debug_object_init+0xec/0x450
[  337.458790][ T9858]  ? __asan_memset+0x22/0x40
[  337.463398][ T9858]  ? __hrtimer_init+0x186/0x270
[  337.468276][ T9858]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  337.474052][ T9858]  ? mac80211_hwsim_free+0x220/0x220
[  337.479357][ T9858]  ? rcu_is_watching+0x15/0xb0
[  337.484153][ T9858]  ? kstrndup+0xbd/0x140
[  337.488446][ T9858]  hwsim_new_radio_nl+0xdc9/0x1a90
[  337.493588][ T9858]  ? __nla_validate+0x50/0x50
[  337.498295][ T9858]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  337.504655][ T9858]  ? __nla_parse+0x40/0x50
[  337.509093][ T9858]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  337.515449][ T9858]  genl_family_rcv_msg_doit+0x211/0x310
[  337.521005][ T9858]  ? end_current_label_crit_section+0x170/0x170
[  337.527267][ T9858]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  337.533182][ T9858]  ? bpf_lsm_capable+0x9/0x10
[  337.537875][ T9858]  ? security_capable+0x89/0xb0
[  337.542748][ T9858]  genl_rcv_msg+0x619/0x7a0
[  337.547272][ T9858]  ? genl_bind+0x360/0x360
[  337.551696][ T9858]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  337.558040][ T9858]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  337.564640][ T9858]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  337.571259][ T9858]  netlink_rcv_skb+0x241/0x4d0
[  337.576054][ T9858]  ? genl_bind+0x360/0x360
[  337.580479][ T9858]  ? netlink_ack+0x1180/0x1180
[  337.585272][ T9858]  ? __lock_acquire+0x7d40/0x7d40
[  337.590304][ T9858]  ? net_generic+0x1e/0x240
[  337.594819][ T9858]  ? down_read+0x1ac/0x2e0
[  337.599245][ T9858]  genl_rcv+0x28/0x40
[  337.603230][ T9858]  netlink_unicast+0x751/0x8d0
[  337.608031][ T9858]  netlink_sendmsg+0x8d0/0xbf0
[  337.612820][ T9858]  ? netlink_getsockopt+0x590/0x590
[  337.618035][ T9858]  ? aa_sock_msg_perm+0x94/0x150
[  337.622986][ T9858]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  337.628274][ T9858]  ? security_socket_sendmsg+0x80/0xa0
[  337.633738][ T9858]  ? netlink_getsockopt+0x590/0x590
[  337.638948][ T9858]  ____sys_sendmsg+0x5ba/0x960
[  337.643732][ T9858]  ? __asan_memset+0x22/0x40
[  337.648330][ T9858]  ? __sys_sendmsg_sock+0x30/0x30
[  337.653361][ T9858]  ? __import_iovec+0x5f2/0x850
[  337.658230][ T9858]  ? import_iovec+0x73/0xa0
[  337.662745][ T9858]  ___sys_sendmsg+0x2a6/0x360
[  337.667434][ T9858]  ? __sys_sendmsg+0x2a0/0x2a0
[  337.672277][ T9858]  __se_sys_sendmsg+0x1c2/0x2b0
[  337.677140][ T9858]  ? __x64_sys_sendmsg+0x80/0x80
[  337.682132][ T9858]  ? lockdep_hardirqs_on+0x98/0x150
[  337.687355][ T9858]  do_syscall_64+0x55/0xb0
[  337.691790][ T9858]  ? clear_bhb_loop+0x40/0x90
[  337.696500][ T9858]  ? clear_bhb_loop+0x40/0x90
[  337.701211][ T9858]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  337.707133][ T9858] RIP: 0033:0x7f9257f9ce59
[  337.711559][ T9858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  337.731181][ T9858] RSP: 002b:00007f9258f48028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.739641][ T9858] RAX: ffffffffffffffda RBX: 00007f9258215fa0 RCX: 00007f9257f9ce59
[  337.747642][ T9858] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  337.755627][ T9858] RBP: 00007f9258032d6f R08: 0000000000000000 R09: 0000000000000000
[  337.763604][ T9858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.771577][ T9858] R13: 00007f9258216038 R14: 00007f9258215fa0 R15: 00007ffdcdb4e108
[  337.779578][ T9858]  </TASK>
[  337.941761][   T48] wlan1: Trigger new scan to find an IBSS to join
[  338.471452][ T9875] syzkaller0: entered promiscuous mode
[  338.476970][ T9875] syzkaller0: entered allmulticast mode
[  338.891824][   T48] wlan1: Trigger new scan to find an IBSS to join
[  340.137359][ T9879] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  340.155554][ T9883] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1453'.
[  340.174545][ T9881] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1452'.
[  340.186285][ T9883] netlink: 'syz.1.1453': attribute type 12 has an invalid length.
[  340.194510][ T9881] openvswitch: netlink: Key type 29 is not supported
[  340.202125][ T9883] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1453'.
