last executing test programs:

2m48.338835726s ago: executing program 2 (id=1751):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000024020000002c0004802800018007000100637400001c0002800500030002000000080001400000001708000240000000030900010073797a300000deff0900020073797a32"], 0x80}}, 0x0)

2m48.172677776s ago: executing program 2 (id=1753):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000005c0)=ANY=[@ANYBLOB="e00000001000090500000000000000006f6d8864d22a3f2ffaa46c88bca90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27db1010000007c0004060000000700bf852c8986626691b01b5f44e4ce287128282829289423debbb86f9dba4a2dba4dbe076c02262600c446a567de243ab0d67683f7bb11c9cab3b3eed8a8bef4ff1631aa78acefca03c1a66db4424a8ba100022db228bb7b5eb5100e434db5dd5e995aa0912086d9f4606d2e4cc898739222c5d3a83cb6b707f3336336ebb7d681000000140000800d000000c606f93f6b8199f9"], 0xe0}], 0x1}, 0x40040)

2m47.552695148s ago: executing program 2 (id=1757):
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f"], 0x50)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x4, 0xa2028, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe, 0x0, 0x80000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x23, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xd, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1c, 0x7, 0x7, 0x3, 0xc0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x4}, 0x50)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r4, 0x0, 0x24000004)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000430000000005000100070000000900020073797a310000000014000780050015000c0000000800124000090000050005000a000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)

2m46.036895395s ago: executing program 2 (id=1764):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0xb, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0x5}, [@printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffc}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x100, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x300)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r1, 0x0, 0x8000)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140))
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x104)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x128}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r3, 0x29, 0x4e, 0x0, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='subflow_check_data_avail\x00', r2, 0x0, 0x200000}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='subflow_check_data_avail\x00', 0xffffffffffffffff, 0x0, 0x200000}, 0x18)
r4 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r4, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000081)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0x1, <r5=>0xffffffffffffffff}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r5}, 0x4)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x122)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))

2m45.175519428s ago: executing program 2 (id=1770):
r0 = syz_clone(0x0, 0x0, 0x1c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000002b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x0, 0x4, 0x98, 0x4, 0x4e53, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x58, &(0x7f0000000280)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r7 = socket$kcm(0x2, 0x5, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0x2}, 0x10828, 0x0, 0x0, 0x2, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000780)='./file0/../file0\x00', 0x0, 0xa06002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="8500000019000000760000000000000027007fffffff00009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x8, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffc62, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0xfffffffffffffeee}, 0x23)
setsockopt$sock_attach_bpf(r7, 0x1, 0x3e, &(0x7f00000002c0)=r6, 0x4)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r2, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000a80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000ac0)=[0x0], &(0x7f0000000b00)=[0x0, 0x0, 0x0], 0x0, 0xc, &(0x7f0000000b40)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000b80), &(0x7f0000000bc0), 0x8, 0xd0, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
r10 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000d80)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e40)={0x11, 0x13, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xf}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@jmp={0x5, 0x1, 0xd, 0x6, 0x0, 0x50, 0xfffffffffffffff0}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @jmp={0x5, 0x0, 0x6, 0x9, 0xb, 0xfffffffffffffff4, 0xfffffffffffffff0}, @alu={0x4, 0x1, 0xa, 0xa, 0x0, 0x40, 0x10}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000940)='syzkaller\x00', 0xd5f8, 0xb5, &(0x7f00000009c0)=""/181, 0x41000, 0x43, '\x00', r9, 0x0, r10, 0x8, &(0x7f0000000dc0)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000e00)={0x1, 0x9, 0x76d2, 0x1}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000440)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000f80)={r6, 0x58, &(0x7f0000000f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0}}, 0x10)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@bloom_filter={0x1e, 0x80000001, 0x10005, 0x0, 0x24121, r6, 0x8000, '\x00', r12, r10, 0x0, 0x5, 0x2, 0xd}, 0x50)
r14 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000500)={r4, 0xa149, 0x18}, 0xc)
r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000580)=@generic={&(0x7f0000000540)='./file0\x00'}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000100)=@raw=[@generic={0x4, 0xe, 0x5, 0x8}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @jmp={0x5, 0x0, 0xb, 0x5, 0x3, 0x50, 0x4}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x5}], &(0x7f0000000180)='GPL\x00', 0x9, 0xbb, &(0x7f00000001c0)=""/187, 0x40f00, 0x8, '\x00', r5, 0x0, r6, 0x8, &(0x7f0000000340)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0x0, 0x9, 0x7fffffff}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000600)=[r8, r11, r13, r14, r15, 0xffffffffffffffff], &(0x7f00000006c0)=[{0x5, 0x5, 0x10, 0x4}, {0x3, 0x5, 0x3, 0x2}], 0x10, 0x3}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
close(r2)
sendmsg$NFNL_MSG_ACCT_GET(r6, &(0x7f00000010c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f0000001100)=ANY=[@ANYBLOB="6c000000010703000000000000000000070000090900010073797a31000000000c0002400000000000000006340007800800024000000100080001400000000908000140fffffffb0800024000000006080002400000800108000140000000010c0006400000000000000006d37a3a18316bf053606a25b68675a04807fe3894a1593591dd36b0a0808d6b6b3c2d8e70fc22d70dfd3b42f193c1631dc838"], 0x6c}, 0x1, 0x0, 0x0, 0x4000400}, 0x40)
socketpair(0xb, 0x4, 0x5, &(0x7f0000000080))

2m44.153368511s ago: executing program 2 (id=1774):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x5}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x0, 0x1, &(0x7f0000000000)=@raw=[@jmp={0x5, 0x0, 0xa, 0xa, 0x0, 0xffffffffffffffff, 0xfffffffffffffff0}], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x1000, &(0x7f0000000440)=""/4096, 0x41000, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000280)=[r1, 0xffffffffffffffff, r2, r3], &(0x7f00000002c0)=[{0x1, 0x3, 0xc, 0x3}], 0x10, 0x3f033a2c}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r0, 0xffffffffffffffff, 0x39, 0x0, @val=@uprobe_multi={&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=[0x401], 0x0, 0x9, 0x1}}, 0x40)

2m28.988299775s ago: executing program 32 (id=1774):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x5}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x0, 0x1, &(0x7f0000000000)=@raw=[@jmp={0x5, 0x0, 0xa, 0xa, 0x0, 0xffffffffffffffff, 0xfffffffffffffff0}], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x1000, &(0x7f0000000440)=""/4096, 0x41000, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x1, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000280)=[r1, 0xffffffffffffffff, r2, r3], &(0x7f00000002c0)=[{0x1, 0x3, 0xc, 0x3}], 0x10, 0x3f033a2c}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r0, 0xffffffffffffffff, 0x39, 0x0, @val=@uprobe_multi={&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=[0x401], 0x0, 0x9, 0x1}}, 0x40)

43.240359641s ago: executing program 0 (id=2852):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4)
r2 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x400000000000000b, 0x1a54a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffffffd, 0x1, @perf_bp={0x0}, 0x11efa, 0x4, 0x98, 0x0, 0x81, 0x32f7cb41, 0xffff, 0x0, 0x0, 0x0, 0x100024}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000001010400000000000000000200"], 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="cc0000003600"], 0xcc}, 0x1, 0x0, 0x0, 0x4c094}, 0x4040)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

41.16239158s ago: executing program 0 (id=2859):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffd, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000004800010000000000000000000a0007000000000000000000140001800d2a79075827af5aa534d6815c2e93f10c0002"], 0x3c}}, 0x0)

40.625937152s ago: executing program 0 (id=2863):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x4008000)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)='%pK    \x00'}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r4, 0x58, &(0x7f0000000240)}, 0x10)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELRULE={0x34, 0x8, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_RULE_ID={0x8}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x88}}, 0x0)

39.286004818s ago: executing program 0 (id=2872):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000007000a01030000000019000000010000010900010073797a31000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a31000000002c000000030a05000000000000000000010000000c00024000000000000000010900010073797a31000000"], 0xc8}}, 0x0)

38.966127722s ago: executing program 0 (id=2873):
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/29], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc00082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa33"], 0xfdef)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x5, 0x47, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

37.739693425s ago: executing program 0 (id=2881):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001e40)={0x17, 0xe, &(0x7f00000004c0)=ANY=[@ANYRESHEX], &(0x7f0000000340)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000100)="b9ffddc1ddcccdde75537d5326a4dfff70bf2dfe443b1b5e2a9080f3", 0x0, 0x600, 0x60000009, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x4c)
r1 = socket$kcm(0x2, 0x922000000001, 0x106)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d36, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x4, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0xa)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x8016)
r2 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="bb", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="20000000000000008400000002000000fe8041000000000091fffffffffff900"], 0x20}, 0x0)
syz_clone(0x40000400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0xca, 0x0, 0x2, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg$unix(r3, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x20)
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1509, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_bp={&(0x7f0000000300), 0x9}, 0x0, 0x4, 0xfffffffd, 0x8, 0x2, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="850100c900"], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYRES8=r4, @ANYRES8=r5], 0x2)
setsockopt$sock_attach_bpf(r1, 0x6, 0x21, &(0x7f0000001540), 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83116752ddb11cfafffa3837841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e30df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cd17b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0544c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf80300cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9874620e322d9348900000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a35df8574eb49e972f7976eafee43a6c17009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d5040000000000000000000000000000074f21ec2b57bb2daf8fab7cd564d1e84c93af254ab029e6cd168007b9a10a6664d9d264aceede0183b2306c440b2c81c9e120ece36a61b0b015ea6716decf8783e0845fa975b6e5f7f4dd4abe2a95e764ae13288d4439ec2906659bc9f26212615423c3d8d58901a6b51a93c8aacb19c416d5260662031a295f2b33295a60db77b5f082bdc48cd06c6cd01e7a40e456d829d277c77c2ca9159c82a391a24d5f6193228d93e2fd99cd0cdeefa9b7c5ea02c5454ef4c6631e6766ffcba3cce4ab13c69622675683ab1f05edbb09641c9dba535b319a21a00287645449a61eefc00a2a8f6955d6573023325bc00ca0facb69d67c8b95e29b36c4a5f84a959262c382de9a411be7b9b500ca329e5eefcd323490eed4bcbcba4764618bf51a08498a64b0e19c00e33480b27c2b12c326e6bf10234f883b3082512e9ad2fbdf6bae"], &(0x7f0000000340)='syzkaller\x00', 0xd, 0xfcbe, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0x24, 0x4a, &(0x7f0000000680)="b9ff03076804268c989e14f088a847e089061416e0885a0400000000000081009fa72de2", 0x0, 0x400, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x3d)
r8 = socket$kcm(0x11, 0x200000000000002, 0x300)
recvmsg$kcm(r8, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x20)
gettid()
gettid()

26.19357575s ago: executing program 3 (id=2933):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0x44, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2, 0xd}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x7, 0x1, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8044000}, 0x0)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x0, r4, 0x8, 0x0, 0x63, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec9}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r5}, 0x10)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000001f80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000073000000850000005000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='percpu_free_percpu\x00', r8}, 0x10)
r9 = socket$kcm(0x2c, 0x3, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x838, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map, 0xffffffffffffffff, 0xb, 0x2010}, 0x20)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r9, 0x11b, 0x2, &(0x7f0000000040)=r10, 0x4)
r11 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000014006b030231a6080c000af32c00009d31fc0000f800250f02000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
close(r7)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

26.058936272s ago: executing program 3 (id=2935):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x7fff, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000003c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d33, 0x41400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_config_ext={0x1, 0xcfb}, 0x100388, 0x2, 0xfffffffe, 0x0, 0xaf, 0xd, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffff80000003, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0e0000000400000008000000634f000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\r\x00\x00'], 0x48)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x1, 0x2, 0xfffff271, 0xfffc, 0x0, 0x1, 0x0, 0x20}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000006c0)={0x5, 0x80, 0x80, 0x87, 0xf0, 0x7c, 0x0, 0xa8d, 0x8, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, 0x5, @perf_bp={&(0x7f00000004c0), 0x1}, 0x114004, 0x10, 0x7a6, 0x9, 0x80000000, 0x1, 0x7, 0x0, 0x4, 0x0, 0xb71}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x8)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r2, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b070102000000e4a17c455b3a89e0", 0x10}], 0x1}, 0x0)
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="020a030002000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000580)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_simple={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xf, 0x3, '\\^]!${{%@:\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x0, 0x2, 0xe4ffffff}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4040840}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[@ANYBLOB="6400000000010104000000000000000302000007240001801400018008000100e0000001080002007f0000010c0002800500010000000000240002801400018008000100e0000001080002007f0000010c000280050001000002000008000740"], 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="6800000000010104000000000000de3f02000000240001801400018008000100e0000001080002007f0000010c0002800500010000000000240042801400018008000100e000000108000200e00000010c0002800500010000000000080007010000000004000680"], 0x68}}, 0x0)

25.188479833s ago: executing program 3 (id=2939):
r0 = getpid()
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x7fff, 0x7fffffff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x9, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r3)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$unix(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1400"], 0x18}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7786}, [@call={0x85, 0x0, 0x0, 0x29}, @printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0xc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f00000004c0)="0000000000000036b817275fe0b0", 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1509, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x0, 0x4, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r9, 0x40042408, r10)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r9, 0xc008240a, &(0x7f00000000c0)={0x1, 0x0, [0x0]})
recvmsg$unix(r7, &(0x7f0000003040)={&(0x7f0000002d40), 0x6e, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r8, 0x1, 0x10, &(0x7f0000000040), 0x4)
sendmsg$inet(r8, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000800)
setsockopt$sock_attach_bpf(r5, 0x1, 0x22, &(0x7f00000018c0), 0x4)
recvmsg(r5, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002d00)=""/78, 0x4e}, 0x0)

22.673871268s ago: executing program 33 (id=2881):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001e40)={0x17, 0xe, &(0x7f00000004c0)=ANY=[@ANYRESHEX], &(0x7f0000000340)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000100)="b9ffddc1ddcccdde75537d5326a4dfff70bf2dfe443b1b5e2a9080f3", 0x0, 0x600, 0x60000009, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x4c)
r1 = socket$kcm(0x2, 0x922000000001, 0x106)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d36, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x4, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0xa)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x8016)
r2 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="bb", 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="20000000000000008400000002000000fe8041000000000091fffffffffff900"], 0x20}, 0x0)
syz_clone(0x40000400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0xca, 0x0, 0x2, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg$unix(r3, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x20)
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1509, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_bp={&(0x7f0000000300), 0x9}, 0x0, 0x4, 0xfffffffd, 0x8, 0x2, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="850100c900"], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYRES8=r4, @ANYRES8=r5], 0x2)
setsockopt$sock_attach_bpf(r1, 0x6, 0x21, &(0x7f0000001540), 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83116752ddb11cfafffa3837841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e30df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cd17b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0544c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf80300cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9874620e322d9348900000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a35df8574eb49e972f7976eafee43a6c17009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d5040000000000000000000000000000074f21ec2b57bb2daf8fab7cd564d1e84c93af254ab029e6cd168007b9a10a6664d9d264aceede0183b2306c440b2c81c9e120ece36a61b0b015ea6716decf8783e0845fa975b6e5f7f4dd4abe2a95e764ae13288d4439ec2906659bc9f26212615423c3d8d58901a6b51a93c8aacb19c416d5260662031a295f2b33295a60db77b5f082bdc48cd06c6cd01e7a40e456d829d277c77c2ca9159c82a391a24d5f6193228d93e2fd99cd0cdeefa9b7c5ea02c5454ef4c6631e6766ffcba3cce4ab13c69622675683ab1f05edbb09641c9dba535b319a21a00287645449a61eefc00a2a8f6955d6573023325bc00ca0facb69d67c8b95e29b36c4a5f84a959262c382de9a411be7b9b500ca329e5eefcd323490eed4bcbcba4764618bf51a08498a64b0e19c00e33480b27c2b12c326e6bf10234f883b3082512e9ad2fbdf6bae"], &(0x7f0000000340)='syzkaller\x00', 0xd, 0xfcbe, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0x24, 0x4a, &(0x7f0000000680)="b9ff03076804268c989e14f088a847e089061416e0885a0400000000000081009fa72de2", 0x0, 0x400, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x3d)
r8 = socket$kcm(0x11, 0x200000000000002, 0x300)
recvmsg$kcm(r8, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x20)
gettid()
gettid()

