last executing test programs:

21.342837627s ago: executing program 2 (id=4945):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x9b, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa4000000", @ANYBLOB="0000000002000000b705000008000000850000005d000000"], 0x0, 0x8, 0x1002, &(0x7f00000014c0)=""/4098, 0x41000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000008000000000000000000008500000041000000850000002a0000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x6d, 0x0, &(0x7f0000000700)="d1fd5b41a5ae09dfdf77a4392cd819a4054d5240de98da5b90a9855a0592d15168de09be86add0088bf87dc6fc21157515a43dee7020b6ca27377bb0d55cb3b23f2179695a5750ef57e07b99756901ea4a4b60f7aff4662cf13dc1170d24bd32b3160b1dce34330a6870cee42f", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9}, 0x3e)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61158c000000000061138c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)

20.957455589s ago: executing program 2 (id=4947):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa, 0x0, 0x10000000}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe18}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xf1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x20}, {}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

20.786935634s ago: executing program 2 (id=4948):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1f, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000fefeffff85000000a200000095"], &(0x7f00000000c0)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x11}, 0x94)

20.630513559s ago: executing program 2 (id=4951):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r0, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000700)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04180a332e94ee4784fffee263c06f2d924e8699b6af71aa257b5a316af31628e5148c7012f4d55ce4c29fea9e5b0b61fdf0b2dc866fa81b4e775e235eaebe330e16114548f147b8a966bf1f1fc6c24b9d47d349c87c3f789d2ba608cd25b17b6c80a7f0ceb4a06ff270ff8c9f0d3a19133f1fdfd51b767b8cef1f36e5490c5df5fcb378a6fb6eb5d8aaf7791ce81f61a05e1ebdd1789eb70ac1f3dfed378f6f3e237120052113a75ab977796117f7e7b2d6ee499f51dc070c820d10a0eaef4fc94ddc648bafae070caf70c465267497b3de963df649e113e2060c82b057abfae0798d424c81aeb42796189eb0936a2c547a5c4d6351ed786c75beb926118fb7af49ecc00b545fe2563bd4294a982980afed3f9cf390f304611db4c6d7b64d64f38db5fde5cf7cadb29c697013b710e0218660671d0051ddd7fb7f5eb72a34f469b2e20600000091817eb5b952af43d1a40f4770e7220fcdfe25d3e9747e2af76ece5922724840afdba6f6f9e1d11db8561e8e836413ee04d6e084700ec1ac0e00569f0e4d4844f4710299aabbef615c33e276544669ce074528938ec0cc6d2af1ce7a47a64ad676f08507aa08d4210f979ef4aacfa4d524c9952d4743d65c3c527302942a8880116ce7ebc6c84778346f02c806bb466db7d313d7ebc7ea87823d4a8de0b697929fb3277012327827801f75ca3c5776d1a81acb160007f73148dfaf05ab7eed5a0e603ac468eb2bcd9de5f140758e74c20a9931187e0cbc857aa62a4cec8a62f7e31af3a78cdb8608551cdd68e83aebb3c9e05519184ff996c336553fa6bf16865cd6c4eacf1e360b029cdae41070f5fd183ea0eaae427505d56994ccfd0737aae3abbc45f56710d2e3f2662bf4514044f7fa03cde28fa1783970d3c676cb23cb1923a9feb233267ef663936ccf25f7597a2270724527bf468d22786d0548b25582180b72c51742c4e5c373a1008dd4cfba508e8f3f8ec35e6f1375a11b1fbe2dc09e9fe609e80112c8f5c895c922cd547def707b7252d7afa0030d008b1dd10fd4a56e30237a6e0229fb4562cb8df3d4e64b28e15c075e59554e9d61a6065d49c1e765a49195cf5d6b1e2b6192447817fedfe41fcdf9a4fc5af567906e4b6453da7b97eac255cc253d7bceba09f67da4815438583c6843366b76d9e9277558e48681e9cfa920b47aea0e5c46ef86ea7f1ef534cf7565b24b833ba2cbfe60e6271614850dd68f2a8a6be4f315b83abb8e2699ed8e2a4b3506f9dacbb180c4deeef7489f49faf34cdf4e91a402956564f854d71c892e4aada1c91647ce45d4834d000e8d5be1773ecae388e511228977a69d4cc67fbab60ee1555a219e41eebc31807a87d9cbe88a8b05959e1a988f6ea6ed73a6ac1ec2f3d7", 