[  340.222563][ T9879] netlink: 'syz.2.1451': attribute type 3 has an invalid length.
[  340.236166][ T9879] netlink: 16066 bytes leftover after parsing attributes in process `syz.2.1451'.
[  340.685915][ T9894] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  340.705686][ T9894] netlink: 'syz.3.1457': attribute type 3 has an invalid length.
[  340.713719][ T9894] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.1457'.
[  340.896482][   T48] wlan1: Trigger new scan to find an IBSS to join
[  341.341766][ T9906] syzkaller0: entered promiscuous mode
[  341.347274][ T9906] syzkaller0: entered allmulticast mode
[  341.843932][ T1134] wlan1: Creating new IBSS network, BSSID 3e:05:92:ff:6a:dd
[  341.941488][   T11] wlan1: Trigger new scan to find an IBSS to join
[  342.971788][   T11] wlan1: Trigger new scan to find an IBSS to join
[  342.978493][   T11] wlan1: Trigger new scan to find an IBSS to join
[  343.057767][ T9910] netlink: 'syz.3.1463': attribute type 3 has an invalid length.
[  343.066274][ T9910] netlink: 'syz.3.1463': attribute type 1 has an invalid length.
[  343.074282][ T9910] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1463'.
[  343.092560][ T9909] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1462'.
[  343.105573][ T9909] openvswitch: netlink: Key type 29 is not supported
[  343.271105][ T9917] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  343.299542][ T9917] netlink: 'syz.3.1466': attribute type 3 has an invalid length.
[  343.313209][ T9917] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.1466'.
[  344.143252][ T9931] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1470'.
[  344.333722][ T9938] netlink: 'syz.3.1471': attribute type 10 has an invalid length.
[  344.356676][ T9938] netlink: 65015 bytes leftover after parsing attributes in process `syz.3.1471'.
[  344.416822][ T9936] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  344.674500][ T9949] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1473'.
[  344.898562][   T11] wlan1: Trigger new scan to find an IBSS to join
[  345.866851][ T1134] wlan1: Creating new IBSS network, BSSID f6:2e:76:de:79:fd
[  345.937997][   T11] wlan1: Trigger new scan to find an IBSS to join
[  345.944796][   T12] wlan1: Trigger new scan to find an IBSS to join
[  347.086309][ T9964] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  347.115436][ T9964] netlink: 'syz.3.1480': attribute type 3 has an invalid length.
[  347.131724][ T9964] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.1480'.
[  347.311122][ T9969] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1482'.
[  347.473729][ T9976] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.1484'.
[  347.492967][ T9976] netlink: zone id is out of range
[  347.499472][ T9976] netlink: zone id is out of range
[  347.518661][ T9976] netlink: zone id is out of range
[  347.532624][ T9976] netlink: zone id is out of range
[  347.543339][ T9976] netlink: zone id is out of range
[  347.561527][ T9976] netlink: zone id is out of range
[  347.570450][ T9976] netlink: zone id is out of range
[  347.609280][ T9976] netlink: zone id is out of range
[  347.615751][ T9976] netlink: zone id is out of range
[  347.619421][ T9977] netlink: 'syz.1.1484': attribute type 3 has an invalid length.
[  347.621011][ T9976] netlink: zone id is out of range
[  347.638971][ T9977] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1484'.
[  348.373017][ T5774] Bluetooth: hci0: unexpected event 0x03 length: 151 > 11
[  348.715673][T10023] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.1495'.
[  348.761852][T10014] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1494'.
[  348.804973][T10023] netlink: 'syz.2.1495': attribute type 3 has an invalid length.
[  348.821379][T10023] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1495'.
[  348.891863][   T12] wlan1: Creating new IBSS network, BSSID 8e:e6:5d:42:14:47
[  349.094733][T10027] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  349.152300][T10027] netlink: 'syz.2.1498': attribute type 3 has an invalid length.
[  349.160410][T10027] netlink: 16066 bytes leftover after parsing attributes in process `syz.2.1498'.
[  350.073561][T10045] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.1507'.
[  350.142697][T10045] netlink: 'syz.3.1507': attribute type 3 has an invalid length.
[  350.150806][T10045] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1507'.
[  350.223300][T10047] FAULT_INJECTION: forcing a failure.
