last executing test programs:

9.945198005s ago: executing program 1 (id=4641):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x2, 0x200000000000001, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/net\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup=r2, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40)

9.776431544s ago: executing program 1 (id=4643):
bpf$ITER_CREATE(0x21, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680), 0x0, 0x0, 0x0, 0x7400}, 0x20004800)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="7a0af8ff7525757cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1ae9f2cfe401dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd853eb3f12225bfcca581f04f317c8301b43267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4800b3c26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692f01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f7e91411f3f1b16f065624f2"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x600, 0x4000000}, 0x28)

9.542202736s ago: executing program 1 (id=4645):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
perf_event_open(0x0, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x8)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x513, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x202, 0x0, 0xffffffff, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001600)={@fallback=r1, 0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='b 75:*\tw\nr'], 0xa)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80044, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_bp={0x0}, 0x0, 0x5}, 0xffffffffffffffff, 0xfffffeffffffffff, 0xffffffffffffffff, 0x3)
recvmsg(r0, &(0x7f00000017c0)={&(0x7f0000000100)=@qipcrtr, 0x80, &(0x7f0000001780)=[{&(0x7f0000000240)=""/96, 0x60}, {&(0x7f0000001500)=""/232, 0xe8}, {&(0x7f0000001640)=""/117, 0x75}, {&(0x7f00000016c0)=""/144, 0x90}], 0x4}, 0x2040)
socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, 0x0}, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002a40)}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003940)=[{&(0x7f0000000500)=""/4086, 0xff6}], 0x1}, 0x40000000)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f020033000b35d25a806c8c6f94f90f24fc60586507000c000300053582c137153e371a0c0980fc0b10070300", 0x33fe0}], 0x1}, 0x0)

8.990544866s ago: executing program 1 (id=4647):
r0 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x241, @empty}, 0x80, 0x0}, 0x20000000)

8.630866684s ago: executing program 1 (id=4651):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/net\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup=r2, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40)

8.425018845s ago: executing program 1 (id=4652):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0xc, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1e}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000440)={r0, &(0x7f0000000280)="181fcc78e30c54b7430459f885dd44675c95b95ffd2a48cbecd41fa85d1ddd17daa8234d5fb919965d1a9e7ca03f4caba4cebf16718e8cec0892ae6b13f25bd8b9fa193e4c5606e079b739a9b6b69459824003b2110b1d43b1be47cb7e4ae40dc00b2aa2dcb51661befc9f5c2d3a753e5a80dfa79be8d0ea22b3b510925666a269d781a0cbbb12b62208b899aad0afc938ec22a2afe68c1a54df9f2586e46c750e90c6943f4522d9f5b1389c5229ebda84385f4179c9ae3a666f058c9b1bb197d7901aaeadce40f6d2cf8cc926be2c4d9bde1cc519789c03099f47fc", &(0x7f0000000400)}, 0x20)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, @perf_config_ext={0x10}, 0x0, 0xc8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000900)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000100)=0x8000000000000000, 0x12)
write$cgroup_subtree(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8100032f00fc08000000110200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x12100, 0xc8, 0x2, 0x8, 0x0, 0x10001, 0xa, 0x0, 0x800, 0x0, 0x2}, 0x0, 0x5, 0xffffffffffffffff, 0xa)
r6 = socket$kcm(0xa, 0x3, 0x3a)
r7 = socket$kcm(0x29, 0x2, 0x0)
close(r7)
r8 = socket$kcm(0x2b, 0x1, 0x0)
close(r8)
socket$kcm(0x2, 0x3, 0x84)
setsockopt$sock_attach_bpf(r7, 0x1, 0xd, &(0x7f0000000080), 0x2cb)
close(r8)
sendmsg$kcm(r6, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000140)='\x00\x00', 0x2}], 0x1, 0x0, 0x0, 0x900}, 0x80a5)

3.698439744s ago: executing program 0 (id=4677):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = socket$kcm(0x11, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x4, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000065c4c0aebc30ffff000000000a00000091119800ecff000095000000"], &(0x7f0000000c40)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="240000001e006bcd9e3fe3dc6e08000007000000000000007ea60864160af36504005425", 0x24}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x102)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xf}, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r7}, &(0x7f0000000080), &(0x7f0000000240)=r8}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x10000, 0x800000, 0x9, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x9006000, &(0x7f00000030c0)=[{&(0x7f0000000180)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r10)
sendmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0xdd86, 0x2c}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x28}], 0x1}, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x1)
r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0x3, [@union={0x4, 0x9, 0x0, 0x5, 0x0, 0x0, [{0x3, 0x3, 0x3}, {0x8, 0x1, 0xd1}, {0x9, 0x3, 0x2c5}, {0xb, 0x5, 0x7f}, {0xb, 0x2, 0x1}, {0xe, 0x2, 0xd1}, {0x7, 0x0, 0x1}, {0xc, 0x1, 0x6282}, {0x10, 0x3, 0x2}]}]}, {0x0, [0x2e]}}, &(0x7f0000000380)=""/245, 0x93, 0xf5, 0x0, 0xcf1, 0x10000}, 0x28)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000600)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80, '\x00', 0x0, r11, 0x3, 0x5}, 0x50)

2.941940634s ago: executing program 2 (id=4679):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1046c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x7, 0xfffffffffffffffd}, 0x0, 0xc8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="8c38f0ff10ff"], 0x0, 0x42, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000080)=[0x0, 0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x9, 0x1, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], 0x0, 0xcb, &(0x7f0000000180)=[{}], 0x8, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x8e, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@bloom_filter={0x1e, 0x16a2, 0xfffffffa, 0x7fffffff, 0xa819, r2, 0x87, '\x00', r3, r2, 0x2, 0x5, 0x0, 0x9, @value=r2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000c9"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, 0x0, 0xc}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa067707"], 0xfdef)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xffc0)

2.809421731s ago: executing program 3 (id=4680):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0100000001000000400000004000000041000000", @ANYRES32, @ANYBLOB="feffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000006cc1705f15528f1f8d2e329b6378e07ede2a46ffef645b151848c68bc2d1dfef2d3c09a62c3ba400cf462932"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000840), &(0x7f00000003c0), 0x1003, r0}, 0x38) (async)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) (async)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x15, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{0x1}, &(0x7f0000000680), &(0x7f0000000700)='%pB    \x00'}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000600000004000000000000010400000000040000000000000000000d040000000000000000000002040000000400000000000008030000000000000061"], 0x0, 0x52}, 0x28) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50) (async)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc) (async)
socketpair$nbd(0x1, 0x1, 0x0, 0x0) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x22}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f4305", 0x0, 0x6f12, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r4 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$sock(r4, &(0x7f0000000400)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x80, 0x0}, 0x2004c040) (async)
r5 = perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x235fd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x20005, 0x4, 0x0, 0x8, 0x4000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f00000000c0)='cpu\t>0&&\t')
sendmsg$kcm(r4, &(0x7f00000019c0)={0x0, 0x0, 0x0}, 0x20040010)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000b80)={r0, &(0x7f00000005c0), &(0x7f0000000b40)=""/31}, 0x20)

2.697784327s ago: executing program 2 (id=4681):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b700000081000300bfa30000000000000703000006feffff720a00fef8ffffff71a4f0ff0000000072030000000000001d400500000000004704000001ed000072030200000000001d44feff000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f1ce2bdb1ab062cd542476e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c107571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb3bc2f950d2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d1abf3cb17b40ac9b10968f38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f053fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d61f3b39c64307f9c82b2807c9ff4a269841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67a41b9e320146ee9f566a28ccf4767a2602ddf5d0ff11fc6d6665c32423613f79a8d1d142d621fef529b1708ce89701890515e2437c6a93f3fccb64df075917deb53f117f20c75cd4e932ebf991a2d6d4af7ed957327afac37a26840f85db26e7d93a1011d946d61bee6c0176e42b3e4358c24cb9e9376f5aeda9619cdf41902f0f2ec4e248a10848e44959c618658a572d626584ca11ad7d6b2efeff02d432e91f9dd5d425b5a80f2d24fa25a9e52ee4a5aa884a519d12715dbd49edeec3a270b43760b3d4243aa94e204b41e76dbf98f380f21d8cae7d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x10000000}, 0x10}, 0x3d)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1}, &(0x7f0000000040), &(0x7f0000000080)=r0}, 0x20)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000011008188040f80ec59acbca313a181002c000000000400000010001f0e0027000f00000000800200121f", 0x2e}], 0x1}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000780)={'bridge0\x00', @random="0100"})

2.585212903s ago: executing program 3 (id=4682):
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4f34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x10001, 0xb}, 0x42, 0xc8, 0x0, 0x5, 0x65, 0x0, 0x211, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0x1, 0xffffffff}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r0, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000780), &(0x7f00000007c0), <r3=>0x0, 0x9a, &(0x7f0000000800)=[{}, {}], 0x10, 0x10, &(0x7f0000000840), &(0x7f0000000340), 0x3, 0x6d, 0x8, 0x0, 0x0}}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000400)='GPL\x00', 0x1a43, 0x9b, &(0x7f0000000580)=""/155, 0x40f00, 0x6a, '\x00', 0x0, @xdp=0x25, r0, 0x8, &(0x7f0000000440)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, r3, r0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x14, &(0x7f0000000200)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r4, r0}, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x3, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x80, 0x0}, 0xfc80)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x41, 0x0, 0x11}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003880)={0x0, 0x0, &(0x7f0000003800)=[{&(0x7f00000008c0)}, {&(0x7f0000000580)="e9c0ea81a1db2c72c49448d5be8d1ade68fd4cf8f3152b7a20f8cc1bd2a51f87a287d13a5a5af8f120f8e64e02ef6865939f0a69b8fbc468adf542edecf0e52459d57770f57288a5a8d6602f19a2d68e9d87c3417e1bab0cd7d422b31e213ac820d52ee0a205dd14bba2f7", 0x6b}, {&(0x7f00000024c0)="0c5c65d702bde91511a4d13f5e2c42d966ea8e54b65f3598ea1d10b920715ff8a01713ef63c0f76e5615d3ad359f19b5e9d12f510e7abbb61b21707b64936556080b914407e7845d6f7a2b62fec4f4ca5b9d4eef0d7a7f62770f8823d6ba13e79e5434ee4a212c96f98a306f81ea5e10caccd14ec65a08885ec2204632a9414beb6e33b16d510fdd348d4378ce3ef867fd1ce1906e491e6a2c1f4c0f7b4883b0b1fc32f6a5f769b08a568422aaac5bb55f5496c7c77f11ad5c676f0e02548fe8ea2ac8f77748a614f3356d3bce9e97bb87a1e0d4e70ae27abf32c51481bc97ae9cf7d54520276240237f807808bd956d5fe06f721eaa046b92435d338ab37d48b82276305aaf4445fea8020862dd0070af6b824c055dc7cf0af756f8955d20af5772509a720dae34195f2011d23bba505c29a4b825bc8d24926f9377e1754aa597c56eb9b2c74f9ebf6f2758fb51bb99f2454ebab1e9ba9b4dd997438fbbcb489b0f4da47e14729d5fae2345f242c806c3ddfbea86376c1cd99320d61b277cd89f11e4c2e4ccc412a15b4a1a5a40fcaec9974132942154814c4c5b66fb03b240347053ffaa6ccad6b25ac0c04cbc915d6ad59d0df86da6e578c76f5e1bd30e57bee72f42dc037390c1b5606636dcb12c281cf6dee81f7729583160cbff0a9718e56ace130994df7c73468f382e53e64f1985b7c0c7c1038fb3e814c84ec64bb04cc8debb6a12bf2fe5b33b2a4f5d599dd05aaa476bb50a3d361fa1e85765cd69d6420a8cb5be598c37b7ec98e6814d05d3b048c70a687f36d9c2358141ebde90dff9b067f9a3d738306a43b62bff96856db79a9d9954cc2cb37b121f580511c8f5571c50779afecb3f1e18f56fd29531322a630404b3ac5dbb706743b7523a691dd7cc5eab7da5c232ad41567535dd66aacf63f33c9f83e03312d6aeaec09704b95adc491a197fc3fc77af5a2aefcd0ede826061792acf41e53a7e977b5fa32fb19ec4e72f2403a070a837f04979e4d8248f36f59ce48cd152e2fc930f78289d9b5cce632ff8fcacb79baa2e0af8719435c7fb3c5c28fe0b9bc0560b81b104974b4c7c5db831718de6380bbe75a97baa04e28fa53b7bbf1b9655c13e7ede4543c79852218f11c9fe73a45a6f86ee20540ab717f297983819bffdcc6e547d2fe9fca9f668ef6da9a3b65a3b3d3fd6593d714e6ccf11fd0f6a7b8e9dcd6aa8484fa8e4e8f44dde9acbd5b58375fc5976c03378a422ae3f6908c29617ae529082eca382c4d611b2e7c6bcdb813a7e71a39692c18ff11b38a23832c62423cbc0db742b198915ba8c3e434f5b6bd200695a8a4a07148d32d4b4cc9c94ba3e16f637691e2b27de75ecc72ff0088071d94366670cac894a1f9b41dd33917f5318c55283ea08521ac260f72d2c9dfc56d40b26f134dc8f6285847a48f91301a532bd38a50488c6a5a927feb1665c80a2c7120e6e6de95a74ca5e17e9555596269183003a9234246ba8ae0c81d1f7bcf81a2f0b6e60bd763a40073b212fd3705a7a1d0706bfd8ca21877614ac5f4e35fac13bcd496fb46abe29f2fd5d8cca2389048a87a5054f09d6e1d12df51db7b8ed2ac34618aa532b53a9571bd1ea769ddadacac24d033e055ae108cca0c0af2efd2fa095569dec4acf3e91e9c188f15dc2255c02829043298895f371d2a2757c50226246492cc6b7236a87b9f1be617ac4d8113150e266588c27309ff4ebb5892a11ab276993822f2b912149839f584b37c313ad833ed90b34c8c55e748a75e7f589f52cfd534efb8eba45402a3f034caa176c10df4c1126a97b044777bfa86e2c94ffcb172864ea40d07869e4ebe4f3fc026b42c00d31d08999cefe87928d45dfa0765c25c9c929c150347f5f63cd8bcb7043cda6ca2e21a6333db4f2bdda017a52ebb13ccdba1527498681b06cb659b6acc5d31996eb1222ef9a80e395978998327f358b8895f44452a0ecc44bdef536cb70060db1fc75bb6473558e7545e524c9fb1fcd041b319cf21a218b9d8c1d837a5f8a92009454393de8349f1bc42e9c997f9a73d0fc123a86a55dec614043e6f96bb2ee2d14ba040104538ea642d7771d4ed165c8868907cb9139628a0263dcba9498cbec585841de79e8055f2192caa867aa3f45cecb266d6afd903aaf98b3b664695716dc63b61bf9889086abd54c1471f65ae7609e597d30d1e40b7ae78422cc69ea424f435f2d97a859ec6b56cd4069d24f6c977cf025daab321912e05da5f3fa462d1be4ec214762acfc602460d7963501835991a62aae85ad06be7f34388b91b6c59460be4e4837e70ced5821c9bb344002f15fdc800684d6392cbe1b1c33b9c7bfad009df25f21bebc07d61066d6de67cb2837b5c39f958561e59f6042d002dea6cf3cb91207c681dad387dfbf47a9f9476a527e2c3b45c16a3f4d332720249fc2dad3f30bb49a7aa4192d6ea93f845c415867645c1cd63d05441db142e09bd5a4cde06b0f9732fa11b9ff937c50ea35b8362897d2c83a71f7bce4b826aae93a826e576019de3da005b7ffbb16fcad961dcdffce3ed4eb46f2016fad5d46c2d9c140ecc68a1d24bc9995a5f8304a36fd6c727bd581761b47b238a21ae1edec112878cb45b6834f35a701076952d1f04d9429aa9e316272a2b0480b3ccde7768113a9030dab7225455675ea143404a2ba1bafd43037b72c23cc00ea5b8c0b7b4172d37af8ab7f8e16647e0b5f9178588390e96e51d272be858c47d24754337da895ecce6af37792525f6360f24bf40ccf99bcf6863f93b73337348a34a4926140e4598c4118ac1fdb59f4d880b25cacad35b71e2693f878e5589a50f8deb04c3558b614ccd8b2ab4b83eb68e6ad61ae9ff0d569d3853123cf872e3d7af306e2eaca0d70667f0768563526587d37c11eba3694a8dd0676ca9ee0489ef827c8ebdaaad8d200d392639289c9798cfc2fab8a5f4a47b857c37fafbffd715f8cc9162256c5b35a4e697c7a6844034b818b2c32dff39f38b0b4138ae540b4becebc280729f8e0c598baf2f94d85951faec3415de2b202803d7c5730c03df90de09deee5095e0f01c8df11198e22cd2ac45e5be8d8efc39fd356b2a72844dcb1538bbe869e74d59098341fbbe5b1a8a9dd8a3500022692f91978259910de97987eddaad164fa7b45ce777ac421905553efd9d2633144360d489d835807180ff4b36c236c5a35541185b5b735ec2faab6cfbc17185d906cd76c6d370c31234babb6af40546f2c8e7bda4cb2fda30e0dfcc29dff2a551c8b9ca1c5c8d29682597f9e5c60e0940987b492a0f16fb80db64837ab252d33123c2e1da9cf68d7a67bbb6d9704505740b5574f89be9068bf90eeb077ffce597e5c852289db73364dfd2af56ac5afa03654b816ed541842e4fccbbb7b5246d529c61f9a8401e4fabc33f266709d029ecf788c9e6239f1c665362a58169a5b5785339178e327c351313cae17b1708360a4357923238c5aa830ae2f8244d953b0491307f20bd6cf03f0ed7591540c48aa06333e6c3ebe7b0efbf2cb9c2097c681382ab3fdfb9a46c50bece15f6b1b4536ac3de18dd6b3e7d61378a16c0cf0b455c9872784443b437cbf76ffe94d65ad042cfb604fffbf97709215979fc37fda1065b3ce0f927fea322d43b28e23dde483e25ea449c1a021c76e020cdc4a099598b3301bad0b864a09080695f984e07ee347de15e0c8f55353408c281d1b37f426c1143b88725945bfa63984f49362c9dbc9e5dc8d8adf10998fca34eb1424fc4349145a2fe18c3461e0dd2393a656fd1ea72a9ab1fe168aad74482f2111fafc4de587d0501d11f8ee37c5c3f36e38f0200bdf82fbf45e9008557dbe3a44e35077ffdde52d36ad719a5def7debab4c024b900facc2e404245598109b39d2b1eefaad8671bac36f7eb90809d3698b06a125903af3930e1429699235b040ba53f435fa4c10373f7edc2cb3c4cb2d2b928e292b59205ba3ff20f4256954891f4e68d4972614d87598d076082b93744a94e3d48caa81458957a17a8881328c61870f28b9efa641cd19a839d662b678ffb664cbedc4b5d164407379b4bed652109c3e0e501f4b8218d526769eeb42d85e6fa721b43def873b70fd54cda2fc21f4bdb7e5676687a2555d7592f30f69914cf5b905cbfea7fb21504441182814ceb8d3890f5bd647438166ed302830b6c72562523d033dd65a0fae7ab77f25753af23d926f7d91010bd66894dd057f7328fff38486ccb8f4d3824fef569728aaf83ef2212c12b0a930c3c8ffe0888b760cd6d54fbd733924d3f3b435e3ef3361e904e65e265921b3d7bad2665ba6414d62b13eb4986a746f34c499260ddbe24610067f42d83d334b2b32730311e29afaa89567f86e08d5925396f1a7cc69d3c7b40c10161cff3fa77de0d01cac6669e09ea7a6bdbc659a7d7df5b4efbbb178cfc269b40c2d531449fa0da8bd33f0b3a823b7bea16b09b06f4a42b045b98b368a055839800cd4834c820625a22a97803020fed94099440baf48427724e395ffebb49ae18d6c35e7abb2826b5a4c48ae2199af36b7d0ee70b71038d4ba2dbc514ed1ff1a8814513ec649b4546d20f1031a089cbb195b54591e8ceae60224a83a6a874dfb37ce9b26e8d660b6b1d033babc504e3c10c856ac61a7474e767329b8ac8806d3233544448a42e5eca36da9b326d022f4066906db1ca7354bdabbd8647b924601b5b37650a2a6e1353484fc58cef25c09cad3e7e9f52f3056c89c227ed4cd5a8362a5f5799056c215aaafd63c3d53bbae35a757f2d2b6910a3aafe217aa9bf19bdbb70876d2bcfcd1e1a3807da5fb55f8dd3886736fedf92e9de29c453cc771209239911e89e4e313264de41fabd49a3c0d0cb756c9d6d9a8a02aabca0c91a70e01fa89eb4c7c61ebb1fb464b78eb6bffad7b31ebb910f2f6e50e0b1e003236ee4508f03af3d0e55f4a5919ff2aac40a63b3d5141c501bab1a83bc2ee240fc654a180c1dbfc74e96079f53312cbb67c060103cc43220926a4f8caf948897524d84b6c9f9eefe30e357e9ea3df80d2ea591027721b9e99f05fa323931eed190eb46484fb08e6f310ca28e03a4b8c7b85ca88816c6a2324f5d18ccbaca6510ce47d35dd83911ab9f82f365027998aaaa3aa41d6df1a4c840bf8f89ae23825413919d58ec90aca8c88f765e0f030795bd9a534462c78aa965523debc85c68dac7a98d01b6bd19fa260fc3f7f7d97eed12f6a8e9a0f237120d68ae08f21acd4b7e5b1590d4c5fd3a9a7f55407948c68b33864ca67950668413151a76374150ee19f782c018f7ae5c6b8b029d6c1b342b8f0d8594fb95f8435802a18d68fa30582e5c1b310c09ec3cc275ddc40bbf30e23e806eee58b71233eeb0e440ef41ec66698097337eb78f5a57481f140781ae139acdca93add56ae28b8c9633beff1b07fec726d6265386453ee5e7f9526ad278ad5270fb8de1994d1d912eed11aa4d2da77bd9924a8544083daa7a1bf8569f7a048f5468c89e53961076ea36009d421917dc6df851a6a5c3170ae65a14d090947364083db6ae5b2ffd863b33d446cc2c05d8f59aa96ce1e8ccc8aa7db1453b9eab5446bb7046100cff8299962fe51644855920f8413a07a3435813ab6cc5eff8f651b58b0001e1665b4e1a4371e3f27594f141cd3dd67c3651312f427e01a1163d97db0b274ff67dff45592c61bfd7bb4d88212ea6d42446749a677fdf63a78a0bff3ce6b6789759c74c887880ac885b532ea0178d0d8ee842a9c098b5a6c0a31664684", 0x1000}, {&(0x7f0000003580)}, {&(0x7f0000003700)="caf8e098b2cb26275a44bb1487e85f962b8b4c4e2c560ac0036baee03e604f4d359dd0ed98e0", 0x26}, {&(0x7f0000003740)="47a290f5452d0d323c43169701bb694adbb339ddf9d35066450b2d7816746203026f7cdbbb440f626c2a843477fd16d7e22fbb2e17957fc524128946542c4463d5a46fe8dee87d26f75304ded9b545eeaa8cd8c689708578bd66a12c9b1fe99c947e3df593a2249ec918a973ead00c3b290408bd25bd3d5d4823a8068b90a4490f36713eaafa64e030938445fee0d6ea71e3dda31e43ac0a7e7224f8854e492d45bf67f157a9bd987de3c96b36925c5dca45bba71e8990e60e3fc6", 0xbb}], 0x6}, 0x8000)
r6 = socket$kcm(0x2, 0x5, 0x84)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x74000000, 0x61, 0x11, 0x70}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe}, 0x82)
socketpair(0x6, 0x0, 0x6, &(0x7f0000000880)={<r7=>0xffffffffffffffff})
recvmsg(r7, &(0x7f0000000dc0)={&(0x7f0000000a40)=@l2tp6={0xa, 0x0, 0x0, @initdev}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000ac0)=""/5, 0x5}, {&(0x7f0000000b00)=""/18, 0x12}], 0x2, &(0x7f0000000d00)=""/171, 0xab}, 0x40002002)
r8 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r8, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r8, &(0x7f0000000040)={&(0x7f0000000280)=@caif=@dgm={0x25, 0x9, 0x9}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000680)="62042700590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69d456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7992570484dcb0b28356a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33000000c3c0afa58c8ba7b0611c6f8dbb26d1cf4b054e57ec07fac560d6c6945355dd2aed617e6adfc2a90516a7fefd0ac29d321af6123cf53b2e9d912f662823dd2c15017e6921040ca2355b79fa6c39ebdee3bb0264ac5de34c547f2f24878a463cf3d17b80bd61f933f9db62b7323f00efec9eb460ca5997a2647dfb1c5d82db13df38b44da3a3496494459b5d58b2e5e63338b00f3d085bc20c86bdf99a2473efde74eb8ba488802db107df99d8e3eb37b2e6e598fc86099ab308cfaeb60c3f964537bd6c4602424de10540d023e8da1c290510f2dfecb733", 0x1b5}, {&(0x7f0000000c00)="294f28dfe56d2c8ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0106869a804dd2a44ce42557b2e32e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c53cea91ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f3c6a9448c3206cff6d290b433f331c2399e99ee3bdecf5689eddc3e549966c1106a933bbc47b65ca6e9d7efbee6e3b1dbe87313111e85336d6890002db17751b6044f964dc90ea466f9085", 0xf7}], 0x2}, 0x4008001)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e00)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x8002, 0x1, 0x9}, {0x10000002, 0x0, 0x6, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
close(r10)
recvmsg$unix(r9, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r11=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x84, 0x64, &(0x7f0000000000)=r11, 0x10)
sendmsg$inet(r6, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0xff04}], 0x1}, 0x80d1)