13.932790878s ago: executing program 4 (id=3012):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0xa38, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={&(0x7f0000000100)=@in6={0xa, 0x0, 0xc, @private0}, 0x80, &(0x7f0000000000)=[{&(0x7f00000000c0)="80", 0x1}], 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000008400000000000000", @ANYRESHEX], 0x18}, 0x41)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0x3, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a80)={r2, 0x0, 0xe81, 0x0, &(0x7f0000002d00)="fe22f571e75c239ea48df185d4ea51b8cec6c26786fb44b699b2eb80899d80efac002a1777cd9ae5f6779535d0d2b337888618e5efb8d5a87974340e17ae3e1f7a8ec315a8708689a1293f0e8f64418b01832cab4859a7d53b0389075cd1c4a3be6d0ea89ef491424d78cb5de824a5e4b5db40eaa3a6056ca446d45ba13941eb15b86af735ed62e20efe28582a7ca83078c354883640681f8ab05f7b999ff46a7aad0e8f10dc74e2676fab36833a9604914df4902f8c6bcc40b2c6fa7297ff7bc9780d4cab044182ac4b87ab502a92d80180328ab59370f60bcb828d78f2f04d1c49db7c0414341903040014f9474618b714a2ac4025dd2e67169d67d3e83f87f7113d955de70852395c728f1b746198d37dd9d296219c797195c78f87c4242106ca9a5ce6e6c154e371b95c012d15f73a56e54cd0915dbafef07fa024491e9982a55a2bbb2f6e37f47a3dcfe800056b4f81d82b6b823b7e884045798313e608c2646391d855d6cfd3f591c26ea5f3e1dee6deb8d54049124a8423ac88078b80a61281870f5eecb1c2947678145dd50035c9d8a8bf270c959f63ff13f64c86bc9ea5b238787347676733b4e034f0ac61bbb5d56df793b4061dd0bef344c18e250c04c72cce63f42f0792f41ef51ea9e022f6e371d60d12a9a631d752b638d5b0f6470e7e553d55d022071f235d9c747122afdf5c3ffd46fb4542be49b3beb28210d77906828f9e49dcee6c8e9cc3184c919524d9f8ef240a41546936e533d321e454b7a9804d32519d2f02b73049b28506dae1740a72eca64a4de44a2036356332faaa81d050abffc1f0b0846374fa831a6f9fee600e0bc68ea2cdc9bfedcd048e44f2c0878f20df0c79c61a64d4cbb5ce85cce98d1c0c6f81be751a5fef959fe108fe55866f253f8ae0baf47e3b3f1306bef87140e4066525f7a38d27537c4f8ef8de801846b1aebfde718f7738d88840cb50fb911f49826bf13a11b1f9946bceca5e746189d5027ee82ea617eaa643004cee6bd3d3d09975dcee9658370abf998cee195f39ef20a8ce8901cf5e694d744acf44bebd5ddf818183b8c25207ef1e303fef38b4e0ad6bf179418349c244d00468a893ee5cdffba3e9df269b3fe1c59ee1cfdd3a71d055c900b961770cd5a217df6c3df0433d1c1fbd7ba92196cecfe256e6883f8cefaa4a61dd91664fed77d4a6eaa7ae7e12165f58836da2fcf2955805fdd6686144220132e83d2086a181681789e123089275d4094dde88f6d17f69e1b2cf4e71efe13b1b774875e6d0f5c754cee7e32a242f0a80de3e9dd4c1b960eab3a0ae1bfadf62c68b8e2dbfccd067234a0354c439ee0558f5a25d419aeca35c285068ee1d77fcb3a8b7a5da7251ac8233b4aa9c2087a294b6aea36a4c5682d4fdc9bf85932deb5502f32d383f887234ad406cce8f83a8e2804e551b08f3268347b80525c5123661b8a96fb3c3a5f39e3782edbafd7e29e4bd03126fce489731360c881d6372f0c1dffecf7c61d7a810b8dcf0e317012d1cb7f13628031cb09534a992c166453c431a181e92b87eae3e95e4cf3bd2326894149c44e95fc5f1db297a46f75b0183eef44785ef8d87b931feecfa72a2988b37171c11426bf6381197d71475a5c1778b3996910efcac61ddec25bcf4bb3cc5853bad7dd818cb9f48251f93e2ec14df8fe4523820ef31594f4bc2ab74aa9dad2b85785c314e11c327abda2334d0b3b51fbcca6e130f1fb98cea455cd870dced1713974c44bc7b500208a3d9ea2701419713f1edb7700b4ef314e2d025aa8ad0797c56707dc73767f34df4f11a8e6df5375ab926de5bd343211567018790b64d4713b13dda818d0368ffc158ef39e6acd0fca7a9556f1b3603040adc21923f60861a17088e15eec6c270f1cc108be68b2feb165b849c4eebf554f2067143e7c8f4066c1f0db0e8bd9d7649c47da6c3abaa185e5f88ba632d9a6e18d626f2feeb62148f8666b42c69880f385dcbc86c9944988f28e6e582d5a44e881b5191c57ff3345b2c5fdede0248662bb2ac9f069ea316a2fc6b50ed728aefd49ea5f84b6c63fc874e2bb547365625b323ef97abcf9669a6fffdb2b6284d09cfe2b5a9a4bd02fe44c03f9279016c5c39b64bb9abf7645f887e1d3983d01ee9ebcdfd1a31811fd5b0c6ae70d1f60293c3fdca040c505b07a9163d4e2e5bb2f6a2b82b0993c5ebd9b8fac1cbfe306c727d561eff8d69f5ffb88bb02b2e10371caa5d7976dc7b637e9f12f6acf1ef34ccc38f6f4f7e94637a484f471788237302ddc05b9433c80b7d41316377c3d133ad5917cb847949809e751fe3b3a487f4206304c1fcd0a769ae2ace2dd0529464a6f7353a98e3c0cb60e30be83e5d3d2165ff1b75ccf5885036cfb72b029518094ee0498196cd08990b52ede5de8c1c982c356684de089bb3405a8c5c3041c99b0536cbf9a77c3960aa8177dcb36e7835422026c68822e3e7b27ae96af3eac7c0241d448877212ff7998f53bdebf456ed91182e72887f303312dd6197e8d8ccf53e7dceba12f9c066710ed0b5e0ca2041c53e37a868b238d6d463db644e1156078c1ad688dfbeb281b547cb0ae0848b1ab1ce55c6fbeca47c8d4bfc482b7b3018daf695857bb8748e546b578201fbe404169ce83afa1ff711baeac5177f7e7c7167f4f74ec98a6a23c5a41f8c36bbe5e79baee1a882d1c15d32db4fa171b60c87b579523ea7a9a0a411587f3d490755986f8318c879f969dbe2687221d6041fae12320fa75b572473669154547aee8b6cfb55528c695fc20f062b609ece9b2a93e1f0b30d478ab3b3129fe346bf5ddc38b4db5cbef892de4df031e82c091cf6876da0ebee3221677c76db60ceedc88f15483f6fd64df6146452c6ef319bee3cbd1843c4cd78272347d60f48b1845a62bccadc22c7057e5dbdedc03a85fd162045f4e92ece533748a17cd4618d1a775f60d66fcf802d9dc1b1c676875e83e2f0e75368190f71f25003050b6936cbfb9a1a03a8f4afb6fdd74a3f1b1ac753f8fe78c71467ed474a7bffbbd0271346da317213202001e28e7544dbbf65eb8b67275765f1cde035ebc6c015be8b7bcf81ed283113f3c91b220c1f44234e2c2f383c225cfff367460d5de32332b08aa9fa78228bd38ea4da2463a2b497f5cc174c2238c61320d606b2e06084260e1342558f4bf6e6b1afddeff361dde0cdb39854c2822fe916f4a1b95e3f31fb192789463d5c868915b7e3ba729d4c2d06636406d2ddf691c106a456901fb73fabcdbeb88668f37fc7a3d514db63a2626b78f34ef667f296d5ca433fdf073e659cedf3754c62651bb0b6f1371efa1c653e5578e137837e1bf747a15d945b4019337352dacf820081daa28fa12663e167a3510e97f1d897d26206a9776349590fd0fa927339c3b6febccf9f7f215063963476259ce2bd8ce9a900c095102b8ca6ca46701681d825bbb8c8ccd968540c1206b7f7ff99c81ec7986e8190b1618b9ba55027143d52bf4439ed873e1f18cee8492f09256be0178321572f45472846d4242b87fc33bde7a7bba3a7c80f133cd3c77fca4fdc45c5492559587d9305b95d1e16bbeded320648b28fee0b9440a8a41cf02ca9f5508f9631700f082ed92fa0828051ef73ce32481e2a666665974a17de7968e84b6858a68c0f2d88c7ee0285a92bd6cf86aa434e55ce5d218dcf382791a609eafdba035009e2d858b395d57d342c1e07f77fc3eef1453eb6c1e7212f4acf628f98e8c6c44f53c9b2e9fd722a1928ab7153bbb5ba9968850634510a9395cd11b2b92eace5cd1007e7219d24c5234fed84fdb82d5c69d69d8146d7a114044d2861fed5403fca29bb1ddd6e607548d1b292199d7112764f6b59daf07ca563f948258c046726318138033edae8f5fc8f0a3a987e01388404e5a58a22e8abbfb092ae5498afb488f18e6e8925d1c84f9700b7780e58b913407c649dd72807894e4ff70f4931f9b0f99d4cefb772582ec6eaa5cc80241d3b0c9572aae271246c99cd732739e1531e25dc47c7eabe592b21cef834424e0a566afe21eaa4cecf3941809952b6945943f787bb61bfca524e1aed474784431808ed9d4bf6ffc3dce09833f0e4ed1184f4959bcfd67827cdfc0987e8f78b678e672467a5158b60dea30c76a2d945528a84dca7640d73b6a78089435e151f495d9bbf4726e23e03631a9b3024087cd424a40b3332dd86f0d5885728f7e3fe571be25acbe281bfd503c75769a46bb16fd4191fc6cea333004ca0f56d82e9430324f6d1005953a2701d6b212cedf82567aa394499f6d017c9b2f130c614867a53677d55caf7c29537d87f4697998097d5f02795d02dc62872ce58b0628c4acf8e6be73737bc64bda0bc8838ec5585e40445746a52dc9bf0b79550f39600310ee19df6c5edec5a04be86d8f570ab3dfa8c7363aee79126a301ede5f42f6dcc58fe46e931021bfc0963e7427bc4e298d61a758917f5cb24259f455d3187a6bf17352fae5bfb01672090054664f2d3505031f49d95ad2e931710090a7adbfd4c1d93a759e2fe3533469a474d8a7440181870533f7417fbbbb8bb378f39a327a4cb6ac569e2c1f519feb53ba4eae6c0dfa9c2a66fab0cb4dff3e9ee2b73c8bc60206b083c9e25fb20adc7951ab2a726b09628d135fdb822f77767936c59a529a62582d180d7c6dfcd722ccd001991c4eac7b91e913972a865220b80a931d8b137f1aa4b3f93efaa1d42ced6c7a0d6ee90b2f5c0ec203a76974cb39c4b937285d3871c894a5a10dcff839c7745e3a1ea99e0c3698e853476112ccc0d1dd9ade9ba95b39fb4df1385694eab8a3b35ec3fb7fe52ae40877ef1d36f6292ae2d209063bcf456811e8aa0ae954a0cdf2aa5afdfa06a53558ba2c3eb257abb26155d26159f5b885e9bb697d362e74a4b8a132eb3e176d79ee09d5ff4fe98e9623ad2bbc45c317840ddbf0efa7f949bd0c2298814b54f5f5a04b2976e41ccb2442cd2de4c47372acbd65121403fd28cfba115a202b2abefe5e402336fd654481f5e10bd46faf3c4907d249b60fbda822f9d7eada67a4926dcb409a366bd47b425291174c341e39b785c1bf3673b26d3d813d64462a6c6c36b066292de1d8f6ecb3422bf3293d6ec91ed798e18076a1fbe78806aaa3b3155cde350e0f4c8368da70cf72865ed4741be597cf70c49044b54b4732d818f86da34840dd9addc1c033b9dc1370e456a3ae67744e2af742bebca9b82a6", 0x0, 0x1, 0x0, 0x2b, 0x0, &(0x7f0000000a40)="12f380dca54f6384072f8d11f8b6735ee8b7022ce55bd9d7c86f9ab8bb3517646ece3e1871ea363856b0b3", 0x0, 0x4}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={r3, 0x0, 0xa0, 0xa9, &(0x7f0000000200)="9151cc2865cce569bb702ebc481957d94e53d33f9a5eae0e8b2f6dc5f644be41bad3a41c9cb22b3484f04be3e6ca902429df4ad4fb95ed50e3a294dbf3cd30de51da8e0ad40d8557badfeedbb04661e97b7458697aee2640c55124bfcce787e22083e9fe60c2e5ebc7a84738b3c938be23c768f858069bd79b237339807b72864499a877c9288f1b67e12e5b2433b14fc3e53724ac3ffe429de797da1d054d9f", &(0x7f00000002c0)=""/169, 0x7, 0x0, 0xe7, 0x3d, &(0x7f0000000380)="0527037d353c1fd57509ec03e8ddafecc1706535e2c43b3d26dae6073b9ce3c0e79a572a3dd56e08c99f2ab3aca68add2b721bdf8a71a19be2c481cf8a876837fbf82ddac328f7d5813cd458146657df5b60f66771617996063122e907d8ed010b79daf379211bf6fb1fa1bd231742479dac964b39bf9c75a7dcf5ddf8854d1489bad33defbd8aa7f4598087aac8f9da82c1e9b11868180c0cc17d431bd552a590af13c9e09357ee393a42826f30ab75f1826e6c968e21faea3a5b238482443a929a72ef59338f271698c1688c534704de29f67706c8a752b5e0c324b530367bce03bfec3a732b", &(0x7f0000000140)="73dbc83732d015ea54fee4f84f23ec3980761f16a22ffc43939313b15c2037a389cf259c60443169a114ea435f49fd464ffc73faf69c6a46e44cf543dd", 0x1, 0x0, 0xc}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r4, r4, 0x2f, 0x0, @void}, 0x10)
syz_clone(0x120400, 0x0, 0xffffffffffffff9f, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000000c0)={r5, r3, 0x4, r3}, 0x10)

13.596708704s ago: executing program 3 (id=2945):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100)={0x0, 0x40000000}, 0x10}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {<r3=>0x0}}}], 0x50}, 0x122)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300))
syz_open_procfs$namespace(r3, &(0x7f0000000380)='ns/pid\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
socket$kcm(0xa, 0x922000000003, 0x11)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="b9ff03316844268cb89e14f00800", 0x0, 0x4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

13.425390132s ago: executing program 3 (id=3017):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x838, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000780)='./file0/../file0\x00', 0x0, 0xa06002, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001200)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_skbmod={0x60, 0x1, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x8, 0xf7, 0x10000000, 0x2, 0x7}, 0x6}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x24008081}, 0x0)

13.090492587s ago: executing program 4 (id=3018):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x3012, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x50}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008800}, 0x0)

12.806342594s ago: executing program 3 (id=3021):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4004000}, 0x850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a88000000060a010400000000000000000a0000010900010073797a31000000005c000480580001800b0001007461726765740000480002802c0003009ac420002e2eafb9fdd672bad09dfb78c7699c74e82fa0c70000000000000000000000000000000008000240000000000e00010049444c4554494d45520000000900020073797a32"], 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x0, 0x8000001946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x44, &(0x7f0000000640), 0x4)

12.805321066s ago: executing program 4 (id=3022):
perf_event_open(&(0x7f0000002100)={0x1, 0x80, 0x2, 0x2, 0x0, 0x0, 0x0, 0x8, 0xa0100, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_config_ext={0x8, 0x6}, 0x100008, 0x0, 0x80000001, 0x5, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x400000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40200000000000061164c000000000f850000002700000075000000000000791b19c6506978cb8831f337d9909bc4c00eeba5b335bd550b66f4e2c77a7b96244e74b6f5949db12d3f2d52507bc9ee1c5006"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3}, 0x28)

12.526159808s ago: executing program 4 (id=3024):
socket$kcm(0x10, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x810)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000200)='\x00'}, 0x30)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f0000004000)={0x0, 0x0, &(0x7f0000003fc0)={&(0x7f0000003f00)={0x44, 0x2, 0x1, 0x3, 0x0, 0x0, {0x2, 0x0, 0x4}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @private=0xa010102}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000860}, 0x40080)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x3, 0x1c, &(0x7f0000001840)=@ringbuf={{0x18, 0x6}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@snprintf={{}, {0x5, 0x3, 0x3, 0xa, 0x9}, {0x5}, {0x3, 0x3, 0x3, 0xa, 0xa}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {}, {0x15, 0x0, 0x0, 0x76}}], {{}, {0x5}, {0x28}}}, &(0x7f0000000340)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)

11.981755808s ago: executing program 4 (id=3027):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000004000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000040000000030a01040000000000000000010000000900030073797a31000000000900010073797a3100000000140004800800014000000003080002402de8387c28000000000a05000000000000000000010000080900010073797a31000000000800024000000001140000001100e7"], 0xb0}, 0x1, 0x0, 0x0, 0x20004000}, 0x8004)

3.39345159s ago: executing program 5 (id=3072):
sendmsg$NFNL_MSG_CTHELPER_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)={0xb4, 0x1, 0x9, 0x201, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFCTH_TUPLE={0x80, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x8000}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @local}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @empty}}, {0x14, 0x4, @empty}}}]}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1d}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x5a}}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x8}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40}, 0x20000800)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYBLOB="0c1200000d0a010800000000000000000a0000010900020073797a31000000000900010073797a3100000000e0110380dc1100800800034000000002d0110a801c0002800900020073797a32000000000900020073797a3000000000520001"], 0x120c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

3.291475829s ago: executing program 5 (id=3074):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, 0x0, 0x4004)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000940)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000900)={&(0x7f0000000800)={0x20, 0x2, 0x3, 0x101, 0x0, 0x0, {0x7, 0x0, 0x6}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x8, 0x2}}]}, 0x20}, 0x1, 0x0, 0x0, 0x28008081}, 0x4000007)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002ec0)=ANY=[@ANYBLOB="02000000040000000700000009"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0d00000003000000040000000100000000000000", @ANYRES32=r1], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r1}, 0x20)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000440)="9f000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7811e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08123d00020008000140010000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff55e461247604821d35c86ee54bbab3eaf8956e2ca426", 0x9f}], 0x1}, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x1, r3, 0x1000000}, 0x38)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e00)=ANY=[@ANYBLOB="f00000001a000100000200000000000000000000000000000000000000000000ff01000000000000000000000000000100000000000000000000000016000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="bc090000000000000000000000000001000000003c000000ac1414bb000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000300000000000000030000000000000000000000000000000000ddffffffffffffff0000000000c2000000000000070000000000000000000000000000000200458400"/168], 0xf0}}, 0x40800)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000e9000000000001000000000000000000"], &(0x7f0000002100)='syzkaller\x00', 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={0x0, r6, 0x0, 0x8000000000000001}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r7, &(0x7f0000000b00)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000a80)={&(0x7f00000009c0)={0xc0, 0xe, 0x6, 0x3, 0x70bd28, 0x25dfdbfc, {0x7, 0x0, 0x1}, [@generic="58e77d8bbdefea847bb4d133e17692ac26a6cd7718b046934b7e39347cf2a8048a3b8903bc158e5dfbe4fbb3fee5bc0fa60ad35985061eaf7a03ff7d2f11261aecd5ac01cc835a212c0d2fa6128e8b5b57297eff7653ee7c654660c683706b7ddecbce070f735c64c3af0500f545fa8832799e0ab1bcdf4631bea39a74941981df4f2889d2c581853e5c492f7147690c38e837895b5c2f627d5aaffcd17ce7ce6be08b9c786f1645a080d242"]}, 0xc0}, 0x1, 0x0, 0x0, 0x40804}, 0x0)

2.913844569s ago: executing program 5 (id=3079):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x14, &(0x7f0000000c40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c0002800500010000000000080008400000000814000580080001"], 0x5c}, 0x1, 0x0, 0x0, 0x20008800}, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x8)
r3 = socket$kcm(0x2, 0x3, 0x2)
r4 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f00000006c0)=ANY=[@ANYRES8=r4, @ANYRES32=r5, @ANYBLOB="87490ff28f7234bf81340020000000000000b7040000080000", @ANYBLOB="df84c5758443892000a8995a2bbf177fe3459c223ed1743549006cb395c75a663e6cb3921557cafb5ec3a651b20ffa6b0d7c0be894a18204122fddde900640b1390102b44bc8baa7fa6aed1d2144d40be7368c2b8374f03663450cb7840c27038013f8d3431e3a483425b367632cd500e8b61196e569315ea3002a81009c26ef0bb5e51c77374927b2a4298dc0deb4c7880ba45ead7d2421f24da8ad6fc16b8e4a445c11b74f26", @ANYRES64=r5, @ANYRESHEX=r2, @ANYRESDEC=r2, @ANYRES16, @ANYRES64=r2], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r6, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="61df712bc884fed5722780b605a7", 0x0, 0x2efc, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$SIOCSIFHWADDR(r4, 0x8916, &(0x7f0000000040)={'wg1\x00', @random="0200ac7f7f00"})
ioctl$SIOCSIFHWADDR(r3, 0x8916, &(0x7f0000000040)={'veth1_macvtap\x00', @random="0200ac7f7f00"})
r7 = syz_clone(0x18030800, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x8, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef4}, 0x11efa, 0x4, 0x98, 0x0, 0x0, 0xfffff274, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r7, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$inet(0x2, 0x80000, 0x1)
recvmsg(r10, &(0x7f0000000180)={&(0x7f0000000040)=@xdp, 0x80, &(0x7f00000000c0), 0x0, &(0x7f0000000100)=""/52, 0x34}, 0x2002)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
sendmsg$tipc(r12, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r12, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r11, &(0x7f0000002700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5a}, 0x0)
setsockopt$sock_attach_bpf(r11, 0x1, 0x21, &(0x7f00000001c0), 0x4)

2.728098431s ago: executing program 6 (id=3080):
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x38}}, 0x40000)

2.653017093s ago: executing program 1 (id=3081):
r0 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0xa)
socket$kcm(0x2, 0x1, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x14, 0x38, 0x825, 0x70b92d, 0x25dfdbfb, {0x11}}, 0x14}, 0x1, 0x0, 0x0, 0x400c050}, 0x40010)
r4 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffd, 0x0, 0x0, 0x0, 0x20}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000000a0f010348e42cbc1fa972e47dc795cfbd26135118060ec2f9cd9404baabb12a506353cc3259504ffabc2500000000000000000020187c4856a53f7c58715a8b4e332c5840a8dae03c17824c4735665693ab29d05e705cacba2949b1e79ac12c36cdfca1e36bfe22d8f6556cb552dcc077d8bff5a1907e5e9d9ac666883a5f2eec1b670ca9b3d803c84dbab809cae4d065efb549cecb075ac7e4433d1b95ab7e4da6d030f68d76c5eeceac908241d19c24c5321baf95501af850adac8bc8a29e87a5a9d25c8cf594589ad7270e00ea01b923aa7ada04c9855571d456905bbcdca6f197a1129620ecb893baf748c7c742ec3102df057dd85c08a0c5cfb7f6f3653b5966ddaf8144d877290c0e58667e2af0e33c1564346f00000000000000000000ac0ba36da712fc96fa0a644c52b2370814d47a7bc6ab6ebb896d14e6d1acceb00a3c06f47096dc6afae4c52acacac0959d0a728ac71f44f1efb0a6972745c831f155060e8bfd04e69c"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20000004)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080010000000e8fe55a1180015000600142603600e120500210000000401a8001600a400014020000300036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)

2.102048829s ago: executing program 6 (id=3082):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x3, @loopback, 0x1, 0xfffffffe}, 0x80, 0x0}, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x80, 0x2, 0xfffffffe, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)}], 0x1, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0xff4c)
r6 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r6, &(0x7f0000001600)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)=[@ip_ttl={{0x14, 0x0, 0x2, 0x10000}}], 0x18}, 0x8000)
setsockopt$sock_attach_bpf(r0, 0x84, 0x6b, &(0x7f0000000000)=r3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f00000000c0)='GPL\x00', 0x9}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x18, 0x3, "c6a41d106c720000f5ffffffffffffff02000000"}, @NFTA_MATCH_NAME={0xa, 0x1, 'owner\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}, 0x1, 0x7000000}, 0x4048010)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)