[  350.223300][T10047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  350.251749][T10047] CPU: 0 PID: 10047 Comm: syz.2.1508 Not tainted syzkaller #0
[  350.259271][T10047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  350.269347][T10047] Call Trace:
[  350.272648][T10047]  <TASK>
[  350.275598][T10047]  dump_stack_lvl+0x18c/0x250
[  350.280305][T10047]  ? show_regs_print_info+0x20/0x20
[  350.285528][T10047]  ? load_image+0x420/0x420
[  350.290063][T10047]  ? __might_fault+0xaa/0x120
[  350.294768][T10047]  ? __lock_acquire+0x7d40/0x7d40
[  350.299828][T10047]  should_fail_ex+0x39d/0x4d0
[  350.304547][T10047]  _copy_from_user+0x2f/0xe0
[  350.309165][T10047]  ____sys_sendmsg+0x2fd/0x960
[  350.313951][T10047]  ? __lock_acquire+0x7d40/0x7d40
[  350.319011][T10047]  ? __sys_sendmsg_sock+0x30/0x30
[  350.324056][T10047]  ? __import_iovec+0x3fa/0x850
[  350.328939][T10047]  ? import_iovec+0x73/0xa0
[  350.333465][T10047]  ___sys_sendmsg+0x2a6/0x360
[  350.338163][T10047]  ? get_pid_task+0x20/0x1e0
[  350.342781][T10047]  ? __sys_sendmsg+0x2a0/0x2a0
[  350.347585][T10047]  ? __lock_acquire+0x7d40/0x7d40
[  350.352654][T10047]  __se_sys_sendmsg+0x1c2/0x2b0
[  350.357537][T10047]  ? __x64_sys_sendmsg+0x80/0x80
[  350.362508][T10047]  ? lockdep_hardirqs_on+0x98/0x150
[  350.367735][T10047]  do_syscall_64+0x55/0xb0
[  350.372170][T10047]  ? clear_bhb_loop+0x40/0x90
[  350.376872][T10047]  ? clear_bhb_loop+0x40/0x90
[  350.381571][T10047]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  350.387484][T10047] RIP: 0033:0x7fe94d59ce59
[  350.391914][T10047] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  350.411549][T10047] RSP: 002b:00007fe94e391028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  350.419993][T10047] RAX: ffffffffffffffda RBX: 00007fe94d815fa0 RCX: 00007fe94d59ce59
[  350.427986][T10047] RDX: 0000000000000000 RSI: 0000200000001180 RDI: 0000000000000004
[  350.435986][T10047] RBP: 00007fe94e391090 R08: 0000000000000000 R09: 0000000000000000
[  350.443987][T10047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.451983][T10047] R13: 00007fe94d816038 R14: 00007fe94d815fa0 R15: 00007ffd9e4082d8
[  350.459993][T10047]  </TASK>
[  350.594473][T10051] netlink: 'syz.3.1510': attribute type 12 has an invalid length.
[  350.613653][T10051] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1510'.
[  350.906491][   T48] wlan1: Trigger new scan to find an IBSS to join
[  350.940990][T10058] mac80211_hwsim hwsim4 wlan1: entered allmulticast mode
[  351.173777][T10063] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  351.209689][T10063] netlink: 'syz.2.1515': attribute type 3 has an invalid length.
[  351.228522][T10063] netlink: 16066 bytes leftover after parsing attributes in process `syz.2.1515'.
[  351.707941][T10074] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1519'.
[  351.717161][T10074] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1519'.
[  351.815013][T10076] netlink: 'syz.3.1520': attribute type 13 has an invalid length.
[  351.986398][T10076] erspan0: refused to change device tx_queue_len
[  352.110294][T10080] netlink: 'syz.3.1521': attribute type 12 has an invalid length.
[  352.411913][T10091] netlink: 'syz.3.1526': attribute type 46 has an invalid length.
[  352.568692][T10100] FAULT_INJECTION: forcing a failure.
[  352.568692][T10100] name failslab, interval 1, probability 0, space 0, times 0
[  352.587850][T10100] CPU: 0 PID: 10100 Comm: syz.2.1530 Not tainted syzkaller #0
[  352.595340][T10100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  352.605415][T10100] Call Trace:
[  352.608705][T10100]  <TASK>
[  352.611646][T10100]  dump_stack_lvl+0x18c/0x250
[  352.616350][T10100]  ? show_regs_print_info+0x20/0x20
[  352.621561][T10100]  ? load_image+0x420/0x420
[  352.626087][T10100]  ? verify_lock_unused+0x140/0x140
[  352.631310][T10100]  should_fail_ex+0x39d/0x4d0
[  352.636014][T10100]  should_failslab+0x9/0x20
[  352.640535][T10100]  slab_pre_alloc_hook+0x59/0x310
[  352.645587][T10100]  kmem_cache_alloc+0x5a/0x2d0
[  352.650368][T10100]  ? skb_clone+0x1eb/0x370
[  352.654800][T10100]  skb_clone+0x1eb/0x370
[  352.659055][T10100]  __netlink_deliver_tap+0x41c/0x830
[  352.664372][T10100]  ? netlink_deliver_tap+0x2e/0x1b0
[  352.669590][T10100]  netlink_deliver_tap+0x19c/0x1b0
[  352.674718][T10100]  netlink_unicast+0x72c/0x8d0
[  352.679515][T10100]  netlink_sendmsg+0x8d0/0xbf0
[  352.684306][T10100]  ? netlink_getsockopt+0x590/0x590
[  352.689519][T10100]  ? aa_sock_msg_perm+0x94/0x150
[  352.694479][T10100]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  352.699780][T10100]  ? security_socket_sendmsg+0x80/0xa0
[  352.705253][T10100]  ? netlink_getsockopt+0x590/0x590