2.581428773s ago: executing program 0 (id=4683):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0x1, 0xffffffff}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000400)='GPL\x00', 0x1a43, 0x9b, &(0x7f0000000580)=""/155, 0x40f00, 0x6a, '\x00', 0x0, @xdp=0x25, r0, 0x8, &(0x7f0000000440)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x2, 0x9, 0xffff, 0x7}, 0x10, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r2, r0}, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x3, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x80, 0x0}, 0xfc80)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x41, 0x0, 0x11}, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x8000)
r4 = socket$kcm(0x2, 0x5, 0x84)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
socketpair(0x6, 0x0, 0x6, &(0x7f0000000880)={<r5=>0xffffffffffffffff})
recvmsg(r5, 0x0, 0x40002002)
r6 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r6, &(0x7f0000000040)={&(0x7f0000000280)=@caif=@dgm={0x25, 0x9, 0x9}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000680)="62042700590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69d456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7992570484dcb0b28356a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33000000c3c0afa58c8ba7b0611c6f8dbb26d1cf4b054e57ec07fac560d6c6945355dd2aed617e6adfc2a90516a7fefd0ac29d321af6123cf53b2e9d912f662823dd2c15017e6921040ca2355b79fa6c39ebdee3bb0264ac5de34c547f2f24878a463cf3d17b80bd61f933f9db62b7323f00efec9eb460ca5997a2647dfb1c5d82db13df38b44da3a3496494459b5d58b2e5e63338b00f3d085bc20c86bdf99a2473efde74eb8ba488802db107df99d8e3eb37b2e6e598fc86099ab308cfaeb60c3f964537bd6c4602424de10540d023e8da1c290510f2dfecb733", 0x1b5}, {&(0x7f0000000c00)="294f28dfe56d2c8ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0106869a804dd2a44ce42557b2e32e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c53cea91ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f3c6a9448c3206cff6d290b433f331c2399e99ee3bdecf5689eddc3e549966c1106a933bbc47b65ca6e9d7efbee6e3b1dbe87313111e85336d6890002db17751b6044f964dc90ea466f9085", 0xf7}], 0x2}, 0x4008001)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e00)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x8002, 0x1, 0x9}, {0x10000002, 0x0, 0x6, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x84, 0x64, &(0x7f0000000000)=r9, 0x10)
sendmsg$inet(r4, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0xff04}], 0x1}, 0x80d1)

2.45377569s ago: executing program 3 (id=4684):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
perf_event_open(0x0, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x8)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x513, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x202, 0x0, 0xffffffff, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001600)={@fallback=r1, 0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='b 75:*\tw\nr'], 0xa)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80044, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_bp={0x0}, 0x0, 0x5}, 0xffffffffffffffff, 0xfffffeffffffffff, 0xffffffffffffffff, 0x3)
recvmsg(r0, &(0x7f00000017c0)={&(0x7f0000000100)=@qipcrtr, 0x80, &(0x7f0000001780)=[{&(0x7f0000000240)=""/96, 0x60}, {&(0x7f0000001500)=""/232, 0xe8}, {&(0x7f0000001640)=""/117, 0x75}, {&(0x7f00000016c0)=""/144, 0x90}], 0x4}, 0x2040)
socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, 0x0}, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081084e81f782db44b904021d080006067c09e8fe55a10a0015400800142603600e120800160000001001a8001600a400014003000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x6000}, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003940)=[{&(0x7f0000000500)=""/4086, 0xff6}], 0x1}, 0x40000000)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f020033000b35d25a806c8c6f94f90f24fc60586507000c000300053582c137153e371a0c0980fc0b10070300", 0x33fe0}], 0x1}, 0x0)

2.334459166s ago: executing program 0 (id=4685):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1200000016000000080000000200", @ANYRES32=0x0], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r1, 0x0, 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x1}, 0x1090da, 0x0, 0x0, 0x0, 0x0, 0x4, 0x749}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000002000000020000000080000000300000001000006040000000a00000001000000000045da00000000000000000030615f2e30"], &(0x7f00000002c0)=""/142, 0x40, 0x8e, 0x1, 0x9}, 0x28)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
socket$kcm(0x11, 0x3, 0x300)
close(r1)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)

2.222233363s ago: executing program 2 (id=4686):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/net\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup=r2, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40)

2.060545461s ago: executing program 2 (id=4687):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0x4)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000740)={&(0x7f00000004c0)="3b89fb8529f4e5df62d031d1bd4ff5d674c2655250382b6d1b824943102687f53e0b6140650f3aa8113abd3131fe69a951d9b781732b91ab1f478a483dc31502857974d53314690fcf114ed1450836c36092e403055808b702996fa6ed0749c2af363e585523081c6e43838958dd1c2f7515135e3cb1f59a0ed7018b186536d1144b1edf4ae5473d7a062d8a2340a2fb16dc79fb2093", &(0x7f0000000580)=""/70, 0x0, 0x0, 0x2, r1}, 0x38)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r0, r1})
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(r2)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x11, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x3}, 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={0xffffffffffffffff, r2}, 0xc)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001201", 0x2e}], 0x1}, 0x0) (fail_nth: 3)

2.005538634s ago: executing program 3 (id=4688):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, 0x0, 0x0, 0x2edb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000012, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 5)

1.832307883s ago: executing program 2 (id=4689):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000026000000080000000b"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, &(0x7f0000000340), &(0x7f0000000380)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000400)={r1, &(0x7f0000000240)}, 0x20)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="1c0000001d008102e00f80ecdb4cb9f207c804a00d00000088081afb", 0x1c}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x3, r3, 0x2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e1c, 0x0, @remote, 0x3}, 0x80, 0x0}, 0x8000)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, &(0x7f0000000080))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000000006c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r4, &(0x7f0000000080)=0x4, 0x12)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x5, 0xfe, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x7, 0x6}, 0x102014, 0x10000, 0x89, 0x5, 0x7, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x4, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r6, 0x29, 0x13, 0x0, 0xfcd8)
sendmsg$inet(r5, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x1c, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
r7 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="364000001a00913a"], 0x82d7)
recvmsg(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000002200)=""/4096, 0x1000}, {&(0x7f0000003200)=""/4073, 0xfe9}, {&(0x7f0000000080)=""/169, 0xa9}, {&(0x7f0000000fc0)=""/175, 0xaf}, {&(0x7f00000003c0)=""/6, 0x6}, {&(0x7f00000004c0)=""/207, 0xcf}, {&(0x7f0000000300)=""/89, 0x59}, {&(0x7f0000001200)=""/247, 0xf7}, {&(0x7f0000001380)=""/162, 0xa2}], 0x9}, 0x0)
recvmsg$kcm(r7, &(0x7f0000001340)={0x0, 0x0, 0x0}, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000040))

1.621206344s ago: executing program 0 (id=4690):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0x4)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000740)={&(0x7f00000004c0)="3b89fb8529f4e5df62d031d1bd4ff5d674c2655250382b6d1b824943102687f53e0b6140650f3aa8113abd3131fe69a951d9b781732b91ab1f478a483dc31502857974d53314690fcf114ed1450836c36092e403055808b702996fa6ed0749c2af363e585523081c6e43838958dd1c2f7515135e3cb1f59a0ed7018b186536d1144b1edf4ae5473d7a062d8a2340a2fb16dc79fb2093", &(0x7f0000000580)=""/70, 0x0, 0x0, 0x2, r1}, 0x38)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r0, r1})
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(r2)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x11, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x3}, 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={0xffffffffffffffff, r2}, 0xc)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001201", 0x2e}], 0x1}, 0x0)

1.1292617s ago: executing program 3 (id=4691):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = socket$kcm(0x11, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x4, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000065c4c0aebc30ffff000000000a00000091119800ecff000095000000"], &(0x7f0000000c40)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="240000001e006bcd9e3fe3dc6e08000007000000000000007ea60864160af36504005425", 0x24}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x102)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xf}, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r7}, &(0x7f0000000080), &(0x7f0000000240)=r8}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x10000, 0x800000, 0x9, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x9006000, &(0x7f00000030c0)=[{&(0x7f0000000180)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r10)
sendmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0xdd86, 0x2c}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x28}], 0x1}, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x1)
r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0x3, [@union={0x4, 0x9, 0x0, 0x5, 0x0, 0x0, [{0x3, 0x3, 0x3}, {0x8, 0x1, 0xd1}, {0x9, 0x3, 0x2c5}, {0xb, 0x5, 0x7f}, {0xb, 0x2, 0x1}, {0xe, 0x2, 0xd1}, {0x7, 0x0, 0x1}, {0xc, 0x1, 0x6282}, {0x10, 0x3, 0x2}]}]}, {0x0, [0x2e]}}, &(0x7f0000000380)=""/245, 0x93, 0xf5, 0x0, 0xcf1, 0x10000}, 0x28)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000600)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80, '\x00', 0x0, r11, 0x3, 0x5}, 0x50)

694.558483ms ago: executing program 0 (id=4692):
r0 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r0, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x80, 0x0, 0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x40080c0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = perf_event_open$cgroup(&(0x7f0000000140)={0x0, 0x80, 0x1, 0x74, 0x9, 0x0, 0x0, 0x5, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x1, @perf_config_ext={0x7fffffffffffffff, 0x2}, 0x1, 0xff, 0x80000000, 0x1, 0xf8, 0xfffffa6a, 0x3, 0x0, 0x8c6, 0x0, 0x400}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x5)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f00000001c0)=0x101)
ioctl$SIOCSIFHWADDR(r1, 0x8946, &(0x7f0000000040)={'ipvlan1\x00', @random='\x00\x00\x00\x00\x00 '})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYRESOCT=r2], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x101080, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8924, &(0x7f0000000100)={'lo\x00'})
ioctl$SIOCSIFHWADDR(r4, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x8}})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000580)={&(0x7f00000002c0)="cb7ac065a699ce7fe809694d23b09e4c6b3cae2c0535808e40ed245577696fa81dd51313c376d05beafb54b402f9a2d045aed0b71c5024607af3467dce356f228ab298c82eec612d548f54a6d9244499f89684301331da42388ecaa1866e62396c18847e582030be87ec38dfbb758ccf61599b0328b91734e1f227acace968a57bc14b49ccbd95cd645192ab39a319686ce6b041aa5517ab273241ca29", &(0x7f0000000380)=""/207, &(0x7f0000000480)="15a2f83091ad99660816865635632adc3dedef3d0b48714404ce9b45eda5ad88abd28ec6fc29f82ba4ac4f370986b1e8b394f03668ab81f19b82b1c2139102faf6be", &(0x7f0000000500)="d6589cbb4f17a04ca75091d958d194c202763cdcd27684b885d828681c18e48bd43b17e58e3f7290229bac3a0e64fcd0621072d66e673ddb5753b7345497757b1d51813330b3dbff05b89a", 0x491, r3, 0x4}, 0x38)

610.009858ms ago: executing program 2 (id=4693):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0x1, 0xffffffff}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000400)='GPL\x00', 0x1a43, 0x9b, &(0x7f0000000580)=""/155, 0x40f00, 0x6a, '\x00', 0x0, @xdp=0x25, r0, 0x8, &(0x7f0000000440)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x2, 0x9, 0xffff, 0x7}, 0x10, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r2, r0}, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x3, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x80, 0x0}, 0xfc80)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x41, 0x0, 0x11}, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x8000)
r4 = socket$kcm(0x2, 0x5, 0x84)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
socketpair(0x6, 0x0, 0x6, &(0x7f0000000880)={<r5=>0xffffffffffffffff})
recvmsg(r5, 0x0, 0x40002002)
r6 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r6, &(0x7f0000000040)={&(0x7f0000000280)=@caif=@dgm={0x25, 0x9, 0x9}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000680)="62042700590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69d456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7992570484dcb0b28356a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33000000c3c0afa58c8ba7b0611c6f8dbb26d1cf4b054e57ec07fac560d6c6945355dd2aed617e6adfc2a90516a7fefd0ac29d321af6123cf53b2e9d912f662823dd2c15017e6921040ca2355b79fa6c39ebdee3bb0264ac5de34c547f2f24878a463cf3d17b80bd61f933f9db62b7323f00efec9eb460ca5997a2647dfb1c5d82db13df38b44da3a3496494459b5d58b2e5e63338b00f3d085bc20c86bdf99a2473efde74eb8ba488802db107df99d8e3eb37b2e6e598fc86099ab308cfaeb60c3f964537bd6c4602424de10540d023e8da1c290510f2dfecb733", 0x1b5}, {&(0x7f0000000c00)="294f28dfe56d2c8ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0106869a804dd2a44ce42557b2e32e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c53cea91ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f3c6a9448c3206cff6d290b433f331c2399e99ee3bdecf5689eddc3e549966c1106a933bbc47b65ca6e9d7efbee6e3b1dbe87313111e85336d6890002db17751b6044f964dc90ea466f9085", 0xf7}], 0x2}, 0x4008001)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e00)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x8002, 0x1, 0x9}, {0x10000002, 0x0, 0x6, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x84, 0x64, &(0x7f0000000000)=r9, 0x10)
sendmsg$inet(r4, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0xff04}], 0x1}, 0x80d1)

18.927799ms ago: executing program 0 (id=4694):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0xb056, 0x4, 0x43a1bd76, 0x5, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x86bf2056334f3ae6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$tipc(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000010}, 0x20000080)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0xfda8, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x2)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$tipc(r8, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x4000041)
close(r8)
close(r7)
write$cgroup_subtree(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="8fedcb7907031175"], 0xfdef)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x52cc)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xc}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x48}], {0x95, 0x0, 0x9}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

0s ago: executing program 3 (id=4695):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
perf_event_open(0x0, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x8)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x513, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x202, 0x0, 0xffffffff, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001600)={@fallback=r1, 0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='b 75:*\tw\nr'], 0xa)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80044, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_bp={0x0}, 0x0, 0x5}, 0xffffffffffffffff, 0xfffffeffffffffff, 0xffffffffffffffff, 0x3)
recvmsg(r0, &(0x7f00000017c0)={&(0x7f0000000100)=@qipcrtr, 0x80, &(0x7f0000001780)=[{&(0x7f0000000240)=""/96, 0x60}, {&(0x7f0000001500)=""/232, 0xe8}, {&(0x7f0000001640)=""/117, 0x75}, {&(0x7f00000016c0)=""/144, 0x90}], 0x4}, 0x2040)
socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, 0x0}, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081084e81f782db44b904021d080006067c09e8fe55a10a0015400800142603600e120800160000001001a8001600a400014003000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x6000}, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003940)=[{&(0x7f0000000500)=""/4086, 0xff6}], 0x1}, 0x40000000)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f020033000b35d25a806c8c6f94f90f24fc60586507000c000300053582c137153e371a0c0980fc0b10070300", 0x33fe0}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