0x3eb}, {&(0x7f0000001b80)="0d113311d7af2c7d0a6b8bcc9ab77974b333be01b290ffa314fa9cb227694f5b326544c9c1d4563f937db955e0373639d6292234c292c5615d82c851b91585b7ad8748faf0d8e5d65994adbb137c7851edbb4a3485ffd64e1caf3117861898d4ba6e04c15a94496cc8c23793136c93ba88db52f098b37fcf3f6c16df2f500f5b2005def16d46d96544649249c26098820ed60c94032f6fc134664ae10a613d15d140a948b4b45471dea34c0f527fca192dfa77f262ec22b914476238014687f231fe251b57f7689e4850e2c1eaf49ad1773a1f971ba9d8a900e5e2121370ebf1a0c8af1eca3921046277767b7740008731fdcffcddbc2cb867ea2959a735c164e4c650454d43dd6034dd22e31d94df846ab6d1b1e7c2463e349ffda978a5e783bdda9e6fafb2ca73fb02ccc54ab9309988741fdfbef9000b605a2d3890468834f7d7f705f8da1905283343b78f30bc48c2c3c351e955823ca8e6e82f695252f0aecc64025cf1e26d4be77f4b4f96d9b45226436aa43cc78afe578fe8c44047eb9f66bfbc3f3daeaadda3c088299586d35c7a868a8122428161cff48106cd5529695a27ba78f1d124cab474705be18a40ad26131f48d25f1e1c7a19e23433ff6d6284cf70278d53d12b41a171ec23143601a31732cf145fee69e318997e791c10af3a4a3f2d8afdd131cdee0e6aebfdc1fef1831abaa01741cf774eeed7a043d6368c2fd43371633089fa9fa50c7e41185d32cdbc49c0bec369fdd7ab788bbe8cc87676f8597dc626556bbaef0bcd5e1a43bcc4e2c59f310e1c2bf2fea0f360b33408fb2e1a1024e3d88dff19496f384b0b4ea97c0281904010a7eb34a3d6bec959f6d59a0016d28da834b382e6e2c606236dcd17925b95f667e899a6b59ef20c1a96f0053ffb7c5a07b8ac6f20fa791d15c19b814f049e0b2da6f5799daf4d345aa475766367f99c160e8a08fd7f1e42e5b38eacba4f40eed3fccbfb89f4b644afb1e76eb4913e27e1540e2d4ec8ed8748b4756824a65c933d4120d1c2fc7f343ce0958478a97aa352fc2ddaf917fb2ae7bcce4d6f9d4b32387baff970a701ce01a73937cf0f12f6e41b86a06ea1b971d1ad7f92c0562a7778ec33a1ec93717217834e25b4b25f06134bbfc29f125c36c7e80e92a13127c70b377dce60f7bfffe3f3da8f1be6a3948593a6693fa07a91b00405d8ea47c88ccd02e7a64e0bd31d115c93f7c0dfe1c51d338b08c9825a29802ba8bc5c4655072da6dd2c27ce6684e1c2dd7dc95dcf90f934ade45fe5377a813975aefe4006ddb535f03db5a82f71f50cc7935c6809c73e705e84a959f70ff71df55ecce6a4a182fe3ef45a506fcd0f49b6eb9e9cbc8cd553481b9162a9086bf31c8cab7b1c3c7f703cd26d96b48dee0771b4a6d2513a37fec94a6649cfdbafc26b17a7bb2adb72477d34a74e4165850f76473f41c116e7adec0bdafae8aff515c781092e2d2f70fefebbd36d0e1cf5a01ea61f142756b8195e1fc400ca73162eb51d3a14a1c8ea2be43d3bbc230c7011273c1c9f035895fa45e8ba5eb8bef0660e952f3327720bd3817d098277b01ee0d8394a4d7752866da8f3258f243150df19ddb87ea24bc2f5de0394870e23a0f723013a226caa72e896e9f986e9aa40a6a4a21cfb6cebbbeb334ed7c0996c827c6790bf2323df6ab44f3aaceef33bbf9f89c915eda91a6e2aa5015a68235006cdb7f6759e734dd5368124d72157933add614947339323746ff9fdba836fc39e5cf85c8727d624f52bdf5ccde7b4c94e8989c0b845dd7ee12c7766f9b37d2a7f2439ce7fa05741e9fd4f7ab3c691261913bc3196802f9513b3a87500913f9760dd837b1248550e837e2b4d83c1f557d16a09424d7ca76597d9eb201b43340754acb32dc6b4b8f4c41806dd5436e70bc83f5f97d968d13cd445f3b58fbb2cba65299edda4412a0b8e9274f01fc3f4485e9e72998f74c4ef3eba0e948797023bb49e04ce901785b59782b77e15f1bdd50bae89c43361ea78e1f0b6f6e0b985cc9d1b35c088c08ff17e615572ef52514a71885552d787aff1e1525b9d45800b0497539749a9f7b2c74ef9326e83b591a47bae8a143dcaa5a1f3b362a9f33da53855175a2aa716c38c57225359e3f2fdf0fc140af79c8e058b5ae5699505fc58a9d5161de529c20c1cef3fb021c0f0c37548758305", 0x614}], 0x2, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x26}, @loopback}}}], 0x20}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)="1400000037000b", 0x7}, {0x0}], 0x2}, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f, 0x2, @perf_config_ext={0x40000000000000, 0x3fef8000}, 0x0, 0x701, 0x43a1bd76, 0x0, 0x5, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0xfffffd65, &(0x7f0000000080)=[{&(0x7f0000000000)="140000002a000b6c8c1200f90429fc5a010f5dd9", 0x14}], 0x1}, 0x0)
close(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r5)
syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
write$cgroup_int(r6, 0x0, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r6}, 0x8)
perf_event_open(&(0x7f0000000780)={0x2, 0x80, 0xed, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x4}}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e37000c11802f2ff4070300", 0x33fe0}], 0x1, 0x0, 0x0, 0x35}, 0x0)