[  352.710472][T10100]  ____sys_sendmsg+0x5ba/0x960
[  352.715251][T10100]  ? __asan_memset+0x22/0x40
[  352.719848][T10100]  ? __sys_sendmsg_sock+0x30/0x30
[  352.724873][T10100]  ? __import_iovec+0x5f2/0x850
[  352.729742][T10100]  ? import_iovec+0x73/0xa0
[  352.734255][T10100]  ___sys_sendmsg+0x2a6/0x360
[  352.738937][T10100]  ? get_pid_task+0x20/0x1e0
[  352.743541][T10100]  ? __sys_sendmsg+0x2a0/0x2a0
[  352.748331][T10100]  ? __lock_acquire+0x7d40/0x7d40
[  352.753385][T10100]  __se_sys_sendmsg+0x1c2/0x2b0
[  352.758246][T10100]  ? __x64_sys_sendmsg+0x80/0x80
[  352.763207][T10100]  ? lockdep_hardirqs_on+0x98/0x150
[  352.768412][T10100]  do_syscall_64+0x55/0xb0
[  352.772831][T10100]  ? clear_bhb_loop+0x40/0x90
[  352.777514][T10100]  ? clear_bhb_loop+0x40/0x90
[  352.782205][T10100]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  352.788106][T10100] RIP: 0033:0x7fe94d59ce59
[  352.792529][T10100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  352.812138][T10100] RSP: 002b:00007fe94e370028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  352.820567][T10100] RAX: ffffffffffffffda RBX: 00007fe94d816090 RCX: 00007fe94d59ce59
[  352.828548][T10100] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[  352.836527][T10100] RBP: 00007fe94e370090 R08: 0000000000000000 R09: 0000000000000000
[  352.844512][T10100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.852484][T10100] R13: 00007fe94d816128 R14: 00007fe94d816090 R15: 00007ffd9e4082d8
[  352.860483][T10100]  </TASK>
[  352.896614][T10100] netlink: 'syz.2.1530': attribute type 5 has an invalid length.
[  353.002621][T10102] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  353.038278][T10102] netlink: 'syz.0.1531': attribute type 3 has an invalid length.
[  353.118292][T10108] netlink: 'syz.2.1534': attribute type 12 has an invalid length.
[  353.371041][T10118] netlink: 'syz.2.1538': attribute type 5 has an invalid length.
[  354.908053][T10133] netlink: 'syz.2.1545': attribute type 12 has an invalid length.
[  354.916604][T10133] __nla_validate_parse: 9 callbacks suppressed
[  354.916616][T10133] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1545'.
[  354.976554][T10135] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  355.180307][T10141] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  355.215456][T10141] netlink: 'syz.2.1548': attribute type 3 has an invalid length.
[  355.238346][T10141] netlink: 16066 bytes leftover after parsing attributes in process `syz.2.1548'.
[  355.310220][T10145] FAULT_INJECTION: forcing a failure.
[  355.310220][T10145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.326353][T10145] CPU: 0 PID: 10145 Comm: syz.0.1550 Not tainted syzkaller #0
[  355.333834][T10145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  355.343889][T10145] Call Trace:
[  355.347162][T10145]  <TASK>
[  355.350084][T10145]  dump_stack_lvl+0x18c/0x250
[  355.354837][T10145]  ? show_regs_print_info+0x20/0x20
[  355.360033][T10145]  ? load_image+0x420/0x420
[  355.364551][T10145]  ? __might_fault+0xaa/0x120
[  355.369257][T10145]  ? __lock_acquire+0x7d40/0x7d40
[  355.374292][T10145]  should_fail_ex+0x39d/0x4d0
[  355.378996][T10145]  _copy_to_user+0x2f/0xa0
[  355.383426][T10145]  bpf_mprog_query+0x237/0x7b0
[  355.388199][T10145]  ? tcx_prog_query+0x86/0x140
[  355.392960][T10145]  ? bpf_mprog_delete+0x410/0x410
[  355.398008][T10145]  ? lockdep_rtnl_is_held+0x26/0x30
[  355.403346][T10145]  tcx_prog_query+0xd9/0x140
[  355.407946][T10145]  __sys_bpf+0x7a0/0x890
[  355.412194][T10145]  ? bpf_link_show_fdinfo+0x390/0x390
[  355.417578][T10145]  ? lock_chain_count+0x20/0x20
[  355.422435][T10145]  __x64_sys_bpf+0x7c/0x90
[  355.426849][T10145]  do_syscall_64+0x55/0xb0
[  355.431289][T10145]  ? clear_bhb_loop+0x40/0x90
[  355.436066][T10145]  ? clear_bhb_loop+0x40/0x90
[  355.440743][T10145]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  355.446694][T10145] RIP: 0033:0x7f9257f9ce59
[  355.451105][T10145] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  355.470703][T10145] RSP: 002b:00007f9258f48028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  355.479116][T10145] RAX: ffffffffffffffda RBX: 00007f9258215fa0 RCX: 00007f9257f9ce59
[  355.487077][T10145] RDX: 0000000000000040 RSI: 0000200000000240 RDI: 0000000000000010
[  355.495042][T10145] RBP: 00007f9258f48090 R08: 0000000000000000 R09: 0000000000000000
[  355.503008][T10145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.510966][T10145] R13: 00007f9258216038 R14: 00007f9258215fa0 R15: 00007ffdcdb4e108
[  355.518942][T10145]  </TASK>
[  355.544597][T10147] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1549'.