  do_syscall_64+0x55/0xa0
[  903.007556][T18526]  ? clear_bhb_loop+0x40/0x90
[  903.012427][T18526]  ? clear_bhb_loop+0x40/0x90
[  903.017208][T18526]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  903.023296][T18526] RIP: 0033:0x7f824a79c819
[  903.027809][T18526] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  903.047863][T18526] RSP: 002b:00007f824b61e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  903.056382][T18526] RAX: ffffffffffffffda RBX: 00007f824aa15fa0 RCX: 00007f824a79c819
[  903.064536][T18526] RDX: 0000000000000007 RSI: 0000000000000084 RDI: 0000000000000003
[  903.072779][T18526] RBP: 00007f824b61e090 R08: 0000000000000004 R09: 0000000000000000
[  903.080864][T18526] R10: 00002000000007c0 R11: 0000000000000246 R12: 0000000000000001
[  903.089015][T18526] R13: 00007f824aa16038 R14: 00007f824aa15fa0 R15: 00007fff58f88748
[  903.097115][T18526]  </TASK>
[  903.142554][T18527] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4127'.
[  903.324008][T18535] __nla_validate_parse: 1 callbacks suppressed
[  903.324028][T18535] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4130'.
[  903.362445][T18532] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4130'.
[  903.495756][T18543] netlink: 128 bytes leftover after parsing attributes in process `syz.0.4133'.
[  903.523095][T18543] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  904.196007][T18572] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4142'.
[  904.227341][T18572] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4142'.
[  904.971596][T18607] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4152'.
[  905.004028][T18603] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4152'.
[  905.050909][T18608] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  905.311099][T18620] tun0: tun_chr_ioctl cmd 1074025677
[  905.319094][T18620] tun0: linktype set to 768
[  905.326159][T18620] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  905.338220][T18620] batadv_slave_1: entered allmulticast mode
[  905.367026][T18620] dvmrp1: tun_chr_ioctl cmd 1074025675
[  905.378240][T18620] dvmrp1: persist disabled
[  905.383790][T18620] netlink: 'syz.2.4157': attribute type 21 has an invalid length.
[  905.393135][T18620] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4157'.
[  905.690399][T18636] netlink: 15231 bytes leftover after parsing attributes in process `syz.1.4162'.
[  905.758852][T18640] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4164'.
[  909.568661][T18670] __nla_validate_parse: 1 callbacks suppressed
[  909.568678][T18670] netlink: 1 bytes leftover after parsing attributes in process `syz.2.4173'.
[  909.783183][T18685] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4176'.
[  909.845328][T18685] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4176'.
[  910.324898][T18703] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4183'.
[  910.346278][T18703] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4183'.
[  910.433817][T18707] FAULT_INJECTION: forcing a failure.
[  910.433817][T18707] name failslab, interval 1, probability 0, space 0, times 0
[  910.449236][T18707] CPU: 1 PID: 18707 Comm: syz.2.4186 Not tainted syzkaller #0
[  910.456834][T18707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  910.467088][T18707] Call Trace:
[  910.470444][T18707]  <TASK>
[  910.473750][T18707]  dump_stack_lvl+0x18c/0x250
[  910.478654][T18707]  ? show_regs_print_info+0x20/0x20
[  910.483975][T18707]  ? load_image+0x420/0x420
[  910.488607][T18707]  ? __might_sleep+0xe0/0xe0
[  910.493408][T18707]  ? __lock_acquire+0x7d40/0x7d40
[  910.498649][T18707]  should_fail_ex+0x39d/0x4d0
[  910.503426][T18707]  should_failslab+0x9/0x20
[  910.507937][T18707]  slab_pre_alloc_hook+0x59/0x310
[  910.513125][T18707]  kmem_cache_alloc_node+0x60/0x320
[  910.518430][T18707]  ? __alloc_skb+0x103/0x2c0
[  910.523029][T18707]  __alloc_skb+0x103/0x2c0
[  910.527617][T18707]  netlink_dump+0x1ec/0xe50
[  910.532212][T18707]  ? ethnl_ops_complete+0xc0/0xc0
[  910.537439][T18707]  ? netlink_lookup+0x200/0x200
[  910.542335][T18707]  ? genl_start+0x574/0x6b0
[  910.547028][T18707]  __netlink_dump_start+0x5f1/0x810
[  910.552416][T18707]  genl_family_rcv_msg_dumpit+0x214/0x310
[  910.558610][T18707]  ? genl_rcv_msg+0x7a0/0x7a0
[  910.563460][T18707]  ? genl_get_cmd+0x692/0x920
[  910.568228][T18707]  ? genl_family_rcv_msg_doit+0x310/0x310
[  910.574486][T18707]  ? genl_start+0x6b0/0x6b0
[  910.579171][T18707]  ? genl_dumpit+0x1a0/0x1a0
[  910.583796][T18707]  genl_rcv_msg+0x5e5/0x7a0
[  910.588523][T18707]  ? genl_bind+0x360/0x360
[  910.592960][T18707]  ? ethnl_default_doit+0xb80/0xb80
[  910.598288][T18707]  ? ethnl_default_start+0x560/0x560
[  910.603600][T18707]  ? ethnl_default_dumpit+0x8a0/0x8a0
[  910.609064][T18707]  ? ref_tracker_free+0x690/0x840
[  910.614530][T18707]  netlink_rcv_skb+0x241/0x4d0
[  910.619956][T18707]  ? genl_bind+0x360/0x360
[  910.624567][T18707]  ? netlink_ack+0x1180/0x1180
[  910.629876][T18707]  ? __lock_acquire+0x7d40/0x7d40
[  910.635437][T18707]  ? down_read+0x1ac/0x2e0
[  910.639934][T18707]  genl_rcv+0x28/0x40
[  910.644035][T18707]  netlink_unicast+0x751/0x8d0
[  910.649010][T18707]  netlink_sendmsg+0x8d0/0xbf0
[  910.653785][T18707]  ? netlink_getsockopt+0x590/0x590
[  910.659539][T18707]  ? aa_sock_msg_perm+0x94/0x150
[  910.664562][T18707]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  910.670359][T18707]  ? security_socket_sendmsg+0x80/0xa0
[  910.676033][T18707]  ? netlink_getsockopt+0x590/0x590
[  910.681375][T18707]  ____sys_sendmsg+0x5ba/0x960
[  910.686413][T18707]  ? __asan_memset+0x22/0x40
[  910.691115][T18707]  ? __sys_sendmsg_sock+0x30/0x30
[  910.696200][T18707]  ? __import_iovec+0x5f2/0x850
[  910.701637][T18707]  ? import_iovec+0x73/0xa0
[  910.706273][T18707]  ___sys_sendmsg+0x2a6/0x360
[  910.711121][T18707]  ? get_pid_task+0x20/0x1e0
[  910.715710][T18707]  ? __sys_sendmsg+0x2a0/0x2a0
[  910.720653][T18707]  ? __lock_acquire+0x7d40/0x7d40
[  910.725869][T18707]  __se_sys_sendmsg+0x1c2/0x2b0
[  910.731067][T18707]  ? __x64_sys_sendmsg+0x80/0x80
[  910.736183][T18707]  ? lockdep_hardirqs_on+0x98/0x150
[  910.741573][T18707]  do_syscall_64+0x55/0xa0
[  910.746219][T18707]  ? clear_bhb_loop+0x40/0x90
[  910.750992][T18707]  ? clear_bhb_loop+0x40/0x90
[  910.755668][T18707]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  910.761734][T18707] RIP: 0033:0x7f2293f9c819
[  910.766243][T18707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  910.786284][T18707] RSP: 002b:00007f2294dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  910.795411][T18707] RAX: ffffffffffffffda RBX: 00007f2294215fa0 RCX: 00007f2293f9c819
[  910.803845][T18707] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  910.812157][T18707] RBP: 00007f2294dc5090 R08: 0000000000000000 R09: 0000000000000000
[  910.820576][T18707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  910.828547][T18707] R13: 00007f2294216038 R14: 00007f2294215fa0 R15: 00007ffea9da6b08
[  910.836626][T18707]  </TASK>
[  910.866475][T18709] FAULT_INJECTION: forcing a failure.
[  910.866475][T18709] name failslab, interval 1, probability 0, space 0, times 0
[  910.891987][T18709] CPU: 0 PID: 18709 Comm: syz.1.4187 Not tainted syzkaller #0
[  910.899987][T18709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  910.910374][T18709] Call Trace:
[  910.913683][T18709]  <TASK>
[  910.917021][T18709]  dump_stack_lvl+0x18c/0x250
[  910.921837][T18709]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  910.928578][T18709]  ? show_regs_print_info+0x20/0x20
[  910.933849][T18709]  ? load_image+0x420/0x420
[  910.938422][T18709]  should_fail_ex+0x39d/0x4d0
[  910.943244][T18709]  should_failslab+0x9/0x20
[  910.948047][T18709]  slab_pre_alloc_hook+0x59/0x310
[  910.953415][T18709]  kmem_cache_alloc+0x5a/0x2d0
[  910.958437][T18709]  ? dst_alloc+0x105/0x170
[  910.963158][T18709]  dst_alloc+0x105/0x170
[  910.967438][T18709]  ip_route_output_key_hash_rcu+0x14f6/0x2370
[  910.973578][T18709]  ? ip_route_output_key_hash+0x13d/0x330
[  910.979327][T18709]  ip_route_output_key_hash+0x1f3/0x330
[  910.985004][T18709]  ? ip_route_input_rcu+0x30f0/0x30f0
[  910.990527][T18709]  ? dst_release+0x121/0x1a0
[  910.995241][T18709]  ip_route_output_flow+0x2a/0x150
[  911.000395][T18709]  tcp_v4_connect+0xd4c/0x18e0
[  911.005297][T18709]  ? __stack_depot_save+0x1f/0x630
[  911.010579][T18709]  ? tcp_twsk_unique+0x990/0x990
[  911.015855][T18709]  __inet_stream_connect+0x254/0xdc0
[  911.021394][T18709]  ? inet_dgram_connect+0x360/0x360
[  911.026894][T18709]  tcp_sendmsg_fastopen+0x3a7/0x5d0
[  911.032244][T18709]  tcp_sendmsg_locked+0x4621/0x4bd0
[  911.037573][T18709]  ? verify_lock_unused+0x140/0x140
[  911.042819][T18709]  ? perf_trace_lock_acquire+0x34f/0x410
[  911.048523][T18709]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  911.055261][T18709]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  911.062185][T18709]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  911.068042][T18709]  ? __might_sleep+0xe0/0xe0
[  911.072948][T18709]  ? mark_lock+0x94/0x320
[  911.077539][T18709]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  911.083649][T18709]  ? lock_chain_count+0x20/0x20
[  911.088566][T18709]  ? tcp_set_state+0x680/0x680
[  911.093587][T18709]  tcp_sendmsg+0x2f/0x50
[  911.098053][T18709]  ? inet_send_prepare+0x260/0x260
[  911.103299][T18709]  ____sys_sendmsg+0x5ba/0x960
[  911.108493][T18709]  ? __lock_acquire+0x7d40/0x7d40
[  911.113900][T18709]  ? __asan_memset+0x22/0x40
[  911.119069][T18709]  ? __sys_sendmsg_sock+0x30/0x30
[  911.124218][T18709]  ? __import_iovec+0x3fa/0x850
[  911.129127][T18709]  ? import_iovec+0x73/0xa0
[  911.134020][T18709]  ___sys_sendmsg+0x2a6/0x360
[  911.139002][T18709]  ? get_pid_task+0x20/0x1e0
[  911.143732][T18709]  ? __sys_sendmsg+0x2a0/0x2a0
[  911.148582][T18709]  ? __lock_acquire+0x7d40/0x7d40
[  911.154082][T18709]  __se_sys_sendmsg+0x1c2/0x2b0
[  911.159338][T18709]  ? __x64_sys_sendmsg+0x80/0x80
[  911.164439][T18709]  ? lockdep_hardirqs_on+0x98/0x150
[  911.169689][T18709]  do_syscall_64+0x55/0xa0
[  911.174145][T18709]  ? clear_bhb_loop+0x40/0x90
[  911.178948][T18709]  ? clear_bhb_loop+0x40/0x90
[  911.183876][T18709]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  911.190159][T18709] RIP: 0033:0x7f824a79c819
[  911.194794][T18709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  911.215145][T18709] RSP: 002b:00007f824b61e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  911.223870][T18709] RAX: ffffffffffffffda RBX: 00007f824aa15fa0 RCX: 00007f824a79c819
[  911.232059][T18709] RDX: 00000000200440e4 RSI: 00002000000004c0 RDI: 0000000000000007
[  911.240417][T18709] RBP: 00007f824b61e090 R08: 0000000000000000 R09: 0000000000000000
[  911.248881][T18709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  911.257594][T18709] R13: 00007f824aa16038 R14: 00007f824aa15fa0 R15: 00007fff58f88748
[  911.266168][T18709]  </TASK>
[  912.204373][T18742] netlink: 'syz.3.4197': attribute type 6 has an invalid length.
[  912.238850][T18742] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4197'.
[  912.293401][T18742] netlink: 'syz.3.4197': attribute type 10 has an invalid length.
[  912.317022][T18742] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4197'.
[  912.450720][T18751] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4201'.
[  912.542618][T18754] netlink: 63503 bytes leftover after parsing attributes in process `syz.3.4203'.
[  912.592743][T18756] netlink: 'syz.2.4204': attribute type 9 has an invalid length.
[  912.872970][T18758] netlink: 'syz.3.4205': attribute type 9 has an invalid length.
[  912.897314][T18760] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4204'.
[  912.987144][T18760] netlink: del zone limit has 4 unknown bytes
[  913.176720][T18765] netlink: 'syz.1.4207': attribute type 21 has an invalid length.
[  913.247219][T18767] netlink: del zone limit has 4 unknown bytes
[  913.368703][T18765] tipc: Started in network mode
[  913.377702][T18765] tipc: Node identity 1a, cluster identity 4711
[  913.423493][T18765] tipc: Node number set to 26
[  914.088436][T18778] netlink: 'syz.1.4212': attribute type 6 has an invalid length.
[  914.182713][T18780] netlink: 'syz.1.4212': attribute type 10 has an invalid length.
[  914.529732][T18782] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  914.547796][T18782] CPU: 0 PID: 18782 Comm: syz.1.4213 Not tainted syzkaller #0
[  914.555350][T18782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  914.566044][T18782] Call Trace:
[  914.569582][T18782]  <TASK>
[  914.572690][T18782]  dump_stack_lvl+0x18c/0x250
[  914.577614][T18782]  ? show_regs_print_info+0x20/0x20
[  914.583109][T18782]  ? load_image+0x420/0x420
[  914.587655][T18782]  sysfs_warn_dup+0x8e/0xa0
[  914.592454][T18782]  sysfs_do_create_link_sd+0xc0/0x110
[  914.598190][T18782]  device_add_class_symlinks+0x1cf/0x240
[  914.604130][T18782]  device_add+0x507/0xc20
[  914.608604][T18782]  wiphy_register+0x1dad/0x2ae0
[  914.613474][T18782]  ? cfg80211_event_work+0x40/0x40
[  914.618784][T18782]  ? minstrel_ht_alloc+0x88a/0x990
[  914.624092][T18782]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  914.630371][T18782]  ieee80211_register_hw+0x3464/0x4250
[  914.635957][T18782]  ? ieee80211_tasklet_handler+0x20/0x20
[  914.641854][T18782]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  914.648023][T18782]  ? __debug_object_init+0xec/0x450
[  914.653239][T18782]  ? __asan_memset+0x22/0x40
[  914.657864][T18782]  ? __hrtimer_init+0x186/0x270
[  914.662894][T18782]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  914.668810][T18782]  ? mac80211_hwsim_free+0x220/0x220
[  914.674267][T18782]  ? rcu_is_watching+0x15/0xb0
[  914.679398][T18782]  ? kstrndup+0xbd/0x140
[  914.683790][T18782]  hwsim_new_radio_nl+0xdc9/0x1a90
[  914.689807][T18782]  ? __nla_validate+0x50/0x50
[  914.694793][T18782]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  914.701601][T18782]  ? __nla_parse+0x40/0x50
[  914.706056][T18782]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  914.712737][T18782]  genl_family_rcv_msg_doit+0x211/0x310
[  914.718377][T18782]  ? end_current_label_crit_section+0x170/0x170
[  914.724728][T18782]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  914.730737][T18782]  ? bpf_lsm_capable+0x9/0x10
[  914.735424][T18782]  ? security_capable+0x89/0xb0
[  914.740397][T18782]  genl_rcv_msg+0x619/0x7a0
[  914.745003][T18782]  ? genl_bind+0x360/0x360
[  914.749480][T18782]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  914.756057][T18782]  netlink_rcv_skb+0x241/0x4d0
[  914.761118][T18782]  ? genl_bind+0x360/0x360
[  914.765717][T18782]  ? netlink_ack+0x1180/0x1180
[  914.770682][T18782]  ? __lock_acquire+0x7d40/0x7d40
[  914.775715][T18782]  ? down_read+0x1ac/0x2e0
[  914.780247][T18782]  genl_rcv+0x28/0x40
[  914.784232][T18782]  netlink_unicast+0x751/0x8d0
[  914.789100][T18782]  netlink_sendmsg+0x8d0/0xbf0
[  914.794008][T18782]  ? netlink_getsockopt+0x590/0x590
[  914.800253][T18782]  ? aa_sock_msg_perm+0x94/0x150
[  914.805192][T18782]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  914.810563][T18782]  ? security_socket_sendmsg+0x80/0xa0
[  914.816375][T18782]  ? netlink_getsockopt+0x590/0x590
[  914.821593][T18782]  ____sys_sendmsg+0x5ba/0x960
[  914.826448][T18782]  ? __asan_memset+0x22/0x40
[  914.831128][T18782]  ? __sys_sendmsg_sock+0x30/0x30
[  914.836234][T18782]  ? __import_iovec+0x5f2/0x850
[  914.841442][T18782]  ? import_iovec+0x73/0xa0
[  914.846496][T18782]  ___sys_sendmsg+0x2a6/0x360
[  914.851365][T18782]  ? __sys_sendmsg+0x2a0/0x2a0
[  914.856141][T18782]  ? trace_call_bpf+0xc3/0x6c0
[  914.861013][T18782]  __se_sys_sendmsg+0x1c2/0x2b0
[  914.865953][T18782]  ? __x64_sys_sendmsg+0x80/0x80
[  914.870983][T18782]  ? lockdep_hardirqs_on+0x98/0x150
[  914.876208][T18782]  do_syscall_64+0x55/0xa0
[  914.880623][T18782]  ? clear_bhb_loop+0x40/0x90
[  914.885385][T18782]  ? clear_bhb_loop+0x40/0x90
[  914.890237][T18782]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  914.896324][T18782] RIP: 0033:0x7f824a79c819
[  914.900835][T18782] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  914.921234][T18782] RSP: 002b:00007f824b61e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  914.929984][T18782] RAX: ffffffffffffffda RBX: 00007f824aa15fa0 RCX: 00007f824a79c819
[  914.937956][T18782] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000e
[  914.946291][T18782] RBP: 00007f824a832c91 R08: 0000000000000000 R09: 0000000000000000
[  914.954358][T18782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  914.962670][T18782] R13: 00007f824aa16038 R14: 00007f824aa15fa0 R15: 00007fff58f88748
[  914.970670][T18782]  </TASK>
[  915.414194][T18789] __nla_validate_parse: 6 callbacks suppressed
[  915.414212][T18789] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4215'.
[  915.454780][T18789] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4215'.
[  916.345027][T18802] FAULT_INJECTION: forcing a failure.
[  916.345027][T18802] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  916.360940][T18802] CPU: 1 PID: 18802 Comm: syz.0.4220 Not tainted syzkaller #0
[  916.368984][T18802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  916.379686][T18802] Call Trace:
[  916.383047][T18802]  <TASK>
[  916.386721][T18802]  dump_stack_lvl+0x18c/0x250
[  916.392117][T18802]  ? show_regs_print_info+0x20/0x20
[  916.397632][T18802]  ? load_image+0x420/0x420
[  916.402400][T18802]  ? __might_fault+0xaa/0x120
[  916.407177][T18802]  ? __lock_acquire+0x7d40/0x7d40
[  916.412453][T18802]  should_fail_ex+0x39d/0x4d0
[  916.417426][T18802]  _copy_to_user+0x2f/0xa0
[  916.421952][T18802]  bpf_verifier_vlog+0x2fa/0x870
[  916.426944][T18802]  __btf_verifier_log+0xe3/0x140
[  916.431909][T18802]  ? btf_check_sec_info+0x350/0x350
[  916.437124][T18802]  ? __lock_acquire+0x7d40/0x7d40
[  916.442344][T18802]  ? btf_parse_hdr+0x1f5/0x710
[  916.447141][T18802]  btf_parse_hdr+0x3f2/0x710
[  916.451740][T18802]  btf_new_fd+0x397/0x9f0
[  916.456169][T18802]  ? bpf_btf_show_fdinfo+0x80/0x80
[  916.461463][T18802]  ? capable+0x88/0xe0
[  916.465555][T18802]  __sys_bpf+0x670/0x890
[  916.470224][T18802]  ? bpf_link_show_fdinfo+0x390/0x390
[  916.475800][T18802]  ? lock_chain_count+0x20/0x20
[  916.480850][T18802]  __x64_sys_bpf+0x7c/0x90
[  916.485630][T18802]  do_syscall_64+0x55/0xa0
[  916.490309][T18802]  ? clear_bhb_loop+0x40/0x90
[  916.495308][T18802]  ? clear_bhb_loop+0x40/0x90
[  916.500826][T18802]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  916.507400][T18802] RIP: 0033:0x7fe498d9c819
[  916.512284][T18802] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  916.533147][T18802] RSP: 002b:00007fe499d34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  916.542353][T18802] RAX: ffffffffffffffda RBX: 00007fe499015fa0 RCX: 00007fe498d9c819
[  916.550871][T18802] RDX: 0000000000000028 RSI: 00002000000001c0 RDI: 0000000000000012
[  916.559521][T18802] RBP: 00007fe499d34090 R08: 0000000000000000 R09: 0000000000000000
[  916.567824][T18802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  916.576300][T18802] R13: 00007fe499016038 R14: 00007fe499015fa0 R15: 00007ffcaf7f30b8
[  916.584837][T18802]  </TASK>
[  916.688318][  T137] tipc: Left network mode
[  916.818077][T18810] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4223'.
[  916.848133][  T137] ip6gretap0 (unregistering): left allmulticast mode
[  916.855159][  T137] ip6gretap0 (unregistering): left promiscuous mode
[  916.865225][  T137] Ÿë
: port 1(ip6gretap0) entered disabled state
[  917.015937][T18819] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4225'.
[  917.043685][T18816] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4225'.
[  917.143799][T18810] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  917.167919][T18810] CPU: 0 PID: 18810 Comm: syz.2.4223 Not tainted syzkaller #0
[  917.175623][T18810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  917.185689][T18810] Call Trace:
[  917.188970][T18810]  <TASK>
[  917.191907][T18810]  dump_stack_lvl+0x18c/0x250
[  917.196813][T18810]  ? show_regs_print_info+0x20/0x20
[  917.202420][T18810]  ? load_image+0x420/0x420
[  917.207215][T18810]  sysfs_warn_dup+0x8e/0xa0
[  917.211735][T18810]  sysfs_do_create_link_sd+0xc0/0x110
[  917.217200][T18810]  device_add_class_symlinks+0x1cf/0x240
[  917.222879][T18810]  device_add+0x507/0xc20
[  917.227432][T18810]  wiphy_register+0x1dad/0x2ae0
[  917.232318][T18810]  ? cfg80211_event_work+0x40/0x40
[  917.237709][T18810]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  917.243780][T18810]  ieee80211_register_hw+0x3464/0x4250
[  917.249342][T18810]  ? ieee80211_tasklet_handler+0x20/0x20
[  917.254977][T18810]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  917.260889][T18810]  ? __debug_object_init+0xec/0x450
[  917.266373][T18810]  ? __asan_memset+0x22/0x40
[  917.271094][T18810]  ? __hrtimer_init+0x186/0x270
[  917.275961][T18810]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  917.281887][T18810]  ? mac80211_hwsim_free+0x220/0x220
[  917.287193][T18810]  ? rcu_is_watching+0x15/0xb0
[  917.292159][T18810]  ? kstrndup+0xbd/0x140
[  917.296596][T18810]  hwsim_new_radio_nl+0xdc9/0x1a90
[  917.301980][T18810]  ? __nla_validate+0x50/0x50
[  917.306841][T18810]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  917.313525][T18810]  ? __nla_parse+0x40/0x50
[  917.318030][T18810]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  917.324457][T18810]  genl_family_rcv_msg_doit+0x211/0x310
[  917.330012][T18810]  ? end_current_label_crit_section+0x170/0x170
[  917.336479][T18810]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  917.342478][T18810]  ? bpf_lsm_capable+0x9/0x10
[  917.347219][T18810]  ? security_capable+0x89/0xb0
[  917.352214][T18810]  genl_rcv_msg+0x619/0x7a0
[  917.356738][T18810]  ? genl_bind+0x360/0x360
[  917.361251][T18810]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  917.367593][T18810]  netlink_rcv_skb+0x241/0x4d0
[  917.372447][T18810]  ? genl_bind+0x360/0x360
[  917.376961][T18810]  ? netlink_ack+0x1180/0x1180
[  917.382260][T18810]  ? __lock_acquire+0x7d40/0x7d40
[  917.387639][T18810]  ? down_read+0x1ac/0x2e0