19.898780252s ago: executing program 2 (id=4958):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

19.596018361s ago: executing program 2 (id=4959):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000580), 0x60042, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000000)={0x3, &(0x7f00000004c0)=[{0x15, 0x0, 0x0, 0x3}, {0x0, 0xfb}, {0x6, 0x0, 0x0, 0x4}]})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})

4.405615053s ago: executing program 1 (id=5013):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000bc0)=[{&(0x7f0000000040)="02042700ea0e0000000000001eafbcf706e105000000000000001104ee1606d4b8bf4a828bda305775c43824cee8440000", 0x31}, {&(0x7f0000000980)="126873159fca3fa38fb198e9a6b363ceb3e6d803ab766b7a38e451d14e0b3457474fe6a51671e4124fcea96a873b10996816e100ed8a93b0a9053db57d60973369f58551c3091cb88d3b351a085050da4ac7f6b2dd54613339d3d387667641f6124e2214bb14e18cd2016f2acbb91e40b67b37c64924fef01cd3c09023f50317ef9a18260b32eecb5c0d35e672d6dccd0c887ad2bce8135af2e5c3ae23c1aff06d56545d8915aa7a073999aa8c26fee6ce6500d15105c5f98ade06e44792b395e3dbefa475a4d8089c970754379cffbe5fe9778fd868388203c40657a9adb4ac155f5c8bb863865de37e15d26d5bee9c520cb2a5d64f0d9aed9ef859b710bd179b66fe2a581ea45a6a213529b31013504390a830956b82942a94a72fc783ef52c90fee509029b0aa11c39543344b1c41f09eb4166fe2eabc79a58c9ad0b620ce63f8e3", 0x143}, {&(0x7f0000000b00)="088d85d1f427cc11b21caca442b2a4af8e69b0c132387b8de793ab327e16f27134fe420c1f7a1589836c736d2341f792240f6f7995e2206e7eaa54d08feafc4e009b7ad23f7c18a49c875b5b7266fc799ed90a099cedfe0c57000000000000000000000880000000003c4627b2367d6c49fc1dd9a9139362968da8e19f9886862c9e2841033c91633d5f77d6a6e3b589c7", 0x91}, {&(0x7f00000007c0)="df3b060000000000000080de728cade8d711395f19fb3f4eec000000aa1f2760282a4997d50484253c57f338a7c579c419940aad819b7f01380bec0f1500149cedb3320aed8e6507206598681febcb75e8ed0f61d8970c8a5ceb64e0e5dca78aab664514be428602ab3878adf81735bc5bc741fcbf72be3cf87a68c1a23cdb0bbebc4390524207", 0x87}, {&(0x7f0000002300)="b72abab9439ca41f5cf14d6435575ba774ee5f5c23ff2f5176f5773d08a15668ec280cfe4ea416cf769dbf978a8191bbe006e0da50029176c0f24e3ff4d3e895a2afbf52cef2fe1ca31edd842b126ec4be67e6e3624b9ddf806fc146c645ec1d37fe7e3b025c156d5d520104b53f7fb2af436201cfd5dca170edea5a190e4786bfaac544b60f514d7ef420526c467f14790dcfa5ab915d7dbcdf2765bbcad014c991f8b829c79f53586de79f0b987ad796f9de4a6e53136a07a39ab1f5a2ce30aded70a9b72d1beff7e8b6405fd6331e5635ee71e809be2d58f412dcd7b2e856d692dbfed19045ff13244acce351b6e450395568063569c71ea80a04f83fbe6ad1d0862fb97f816576c4844da65d751ee1fdc522ae1158670de297cdb2117bc0adc1486e016a6bcc922a162fce6a9ecc8c42b0c44c566004eda037864e5f339bbb0998cdaf2b8e49ae003659bc033668f7c8e550197ed95c420461254ba1883dbd9403672d579cee85c37f103ee9a350a768286017158784baeb063c8c684b91b022b0db2238b679092a1f6909f0cd9228500e088f5cc7bac4c0dc56e80fedac93554aec79715ce02e8bf3fcbd70382f619bfe3dcf06890d8542022ee58bdfb075d319c9fc8474cadc8de5c3dd3f682d3f68324d0af7a727064053ad84c94643eef190783c616467628f84620044c084b80e3e57bfcdf293c9c36b4474a52398b35e49e2ad4a4ac090bffc5cd27d3c69b4ae5f841d5b0766ccd36d25eb58d8f01621a05744b79ede39019ab9d7a1946353d8f3b7f833ce1a102a8c97a9e3f32138ffafd305448f2518ccdb7eef594a890eaeaff3f876f742fec22669a97085ed93b18228ecbe9e354e8f69967ca749fd2b1cf026665ca912e3fc0188b294519078b46676052de4fe22798290bd1e232c9791fc01ddb4ae776b5769143df2867042e8a3ddfa8e786bd8a244076956d4ab137939ad381650dd4fefd2b942a98d6f2edfd7019ae473e7608647b86d643e8ff3d7d4e89ed826e4b8c6e8fed224c528d805ade85c5b45261b2692c0f403dec050bd973b0999df214689f4402dd1598a16b0c7671e5e204a00b06376ddee7cb99292a8b835c0b451642b71f2ffa1aeea56255817b2384bfe4f8213ccfc1f762f250592896102e5f6d34cdd726bc0f86af52fd7c4483d32e23e5af770e960c7445b8e67b6086f0cadcd22d0d4bdadc31b5a94dd687379dc6e078210ccc71f8e67eb58d330394425ab17e55d1ca8f868f6bf738af291d2293c3dfa2ccff25061ded22878b3cc6532d19e5a00d1f0f1b9de35305fac2c6cfd5d77a2b02618735b7d392738bd5cd3eabb7039c790a9f193913f16e06605d405d6a0cf0011a2e5f935d8563fef1722692dd266c3d320b9f5eeb2a4b2f72155522f0ed72ff1efa0b6ee78e70d3d45241609e7f87d7bcfe1af71159baa11ad667a0ead3986b2b06500ba2615ee966ea86ca68d02de4802bd9ef18dac5ba53ca98b90df49ef4e3268ceee538973620e5a60513ea330989642626420b67dceebc569478657aedeb62c45b079348796923ad1fba5a99e6b150cf97ba2a570150053309c6dca7fa352fa1678c9b