[  355.837281][T10157] netlink: 'syz.0.1554': attribute type 12 has an invalid length.
[  355.851506][T10157] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1554'.
[  355.867111][T10155] netlink: 'syz.1.1553': attribute type 10 has an invalid length.
[  355.878662][T10155] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1553'.
[  355.931737][ T2927] wlan1: Trigger new scan to find an IBSS to join
[  356.120661][T10172] net_ratelimit: 1014 callbacks suppressed
[  356.120677][T10172] netlink: zone id is out of range
[  356.145270][T10172] netlink: set zone limit has 8 unknown bytes
[  356.336423][T10179] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  356.455708][T10183] netlink: 'syz.3.1563': attribute type 12 has an invalid length.
[  356.469650][T10183] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1563'.
[  356.816661][T10185] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  357.063184][T10191] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  357.082554][T10191] netlink: 16066 bytes leftover after parsing attributes in process `syz.1.1566'.
[  357.188053][T10189] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1565'.
[  357.934838][T10206] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1571'.
[  358.204061][T10212] validate_nla: 1 callbacks suppressed
[  358.204084][T10212] netlink: 'syz.1.1573': attribute type 12 has an invalid length.
[  358.218530][T10212] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1573'.
[  358.349882][T10217] FAULT_INJECTION: forcing a failure.
[  358.349882][T10217] name failslab, interval 1, probability 0, space 0, times 0
[  358.371135][T10217] CPU: 1 PID: 10217 Comm: syz.1.1576 Not tainted syzkaller #0
[  358.378660][T10217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  358.388736][T10217] Call Trace:
[  358.392024][T10217]  <TASK>
[  358.394962][T10217]  dump_stack_lvl+0x18c/0x250
[  358.399657][T10217]  ? show_regs_print_info+0x20/0x20
[  358.404871][T10217]  ? load_image+0x420/0x420
[  358.409390][T10217]  ? __might_sleep+0xe0/0xe0
[  358.414035][T10217]  ? __lock_acquire+0x7d40/0x7d40
[  358.419067][T10217]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  358.425067][T10217]  should_fail_ex+0x39d/0x4d0
[  358.429774][T10217]  should_failslab+0x9/0x20
[  358.434290][T10217]  slab_pre_alloc_hook+0x59/0x310
[  358.439390][T10217]  ? lockdep_hardirqs_on+0x98/0x150
[  358.444618][T10217]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  358.450280][T10217]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  358.455833][T10217]  __kmem_cache_alloc_node+0x53/0x250
[  358.461227][T10217]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  358.466779][T10217]  __kmalloc+0xa4/0x230
[  358.470948][T10217]  bpf_prog_test_run_skb+0x238/0x12b0
[  358.476323][T10217]  ? __fget_files+0x28/0x4b0
[  358.480944][T10217]  ? __fget_files+0x28/0x4b0
[  358.485540][T10217]  ? __fget_files+0x43d/0x4b0
[  358.490243][T10217]  ? cpu_online+0x60/0x60
[  358.494585][T10217]  bpf_prog_test_run+0x321/0x390
[  358.499530][T10217]  __sys_bpf+0x49d/0x890
[  358.503785][T10217]  ? bpf_link_show_fdinfo+0x390/0x390
[  358.509174][T10217]  ? lock_chain_count+0x20/0x20
[  358.514042][T10217]  __x64_sys_bpf+0x7c/0x90
[  358.518464][T10217]  do_syscall_64+0x55/0xb0
[  358.522883][T10217]  ? clear_bhb_loop+0x40/0x90
[  358.527567][T10217]  ? clear_bhb_loop+0x40/0x90
[  358.532259][T10217]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  358.538160][T10217] RIP: 0033:0x7fbee899ce59
[  358.542583][T10217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  358.562194][T10217] RSP: 002b:00007fbee990d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  358.570616][T10217] RAX: ffffffffffffffda RBX: 00007fbee8c15fa0 RCX: 00007fbee899ce59
[  358.578601][T10217] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[  358.586584][T10217] RBP: 00007fbee990d090 R08: 0000000000000000 R09: 0000000000000000
[  358.594560][T10217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.602543][T10217] R13: 00007fbee8c16038 R14: 00007fbee8c15fa0 R15: 00007ffe11705c88
[  358.610533][T10217]  </TASK>
[  358.647706][T10218] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  358.891232][T10225] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  358.918777][T10225] netlink: 'syz.0.1579': attribute type 3 has an invalid length.