[  917.392064][T18810]  genl_rcv+0x28/0x40
[  917.396161][T18810]  netlink_unicast+0x751/0x8d0
[  917.400969][T18810]  netlink_sendmsg+0x8d0/0xbf0
[  917.405864][T18810]  ? netlink_getsockopt+0x590/0x590
[  917.411153][T18810]  ? aa_sock_msg_perm+0x94/0x150
[  917.416092][T18810]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  917.421551][T18810]  ? security_socket_sendmsg+0x80/0xa0
[  917.427127][T18810]  ? netlink_getsockopt+0x590/0x590
[  917.432422][T18810]  ____sys_sendmsg+0x5ba/0x960
[  917.437448][T18810]  ? __asan_memset+0x22/0x40
[  917.442210][T18810]  ? __sys_sendmsg_sock+0x30/0x30
[  917.447400][T18810]  ? __import_iovec+0x5f2/0x850
[  917.452362][T18810]  ? import_iovec+0x73/0xa0
[  917.457127][T18810]  ___sys_sendmsg+0x2a6/0x360
[  917.461891][T18810]  ? __sys_sendmsg+0x2a0/0x2a0
[  917.466790][T18810]  __se_sys_sendmsg+0x1c2/0x2b0
[  917.471906][T18810]  ? __x64_sys_sendmsg+0x80/0x80
[  917.477278][T18810]  ? syscall_enter_from_user_mode+0x2e/0x80
[  917.483239][T18810]  do_syscall_64+0x55/0xa0
[  917.487750][T18810]  ? clear_bhb_loop+0x40/0x90
[  917.492429][T18810]  ? clear_bhb_loop+0x40/0x90
[  917.497290][T18810]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  917.503458][T18810] RIP: 0033:0x7f2293f9c819
[  917.507878][T18810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  917.528528][T18810] RSP: 002b:00007f2294dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  917.537371][T18810] RAX: ffffffffffffffda RBX: 00007f2294215fa0 RCX: 00007f2293f9c819
[  917.545525][T18810] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000e
[  917.553617][T18810] RBP: 00007f2294032c91 R08: 0000000000000000 R09: 0000000000000000
[  917.562124][T18810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  917.570488][T18810] R13: 00007f2294216038 R14: 00007f2294215fa0 R15: 00007ffea9da6b08
[  917.578582][T18810]  </TASK>
[  917.610210][T18823] FAULT_INJECTION: forcing a failure.
[  917.610210][T18823] name failslab, interval 1, probability 0, space 0, times 0
[  917.638729][T18823] CPU: 0 PID: 18823 Comm: syz.0.4226 Not tainted syzkaller #0
[  917.646595][T18823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  917.657195][T18823] Call Trace:
[  917.660723][T18823]  <TASK>
[  917.664480][T18823]  dump_stack_lvl+0x18c/0x250
[  917.669481][T18823]  ? show_regs_print_info+0x20/0x20
[  917.674828][T18823]  ? load_image+0x420/0x420
[  917.679731][T18823]  should_fail_ex+0x39d/0x4d0
[  917.684884][T18823]  should_failslab+0x9/0x20
[  917.689511][T18823]  slab_pre_alloc_hook+0x59/0x310
[  917.695205][T18823]  kmem_cache_alloc+0x5a/0x2d0
[  917.699996][T18823]  ? dst_alloc+0x105/0x170
[  917.704446][T18823]  ? ipv6_sysctl_rtcache_flush+0xf0/0xf0
[  917.710372][T18823]  dst_alloc+0x105/0x170
[  917.714649][T18823]  ip6_rt_cache_alloc+0x3c7/0xa30
[  917.719792][T18823]  ? rt6_find_cached_rt+0x270/0x270
[  917.725301][T18823]  ? rt6_find_cached_rt+0x21d/0x270
[  917.730543][T18823]  ? ip6_pol_route+0x171/0x1230
[  917.735509][T18823]  ip6_pol_route+0xffa/0x1230
[  917.740333][T18823]  ? ip6_pol_route+0x171/0x1230
[  917.745321][T18823]  ? trace_fib6_table_lookup+0x1b0/0x1b0
[  917.751186][T18823]  fib6_rule_lookup+0x20c/0x570
[  917.756150][T18823]  ? skb_header_pointer+0x120/0x120
[  917.761650][T18823]  ? fib6_lookup+0x2d0/0x2d0
[  917.766442][T18823]  ? vsnprintf+0x1ae7/0x1ba0
[  917.771071][T18823]  ? read_lock_is_recursive+0x20/0x20
[  917.776627][T18823]  ? tomoyo_write_log2+0x250/0x910
[  917.781921][T18823]  ? dev_get_by_index_rcu+0xf4/0x110
[  917.787304][T18823]  ip6_route_output_flags+0x364/0x5d0
[  917.792681][T18823]  ? ip6_route_output_flags+0x2e/0x5d0
[  917.798500][T18823]  ip6_dst_lookup_tail+0x1ae/0x1530
[  917.803870][T18823]  ? txopt_get+0x7a/0x3f0
[  917.808291][T18823]  ? ip6_dst_lookup+0x60/0x60
[  917.813057][T18823]  ? txopt_get+0x7a/0x3f0
[  917.817516][T18823]  ? txopt_get+0x7a/0x3f0
[  917.822120][T18823]  ? txopt_get+0x344/0x3f0
[  917.826760][T18823]  ? fl6_sock_lookup+0xc0/0xc0
[  917.831829][T18823]  ip6_dst_lookup_flow+0x48/0xe0
[  917.836895][T18823]  rawv6_sendmsg+0xd63/0x1770
[  917.841668][T18823]  ? compat_rawv6_ioctl+0x70/0x70
[  917.846725][T18823]  ? aa_sk_perm+0x83c/0x970
[  917.851504][T18823]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  917.858213][T18823]  ? inet_sendmsg+0x7c/0x2f0
[  917.863154][T18823]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  917.868646][T18823]  ? security_socket_sendmsg+0x80/0xa0
[  917.874464][T18823]  ? inet_send_prepare+0x260/0x260
[  917.879748][T18823]  ____sys_sendmsg+0x5ba/0x960
[  917.884544][T18823]  ? __lock_acquire+0x7d40/0x7d40
[  917.889758][T18823]  ? __asan_memset+0x22/0x40
[  917.894509][T18823]  ? __sys_sendmsg_sock+0x30/0x30
[  917.899795][T18823]  ? __import_iovec+0x5f2/0x850
[  917.904741][T18823]  ? import_iovec+0x73/0xa0
[  917.909239][T18823]  ___sys_sendmsg+0x2a6/0x360
[  917.914007][T18823]  ? __sys_sendmsg+0x2a0/0x2a0
[  917.919051][T18823]  ? trace_call_bpf+0xc3/0x6c0
[  917.923834][T18823]  __se_sys_sendmsg+0x1c2/0x2b0
[  917.929038][T18823]  ? __x64_sys_sendmsg+0x80/0x80
[  917.934417][T18823]  ? lockdep_hardirqs_on+0x98/0x150
[  917.939814][T18823]  do_syscall_64+0x55/0xa0
[  917.944326][T18823]  ? clear_bhb_loop+0x40/0x90
[  917.949455][T18823]  ? clear_bhb_loop+0x40/0x90
[  917.954326][T18823]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  917.960323][T18823] RIP: 0033:0x7fe498d9c819
[  917.964822][T18823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  917.984785][T18823] RSP: 002b:00007fe499d13028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  917.994096][T18823] RAX: ffffffffffffffda RBX: 00007fe499016090 RCX: 00007fe498d9c819
[  918.002196][T18823] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000007
[  918.010370][T18823] RBP: 00007fe499d13090 R08: 0000000000000000 R09: 0000000000000000
[  918.018438][T18823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  918.026508][T18823] R13: 00007fe499016128 R14: 00007fe499016090 R15: 00007ffcaf7f30b8
[  918.034930][T18823]  </TASK>
[  918.075340][T18827] netlink: 'syz.1.4227': attribute type 9 has an invalid length.
[  918.226709][T18827] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4227'.
[  918.244705][T18827] netlink: del zone limit has 4 unknown bytes
[  918.588069][T18850] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  918.594968][T18850] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  918.932002][T18858] netlink: 'syz.0.4236': attribute type 6 has an invalid length.
[  918.941179][T18858] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4236'.
[  919.008302][T18858] netlink: 'syz.0.4236': attribute type 10 has an invalid length.
[  919.017456][T18858] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4236'.
[  919.177943][T18862] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4237'.
[  919.201401][T18865] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4237'.
[  919.242563][  T137] hsr_slave_0: left promiscuous mode
[  919.250941][  T137] hsr_slave_1: left promiscuous mode
[  919.258603][  T137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  919.269912][  T137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  919.294088][  T137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  919.322581][  T137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  919.366698][  T137] batman_adv: batadv0: Interface deactivated: veth0_vlan
[  919.396998][  T137] batman_adv: batadv0: Removing interface: veth0_vlan
[  919.446597][  T137] veth1_macvtap: left promiscuous mode
[  919.475691][  T137] veth1_vlan: left promiscuous mode
[  919.497293][  T137] veth0_vlan: left promiscuous mode
[  919.814233][T18890] netlink: del zone limit has 4 unknown bytes
[  921.305643][T18875] netlink: 'syz.3.4242': attribute type 9 has an invalid length.
[  921.406332][T18895] FAULT_INJECTION: forcing a failure.
[  921.406332][T18895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  921.443824][T18895] CPU: 1 PID: 18895 Comm: syz.1.4247 Not tainted syzkaller #0
[  921.451355][T18895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  921.461517][T18895] Call Trace:
[  921.464835][T18895]  <TASK>
[  921.467811][T18895]  dump_stack_lvl+0x18c/0x250
[  921.472533][T18895]  ? show_regs_print_info+0x20/0x20
[  921.477948][T18895]  ? load_image+0x420/0x420
[  921.482563][T18895]  ? __might_fault+0xaa/0x120
[  921.487421][T18895]  ? __lock_acquire+0x7d40/0x7d40
[  921.492777][T18895]  should_fail_ex+0x39d/0x4d0
[  921.497647][T18895]  _copy_from_user+0x2f/0xe0
[  921.502608][T18895]  bpf_prog_test_run_skb+0x266/0x12b0
[  921.508326][T18895]  ? __fget_files+0x28/0x4b0
[  921.513111][T18895]  ? __fget_files+0x28/0x4b0
[  921.517727][T18895]  ? __fget_files+0x43d/0x4b0
[  921.522633][T18895]  ? cpu_online+0x60/0x60
[  921.527060][T18895]  bpf_prog_test_run+0x321/0x390
[  921.532118][T18895]  __sys_bpf+0x49d/0x890
[  921.536981][T18895]  ? bpf_link_show_fdinfo+0x390/0x390
[  921.542374][T18895]  ? lock_chain_count+0x20/0x20
[  921.547579][T18895]  __x64_sys_bpf+0x7c/0x90
[  921.552112][T18895]  do_syscall_64+0x55/0xa0
[  921.556633][T18895]  ? clear_bhb_loop+0x40/0x90
[  921.561658][T18895]  ? clear_bhb_loop+0x40/0x90
[  921.566421][T18895]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  921.572507][T18895] RIP: 0033:0x7f824a79c819
[  921.577193][T18895] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  921.597774][T18895] RSP: 002b:00007f824b61e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  921.606973][T18895] RAX: ffffffffffffffda RBX: 00007f824aa15fa0 RCX: 00007f824a79c819
[  921.615806][T18895] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  921.624202][T18895] RBP: 00007f824b61e090 R08: 0000000000000000 R09: 0000000000000000
[  921.632796][T18895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  921.641204][T18895] R13: 00007f824aa16038 R14: 00007f824aa15fa0 R15: 00007fff58f88748
[  921.649567][T18895]  </TASK>
[  921.655238][T18897] netlink: 'syz.0.4246': attribute type 21 has an invalid length.
[  921.711145][T18897] __nla_validate_parse: 1 callbacks suppressed
[  921.711181][T18897] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.4246'.
[  921.736734][T18897] netlink: 21096 bytes leftover after parsing attributes in process `syz.0.4246'.
[  921.760049][T18897] tipc: Started in network mode
[  921.769407][T18897] tipc: Node identity 1a, cluster identity 4711
[  921.781128][T18897] tipc: Node number set to 26
[  921.947251][T18905] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4249'.
[  921.957250][T18905] openvswitch: netlink: Flow key attribute not present in set flow.
[  922.186599][T18913] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4251'.
[  922.223908][T18913] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4251'.
[  922.266167][T18918] netlink: 'syz.2.4253': attribute type 10 has an invalid length.
[  922.276037][T18918] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4253'.
[  922.509095][T18930] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4264'.
[  922.583007][T18926] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4264'.
[  922.829254][T18939] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  923.647478][T18966] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4269'.
[  923.665320][T18966] netlink: del zone limit has 4 unknown bytes
[  925.685841][T18959] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4268'.
[  925.696217][T18962] netlink: 'syz.0.4269': attribute type 9 has an invalid length.
[  925.954468][T18976] netlink: 'syz.2.4280': attribute type 10 has an invalid length.
[  925.973896][T18976] ipvlan1: entered promiscuous mode
[  925.984905][T18976] ipvlan1: entered allmulticast mode
[  926.007525][T18976] bridge0: port 4(ipvlan1) entered blocking state
[  926.016271][T18976] bridge0: port 4(ipvlan1) entered disabled state
[  926.055688][T18976] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  926.736348][T19005] __nla_validate_parse: 4 callbacks suppressed
[  926.736366][T19005] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4279'.
[  926.780636][T19005] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4279'.
[  926.796545][T19009] netlink: 'syz.2.4282': attribute type 10 has an invalid length.
[  926.815915][T19009] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4282'.
[  927.119885][T19021] netlink: 'syz.1.4289': attribute type 9 has an invalid length.
[  927.323701][T19026] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4289'.
[  927.357617][T19026] netlink: del zone limit has 4 unknown bytes
[  927.716322][T19032] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4291'.
[  928.038068][T19032] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  928.047365][T19032] CPU: 0 PID: 19032 Comm: syz.2.4291 Not tainted syzkaller #0
[  928.055299][T19032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  928.065728][T19032] Call Trace:
[  928.069126][T19032]  <TASK>
[  928.072255][T19032]  dump_stack_lvl+0x18c/0x250
[  928.077378][T19032]  ? show_regs_print_info+0x20/0x20
[  928.082699][T19032]  ? load_image+0x420/0x420
[  928.087319][T19032]  sysfs_warn_dup+0x8e/0xa0
[  928.091859][T19032]  sysfs_do_create_link_sd+0xc0/0x110
[  928.097461][T19032]  device_add_class_symlinks+0x1cf/0x240
[  928.103350][T19032]  device_add+0x507/0xc20
[  928.108073][T19032]  wiphy_register+0x1dad/0x2ae0
[  928.113316][T19032]  ? cfg80211_event_work+0x40/0x40
[  928.118621][T19032]  ? minstrel_ht_alloc+0x88a/0x990
[  928.123937][T19032]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  928.130132][T19032]  ieee80211_register_hw+0x3464/0x4250
[  928.135728][T19032]  ? ieee80211_tasklet_handler+0x20/0x20
[  928.141368][T19032]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  928.147286][T19032]  ? __debug_object_init+0xec/0x450
[  928.152868][T19032]  ? __asan_memset+0x22/0x40
[  928.157549][T19032]  ? __hrtimer_init+0x186/0x270
[  928.162486][T19032]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  928.168242][T19032]  ? mac80211_hwsim_free+0x220/0x220
[  928.173630][T19032]  ? rcu_is_watching+0x15/0xb0
[  928.178485][T19032]  ? kstrndup+0xbd/0x140
[  928.182906][T19032]  hwsim_new_radio_nl+0xdc9/0x1a90
[  928.188112][T19032]  ? __nla_validate+0x50/0x50
[  928.192922][T19032]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  928.199722][T19032]  ? __nla_parse+0x40/0x50
[  928.204147][T19032]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  928.210593][T19032]  genl_family_rcv_msg_doit+0x211/0x310
[  928.216338][T19032]  ? end_current_label_crit_section+0x170/0x170
[  928.222717][T19032]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  928.228906][T19032]  ? bpf_lsm_capable+0x9/0x10
[  928.234052][T19032]  ? security_capable+0x89/0xb0
[  928.239129][T19032]  genl_rcv_msg+0x619/0x7a0
[  928.243772][T19032]  ? genl_bind+0x360/0x360
[  928.248315][T19032]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  928.254843][T19032]  netlink_rcv_skb+0x241/0x4d0
[  928.259727][T19032]  ? genl_bind+0x360/0x360
[  928.264155][T19032]  ? netlink_ack+0x1180/0x1180
[  928.269754][T19032]  ? __lock_acquire+0x7d40/0x7d40
[  928.277172][T19032]  ? down_read+0x1ac/0x2e0
[  928.283124][T19032]  genl_rcv+0x28/0x40
[  928.287658][T19032]  netlink_unicast+0x751/0x8d0
[  928.293847][T19032]  netlink_sendmsg+0x8d0/0xbf0
[  928.300244][T19032]  ? netlink_getsockopt+0x590/0x590
[  928.308489][T19032]  ? aa_sock_msg_perm+0x94/0x150
[  928.315486][T19032]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  928.322549][T19032]  ? security_socket_sendmsg+0x80/0xa0
[  928.329486][T19032]  ? netlink_getsockopt+0x590/0x590
[  928.336273][T19032]  ____sys_sendmsg+0x5ba/0x960
[  928.342767][T19032]  ? __asan_memset+0x22/0x40
[  928.347658][T19032]  ? __sys_sendmsg_sock+0x30/0x30
[  928.353844][T19032]  ? __import_iovec+0x5f2/0x850
[  928.359166][T19032]  ? import_iovec+0x73/0xa0
[  928.364317][T19032]  ___sys_sendmsg+0x2a6/0x360
[  928.369955][T19032]  ? __sys_sendmsg+0x2a0/0x2a0
[  928.375153][T19032]  __se_sys_sendmsg+0x1c2/0x2b0
[  928.381439][T19032]  ? __x64_sys_sendmsg+0x80/0x80
[  928.387410][T19032]  ? syscall_enter_from_user_mode+0x2e/0x80
[  928.394196][T19032]  do_syscall_64+0x55/0xa0
[  928.400122][T19032]  ? clear_bhb_loop+0x40/0x90
[  928.405117][T19032]  ? clear_bhb_loop+0x40/0x90
[  928.410611][T19032]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  928.416811][T19032] RIP: 0033:0x7f2293f9c819
[  928.421761][T19032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  928.442252][T19032] RSP: 002b:00007f2294dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  928.451200][T19032] RAX: ffffffffffffffda RBX: 00007f2294215fa0 RCX: 00007f2293f9c819
[  928.459734][T19032] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000d
[  928.468160][T19032] RBP: 00007f2294032c91 R08: 0000000000000000 R09: 0000000000000000
[  928.476698][T19032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  928.485320][T19032] R13: 00007f2294216038 R14: 00007f2294215fa0 R15: 00007ffea9da6b08
[  928.494313][T19032]  </TASK>
[  931.029187][T19042] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4293'.
[  931.047389][T19045] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4293'.
[  931.072312][T19048] netlink: 'syz.2.4294': attribute type 10 has an invalid length.
[  931.088421][T19048] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4294'.
[  931.590832][T19063] netlink: 'syz.0.4301': attribute type 9 has an invalid length.
[  931.684047][T19068] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4302'.
[  931.750459][T19068] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  931.776994][T19068] CPU: 0 PID: 19068 Comm: syz.2.4302 Not tainted syzkaller #0
[  931.784716][T19068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  931.795328][T19068] Call Trace:
[  931.798703][T19068]  <TASK>
[  931.801660][T19068]  dump_stack_lvl+0x18c/0x250
[  931.806478][T19068]  ? show_regs_print_info+0x20/0x20
[  931.811688][T19068]  ? load_image+0x420/0x420
[  931.816298][T19068]  sysfs_warn_dup+0x8e/0xa0
[  931.821019][T19068]  sysfs_do_create_link_sd+0xc0/0x110
[  931.826501][T19068]  device_add_class_symlinks+0x1cf/0x240
[  931.832161][T19068]  device_add+0x507/0xc20
[  931.836600][T19068]  wiphy_register+0x1dad/0x2ae0
[  931.841472][T19068]  ? cfg80211_event_work+0x40/0x40
[  931.846683][T19068]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  931.852957][T19068]  ? ieee80211_register_hw+0x328f/0x4250
[  931.858698][T19068]  ieee80211_register_hw+0x3464/0x4250
[  931.864266][T19068]  ? ieee80211_tasklet_handler+0x20/0x20
[  931.870073][T19068]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  931.876244][T19068]  ? __debug_object_init+0xec/0x450
[  931.881447][T19068]  ? __asan_memset+0x22/0x40
[  931.886042][T19068]  ? __hrtimer_init+0x186/0x270
[  931.890992][T19068]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  931.896848][T19068]  ? mac80211_hwsim_free+0x220/0x220
[  931.902216][T19068]  ? rcu_is_watching+0x15/0xb0
[  931.906978][T19068]  ? kstrndup+0xbd/0x140
[  931.911325][T19068]  hwsim_new_radio_nl+0xdc9/0x1a90
[  931.916739][T19068]  ? mark_lock+0x94/0x320
[  931.921179][T19068]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  931.927839][T19068]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  931.934179][T19068]  ? lockdep_hardirqs_on+0x98/0x150
[  931.939640][T19068]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  931.946237][T19068]  genl_family_rcv_msg_doit+0x211/0x310
[  931.952051][T19068]  ? end_current_label_crit_section+0x170/0x170
[  931.958577][T19068]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  931.964845][T19068]  ? bpf_lsm_capable+0x9/0x10
[  931.969721][T19068]  ? security_capable+0x89/0xb0
[  931.974845][T19068]  genl_rcv_msg+0x619/0x7a0
[  931.979456][T19068]  ? genl_bind+0x360/0x360
[  931.984086][T19068]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  931.990163][T19068]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  931.996758][T19068]  ? ref_tracker_free+0x690/0x840
[  932.002036][T19068]  netlink_rcv_skb+0x241/0x4d0
[  932.007154][T19068]  ? genl_bind+0x360/0x360
[  932.011760][T19068]  ? netlink_ack+0x1180/0x1180
[  932.016755][T19068]  ? __lock_acquire+0x7d40/0x7d40
[  932.021887][T19068]  ? down_read+0x1ac/0x2e0
[  932.026482][T19068]  genl_rcv+0x28/0x40
[  932.030550][T19068]  netlink_unicast+0x751/0x8d0
[  932.035503][T19068]  netlink_sendmsg+0x8d0/0xbf0
[  932.040395][T19068]  ? netlink_getsockopt+0x590/0x590
[  932.045722][T19068]  ? aa_sock_msg_perm+0x94/0x150
[  932.050813][T19068]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  932.056191][T19068]  ? security_socket_sendmsg+0x80/0xa0
[  932.061850][T19068]  ? netlink_getsockopt+0x590/0x590
[  932.067236][T19068]  ____sys_sendmsg+0x5ba/0x960
[  932.072081][T19068]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  932.078241][T19068]  ? __asan_memset+0x22/0x40
[  932.082831][T19068]  ? __sys_sendmsg_sock+0x30/0x30
[  932.088196][T19068]  ? __import_iovec+0x5f2/0x850
[  932.093063][T19068]  ? import_iovec+0x73/0xa0
[  932.097593][T19068]  ___sys_sendmsg+0x2a6/0x360
[  932.102663][T19068]  ? __sys_sendmsg+0x2a0/0x2a0
[  932.107638][T19068]  ? trace_call_bpf+0xc3/0x6c0
[  932.112514][T19068]  __se_sys_sendmsg+0x1c2/0x2b0
[  932.117629][T19068]  ? __x64_sys_sendmsg+0x80/0x80
[  932.122576][T19068]  ? lockdep_hardirqs_on+0x98/0x150
[  932.127774][T19068]  do_syscall_64+0x55/0xa0
[  932.132194][T19068]  ? clear_bhb_loop+0x40/0x90
[  932.137144][T19068]  ? clear_bhb_loop+0x40/0x90
[  932.141825][T19068]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  932.147716][T19068] RIP: 0033:0x7f2293f9c819
[  932.152214][T19068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  932.171908][T19068] RSP: 002b:00007f2294dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  932.180325][T19068] RAX: ffffffffffffffda RBX: 00007f2294215fa0 RCX: 00007f2293f9c819
[  932.188380][T19068] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000d
[  932.196443][T19068] RBP: 00007f2294032c91 R08: 0000000000000000 R09: 0000000000000000
[  932.204416][T19068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  932.212562][T19068] R13: 00007f2294216038 R14: 00007f2294215fa0 R15: 00007ffea9da6b08
[  932.220634][T19068]  </TASK>