919fbc47ae0a84175a7fc25a00fa5888cb017e8d8225fadb29e34bd3c5bbccfb22a83255fec3967c991d5b3e6719ade82fb7ef85c8a4b9e7ad8ef2a3a7bc78de424572224affb1f9e0c5a969e61ee2ebb4f247bfa09384bdad04438f2efbfae303d47c3afe7e8d3a157b2a6f37572ea3ecc441dfb208ba755f781f144e58d80aea590abcfccbe8678ec6de47511f9d61cc408cbbe90eeab2cffe6d1a48dc3eb4e48e228fd43cafd7ff2c85c3ed52e99fe16887be28fcd2cd4ba4cac414c92c96294fa7d628e4356c748c173f790a7f30071d0bd53817c78d163249c7402b222b8f28668cae7afd17b97dbaf10b75b61409ca6f5b285d1ab09207c5a91c68b0d4b5da6d6b5a495c8debd7f4400e56d9e22d1cc330f782f2b5441a31b9ccf35aa1a151219cdcff5ab8b240af5b5a751eca67773c057412a935e3a7a367b2bcd28463904ee040a586d6f4f969cee56d55b6b4d97d1fe93b67e2f6bd47925054c4702ec8969a1a6211ea8f6783ca0e8ae333922ce19eceb24e2ff714a0208d2489a62f299aa50cdbfe5a826e872ab231bbddf5bd2fca92d4460379e05e13ff34a200fd921dcb67a002873bda8d86536cddaccb54eb72dd4e399fe9195ad5574ad85d9ed2eaae4106234f0a8db05a230ff377b59b54fd0919d1b86b938622ae6098f003db7f4d45d6874f54c33064ce6184dccc99fece2d994e9572d4840b0cbdd704fd70b4f625912d48a512339f883533768f09a4f614583dfb72defe713ee38f61184df279461b7d35becd8e67d01f0ec27e901d88215554d5a69db373a662085733d09ad9153e7d432c94f872ff7cd72995b3a581ea17722ed13a191b366208f75661112b1a7d42c252c907488ca8dd8f819d4618b0053d4bcddb3b5975cb8615ebc472e052552ee74d5253174a2b0cb96e1eaf6349b6c39be975123ee72b0ffe1367df7aba54de26c9135a3422d21067034551be5efc5daf8b8f59bc725e4fd171378fd9f16a785f1b0378823c85eec521e0b2aca70b7b72b719a20eb2fb0addc0b05851c8e181607f49dad7323bc255309097584c2099574db1ed7940fd16796aef19d30acd714dc1f898716df64db87d852eddf2f86e78fd7fd64868b4cb6cc626efcdea49c4a2779a0e777bbe23968e14233a810d9883680894de93023a8deae51ccbf32e6d1e53618ebee95c761221a33bc3263fff0f5ae23e14dba0418cf3f31effcb36956e06c57a17620044260419a208ae1d2296ec9472d44be74a8ed0a33a23181acdef8c7d2695ce9485ed8d17d9f6f30b9b128ee0ba15c42cbf6059bcfef008c09db8855343f79c3ce1c4d79077c8a62237d4e400a5aa88e7424f2f99df6c2070d6ed071f4968376581e20e52d64e9c4f8a6f73bb33f5b6b62c1deecc85bf789565fde14e4454306ed8f09af08afb360ee4fb40dd5dca0be43ccff75e5c0ef85ea7c521cb4840d61e99e1ce4661e721446d5a571cddffbc3643ec9b58237fd416376906bdca09485c2c80f82b23e8e7bbf22035fdbcacd804ae3771fd616901184ced46987d533017eef717e9b34a5531c3efe2d77c9b6cb0617382d69951545378a4118e71c64a1f16d096a8f933580922083d0538d90ae1715c63f682e8241b42e1646b0c52e34aa9c91efe2b6b787ce0747d4ff0dd07d6ebc9ce27e0ef35705eb7b78763a9829b464523ff3ed9078aff6ee29e6e7a59a5243825e8bb9235f8e49a9dfb5932536666c3dc75b29e515dbca4c84268cf23cd7b6da6814328a3cb26d7b1d6c28e20b36f9a2c9e2fcf663c314f72f37d2b8f405cfc686a6b35400435be0eab01709c2c4b3005491cbb0b560e33547b77ba9f25f01b194e20534199a3786ddfaf0a75aafb65cd4df4da7b5f98fe72a8bc7d045339fd41508cecca791c717a10d4fed8aa69eec80955bd899a6f8aaf3411be40568149e631ccbe17c68f85e87b58da81ba78def8b1a48c49b2dc7613f7d6ea8b158bed077666d37d1caba9a22b7cb2772e780f70872113e5bcaebaf9f9499f651dc894be3bba1e99d58b33d60c0eda397df91d7cf9fb072f247fa9a9f59c4f59c4284a3832ff0a1f9dc8f6346cb5c08a9dcb2851c7f169af688fc13f00cf9519ade547671698caaa3f4d4921fee83753b9ab0875707836343eddb5b87bec86aae023c9571b8e389ff3f4c692b6fb19686105249ce033116777d919ceb4559a67ee6b6ad9d4b53d2be24315429de3bf201107fe7dff9cbc92dbf9173391d555b0a1b8ea3252fd7d7fd15d8a3cc70cecdbdd43c4edcc4bb2fbbf646d5ec7dad0d3156a513d14184e0c316f8155e774f7dcea485f904828edf28510d692b66b1500c5a704371c2188a2812bd323d79674082b5f5e9f7f4ce1a75ed854b71555e9fcd1f0322c22a9e543674c79a74404e08e61860f505dc56e1b52977b9a9af18be4064b5f6aa7c891382bbbe65e70a4cee33176570341a525fb6b25c0b20bfa3f2ee4a01584f259f43c3b63a2dfc376f435827211379ab3ca8912cbe01e4f837920666fbda682f6954d1c156f21e12547b885f485c38f62e765013144be8ca92b1d4872790a5c02671517f6a8f0ceb247e08c64268ad8970b57bb6d077c9b8ebe7fb1183087c9a3baee06100609204be588621253b9b120c08db9f28c2d38c9bc3f59018bb7216d73186048770d1e556faa49df23a40a64b40cdda2041dccf5619db09b7a7795fd7eb631c0e0bffc3b64422bf6acd84b7fae8bd05b057260a4d7c4851829c7bbf0b6f27c5db0ff10f42df3528f79dc9bbd591965259cd0389deb124b1fadc5dfd3ade9742d29261379ea3d98929512371dec991f0636fbda5dac355a04e363beeb4751781d9cef3a0b6ac6500895d223ad43ed75cac8b0a868253fffa10bf6c2de99c687fd056e075cf0632b6d8ed2263ca08ad95b6f335a3b6d8ab7801422ac8597441ac1bbe289b50af31eb221d19a2d3177d4ad1056d616295e89471e65d", 0xcb3}], 0x5}, 0x40080)