2.026995551s ago: executing program 5 (id=3083):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x64, 0x30, 0xffff, 0x3, 0x0, {0x0, 0x0, 0x1300}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x12, 0x1, {{0x0, 0x2, 0x6, 0xa, 0xb}, 0x9}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180000000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
r3 = socket$kcm(0x23, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89ee, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1000000000000008, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x52}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0)
r5 = socket$kcm(0xa, 0x5, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000000b40)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b80cdd64bdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe61241638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a95fdaf3c7220a0e23db436659a8c54328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c51b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341cd0ba0d6fd562489dad595712a4051bb6cf826ab757193fc09d305f95c55d5746419000000000000007b61803bd430ef06000000000000001e93f640f159320c8b088f4d6497682eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751e539c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bf96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b7ad193c5e5850df01aff96877d73a63246ce6f0467167626329ab910b7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c270f27e7025d576535198742d403ec43572d7d0baf00e882617b260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6050041206473075eaeff2b69c2f2bf6f691c3560e068743a08e9771280da61fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c5669b13a4ed999dd10d2f091dcda39d9abc40c64a20c14ff0b1bf4d23fe07ae90fa0eba9c64bf89b26e7d8d70710b04f9ece5969023acadbb4582272e5b3a0429a5645b0c824ad36f7cc8be12b3874d5a19349b0ede845e9dddcab4a78b08ed60104002aabb17eb1840bc8e0ed1dd8b9b7eeaf32a185d80250a7f2252775905eeeb756eadafe20bbc616bc44b347abc8caf722b2c3b06884c1d3690f23b06fa4541bb2a81073b452764f04bd39008b65ee222cf697ac21b087548e9708dffaff2859e973b1e88668c8022cc6dac8548167e5798ec9c7d288a7fa7749f07513187cd8f060abbbc5e37dd1ba3aab927be1b409be733b7408534e5b0951e9ecfd0a1c77e3a29be47e896aecac0bc4093330124615056e3ce0ce6ac91b1242d3bb2e787a186dc2ec284d60e9d8a03884a22eeaa1efa497ee88c6cb565b164a260afb5157e392b1ebb1a4d4f992011ecbac4a0a7ff5bdcef7994a422bb2761edd2d8f20f5f879a88f89d48b8314f862585e4b7a9d6a6681f40e8b82cc6555dce2db951d164cc9a70e640ac8974faa2587a6e3af3b9458f7d4b4077b3002536b10ea24d73307a33090c4c270909a5322eac32cb175e68fa83457b21465c08c02dcefccc0c714c2862ddbe567755f05c1e671328d160d3752345ca1db6e74c720e42afca982ba6befd96c5575f1dd8f87ff6606301c0000000000000000000000000000000000000004d0d54b4caf78018766cdb971e8b168d4763c1f00000003d4e1d842caf457797f93db93e4f38a9dbd79f6bf5dc40b55fdbf9b856665061b2e2924f27eb2d2b5a181ccfd9eeb11dec165b6f12433f00bb06124041ffdcdcdc91f3b3b76635a689c9249cf69bcae654bfa81e75b7c7002b883c56026d83520395b7d511f607cf2f899c7b1c75e2192f775d72247167285857588ace1115fbebfee3c16b84cf7036d41c493a63c09f2ce46c1f5995c2d7fe58c15e64bb4cb7e7f336cc22fa1ea1363bce375bd3d579be1dddb08ed5147b629e4b3f0e65783ee5e20d9270802f2a7500738d95216743bc36a04ba8d486fb26252d684b84fa24639089064ca7b93057c041f12d544dab4d24a4f952b4f265a69ba279929959991b7ac63786055b3c029a0e8b6e42ad33cba2661957cff0700000000000029bb61462623a58556cd62844d4d23cc738ee5b36c71d2c010b089251d5806000b1ade92dd9f441468967c052aecd9de81b4b55d06670597991f37ddc4fa19a6369d5bf76c474633a337f676ad255869881da5cadcf49ce9188129cc978977f87b32bd4945717075cbb4d3e01e67ff087644f52fcf0a3c732b0586cb87972c43d2616bf4e521dc310fbf1760243d51a197d3ecfd74bd625e9f496175513f3e97854ea76e26e96a8639a297871485a8609f8ca842b3321932c4d9e224a0cec5946cec9e359fd3687415cad5fb8c678136f36d9f781fade9f2469477748f4dfa0f56c326c89bb5d07f35aaf95303b5a620fc84e1c73557b2277831f8f633f0d293c0e3f4f93149887271e645f50a4e57010a9b76457f6ad73231a905206bbb1b95248aed85a9df9dea64cc1fd1f06a98530000000000000045fcc1fb138fce0faec0a423e860d5b308d7849381b294106af25f15fec047d5b844a99f36e342165df728e381b48c20e0900f8d265157467d3494f2b93c7f3c817688cec2d226f50edb115c2e075f3c663a4b4169bc6fd7d4fbce205f2a1ae263ae0db900fa0a13cf796e0d7a9dad86953c13ed6241206d682e194c64c491de6a531e9bd45abe705f07000a82ccd41a2c1b23bac44b7371a3a0aeab3647c56f0680cd30ca260189dffed79c2cfae39d8160d3fac695b75654a4a5695b9edec673e75d97950fd4d80bdf8e2d83a3232768b1231b09ef4d995a783eb8f731523e9f6c2ee9119d567acd471bc391bd4f07600d5b04b71c1f1fd7e219b8df5123e4c529db3ce74353e8a39e2d21ce0954334951d509cdce531fb14230fa3b7331a943e7223b0ac8725a0d45a213fa249a8801959480ecdc5999c9df72debe8510d0620fce7be7086d5b72e857243f0a7883d9749b1f40936b51631e0060a0d9901d730000000000000000"], &(0x7f0000014ff5)='GPL\x00', 0x2, 0x103a, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2a3}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r6, 0x0, 0x3a, 0x0, &(0x7f0000000200)="e460cdfbef2408002900119386dd6a00000000072feb3014cd3ec8a755c1e1380081ffad000400e8d50000000100000bb500000500242c108906", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="2c0000003f00070dfeffffff00000000017c0000040077000c0003"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0x4044000)
setsockopt$sock_attach_bpf(r5, 0x0, 0x29, 0x0, 0x20000)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x8, 0xf3, 0x8, 0x0, 0x0}}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000070900010073797a300000000040000000160a01000000000000000000010000000900010073797a30000000000900020073797a3100000000140003800800014000000000080002400000000040000000160a0101000b000000000000010000080900020073797a31000000000900010073797a300000000014000380080002"], 0xc8}}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)

1.457200785s ago: executing program 6 (id=3084):
r0 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x200, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x15, 0x5, 0x0)
recvmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x40)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
recvmsg$can_j1939(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/53, 0x35}, {&(0x7f0000000340)=""/40, 0x28}], 0x2, &(0x7f0000002480)=""/4096, 0x1000}, 0x10100)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x2405c840)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000100)={0x2, 0x80, 0x2f, 0x1, 0xe7, 0x4, 0x0, 0x8, 0x8423, 0x6, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0xf, 0x7}, 0x8, 0x0, 0x9, 0x4, 0x3, 0x9, 0x8, 0x0, 0xf, 0x0, 0xfd29})
sendmsg$inet(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000740)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000fc0)=[{&(0x7f0000000680)="ae", 0x1}], 0x1}, 0x400c810)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r5, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r5, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x30, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r6, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_htb={{0x8}, {0xffffffffffffff09}}]}, 0x30}, 0x1, 0x0, 0x0, 0x3c000001}, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x1403, 0x1, 0x70bd28, 0x25dfdbfc}, 0x10}, 0xfe, 0x0, 0x0, 0x4000}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="12000000080000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c0000000800124000090000050005000a000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.206388292s ago: executing program 1 (id=3085):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb01001800000000000000340000000c000000060000000400000000000007000000000000000000000001050000018000000000000000010000851000000000000000020000000000000000000100da"], 0x0, 0x52}, 0x28)

1.074012738s ago: executing program 1 (id=3086):
bpf$PROG_LOAD(0x5, &(0x7f0000001e40)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000a8ffffff0000000003000000850000008900000095000000000000003727f9b8f6e7858e953987dc17e9468c8c0c80de47175e51341c88a5f5c7b51b1e38f818a627d270416792505a3df4a2b03134fdf0c44f5c30ca3b5c954118a70fd28132e9cc5ef8042f56"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, 0xfffffffffffffffc, 0x80)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000064010100000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000800000000000003000000000000000000000000000000fdfffffffbffffff"], 0xfc}}, 0x0)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)={0x5c, 0x12, 0x0, 0x70bd26, 0x25dfdbfc, {0x8, 0x6, 0xa, 0x1, {0x4e24, 0x4e23, [0xfffffff8, 0x3, 0x6], [0x400, 0x9, 0x8, 0x9], 0x0, [0x1, 0x3]}, 0x4, 0xb}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "f102dcf29effae15cd"}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x4, 0x201, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf6b, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0xffffffff, 0x8, 0x7ff, 0x7fffffff, 0xffff, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = getpid()
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r2, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac98"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0xfffffffc, 0x0, 0x0, 0x3}, 0x10}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="180000000010000000000000000000001800000004000000000000000700000085100000fbffffff18640000030000000000000002000000950000000000000008e15fd342c6a1e7ef48c144512e5db7cb14f539c432031c1d0dfc511c1930bc1a818664076af3e9b5b5d1d836980f9ed2309c03e729c10f2b9509e64e620c783e36947a5d4572040ff019ab1530aaea06a4caefa67f1da3b60fb0db96b0fa977acd8459f20ce864cc4f51ba4a554cb1cf3203eeb8b1cae8cb9be427a98c5bd0e3b4552c955e9af10493c5"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x27, &(0x7f0000000000)=""/114}, 0xa8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)=""/232, 0xe8}], 0x1}, 0x2)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000c40)="5c00000016006bab9a3fe3d86e17aa0a046b876c060048007ea60864160af36504811a0038001d001931a0e69ee517d34460be06000000a705251e6182949a9a7b9bcb84c9f4d4938037e70e4509c5bb4de385aa2adb88a899a655ab", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0x0, 0x0, &(0x7f0000000640)='GPL\x00', 0x7ff, 0x0, 0x0, 0x41100, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x21b8}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000186df4b1768c36153d42", @ANYRES32, @ANYBLOB="1c00000000000300000000000000010045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'tunl0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f1, &(0x7f0000000080))

852.309033ms ago: executing program 5 (id=3087):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x64, 0x30, 0xffff, 0x3, 0x0, {0x0, 0x0, 0x1300}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x12, 0x1, {{0x0, 0x2, 0x6, 0xa, 0xb}, 0x9}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180000000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
socket$kcm(0x23, 0x2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1000000000000008, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x52}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0)

599.59046ms ago: executing program 1 (id=3088):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)={0x14, 0x18, 0x301, 0x70bd2a, 0x25dfdbfa, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x45}, 0x8854)

554.644748ms ago: executing program 6 (id=3089):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000001a00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)

388.056435ms ago: executing program 6 (id=3090):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair(0x1, 0x805, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
write$cgroup_subtree(r1, 0x0, 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="2e0000002d008188042f8eeae0b8402e7b6e67d83c00000020000000000003000000002000e9ffffff0000000000", 0x2e}], 0x1}, 0x2004c084)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_LOOKUP_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x0)

377.862441ms ago: executing program 5 (id=3091):
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5531, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="e70000001800008000000000"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYBLOB="0500"/12, @ANYBLOB], 0x10)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000280)=@generic={&(0x7f0000000080)='./file0\x00'}, 0x18)

374.662157ms ago: executing program 1 (id=3092):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x1, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket(0x840000000002, 0x3, 0xff)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2106, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x10, 0x2, 0x10)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=[@rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}, 0x42)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080))

360.494533ms ago: executing program 4 (id=3030):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$kcm(0x2, 0x5, 0x84)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100000a0900010073797a30000000004d67cb0cb0a719df0000000064000000060a010400000000000000000100000008000b4000000000340004803000018008000100636d70002400028010000380090001002a8e27e2fa000000080002400000000008000140000000030900010073797a300000000005000740ef000000140000001100010000000000000000000700000a"], 0xd8}}, 0x0)
sendmsg$inet(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0x2, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000080)='_', 0x1}], 0x11}, 0x64)
setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, &(0x7f0000000240), 0x4)
socket$inet_sctp(0x2, 0x4, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000780))
socket$kcm(0x2, 0xa, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8918, &(0x7f0000000000)={'ipvlan0\x00', @random="0200ff7fffff"})

178.12016ms ago: executing program 6 (id=3093):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x2a18, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x18000000000002a0, 0x4, 0x0, &(0x7f0000000040)="b907fa19", 0x0, 0x0, 0x18000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000c80)={{0x1}, &(0x7f0000000c00), 0x0}, 0x20)
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x37, 0x18, 0x2, 0x7f, 0x0, 0x10000, 0x1, 0xc, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0}, 0xa527179ab10937b1, 0xffff, 0x9, 0x6, 0xa, 0x5, 0xbf, 0x0, 0x5, 0x0, 0x16}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB="0000000003008f8adc530000000000000000000014cfae0fcf227501c51393011bc68fdb1e1715b5526b60e73c3fe4a58ad42d400e6c63d5cecfd0a339bb08475062ebded134b3af59bf477f0bdd0e708ae08c0e3cc8a505e479dac6230a2ce7f5b7a3ccd3e9db87b26dc292aa80a6cb5ba943fc2f920b6033d7731f87eca9395a2bf5ba74e3a0113170cf970eeb75878a8178f8a855f85d4be9368d3f6e5d60d4bbde982c152900fc9976385efc9576", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=0x1], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r5, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="0100"})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r6, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="002000000102"})

0s ago: executing program 1 (id=3094):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x108b84, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES8], 0x12)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x88e}, 0x0, 0x1, 0xffffffffffffffff, 0x800000000)

kernel console output (not intermixed with test programs):