[  932.256266][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  932.264044][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  932.292534][T19072] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4301'.
[  932.306559][T19072] netlink: del zone limit has 4 unknown bytes
[  932.619012][T19079] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4304'.
[  932.652054][T19079] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4304'.
[  932.760001][T19083] netlink: 'syz.2.4305': attribute type 17 has an invalid length.
[  932.773291][T19083] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4305'.
[  932.799868][T19083] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  933.000652][T19087] netlink: 'syz.2.4306': attribute type 6 has an invalid length.
[  933.013563][T19087] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4306'.
[  933.034965][T19087] netlink: 'syz.2.4306': attribute type 10 has an invalid length.
[  933.043690][T19087] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4306'.
[  933.633086][T19110] netlink: 'syz.0.4316': attribute type 9 has an invalid length.
[  933.662475][T19111] netlink: 'syz.3.4317': attribute type 6 has an invalid length.
[  933.671415][T19111] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4317'.
[  933.685433][T19111] netlink: 'syz.3.4317': attribute type 10 has an invalid length.
[  933.694161][T19111] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4317'.
[  933.917806][T19117] netlink: 'syz.3.4319': attribute type 10 has an invalid length.
[  933.929265][T19117] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4319'.
[  933.946100][T19118] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4316'.
[  934.039700][T19118] netlink: del zone limit has 4 unknown bytes
[  934.614712][T19116] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  935.008169][ T5083] Bluetooth: hci1: ISO packet for unknown connection handle 2622
[  935.204893][T19141] netlink: 'syz.3.4325': attribute type 9 has an invalid length.
[  935.520597][T19147] netlink: del zone limit has 4 unknown bytes
[  935.673511][T19146] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  935.688442][T19146] CPU: 0 PID: 19146 Comm: syz.2.4327 Not tainted syzkaller #0
[  935.696137][T19146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  935.706401][T19146] Call Trace:
[  935.709797][T19146]  <TASK>
[  935.712743][T19146]  dump_stack_lvl+0x18c/0x250
[  935.717733][T19146]  ? show_regs_print_info+0x20/0x20
[  935.723058][T19146]  ? load_image+0x420/0x420
[  935.727881][T19146]  sysfs_warn_dup+0x8e/0xa0
[  935.732503][T19146]  sysfs_do_create_link_sd+0xc0/0x110
[  935.738407][T19146]  device_add_class_symlinks+0x1cf/0x240
[  935.744341][T19146]  device_add+0x507/0xc20
[  935.748853][T19146]  wiphy_register+0x1dad/0x2ae0
[  935.753801][T19146]  ? cfg80211_event_work+0x40/0x40
[  935.759088][T19146]  ? minstrel_ht_alloc+0x88a/0x990
[  935.764246][T19146]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  935.770570][T19146]  ieee80211_register_hw+0x3464/0x4250
[  935.776042][T19146]  ? ieee80211_tasklet_handler+0x20/0x20
[  935.781987][T19146]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  935.788255][T19146]  ? __debug_object_init+0xec/0x450
[  935.793931][T19146]  ? __asan_memset+0x22/0x40
[  935.799311][T19146]  ? __hrtimer_init+0x186/0x270
[  935.804378][T19146]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  935.810127][T19146]  ? mac80211_hwsim_free+0x220/0x220
[  935.815715][T19146]  ? rcu_is_watching+0x15/0xb0
[  935.820660][T19146]  ? kstrndup+0xbd/0x140
[  935.825086][T19146]  hwsim_new_radio_nl+0xdc9/0x1a90
[  935.830306][T19146]  ? __nla_validate+0x50/0x50
[  935.835329][T19146]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  935.841929][T19146]  ? __nla_parse+0x40/0x50
[  935.846567][T19146]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  935.853076][T19146]  genl_family_rcv_msg_doit+0x211/0x310
[  935.858835][T19146]  ? end_current_label_crit_section+0x170/0x170
[  935.865120][T19146]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  935.871286][T19146]  ? bpf_lsm_capable+0x9/0x10
[  935.876236][T19146]  ? security_capable+0x89/0xb0
[  935.881454][T19146]  genl_rcv_msg+0x619/0x7a0
[  935.885972][T19146]  ? genl_bind+0x360/0x360
[  935.890860][T19146]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  935.897195][T19146]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  935.903887][T19146]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  935.909980][T19146]  netlink_rcv_skb+0x241/0x4d0
[  935.915355][T19146]  ? genl_bind+0x360/0x360
[  935.919895][T19146]  ? netlink_ack+0x1180/0x1180
[  935.924936][T19146]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  935.931278][T19146]  ? down_read+0x1ac/0x2e0
[  935.935695][T19146]  genl_rcv+0x28/0x40
[  935.939937][T19146]  netlink_unicast+0x751/0x8d0
[  935.944892][T19146]  netlink_sendmsg+0x8d0/0xbf0
[  935.950039][T19146]  ? netlink_getsockopt+0x590/0x590
[  935.955238][T19146]  ? aa_sock_msg_perm+0x94/0x150
[  935.960439][T19146]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  935.965990][T19146]  ? security_socket_sendmsg+0x80/0xa0
[  935.971547][T19146]  ? netlink_getsockopt+0x590/0x590
[  935.977011][T19146]  ____sys_sendmsg+0x5ba/0x960
[  935.981777][T19146]  ? __asan_memset+0x22/0x40
[  935.986471][T19146]  ? __sys_sendmsg_sock+0x30/0x30
[  935.991665][T19146]  ? __import_iovec+0x5f2/0x850
[  935.996720][T19146]  ? import_iovec+0x73/0xa0
[  936.001332][T19146]  ___sys_sendmsg+0x2a6/0x360
[  936.006110][T19146]  ? __sys_sendmsg+0x2a0/0x2a0
[  936.011063][T19146]  ? trace_call_bpf+0xc3/0x6c0
[  936.015959][T19146]  __se_sys_sendmsg+0x1c2/0x2b0
[  936.020897][T19146]  ? __x64_sys_sendmsg+0x80/0x80
[  936.026031][T19146]  ? lockdep_hardirqs_on+0x98/0x150
[  936.031497][T19146]  do_syscall_64+0x55/0xa0
[  936.035995][T19146]  ? clear_bhb_loop+0x40/0x90
[  936.040932][T19146]  ? clear_bhb_loop+0x40/0x90
[  936.045695][T19146]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  936.051864][T19146] RIP: 0033:0x7f2293f9c819
[  936.056395][T19146] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  936.076619][T19146] RSP: 002b:00007f2294dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  936.085385][T19146] RAX: ffffffffffffffda RBX: 00007f2294215fa0 RCX: 00007f2293f9c819
[  936.093873][T19146] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000d
[  936.102304][T19146] RBP: 00007f2294032c91 R08: 0000000000000000 R09: 0000000000000000
[  936.110763][T19146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  936.119625][T19146] R13: 00007f2294216038 R14: 00007f2294215fa0 R15: 00007ffea9da6b08
[  936.127896][T19146]  </TASK>
[  936.992946][T19167] FAULT_INJECTION: forcing a failure.
[  936.992946][T19167] name failslab, interval 1, probability 0, space 0, times 0
[  937.006828][T19167] CPU: 1 PID: 19167 Comm: syz.1.4333 Not tainted syzkaller #0
[  937.014674][T19167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  937.024839][T19167] Call Trace:
[  937.028153][T19167]  <TASK>
[  937.031108][T19167]  dump_stack_lvl+0x18c/0x250
[  937.035923][T19167]  ? verify_lock_unused+0x140/0x140
[  937.041433][T19167]  ? show_regs_print_info+0x20/0x20
[  937.046835][T19167]  ? load_image+0x420/0x420
[  937.051367][T19167]  ? crng_make_state+0x350/0x700
[  937.056413][T19167]  ? lockdep_hardirqs_on+0x98/0x150
[  937.061804][T19167]  should_fail_ex+0x39d/0x4d0
[  937.066708][T19167]  should_failslab+0x9/0x20
[  937.071392][T19167]  slab_pre_alloc_hook+0x59/0x310
[  937.076623][T19167]  ? sctp_add_bind_addr+0x8c/0x360
[  937.081926][T19167]  __kmem_cache_alloc_node+0x53/0x250
[  937.087326][T19167]  ? sctp_add_bind_addr+0x8c/0x360
[  937.092556][T19167]  kmalloc_trace+0x2a/0xe0
[  937.097156][T19167]  sctp_add_bind_addr+0x8c/0x360
[  937.102612][T19167]  sctp_copy_local_addr_list+0x315/0x4f0
[  937.108440][T19167]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  937.114351][T19167]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  937.120799][T19167]  ? sctp_v6_is_any+0x64/0x70
[  937.125513][T19167]  ? sctp_copy_one_addr+0x8c/0x350
[  937.130725][T19167]  sctp_bind_addr_copy+0xb3/0x3c0
[  937.135856][T19167]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  937.142449][T19167]  sctp_connect_new_asoc+0x2f9/0x6a0
[  937.148401][T19167]  ? __sctp_connect+0xd80/0xd80
[  937.153283][T19167]  ? __local_bh_enable_ip+0x13a/0x1c0
[  937.158657][T19167]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  937.164232][T19167]  ? security_sctp_bind_connect+0x89/0xb0
[  937.170131][T19167]  sctp_sendmsg+0x1575/0x28c0
[  937.175025][T19167]  ? sctp_getsockopt+0xb60/0xb60
[  937.180151][T19167]  ? aa_sk_perm+0x83c/0x970
[  937.184752][T19167]  ? aa_af_perm+0x330/0x330
[  937.189349][T19167]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  937.195759][T19167]  ? sock_rps_record_flow+0x19/0x3f0
[  937.201143][T19167]  ? inet_sendmsg+0xe9/0x2f0
[  937.206019][T19167]  ? inet_send_prepare+0x260/0x260
[  937.211299][T19167]  ____sys_sendmsg+0x5ba/0x960
[  937.216315][T19167]  ? __lock_acquire+0x7d40/0x7d40
[  937.221618][T19167]  ? __sys_sendmsg_sock+0x30/0x30
[  937.226774][T19167]  ? __import_iovec+0x5f2/0x850
[  937.232162][T19167]  ? import_iovec+0x73/0xa0
[  937.236671][T19167]  ___sys_sendmsg+0x2a6/0x360
[  937.241718][T19167]  ? get_pid_task+0x20/0x1e0
[  937.246327][T19167]  ? __sys_sendmsg+0x2a0/0x2a0
[  937.251192][T19167]  ? __lock_acquire+0x7d40/0x7d40
[  937.256237][T19167]  __se_sys_sendmsg+0x1c2/0x2b0
[  937.261334][T19167]  ? __x64_sys_sendmsg+0x80/0x80
[  937.266595][T19167]  ? lockdep_hardirqs_on+0x98/0x150
[  937.272174][T19167]  do_syscall_64+0x55/0xa0
[  937.276609][T19167]  ? clear_bhb_loop+0x40/0x90
[  937.281689][T19167]  ? clear_bhb_loop+0x40/0x90
[  937.286384][T19167]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  937.292285][T19167] RIP: 0033:0x7f824a79c819
[  937.296792][T19167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  937.318190][T19167] RSP: 002b:00007f824b61e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  937.327324][T19167] RAX: ffffffffffffffda RBX: 00007f824aa15fa0 RCX: 00007f824a79c819
[  937.336570][T19167] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  937.345426][T19167] RBP: 00007f824b61e090 R08: 0000000000000000 R09: 0000000000000000
[  937.353685][T19167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  937.362185][T19167] R13: 00007f824aa16038 R14: 00007f824aa15fa0 R15: 00007fff58f88748
[  937.370190][T19167]  </TASK>
[  937.513214][T19172] __nla_validate_parse: 4 callbacks suppressed
[  937.513232][T19172] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4335'.
[  937.830752][T19176] validate_nla: 2 callbacks suppressed
[  937.830799][T19176] netlink: 'syz.1.4336': attribute type 6 has an invalid length.
[  937.848218][T19176] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4336'.
[  937.914614][T19179] netlink: 'syz.1.4336': attribute type 10 has an invalid length.
[  937.930563][T19179] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4336'.
[  938.833346][T19204] netlink: 'syz.2.4347': attribute type 6 has an invalid length.
[  938.849065][T19204] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4347'.
[  938.867083][T19204] netlink: 'syz.2.4347': attribute type 10 has an invalid length.
[  938.875412][T19204] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4347'.
[  939.075081][T19213] netlink: 'syz.2.4351': attribute type 9 has an invalid length.
[  939.096549][T19215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  939.247434][T19218] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4351'.
[  939.259472][T19218] netlink: del zone limit has 4 unknown bytes
[  939.352351][T19219] syzkaller0: entered promiscuous mode
[  939.358295][T19219] syzkaller0: entered allmulticast mode
[  939.718493][T19229] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4355'.
[  939.840741][T19229] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4355'.
[  940.158320][T19237] netlink: 'syz.0.4358': attribute type 6 has an invalid length.
[  940.166622][T19237] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4358'.
[  940.189178][T19237] netlink: 'syz.0.4358': attribute type 10 has an invalid length.
[  940.198110][T19237] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4358'.
[  941.176472][T19267] netlink: 'syz.0.4369': attribute type 6 has an invalid length.
[  941.189808][T19267] netlink: 'syz.0.4369': attribute type 10 has an invalid length.
[  942.238233][T19303] FAULT_INJECTION: forcing a failure.
[  942.238233][T19303] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  942.256913][T19303] CPU: 1 PID: 19303 Comm: syz.1.4383 Not tainted syzkaller #0
[  942.264608][T19303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  942.275037][T19303] Call Trace:
[  942.278372][T19303]  <TASK>
[  942.281332][T19303]  dump_stack_lvl+0x18c/0x250
[  942.286458][T19303]  ? show_regs_print_info+0x20/0x20
[  942.292225][T19303]  ? load_image+0x420/0x420
[  942.297197][T19303]  ? __might_fault+0xaa/0x120
[  942.302085][T19303]  ? __lock_acquire+0x7d40/0x7d40
[  942.307708][T19303]  should_fail_ex+0x39d/0x4d0
[  942.312806][T19303]  _copy_from_user+0x2f/0xe0
[  942.317701][T19303]  __sys_bpf+0x23e/0x890
[  942.322415][T19303]  ? bpf_link_show_fdinfo+0x390/0x390
[  942.328003][T19303]  ? lock_chain_count+0x20/0x20
[  942.332973][T19303]  __x64_sys_bpf+0x7c/0x90
[  942.337725][T19303]  do_syscall_64+0x55/0xa0
[  942.342235][T19303]  ? clear_bhb_loop+0x40/0x90
[  942.347215][T19303]  ? clear_bhb_loop+0x40/0x90
[  942.351941][T19303]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  942.357956][T19303] RIP: 0033:0x7f824a79c819
[  942.362671][T19303] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  942.384612][T19303] RSP: 002b:00007f824b61e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  942.393411][T19303] RAX: ffffffffffffffda RBX: 00007f824aa15fa0 RCX: 00007f824a79c819
[  942.402808][T19303] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000005
[  942.411158][T19303] RBP: 00007f824b61e090 R08: 0000000000000000 R09: 0000000000000000
[  942.419520][T19303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  942.427780][T19303] R13: 00007f824aa16038 R14: 00007f824aa15fa0 R15: 00007fff58f88748
[  942.436490][T19303]  </TASK>
[  942.806911][T19319] netlink: 'syz.1.4388': attribute type 9 has an invalid length.
[  943.107320][T19324] __nla_validate_parse: 7 callbacks suppressed
[  943.107337][T19324] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4388'.
[  943.174472][T19324] netlink: del zone limit has 4 unknown bytes
[  944.125189][T19341] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.4394'.
[  944.164875][T19341] netlink: zone id is out of range
[  944.190646][T19341] netlink: zone id is out of range
[  944.229284][T19341] netlink: zone id is out of range
[  944.277191][T19341] netlink: zone id is out of range
[  944.333464][T19341] netlink: zone id is out of range
[  944.371194][T19341] netlink: zone id is out of range
[  944.430304][T19341] netlink: zone id is out of range
[  944.449270][T19341] netlink: zone id is out of range
[  944.504702][T19341] netlink: zone id is out of range
[  944.523252][T19341] netlink: zone id is out of range
[  944.532375][T19341] netlink: zone id is out of range
[  944.543252][T19341] netlink: zone id is out of range
[  944.550338][T19341] netlink: zone id is out of range
[  945.172704][T19367] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4403'.
[  945.206256][T19363] netlink: 'syz.2.4402': attribute type 9 has an invalid length.
[  945.274953][T19367] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4403'.
[  945.530412][T19376] netlink: 'syz.3.4406': attribute type 9 has an invalid length.
[  945.536623][T19363] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4402'.
[  945.877188][T19379] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4406'.
[  948.295772][T19399] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4412'.
[  948.411507][T19385] netlink: 'syz.0.4407': attribute type 4 has an invalid length.
[  948.433093][T19385] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4407'.
[  948.555249][T19399] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4412'.
[  948.858109][T19396] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4412'.
[  949.037756][T19398] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4412'.
[  949.471122][T19418] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4416'.
[  949.487711][T19418] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4416'.
[  949.693423][T19423] netlink: 'syz.1.4418': attribute type 6 has an invalid length.
[  949.703365][T19423] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4418'.
[  949.721390][T19423] netlink: 'syz.1.4418': attribute type 10 has an invalid length.
[  949.761108][T19423] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4418'.
[  949.774135][T19425] netlink: 'syz.0.4419': attribute type 9 has an invalid length.
[  950.131954][T19428] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4419'.
[  950.262136][T19428] net_ratelimit: 331 callbacks suppressed
[  950.262154][T19428] netlink: del zone limit has 4 unknown bytes
[  950.285750][T19434] FAULT_INJECTION: forcing a failure.
[  950.285750][T19434] name failslab, interval 1, probability 0, space 0, times 0
[  950.327084][T19434] CPU: 0 PID: 19434 Comm: syz.3.4422 Not tainted syzkaller #0
[  950.334977][T19434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  950.345495][T19434] Call Trace:
[  950.348885][T19434]  <TASK>
[  950.351937][T19434]  dump_stack_lvl+0x18c/0x250
[  950.357439][T19434]  ? show_regs_print_info+0x20/0x20
[  950.363020][T19434]  ? load_image+0x420/0x420
[  950.368070][T19434]  ? __might_sleep+0xe0/0xe0
[  950.372873][T19434]  ? __lock_acquire+0x7d40/0x7d40
[  950.378464][T19434]  should_fail_ex+0x39d/0x4d0
[  950.383332][T19434]  should_failslab+0x9/0x20
[  950.387853][T19434]  slab_pre_alloc_hook+0x59/0x310
[  950.392995][T19434]  kmem_cache_alloc_node+0x60/0x320
[  950.398295][T19434]  ? __alloc_skb+0x103/0x2c0
[  950.402882][T19434]  __alloc_skb+0x103/0x2c0
[  950.407298][T19434]  ethnl_default_notify+0x34c/0x790
[  950.412507][T19434]  ? ethtool_notify+0x1b0/0x1b0
[  950.417480][T19434]  ? mutex_is_locked+0x12/0x40
[  950.422445][T19434]  ? rtnl_is_locked+0x15/0x20
[  950.427125][T19434]  ethtool_set_channels+0x5e7/0x670
[  950.432427][T19434]  ? ethtool_get_channels+0x190/0x190
[  950.438302][T19434]  ? apparmor_capable+0x137/0x1a0
[  950.443442][T19434]  ? security_capable+0x89/0xb0
[  950.448489][T19434]  dev_ethtool+0x1761/0x18d0
[  950.453254][T19434]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  950.459587][T19434]  ? __lock_acquire+0x7d40/0x7d40
[  950.465365][T19434]  ? __might_fault+0xaa/0x120
[  950.470137][T19434]  ? full_name_hash+0x92/0xe0
[  950.474814][T19434]  ? dev_load+0x21/0x1f0
[  950.479181][T19434]  dev_ioctl+0x392/0x1140
[  950.483872][T19434]  sock_do_ioctl+0x239/0x310
[  950.488668][T19434]  ? sock_show_fdinfo+0xb0/0xb0
[  950.494085][T19434]  sock_ioctl+0x5ba/0x7e0
[  950.498709][T19434]  ? sock_poll+0x3e0/0x3e0
[  950.503448][T19434]  ? bpf_lsm_file_ioctl+0x9/0x10
[  950.508558][T19434]  ? security_file_ioctl+0x80/0xa0
[  950.513686][T19434]  ? sock_poll+0x3e0/0x3e0
[  950.518207][T19434]  __se_sys_ioctl+0xfd/0x170
[  950.522998][T19434]  do_syscall_64+0x55/0xa0
[  950.527589][T19434]  ? clear_bhb_loop+0x40/0x90
[  950.532269][T19434]  ? clear_bhb_loop+0x40/0x90
[  950.536944][T19434]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  950.542842][T19434] RIP: 0033:0x7f859db9c819
[  950.547695][T19434] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  950.568868][T19434] RSP: 002b:00007f859ea6a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  950.577682][T19434] RAX: ffffffffffffffda RBX: 00007f859de15fa0 RCX: 00007f859db9c819
[  950.585911][T19434] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000006
[  950.594075][T19434] RBP: 00007f859ea6a090 R08: 0000000000000000 R09: 0000000000000000
[  950.602576][T19434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  950.610824][T19434] R13: 00007f859de16038 R14: 00007f859de15fa0 R15: 00007ffd6d8c9f68
[  950.619078][T19434]  </TASK>
[  950.962042][T19440] netlink: 'syz.3.4425': attribute type 6 has an invalid length.
[  951.063122][ T5083] Bluetooth: hci0: unexpected event 0x30 length: 13 > 3
[  951.300465][T19457] netlink: 'syz.2.4428': attribute type 6 has an invalid length.
[  953.556651][T19454] __nla_validate_parse: 2 callbacks suppressed
[  953.556667][T19454] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4427'.
[  953.574247][T19451] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4427'.
[  953.586115][T19458] netlink: 'syz.2.4428': attribute type 10 has an invalid length.
[  953.596460][T19458] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4428'.
[  953.704433][T19460] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4429'.
[  953.805192][T19462] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4431'.
[  953.857967][T19462] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  953.866344][T19462] CPU: 0 PID: 19462 Comm: syz.2.4431 Not tainted syzkaller #0
[  953.874354][T19462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  953.884789][T19462] Call Trace:
[  953.888206][T19462]  <TASK>
[  953.891254][T19462]  dump_stack_lvl+0x18c/0x250
[  953.896097][T19462]  ? show_regs_print_info+0x20/0x20
[  953.901482][T19462]  ? load_image+0x420/0x420
[  953.906114][T19462]  sysfs_warn_dup+0x8e/0xa0
[  953.910786][T19462]  sysfs_do_create_link_sd+0xc0/0x110
[  953.916210][T19462]  device_add_class_symlinks+0x1cf/0x240
[  953.922151][T19462]  device_add+0x507/0xc20
[  953.926670][T19462]  wiphy_register+0x1dad/0x2ae0
[  953.932134][T19462]  ? cfg80211_event_work+0x40/0x40
[  953.937566][T19462]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  953.943858][T19462]  ieee80211_register_hw+0x3464/0x4250
[  953.949389][T19462]  ? ieee80211_tasklet_handler+0x20/0x20
[  953.955215][T19462]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  953.961395][T19462]  ? __debug_object_init+0xec/0x450
[  953.966669][T19462]  ? __asan_memset+0x22/0x40
[  953.971464][T19462]  ? __hrtimer_init+0x186/0x270