[  359.142826][T10235] netlink: 'syz.2.1583': attribute type 12 has an invalid length.
[  359.962794][T10246] netlink: 'syz.0.1586': attribute type 29 has an invalid length.
[  359.982665][T10246] netlink: 'syz.0.1586': attribute type 29 has an invalid length.
[  360.002999][T10248] netlink: 'syz.0.1586': attribute type 29 has an invalid length.
[  360.017394][T10246] netlink: 'syz.0.1586': attribute type 29 has an invalid length.
[  360.421736][T10253] netlink: 'syz.1.1589': attribute type 29 has an invalid length.
[  360.452546][T10253] netlink: 'syz.1.1589': attribute type 29 has an invalid length.
[  360.469840][T10257] netlink: 'syz.1.1589': attribute type 29 has an invalid length.
[  360.770673][T10264] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  360.978939][T10162] wlan1: Trigger new scan to find an IBSS to join
[  361.040995][T10268] __nla_validate_parse: 3 callbacks suppressed
[  361.041012][T10268] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1592'.
[  361.458715][T10274] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  361.500177][T10274] netlink: 16066 bytes leftover after parsing attributes in process `syz.1.1594'.
[  363.400651][T10293] validate_nla: 4 callbacks suppressed
[  363.400665][T10293] netlink: 'syz.1.1603': attribute type 12 has an invalid length.
[  363.435106][T10293] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1603'.
[  363.627728][T10300] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  363.681663][T10300] netlink: 'syz.2.1607': attribute type 3 has an invalid length.
[  363.702204][T10300] netlink: 16066 bytes leftover after parsing attributes in process `syz.2.1607'.
[  363.796080][T10308] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1610'.
[  363.807952][T10308] openvswitch: netlink: Key type 29 is not supported
[  363.894961][T10312] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1612'.
[  364.355739][T10323] netlink: 'syz.1.1616': attribute type 12 has an invalid length.
[  364.369223][T10323] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1616'.
[  364.898358][T10337] syzkaller0: entered promiscuous mode
[  364.906478][T10337] syzkaller0: entered allmulticast mode
[  364.914884][T10338] netlink: 'syz.2.1621': attribute type 21 has an invalid length.
[  364.975422][ T1134] wlan1: Trigger new scan to find an IBSS to join
[  367.208453][T10369] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  367.232933][T10369] netlink: 'syz.2.1627': attribute type 3 has an invalid length.
[  367.243908][T10369] netlink: 16066 bytes leftover after parsing attributes in process `syz.2.1627'.
[  367.508954][T10372] netlink: 'syz.1.1628': attribute type 12 has an invalid length.
[  367.527869][T10372] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1628'.
[  367.933123][T10162] wlan1: Trigger new scan to find an IBSS to join
[  368.372419][T10385] netlink: 'syz.2.1633': attribute type 29 has an invalid length.
[  368.385321][T10385] netlink: 'syz.2.1633': attribute type 29 has an invalid length.
[  368.398669][T10386] netlink: 'syz.2.1633': attribute type 29 has an invalid length.
[  368.421558][T10385] netlink: 'syz.2.1633': attribute type 29 has an invalid length.
[  368.584904][T10393] FAULT_INJECTION: forcing a failure.