4.254063057s ago: executing program 1 (id=5015):
socket$kcm(0x2, 0x200000000000001, 0x106)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffff56a, 0x100000000}, 0x250a, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b81, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x9, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0e000000040300000100000000000009000000000055577565f3a0b8691edaf937e7d41edb1e067578d5f5063770f542", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f0000000140), &(0x7f0000000080)=""/6, 0x2}, 0x20)
r2 = socket$kcm(0x2, 0x5, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="020000000400000008000000"], 0x50)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000240)=@generic={&(0x7f00000001c0)='./file0\x00', r3}, 0x18)
perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x2, 0x0, 0xf, 0x0, 0x0, 0x400, 0x1e37cf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x401, 0x200, 0x0, 0x7, 0x0, 0x100}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00'}, 0x94)
r6 = socket$kcm(0x2, 0x3, 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0xd, 0x8, 0xb, 0xfb, 0x0, 0x3c, 0x1c144, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}, 0x18842, 0x0, 0x7fffffff, 0x7, 0x9, 0x3, 0x7, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r7, 0x4008240b, &(0x7f0000000000)={0x5, 0x80, 0x9, 0x8, 0x6, 0xb, 0x0, 0x6, 0x70180, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1000006, 0x2, @perf_config_ext={0xffff8880b890dffc, 0x4}, 0x18046, 0x4000000000000009, 0xfffffffd, 0x8, 0x22, 0x2, 0x1, 0x0, 0x7, 0x0, 0x6})
socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, 0x0, 0x40)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="5c00000014006b030231a6080c000af32c00000000f800250502000f00e5aa000017d34460bc24", 0x27}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
close(r8)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