[  953.976508][T19462]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  953.982451][T19462]  ? mac80211_hwsim_free+0x220/0x220
[  953.987760][T19462]  ? rcu_is_watching+0x15/0xb0
[  953.992730][T19462]  ? kstrndup+0xbd/0x140
[  953.997081][T19462]  hwsim_new_radio_nl+0xdc9/0x1a90
[  954.002317][T19462]  ? __nla_validate+0x50/0x50
[  954.007362][T19462]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  954.013818][T19462]  ? __nla_parse+0x40/0x50
[  954.018788][T19462]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  954.025249][T19462]  genl_family_rcv_msg_doit+0x211/0x310
[  954.031443][T19462]  ? end_current_label_crit_section+0x170/0x170
[  954.038005][T19462]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  954.044543][T19462]  ? bpf_lsm_capable+0x9/0x10
[  954.049403][T19462]  ? security_capable+0x89/0xb0
[  954.054271][T19462]  genl_rcv_msg+0x619/0x7a0
[  954.059695][T19462]  ? genl_bind+0x360/0x360
[  954.064511][T19462]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  954.071840][T19462]  ? lockdep_hardirqs_on+0x98/0x150
[  954.078023][T19462]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  954.084986][T19462]  netlink_rcv_skb+0x241/0x4d0
[  954.087129][T19470] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4430'.
[  954.092080][T19462]  ? genl_bind+0x360/0x360
[  954.092113][T19462]  ? netlink_ack+0x1180/0x1180
[  954.092147][T19462]  ? __lock_acquire+0x7d40/0x7d40
[  954.092176][T19462]  ? down_read+0x1ac/0x2e0
[  954.105391][T19470] netlink: del zone limit has 4 unknown bytes
[  954.113094][T19462]  genl_rcv+0x28/0x40
[  954.113139][T19462]  netlink_unicast+0x751/0x8d0
[  954.113173][T19462]  netlink_sendmsg+0x8d0/0xbf0
[  954.113194][T19462]  ? lockdep_hardirqs_on+0x98/0x150
[  954.113222][T19462]  ? netlink_getsockopt+0x590/0x590
[  954.113256][T19462]  ? aa_sock_msg_perm+0x94/0x150
[  954.113284][T19462]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  954.186561][T19462]  ? security_socket_sendmsg+0x80/0xa0
[  954.192593][T19462]  ? netlink_getsockopt+0x590/0x590
[  954.198655][T19462]  ____sys_sendmsg+0x5ba/0x960
[  954.209060][T19462]  ? __asan_memset+0x22/0x40
[  954.215724][T19462]  ? __sys_sendmsg_sock+0x30/0x30
[  954.222790][T19462]  ? __import_iovec+0x5f2/0x850
[  954.229706][T19462]  ? import_iovec+0x73/0xa0
[  954.236790][T19462]  ___sys_sendmsg+0x2a6/0x360
[  954.246430][T19462]  ? __sys_sendmsg+0x2a0/0x2a0
[  954.252552][T19462]  __se_sys_sendmsg+0x1c2/0x2b0
[  954.258211][T19462]  ? __x64_sys_sendmsg+0x80/0x80
[  954.264434][T19462]  ? syscall_enter_from_user_mode+0x2e/0x80
[  954.272157][T19462]  do_syscall_64+0x55/0xa0
[  954.277547][T19462]  ? clear_bhb_loop+0x40/0x90
[  954.282595][T19462]  ? clear_bhb_loop+0x40/0x90
[  954.287636][T19462]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  954.293822][T19462] RIP: 0033:0x7f2293f9c819
[  954.299061][T19462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  954.322175][T19462] RSP: 002b:00007f2294dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  954.330951][T19462] RAX: ffffffffffffffda RBX: 00007f2294215fa0 RCX: 00007f2293f9c819
[  954.340074][T19462] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000e
[  954.349108][T19462] RBP: 00007f2294032c91 R08: 0000000000000000 R09: 0000000000000000
[  954.357254][T19462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  954.365620][T19462] R13: 00007f2294216038 R14: 00007f2294215fa0 R15: 00007ffea9da6b08
[  954.374052][T19462]  </TASK>
[  954.409210][T19464] netlink: 'syz.3.4430': attribute type 9 has an invalid length.
[  954.506724][T19472] syzkaller0: entered promiscuous mode
[  954.515889][T19472] syzkaller0: entered allmulticast mode
[  954.541873][T19474] netlink: 'syz.2.4432': attribute type 21 has an invalid length.
[  954.569702][T19474] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.4432'.
[  954.605097][T19474] netlink: 21068 bytes leftover after parsing attributes in process `syz.2.4432'.
[  954.619448][T19474] tipc: Started in network mode
[  954.624933][T19474] tipc: Node identity d, cluster identity 56
[  954.633081][T19474] tipc: Node number set to 13
[  954.790050][T19477] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.4433'.
[  957.206429][T19476] netlink: 'syz.2.4433': attribute type 21 has an invalid length.
[  957.215486][T19477] netlink: 22828 bytes leftover after parsing attributes in process `syz.2.4433'.
[  957.982336][T19491] openvswitch: netlink: Flow key attribute not present in set flow.
[  958.415748][T19497] netlink: 'syz.2.4439': attribute type 6 has an invalid length.
[  958.429029][T19497] netlink: 'syz.2.4439': attribute type 10 has an invalid length.
[  958.495040][T19494] netlink: zone id is out of range
[  958.510852][T19494] netlink: zone id is out of range
[  958.516439][T19494] netlink: zone id is out of range
[  958.537626][T19494] netlink: zone id is out of range
[  958.545055][T19494] netlink: zone id is out of range
[  958.557176][T19494] netlink: zone id is out of range
[  958.567329][T19494] netlink: zone id is out of range
[  958.572726][T19494] netlink: zone id is out of range
[  958.596447][T19494] netlink: zone id is out of range
[  958.649247][T19504] netlink: 'syz.3.4443': attribute type 21 has an invalid length.
[  958.682823][T19502] __nla_validate_parse: 4 callbacks suppressed
[  958.682862][T19502] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4441'.
[  958.728373][T19506] netlink: 'syz.0.4442': attribute type 9 has an invalid length.
[  958.797282][T19502] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  958.816459][T19502] CPU: 1 PID: 19502 Comm: syz.2.4441 Not tainted syzkaller #0
[  958.824247][T19502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  958.834591][T19502] Call Trace:
[  958.837888][T19502]  <TASK>
[  958.840840][T19502]  dump_stack_lvl+0x18c/0x250
[  958.845620][T19502]  ? show_regs_print_info+0x20/0x20
[  958.851111][T19502]  ? load_image+0x420/0x420
[  958.855739][T19502]  sysfs_warn_dup+0x8e/0xa0
[  958.860440][T19502]  sysfs_do_create_link_sd+0xc0/0x110
[  958.865937][T19502]  device_add_class_symlinks+0x1cf/0x240
[  958.872011][T19502]  device_add+0x507/0xc20
[  958.876552][T19502]  wiphy_register+0x1dad/0x2ae0
[  958.881532][T19502]  ? cfg80211_event_work+0x40/0x40
[  958.886855][T19502]  ? minstrel_ht_alloc+0x88a/0x990
[  958.892131][T19502]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  958.898435][T19502]  ieee80211_register_hw+0x3464/0x4250
[  958.904286][T19502]  ? ieee80211_tasklet_handler+0x20/0x20
[  958.910220][T19502]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  958.916685][T19502]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  958.922811][T19502]  ? mac80211_hwsim_free+0x220/0x220
[  958.928221][T19502]  ? hwsim_new_radio_nl+0xdb9/0x1a90
[  958.933537][T19502]  hwsim_new_radio_nl+0xdc9/0x1a90
[  958.939393][T19502]  ? __nla_validate+0x50/0x50
[  958.944359][T19502]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  958.951613][T19502]  ? __nla_parse+0x24/0x50
[  958.956506][T19502]  ? __nla_parse+0x40/0x50
[  958.961096][T19502]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  958.967997][T19502]  genl_family_rcv_msg_doit+0x211/0x310
[  958.973855][T19502]  ? end_current_label_crit_section+0x170/0x170
[  958.980142][T19502]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  958.986435][T19502]  ? bpf_lsm_capable+0x9/0x10
[  958.991268][T19502]  ? security_capable+0x89/0xb0
[  958.996424][T19502]  genl_rcv_msg+0x619/0x7a0
[  959.001044][T19502]  ? genl_bind+0x360/0x360
[  959.005487][T19502]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  959.011877][T19502]  ? lockdep_hardirqs_on+0x98/0x150
[  959.017551][T19502]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  959.023840][T19502]  netlink_rcv_skb+0x241/0x4d0
[  959.028647][T19502]  ? genl_bind+0x360/0x360
[  959.033096][T19502]  ? netlink_ack+0x1180/0x1180
[  959.037912][T19502]  ? __lock_acquire+0x7d40/0x7d40
[  959.042983][T19502]  ? down_read+0x1ac/0x2e0
[  959.047741][T19502]  genl_rcv+0x28/0x40
[  959.051838][T19502]  netlink_unicast+0x751/0x8d0
[  959.056655][T19502]  netlink_sendmsg+0x8d0/0xbf0
[  959.061563][T19502]  ? netlink_getsockopt+0x590/0x590
[  959.066988][T19502]  ? aa_sock_msg_perm+0x94/0x150
[  959.071993][T19502]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  959.077573][T19502]  ? security_socket_sendmsg+0x80/0xa0
[  959.083158][T19502]  ? netlink_getsockopt+0x590/0x590
[  959.088395][T19502]  ____sys_sendmsg+0x5ba/0x960
[  959.093279][T19502]  ? __asan_memset+0x22/0x40
[  959.097917][T19502]  ? __sys_sendmsg_sock+0x30/0x30
[  959.103175][T19502]  ? __import_iovec+0x5f2/0x850
[  959.108160][T19502]  ? import_iovec+0x73/0xa0
[  959.112694][T19502]  ___sys_sendmsg+0x2a6/0x360
[  959.117582][T19502]  ? __sys_sendmsg+0x2a0/0x2a0
[  959.122504][T19502]  ? trace_call_bpf+0xc3/0x6c0
[  959.127385][T19502]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  959.134044][T19502]  __se_sys_sendmsg+0x1c2/0x2b0
[  959.139019][T19502]  ? __x64_sys_sendmsg+0x80/0x80
[  959.139773][T19513] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4442'.
[  959.143996][T19502]  ? lockdep_hardirqs_on+0x98/0x150
[  959.158409][T19502]  do_syscall_64+0x55/0xa0
[  959.163312][T19502]  ? clear_bhb_loop+0x40/0x90
[  959.168195][T19502]  ? clear_bhb_loop+0x40/0x90
[  959.172900][T19502]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  959.178839][T19502] RIP: 0033:0x7f2293f9c819
[  959.183370][T19502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  959.203470][T19502] RSP: 002b:00007f2294dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  959.212341][T19502] RAX: ffffffffffffffda RBX: 00007f2294215fa0 RCX: 00007f2293f9c819
[  959.220339][T19502] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000e
[  959.228580][T19502] RBP: 00007f2294032c91 R08: 0000000000000000 R09: 0000000000000000
[  959.237088][T19502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  959.245123][T19502] R13: 00007f2294216038 R14: 00007f2294215fa0 R15: 00007ffea9da6b08
[  959.253375][T19502]  </TASK>
[  959.302202][T19509] netlink: 121460 bytes leftover after parsing attributes in process `syz.3.4443'.
[  959.356905][T19509] netlink: 22828 bytes leftover after parsing attributes in process `syz.3.4443'.
[  960.254985][T19528] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4448'.
[  960.979706][T19534] netlink: 'syz.2.4450': attribute type 9 has an invalid length.
[  961.130322][T19541] netlink: 'syz.3.4451': attribute type 6 has an invalid length.
[  961.152605][T19541] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4451'.
[  961.238147][T19538] netlink: 'syz.3.4451': attribute type 10 has an invalid length.
[  961.246375][T19538] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4451'.
[  961.278124][T19534] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4450'.
[  961.470753][T19544] netlink: 'syz.3.4453': attribute type 21 has an invalid length.
[  961.570177][T19547] netlink: 121460 bytes leftover after parsing attributes in process `syz.3.4453'.
[  961.621436][T19547] netlink: 22828 bytes leftover after parsing attributes in process `syz.3.4453'.
[  962.016202][T19551] netlink: 'syz.2.4455': attribute type 10 has an invalid length.
[  962.336195][T19557] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  962.353582][T19557] CPU: 1 PID: 19557 Comm: syz.1.4456 Not tainted syzkaller #0
[  962.361380][T19557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  962.372207][T19557] Call Trace:
[  962.375797][T19557]  <TASK>
[  962.378764][T19557]  dump_stack_lvl+0x18c/0x250
[  962.383624][T19557]  ? show_regs_print_info+0x20/0x20
[  962.389138][T19557]  ? load_image+0x420/0x420
[  962.394051][T19557]  sysfs_warn_dup+0x8e/0xa0
[  962.398780][T19557]  sysfs_do_create_link_sd+0xc0/0x110
[  962.404290][T19557]  device_add_class_symlinks+0x1cf/0x240
[  962.410147][T19557]  device_add+0x507/0xc20
[  962.414696][T19557]  wiphy_register+0x1dad/0x2ae0
[  962.419861][T19557]  ? cfg80211_event_work+0x40/0x40
[  962.425150][T19557]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  962.431751][T19557]  ieee80211_register_hw+0x3464/0x4250
[  962.437499][T19557]  ? ieee80211_tasklet_handler+0x20/0x20
[  962.443163][T19557]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  962.449145][T19557]  ? __debug_object_init+0xec/0x450
[  962.454631][T19557]  ? __asan_memset+0x22/0x40
[  962.459241][T19557]  ? __hrtimer_init+0x186/0x270
[  962.464274][T19557]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  962.470015][T19557]  ? mac80211_hwsim_free+0x220/0x220
[  962.475738][T19557]  ? rcu_is_watching+0x15/0xb0
[  962.480615][T19557]  ? kstrndup+0xbd/0x140
[  962.485070][T19557]  hwsim_new_radio_nl+0xdc9/0x1a90
[  962.490383][T19557]  ? __nla_validate+0x50/0x50
[  962.495370][T19557]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  962.501825][T19557]  ? __nla_parse+0x40/0x50
[  962.506366][T19557]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  962.513268][T19557]  genl_family_rcv_msg_doit+0x211/0x310
[  962.519194][T19557]  ? end_current_label_crit_section+0x170/0x170
[  962.525805][T19557]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  962.532257][T19557]  ? bpf_lsm_capable+0x9/0x10
[  962.537131][T19557]  ? security_capable+0x89/0xb0
[  962.542196][T19557]  genl_rcv_msg+0x619/0x7a0
[  962.547203][T19557]  ? genl_bind+0x360/0x360
[  962.553129][T19557]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  962.559768][T19557]  netlink_rcv_skb+0x241/0x4d0
[  962.564823][T19557]  ? genl_bind+0x360/0x360
[  962.569505][T19557]  ? netlink_ack+0x1180/0x1180
[  962.574657][T19557]  ? __lock_acquire+0x7d40/0x7d40
[  962.579985][T19557]  ? down_read+0x1ac/0x2e0
[  962.584509][T19557]  genl_rcv+0x28/0x40
[  962.589692][T19557]  netlink_unicast+0x751/0x8d0
[  962.594921][T19557]  netlink_sendmsg+0x8d0/0xbf0
[  962.599813][T19557]  ? lockdep_hardirqs_on+0x98/0x150
[  962.605643][T19557]  ? netlink_getsockopt+0x590/0x590
[  962.611398][T19557]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  962.616712][T19557]  ? security_socket_sendmsg+0x80/0xa0
[  962.623258][T19557]  ? netlink_getsockopt+0x590/0x590
[  962.630410][T19557]  ____sys_sendmsg+0x5ba/0x960
[  962.635599][T19557]  ? __asan_memset+0x22/0x40
[  962.640748][T19557]  ? __sys_sendmsg_sock+0x30/0x30
[  962.645953][T19557]  ? __import_iovec+0x5f2/0x850
[  962.651619][T19557]  ? import_iovec+0x73/0xa0
[  962.656241][T19557]  ___sys_sendmsg+0x2a6/0x360
[  962.661149][T19557]  ? __sys_sendmsg+0x2a0/0x2a0
[  962.666260][T19557]  __se_sys_sendmsg+0x1c2/0x2b0
[  962.671558][T19557]  ? __x64_sys_sendmsg+0x80/0x80
[  962.676846][T19557]  ? lockdep_hardirqs_on+0x98/0x150
[  962.682883][T19557]  do_syscall_64+0x55/0xa0
[  962.687429][T19557]  ? clear_bhb_loop+0x40/0x90
[  962.692194][T19557]  ? clear_bhb_loop+0x40/0x90
[  962.697098][T19557]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  962.703108][T19557] RIP: 0033:0x7f824a79c819
[  962.708004][T19557] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  962.728073][T19557] RSP: 002b:00007f824b61e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  962.736995][T19557] RAX: ffffffffffffffda RBX: 00007f824aa15fa0 RCX: 00007f824a79c819
[  962.745236][T19557] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000e
[  962.753395][T19557] RBP: 00007f824a832c91 R08: 0000000000000000 R09: 0000000000000000
[  962.761902][T19557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  962.770145][T19557] R13: 00007f824aa16038 R14: 00007f824aa15fa0 R15: 00007fff58f88748
[  962.778333][T19557]  </TASK>
[  963.014826][T19564] netlink: 'syz.3.4458': attribute type 2 has an invalid length.
[  963.288230][T19572] netlink: 'syz.3.4462': attribute type 9 has an invalid length.
[  963.639717][T19571] net_ratelimit: 335 callbacks suppressed
[  963.639736][T19571] openvswitch: netlink: Flow key attribute not present in set flow.
[  963.812663][T19576] netlink: 'syz.0.4463': attribute type 21 has an invalid length.
[  963.827912][T19573] __nla_validate_parse: 3 callbacks suppressed
[  963.827929][T19573] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4462'.
[  963.988508][T19573] netlink: del zone limit has 4 unknown bytes
[  964.020115][T19577] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.4463'.
[  964.047827][T19577] netlink: 22828 bytes leftover after parsing attributes in process `syz.0.4463'.
[  964.588627][T19582] netlink: 'syz.2.4465': attribute type 10 has an invalid length.
[  964.598496][T19582] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4465'.
[  965.049965][T19598] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4470'.
[  965.145066][T19600] netlink: 'syz.1.4471': attribute type 4 has an invalid length.
[  965.153613][T19600] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4471'.
[  965.168130][T19598] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  965.187129][T19598] CPU: 0 PID: 19598 Comm: syz.2.4470 Not tainted syzkaller #0
[  965.194650][T19598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  965.204748][T19598] Call Trace:
[  965.208146][T19598]  <TASK>
[  965.211391][T19598]  dump_stack_lvl+0x18c/0x250
[  965.216433][T19598]  ? show_regs_print_info+0x20/0x20
[  965.222096][T19598]  ? load_image+0x420/0x420
[  965.226645][T19598]  sysfs_warn_dup+0x8e/0xa0
[  965.231186][T19598]  sysfs_do_create_link_sd+0xc0/0x110
[  965.236591][T19598]  device_add_class_symlinks+0x1cf/0x240
[  965.242448][T19598]  device_add+0x507/0xc20
[  965.246900][T19598]  wiphy_register+0x1dad/0x2ae0
[  965.252077][T19598]  ? cfg80211_event_work+0x40/0x40
[  965.257226][T19598]  ? minstrel_ht_alloc+0x88a/0x990
[  965.262523][T19598]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  965.268984][T19598]  ieee80211_register_hw+0x3464/0x4250
[  965.274605][T19598]  ? ieee80211_tasklet_handler+0x20/0x20
[  965.280262][T19598]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  965.286546][T19598]  ? __debug_object_init+0xec/0x450
[  965.291864][T19598]  ? __asan_memset+0x22/0x40
[  965.296473][T19598]  ? __hrtimer_init+0x186/0x270
[  965.301678][T19598]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  965.307574][T19598]  ? mac80211_hwsim_free+0x220/0x220
[  965.313143][T19598]  ? rcu_is_watching+0x15/0xb0
[  965.318020][T19598]  ? kstrndup+0xbd/0x140
[  965.322571][T19598]  hwsim_new_radio_nl+0xdc9/0x1a90
[  965.327716][T19598]  ? __nla_validate+0x50/0x50
[  965.332942][T19598]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  965.339471][T19598]  ? __nla_parse+0x40/0x50
[  965.343983][T19598]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  965.350699][T19598]  genl_family_rcv_msg_doit+0x211/0x310
[  965.356428][T19598]  ? end_current_label_crit_section+0x170/0x170
[  965.362941][T19598]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  965.368942][T19598]  ? bpf_lsm_capable+0x9/0x10
[  965.373735][T19598]  ? security_capable+0x89/0xb0
[  965.378866][T19598]  genl_rcv_msg+0x619/0x7a0
[  965.383473][T19598]  ? genl_bind+0x360/0x360
[  965.388258][T19598]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  965.394818][T19598]  ? lockdep_hardirqs_on+0x98/0x150
[  965.400199][T19598]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  965.406641][T19598]  netlink_rcv_skb+0x241/0x4d0
[  965.411857][T19598]  ? genl_bind+0x360/0x360
[  965.416434][T19598]  ? netlink_ack+0x1180/0x1180
[  965.421313][T19598]  ? __lock_acquire+0x7d40/0x7d40
[  965.426351][T19598]  ? down_read+0x1ac/0x2e0
[  965.430803][T19598]  genl_rcv+0x28/0x40
[  965.434780][T19598]  netlink_unicast+0x751/0x8d0
[  965.439732][T19598]  netlink_sendmsg+0x8d0/0xbf0
[  965.444585][T19598]  ? lockdep_hardirqs_on+0x98/0x150
[  965.449884][T19598]  ? netlink_getsockopt+0x590/0x590
[  965.455362][T19598]  ? aa_sock_msg_perm+0x94/0x150
[  965.460408][T19598]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  965.465696][T19598]  ? security_socket_sendmsg+0x80/0xa0
[  965.471253][T19598]  ? netlink_getsockopt+0x590/0x590
[  965.476551][T19598]  ____sys_sendmsg+0x5ba/0x960
[  965.481325][T19598]  ? __asan_memset+0x22/0x40
[  965.486006][T19598]  ? __sys_sendmsg_sock+0x30/0x30
[  965.491110][T19598]  ? __import_iovec+0x5f2/0x850
[  965.496267][T19598]  ? import_iovec+0x73/0xa0
[  965.500958][T19598]  ___sys_sendmsg+0x2a6/0x360
[  965.505815][T19598]  ? __sys_sendmsg+0x2a0/0x2a0
[  965.510776][T19598]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  965.517393][T19598]  __se_sys_sendmsg+0x1c2/0x2b0
[  965.522483][T19598]  ? hrtimer_interrupt+0x7bb/0x9c0
[  965.527799][T19598]  ? __x64_sys_sendmsg+0x80/0x80
[  965.532967][T19598]  ? lockdep_hardirqs_on+0x98/0x150
[  965.538441][T19598]  do_syscall_64+0x55/0xa0
[  965.542941][T19598]  ? clear_bhb_loop+0x40/0x90
[  965.547617][T19598]  ? clear_bhb_loop+0x40/0x90
[  965.552729][T19598]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  965.558728][T19598] RIP: 0033:0x7f2293f9c819
[  965.563325][T19598] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  965.583612][T19598] RSP: 002b:00007f2294da4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  965.592139][T19598] RAX: ffffffffffffffda RBX: 00007f2294216090 RCX: 00007f2293f9c819
[  965.600861][T19598] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000e
[  965.609482][T19598] RBP: 00007f2294032c91 R08: 0000000000000000 R09: 0000000000000000
[  965.617994][T19598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  965.626113][T19598] R13: 00007f2294216128 R14: 00007f2294216090 R15: 00007ffea9da6b08
[  965.634475][T19598]  </TASK>
[  965.810816][T19604] FAULT_INJECTION: forcing a failure.
[  965.810816][T19604] name failslab, interval 1, probability 0, space 0, times 0
[  965.834782][T19604] CPU: 1 PID: 19604 Comm: syz.1.4473 Not tainted syzkaller #0
[  965.842493][T19604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  965.853108][T19604] Call Trace:
[  965.856407][T19604]  <TASK>
[  965.859402][T19604]  dump_stack_lvl+0x18c/0x250
[  965.864303][T19604]  ? show_regs_print_info+0x20/0x20
[  965.870234][T19604]  ? load_image+0x420/0x420
[  965.874759][T19604]  ? __might_sleep+0xe0/0xe0
[  965.879379][T19604]  ? __lock_acquire+0x7d40/0x7d40
[  965.884969][T19604]  should_fail_ex+0x39d/0x4d0
[  965.889864][T19604]  should_failslab+0x9/0x20
[  965.894831][T19604]  slab_pre_alloc_hook+0x59/0x310
[  965.899891][T19604]  ? apparmor_sk_alloc_security+0x77/0x100