leftover after parsing attributes in process `syz.3.1226'.
[  237.516459][ T9598] netlink: 184 bytes leftover after parsing attributes in process `syz.1.1234'.
[  237.599008][ T9603] netlink: 'syz.4.1233': attribute type 25 has an invalid length.
[  237.887073][ T9619] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1239'.
[  238.849757][ T9656] netlink: 'syz.3.1252': attribute type 25 has an invalid length.
[  239.992054][ T9669] wlan1 speed is unknown, defaulting to 1000
[  241.466869][ T9705] netlink: 'syz.1.1266': attribute type 39 has an invalid length.
[  241.650020][ T9705] veth0_macvtap: left promiscuous mode
[  242.449022][ T9714] netlink: 'syz.2.1272': attribute type 17 has an invalid length.
[  244.032363][ T9744] netlink: 'syz.0.1283': attribute type 29 has an invalid length.
[  244.055306][ T9744] netlink: 'syz.0.1283': attribute type 29 has an invalid length.
[  245.250996][ T9770] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1290'.
[  245.296309][ T9770] netlink: 46 bytes leftover after parsing attributes in process `syz.0.1290'.
[  245.346727][ T9770] netlink: 46 bytes leftover after parsing attributes in process `syz.0.1290'.
[  245.544424][ T9767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1281'.
[  246.228257][ T9778] FAULT_INJECTION: forcing a failure.
[  246.228257][ T9778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.279633][ T9778] CPU: 0 UID: 0 PID: 9778 Comm: syz.3.1292 Not tainted syzkaller #0 PREEMPT(full) 
[  246.279678][ T9778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  246.279710][ T9778] Call Trace:
[  246.279724][ T9778]  <TASK>
[  246.279738][ T9778]  dump_stack_lvl+0x189/0x250
[  246.279783][ T9778]  ? __pfx____ratelimit+0x10/0x10
[  246.279825][ T9778]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.279867][ T9778]  ? __pfx__printk+0x10/0x10
[  246.279911][ T9778]  ? __might_fault+0xb0/0x130
[  246.279977][ T9778]  ? __might_fault+0xb0/0x130
[  246.280066][ T9778]  should_fail_ex+0x414/0x560
[  246.280159][ T9778]  _copy_from_user+0x2d/0xb0
[  246.280205][ T9778]  ___sys_sendmsg+0x158/0x2a0
[  246.280270][ T9778]  ? __pfx____sys_sendmsg+0x10/0x10
[  246.280518][ T9778]  ? __fget_files+0x2a/0x420
[  246.280667][ T9778]  ? __fget_files+0x2a/0x420
[  246.280689][ T9778]  ? __fget_files+0x3a0/0x420
[  246.280822][ T9778]  __x64_sys_sendmsg+0x19b/0x260
[  246.280887][ T9778]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  246.281014][ T9778]  ? __pfx_ksys_write+0x10/0x10
[  246.281094][ T9778]  ? do_syscall_64+0xbe/0xfa0
[  246.281166][ T9778]  do_syscall_64+0xfa/0xfa0
[  246.281190][ T9778]  ? lockdep_hardirqs_on+0x9c/0x150
[  246.281225][ T9778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.281249][ T9778]  ? clear_bhb_loop+0x60/0xb0
[  246.281309][ T9778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.281335][ T9778] RIP: 0033:0x7f852498efc9
[  246.281365][ T9778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.281378][ T9778] RSP: 002b:00007f8525902038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  246.281397][ T9778] RAX: ffffffffffffffda RBX: 00007f8524be5fa0 RCX: 00007f852498efc9
[  246.281410][ T9778] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000005
[  246.281421][ T9778] RBP: 00007f8525902090 R08: 0000000000000000 R09: 0000000000000000
[  246.281431][ T9778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.281441][ T9778] R13: 00007f8524be6038 R14: 00007f8524be5fa0 R15: 00007fff04cc07e8
[  246.281623][ T9778]  </TASK>
[  247.398214][ T9801] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1300'.
[  247.446771][ T9801] netlink: 184 bytes leftover after parsing attributes in process `syz.3.1300'.
[  247.565297][ T9805] netlink: 184 bytes leftover after parsing attributes in process `syz.1.1296'.
[  247.640677][ T9807] netlink: 'syz.4.1301': attribute type 21 has an invalid length.
[  247.659431][ T9808] netlink: 'syz.4.1301': attribute type 21 has an invalid length.
[  249.730580][ T9847] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1314'.
[  249.731054][ T9841] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1311'.
[  249.747109][ T9847] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1314'.
[  249.804411][ T9845] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  250.554805][ T9879] netlink: 'syz.1.1320': attribute type 21 has an invalid length.
[  250.564656][ T9872] __nla_validate_parse: 4 callbacks suppressed
[  250.564673][ T9872] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1318'.
[  250.936415][ T9899] bridge_slave_1: left allmulticast mode
[  250.942337][ T9899] bridge_slave_1: left promiscuous mode
[  250.952530][ T9899] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.955936][ T9902] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1328'.
[  251.019467][ T9899] bridge_slave_0: left allmulticast mode
[  251.027648][ T9899] bridge_slave_0: left promiscuous mode
[  251.033516][ T9899] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.089614][ T9908] openvswitch: netlink: Flow actions attr not present in new flow.
[  251.339803][ T9916] netlink: 'syz.0.1333': attribute type 10 has an invalid length.
[  252.104245][ T9962] openvswitch: netlink: Flow actions attr not present in new flow.
[  252.479363][ T9978] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1352'.
[  252.553752][ T9983] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1355'.
[  252.580193][ T9983] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1355'.
[  252.609027][ T9983] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1355'.
[  253.547136][T10007] netlink: 182 bytes leftover after parsing attributes in process `syz.3.1361'.
[  253.813710][T10011] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1362'.
[  253.941564][T10023] openvswitch: netlink: Flow actions attr not present in new flow.
[  254.324814][T10041] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1373'.
[  254.477214][T10056] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1376'.
[  254.708465][T10068] openvswitch: netlink: Flow key attr not present in new flow.
[  255.066225][T10084] dvmrp1: tun_chr_ioctl cmd 1074025677
[  255.071832][T10084] dvmrp1: linktype set to 768
[  255.130741][T10087] netlink: 'syz.1.1387': attribute type 10 has an invalid length.
[  255.583613][T10103] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1394'.
[  255.690016][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  255.697759][T10115] netlink: 'syz.3.1395': attribute type 10 has an invalid length.
[  255.706172][T10115] batman_adv: batadv0: Removing interface: team0
[  255.706367][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  255.720316][T10115] team0: Cannot enslave team device to itself
[  255.727514][T10100] delete_channel: no stack
[  255.733123][T10116] openvswitch: netlink: Flow key attr not present in new flow.
[  256.024913][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1403'.
[  256.050484][T10132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1405'.
[  256.061622][T10130] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1403'.
[  256.337608][T10134] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1404'.
[  256.438191][T10146] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1408'.
[  256.752826][T10159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1412'.
[  256.761995][T10159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1412'.
[  256.795584][T10165] FAULT_INJECTION: forcing a failure.
[  256.795584][T10165] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.809641][T10165] CPU: 1 UID: 0 PID: 10165 Comm: syz.1.1414 Not tainted syzkaller #0 PREEMPT(full) 
[  256.809665][T10165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  256.809675][T10165] Call Trace:
[  256.809682][T10165]  <TASK>
[  256.809690][T10165]  dump_stack_lvl+0x189/0x250
[  256.809718][T10165]  ? __pfx____ratelimit+0x10/0x10
[  256.809739][T10165]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.809761][T10165]  ? __pfx__printk+0x10/0x10
[  256.809779][T10165]  ? __might_fault+0xb0/0x130
[  256.809814][T10165]  should_fail_ex+0x414/0x560
[  256.809843][T10165]  _copy_from_user+0x2d/0xb0
[  256.809865][T10165]  ___sys_sendmsg+0x158/0x2a0
[  256.809888][T10165]  ? __pfx____sys_sendmsg+0x10/0x10
[  256.809942][T10165]  ? __fget_files+0x2a/0x420
[  256.809963][T10165]  ? __fget_files+0x3a0/0x420
[  256.809991][T10165]  __x64_sys_sendmsg+0x19b/0x260
[  256.810023][T10165]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  256.810039][T10165]  ? perf_trace_preemptirq_template+0xa3/0x340
[  256.810067][T10165]  ? __pfx_ksys_write+0x10/0x10
[  256.810094][T10165]  ? do_syscall_64+0xbe/0xfa0
[  256.810120][T10165]  do_syscall_64+0xfa/0xfa0
[  256.810140][T10165]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.810162][T10165]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.810179][T10165]  ? clear_bhb_loop+0x60/0xb0
[  256.810199][T10165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.810216][T10165] RIP: 0033:0x7f878818efc9
[  256.810231][T10165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.810244][T10165] RSP: 002b:00007f8789004038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  256.810263][T10165] RAX: ffffffffffffffda RBX: 00007f87883e5fa0 RCX: 00007f878818efc9
[  256.810275][T10165] RDX: 0000000000000010 RSI: 0000200000000140 RDI: 0000000000000003
[  256.810287][T10165] RBP: 00007f8789004090 R08: 0000000000000000 R09: 0000000000000000
[  256.810297][T10165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.810307][T10165] R13: 00007f87883e6038 R14: 00007f87883e5fa0 R15: 00007ffe8ed441e8
[  256.810338][T10165]  </TASK>
[  257.080639][T10159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1412'.
[  257.134722][T10163] netlink: 'syz.2.1412': attribute type 3 has an invalid length.
[  257.145774][T10169] openvswitch: netlink: Flow key attr not present in new flow.
[  257.302353][T10184] FAULT_INJECTION: forcing a failure.
[  257.302353][T10184] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.336169][T10184] CPU: 1 UID: 0 PID: 10184 Comm: syz.0.1419 Not tainted syzkaller #0 PREEMPT(full) 
[  257.336193][T10184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  257.336201][T10184] Call Trace:
[  257.336207][T10184]  <TASK>
[  257.336215][T10184]  dump_stack_lvl+0x189/0x250
[  257.336238][T10184]  ? __pfx____ratelimit+0x10/0x10
[  257.336255][T10184]  ? __pfx_dump_stack_lvl+0x10/0x10
[  257.336273][T10184]  ? __pfx__printk+0x10/0x10
[  257.336292][T10184]  ? __might_fault+0xb0/0x130
[  257.336318][T10184]  should_fail_ex+0x414/0x560
[  257.336346][T10184]  _copy_to_user+0x31/0xb0
[  257.336366][T10184]  simple_read_from_buffer+0xe1/0x170
[  257.336391][T10184]  proc_fail_nth_read+0x1b3/0x220
[  257.336411][T10184]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  257.336432][T10184]  ? rw_verify_area+0x2a6/0x4d0
[  257.336450][T10184]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  257.336469][T10184]  vfs_read+0x200/0xa30
[  257.336486][T10184]  ? fdget_pos+0x247/0x320
[  257.336505][T10184]  ? __pfx___mutex_lock+0x10/0x10
[  257.336525][T10184]  ? __pfx_vfs_read+0x10/0x10
[  257.336546][T10184]  ? __fget_files+0x2a/0x420
[  257.336564][T10184]  ? __fget_files+0x3a0/0x420
[  257.336576][T10184]  ? __fget_files+0x2a/0x420
[  257.336599][T10184]  ksys_read+0x145/0x250
[  257.336622][T10184]  ? __pfx_ksys_read+0x10/0x10
[  257.336645][T10184]  ? do_syscall_64+0xbe/0xfa0
[  257.336668][T10184]  do_syscall_64+0xfa/0xfa0
[  257.336685][T10184]  ? lockdep_hardirqs_on+0x9c/0x150
[  257.336704][T10184]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.336717][T10184]  ? clear_bhb_loop+0x60/0xb0
[  257.336733][T10184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.336747][T10184] RIP: 0033:0x7f8d9d78d9dc
[  257.336762][T10184] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  257.336773][T10184] RSP: 002b:00007f8d9e5dc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  257.336790][T10184] RAX: ffffffffffffffda RBX: 00007f8d9d9e6090 RCX: 00007f8d9d78d9dc
[  257.336801][T10184] RDX: 000000000000000f RSI: 00007f8d9e5dc0a0 RDI: 0000000000000005
[  257.336811][T10184] RBP: 00007f8d9e5dc090 R08: 0000000000000000 R09: 0000000000000000
[  257.336820][T10184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.336828][T10184] R13: 00007f8d9d9e6128 R14: 00007f8d9d9e6090 R15: 00007ffe081ea488
[  257.336860][T10184]  </TASK>
[  257.582920][T10187] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1422'.
[  257.635379][T10187] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  257.769927][T10191] IPv6: NLM_F_CREATE should be specified when creating new route
[  257.778563][T10191] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  257.785948][T10191] IPv6: NLM_F_CREATE should be set when creating new route
[  257.985726][T10207] netlink: 'syz.1.1430': attribute type 1 has an invalid length.
[  258.025654][T10213] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.037963][T10213] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.939008][T10263] netlink: 'syz.0.1449': attribute type 1 has an invalid length.
[  260.011082][T10302] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  261.330600][T10341] __nla_validate_parse: 8 callbacks suppressed
[  261.330630][T10341] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1475'.
[  262.043097][T10345] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1476'.
[  262.057191][T10345] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1476'.
[  262.565449][T10383] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1489'.
[  262.847435][T10378] delete_channel: no stack
[  262.852085][T10378] delete_channel: no stack
[  263.973744][T10427] netlink: 'syz.0.1505': attribute type 3 has an invalid length.
[  264.283835][T10428] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1504'.
[  264.702346][T10435] syzkaller0: entered promiscuous mode
[  264.735187][T10435] syzkaller0: entered allmulticast mode
[  264.898010][T10451] netlink: 'syz.1.1507': attribute type 10 has an invalid length.
[  265.101008][T10451] team0: Cannot enslave team device to itself
[  265.325451][T10470] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1520'.
[  265.430145][T10481] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1524'.
[  265.461211][T10481] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1524'.
[  265.586368][T10486] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1527'.
[  265.595340][T10486] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1527'.
[  265.816740][T10503] netlink: 'syz.1.1529': attribute type 19 has an invalid length.
[  266.003888][T10516] FAULT_INJECTION: forcing a failure.
[  266.003888][T10516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.060003][T10516] CPU: 1 UID: 0 PID: 10516 Comm: syz.1.1535 Not tainted syzkaller #0 PREEMPT(full) 
[  266.060028][T10516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  266.060038][T10516] Call Trace:
[  266.060046][T10516]  <TASK>
[  266.060054][T10516]  dump_stack_lvl+0x189/0x250
[  266.060083][T10516]  ? __pfx____ratelimit+0x10/0x10
[  266.060107][T10516]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.060129][T10516]  ? __pfx__printk+0x10/0x10
[  266.060149][T10516]  ? __might_fault+0xb0/0x130
[  266.060188][T10516]  should_fail_ex+0x414/0x560
[  266.060220][T10516]  _copy_from_user+0x2d/0xb0
[  266.060252][T10516]  ___sys_sendmsg+0x158/0x2a0
[  266.060276][T10516]  ? __pfx____sys_sendmsg+0x10/0x10
[  266.060342][T10516]  ? __fget_files+0x2a/0x420
[  266.060359][T10516]  ? __fget_files+0x3a0/0x420
[  266.060390][T10516]  __x64_sys_sendmsg+0x19b/0x260
[  266.060413][T10516]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  266.060445][T10516]  ? __pfx_ksys_write+0x10/0x10
[  266.060475][T10516]  ? do_syscall_64+0xbe/0xfa0
[  266.060502][T10516]  do_syscall_64+0xfa/0xfa0
[  266.060522][T10516]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.060544][T10516]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.060562][T10516]  ? clear_bhb_loop+0x60/0xb0
[  266.060584][T10516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.060600][T10516] RIP: 0033:0x7f878818efc9
[  266.060617][T10516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.060630][T10516] RSP: 002b:00007f8789004038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.060650][T10516] RAX: ffffffffffffffda RBX: 00007f87883e5fa0 RCX: 00007f878818efc9
[  266.060662][T10516] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000003
[  266.060674][T10516] RBP: 00007f8789004090 R08: 0000000000000000 R09: 0000000000000000
[  266.060684][T10516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.060694][T10516] R13: 00007f87883e6038 R14: 00007f87883e5fa0 R15: 00007ffe8ed441e8
[  266.060727][T10516]  </TASK>
[  266.364479][T10523] __nla_validate_parse: 1 callbacks suppressed
[  266.364511][T10523] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1538'.
[  266.397517][T10525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1539'.
[  267.399612][T10560] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1550'.
[  267.721439][T10565] netlink: 'syz.3.1550': attribute type 10 has an invalid length.
[  268.283656][T10573] netlink: 824 bytes leftover after parsing attributes in process `syz.2.1556'.
[  268.374665][T10581] netlink: 'syz.2.1558': attribute type 21 has an invalid length.
[  268.383493][T10580] netlink: 'syz.2.1558': attribute type 21 has an invalid length.
[  268.393744][T10581] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1558'.
[  268.403240][T10580] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1558'.
[  268.837614][T10601] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1566'.
[  269.113264][T10615] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1572'.
[  269.173564][T10616] netlink: 'syz.0.1571': attribute type 10 has an invalid length.
[  269.188440][T10616] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1571'.
[  269.251964][T10620] netlink: 'syz.2.1574': attribute type 21 has an invalid length.
[  269.423050][T10628] netlink: 'syz.4.1576': attribute type 1 has an invalid length.
[  269.440831][T10628] netlink: 'syz.4.1576': attribute type 3 has an invalid length.
[  269.471283][T10628] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1576'.
[  269.683110][T10640] netlink: 'syz.4.1581': attribute type 3 has an invalid length.
[  270.498587][T10684] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  271.316542][T10705] netlink: 'syz.4.1601': attribute type 2 has an invalid length.
[  271.328159][T10705] netlink: 'syz.4.1601': attribute type 2 has an invalid length.
[  271.469488][T10709] __nla_validate_parse: 6 callbacks suppressed
[  271.469506][T10709] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1601'.
[  271.496919][T10709] netlink: 'syz.4.1601': attribute type 1 has an invalid length.
[  271.505698][T10709] netlink: 'syz.4.1601': attribute type 3 has an invalid length.
[  271.518392][T10709] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1601'.
[  271.667279][T10714] netlink: 'syz.0.1603': attribute type 10 has an invalid length.
[  272.444211][T10713] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  272.707328][T10717] team0 (unregistering): Port device team_slave_1 removed
[  272.733139][T10717] team0 (unregistering): Port device bond0 removed
[  272.733887][T10734] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1607'.
[  273.528378][T10759] nbd: must specify an index to disconnect
[  274.028533][T10784] netlink: 184 bytes leftover after parsing attributes in process `syz.3.1622'.
[  274.517270][T10799] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1631'.
[  274.873529][T10811] tmpfs: Unknown parameter '�S\'
[  275.083083][T10826] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1643'.
[  275.230045][T10834] validate_nla: 1 callbacks suppressed
[  275.230061][T10834] netlink: 'syz.2.1644': attribute type 1 has an invalid length.
[  275.290054][T10834] netlink: 60387 bytes leftover after parsing attributes in process `syz.2.1644'.
[  275.488614][T10848] netlink: 182 bytes leftover after parsing attributes in process `syz.4.1647'.
[  275.735566][T10858] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  276.026096][T10875] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1659'.
[  276.038249][T10875] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1659'.
[  276.088426][T10875] netlink: 'syz.3.1659': attribute type 3 has an invalid length.
[  276.141935][T10883] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  276.151523][T10882] netlink: 'syz.3.1659': attribute type 3 has an invalid length.
[  276.151640][T10884] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  276.186691][T10883] netlink: 'syz.4.1662': attribute type 5 has an invalid length.
[  276.596366][T10907] __nla_validate_parse: 4 callbacks suppressed
[  276.596383][T10907] netlink: 19 bytes leftover after parsing attributes in process `syz.0.1668'.
[  276.601842][T10910] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1669'.
[  278.059283][T10913] wg2: left promiscuous mode
[  278.063919][T10913] wg2: left allmulticast mode
[  278.119385][T10914] wg2: entered promiscuous mode
[  278.139176][T10914] wg2: entered allmulticast mode
[  278.223125][T10918] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1671'.
[  278.232233][T10918] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1671'.
[  278.545962][T10935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1677'.
[  278.576192][T10935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1677'.
[  278.869110][T10947] netlink: 'syz.4.1682': attribute type 10 has an invalid length.
[  279.571955][T10960] netlink: 'syz.3.1687': attribute type 13 has an invalid length.
[  279.664753][T10965] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1689'.
[  279.838195][T10974] netlink: 'syz.1.1692': attribute type 3 has an invalid length.
[  279.846529][T10974] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1692'.
[  279.891161][T10978] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1693'.
[  280.005774][T10979] netlink: 182 bytes leftover after parsing attributes in process `syz.1.1694'.
[  280.385092][T10999] netlink: 'syz.1.1701': attribute type 10 has an invalid length.
[  280.615422][T11014] netlink: 'syz.4.1706': attribute type 13 has an invalid length.
[  281.166796][T11055] netlink: 'syz.4.1723': attribute type 10 has an invalid length.
[  281.494035][T11069] netlink: 'syz.1.1725': attribute type 13 has an invalid length.
[  281.650388][T11074] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1728'.
[  281.659841][T11074] netlink: 200 bytes leftover after parsing attributes in process `syz.4.1728'.
[  282.235720][T11096] netlink: 'syz.0.1733': attribute type 2 has an invalid length.
[  282.933933][T11112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1741'.
[  282.974037][T11112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1741'.
[  283.023446][T11115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1740'.
[  283.033124][T11115] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1740'.
[  283.234788][T11124] netlink: 'syz.3.1745': attribute type 2 has an invalid length.
[  283.290142][T11069] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.332518][T11069] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  283.763978][T11096] !: entered promiscuous mode
[  283.787745][ T9167] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  283.800634][T11144] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1749'.
[  283.826339][T11144] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1749'.
[  283.835487][ T9167] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  283.846881][ T9167] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  283.912506][ T9167] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  284.037772][T11152] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1752'.
[  284.069863][T11152] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1752'.
[  284.106935][T11152] netlink: 'syz.0.1752': attribute type 2 has an invalid length.
[  284.118515][T11144] netlink: 'syz.3.1749': attribute type 1 has an invalid length.
[  284.147380][T11152] netlink: 'syz.0.1752': attribute type 1 has an invalid length.
[  285.961699][T11180] netlink: 'syz.3.1761': attribute type 16 has an invalid length.
[  286.576484][T11188] dvmrp1: tun_chr_ioctl cmd 1074025677
[  286.586836][T11188] dvmrp1: linktype set to 768
[  286.898082][T11194] __nla_validate_parse: 4 callbacks suppressed
[  286.898103][T11194] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'.
[  287.358371][T11195] syzkaller0: entered allmulticast mode
[  288.199615][T11217] netlink: 'syz.1.1773': attribute type 10 has an invalid length.
[  292.246364][T11209] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1771'.
[  292.391126][T11223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1776'.
[  292.400252][T11223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1776'.
[  292.445417][T11228] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1777'.
[  292.525025][T11233] netlink: 'syz.0.1779': attribute type 10 has an invalid length.
[  292.552753][T11233] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1779'.
[  292.582767][T11230] netlink: 'syz.0.1779': attribute type 10 has an invalid length.