[  368.584904][T10393] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.611590][T10393] CPU: 0 PID: 10393 Comm: syz.1.1636 Not tainted syzkaller #0
[  368.619092][T10393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  368.629160][T10393] Call Trace:
[  368.632455][T10393]  <TASK>
[  368.635399][T10393]  dump_stack_lvl+0x18c/0x250
[  368.640097][T10393]  ? show_regs_print_info+0x20/0x20
[  368.645317][T10393]  ? load_image+0x420/0x420
[  368.649846][T10393]  ? __might_fault+0xaa/0x120
[  368.654546][T10393]  ? __lock_acquire+0x7d40/0x7d40
[  368.659601][T10393]  should_fail_ex+0x39d/0x4d0
[  368.664318][T10393]  _copy_from_user+0x2f/0xe0
[  368.668932][T10393]  kstrtouint_from_user+0xde/0x170
[  368.674087][T10393]  ? kstrtol_from_user+0x190/0x190
[  368.679246][T10393]  proc_fail_nth_write+0x8f/0x250
[  368.684336][T10393]  ? proc_fail_nth_read+0x260/0x260
[  368.689568][T10393]  ? proc_fail_nth_read+0x260/0x260
[  368.694794][T10393]  vfs_write+0x296/0x990
[  368.699066][T10393]  ? file_end_write+0x250/0x250
[  368.703938][T10393]  ? __fget_files+0x28/0x4b0
[  368.708551][T10393]  ? __fget_files+0x28/0x4b0
[  368.713165][T10393]  ? __fget_files+0x43d/0x4b0
[  368.717876][T10393]  ? __fdget_pos+0x2a3/0x330
[  368.722490][T10393]  ? ksys_write+0x75/0x260
[  368.726938][T10393]  ksys_write+0x150/0x260
[  368.731296][T10393]  ? __ia32_sys_read+0x90/0x90
[  368.736092][T10393]  ? lockdep_hardirqs_on+0x98/0x150
[  368.741321][T10393]  do_syscall_64+0x55/0xb0
[  368.745756][T10393]  ? clear_bhb_loop+0x40/0x90
[  368.750460][T10393]  ? clear_bhb_loop+0x40/0x90
[  368.755172][T10393]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  368.761093][T10393] RIP: 0033:0x7fbee895d68e
[  368.765535][T10393] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  368.785161][T10393] RSP: 002b:00007fbee990cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  368.793590][T10393] RAX: ffffffffffffffda RBX: 00007fbee990d6c0 RCX: 00007fbee895d68e
[  368.801567][T10393] RDX: 0000000000000001 RSI: 00007fbee990d0a0 RDI: 0000000000000004
[  368.809543][T10393] RBP: 00007fbee990d090 R08: 0000000000000000 R09: 0000000000000000
[  368.817521][T10393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.825500][T10393] R13: 00007fbee8c16038 R14: 00007fbee8c15fa0 R15: 00007ffe11705c88
[  368.833499][T10393]  </TASK>
[  369.313182][ T1134] wlan1: Creating new IBSS network, BSSID 9a:a5:f7:33:ae:aa
[  369.336019][T10405] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  369.336588][ T1134] ------------[ cut here ]------------
[  369.351113][ T1134] WARNING: CPU: 1 PID: 1134 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x3d2/0x440
[  369.361734][ T1134] Modules linked in:
[  369.365656][ T1134] CPU: 1 PID: 1134 Comm: kworker/u4:7 Not tainted syzkaller #0
[  369.373304][ T1134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  369.383440][ T1134] Workqueue: cfg80211 cfg80211_event_work
[  369.384631][T10405] netlink: 'syz.1.1640': attribute type 3 has an invalid length.
[  369.389249][ T1134] RIP: 0010:__cfg80211_ibss_joined+0x3d2/0x440
[  369.389283][ T1134] Code: 00 00 00 48 3b 84 24 80 00 00 00 75 5c 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 67 30 a0 f7 0f 0b eb bb e8 5e 30 a0 f7 <0f> 0b 4c 8b 6c 24 18 eb ad e8 50 30 a0 f7 0f 0b e9 e0 fd ff ff e8
[  369.389300][ T1134] RSP: 0018:ffffc9000490fa20 EFLAGS: 00010293
[  369.389320][ T1134] RAX: ffffffff89e6f742 RBX: dffffc0000000000 RCX: ffff888023e29e00
[  369.389336][ T1134] RDX: 0000000000000000 RSI: ffffffff8acacbe0 RDI: ffffffff8b1c9860
[  369.389350][ T1134] RBP: ffffc9000490faf8 R08: ffffffff911c756f R09: 1ffffffff2238ead
[  369.403070][T10405] netlink: 16066 bytes leftover after parsing attributes in process `syz.1.1640'.
[  369.403375][ T1134] R10: dffffc0000000000 R11: fffffbfff2238eae R12: ffff88805c62cc90
[  369.470907][ T1134] R13: 1ffff92000921f4c R14: ffff88802137b5b8 R15: 000000000000001f
[  369.478986][ T1134] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  369.487971][ T1134] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  369.494614][ T1134] CR2: 0000001b2d60eff8 CR3: 000000002c122000 CR4: 00000000003506e0
[  369.502638][ T1134] DR0: 0000200000000300 DR1: 0000200000000300 DR2: 0000000000000000
[  369.510635][ T1134] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  369.518703][ T1134] Call Trace:
[  369.522451][ T1134]  <TASK>
[  369.525400][ T1134]  ? mutex_lock_nested+0x20/0x20