[  965.905928][T19604]  __kmem_cache_alloc_node+0x53/0x250
[  965.911650][T19604]  ? apparmor_sk_alloc_security+0x77/0x100
[  965.917850][T19604]  kmalloc_trace+0x2a/0xe0
[  965.922742][T19604]  apparmor_sk_alloc_security+0x77/0x100
[  965.928716][T19604]  security_sk_alloc+0x6e/0xa0
[  965.933698][T19604]  sk_prot_alloc+0x101/0x210
[  965.938484][T19604]  ? sk_alloc+0x24/0x360
[  965.942931][T19604]  sk_alloc+0x3a/0x360
[  965.947280][T19604]  ? bpf_ctx_init+0x163/0x1a0
[  965.951963][T19604]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  965.957604][T19604]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  965.963259][T19604]  ? __fget_files+0x28/0x4b0
[  965.967877][T19604]  ? __fget_files+0x28/0x4b0
[  965.972553][T19604]  ? __fget_files+0x43d/0x4b0
[  965.977435][T19604]  ? cpu_online+0x60/0x60
[  965.982119][T19604]  bpf_prog_test_run+0x321/0x390
[  965.987366][T19604]  __sys_bpf+0x49d/0x890
[  965.991712][T19604]  ? bpf_link_show_fdinfo+0x390/0x390
[  965.997340][T19604]  ? lock_chain_count+0x20/0x20
[  966.002403][T19604]  __x64_sys_bpf+0x7c/0x90
[  966.006933][T19604]  do_syscall_64+0x55/0xa0
[  966.011480][T19604]  ? clear_bhb_loop+0x40/0x90
[  966.016377][T19604]  ? clear_bhb_loop+0x40/0x90
[  966.021460][T19604]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  966.027645][T19604] RIP: 0033:0x7f824a79c819
[  966.032173][T19604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  966.051962][T19604] RSP: 002b:00007f824b61e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  966.060492][T19604] RAX: ffffffffffffffda RBX: 00007f824aa15fa0 RCX: 00007f824a79c819
[  966.068685][T19604] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  966.077019][T19604] RBP: 00007f824b61e090 R08: 0000000000000000 R09: 0000000000000000
[  966.085201][T19604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.093701][T19604] R13: 00007f824aa16038 R14: 00007f824aa15fa0 R15: 00007fff58f88748
[  966.101935][T19604]  </TASK>
[  966.295498][T19607] netlink: 'syz.2.4475': attribute type 21 has an invalid length.
[  966.373013][T19607] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.4475'.
[  966.649189][T19611] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4474'.
[  966.660863][T19611] openvswitch: netlink: Flow key attribute not present in set flow.
[  966.909857][T19607] netlink: 22828 bytes leftover after parsing attributes in process `syz.2.4475'.
[  967.237570][T19619] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4478'.
[  967.418481][T19624] netlink: 'syz.3.4479': attribute type 9 has an invalid length.
[  967.878073][T19636] netlink: 'syz.0.4482': attribute type 6 has an invalid length.
[  967.928320][T19637] netlink: del zone limit has 4 unknown bytes
[  967.973467][T19638] netlink: 'syz.0.4482': attribute type 10 has an invalid length.
[  968.171786][T19646] netlink: 'syz.1.4486': attribute type 21 has an invalid length.
[  968.412349][T19648] netlink: 'syz.0.4488': attribute type 9 has an invalid length.
[  968.554513][T19650] netlink: 'syz.1.4489': attribute type 21 has an invalid length.
[  968.761954][T19651] netlink: del zone limit has 4 unknown bytes
[  970.009835][T19669] netlink: 'syz.2.4495': attribute type 6 has an invalid length.
[  970.036538][T19669] __nla_validate_parse: 7 callbacks suppressed
[  970.036571][T19669] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4495'.
[  970.099507][T19669] netlink: 'syz.2.4495': attribute type 10 has an invalid length.
[  970.110393][T19669] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4495'.
[  970.362078][T19677] netlink: 'syz.2.4497': attribute type 21 has an invalid length.
[  970.424153][T19677] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.4497'.
[  970.499723][T19682] netlink: 'syz.3.4499': attribute type 13 has an invalid length.
[  970.515751][T19682] netlink: 160 bytes leftover after parsing attributes in process `syz.3.4499'.
[  970.539985][T19682] erspan0: refused to change device tx_queue_len
[  970.546636][T19682] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  970.572271][T19681] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4498'.
[  970.582245][T19677] netlink: 22828 bytes leftover after parsing attributes in process `syz.2.4497'.
[  970.611857][T19684] netlink: 'syz.3.4499': attribute type 21 has an invalid length.
[  970.620540][T19684] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4499'.
[  970.648516][T19685] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4498'.
[  971.082156][T19702] netlink: 'syz.2.4505': attribute type 6 has an invalid length.
[  971.094623][T19702] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4505'.
[  971.182831][T19704] netlink: 'syz.2.4505': attribute type 10 has an invalid length.
[  971.284946][T19704] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4505'.
[  971.520207][T19705] FAULT_INJECTION: forcing a failure.
[  971.520207][T19705] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  971.557121][T19705] CPU: 1 PID: 19705 Comm: syz.3.4506 Not tainted syzkaller #0
[  971.565007][T19705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  971.575352][T19705] Call Trace:
[  971.578657][T19705]  <TASK>
[  971.581706][T19705]  dump_stack_lvl+0x18c/0x250
[  971.586615][T19705]  ? show_regs_print_info+0x20/0x20
[  971.591942][T19705]  ? load_image+0x420/0x420
[  971.596484][T19705]  ? __might_fault+0xaa/0x120
[  971.601286][T19705]  ? __lock_acquire+0x7d40/0x7d40
[  971.606524][T19705]  should_fail_ex+0x39d/0x4d0
[  971.611591][T19705]  _copy_to_user+0x2f/0xa0
[  971.616124][T19705]  bpf_test_finish+0x19f/0x650
[  971.620932][T19705]  ? convert_skb_to___skb+0x420/0x420
[  971.626362][T19705]  ? read_tsc+0x9/0x20
[  971.630570][T19705]  bpf_prog_test_run_flow_dissector+0x4c9/0x640
[  971.637122][T19705]  ? xdp_convert_buff_to_md+0x200/0x200
[  971.642877][T19705]  ? __fget_files+0x28/0x4b0
[  971.647675][T19705]  ? __fget_files+0x28/0x4b0
[  971.652308][T19705]  ? xdp_convert_buff_to_md+0x200/0x200
[  971.657891][T19705]  bpf_prog_test_run+0x321/0x390
[  971.663085][T19705]  __sys_bpf+0x49d/0x890
[  971.667450][T19705]  ? bpf_link_show_fdinfo+0x390/0x390
[  971.673037][T19705]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  971.679476][T19705]  __x64_sys_bpf+0x7c/0x90
[  971.683984][T19705]  do_syscall_64+0x55/0xa0
[  971.688395][T19705]  ? clear_bhb_loop+0x40/0x90
[  971.693120][T19705]  ? clear_bhb_loop+0x40/0x90
[  971.697892][T19705]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  971.704045][T19705] RIP: 0033:0x7f859db9c819
[  971.708641][T19705] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  971.728862][T19705] RSP: 002b:00007f859ea6a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  971.737901][T19705] RAX: ffffffffffffffda RBX: 00007f859de15fa0 RCX: 00007f859db9c819
[  971.745986][T19705] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 000000000000000a
[  971.754341][T19705] RBP: 00007f859ea6a090 R08: 0000000000000000 R09: 0000000000000000
[  971.762504][T19705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.770561][T19705] R13: 00007f859de16038 R14: 00007f859de15fa0 R15: 00007ffd6d8c9f68
[  971.778723][T19705]  </TASK>
[  973.865497][T19758] validate_nla: 3 callbacks suppressed
[  973.865524][T19758] netlink: 'syz.0.4519': attribute type 21 has an invalid length.
[  974.324944][T19761] syz.2.4523 (19761) used obsolete PPPIOCDETACH ioctl
[  975.507419][T19785] FAULT_INJECTION: forcing a failure.
[  975.507419][T19785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  975.536460][T19785] CPU: 0 PID: 19785 Comm: syz.1.4526 Not tainted syzkaller #0
[  975.544530][T19785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  975.556122][T19785] Call Trace:
[  975.559548][T19785]  <TASK>
[  975.561539][T19786] netlink: 'syz.2.4527': attribute type 1 has an invalid length.
[  975.562623][T19785]  dump_stack_lvl+0x18c/0x250
[  975.562661][T19785]  ? show_regs_print_info+0x20/0x20
[  975.562684][T19785]  ? load_image+0x420/0x420
[  975.562709][T19785]  ? __might_fault+0xaa/0x120
[  975.562729][T19785]  ? __lock_acquire+0x7d40/0x7d40
[  975.562755][T19785]  should_fail_ex+0x39d/0x4d0
[  975.562786][T19785]  _copy_from_user+0x2f/0xe0
[  975.562809][T19785]  ___sys_recvmsg+0x176/0x590
[  975.562836][T19785]  ? __sys_recvmsg+0x2a0/0x2a0
[  975.562860][T19785]  ? ksys_write+0x1c4/0x260
[  975.562895][T19785]  ? __fget_files+0x43d/0x4b0
[  975.562933][T19785]  __x64_sys_recvmsg+0x20c/0x2e0
[  975.562952][T19785]  ? perf_trace_preemptirq_template+0x269/0x330
[  975.562978][T19785]  ? ___sys_recvmsg+0x590/0x590
[  975.563012][T19785]  ? lockdep_hardirqs_on+0x98/0x150
[  975.563036][T19785]  do_syscall_64+0x55/0xa0
[  975.563051][T19785]  ? clear_bhb_loop+0x40/0x90
[  975.563071][T19785]  ? clear_bhb_loop+0x40/0x90
[  975.563093][T19785]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  975.563113][T19785] RIP: 0033:0x7f824a79c819
[  975.563131][T19785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  975.563146][T19785] RSP: 002b:00007f824b5fd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  975.563167][T19785] RAX: ffffffffffffffda RBX: 00007f824aa16090 RCX: 00007f824a79c819
[  975.563180][T19785] RDX: 0000000040000101 RSI: 0000200000000680 RDI: 0000000000000003
[  975.563192][T19785] RBP: 00007f824b5fd090 R08: 0000000000000000 R09: 0000000000000000
[  975.563203][T19785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  975.563214][T19785] R13: 00007f824aa16128 R14: 00007f824aa16090 R15: 00007fff58f88748
[  975.563243][T19785]  </TASK>
[  975.847259][T19786] netlink: 'syz.2.4527': attribute type 3 has an invalid length.
[  975.885739][T19786] __nla_validate_parse: 10 callbacks suppressed
[  975.885785][T19786] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4527'.
[  978.523181][T19796] netlink: 'syz.2.4530': attribute type 21 has an invalid length.
[  978.567884][T19796] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.4530'.
[  978.597205][T19796] netlink: 21068 bytes leftover after parsing attributes in process `syz.2.4530'.
[  978.778091][T19809] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4533'.
[  978.801393][T19809] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4533'.
[  978.991680][T19813] netlink: 'syz.2.4537': attribute type 9 has an invalid length.
[  979.351939][T19818] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4537'.
[  979.362840][T19818] netlink: del zone limit has 4 unknown bytes
[  980.046318][T19833] netlink: 'syz.0.4544': attribute type 21 has an invalid length.
[  980.128867][T19833] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.4544'.
[  980.142696][T19833] netlink: 21068 bytes leftover after parsing attributes in process `syz.0.4544'.
[  980.488766][T19843] netlink: 'syz.1.4548': attribute type 9 has an invalid length.
[  980.629693][T19848] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4549'.
[  980.742060][T19846] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4549'.
[  980.783609][T19850] netlink: del zone limit has 4 unknown bytes
[  981.776259][T19867] netlink: 'syz.3.4554': attribute type 21 has an invalid length.
[  981.803065][T19867] __nla_validate_parse: 1 callbacks suppressed
[  981.803104][T19867] netlink: 121460 bytes leftover after parsing attributes in process `syz.3.4554'.
[  981.838717][T19867] netlink: 21068 bytes leftover after parsing attributes in process `syz.3.4554'.
[  981.853093][T19867] tipc: Started in network mode
[  981.858595][T19867] tipc: Node identity d, cluster identity 56
[  981.864954][T19867] tipc: Node number set to 13
[  982.039063][T19869] netlink: 'syz.3.4555': attribute type 6 has an invalid length.
[  982.068797][T19869] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4555'.
[  982.083898][T19872] netlink: 'syz.3.4555': attribute type 10 has an invalid length.
[  982.091962][T19872] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4555'.
[  982.132156][T19871] netlink: 'syz.0.4556': attribute type 6 has an invalid length.
[  982.144007][T19871] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4556'.
[  982.197983][T19873] netlink: 'syz.0.4556': attribute type 10 has an invalid length.
[  982.222622][T19873] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4556'.
[  982.432897][T19880] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4558'.
[  982.450492][T19880] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4558'.
[  983.161577][T19893] netlink: 'syz.2.4564': attribute type 21 has an invalid length.
[  983.215440][T19893] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.4564'.
[  983.232176][T19893] netlink: 21068 bytes leftover after parsing attributes in process `syz.2.4564'.
[  983.403629][T19902] netlink: 'syz.3.4566': attribute type 6 has an invalid length.
[  983.861976][T19916] netlink: del zone limit has 4 unknown bytes
[  984.029925][T19922] netlink: del zone limit has 4 unknown bytes
[  985.431050][T19938] validate_nla: 3 callbacks suppressed
[  985.431082][T19938] netlink: 'syz.1.4577': attribute type 6 has an invalid length.
[  985.457433][T19938] netlink: 'syz.1.4577': attribute type 10 has an invalid length.
[  985.692895][T19941] netlink: 'syz.1.4578': attribute type 1 has an invalid length.
[  985.731722][T19941] netlink: 'syz.1.4578': attribute type 3 has an invalid length.
[  985.789038][T19942] netlink: 'syz.1.4578': attribute type 10 has an invalid length.
[  986.719164][T19979] netlink: 'syz.0.4589': attribute type 10 has an invalid length.
[  986.742557][T19979] batman_adv: batadv0: Adding interface: netdevsim0
[  986.764052][T19979] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  986.794773][T19979] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  986.808038][T19969] __nla_validate_parse: 9 callbacks suppressed
[  986.808079][T19969] netlink: 192 bytes leftover after parsing attributes in process `syz.3.4591'.
[  986.923618][T19988] netlink: 'syz.3.4593': attribute type 9 has an invalid length.
[  986.958336][T19991] netlink: 192 bytes leftover after parsing attributes in process `syz.2.4601'.
[  986.992300][T19991] netlink: 192 bytes leftover after parsing attributes in process `syz.2.4601'.
[  987.163046][T19994] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4593'.
[  987.196505][T19994] netlink: del zone limit has 4 unknown bytes
[  987.781758][T20007] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4599'.
[  987.875903][T20007] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4599'.
[  987.913140][T20012] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4599'.
[  987.957981][T20007] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4599'.
[  988.214220][T20023] netlink: 192 bytes leftover after parsing attributes in process `syz.1.4604'.
[  988.249181][T20023] netlink: 192 bytes leftover after parsing attributes in process `syz.1.4604'.
[  988.453065][T20029] netlink: 'syz.0.4608': attribute type 39 has an invalid length.
[  988.464974][T20029] veth0_macvtap: left promiscuous mode
[  988.716935][ T5083] Bluetooth: hci1: ISO packet for unknown connection handle 0
[  990.956561][T20091] netlink: 'syz.3.4629': attribute type 10 has an invalid length.
[  991.002516][T20091] batman_adv: batadv0: Adding interface: netdevsim0
[  991.026003][T20091] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  991.065670][T20091] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  991.264726][T20106] netlink: 'syz.0.4635': attribute type 2 has an invalid length.
[  991.326603][T20106] netlink: 'syz.0.4635': attribute type 8 has an invalid length.
[  991.356707][T20106] netlink: 'syz.0.4635': attribute type 2 has an invalid length.
[  991.365279][T20106] netlink: 'syz.0.4635': attribute type 8 has an invalid length.
[  991.387134][T20106] netlink: 'syz.0.4635': attribute type 2 has an invalid length.
[  991.407009][T20106] netlink: 'syz.0.4635': attribute type 8 has an invalid length.
[  991.420497][T20106] netlink: 'syz.0.4635': attribute type 2 has an invalid length.
[  991.430650][T20106] netlink: 'syz.0.4635': attribute type 8 has an invalid length.
[  991.440012][T20106] netlink: 'syz.0.4635': attribute type 2 has an invalid length.
[  991.986266][T20116] __nla_validate_parse: 78 callbacks suppressed
[  991.986285][T20116] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4637'.
[  992.018097][T20116] netlink: del zone limit has 4 unknown bytes
[  992.246873][T20128] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4642'.
[  992.286929][T20128] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4642'.
[  992.288048][T20131] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4642'.
[  992.604579][T20135] netlink: 192 bytes leftover after parsing attributes in process `syz.2.4644'.
[  992.614471][T20136] netlink: 192 bytes leftover after parsing attributes in process `syz.2.4644'.
[  992.633018][T20131] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  992.747595][T20141] netlink: 121460 bytes leftover after parsing attributes in process `syz.1.4645'.
[  992.819208][T20141] netlink: 22828 bytes leftover after parsing attributes in process `syz.1.4645'.
[  993.420265][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  993.428967][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  993.959964][T20165] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.4656'.
[  993.989442][T20165] netlink: 21068 bytes leftover after parsing attributes in process `syz.0.4656'.
[  994.437660][T20173] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  994.684826][ T5769] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  994.708501][ T5769] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  994.746362][ T5769] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  994.755802][ T5769] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  994.763998][ T5769] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  994.774153][ T5769] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  994.953831][T20182] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  994.973968][T20182] CPU: 0 PID: 20182 Comm: syz.0.4660 Not tainted syzkaller #0
[  994.981927][T20182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  994.992357][T20182] Call Trace:
[  994.995656][T20182]  <TASK>
[  994.998711][T20182]  dump_stack_lvl+0x18c/0x250
[  995.003574][T20182]  ? show_regs_print_info+0x20/0x20
[  995.008790][T20182]  ? load_image+0x420/0x420
[  995.013585][T20182]  sysfs_warn_dup+0x8e/0xa0
[  995.018099][T20182]  sysfs_do_create_link_sd+0xc0/0x110
[  995.023662][T20182]  device_add_class_symlinks+0x1cf/0x240
[  995.029416][T20182]  device_add+0x507/0xc20
[  995.033967][T20182]  wiphy_register+0x1dad/0x2ae0
[  995.039386][T20182]  ? cfg80211_event_work+0x40/0x40
[  995.044524][T20182]  ? minstrel_ht_alloc+0x88a/0x990
[  995.050005][T20182]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  995.056253][T20182]  ieee80211_register_hw+0x3464/0x4250
[  995.062157][T20182]  ? ieee80211_tasklet_handler+0x20/0x20
[  995.067913][T20182]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  995.073916][T20182]  ? __debug_object_init+0xec/0x450
[  995.080001][T20182]  ? __asan_memset+0x22/0x40
[  995.084796][T20182]  ? __hrtimer_init+0x186/0x270
[  995.090236][T20182]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  995.096257][T20182]  ? mac80211_hwsim_free+0x220/0x220
[  995.101840][T20182]  ? rcu_is_watching+0x15/0xb0
[  995.107259][T20182]  ? kstrndup+0xbd/0x140
[  995.111880][T20182]  hwsim_new_radio_nl+0xdc9/0x1a90
[  995.117081][T20182]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  995.122925][T20182]  ? mark_lock+0x94/0x320
[  995.127347][T20182]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  995.133878][T20182]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  995.140139][T20182]  ? lockdep_hardirqs_on+0x98/0x150
[  995.145554][T20182]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  995.151841][T20182]  genl_family_rcv_msg_doit+0x211/0x310
[  995.157395][T20182]  ? end_current_label_crit_section+0x170/0x170
[  995.163740][T20182]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  995.169922][T20182]  ? bpf_lsm_capable+0x9/0x10
[  995.174774][T20182]  ? security_capable+0x89/0xb0
[  995.179740][T20182]  genl_rcv_msg+0x619/0x7a0
[  995.184601][T20182]  ? genl_bind+0x360/0x360
[  995.189101][T20182]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  995.195524][T20182]  netlink_rcv_skb+0x241/0x4d0
[  995.200405][T20182]  ? genl_bind+0x360/0x360
[  995.204827][T20182]  ? netlink_ack+0x1180/0x1180
[  995.209899][T20182]  ? __lock_acquire+0x7d40/0x7d40
[  995.215220][T20182]  ? down_read+0x1ac/0x2e0
[  995.219647][T20182]  genl_rcv+0x28/0x40
[  995.223772][T20182]  netlink_unicast+0x751/0x8d0
[  995.229017][T20182]  netlink_sendmsg+0x8d0/0xbf0
[  995.233815][T20182]  ? lockdep_hardirqs_on+0x98/0x150
[  995.239380][T20182]  ? netlink_getsockopt+0x590/0x590
[  995.244593][T20182]  ? aa_sock_msg_perm+0x94/0x150
[  995.249643][T20182]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  995.255129][T20182]  ? security_socket_sendmsg+0x80/0xa0
[  995.260704][T20182]  ? netlink_getsockopt+0x590/0x590
[  995.266038][T20182]  ____sys_sendmsg+0x5ba/0x960
[  995.271111][T20182]  ? __asan_memset+0x22/0x40
[  995.275829][T20182]  ? __sys_sendmsg_sock+0x30/0x30
[  995.280881][T20182]  ? __import_iovec+0x5f2/0x850
[  995.285839][T20182]  ? import_iovec+0x73/0xa0
[  995.290563][T20182]  ___sys_sendmsg+0x2a6/0x360
[  995.295881][T20182]  ? __sys_sendmsg+0x2a0/0x2a0
[  995.300888][T20182]  __se_sys_sendmsg+0x1c2/0x2b0
[  995.306501][T20182]  ? __x64_sys_sendmsg+0x80/0x80
[  995.312309][T20182]  ? syscall_enter_from_user_mode+0x2e/0x80
[  995.318420][T20182]  do_syscall_64+0x55/0xa0
[  995.322976][T20182]  ? clear_bhb_loop+0x40/0x90
[  995.327959][T20182]  ? clear_bhb_loop+0x40/0x90
[  995.332938][T20182]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  995.338932][T20182] RIP: 0033:0x7fe498d9c819
[  995.343351][T20182] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  995.363571][T20182] RSP: 002b:00007fe499d34028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  995.372078][T20182] RAX: ffffffffffffffda RBX: 00007fe499015fa0 RCX: 00007fe498d9c819
[  995.380515][T20182] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000e
[  995.388766][T20182] RBP: 00007fe498e32c91 R08: 0000000000000000 R09: 0000000000000000