3.655899016s ago: executing program 0 (id=5017):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x9, 0xd}, 0x0, 0x10000, 0x9e4, 0x2, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x3)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_bp={0x0}, 0x0, 0x4, 0x0, 0x3, 0x0, 0x10, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$kcm(0x11, 0x3, 0x300)
socket$kcm(0x11, 0x200000000000002, 0x300)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
recvmsg$kcm(r2, &(0x7f0000001040)={0x0, 0x0, 0x0}, 0x40000040)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000780)="540000002d000b63717a3c4a7ad8985b0808aa782223fbe40f80e0932eab389d2db26277c4abda16ad715fb33005cbd9ec3dd4f1cd7d38005797c978516b8909cc0bc70f6a034cbb95c40c4c46699d726a6172e6", 0x54}], 0x1}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000080), 0x8101000000000002}, 0x5, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200000000df00850000008600000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000000000000085000000750000"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x8, 0x4, 0x4, 0x9}, 0x50)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000180)="5c00000014006b03c84e21008bf32c19021800f80200000044000200ac14143705251e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d4938037e786a6d0bdd77f6f60c1504bb9189d9193e9bd1c1b7800000000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000009c0)={{r6}, &(0x7f0000000600), &(0x7f0000000980)=r5}, 0x20)

1.121482765s ago: executing program 1 (id=5018):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
bpf$MAP_CREATE(0x0, 0x0, 0x2e)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000f00)=ANY=[@ANYBLOB="8500000008000000350000000000000085000000050000009500000000000000fed023000000c71adb30be7d75fa1f32f08a23ce3220b0cc9505d72768b8242dd90d17e4c52505756ca2b009546a0900000000000000d3df2bd87184446d165ae3939bbca322a415a98c8801000000000000800859362ed862b3c47fa8ce7c69adfd2f16af3a00000000000000000000009a317aa34f0c50f99eedac26048ab915e1be5aa845be00de14683ee4e859d65564a9c79d20e5a011e966388cd0bb39f45d6c508b8a0f7f2d48be0e2a8137c6741775428abf2ddfd2a473f5b271701e22f8cb42198906e1107fa780c435083cac323838727a606495803509f84729f3e8a2fbfb995f99b82df3b363a9cf6ba87fdfbf5a3dd0dde49b4193520e5e946687634c04000000000000bfbcd911eba0dee5e5ce6434f86fe82ee02f0e8e3173a97d85e232e584ace13387693614f3a7ef88709f4d552c7b3a7903e14dc418e58f3e98933b2c93fae25ec2dd190231e2531e1ffeff33676a4383a918cba3ad8318ea29f164563a42cdb596f255a251add2d2ae2fac0a0e7428e4bf07fc884be5721bdffe58c6a4b57014ce976ce8b9cddfa50175c53253d7659f0e88913d4fa7f37feb40337fada4363c0698510730725e23bdad60ceaeecfeeccc397565f204b82d6d4458d77a1b4abeadf350c21027d314237a9d448b82827ff3f29cc9b46c8fcfbb30d1fc18707c252b596cdbf4e77836adc1f59f9d1280333d135fdcdcee8eb817388666e02ff1b148b6bc3c283e71c0ad9c683c6bb6fea2d2d54af3ad488f0cc2e54a70c19ceac518adbe917652c34019d7478c716ab23d4a863b4dcd08d89f6cec674e9fd379d71e06357d207984e885ace8a0dbaffef403aff01d5f2f0e644b61cd8bd72a59f2d7cf67815aeb8761412d68c40dbed08b7eeda96b3856a519a71b83c19b2e8f88d92b66abec165663819a87e7cd8c082cb011051789c283eecfe08f0799f6c7023353b6d3af7177d6b56549616bfede82c598301c98b0420b1784b53238b39c0db1da864e593d45fd297e4d34e749bc737e0bcf36fd955a40124c00d40c3f21d26e6e276152412b4ef3f52dc416bb2d7463a93ee6c0b20c5749a44677a3c3a7aa9a47c7cd7bb52fbb2c8d63166f4ad1038f33258736b2224a66726f1fd4dce0eb6043a55fbdd341baba95cc5838a860068e0f3e73d992403455b03b25bd5414628d7325a6b25986666b336851d9c623c405bf608d4bd9347c83cb693aebab072be479705b0c6c9bb9728d131f8320b966898de1a16407692b57b6f7333eac0d2ed0a7a4457d9c70089fcf9aa553929a65777f3bbf6d0bdc6a11371a138c6d4b0fefc655716e4486f5c7a88e80b2fb0efb579333bef98ded75abfb982b1fb92f003a6aefb8bf25eacb848d8ed1c1162d000000000000000000000000e87dffd60f123527781805434d210bb72ac2c097c45b27dde4980bc85b43614d266a9d403c320f80646c7df8bdd1cf380000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/148, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff79}, 0x16)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000008"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0x1, 0xff}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000001000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000e40)="04d31fcd275bfc58188e699fa7c9", 0x0, 0x947, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@map=r0, 0x24, 0x0, 0x5, &(0x7f0000000440)=[0x0], 0x3ffffe70, 0x0, 0x0, 0x0, 0x0}, 0x40)
socketpair(0x1e, 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x94}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0xc, 0x2}, {0x3, 0x0, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0x9, 0xfff0, 0x41}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r5}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000e80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.121404154s ago: executing program 3 (id=5019):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1f, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000fefeffff85000000a800000095"], &(0x7f00000000c0)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x11}, 0x94)