[  292.594839][T11233] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  292.694105][T11236] dvmrp1: tun_chr_ioctl cmd 1074025677
[  292.712444][T11236] dvmrp1: linktype set to 768
[  292.974634][T11245] netlink: 182 bytes leftover after parsing attributes in process `syz.1.1784'.
[  293.009721][T11243] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1783'.
[  293.165101][T11249] netlink: 'syz.1.1786': attribute type 10 has an invalid length.
[  293.494540][T11262] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1790'.
[  293.503981][T11262] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1790'.
[  293.685714][T11270] dvmrp1: tun_chr_ioctl cmd 1074025677
[  293.692816][T11270] dvmrp1: linktype set to 768
[  293.802879][ T5833] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  293.803928][T11272] netlink: 'syz.1.1796': attribute type 23 has an invalid length.
[  293.810407][ T5833] Bluetooth: hci1: Unable to find connection for dst 00:00:00:00:00:00 sid 0x65
[  293.846719][T11274] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1797'.
[  294.456860][T11291] netlink: 'syz.1.1804': attribute type 10 has an invalid length.
[  296.682812][ T5833] Bluetooth: hci2: unexpected subevent 0x0a length: 150 > 30
[  300.330516][T11403] __nla_validate_parse: 2 callbacks suppressed
[  300.330534][T11403] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1836'.
[  300.366131][T11403] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1836'.
[  300.563304][T11409] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1839'.
[  300.572632][T11410] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1839'.
[  300.604681][T11409] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1839'.
[  300.701536][T11416] netlink: 'syz.0.1840': attribute type 7 has an invalid length.
[  301.454026][T11439] netlink: 'syz.0.1847': attribute type 29 has an invalid length.
[  301.953234][T11450] netlink: 'syz.3.1850': attribute type 10 has an invalid length.
[  301.991136][T11450] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1850'.
[  302.764116][T11471] wlan1 speed is unknown, defaulting to 1000
[  303.483379][T11492] nbd: must specify at least one socket
[  303.599118][T11492] netlink: 'syz.4.1860': attribute type 21 has an invalid length.
[  303.599444][T11495] FAULT_INJECTION: forcing a failure.
[  303.599444][T11495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.655541][T11495] CPU: 0 UID: 0 PID: 11495 Comm: syz.3.1863 Not tainted syzkaller #0 PREEMPT(full) 
[  303.655567][T11495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  303.655579][T11495] Call Trace:
[  303.655586][T11495]  <TASK>
[  303.655595][T11495]  dump_stack_lvl+0x189/0x250
[  303.655625][T11495]  ? __pfx____ratelimit+0x10/0x10
[  303.655650][T11495]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.655673][T11495]  ? __pfx__printk+0x10/0x10
[  303.655693][T11495]  ? __might_fault+0xb0/0x130
[  303.655732][T11495]  should_fail_ex+0x414/0x560
[  303.655766][T11495]  _copy_from_iter+0x1de/0x1790
[  303.655804][T11495]  ? anon_pipe_write+0x15d/0x1460
[  303.655826][T11495]  ? __pfx__copy_from_iter+0x10/0x10
[  303.655846][T11495]  ? __pfx___mutex_lock+0x10/0x10
[  303.655872][T11495]  ? aa_file_perm+0x44d/0x1550
[  303.655895][T11495]  ? page_copy_sane+0x4e/0x280
[  303.655919][T11495]  copy_page_from_iter+0xdd/0x170
[  303.655945][T11495]  anon_pipe_write+0x9f8/0x1460
[  303.655964][T11495]  ? __pfx_aa_file_perm+0x10/0x10
[  303.656009][T11495]  ? __pfx_anon_pipe_write+0x10/0x10
[  303.656024][T11495]  ? common_file_perm+0x1b5/0x230
[  303.656055][T11495]  ? bpf_lsm_file_permission+0x9/0x20
[  303.656073][T11495]  ? security_file_permission+0x75/0x290
[  303.656105][T11495]  vfs_write+0x5c9/0xb30
[  303.656137][T11495]  ? __pfx_anon_pipe_write+0x10/0x10
[  303.656157][T11495]  ? __pfx_vfs_write+0x10/0x10
[  303.656203][T11495]  ? __fget_files+0x2a/0x420
[  303.656234][T11495]  ksys_write+0x145/0x250
[  303.656262][T11495]  ? __pfx_ksys_write+0x10/0x10
[  303.656291][T11495]  ? do_syscall_64+0xbe/0xfa0
[  303.656320][T11495]  do_syscall_64+0xfa/0xfa0
[  303.656340][T11495]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.656362][T11495]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.656377][T11495]  ? clear_bhb_loop+0x60/0xb0
[  303.656398][T11495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.656414][T11495] RIP: 0033:0x7f852498efc9
[  303.656429][T11495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.656443][T11495] RSP: 002b:00007f8525902038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  303.656461][T11495] RAX: ffffffffffffffda RBX: 00007f8524be5fa0 RCX: 00007f852498efc9
[  303.656474][T11495] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000000
[  303.656485][T11495] RBP: 00007f8525902090 R08: 0000000000000000 R09: 0000000000000000
[  303.656496][T11495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.656506][T11495] R13: 00007f8524be6038 R14: 00007f8524be5fa0 R15: 00007fff04cc07e8
[  303.656544][T11495]  </TASK>
[  303.676521][T11497] dvmrp1: tun_chr_ioctl cmd 1074025677
[  303.966176][T11497] dvmrp1: linktype set to 768
[  303.981479][T11492] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1860'.
[  304.318415][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  304.327549][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  304.340058][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  304.348480][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  304.356932][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  304.632962][T11520] FAULT_INJECTION: forcing a failure.
[  304.632962][T11520] name failslab, interval 1, probability 0, space 0, times 0
[  304.666135][T11520] CPU: 1 UID: 0 PID: 11520 Comm: syz.0.1869 Not tainted syzkaller #0 PREEMPT(full) 
[  304.666160][T11520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  304.666171][T11520] Call Trace:
[  304.666180][T11520]  <TASK>
[  304.666188][T11520]  dump_stack_lvl+0x189/0x250
[  304.666224][T11520]  ? __pfx____ratelimit+0x10/0x10
[  304.666249][T11520]  ? __pfx_dump_stack_lvl+0x10/0x10
[  304.666282][T11520]  ? __pfx__printk+0x10/0x10
[  304.666312][T11520]  ? __pfx___might_resched+0x10/0x10
[  304.666333][T11520]  ? fs_reclaim_acquire+0x7d/0x100
[  304.666362][T11520]  should_fail_ex+0x414/0x560
[  304.666400][T11520]  should_failslab+0xa8/0x100
[  304.666425][T11520]  __kmalloc_noprof+0xcb/0x7f0
[  304.666446][T11520]  ? rcu_is_watching+0x15/0xb0
[  304.666459][T11520]  ? security_sk_alloc+0x52/0x390
[  304.666476][T11520]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  304.666504][T11520]  security_sk_alloc+0x52/0x390
[  304.666528][T11520]  sk_prot_alloc+0x101/0x220
[  304.666553][T11520]  sk_alloc+0x3a/0x370
[  304.666581][T11520]  inet_create+0x7a0/0x1000
[  304.666597][T11520]  ? inet_create+0x9c/0x1000
[  304.666622][T11520]  __sock_create+0x4b3/0x9f0
[  304.666670][T11520]  mptcp_subflow_create_socket+0xf0/0x7d0
[  304.666708][T11520]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  304.666729][T11520]  ? perf_trace_lock+0x2f8/0x3b0
[  304.666764][T11520]  __mptcp_nmpc_sk+0x148/0x760
[  304.666787][T11520]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  304.666799][T11520]  ? __local_bh_enable_ip+0x12d/0x1c0
[  304.666816][T11520]  ? lockdep_hardirqs_on+0x9c/0x150
[  304.666841][T11520]  ? __local_bh_enable_ip+0x12d/0x1c0
[  304.666865][T11520]  mptcp_sendmsg_fastopen+0xd4/0x580
[  304.666904][T11520]  mptcp_sendmsg+0x1774/0x1980
[  304.666924][T11520]  ? __pfx___might_resched+0x10/0x10
[  304.666957][T11520]  ? __pfx_perf_tp_event+0x10/0x10
[  304.666991][T11520]  ? aa_sk_perm+0x81e/0x950
[  304.667031][T11520]  ? __pfx_aa_sk_perm+0x10/0x10
[  304.667057][T11520]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  304.667083][T11520]  ? perf_trace_run_bpf_submit+0xee/0x170
[  304.667099][T11520]  ? sock_rps_record_flow+0x19/0x410
[  304.667136][T11520]  ? inet_sendmsg+0x2f4/0x370
[  304.667177][T11520]  __sock_sendmsg+0x19c/0x270
[  304.667215][T11520]  ____sys_sendmsg+0x505/0x830
[  304.667255][T11520]  ? __pfx_____sys_sendmsg+0x10/0x10
[  304.667314][T11520]  ? import_iovec+0x74/0xa0
[  304.667352][T11520]  ___sys_sendmsg+0x21f/0x2a0
[  304.667384][T11520]  ? __pfx____sys_sendmsg+0x10/0x10
[  304.667473][T11520]  ? __fget_files+0x2a/0x420
[  304.667532][T11520]  ? __fget_files+0x2a/0x420
[  304.667550][T11520]  ? __fget_files+0x3a0/0x420
[  304.667603][T11520]  __x64_sys_sendmsg+0x19b/0x260
[  304.667635][T11520]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  304.667686][T11520]  ? __pfx_ksys_write+0x10/0x10
[  304.667725][T11520]  ? do_syscall_64+0xbe/0xfa0
[  304.667758][T11520]  do_syscall_64+0xfa/0xfa0
[  304.667778][T11520]  ? lockdep_hardirqs_on+0x9c/0x150
[  304.667801][T11520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.667820][T11520]  ? clear_bhb_loop+0x60/0xb0
[  304.667850][T11520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.667866][T11520] RIP: 0033:0x7f8d9d78efc9
[  304.667888][T11520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.667902][T11520] RSP: 002b:00007f8d9e5fd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  304.667923][T11520] RAX: ffffffffffffffda RBX: 00007f8d9d9e5fa0 RCX: 00007f8d9d78efc9
[  304.667936][T11520] RDX: 0000000030004001 RSI: 0000200000000080 RDI: 0000000000000007
[  304.667948][T11520] RBP: 00007f8d9e5fd090 R08: 0000000000000000 R09: 0000000000000000
[  304.667958][T11520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.667969][T11520] R13: 00007f8d9d9e6038 R14: 00007f8d9d9e5fa0 R15: 00007ffe081ea488
[  304.668037][T11520]  </TASK>
[  305.139578][T11519] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1868'.
[  305.229347][T11519] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1868'.
[  305.370747][T11505] wlan1 speed is unknown, defaulting to 1000
[  305.444680][T11524] netlink: 'syz.3.1870': attribute type 10 has an invalid length.
[  305.554423][T11524] batman_adv: batadv0: Adding interface: netdevsim0
[  305.596196][T11524] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  305.641113][T11524] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  305.991641][T11534] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1873'.
[  306.165550][   T13] bond0: (slave netdevsim0): Releasing backup interface
[  306.406320][ T5833] Bluetooth: hci0: command tx timeout
[  306.640976][T11505] chnl_net:caif_netlink_parms(): no params data found
[  307.356845][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  307.397054][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  307.423337][   T13] bond0 (unregistering): Released all slaves
[  307.447915][T11572] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1882'.
[  307.510201][   T13] ����: left promiscuous mode
[  307.584839][T11574] netlink: 'syz.3.1882': attribute type 13 has an invalid length.
[  307.690878][   T13] : left promiscuous mode
[  307.964318][T11505] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.983640][T11505] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.994336][T11505] bridge_slave_0: entered allmulticast mode
[  308.005221][T11505] bridge_slave_0: entered promiscuous mode
[  308.031245][T11505] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.046220][T11505] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.061924][T11505] bridge_slave_1: entered allmulticast mode
[  308.070955][T11505] bridge_slave_1: entered promiscuous mode
[  308.548081][ T5833] Bluetooth: hci0: command tx timeout
[  308.580432][T11505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  308.618785][T11505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  308.636328][T11622] netlink: 'syz.0.1895': attribute type 21 has an invalid length.
[  308.668128][T11622] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1895'.
[  308.918148][T11638] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1900'.
[  308.930973][T11638] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1900'.
[  309.080995][T11505] team0: Port device team_slave_0 added
[  309.089469][T11642] netlink: 'syz.1.1903': attribute type 29 has an invalid length.
[  309.109399][T11505] team0: Port device team_slave_1 added
[  309.414525][T11505] batman_adv: batadv0: Adding interface: batadv_slave_0
[  309.421889][T11505] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  309.448330][T11505] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  309.513720][T11505] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.526683][T11505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  309.598772][T11505] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  309.627411][T11651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1907'.
[  309.637635][T11651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1907'.
[  310.014008][   T13] hsr_slave_0: left promiscuous mode
[  310.032875][   T13] hsr_slave_1: left promiscuous mode
[  310.576037][ T5833] Bluetooth: hci0: command tx timeout
[  310.828086][   T13] team0 (unregistering): Port device team_slave_1 removed
[  310.876658][   T13] team0 (unregistering): Port device team_slave_0 removed
[  311.521848][T11671] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  311.541516][T11505] hsr_slave_0: entered promiscuous mode
[  311.558421][T11505] hsr_slave_1: entered promiscuous mode
[  311.577189][T11505] debugfs: 'hsr0' already exists in 'hsr'
[  311.582952][T11505] Cannot create hsr debugfs directory
[  311.596604][T11676] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1912'.
[  311.624513][T11696] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1917'.
[  311.843671][T11696] netlink: 'syz.4.1917': attribute type 4 has an invalid length.
[  312.019804][T11696] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  312.166659][T11705] bridge_slave_1: left allmulticast mode
[  312.199550][T11705] bridge_slave_1: left promiscuous mode
[  312.243493][T11705] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.308765][T11705] bridge_slave_0: left allmulticast mode
[  312.314447][T11705] bridge_slave_0: left promiscuous mode
[  312.346956][T11705] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.360788][T11722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1924'.
[  312.646199][ T5833] Bluetooth: hci0: command tx timeout
[  313.087979][T11505] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  313.401418][T11505] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  313.857338][T11746] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1929'.
[  313.905021][T11505] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  313.944798][T11505] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  314.334914][T11505] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.411943][T11505] 8021q: adding VLAN 0 to HW filter on device team0
[  314.449526][ T9290] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.456737][ T9290] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.503279][ T9290] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.510631][ T9290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.535059][T11774] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1935'.
[  314.595183][T11774] netlink: 'syz.3.1935': attribute type 13 has an invalid length.
[  314.595463][T11772] netlink: 'syz.0.1933': attribute type 10 has an invalid length.
[  314.624042][T11505] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  314.638941][T11505] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  315.037082][T11505] 8021q: adding VLAN 0 to HW filter on device batadv0
[  315.037567][T11786] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1937'.
[  315.056098][T11783] wlan1 speed is unknown, defaulting to 1000
[  315.327525][T11795] netlink: 182 bytes leftover after parsing attributes in process `syz.3.1940'.
[  315.706706][T11807] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1941'.
[  315.724899][T11505] veth0_vlan: entered promiscuous mode
[  315.740207][T11798] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1939'.
[  315.786690][T11807] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1941'.
[  315.928577][T11505] veth1_vlan: entered promiscuous mode
[  316.053908][T11505] veth0_macvtap: entered promiscuous mode
[  316.116528][T11505] veth1_macvtap: entered promiscuous mode
[  316.170986][T11505] batman_adv: batadv0: Interface activated: batadv_slave_0
[  316.230751][T11818] netlink: 'syz.3.1946': attribute type 13 has an invalid length.
[  316.243442][T11505] batman_adv: batadv0: Interface activated: batadv_slave_1
[  316.279405][ T9166] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.322734][ T9166] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.349112][ T9166] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.378020][ T9166] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.587333][ T9290] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.600504][ T9290] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.671891][T11829] netlink: 'syz.1.1949': attribute type 10 has an invalid length.
[  316.687213][ T9290] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.695572][ T9290] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.141979][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  317.148381][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  317.226852][T11838] __nla_validate_parse: 3 callbacks suppressed
[  317.226901][T11838] netlink: 182 bytes leftover after parsing attributes in process `syz.0.1952'.
[  318.497072][T11866] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1959'.
[  318.658219][T11865] netlink: 'syz.1.1959': attribute type 13 has an invalid length.
[  319.778766][T11885] netlink: 182 bytes leftover after parsing attributes in process `syz.4.1966'.
[  319.967919][T11892] netlink: 'syz.3.1969': attribute type 10 has an invalid length.
[  319.986209][T11892] batman_adv: batadv0: Removing interface: netdevsim0
[  321.052584][T11914] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1972'.
[  321.150859][T11923] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1972'.
[  321.256740][T11903] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1972'.
[  321.267550][T11904] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1972'.
[  321.286222][T11919] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1972'.
[  321.919725][T11939] netlink: 'syz.4.1980': attribute type 39 has an invalid length.
[  322.378485][T11935] syzkaller0: tun_chr_ioctl cmd 2147767520
[  323.218493][T11958] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1989'.
[  323.325294][T11966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1989'.
[  323.515583][T11973] netlink: 'syz.5.1992': attribute type 10 has an invalid length.
[  323.523545][T11973] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1992'.
[  323.538962][T11973] dummy0: entered promiscuous mode
[  323.544877][T11973] dummy0: entered allmulticast mode
[  323.553375][T11973] bridge0: port 3(dummy0) entered blocking state
[  323.559958][T11973] bridge0: port 3(dummy0) entered disabled state
[  323.570341][T11973] bridge0: port 3(dummy0) entered blocking state
[  323.576897][T11973] bridge0: port 3(dummy0) entered forwarding state
[  324.030701][T11995] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2003'.
[  324.216748][T12004] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2005'.
[  324.232249][T12004] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2005'.
[  324.295033][T12006] dvmrp1: tun_chr_ioctl cmd 1074025677
[  324.301994][T12006] dvmrp1: linktype set to 768
[  324.985761][T12028] netlink: 'syz.4.2015': attribute type 64 has an invalid length.
[  325.011274][T12028] netlink: 'syz.4.2015': attribute type 4 has an invalid length.
[  325.035074][T12028] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2015'.
[  325.058322][T12037] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2017'.
[  325.078281][T12037] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2017'.
[  325.412033][T12046] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2021'.
[  325.584060][T12051] dvmrp1: tun_chr_ioctl cmd 1074025677
[  325.638627][T12051] dvmrp1: linktype set to 768
[  326.648319][T12082] netlink: 'syz.4.2030': attribute type 21 has an invalid length.
[  327.461821][T12122] netlink: 'syz.5.2037': attribute type 21 has an invalid length.
[  327.471462][T12121] netlink: 'syz.0.2039': attribute type 37 has an invalid length.
[  327.587812][T12127] netlink: 'syz.4.2041': attribute type 21 has an invalid length.
[  327.609155][T12127] netlink: 'syz.4.2041': attribute type 6 has an invalid length.
[  328.496691][T12169] __nla_validate_parse: 8 callbacks suppressed
[  328.496711][T12169] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2048'.
[  328.757672][T12186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2056'.
[  328.767135][T12186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2056'.
[  329.290915][T12209] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2062'.
[  329.334832][T12209] netlink: 'syz.3.2062': attribute type 12 has an invalid length.
[  329.343121][T12209] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2062'.
[  329.426165][T12216] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2063'.
[  329.435060][T12216] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2063'.
[  329.784006][T12235] netlink: 'syz.3.2067': attribute type 1 has an invalid length.
[  329.803136][T12235] nbd: illegal input index -1495182229
[  329.810439][T12235] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2067'.
[  329.967255][T12241] netlink: 204 bytes leftover after parsing attributes in process `syz.4.2068'.
[  330.452256][T12252] netlink: 'syz.1.2071': attribute type 10 has an invalid length.
[  330.460586][T12252] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2071'.
[  331.440614][T12237] dvmrp1: tun_chr_ioctl cmd 1074025677
[  331.446504][T12237] dvmrp1: linktype set to 768
[  331.455230][T12235] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  331.476160][T12252] dummy0: entered promiscuous mode
[  331.481308][T12252] dummy0: entered allmulticast mode
[  331.506509][T12252] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  331.683701][T12258] FAULT_INJECTION: forcing a failure.
[  331.683701][T12258] name failslab, interval 1, probability 0, space 0, times 0
[  331.723160][T12258] CPU: 1 UID: 0 PID: 12258 Comm: syz.5.2075 Not tainted syzkaller #0 PREEMPT(full) 
[  331.723198][T12258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  331.723208][T12258] Call Trace:
[  331.723217][T12258]  <TASK>
[  331.723227][T12258]  dump_stack_lvl+0x189/0x250
[  331.723259][T12258]  ? __pfx____ratelimit+0x10/0x10
[  331.723286][T12258]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.723313][T12258]  ? __pfx__printk+0x10/0x10
[  331.723350][T12258]  ? __pfx___might_resched+0x10/0x10
[  331.723389][T12258]  should_fail_ex+0x414/0x560
[  331.723429][T12258]  should_failslab+0xa8/0x100
[  331.723454][T12258]  kmem_cache_alloc_lru_noprof+0x79/0x6d0
[  331.723480][T12258]  ? __d_alloc+0x36/0x7a0
[  331.723518][T12258]  __d_alloc+0x36/0x7a0
[  331.723564][T12258]  d_alloc+0x4b/0x190
[  331.723580][T12258]  ? lookup_one_qstr_excl+0xc8/0x360
[  331.723610][T12258]  lookup_one_qstr_excl+0xdc/0x360
[  331.723648][T12258]  filename_create+0x224/0x3c0
[  331.723693][T12258]  ? __pfx_filename_create+0x10/0x10
[  331.723749][T12258]  do_mkdirat+0xa0/0x590
[  331.723784][T12258]  ? __pfx_do_mkdirat+0x10/0x10
[  331.723837][T12258]  ? getname_flags+0x1e5/0x540
[  331.723868][T12258]  __x64_sys_mkdir+0x6c/0x80
[  331.723899][T12258]  do_syscall_64+0xfa/0xfa0
[  331.723922][T12258]  ? lockdep_hardirqs_on+0x9c/0x150
[  331.723946][T12258]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.723964][T12258]  ? clear_bhb_loop+0x60/0xb0
[  331.723994][T12258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.724010][T12258] RIP: 0033:0x7f3e8418efc9
[  331.724029][T12258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.724044][T12258] RSP: 002b:00007f3e850b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  331.724064][T12258] RAX: ffffffffffffffda RBX: 00007f3e843e5fa0 RCX: 00007f3e8418efc9
[  331.724077][T12258] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  331.724089][T12258] RBP: 00007f3e850b9090 R08: 0000000000000000 R09: 0000000000000000
[  331.724100][T12258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.724110][T12258] R13: 00007f3e843e6038 R14: 00007f3e843e5fa0 R15: 00007ffde2efad98
[  331.724170][T12258]  </TASK>
[  332.005843][T12263] netlink: 'syz.0.2074': attribute type 1 has an invalid length.
[  332.893407][T12292] netlink: 'syz.0.2085': attribute type 21 has an invalid length.
[  333.569259][T12297] __nla_validate_parse: 4 callbacks suppressed
[  333.569279][T12297] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2087'.
[  333.626773][T12297] netlink: 46 bytes leftover after parsing attributes in process `syz.4.2087'.
[  333.645821][T12297] netlink: 46 bytes leftover after parsing attributes in process `syz.4.2087'.
[  334.285169][T12337] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2100'.
[  334.375604][T12314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2094'.
[  334.391277][T12340] netlink: 292 bytes leftover after parsing attributes in process `syz.4.2101'.