[  995.397171][T20182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  995.405457][T20182] R13: 00007fe499016038 R14: 00007fe499015fa0 R15: 00007ffcaf7f30b8
[  995.413713][T20182]  </TASK>
[  995.632031][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  995.882135][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  996.015868][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  996.065514][T20198] validate_nla: 123 callbacks suppressed
[  996.065791][T20198] netlink: 'syz.0.4665': attribute type 9 has an invalid length.
[  996.265442][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  996.417045][T20204] netlink: del zone limit has 4 unknown bytes
[  996.548939][T20178] chnl_net:caif_netlink_parms(): no params data found
[  996.838688][T20221] FAULT_INJECTION: forcing a failure.
[  996.838688][T20221] name failslab, interval 1, probability 0, space 0, times 0
[  996.852291][T20221] CPU: 1 PID: 20221 Comm: syz.0.4670 Not tainted syzkaller #0
[  996.860399][T20221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  996.870838][T20221] Call Trace:
[  996.874248][T20221]  <TASK>
[  996.877461][T20221]  dump_stack_lvl+0x18c/0x250
[  996.882206][T20221]  ? sctp_sendmsg+0x1575/0x28c0
[  996.887351][T20221]  ? ___sys_sendmsg+0x2a6/0x360
[  996.892321][T20221]  ? show_regs_print_info+0x20/0x20
[  996.897925][T20221]  ? load_image+0x420/0x420
[  996.902560][T20221]  should_fail_ex+0x39d/0x4d0
[  996.907351][T20221]  should_failslab+0x9/0x20
[  996.912128][T20221]  slab_pre_alloc_hook+0x59/0x310
[  996.917341][T20221]  ? sctp_add_bind_addr+0x8c/0x360
[  996.922448][T20221]  __kmem_cache_alloc_node+0x53/0x250
[  996.928095][T20221]  ? sctp_add_bind_addr+0x8c/0x360
[  996.933300][T20221]  kmalloc_trace+0x2a/0xe0
[  996.937981][T20221]  sctp_add_bind_addr+0x8c/0x360
[  996.943178][T20221]  sctp_copy_local_addr_list+0x315/0x4f0
[  996.949099][T20221]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  996.954895][T20221]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  996.961204][T20221]  ? sctp_v4_is_any+0x35/0x60
[  996.966267][T20221]  ? sctp_copy_one_addr+0x8c/0x350
[  996.971761][T20221]  sctp_bind_addr_copy+0xb3/0x3c0
[  996.976813][T20221]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  996.983336][T20221]  sctp_connect_new_asoc+0x2f9/0x6a0
[  996.988708][T20221]  ? __sctp_connect+0xd80/0xd80
[  996.993706][T20221]  ? __local_bh_enable_ip+0x13a/0x1c0
[  996.999174][T20221]  ? _local_bh_enable+0xa0/0xa0
[  997.004198][T20221]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  997.010264][T20221]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  997.016248][T20221]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  997.021940][T20221]  ? security_sctp_bind_connect+0x89/0xb0
[  997.028192][T20221]  sctp_sendmsg+0x1575/0x28c0
[  997.033066][T20221]  ? sctp_getsockopt+0xb60/0xb60
[  997.038309][T20221]  ? aa_sk_perm+0x83c/0x970
[  997.042933][T20221]  ? aa_af_perm+0x330/0x330
[  997.047743][T20221]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  997.054314][T20221]  ? sock_rps_record_flow+0x19/0x3f0
[  997.059797][T20221]  ? inet_sendmsg+0x7c/0x2f0
[  997.064615][T20221]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  997.070122][T20221]  ? security_socket_sendmsg+0x80/0xa0
[  997.075788][T20221]  ? inet_send_prepare+0x260/0x260
[  997.081164][T20221]  ____sys_sendmsg+0x5ba/0x960
[  997.086013][T20221]  ? __lock_acquire+0x7d40/0x7d40
[  997.091328][T20221]  ? __asan_memset+0x22/0x40
[  997.095962][T20221]  ? __sys_sendmsg_sock+0x30/0x30
[  997.101007][T20221]  ? __import_iovec+0x5f2/0x850
[  997.106239][T20221]  ? import_iovec+0x73/0xa0
[  997.110839][T20221]  ___sys_sendmsg+0x2a6/0x360
[  997.115550][T20221]  ? get_pid_task+0x20/0x1e0
[  997.120145][T20221]  ? __sys_sendmsg+0x2a0/0x2a0
[  997.124920][T20221]  ? __lock_acquire+0x7d40/0x7d40
[  997.130309][T20221]  __se_sys_sendmsg+0x1c2/0x2b0
[  997.135704][T20221]  ? __x64_sys_sendmsg+0x80/0x80
[  997.140829][T20221]  ? lockdep_hardirqs_on+0x98/0x150
[  997.146302][T20221]  do_syscall_64+0x55/0xa0
[  997.150891][T20221]  ? clear_bhb_loop+0x40/0x90
[  997.155672][T20221]  ? clear_bhb_loop+0x40/0x90
[  997.160695][T20221]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  997.166675][T20221] RIP: 0033:0x7fe498d9c819
[  997.171290][T20221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  997.191192][T20221] RSP: 002b:00007fe499d34028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  997.199843][T20221] RAX: ffffffffffffffda RBX: 00007fe499015fa0 RCX: 00007fe498d9c819
[  997.208088][T20221] RDX: 0000000040004044 RSI: 0000200000000140 RDI: 0000000000000003
[  997.216317][T20221] RBP: 00007fe499d34090 R08: 0000000000000000 R09: 0000000000000000
[  997.224384][T20221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  997.232878][T20221] R13: 00007fe499016038 R14: 00007fe499015fa0 R15: 00007ffcaf7f30b8
[  997.241001][T20221]  </TASK>
[  997.246420][ T5769] Bluetooth: hci4: command tx timeout
[  997.255809][T20178] bridge0: port 1(bridge_slave_0) entered blocking state
[  997.293305][T20178] bridge0: port 1(bridge_slave_0) entered disabled state
[  997.323193][T20178] bridge_slave_0: entered allmulticast mode
[  997.369159][T20178] bridge_slave_0: entered promiscuous mode
[  997.391885][T20178] bridge0: port 2(bridge_slave_1) entered blocking state
[  997.402836][T20178] bridge0: port 2(bridge_slave_1) entered disabled state
[  997.423357][T20178] bridge_slave_1: entered allmulticast mode
[  997.468739][T20178] bridge_slave_1: entered promiscuous mode
[  997.619597][T20178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  997.646866][   T11] tipc: Left network mode
[  997.654344][T20178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  997.740706][T20178] team0: Port device team_slave_0 added
[  997.779187][T20178] team0: Port device team_slave_1 added
[  997.926383][T20250] __nla_validate_parse: 14 callbacks suppressed
[  997.926403][T20250] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.4675'.
[  998.113964][T20245] netlink: 'syz.0.4675': attribute type 21 has an invalid length.
[  998.145453][T20250] netlink: 21068 bytes leftover after parsing attributes in process `syz.0.4675'.
[  998.161454][T20251] netlink: 192 bytes leftover after parsing attributes in process `syz.2.4674'.
[  998.191926][T20242] netlink: 192 bytes leftover after parsing attributes in process `syz.2.4674'.
[  998.317495][T20178] batman_adv: batadv0: Adding interface: batadv_slave_0
[  998.324853][T20178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  998.374787][T20178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  998.639823][T20178] batman_adv: batadv0: Adding interface: batadv_slave_1
[  998.677558][T20178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  998.750640][T20178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  999.200140][T20178] hsr_slave_0: entered promiscuous mode
[  999.220680][T20178] hsr_slave_1: entered promiscuous mode
[  999.257221][ T5769] Bluetooth: hci4: command tx timeout
[  999.388552][T20277] netlink: 'syz.2.4681': attribute type 39 has an invalid length.
[  999.553636][T20286] netlink: 'syz.3.4684': attribute type 21 has an invalid length.
[  999.624211][T20286] netlink: 121460 bytes leftover after parsing attributes in process `syz.3.4684'.
[  999.725046][T20286] netlink: 21068 bytes leftover after parsing attributes in process `syz.3.4684'.
[ 1000.463841][T20299] FAULT_INJECTION: forcing a failure.
[ 1000.463841][T20299] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1000.487175][T20299] CPU: 0 PID: 20299 Comm: syz.3.4688 Not tainted syzkaller #0
[ 1000.495144][T20299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1000.506125][T20299] Call Trace:
[ 1000.509766][T20299]  <TASK>
[ 1000.512848][T20299]  dump_stack_lvl+0x18c/0x250
[ 1000.517747][T20299]  ? show_regs_print_info+0x20/0x20
[ 1000.523780][T20299]  ? load_image+0x420/0x420
[ 1000.529132][T20299]  ? __might_fault+0xaa/0x120
[ 1000.534034][T20299]  ? __lock_acquire+0x7d40/0x7d40
[ 1000.539273][T20299]  should_fail_ex+0x39d/0x4d0
[ 1000.544174][T20299]  _copy_to_user+0x2f/0xa0
[ 1000.548937][T20299]  bpf_test_finish+0x25a/0x650
[ 1000.553831][T20299]  ? convert_skb_to___skb+0x420/0x420
[ 1000.559937][T20299]  ? read_tsc+0x9/0x20
[ 1000.564147][T20299]  ? __rcu_read_unlock+0x7c/0xd0
[ 1000.569632][T20299]  bpf_prog_test_run_flow_dissector+0x4c9/0x640
[ 1000.576877][T20299]  ? xdp_convert_buff_to_md+0x200/0x200
[ 1000.582893][T20299]  ? __fget_files+0x28/0x4b0
[ 1000.587873][T20299]  ? __fget_files+0x28/0x4b0
[ 1000.592656][T20299]  ? xdp_convert_buff_to_md+0x200/0x200
[ 1000.598585][T20299]  bpf_prog_test_run+0x321/0x390
[ 1000.603824][T20299]  __sys_bpf+0x49d/0x890
[ 1000.608995][T20299]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1000.615557][T20299]  ? lock_chain_count+0x20/0x20
[ 1000.621180][T20299]  __x64_sys_bpf+0x7c/0x90
[ 1000.626070][T20299]  do_syscall_64+0x55/0xa0
[ 1000.631051][T20299]  ? clear_bhb_loop+0x40/0x90
[ 1000.636122][T20299]  ? clear_bhb_loop+0x40/0x90
[ 1000.641885][T20299]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1000.648677][T20299] RIP: 0033:0x7f859db9c819
[ 1000.653914][T20299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1000.674194][T20299] RSP: 002b:00007f859ea6a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1000.683850][T20299] RAX: ffffffffffffffda RBX: 00007f859de15fa0 RCX: 00007f859db9c819
[ 1000.692193][T20299] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 000000000000000a
[ 1000.700703][T20299] RBP: 00007f859ea6a090 R08: 0000000000000000 R09: 0000000000000000
[ 1000.709371][T20299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1000.717952][T20299] R13: 00007f859de16038 R14: 00007f859de15fa0 R15: 00007ffd6d8c9f68
[ 1000.726458][T20299]  </TASK>
[ 1000.807703][T20308] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1000.815535][T20308] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1000.836587][T20308] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1000.855640][T20308] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1000.867793][T20308] batman_adv: batadv0: Interface deactivated: virt_wifi0
[ 1000.877144][T20308] batman_adv: batadv0: Removing interface: virt_wifi0
[ 1000.896221][T20308] batman_adv: batadv0: Removing interface: netdevsim0
[ 1001.337502][ T5769] Bluetooth: hci4: command tx timeout
[ 1001.875445][T20178] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1001.927630][T20178] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1001.984764][   T11] 
[ 1001.987146][   T11] ======================================================
[ 1001.994176][   T11] WARNING: possible circular locking dependency detected
[ 1002.001414][   T11] syzkaller #0 Not tainted
[ 1002.006363][   T11] ------------------------------------------------------
[ 1002.013694][   T11] kworker/u4:0/11 is trying to acquire lock:
[ 1002.020032][   T11] ffff88802efe8d00 (team->team_lock_key#6){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[ 1002.029989][   T11] 
[ 1002.029989][   T11] but task is already holding lock:
[ 1002.037734][   T11] ffff888077cf0768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x29a/0x690
[ 1002.048466][   T11] 
[ 1002.048466][   T11] which lock already depends on the new lock.
[ 1002.048466][   T11] 
[ 1002.059313][   T11] 
[ 1002.059313][   T11] the existing dependency chain (in reverse order) is:
[ 1002.068508][   T11] 
[ 1002.068508][   T11] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[ 1002.076266][   T11]        __mutex_lock+0x136/0xcc0
[ 1002.081398][   T11]        ieee80211_open+0x144/0x200
[ 1002.086645][   T11]        __dev_open+0x2cb/0x430
[ 1002.091567][   T11]        dev_open+0xab/0x190
[ 1002.096280][   T11]        team_add_slave+0x75f/0x29a0
[ 1002.102189][   T11]        do_setlink+0xdfe/0x4130
[ 1002.107596][   T11]        rtnl_newlink+0x17da/0x20a0
[ 1002.113348][   T11]        rtnetlink_rcv_msg+0x869/0xfa0
[ 1002.119090][   T11]        netlink_rcv_skb+0x241/0x4d0
[ 1002.124414][   T11]        netlink_unicast+0x751/0x8d0
[ 1002.129995][   T11]        netlink_sendmsg+0x8d0/0xbf0
[ 1002.135391][   T11]        ____sys_sendmsg+0x5ba/0x960
[ 1002.140810][   T11]        ___sys_sendmsg+0x2a6/0x360
[ 1002.146730][   T11]        __se_sys_sendmsg+0x1c2/0x2b0
[ 1002.152215][   T11]        do_syscall_64+0x55/0xa0
[ 1002.157452][   T11]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1002.164103][   T11] 
[ 1002.164103][   T11] -> #0 (team->team_lock_key#6){+.+.}-{3:3}:
[ 1002.172494][   T11]        __lock_acquire+0x2df1/0x7d40
[ 1002.178080][   T11]        lock_acquire+0x19e/0x420
[ 1002.183302][   T11]        __mutex_lock+0x136/0xcc0
[ 1002.188635][   T11]        team_del_slave+0x32/0x1c0
[ 1002.193985][   T11]        team_device_event+0x28d/0xa20
[ 1002.199725][   T11]        notifier_call_chain+0x197/0x380
[ 1002.205378][   T11]        unregister_netdevice_many_notify+0x100d/0x1900
[ 1002.212427][   T11]        unregister_netdevice_queue+0x32c/0x370
[ 1002.219044][   T11]        _cfg80211_unregister_wdev+0x16b/0x580
[ 1002.225570][   T11]        ieee80211_remove_interfaces+0x49e/0x690
[ 1002.231927][   T11]        ieee80211_unregister_hw+0x5d/0x2a0
[ 1002.237846][   T11]        mac80211_hwsim_del_radio+0x289/0x480
[ 1002.243936][   T11]        hwsim_exit_net+0x58d/0x650
[ 1002.249166][   T11]        cleanup_net+0x70a/0xbb0
[ 1002.250124][T20350] netlink: 121460 bytes leftover after parsing attributes in process `syz.3.4695'.
[ 1002.254292][   T11]        process_scheduled_works+0xa5d/0x15d0
[ 1002.254320][   T11]        worker_thread+0xa55/0xfc0
[ 1002.254334][   T11]        kthread+0x2fa/0x390
[ 1002.279839][   T11]        ret_from_fork+0x48/0x80
[ 1002.284896][   T11]        ret_from_fork_asm+0x11/0x20
[ 1002.290290][   T11] 
[ 1002.290290][   T11] other info that might help us debug this:
[ 1002.290290][   T11] 
[ 1002.301304][   T11]  Possible unsafe locking scenario:
[ 1002.301304][   T11] 
[ 1002.309039][   T11]        CPU0                    CPU1
[ 1002.314767][   T11]        ----                    ----
[ 1002.320342][   T11]   lock(&rdev->wiphy.mtx);
[ 1002.325295][   T11]                                lock(team->team_lock_key#6);
[ 1002.333505][   T11]                                lock(&rdev->wiphy.mtx);
[ 1002.341142][   T11]   lock(team->team_lock_key#6);
[ 1002.346632][   T11] 
[ 1002.346632][   T11]  *** DEADLOCK ***
[ 1002.346632][   T11] 
[ 1002.355173][   T11] 5 locks held by kworker/u4:0/11:
[ 1002.360732][   T11]  #0: ffff88801a254938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1002.372167][   T11]  #1: ffffc90000107d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1002.383486][   T11]  #2: ffffffff8e3b5710 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x14c/0xbb0
[ 1002.393352][   T11]  #3: ffffffff8e3c2748 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[ 1002.403494][   T11]  #4: ffff888077cf0768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x29a/0x690
[ 1002.414395][   T11] 
[ 1002.414395][   T11] stack backtrace:
[ 1002.420369][   T11] CPU: 0 PID: 11 Comm: kworker/u4:0 Not tainted syzkaller #0
[ 1002.428112][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1002.438488][   T11] Workqueue: netns cleanup_net
[ 1002.443486][   T11] Call Trace:
[ 1002.446793][   T11]  <TASK>
[ 1002.450083][   T11]  dump_stack_lvl+0x18c/0x250
[ 1002.455056][   T11]  ? load_image+0x420/0x420
[ 1002.459746][   T11]  ? show_regs_print_info+0x20/0x20
[ 1002.465125][   T11]  ? print_circular_bug+0x12b/0x1a0
[ 1002.470627][   T11]  check_noncircular+0x2fc/0x400
[ 1002.475763][   T11]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1002.481146][   T11]  ? lockdep_lock+0xf5/0x230
[ 1002.485999][   T11]  ? __lock_acquire+0x1273/0x7d40
[ 1002.491130][   T11]  ? _find_first_zero_bit+0xd3/0x100
[ 1002.497297][   T11]  __lock_acquire+0x2df1/0x7d40
[ 1002.502818][   T11]  ? verify_lock_unused+0x140/0x140
[ 1002.509068][   T11]  ? verify_lock_unused+0x140/0x140
[ 1002.514880][   T11]  lock_acquire+0x19e/0x420
[ 1002.520429][   T11]  ? team_del_slave+0x32/0x1c0
[ 1002.526110][   T11]  ? __might_sleep+0xe0/0xe0
[ 1002.531066][   T11]  ? read_lock_is_recursive+0x20/0x20
[ 1002.536825][   T11]  __mutex_lock+0x136/0xcc0
[ 1002.541816][   T11]  ? team_del_slave+0x32/0x1c0
[ 1002.547077][   T11]  ? __lock_acquire+0x7d40/0x7d40
[ 1002.552812][   T11]  ? rcu_is_watching+0x15/0xb0
[ 1002.557813][   T11]  ? trace_contention_end+0x39/0xe0
[ 1002.563645][   T11]  ? __mutex_lock+0x315/0xcc0
[ 1002.568829][   T11]  ? team_del_slave+0x32/0x1c0
[ 1002.573722][   T11]  ? mutex_lock_nested+0x20/0x20
[ 1002.579633][   T11]  ? bond_netdev_event+0xeb/0xf20
[ 1002.585096][   T11]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[ 1002.591293][   T11]  team_del_slave+0x32/0x1c0
[ 1002.596425][   T11]  team_device_event+0x28d/0xa20
[ 1002.602191][   T11]  notifier_call_chain+0x197/0x380
[ 1002.607982][   T11]  unregister_netdevice_many_notify+0x100d/0x1900
[ 1002.614686][   T11]  ? lock_chain_count+0x20/0x20
[ 1002.619923][   T11]  ? unregister_netdevice_many+0x20/0x20
[ 1002.626277][   T11]  ? kernfs_remove_by_name_ns+0x117/0x150
[ 1002.632444][   T11]  ? __lock_acquire+0x7d40/0x7d40
[ 1002.637897][   T11]  unregister_netdevice_queue+0x32c/0x370
[ 1002.644434][   T11]  ? list_netdevice+0x730/0x730
[ 1002.649556][   T11]  ? kernfs_remove_by_name_ns+0x117/0x150
[ 1002.655413][   T11]  _cfg80211_unregister_wdev+0x16b/0x580
[ 1002.661690][   T11]  ieee80211_remove_interfaces+0x49e/0x690
[ 1002.667786][   T11]  ? ieee80211_do_stop+0x1e20/0x1e20
[ 1002.673642][   T11]  ? rcu_is_watching+0x15/0xb0
[ 1002.678899][   T11]  ieee80211_unregister_hw+0x5d/0x2a0
[ 1002.684375][   T11]  mac80211_hwsim_del_radio+0x289/0x480
[ 1002.690057][   T11]  ? rhashtable_remove_fast+0xc00/0xc00
[ 1002.695750][   T11]  hwsim_exit_net+0x58d/0x650
[ 1002.700790][   T11]  ? hwsim_init_net+0x90/0x90
[ 1002.705589][   T11]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[ 1002.711782][   T11]  cleanup_net+0x70a/0xbb0
[ 1002.716297][   T11]  ? ops_free_list+0x3b0/0x3b0
[ 1002.721156][   T11]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1002.726475][   T11]  ? process_scheduled_works+0x96f/0x15d0
[ 1002.732387][   T11]  ? process_scheduled_works+0x96f/0x15d0
[ 1002.738580][   T11]  process_scheduled_works+0xa5d/0x15d0
[ 1002.744670][   T11]  ? worker_attach_to_pool+0x380/0x380
[ 1002.750411][   T11]  ? assign_work+0x3d2/0x5d0
[ 1002.755012][   T11]  worker_thread+0xa55/0xfc0
[ 1002.759781][   T11]  kthread+0x2fa/0x390
[ 1002.763960][   T11]  ? pr_cont_work+0x560/0x560
[ 1002.768734][   T11]  ? kthread_blkcg+0xd0/0xd0
[ 1002.773437][   T11]  ret_from_fork+0x48/0x80
[ 1002.777849][   T11]  ? kthread_blkcg+0xd0/0xd0
[ 1002.782614][   T11]  ret_from_fork_asm+0x11/0x20
[ 1002.787489][   T11]  </TASK>
[ 1002.792923][   T11] mac80211_hwsim hwsim233 wlan1 (unregistering): left promiscuous mode
[ 1002.804518][   T11] team0: Port device wlan1 removed
[ 1002.827355][T20178] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1002.836774][T20347] netlink: 'syz.3.4695': attribute type 21 has an invalid length.
[ 1002.845678][T20350] netlink: 21068 bytes leftover after parsing attributes in process `syz.3.4695'.
[ 1002.866287][T20178] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1003.009759][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1003.021218][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1003.030774][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1003.040824][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1003.049089][   T11] batman_adv: batadv0: Interface deactivated: virt_wifi0
[ 1003.056818][   T11] batman_adv: batadv0: Removing interface: virt_wifi0
[ 1003.068796][   T11] veth1_macvtap: left promiscuous mode
[ 1003.074651][   T11] veth1_vlan: left promiscuous mode
[ 1003.418546][ T5769] Bluetooth: hci4: command tx timeout
[ 1003.450988][   T11] team_slave_1 (unregistering): left promiscuous mode
[ 1003.459396][   T11] team_slave_1 (unregistering): left allmulticast mode
[ 1003.467169][   T11] team0 (unregistering): Port device team_slave_1 removed
[ 1003.513965][   T11] C (unregistering): left promiscuous mode
[ 1003.520819][   T11] C (unregistering): left allmulticast mode
[ 1003.527940][   T11] team0 (unregistering): Port device C removed
[ 1003.756139][T20178] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1003.801427][T20178] 8021q: adding VLAN 0 to HW filter on device team0
[ 1003.841119][ T5898] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1003.848688][ T5898] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1003.858592][ T5898] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1003.865955][ T5898] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1004.034404][T20178] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1004.073734][T20178] veth0_vlan: entered promiscuous mode
[ 1004.083557][T20178] veth1_vlan: entered promiscuous mode
[ 1004.107727][T20178] veth0_macvtap: entered promiscuous mode
[ 1004.118800][T20178] veth1_macvtap: entered promiscuous mode
[ 1004.132695][T20178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1004.143448][T20178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1004.154831][T20178] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1004.168478][T20178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1004.179315][T20178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1004.190494][T20178] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1004.203851][T20178] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1004.213452][T20178] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1004.223416][T20178] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1004.232702][T20178] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1004.263419][T20178] ieee80211 phy324: Selected rate control algorithm 'minstrel_ht'
[ 1004.283459][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1004.284958][T20178] ieee80211 phy325: Selected rate control algorithm 'minstrel_ht'
[ 1004.291889][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1004.328782][T13040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1004.338004][T13040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50