[  369.530419][ T1134]  ? trace_rdev_return_void+0x1c0/0x1c0
[  369.536053][ T1134]  cfg80211_process_wdev_events+0x3bc/0x550
[  369.542042][ T1134]  cfg80211_process_rdev_events+0xa1/0x110
[  369.547872][ T1134]  cfg80211_event_work+0x2f/0x40
[  369.552890][ T1134]  ? process_scheduled_works+0x96f/0x15d0
[  369.558631][ T1134]  process_scheduled_works+0xa5d/0x15d0
[  369.564245][ T1134]  ? worker_attach_to_pool+0x380/0x380
[  369.569723][ T1134]  ? assign_work+0x3d2/0x5d0
[  369.574379][ T1134]  worker_thread+0xa55/0xfc0
[  369.578989][ T1134]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  369.584942][ T1134]  ? _raw_spin_unlock+0x40/0x40
[  369.589821][ T1134]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  369.595830][ T1134]  kthread+0x2fa/0x390
[  369.599922][ T1134]  ? pr_cont_work+0x560/0x560
[  369.604647][ T1134]  ? kthread_blkcg+0xd0/0xd0
[  369.609253][ T1134]  ret_from_fork+0x48/0x80
[  369.613774][ T1134]  ? kthread_blkcg+0xd0/0xd0
[  369.618391][ T1134]  ret_from_fork_asm+0x11/0x20
[  369.623623][ T1134]  </TASK>
[  369.626665][ T1134] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  369.633940][ T1134] CPU: 1 PID: 1134 Comm: kworker/u4:7 Not tainted syzkaller #0
[  369.641473][ T1134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  369.651518][ T1134] Workqueue: cfg80211 cfg80211_event_work
[  369.657241][ T1134] Call Trace:
[  369.660510][ T1134]  <TASK>
[  369.663434][ T1134]  dump_stack_lvl+0x18c/0x250
[  369.668105][ T1134]  ? show_regs_print_info+0x20/0x20
[  369.673299][ T1134]  ? load_image+0x420/0x420
[  369.677809][ T1134]  panic+0x2dc/0x730
[  369.681708][ T1134]  ? bpf_jit_dump+0xd0/0xd0
[  369.686212][ T1134]  ? ret_from_fork_asm+0x11/0x20
[  369.691148][ T1134]  __warn+0x2e0/0x470
[  369.695123][ T1134]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  369.700664][ T1134]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  369.706203][ T1134]  report_bug+0x2be/0x4f0
[  369.710597][ T1134]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  369.716136][ T1134]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  369.721675][ T1134]  ? __cfg80211_ibss_joined+0x3d4/0x440
[  369.727212][ T1134]  handle_bug+0xcf/0x120
[  369.731449][ T1134]  exc_invalid_op+0x1a/0x50
[  369.736115][ T1134]  asm_exc_invalid_op+0x1a/0x20
[  369.740958][ T1134] RIP: 0010:__cfg80211_ibss_joined+0x3d2/0x440
[  369.747103][ T1134] Code: 00 00 00 48 3b 84 24 80 00 00 00 75 5c 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 67 30 a0 f7 0f 0b eb bb e8 5e 30 a0 f7 <0f> 0b 4c 8b 6c 24 18 eb ad e8 50 30 a0 f7 0f 0b e9 e0 fd ff ff e8
[  369.766699][ T1134] RSP: 0018:ffffc9000490fa20 EFLAGS: 00010293
[  369.772758][ T1134] RAX: ffffffff89e6f742 RBX: dffffc0000000000 RCX: ffff888023e29e00
[  369.780717][ T1134] RDX: 0000000000000000 RSI: ffffffff8acacbe0 RDI: ffffffff8b1c9860
[  369.788678][ T1134] RBP: ffffc9000490faf8 R08: ffffffff911c756f R09: 1ffffffff2238ead
[  369.796640][ T1134] R10: dffffc0000000000 R11: fffffbfff2238eae R12: ffff88805c62cc90
[  369.804603][ T1134] R13: 1ffff92000921f4c R14: ffff88802137b5b8 R15: 000000000000001f
[  369.812575][ T1134]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  369.818125][ T1134]  ? mutex_lock_nested+0x20/0x20
[  369.823056][ T1134]  ? trace_rdev_return_void+0x1c0/0x1c0
[  369.828601][ T1134]  cfg80211_process_wdev_events+0x3bc/0x550
[  369.834494][ T1134]  cfg80211_process_rdev_events+0xa1/0x110
[  369.840291][ T1134]  cfg80211_event_work+0x2f/0x40
[  369.845220][ T1134]  ? process_scheduled_works+0x96f/0x15d0
[  369.850930][ T1134]  process_scheduled_works+0xa5d/0x15d0
[  369.856495][ T1134]  ? worker_attach_to_pool+0x380/0x380
[  369.861955][ T1134]  ? assign_work+0x3d2/0x5d0
[  369.866542][ T1134]  worker_thread+0xa55/0xfc0
[  369.871124][ T1134]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  369.877012][ T1134]  ? _raw_spin_unlock+0x40/0x40
[  369.881851][ T1134]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  369.887749][ T1134]  kthread+0x2fa/0x390
[  369.891806][ T1134]  ? pr_cont_work+0x560/0x560
[  369.896486][ T1134]  ? kthread_blkcg+0xd0/0xd0
[  369.901062][ T1134]  ret_from_fork+0x48/0x80
[  369.905471][ T1134]  ? kthread_blkcg+0xd0/0xd0
[  369.910051][ T1134]  ret_from_fork_asm+0x11/0x20
[  369.914821][ T1134]  </TASK>
[  369.918088][ T1134] Kernel Offset: disabled
[  369.922454][ T1134] Rebooting in 86400 seconds..