[  334.948098][T12362] netlink: 'syz.4.2111': attribute type 4 has an invalid length.
[  334.964446][T12362] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2111'.
[  335.000154][T12362] .a: renamed from bond0
[  335.028301][T12366] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2113'.
[  335.153948][T12369] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2114'.
[  335.317714][T12375] batman_adv: batadv0: Removing interface: batadv_slave_0
[  335.951017][T12395] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2125'.
[  336.242207][T12415] netlink: 'syz.1.2132': attribute type 10 has an invalid length.
[  336.863878][T12444] netlink: 'syz.1.2142': attribute type 21 has an invalid length.
[  337.210821][T12451] netlink: 'syz.3.2145': attribute type 13 has an invalid length.
[  337.242092][T12454] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  337.844254][T12479] netlink: 'syz.3.2156': attribute type 10 has an invalid length.
[  338.595107][T12510] __nla_validate_parse: 3 callbacks suppressed
[  338.595125][T12510] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2166'.
[  338.612820][T12510] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  339.021951][T12526] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2171'.
[  339.046792][T12526] netlink: 46 bytes leftover after parsing attributes in process `syz.4.2171'.
[  339.086359][T12526] netlink: 46 bytes leftover after parsing attributes in process `syz.4.2171'.
[  339.372251][T12542] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2176'.
[  339.941523][T12564] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2185'.
[  339.966170][T12564] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2185'.
[  340.357739][T12581] netlink: 'syz.0.2189': attribute type 10 has an invalid length.
[  340.395724][T12581] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.460187][T12584] netlink: 'syz.0.2189': attribute type 10 has an invalid length.
[  340.481479][T12581] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  340.509976][T12584] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2189'.
[  340.538621][T12584] batadv0: entered promiscuous mode
[  340.561709][T12584] batadv0: entered allmulticast mode
[  340.708509][T12584] bond0: (slave batadv0): Releasing backup interface
[  340.777965][T12584] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  340.898316][T12588] netlink: 'syz.1.2192': attribute type 11 has an invalid length.
[  341.005187][T12587] netlink: 'syz.1.2192': attribute type 11 has an invalid length.
[  341.155027][T12599] netlink: 19 bytes leftover after parsing attributes in process `syz.3.2194'.
[  341.229790][T12603] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2198'.
[  342.416784][T12643] netlink: 'syz.0.2214': attribute type 1 has an invalid length.
[  343.209439][   T30] audit: type=1107 audit(1761647926.613:5): pid=12678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='_�WȂ�f'
[  343.830623][T12701] __nla_validate_parse: 5 callbacks suppressed
[  343.830644][T12701] netlink: 272 bytes leftover after parsing attributes in process `syz.3.2236'.
[  343.882266][T12701] netlink: 272 bytes leftover after parsing attributes in process `syz.3.2236'.
[  343.950708][T12709] netlink: 182 bytes leftover after parsing attributes in process `syz.1.2237'.
[  344.186128][T12718] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2243'.
[  344.479366][T12731] dvmrp1: tun_chr_ioctl cmd 1074025677
[  344.491391][T12731] dvmrp1: linktype set to 768
[  344.525331][T12733] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2250'.
[  344.773780][T12742] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2254'.
[  345.603082][T12763] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2263'.
[  345.622771][T12763] netlink: 46 bytes leftover after parsing attributes in process `syz.0.2263'.
[  345.639731][T12763] netlink: 46 bytes leftover after parsing attributes in process `syz.0.2263'.
[  345.678340][T12763] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2263'.
[  345.921555][T12774] netlink: 'syz.5.2265': attribute type 21 has an invalid length.
[  346.130145][T12780] dvmrp1: tun_chr_ioctl cmd 1074025677
[  346.151166][T12780] dvmrp1: linktype set to 768
[  347.567140][T12821] netlink: 'syz.1.2279': attribute type 10 has an invalid length.
[  348.153984][T12833] hsr0: entered promiscuous mode
[  348.176510][T12833] hsr0: entered allmulticast mode
[  348.206939][T12833] hsr_slave_0: entered allmulticast mode
[  348.237362][T12833] hsr_slave_1: entered allmulticast mode
[  349.082899][T12846] netlink: 'syz.0.2288': attribute type 4 has an invalid length.
[  349.104033][T12846] __nla_validate_parse: 7 callbacks suppressed
[  349.104052][T12846] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2288'.
[  349.349304][T12855] FAULT_INJECTION: forcing a failure.
[  349.349304][T12855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  349.393326][T12850] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2290'.
[  349.424934][T12855] CPU: 1 UID: 0 PID: 12855 Comm: syz.1.2291 Not tainted syzkaller #0 PREEMPT(full) 
[  349.424961][T12855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  349.424972][T12855] Call Trace:
[  349.424980][T12855]  <TASK>
[  349.424988][T12855]  dump_stack_lvl+0x189/0x250
[  349.425018][T12855]  ? __pfx____ratelimit+0x10/0x10
[  349.425041][T12855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.425063][T12855]  ? __pfx__printk+0x10/0x10
[  349.425082][T12855]  ? __might_fault+0xb0/0x130
[  349.425111][T12855]  ? __might_fault+0xb0/0x130
[  349.425143][T12855]  should_fail_ex+0x414/0x560
[  349.425178][T12855]  _copy_from_user+0x2d/0xb0
[  349.425203][T12855]  ___sys_sendmsg+0x158/0x2a0
[  349.425229][T12855]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.425280][T12855]  ? __fget_files+0x2a/0x420
[  349.425318][T12855]  ? __fget_files+0x2a/0x420
[  349.425334][T12855]  ? __fget_files+0x3a0/0x420
[  349.425366][T12855]  __x64_sys_sendmsg+0x19b/0x260
[  349.425388][T12855]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  349.425421][T12855]  ? __pfx_ksys_write+0x10/0x10
[  349.425453][T12855]  ? do_syscall_64+0xbe/0xfa0
[  349.425482][T12855]  do_syscall_64+0xfa/0xfa0
[  349.425502][T12855]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.425525][T12855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.425543][T12855]  ? clear_bhb_loop+0x60/0xb0
[  349.425565][T12855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.425582][T12855] RIP: 0033:0x7f878818efc9
[  349.425599][T12855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.425614][T12855] RSP: 002b:00007f8789004038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.425633][T12855] RAX: ffffffffffffffda RBX: 00007f87883e5fa0 RCX: 00007f878818efc9
[  349.425646][T12855] RDX: 0000000000000004 RSI: 0000200000000100 RDI: 0000000000000003
[  349.425657][T12855] RBP: 00007f8789004090 R08: 0000000000000000 R09: 0000000000000000
[  349.425668][T12855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.425679][T12855] R13: 00007f87883e6038 R14: 00007f87883e5fa0 R15: 00007ffe8ed441e8
[  349.425718][T12855]  </TASK>
[  349.915205][T12861] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2295'.
[  349.977548][T12861] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  350.654577][T12892] netlink: 'syz.4.2301': attribute type 29 has an invalid length.
[  350.783583][T12895] netlink: 'syz.1.2304': attribute type 13 has an invalid length.
[  352.188821][T12929] netlink: 'syz.4.2319': attribute type 33 has an invalid length.
[  352.251154][T12929] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2319'.
[  352.540879][T12942] batman_adv: batadv0: Removing interface: batadv_slave_0
[  352.563449][T12942] batman_adv: batadv0: Removing interface: batadv_slave_1
[  352.626272][T12945] netlink: 'syz.3.2323': attribute type 1 has an invalid length.
[  352.647418][T12945] netlink: 104088 bytes leftover after parsing attributes in process `syz.3.2323'.
[  352.968155][T12954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2328'.
[  352.993724][T12954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2328'.
[  353.238360][T12964] netlink: 'syz.4.2330': attribute type 4 has an invalid length.
[  353.475960][T12978] IPv6: Can't replace route, no match found
[  353.626646][T12988] FAULT_INJECTION: forcing a failure.
[  353.626646][T12988] name failslab, interval 1, probability 0, space 0, times 0
[  353.648076][T12988] CPU: 0 UID: 0 PID: 12988 Comm: syz.5.2340 Not tainted syzkaller #0 PREEMPT(full) 
[  353.648101][T12988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  353.648112][T12988] Call Trace:
[  353.648120][T12988]  <TASK>
[  353.648129][T12988]  dump_stack_lvl+0x189/0x250
[  353.648161][T12988]  ? __pfx____ratelimit+0x10/0x10
[  353.648187][T12988]  ? __pfx_dump_stack_lvl+0x10/0x10
[  353.648214][T12988]  ? __pfx__printk+0x10/0x10
[  353.648253][T12988]  ? __pfx___might_resched+0x10/0x10
[  353.648291][T12988]  should_fail_ex+0x414/0x560
[  353.648329][T12988]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  353.648348][T12988]  should_failslab+0xa8/0x100
[  353.648380][T12988]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  353.648395][T12988]  kmem_cache_alloc_lru_noprof+0x79/0x6d0
[  353.648424][T12988]  ? shmem_alloc_inode+0x28/0x40
[  353.648455][T12988]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  353.648473][T12988]  shmem_alloc_inode+0x28/0x40
[  353.648491][T12988]  alloc_inode+0x6a/0x1b0
[  353.648517][T12988]  new_inode+0x22/0x170
[  353.648553][T12988]  shmem_get_inode+0x346/0xe90
[  353.648604][T12988]  shmem_mknod+0x18c/0x3e0
[  353.648646][T12988]  shmem_mkdir+0x33/0x70
[  353.648672][T12988]  vfs_mkdir+0x306/0x510
[  353.648719][T12988]  do_mkdirat+0x247/0x590
[  353.648754][T12988]  ? __pfx_do_mkdirat+0x10/0x10
[  353.648790][T12988]  ? getname_flags+0x1e5/0x540
[  353.648825][T12988]  __x64_sys_mkdir+0x6c/0x80
[  353.648853][T12988]  do_syscall_64+0xfa/0xfa0
[  353.648875][T12988]  ? lockdep_hardirqs_on+0x9c/0x150
[  353.648900][T12988]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.648928][T12988]  ? clear_bhb_loop+0x60/0xb0
[  353.648958][T12988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.648975][T12988] RIP: 0033:0x7f3e8418efc9
[  353.649001][T12988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.649015][T12988] RSP: 002b:00007f3e850b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  353.649045][T12988] RAX: ffffffffffffffda RBX: 00007f3e843e5fa0 RCX: 00007f3e8418efc9
[  353.649059][T12988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  353.649070][T12988] RBP: 00007f3e850b9090 R08: 0000000000000000 R09: 0000000000000000
[  353.649081][T12988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.649092][T12988] R13: 00007f3e843e6038 R14: 00007f3e843e5fa0 R15: 00007ffde2efad98
[  353.649161][T12988]  </TASK>
[  354.151533][T13003] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2344'.
[  354.470475][T13022] netlink: 'syz.1.2351': attribute type 21 has an invalid length.
[  354.478803][T13022] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2351'.
[  355.469516][T13057] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2364'.
[  355.488713][T13052] nbd: must specify an index to disconnect
[  355.494661][T13057] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2364'.
[  355.504784][T13057] netlink: 'syz.3.2364': attribute type 6 has an invalid length.
[  356.413232][T13097] netlink: 'syz.5.2378': attribute type 1 has an invalid length.
[  356.429060][T13099] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2379'.
[  356.540927][T13097] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2378'.
[  356.555552][T13104] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2379'.
[  356.573334][T13099] netlink: 'syz.0.2379': attribute type 19 has an invalid length.
[  356.822736][T13113] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2384'.
[  356.847148][T13113] netlink: 46 bytes leftover after parsing attributes in process `syz.4.2384'.
[  356.865929][T13113] netlink: 46 bytes leftover after parsing attributes in process `syz.4.2384'.
[  356.935131][   T30] audit: type=1107 audit(1761647940.333:6): pid=13118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  356.950425][   T30] audit: type=1107 audit(1761647940.343:7): pid=13118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  357.755051][T13141] netlink: 'syz.5.2395': attribute type 15 has an invalid length.
[  357.764848][T13141] netlink: 'syz.5.2395': attribute type 5 has an invalid length.
[  359.050693][T13173] x_tables: ip6_tables: CONNSECMARK.0 target: invalid size 8 (kernel) != (user) 16
[  359.814030][T13201] __nla_validate_parse: 7 callbacks suppressed
[  359.814043][T13201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2416'.
[  359.832462][T13201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2416'.
[  360.011204][T13212] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2419'.
[  360.020581][T13207] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2419'.
[  360.050491][T13215] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2420'.
[  360.060676][T13215] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2420'.
[  360.199675][T13225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2424'.
[  360.709370][T13237] netlink: 18187 bytes leftover after parsing attributes in process `syz.1.2430'.
[  362.064211][T13237] netlink: 'syz.1.2430': attribute type 10 has an invalid length.
[  362.955421][T13284] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2445'.
[  363.402407][T13299] netlink: 'syz.0.2450': attribute type 4 has an invalid length.
[  363.444534][T13299] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2450'.
[  364.113705][T13329] netlink: 'syz.1.2459': attribute type 10 has an invalid length.
[  364.452479][T13339] netlink: 'syz.0.2463': attribute type 4 has an invalid length.
[  364.462061][T13340] wlan1 speed is unknown, defaulting to 1000
[  364.508941][T13345] dvmrp1: tun_chr_ioctl cmd 1074025677
[  364.515270][T13345] dvmrp1: linktype set to 768
[  364.834277][T13366] __nla_validate_parse: 4 callbacks suppressed
[  364.834295][T13366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2469'.
[  364.850696][T13366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2469'.
[  364.864901][T13366] netlink: 'syz.1.2469': attribute type 6 has an invalid length.
[  364.883664][T13366] netlink: 'syz.1.2469': attribute type 10 has an invalid length.
[  365.014204][T13370] netlink: 'syz.0.2472': attribute type 2 has an invalid length.
[  365.027696][T13370] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2472'.
[  365.234423][T13378] netlink: 172 bytes leftover after parsing attributes in process `syz.3.2473'.
[  365.747285][T13385] netlink: 182 bytes leftover after parsing attributes in process `syz.1.2475'.
[  366.159280][T13397] netlink: 'syz.3.2477': attribute type 1 has an invalid length.
[  366.167591][T13397] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2477'.
[  366.231931][T13399] netlink: 'syz.1.2479': attribute type 4 has an invalid length.
[  366.241558][T13399] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2479'.
[  366.322425][T13399] .a: renamed from bond0
[  366.427945][T13394] batadv_slave_1: left allmulticast mode
[  366.440120][T13394] bridge0: port 3(batadv_slave_1) entered disabled state
[  366.492207][T13394] bridge_slave_1: left allmulticast mode
[  366.516763][T13394] bridge_slave_1: left promiscuous mode
[  366.543570][T13394] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.163922][T13394] bridge_slave_0: left promiscuous mode
[  367.209310][T13394] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.492692][T13419] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2485'.
[  367.543943][T13420] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2485'.
[  367.557449][T13419] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2485'.
[  367.852684][T13433] netlink: 'syz.4.2490': attribute type 2 has an invalid length.
[  368.609352][T13459] nbd: must specify at least one socket
[  368.677021][T13465] tc_dump_action: action bad kind
[  369.258680][T13484] netlink: 'syz.5.2510': attribute type 10 has an invalid length.
[  369.805121][T13484] team0: Port device geneve1 added
[  371.421121][T13518] __nla_validate_parse: 10 callbacks suppressed
[  371.421154][T13518] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2522'.
[  372.271996][T13541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2532'.
[  372.468212][T13550] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2536'.
[  372.482302][T13550] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2536'.
[  373.880862][T13593] wlan1 speed is unknown, defaulting to 1000
[  373.882876][T13596] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2549'.
[  374.363707][T13609] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2555'.
[  374.393128][T13609] netlink: 46 bytes leftover after parsing attributes in process `syz.0.2555'.
[  374.446113][T13609] netlink: 46 bytes leftover after parsing attributes in process `syz.0.2555'.
[  374.715239][T13622] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2561'.
[  374.744030][T13622] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2561'.
[  375.099225][T13639] netlink: 'syz.3.2564': attribute type 4 has an invalid length.
[  375.880271][T13683] netlink: 'syz.5.2580': attribute type 4 has an invalid length.
[  375.917440][T13688] netlink: 'syz.1.2581': attribute type 10 has an invalid length.
[  375.944618][T13683] .a: renamed from bond0 (while UP)
[  377.068745][T13720] __nla_validate_parse: 7 callbacks suppressed
[  377.068763][T13720] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2591'.
[  377.226928][T13728] netlink: 'syz.1.2594': attribute type 13 has an invalid length.
[  377.772790][T13764] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2605'.
[  377.784369][T13764] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2605'.
[  377.819039][T13762] netlink: 'syz.4.2604': attribute type 10 has an invalid length.
[  378.141722][T13781] netlink: 'syz.5.2610': attribute type 13 has an invalid length.
[  378.584512][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  378.591528][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  378.974478][T13808] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2622'.
[  378.985155][T13809] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2622'.
[  379.007405][T13781] bridge0: port 3(dummy0) entered disabled state
[  379.014040][T13781] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.021807][T13781] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.074538][T13814] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2623'.
[  379.306881][T13817] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2624'.
[  379.402706][T13821] xt_socket: unknown flags 0x20
[  379.517234][T13781] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  379.523874][T13824] netlink: 'syz.3.2626': attribute type 21 has an invalid length.
[  379.534740][T13824] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2626'.
[  379.574173][T13781] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.077333][   T44] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.107404][   T44] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.188556][   T44] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.222265][   T44] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.470468][T13845] netlink: 184 bytes leftover after parsing attributes in process `syz.4.2633'.
[  380.628186][T13850] netlink: 'syz.5.2635': attribute type 10 has an invalid length.
[  380.668380][T13850] .a: (slave netdevsim0): Enslaving as an active interface with an up link
[  380.731350][ T5833] Bluetooth: hci1: ACL packet too small
[  380.751165][T13855] netlink: 'syz.3.2636': attribute type 10 has an invalid length.
[  380.765513][T13855] team0: Device ipvlan1 failed to register rx_handler
[  380.891056][T13860] netlink: 182 bytes leftover after parsing attributes in process `syz.4.2637'.
[  382.263905][T13908] __nla_validate_parse: 4 callbacks suppressed
[  382.263936][T13908] netlink: 182 bytes leftover after parsing attributes in process `syz.5.2653'.
[  382.415487][T13914] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2656'.
[  382.593980][T13923] netlink: 16399 bytes leftover after parsing attributes in process `syz.4.2660'.
[  382.870047][T13933] netlink: 184 bytes leftover after parsing attributes in process `syz.3.2664'.
[  383.408048][T13949] netlink: 182 bytes leftover after parsing attributes in process `syz.5.2669'.
[  383.778229][T13970] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2676'.
[  385.537924][T13986] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2681'.
[  386.150920][T14016] netlink: 'syz.5.2689': attribute type 10 has an invalid length.
[  386.174178][T14016] .a: (slave bridge0): Enslaving as an active interface with an up link
[  386.215694][T14006] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2684'.
[  386.782492][T14054] netlink: 19 bytes leftover after parsing attributes in process `syz.5.2703'.
[  386.862287][T14052] netlink: 182 bytes leftover after parsing attributes in process `syz.3.2702'.
[  387.294912][T14086] openvswitch: netlink: Port -1 exceeds max allowable 65535
[  387.732048][T14113] netlink: 'syz.5.2726': attribute type 4 has an invalid length.
[  387.749689][T14113] netlink: 'syz.5.2726': attribute type 13 has an invalid length.
[  387.781798][T14115] __nla_validate_parse: 2 callbacks suppressed
[  387.781815][T14115] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2727'.
[  387.812278][T14117] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  388.425160][T14159] netlink: 'syz.4.2741': attribute type 10 has an invalid length.
[  389.309628][T14171] -1: renamed from syzkaller0
[  390.390372][T14179] FAULT_INJECTION: forcing a failure.
[  390.390372][T14179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.436120][T14179] CPU: 1 UID: 0 PID: 14179 Comm: syz.5.2748 Not tainted syzkaller #0 PREEMPT(full) 
[  390.436147][T14179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  390.436163][T14179] Call Trace:
[  390.436170][T14179]  <TASK>
[  390.436178][T14179]  dump_stack_lvl+0x189/0x250
[  390.436207][T14179]  ? __pfx____ratelimit+0x10/0x10
[  390.436231][T14179]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.436260][T14179]  ? __pfx__printk+0x10/0x10
[  390.436279][T14179]  ? __might_fault+0xb0/0x130
[  390.436307][T14179]  ? __might_fault+0xb0/0x130
[  390.436338][T14179]  should_fail_ex+0x414/0x560
[  390.436371][T14179]  _copy_from_user+0x2d/0xb0
[  390.436395][T14179]  __sys_bpf+0x1e3/0x860
[  390.436417][T14179]  ? __pfx___sys_bpf+0x10/0x10
[  390.436453][T14179]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  390.436471][T14179]  ? ksys_write+0x22a/0x250
[  390.436499][T14179]  ? __pfx_ksys_write+0x10/0x10
[  390.436534][T14179]  __x64_sys_bpf+0x7c/0x90
[  390.436559][T14179]  do_syscall_64+0xfa/0xfa0
[  390.436581][T14179]  ? lockdep_hardirqs_on+0x9c/0x150
[  390.436603][T14179]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.436620][T14179]  ? clear_bhb_loop+0x60/0xb0
[  390.436642][T14179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.436664][T14179] RIP: 0033:0x7f3e8418efc9
[  390.436681][T14179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.436695][T14179] RSP: 002b:00007f3e850b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  390.436715][T14179] RAX: ffffffffffffffda RBX: 00007f3e843e5fa0 RCX: 00007f3e8418efc9
[  390.436728][T14179] RDX: 0000000000000050 RSI: 0000200000000440 RDI: 000000000000000a
[  390.436739][T14179] RBP: 00007f3e850b9090 R08: 0000000000000000 R09: 0000000000000000
[  390.436749][T14179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.436760][T14179] R13: 00007f3e843e6038 R14: 00007f3e843e5fa0 R15: 00007ffde2efad98
[  390.436796][T14179]  </TASK>
[  392.007264][T14203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2755'.
[  392.035478][T14201] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2754'.
[  392.728682][   T30] audit: type=1107 audit(1761647976.133:8): pid=14217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='�kn�ǕdA��9Ԗ>�SA�ό��KgO�?L�P��ۋ��ĩ���������&�~�|�eG<�D��QH��������=�>�<��j2����]"�mޘ�b�;�!i��T���\/Zf�����[��c�����\m1���NMc��,�"��q�t<x$�:����1���)9j�\����{�&��Y8�*%��[~D��^n�����4&�U1�|%Kj��9Jo�-�{��2��7�����6�(��z���C�a]�U��_}���/܋��^vպ!º=(i��I�*x
��=�bV�5�cN��b�r�D�W�m��ʹ<�Z
��7�u�5��{@7��&�g`���DQ:X
[  392.728682][   T30] �<�:�4W�$��!���z�&�'
[  392.851537][T14216] netlink: 'syz.3.2759': attribute type 11 has an invalid length.
[  392.972562][T14222] netlink: 'syz.4.2761': attribute type 1 has an invalid length.
[  393.264472][T14216] syz.3.2759 (14216) used greatest stack depth: 18664 bytes left
[  393.394016][T14241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2767'.
[  393.895917][T14250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2770'.
[  394.273320][T14268] FAULT_INJECTION: forcing a failure.
[  394.273320][T14268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  394.288971][T14268] CPU: 0 UID: 0 PID: 14268 Comm: syz.1.2774 Not tainted syzkaller #0 PREEMPT(full) 
[  394.288996][T14268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  394.289007][T14268] Call Trace:
[  394.289014][T14268]  <TASK>
[  394.289021][T14268]  dump_stack_lvl+0x189/0x250
[  394.289050][T14268]  ? __pfx____ratelimit+0x10/0x10
[  394.289073][T14268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  394.289096][T14268]  ? __pfx__printk+0x10/0x10
[  394.289115][T14268]  ? __might_fault+0xb0/0x130
[  394.289151][T14268]  should_fail_ex+0x414/0x560
[  394.289189][T14268]  _copy_from_user+0x2d/0xb0
[  394.289211][T14268]  kstrtouint_from_user+0xc4/0x170
[  394.289233][T14268]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  394.289271][T14268]  proc_fail_nth_write+0x88/0x200
[  394.289293][T14268]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  394.289322][T14268]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  394.289346][T14268]  vfs_write+0x27e/0xb30
[  394.289380][T14268]  ? __pfx_vfs_write+0x10/0x10
[  394.289406][T14268]  ? __fget_files+0x2a/0x420
[  394.289428][T14268]  ? __fget_files+0x3a0/0x420
[  394.289443][T14268]  ? __fget_files+0x2a/0x420
[  394.289468][T14268]  ksys_write+0x145/0x250
[  394.289492][T14268]  ? __pfx_ksys_write+0x10/0x10
[  394.289517][T14268]  ? do_syscall_64+0xbe/0xfa0
[  394.289540][T14268]  do_syscall_64+0xfa/0xfa0
[  394.289556][T14268]  ? lockdep_hardirqs_on+0x9c/0x150
[  394.289574][T14268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.289588][T14268]  ? clear_bhb_loop+0x60/0xb0
[  394.289604][T14268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.289617][T14268] RIP: 0033:0x7f878818da7f
[  394.289630][T14268] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  394.289642][T14268] RSP: 002b:00007f8789004030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  394.289658][T14268] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f878818da7f
[  394.289668][T14268] RDX: 0000000000000001 RSI: 00007f87890040a0 RDI: 0000000000000004
[  394.289676][T14268] RBP: 00007f8789004090 R08: 0000000000000000 R09: 0000000000000000
[  394.289685][T14268] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  394.289693][T14268] R13: 00007f87883e6038 R14: 00007f87883e5fa0 R15: 00007ffe8ed441e8
[  394.289718][T14268]  </TASK>
[  394.529048][T14272] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2775'.
[  394.539760][T14272] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2775'.
[  394.586659][T14276] netlink: 184 bytes leftover after parsing attributes in process `syz.1.2777'.
[  394.646996][T14278] netlink: 182 bytes leftover after parsing attributes in process `syz.5.2778'.
[  394.878687][T14287] FAULT_INJECTION: forcing a failure.
[  394.878687][T14287] name failslab, interval 1, probability 0, space 0, times 0
[  394.897463][T14287] CPU: 0 UID: 0 PID: 14287 Comm: syz.0.2781 Not tainted syzkaller #0 PREEMPT(full) 
[  394.897488][T14287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  394.897499][T14287] Call Trace:
[  394.897507][T14287]  <TASK>
[  394.897515][T14287]  dump_stack_lvl+0x189/0x250
[  394.897544][T14287]  ? __pfx____ratelimit+0x10/0x10
[  394.897567][T14287]  ? __pfx_dump_stack_lvl+0x10/0x10
[  394.897591][T14287]  ? __pfx__printk+0x10/0x10
[  394.897614][T14287]  ? __pfx___might_resched+0x10/0x10
[  394.897633][T14287]  ? fs_reclaim_acquire+0x7d/0x100
[  394.897656][T14287]  should_fail_ex+0x414/0x560
[  394.897690][T14287]  should_failslab+0xa8/0x100
[  394.897712][T14287]  __kmalloc_noprof+0xcb/0x7f0
[  394.897735][T14287]  ? bpf_test_init+0x9f/0x150
[  394.897769][T14287]  bpf_test_init+0x9f/0x150
[  394.897807][T14287]  bpf_prog_test_run_flow_dissector+0x1e1/0x5c0
[  394.897843][T14287]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[  394.897867][T14287]  ? __fget_files+0x2a/0x420
[  394.897890][T14287]  ? __fget_files+0x2a/0x420
[  394.897906][T14287]  ? __fget_files+0x3a0/0x420
[  394.897922][T14287]  ? __fget_files+0x2a/0x420
[  394.897947][T14287]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[  394.897968][T14287]  bpf_prog_test_run+0x2c7/0x340
[  394.897993][T14287]  __sys_bpf+0x562/0x860
[  394.898013][T14287]  ? __pfx___sys_bpf+0x10/0x10
[  394.898050][T14287]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  394.898067][T14287]  ? ksys_write+0x22a/0x250
[  394.898096][T14287]  ? __pfx_ksys_write+0x10/0x10
[  394.898128][T14287]  __x64_sys_bpf+0x7c/0x90
[  394.898155][T14287]  do_syscall_64+0xfa/0xfa0
[  394.898176][T14287]  ? lockdep_hardirqs_on+0x9c/0x150
[  394.898200][T14287]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.898218][T14287]  ? clear_bhb_loop+0x60/0xb0
[  394.898240][T14287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.898257][T14287] RIP: 0033:0x7f8d9d78efc9
[  394.898275][T14287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.898290][T14287] RSP: 002b:00007f8d9e5dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  394.898309][T14287] RAX: ffffffffffffffda RBX: 00007f8d9d9e6090 RCX: 00007f8d9d78efc9
[  394.898323][T14287] RDX: 0000000000000050 RSI: 0000200000000440 RDI: 000000000000000a
[  394.898335][T14287] RBP: 00007f8d9e5dc090 R08: 0000000000000000 R09: 0000000000000000
[  394.898346][T14287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  394.898356][T14287] R13: 00007f8d9d9e6128 R14: 00007f8d9d9e6090 R15: 00007ffe081ea488
[  394.898393][T14287]  </TASK>
[  395.424479][T14294] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2782'.
[  396.032145][T14308] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2788'.
[  396.308201][T14309] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2788'.
[  396.613512][T14319] netlink: 182 bytes leftover after parsing attributes in process `syz.0.2792'.
[  398.435693][T14348] netlink: 'syz.1.2799': attribute type 33 has an invalid length.
[  398.499911][T14348] __nla_validate_parse: 1 callbacks suppressed
[  398.499929][T14348] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2799'.
[  398.726449][T14355] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2802'.
[  399.013877][T14362] netlink: 236 bytes leftover after parsing attributes in process `syz.1.2804'.
[  399.095402][T14362] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2804'.
[  399.151969][T14363] netlink: 182 bytes leftover after parsing attributes in process `syz.4.2805'.
[  400.112650][T14377] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2809'.
[  400.997767][T14397] netlink: 'syz.5.2814': attribute type 17 has an invalid length.
[  401.005631][T14397] netlink: 148 bytes leftover after parsing attributes in process `syz.5.2814'.
[  401.229684][T14401] netlink: 'syz.5.2814': attribute type 10 has an invalid length.
[  401.322062][T14401] .a: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  403.972517][T14449] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  404.373443][T14457] netlink: 'syz.1.2832': attribute type 10 has an invalid length.
[  404.402321][T14457] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2832'.
[  404.879487][T14465] netlink: 'syz.3.2835': attribute type 1 has an invalid length.
[  404.961272][T14465] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2835'.
[  405.164917][T14468] FAULT_INJECTION: forcing a failure.
[  405.164917][T14468] name failslab, interval 1, probability 0, space 0, times 0
[  405.247340][T14468] CPU: 1 UID: 0 PID: 14468 Comm: syz.0.2836 Not tainted syzkaller #0 PREEMPT(full) 
[  405.247367][T14468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  405.247379][T14468] Call Trace:
[  405.247390][T14468]  <TASK>
[  405.247401][T14468]  dump_stack_lvl+0x189/0x250
[  405.247439][T14468]  ? __pfx____ratelimit+0x10/0x10
[  405.247471][T14468]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.247502][T14468]  ? __pfx__printk+0x10/0x10
[  405.247558][T14468]  ? __pfx___might_resched+0x10/0x10
[  405.247604][T14468]  should_fail_ex+0x414/0x560
[  405.247663][T14468]  should_failslab+0xa8/0x100
[  405.247696][T14468]  kmem_cache_alloc_node_noprof+0x77/0x710
[  405.247732][T14468]  ? __alloc_skb+0x112/0x2d0
[  405.247783][T14468]  __alloc_skb+0x112/0x2d0
[  405.247827][T14468]  netlink_ack+0x146/0xa50
[  405.247853][T14468]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  405.247898][T14468]  ? perf_trace_lock_acquire+0x335/0x410
[  405.247979][T14468]  netlink_rcv_skb+0x28c/0x470
[  405.248004][T14468]  ? __lock_acquire+0xab9/0xd20
[  405.248042][T14468]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  405.248083][T14468]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  405.248169][T14468]  ? netlink_deliver_tap+0x2e/0x1b0
[  405.248231][T14468]  netlink_unicast+0x82f/0x9e0
[  405.248303][T14468]  ? __pfx_netlink_unicast+0x10/0x10
[  405.248346][T14468]  ? netlink_sendmsg+0x642/0xb30
[  405.248362][T14468]  ? skb_put+0x11b/0x210
[  405.248405][T14468]  netlink_sendmsg+0x805/0xb30
[  405.248473][T14468]  ? __pfx_netlink_sendmsg+0x10/0x10
[  405.248513][T14468]  ? aa_sock_msg_perm+0xf1/0x1d0
[  405.248555][T14468]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  405.248577][T14468]  ? __pfx_netlink_sendmsg+0x10/0x10
[  405.248607][T14468]  __sock_sendmsg+0x21c/0x270
[  405.248655][T14468]  ____sys_sendmsg+0x505/0x830
[  405.248711][T14468]  ? __pfx_____sys_sendmsg+0x10/0x10
[  405.248842][T14468]  ? import_iovec+0x74/0xa0
[  405.248898][T14468]  ___sys_sendmsg+0x21f/0x2a0
[  405.248938][T14468]  ? __pfx____sys_sendmsg+0x10/0x10
[  405.249138][T14468]  ? __fget_files+0x2a/0x420
[  405.249159][T14468]  ? __fget_files+0x3a0/0x420
[  405.249233][T14468]  __x64_sys_sendmsg+0x19b/0x260
[  405.249275][T14468]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  405.249347][T14468]  ? __pfx_ksys_write+0x10/0x10
[  405.249400][T14468]  ? do_syscall_64+0xbe/0xfa0
[  405.249451][T14468]  do_syscall_64+0xfa/0xfa0
[  405.249476][T14468]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.249504][T14468]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.249525][T14468]  ? clear_bhb_loop+0x60/0xb0
[  405.249565][T14468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.249584][T14468] RIP: 0033:0x7f8d9d78efc9
[  405.249607][T14468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.249623][T14468] RSP: 002b:00007f8d9e5fd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  405.249642][T14468] RAX: ffffffffffffffda RBX: 00007f8d9d9e5fa0 RCX: 00007f8d9d78efc9
[  405.249656][T14468] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  405.249668][T14468] RBP: 00007f8d9e5fd090 R08: 0000000000000000 R09: 0000000000000000
[  405.249680][T14468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.249690][T14468] R13: 00007f8d9d9e6038 R14: 00007f8d9d9e5fa0 R15: 00007ffe081ea488
[  405.249800][T14468]  </TASK>
[  405.860137][T14470] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2837'.
[  406.161961][T14470] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2837'.
[  406.327724][T14470] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2837'.
[  406.476201][T14470] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2837'.
[  407.444738][T14493] netlink: 1030 bytes leftover after parsing attributes in process `syz.4.2845'.
[  407.488123][T14496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2846'.
[  408.276823][T14493] netlink: 'syz.4.2845': attribute type 12 has an invalid length.
[  408.284893][T14493] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2845'.
[  408.400155][T14493] netlink: 'syz.4.2845': attribute type 1 has an invalid length.
[  408.425854][T14505] netlink: 'syz.3.2849': attribute type 10 has an invalid length.
[  408.437013][T14503] netlink: 172 bytes leftover after parsing attributes in process `syz.0.2848'.
[  408.449328][T14493] netlink: 'syz.4.2845': attribute type 2 has an invalid length.
[  408.585174][ T5833] Bluetooth: hci3: ISO packet for unknown connection handle 3851
[  409.917054][T14526] netlink: 184 bytes leftover after parsing attributes in process `syz.0.2852'.
[  410.553658][T14540] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2857'.
[  411.822940][T14563] netlink: 'syz.1.2864': attribute type 13 has an invalid length.
[  412.487865][T14578] netlink: 'syz.5.2868': attribute type 1 has an invalid length.
[  412.977037][T14582] netlink: 182 bytes leftover after parsing attributes in process `syz.1.2870'.
[  413.154425][T14583] netlink: 184 bytes leftover after parsing attributes in process `syz.3.2869'.
[  413.758321][T14602] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2876'.
[  414.119335][T14604] netlink: 'syz.4.2877': attribute type 21 has an invalid length.
[  414.156410][T14604] netlink: 100 bytes leftover after parsing attributes in process `syz.4.2877'.
[  414.294867][T14606] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2879'.
[  414.515663][T14608] netlink: 'syz.5.2878': attribute type 6 has an invalid length.
[  414.549984][T14608] netlink: 168 bytes leftover after parsing attributes in process `syz.5.2878'.
[  414.586096][T14611] netlink: 'syz.3.2880': attribute type 13 has an invalid length.
[  414.988313][T14624] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2883'.
[  415.050316][T14619] wlan1 speed is unknown, defaulting to 1000
[  415.249750][T14632] netlink: 'syz.4.2886': attribute type 4 has an invalid length.
[  415.529238][T14637] netlink: 212940 bytes leftover after parsing attributes in process `syz.4.2887'.
[  416.488762][ T5825] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  416.497959][ T5825] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  416.505761][ T5825] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  416.513995][ T5825] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  416.523625][ T5825] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  416.815739][T14652] wlan1 speed is unknown, defaulting to 1000
[  417.555346][T14652] chnl_net:caif_netlink_parms(): no params data found
[  417.900366][T14652] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.908036][T14652] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.915308][T14652] bridge_slave_0: entered allmulticast mode
[  417.933968][T14652] bridge_slave_0: entered promiscuous mode
[  417.954090][T14652] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.969464][T14652] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.196250][T14652] bridge_slave_1: entered allmulticast mode
[  418.214399][T14652] bridge_slave_1: entered promiscuous mode
[  418.398538][T14688] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2900'.
[  418.568887][ T5833] Bluetooth: hci5: command tx timeout
[  418.606787][T14652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.624559][T14652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.700750][T14652] team0: Port device team_slave_0 added
[  418.719516][T14652] team0: Port device team_slave_1 added
[  418.823364][T14652] batman_adv: batadv0: Adding interface: batadv_slave_0
[  418.831344][T14652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  418.863108][T14652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  418.876817][T14652] batman_adv: batadv0: Adding interface: batadv_slave_1
[  418.883797][T14652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  418.914050][T14652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.013864][T14652] hsr_slave_0: entered promiscuous mode
[  419.022147][T14652] hsr_slave_1: entered promiscuous mode
[  419.028778][T14652] debugfs: 'hsr0' already exists in 'hsr'
[  419.044718][T14652] Cannot create hsr debugfs directory
[  419.968347][T14716] netlink: 88 bytes leftover after parsing attributes in process `syz.5.2911'.
[  420.648204][ T5833] Bluetooth: hci5: command tx timeout
[  421.636969][T14732] openvswitch: netlink: nsh attr 60 is out of range max 3
[  421.644287][T14732] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  422.726129][ T5833] Bluetooth: hci5: command tx timeout
[  424.806146][ T5825] Bluetooth: hci5: command tx timeout
[  424.823637][T14652] .a: (slave netdevsim0): Releasing backup interface
[  424.878613][T14744] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2921'.
[  424.914472][T14744] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2921'.
[  425.200394][T14652] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  425.220833][T14652] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  425.258169][T14652] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  425.279471][T14652] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  425.405419][T14652] 8021q: adding VLAN 0 to HW filter on device bond0
[  425.446484][T14652] 8021q: adding VLAN 0 to HW filter on device team0
[  425.471225][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.478486][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[  425.525491][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.532751][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[  425.741433][T14777] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2928'.
[  425.760609][T14777] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2928'.
[  425.792098][T14777] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2928'.
[  425.965628][T14652] 8021q: adding VLAN 0 to HW filter on device batadv0
[  425.977694][T14790] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2930'.
[  426.058077][T14652] veth0_vlan: entered promiscuous mode
[  426.077917][T14652] veth1_vlan: entered promiscuous mode
[  426.149236][T14652] veth0_macvtap: entered promiscuous mode
[  426.161005][T14652] veth1_macvtap: entered promiscuous mode
[  426.187789][T14652] batman_adv: batadv0: Interface activated: batadv_slave_0
[  426.213408][T14652] batman_adv: batadv0: Interface activated: batadv_slave_1
[  426.224045][T14797] FAULT_INJECTION: forcing a failure.
[  426.224045][T14797] name failslab, interval 1, probability 0, space 0, times 0
[  426.258280][ T1116] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  426.267267][T14797] CPU: 0 UID: 0 PID: 14797 Comm: syz.5.2936 Not tainted syzkaller #0 PREEMPT(full) 
[  426.267289][T14797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  426.267299][T14797] Call Trace:
[  426.267308][T14797]  <TASK>
[  426.267317][T14797]  dump_stack_lvl+0x189/0x250
[  426.267349][T14797]  ? __pfx____ratelimit+0x10/0x10
[  426.267376][T14797]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.267402][T14797]  ? __pfx__printk+0x10/0x10
[  426.267440][T14797]  ? __pfx___might_resched+0x10/0x10
[  426.267456][T14797]  ? fs_reclaim_acquire+0x7d/0x100
[  426.267488][T14797]  should_fail_ex+0x414/0x560
[  426.267533][T14797]  should_failslab+0xa8/0x100
[  426.267560][T14797]  __kmalloc_noprof+0xcb/0x7f0
[  426.267585][T14797]  ? ethnl_default_start+0x13d/0x3f0
[  426.267608][T14797]  ? __kasan_kmalloc+0x93/0xb0
[  426.267636][T14797]  ethnl_default_start+0x13d/0x3f0
[  426.267676][T14797]  genl_start+0x4c3/0x6c0
[  426.267727][T14797]  __netlink_dump_start+0x469/0x7e0
[  426.267783][T14797]  genl_family_rcv_msg_dumpit+0x1e7/0x2c0
[  426.267819][T14797]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  426.267839][T14797]  ? genl_get_cmd+0x67f/0x910
[  426.267887][T14797]  ? __pfx_genl_start+0x10/0x10
[  426.267906][T14797]  ? __pfx_genl_dumpit+0x10/0x10
[  426.267923][T14797]  ? __pfx_genl_done+0x10/0x10
[  426.267961][T14797]  ? perf_trace_lock_acquire+0x335/0x410
[  426.268009][T14797]  genl_rcv_msg+0x5da/0x790
[  426.268050][T14797]  ? __pfx_genl_rcv_msg+0x10/0x10
[  426.268068][T14797]  ? __pfx_ethnl_default_start+0x10/0x10
[  426.268083][T14797]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  426.268098][T14797]  ? __pfx_ethnl_default_done+0x10/0x10
[  426.268118][T14797]  ? perf_trace_lock_acquire+0x335/0x410
[  426.268171][T14797]  netlink_rcv_skb+0x208/0x470
[  426.268195][T14797]  ? __lock_acquire+0xab9/0xd20
[  426.268218][T14797]  ? __pfx_genl_rcv_msg+0x10/0x10
[  426.268249][T14797]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  426.268339][T14797]  ? down_read+0x1ad/0x2e0
[  426.268376][T14797]  genl_rcv+0x28/0x40
[  426.268398][T14797]  netlink_unicast+0x82f/0x9e0
[  426.268455][T14797]  ? __pfx_netlink_unicast+0x10/0x10
[  426.268490][T14797]  ? netlink_sendmsg+0x642/0xb30
[  426.268506][T14797]  ? skb_put+0x11b/0x210
[  426.268541][T14797]  netlink_sendmsg+0x805/0xb30
[  426.268592][T14797]  ? __pfx_netlink_sendmsg+0x10/0x10
[  426.268623][T14797]  ? aa_sock_msg_perm+0xf1/0x1d0
[  426.268659][T14797]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  426.268679][T14797]  ? __pfx_netlink_sendmsg+0x10/0x10
[  426.268704][T14797]  __sock_sendmsg+0x21c/0x270
[  426.268743][T14797]  ____sys_sendmsg+0x505/0x830
[  426.268783][T14797]  ? __pfx_____sys_sendmsg+0x10/0x10
[  426.268835][T14797]  ? import_iovec+0x74/0xa0
[  426.268880][T14797]  ___sys_sendmsg+0x21f/0x2a0
[  426.268912][T14797]  ? __pfx____sys_sendmsg+0x10/0x10
[  426.269004][T14797]  ? __fget_files+0x2a/0x420
[  426.269065][T14797]  ? __fget_files+0x2a/0x420
[  426.269083][T14797]  ? __fget_files+0x3a0/0x420
[  426.269139][T14797]  __x64_sys_sendmsg+0x19b/0x260
[  426.269172][T14797]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  426.269189][T14797]  ? perf_trace_preemptirq_template+0xa3/0x340
[  426.269241][T14797]  ? __pfx_ksys_write+0x10/0x10
[  426.269282][T14797]  ? do_syscall_64+0xbe/0xfa0
[  426.269320][T14797]  do_syscall_64+0xfa/0xfa0
[  426.269342][T14797]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.269368][T14797]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.269387][T14797]  ? clear_bhb_loop+0x60/0xb0
[  426.269419][T14797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.269437][T14797] RIP: 0033:0x7f3e8418efc9
[  426.269464][T14797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.269479][T14797] RSP: 002b:00007f3e850b9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  426.269498][T14797] RAX: ffffffffffffffda RBX: 00007f3e843e5fa0 RCX: 00007f3e8418efc9
[  426.269512][T14797] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000004
[  426.269523][T14797] RBP: 00007f3e850b9090 R08: 0000000000000000 R09: 0000000000000000
[  426.269535][T14797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  426.269546][T14797] R13: 00007f3e843e6038 R14: 00007f3e843e5fa0 R15: 00007ffde2efad98
[  426.269617][T14797]  </TASK>
[  426.285139][ T1116] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  426.701278][ T1116] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  426.728280][ T5825] Bluetooth: hci0: command 0x0406 tx timeout
[  426.773234][ T1116] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  426.880477][ T9297] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.902093][ T9297] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  426.935142][ T9294] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.956602][ T9294] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  427.269975][T14819] netlink: 'syz.1.2885': attribute type 17 has an invalid length.
[  427.325080][T14819] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2885'.
[  427.593099][T14832] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2941'.
[  427.704337][T14837] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2943'.
[  428.018037][T14842] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2944'.
[  428.492911][ T5825] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  428.502892][ T5825] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  428.511744][ T5825] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  428.520899][ T5825] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  428.532659][ T5825] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  428.630662][T14850] wlan1 speed is unknown, defaulting to 1000
[  428.947415][T14850] chnl_net:caif_netlink_parms(): no params data found
[  429.234716][T14850] bridge0: port 1(bridge_slave_0) entered blocking state
[  429.242282][T14850] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.250074][T14850] bridge_slave_0: entered allmulticast mode
[  429.258375][T14850] bridge_slave_0: entered promiscuous mode
[  429.268533][T14850] bridge0: port 2(bridge_slave_1) entered blocking state
[  429.275748][T14850] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.283529][T14850] bridge_slave_1: entered allmulticast mode
[  429.292148][T14850] bridge_slave_1: entered promiscuous mode
[  429.412705][T14850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  429.433855][T14850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  429.545057][T14850] team0: Port device team_slave_0 added
[  429.589432][T14850] team0: Port device team_slave_1 added
[  429.672137][T14850] batman_adv: batadv0: Adding interface: batadv_slave_0
[  429.692621][T14850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  429.742197][T14850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  429.755424][T14850] batman_adv: batadv0: Adding interface: batadv_slave_1
[  429.762616][T14850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  429.791465][T14850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  429.986496][ T5833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  429.995410][ T5833] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  430.004396][ T5833] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  430.031016][T14850] hsr_slave_0: entered promiscuous mode
[  430.046227][ T5833] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  430.054358][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  430.055637][T14850] hsr_slave_1: entered promiscuous mode