1.090859895s ago: executing program 0 (id=5020):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff1d6405000000000065040400210000000404000001e37c60b7040000000000006a0a00fe000000008500000032000000b70000000000000095000000000000000ce0de7621e5e832249c04112cf7af2b75d0d1f034b1b3fb6bd3ce8fa62c7941272ff49142d860010ab162aa2264ab67e55a00000000000000edfe0969a9ddc125b686a1e83c8790c893d713b3295dad0ea697181d1e85b64126b5d72f204754d1d4a93f24215dee354e93cfc3f50ff23f8432c72012f021c84c59a9d4c142f439d3040cfee621589fb3a2f1407c7cbed48e7026f8d52d4bca2608c79aa4a73732028f88ce07ed1075da4a2ef44e3d8b88873f0b1de87dfb6d15936ec0a27cb554def9e27396df6b7851ffa26237ea6730880f06371beb3b290b7d8629a6f0373fefa0acb60888fc14ad2b83ca03ac2aee792482ced58af4140cc4ce3efef26e00c5b2200a91cb80c6065a697d6fc8aa8b65aee0783b04cff0218ce82c9687b4474da89c474c23727555fc5e5f8ad0f2f7a261140440fce1f12cc6df312accd011d888384283092d987c40bbb46f68c2431b97906f00000000349834fa147bd5923bbd4e606708034931a8f1a89bdf77093a0000427aab8e21e1a33d3fe093547532fce6549dd648ad233e05a7b3ea178007c1c32e871ac81f287c4aabbd153390b16d1d41ee433e3aee000000000009e106d6b5289f0000000000000000000000f7bc9f46cb71f6b889d37807865e3b4e9916dd0f72c9d58ea333b90f8886dcbf5ddda0e42ca08e3303632401f2f5212b40c0e88c957fd767dbfc80b07ad668b4f6f92fb209d7c2dbac597843c8eb7bf92fe6d0bb0b72549795c2ed19e441eb69869844152ba9da0588e42cdbc5fcd245ce5e3ef0dca64931276702a312db7956f0a75eb9caa17d47a6331c7c963cbf86a845ce27c26b7136d3e7207318b1df7a6320c64f18ccd926eaeddcde8d5006d6c38db117fb1115221a66169172720ccca770bff37e59511b2606138377eda44b2f288b491ab8aae0e11a98303b0e407e0f9d21f4a3ebbd3fabf6da9a1a1f869a339fab465d8322b7280b0734fd115a19b33c8644fff71b3c62f2e1b827e2663e06a751182e968c8ab05fb1d0115d4b11d944f2c06acc023a02b7416a9a10218d21503cda13bb5df6c992e52e1c01793b728eac000058ab3b3900d279297dadc127e2f38fc60c23af2e1fefa5a83456647191ba1953d320f59aa261fe79613df6bf43884e9649691e32680d75a541c27ffe74f9d13340f2cf1c7dc2b7db01213216cd4ecfd30efe137641471987289b7e23482e026b26eacd1b97443e2ea2d1d6e31a01ee0ae7fa195a2152b2338b086423a3883f2ce3e2f84e04f4d52c985eac4b46336908599564b47db0e6aa97ee51a360f4382fd99745725d44c77d097f69d19fe86f71c38a0226d44ebe0ecbd959f14b540745cd03b8c9f02b825ba45ca85706c73115f70871db9d2a1bc2a517b39f9648123917a5db07ba4e27f961373767e1ea8f7cc558e483abef1a9923c5cfa2081e430680950b7d7c377726b557ad31fdee17ba7057741f39d29d8ab295222f96297a777bb235416e72c84afef2bdb08fb375147b028b89f15af45bc8976b91158c13c9876daa71e7db0f5a17376be39ea79ce1246c547c740e31c64e5d293e0e5a544dd166010061d6ccae46c173b8e11721e4bce22c16af00000021f80ac6c3971006db853e3c40a5417d6eac09eb0e01ac6bd4c6dacdcb1d6d2ef9c8bdea91c984022821e961236d08f8b9072ec6cb5d5a68833fd5b4e80a5ac2bc6ff323f5ce612b59ce8177956c1affcc8baf4c8b59ab959aff9a7bd81f7c7c1f1bb92ddbeed6bce8041c7f0c1c584e6ae027678ce3cfbfea938aecc3c5119c5875b7fb35dc20f5c7aaae1e276104f607a73fe501c1045873a2b1eb80e95c87f099d98028dc82bdc7ef08c871fb3061c3c5ebd613e6e5e8cf099bb6e8c0441a133c85138b36a02c47fbedf7ed1d3ce74c9ec2c676c0b2d4b5eca61dbf5769b483c2a9f6bec666dae4e81960e9bad7f17cfc3d5bcc7b7f437110ca8ffa908c12086b2227eb202a8d56e0925ba994b05c98c39de44d25932449ddf08e5377814a40877eab4440ca01b3f50d2014a61a7d32105254b424238122386424efa3a7041254f686a5faac120942287f75e8e3db569ce47b120059d774a37e11d013be50cd2cbb00f6d2a23af61ec7d30bb7dc33a92f900b6ff1d29dc61cc40b846040dbafd00c6bcfbcf700"/1664], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffffe}, 0x48)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081084e81f782db44b904021d087c06007c06e8fe55a10a0015400600142603600e12b000060000000201a80016002000014003e01100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)