[  430.095657][T14850] debugfs: 'hsr0' already exists in 'hsr'
[  430.116463][T14850] Cannot create hsr debugfs directory
[  430.243711][T14893] wlan1 speed is unknown, defaulting to 1000
[  430.364132][T14906] netlink: 'syz.5.2965': attribute type 4 has an invalid length.
[  430.384709][T14906] __nla_validate_parse: 2 callbacks suppressed
[  430.384727][T14906] netlink: 152 bytes leftover after parsing attributes in process `syz.5.2965'.
[  430.566132][ T5825] Bluetooth: hci1: command tx timeout
[  430.672580][T14893] chnl_net:caif_netlink_parms(): no params data found
[  430.694041][T14918] netlink: 19 bytes leftover after parsing attributes in process `syz.4.2969'.
[  432.167273][ T5825] Bluetooth: hci3: command tx timeout
[  432.522982][T14893] bridge0: port 1(bridge_slave_0) entered blocking state
[  432.530637][T14893] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.539103][T14893] bridge_slave_0: entered allmulticast mode
[  432.558767][T14893] bridge_slave_0: entered promiscuous mode
[  432.580834][T14893] bridge0: port 2(bridge_slave_1) entered blocking state
[  432.588167][T14893] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.595794][T14893] bridge_slave_1: entered allmulticast mode
[  432.607579][T14893] bridge_slave_1: entered promiscuous mode
[  432.656181][ T5825] Bluetooth: hci1: command tx timeout
[  432.715904][T14893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  432.749958][T14893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  432.879875][T14893] team0: Port device team_slave_0 added
[  432.890543][T14893] team0: Port device team_slave_1 added
[  432.940072][T14850] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  433.076733][T14850] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  433.100410][T14850] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  433.133855][T14850] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  433.173686][T14893] batman_adv: batadv0: Adding interface: batadv_slave_0
[  433.186083][T14893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  433.217540][T14893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  433.399493][T14893] batman_adv: batadv0: Adding interface: batadv_slave_1
[  433.407447][T14893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  433.434478][T14893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  433.599672][T14968] IPv6: NLM_F_CREATE should be specified when creating new route
[  434.109771][T14981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2983'.
[  434.248332][ T5825] Bluetooth: hci3: command tx timeout
[  434.265093][T14981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2983'.
[  434.741804][ T5825] Bluetooth: hci1: command tx timeout
[  435.889814][T14990] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2987'.
[  435.899744][T14990] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  435.924974][T14893] hsr_slave_0: entered promiscuous mode
[  435.947324][T14893] hsr_slave_1: entered promiscuous mode
[  435.961558][T14893] debugfs: 'hsr0' already exists in 'hsr'
[  435.975067][T14893] Cannot create hsr debugfs directory
[  436.195750][T15001] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  436.326095][ T5825] Bluetooth: hci3: command tx timeout
[  436.355020][T14850] 8021q: adding VLAN 0 to HW filter on device bond0
[  436.470271][T14850] 8021q: adding VLAN 0 to HW filter on device team0
[  436.563964][ T9290] bridge0: port 1(bridge_slave_0) entered blocking state
[  436.571174][ T9290] bridge0: port 1(bridge_slave_0) entered forwarding state
[  436.609239][ T9290] bridge0: port 2(bridge_slave_1) entered blocking state
[  436.616428][ T9290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  436.796645][T14893] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  436.806515][ T5825] Bluetooth: hci1: command tx timeout
[  436.841217][T14893] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  436.870700][T14893] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  436.905285][T14893] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  437.084202][T14893] 8021q: adding VLAN 0 to HW filter on device bond0
[  437.122430][T14893] 8021q: adding VLAN 0 to HW filter on device team0
[  437.166477][T15030] netlink: 182 bytes leftover after parsing attributes in process `syz.5.3000'.
[  437.188092][ T9294] bridge0: port 1(bridge_slave_0) entered blocking state
[  437.195264][ T9294] bridge0: port 1(bridge_slave_0) entered forwarding state
[  437.231188][ T9294] bridge0: port 2(bridge_slave_1) entered blocking state
[  437.238414][ T9294] bridge0: port 2(bridge_slave_1) entered forwarding state
[  437.260555][T15031] netlink: 184 bytes leftover after parsing attributes in process `syz.1.2999'.
[  437.425548][T14850] 8021q: adding VLAN 0 to HW filter on device batadv0
[  437.569461][T14850] veth0_vlan: entered promiscuous mode
[  437.600361][T14850] veth1_vlan: entered promiscuous mode
[  437.680272][T14850] veth0_macvtap: entered promiscuous mode
[  437.801013][T14850] veth1_macvtap: entered promiscuous mode
[  437.856543][T14850] batman_adv: batadv0: Interface activated: batadv_slave_0
[  437.879937][T14850] batman_adv: batadv0: Interface activated: batadv_slave_1
[  437.898927][T15055] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3007'.
[  437.909770][T14893] 8021q: adding VLAN 0 to HW filter on device batadv0
[  437.922053][T15055] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3007'.
[  437.938674][ T9294] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  437.964871][ T9294] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  437.983530][ T9294] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  438.016173][ T9294] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  438.137987][T15063] netlink: 182 bytes leftover after parsing attributes in process `syz.4.3010'.
[  438.290932][   T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  438.318389][   T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  438.410802][ T5825] Bluetooth: hci3: command tx timeout
[  438.435902][ T9295] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  438.461380][ T9295] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  438.521588][T15077] netlink: 'syz.5.3014': attribute type 4 has an invalid length.
[  438.531887][T15077] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3014'.
[  438.668235][T14893] veth0_vlan: entered promiscuous mode
[  438.688016][T14893] veth1_vlan: entered promiscuous mode
[  438.785196][T14893] veth0_macvtap: entered promiscuous mode
[  438.805054][T14893] veth1_macvtap: entered promiscuous mode
[  438.895559][ T5825] Bluetooth: hci0: unexpected event 0x0f length: 15 > 4
[  438.895620][ T5825] Bluetooth: hci0: unexpected event for opcode 0x0000
[  439.067326][T14893] batman_adv: batadv0: Interface activated: batadv_slave_0
[  439.124110][T14893] batman_adv: batadv0: Interface activated: batadv_slave_1
[  439.152288][ T1116] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  439.173317][ T1116] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  439.192596][ T1116] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  439.241828][ T1116] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  439.652988][ T9290] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  439.685662][ T9290] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  439.812549][   T44] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  439.822401][   T44] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  440.016328][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  440.023956][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  440.256994][T15111] netlink: 'syz.5.3026': attribute type 10 has an invalid length.
[  443.076997][ T5833] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  443.101331][ T5833] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  443.111046][ T5833] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  443.121541][ T5833] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  443.130810][ T5833] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  443.219016][T15126] wlan1 speed is unknown, defaulting to 1000
[  443.653155][T15144] netlink: 'syz.6.3035': attribute type 21 has an invalid length.
[  443.958854][T15126] chnl_net:caif_netlink_parms(): no params data found
[  444.284493][T15157] netlink: 182 bytes leftover after parsing attributes in process `syz.1.3038'.
[  444.394714][T15158] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3037'.
[  444.421644][T15126] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.437250][T15126] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.457302][T15126] bridge_slave_0: entered allmulticast mode
[  444.476173][T15126] bridge_slave_0: entered promiscuous mode
[  444.486942][T15126] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.495428][T15126] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.520842][T15126] bridge_slave_1: entered allmulticast mode
[  444.541965][T15126] bridge_slave_1: entered promiscuous mode
[  444.765369][T15167] netlink: 'syz.5.3042': attribute type 10 has an invalid length.
[  444.785285][T15126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  444.820707][T15126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  445.080811][T15126] team0: Port device team_slave_0 added
[  445.092544][T15126] team0: Port device team_slave_1 added
[  445.161854][T15177] FAULT_INJECTION: forcing a failure.
[  445.161854][T15177] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  445.170712][T15126] batman_adv: batadv0: Adding interface: batadv_slave_0
[  445.178904][T15177] CPU: 0 UID: 0 PID: 15177 Comm: syz.6.3045 Not tainted syzkaller #0 PREEMPT(full) 
[  445.178929][T15177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  445.178939][T15177] Call Trace:
[  445.178947][T15177]  <TASK>
[  445.178955][T15177]  dump_stack_lvl+0x189/0x250
[  445.178983][T15177]  ? __pfx____ratelimit+0x10/0x10
[  445.179005][T15177]  ? __pfx_dump_stack_lvl+0x10/0x10
[  445.179028][T15177]  ? __pfx__printk+0x10/0x10
[  445.179047][T15177]  ? __might_fault+0xb0/0x130
[  445.179085][T15177]  should_fail_ex+0x414/0x560
[  445.179117][T15177]  _copy_from_user+0x2d/0xb0
[  445.179140][T15177]  __sys_bpf+0x1e3/0x860
[  445.179161][T15177]  ? __pfx___sys_bpf+0x10/0x10
[  445.179198][T15177]  ? ksys_write+0x22a/0x250
[  445.179225][T15177]  ? __pfx_ksys_write+0x10/0x10
[  445.179255][T15177]  __x64_sys_bpf+0x7c/0x90
[  445.179281][T15177]  do_syscall_64+0xfa/0xfa0
[  445.179304][T15177]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.179320][T15177]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  445.179337][T15177]  ? clear_bhb_loop+0x60/0xb0
[  445.179358][T15177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.179375][T15177] RIP: 0033:0x7f11a7d8efc9
[  445.179391][T15177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.179404][T15177] RSP: 002b:00007f11a8bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  445.179423][T15177] RAX: ffffffffffffffda RBX: 00007f11a7fe6090 RCX: 00007f11a7d8efc9
[  445.179436][T15177] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  445.179452][T15177] RBP: 00007f11a8bfe090 R08: 0000000000000000 R09: 0000000000000000
[  445.179462][T15177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.179473][T15177] R13: 00007f11a7fe6128 R14: 00007f11a7fe6090 R15: 00007ffd53c88378
[  445.179507][T15177]  </TASK>
[  445.206390][ T5825] Bluetooth: hci6: command tx timeout
[  445.211792][T15126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  445.410650][T15126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  445.425652][T15126] batman_adv: batadv0: Adding interface: batadv_slave_1
[  445.456242][T15126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  445.484769][T15126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  445.548456][T15179] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3046'.
[  445.611535][T15126] hsr_slave_0: entered promiscuous mode
[  445.630807][T15126] hsr_slave_1: entered promiscuous mode
[  445.687583][T15126] debugfs: 'hsr0' already exists in 'hsr'
[  445.693350][T15126] Cannot create hsr debugfs directory
[  445.706370][T15179] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3046'.
[  445.730507][T15179] netlink: 'syz.5.3046': attribute type 39 has an invalid length.
[  445.913270][T15189] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3049'.
[  446.306521][T15197] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3051'.
[  446.319158][T15194] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3051'.
[  446.371869][T15199] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3051'.
[  446.939736][T15126] .a: (slave netdevsim0): Releasing backup interface
[  447.244944][T15126] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  447.286461][ T5825] Bluetooth: hci6: command tx timeout
[  447.342684][ T5825] Bluetooth: hci3: ISO packet for unknown connection handle 2622
[  447.352573][T15126] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  447.405218][T15126] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  447.445833][T15126] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  447.603499][T15226] netlink: 172 bytes leftover after parsing attributes in process `syz.1.3062'.
[  447.733404][T15126] 8021q: adding VLAN 0 to HW filter on device bond0
[  447.790065][T15126] 8021q: adding VLAN 0 to HW filter on device team0
[  447.837846][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.844981][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[  447.915713][ T9290] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.922914][ T9290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  447.987341][T15241] netlink: 'syz.1.3065': attribute type 10 has an invalid length.
[  448.120467][T15241] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  448.780148][T15126] 8021q: adding VLAN 0 to HW filter on device batadv0
[  449.148058][T15268] netlink: 172 bytes leftover after parsing attributes in process `syz.5.3074'.
[  449.325047][T15279] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3079'.
[  449.337029][T15281] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3078'.
[  449.346816][T15279] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3079'.
[  449.366321][T15281] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3078'.
[  449.371534][ T5825] Bluetooth: hci6: command tx timeout
[  449.439839][T15126] veth0_vlan: entered promiscuous mode
[  449.629125][T15126] veth1_vlan: entered promiscuous mode
[  449.860780][T15288] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.3081'.
[  450.029606][T15126] veth0_macvtap: entered promiscuous mode
[  450.054562][T15126] veth1_macvtap: entered promiscuous mode
[  450.115080][T15126] batman_adv: batadv0: Interface activated: batadv_slave_0
[  450.209768][T15126] batman_adv: batadv0: Interface activated: batadv_slave_1
[  450.537914][T15289] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3081'.
[  450.547773][T15289] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  450.792798][ T9295] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.819658][ T9295] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.847355][ T9295] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.902928][T15297] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3083'.
[  450.937611][ T9295] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  450.963895][T15302] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3084'.
[  450.981377][T15297] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3083'.
[  451.446711][ T5825] Bluetooth: hci6: command tx timeout
[  451.454682][ T9294] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  451.483198][ T9294] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  451.650798][ T9297] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  451.690570][ T9297] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  451.908836][T15320] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3030'.
[  452.226118][   T13] unregister_netdevice: waiting for veth0_to_bridge to become free. Usage count = 3
[  452.238821][   T13] ref_tracker: netdev@ffff8880319ec618 has 1/1 users at
[  452.238821][   T13]      ib_device_set_netdev+0x31f/0x6d0
[  452.238821][   T13]      siw_newlink+0x40c/0xd70
[  452.238821][   T13]      nldev_newlink+0x4a5/0x5a0
[  452.238821][   T13]      rdma_nl_rcv+0x6ae/0x980
[  452.238821][   T13]      netlink_unicast+0x82f/0x9e0
[  452.238821][   T13]      netlink_sendmsg+0x805/0xb30
[  452.238821][   T13]      __sock_sendmsg+0x21c/0x270
[  452.238821][   T13]      ____sys_sendmsg+0x505/0x830
[  452.238821][   T13]      ___sys_sendmsg+0x21f/0x2a0
[  452.238821][   T13]      __x64_sys_sendmsg+0x19b/0x260
[  452.238821][   T13]      do_syscall_64+0xfa/0xfa0
[  452.238821][   T13]      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.238821][   T13] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  452.331164][T15329] syzkaller0: entered promiscuous mode
[  452.369159][T15329] syzkaller0: entered allmulticast mode
[  455.366470][   T31] INFO: task kworker/u8:13:9167 blocked for more than 143 seconds.
[  455.374395][   T31]       Not tainted syzkaller #0
[  455.379520][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  455.388261][   T31] task:kworker/u8:13   state:D stack:21072 pid:9167  tgid:9167  ppid:2      task_flags:0x4208060 flags:0x00080000
[  455.401755][   T31] Workqueue: ib-unreg-wq ib_unregister_work
[  455.407733][   T31] Call Trace:
[  455.411008][   T31]  <TASK>
[  455.413934][   T31]  __schedule+0x1798/0x4cc0
[  455.418492][   T31]  ? __pfx___schedule+0x10/0x10
[  455.423358][   T31]  ? schedule+0x91/0x360
[  455.427743][   T31]  ? schedule+0x91/0x360
[  455.431994][   T31]  schedule+0x165/0x360
[  455.436216][   T31]  schedule_timeout+0x9a/0x270
[  455.440983][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  455.446472][   T31]  ? wait_for_completion+0x2b7/0x5d0
[  455.451769][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  455.457081][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  455.462294][   T31]  ? wait_for_completion+0x267/0x5d0
[  455.467624][   T31]  wait_for_completion+0x2bf/0x5d0
[  455.472754][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  455.478507][   T31]  ? up_write+0x1c4/0x420
[  455.482843][   T31]  ? remove_client_context+0xc0/0x1e0
[  455.488274][   T31]  disable_device+0x1c6/0x320
[  455.492956][   T31]  ? __pfx_disable_device+0x10/0x10
[  455.498207][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  455.505095][   T31]  __ib_unregister_device+0x2cb/0x3f0
[  455.510541][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  455.515751][   T31]  ib_unregister_work+0x19/0x30
[  455.520676][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  455.526877][   T31]  process_scheduled_works+0xae1/0x17b0
[  455.532433][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  455.538461][   T31]  worker_thread+0x8a0/0xda0
[  455.543068][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  455.549442][   T31]  ? __kthread_parkme+0x7b/0x200
[  455.554477][   T31]  kthread+0x711/0x8a0
[  455.558608][   T31]  ? __pfx_worker_thread+0x10/0x10
[  455.563724][   T31]  ? __pfx_kthread+0x10/0x10
[  455.568344][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  455.573546][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  455.578915][   T31]  ? __pfx_kthread+0x10/0x10
[  455.583609][   T31]  ret_from_fork+0x4bc/0x870
[  455.588281][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  455.593399][   T31]  ? __switch_to_asm+0x39/0x70
[  455.598249][   T31]  ? __switch_to_asm+0x33/0x70
[  455.604175][   T31]  ? __pfx_kthread+0x10/0x10
[  455.608936][   T31]  ret_from_fork_asm+0x1a/0x30
[  455.613711][   T31]  </TASK>
[  455.616822][   T31] 
[  455.616822][   T31] Showing all locks held in the system:
[  455.624530][   T31] 4 locks held by kworker/u8:1/13:
[  455.629686][   T31]  #0: ffff88801aedf148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  455.640660][   T31]  #1: ffffc90000127ba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  455.651270][   T31]  #2: ffffffff8f2be1b0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820
[  455.660624][   T31]  #3: ffffffff8df42c40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  455.670639][   T31] 1 lock held by khungtaskd/31:
[  455.675485][   T31]  #0: ffffffff8df3d2e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  455.685430][   T31] 1 lock held by klogd/5186:
[  455.690326][   T31]  #0: ffff8880b883a058 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  455.700301][   T31] 2 locks held by getty/5582:
[  455.706242][   T31]  #0: ffff88814d29b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  455.716099][   T31]  #1: ffffc900036bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  455.726262][   T31] 3 locks held by kworker/u8:13/9167:
[  455.731617][   T31]  #0: ffff888144a8a148 ((wq_completion)ib-unreg-wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  455.743051][   T31]  #1: ffffc9000ba17ba0 ((work_completion)(&device->unregistration_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  455.756338][   T31]  #2: ffff888079220700 (&device->unregistration_lock){+.+.}-{4:4}, at: __ib_unregister_device+0x284/0x3f0
[  455.767788][   T31] 2 locks held by syz.0.2881/14619:
[  455.772975][   T31]  #0: ffffffff8f2be1b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  455.782409][   T31]  #1: ffff888079220700 (&device->unregistration_lock){+.+.}-{4:4}, at: rdma_dev_change_netns+0x39/0x300
[  455.793853][   T31] 
[  455.796304][   T31] =============================================
[  455.796304][   T31] 
[  455.804734][   T31] NMI backtrace for cpu 1
[  455.804749][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  455.804764][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  455.804773][   T31] Call Trace:
[  455.804779][   T31]  <TASK>
[  455.804784][   T31]  dump_stack_lvl+0x189/0x250
[  455.804809][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  455.804828][   T31]  ? __pfx__printk+0x10/0x10
[  455.804851][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  455.804868][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  455.804884][   T31]  ? __pfx__printk+0x10/0x10
[  455.804901][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  455.804923][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  455.804939][   T31]  watchdog+0xf60/0xfa0
[  455.804957][   T31]  ? watchdog+0x1e2/0xfa0
[  455.804974][   T31]  kthread+0x711/0x8a0
[  455.804994][   T31]  ? __pfx_watchdog+0x10/0x10
[  455.805006][   T31]  ? __pfx_kthread+0x10/0x10
[  455.805024][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  455.805041][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  455.805056][   T31]  ? __pfx_kthread+0x10/0x10
[  455.805074][   T31]  ret_from_fork+0x4bc/0x870
[  455.805090][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  455.805109][   T31]  ? __switch_to_asm+0x39/0x70
[  455.805119][   T31]  ? __switch_to_asm+0x33/0x70
[  455.805130][   T31]  ? __pfx_kthread+0x10/0x10
[  455.805147][   T31]  ret_from_fork_asm+0x1a/0x30
[  455.805170][   T31]  </TASK>
[  455.805178][   T31] Sending NMI from CPU 1 to CPUs 0:
[  455.954296][    C0] NMI backtrace for cpu 0
[  455.954313][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[  455.954330][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  455.954340][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  455.954365][    C0] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 33 01 22 00 f3 0f 1e fa fb f4 <e9> c8 e6 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  455.954378][    C0] RSP: 0018:ffffffff8dc07d80 EFLAGS: 000002c6
[  455.954393][    C0] RAX: cc5528cf90a94400 RBX: ffffffff81967c07 RCX: cc5528cf90a94400
[  455.954405][    C0] RDX: 0000000000000001 RSI: ffffffff8d70bef6 RDI: ffffffff8bbf04e0
[  455.954416][    C0] RBP: ffffffff8dc07ea8 R08: ffff8880b8832fdb R09: 1ffff110171065fb
[  455.954427][    C0] R10: dffffc0000000000 R11: ffffed10171065fc R12: ffffffff8f7cd270
[  455.954439][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1b92a40
[  455.954449][    C0] FS:  0000000000000000(0000) GS:ffff88812613e000(0000) knlGS:0000000000000000
[  455.954462][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  455.954473][    C0] CR2: 00007ffc63d5bf88 CR3: 000000000dd38000 CR4: 00000000003526f0
[  455.954487][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  455.954496][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  455.954506][    C0] Call Trace:
[  455.954513][    C0]  <TASK>
[  455.954518][    C0]  default_idle+0x13/0x20
[  455.954532][    C0]  default_idle_call+0x73/0xb0
[  455.954546][    C0]  do_idle+0x1e7/0x510
[  455.954562][    C0]  ? asm_sysvec_call_function_single+0x1a/0x20
[  455.954579][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  455.954598][    C0]  ? __pfx_do_idle+0x10/0x10
[  455.954618][    C0]  ? do_idle+0xa/0x510
[  455.954634][    C0]  cpu_startup_entry+0x44/0x60
[  455.954649][    C0]  rest_init+0x2de/0x300
[  455.954665][    C0]  start_kernel+0x3ae/0x410
[  455.954686][    C0]  x86_64_start_reservations+0x24/0x30
[  455.954703][    C0]  x86_64_start_kernel+0x143/0x1c0
[  455.954719][    C0]  common_startup_64+0x13e/0x147
[  455.954747][    C0]  </TASK>