980.091589ms ago: executing program 3 (id=5021):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000c000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000300)='GPL\x00', 0x8, 0x1002, &(0x7f00000014c0)=""/4098, 0x40f00}, 0x94)

906.567501ms ago: executing program 3 (id=5022):
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x60000, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0xc8, 0x0, 0x2, 0x0, 0x10, 0x0, 0x0, 0x7, 0x0, 0x80000004}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
perf_event_open(&(0x7f0000000340)={0x8, 0x80, 0x1, 0x1, 0x0, 0x0, 0x0, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000080), 0x8101000000000000}, 0x205, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080), 0x181}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

872.411962ms ago: executing program 0 (id=5023):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1f, 0x4, &(0x7f0000000380)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x11}, 0x94)

671.483858ms ago: executing program 0 (id=5024):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x2, 0xfffffffc}, 0x0, 0x100000000, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21bef5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f94306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a835701bea8240399c56ce8f58df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b262341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f9ac2f7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189f"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x8, 0x0, 0x4000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001700)=""/134, 0x86}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0x3, 0x10000}, 0x28)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r3, 0x0, 0x0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340))
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_ext={0x1c, 0x8, &(0x7f00000001c0)=@raw=[@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}], &(0x7f0000000100)='GPL\x00', 0xffff, 0x0, 0x0, 0x41000, 0x31, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000740)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000780)={0x0, 0x6, 0x9, 0x2}, 0x10, 0xdd1, r3, 0x8, 0x0, &(0x7f0000000880)=[{0x4, 0x3, 0x5, 0xb}, {0x3, 0x3, 0xf, 0xb}, {0x3, 0x4, 0x2, 0x5}, {0x4, 0x5, 0x7, 0xb}, {0x2, 0x3, 0xe, 0x9}, {0x5, 0x5, 0x2, 0x5}, {0x2, 0x5, 0xb, 0x1}, {0x5, 0x4, 0x6, 0xa}], 0x10, 0x5e94}, 0x94)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000300)="2e00000011008188040f80ec59acbc0413a181b230000000000100000010e61e0e0027000f00000000800200121f", 0x2e}], 0x1, 0x0, 0x0, 0x20}, 0x0)

614.72293ms ago: executing program 1 (id=5025):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0xa0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

543.822263ms ago: executing program 3 (id=5026):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018030000000000007c0000007c00000002000000000000000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000000000000000900000000000000000000000a02"], 0x0, 0x96}, 0x28)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0xfff9}, 0x80)

421.661946ms ago: executing program 1 (id=5027):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000280)=ANY=[@ANYBLOB='+cpu'], 0x5)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_type(r2, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r3, &(0x7f0000000080), 0x9)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@type_tag={0x1, 0x0, 0x0, 0x12, 0x5}, @func={0xa, 0x0, 0x0, 0xc, 0x3}, @func_proto]}, {0x0, [0x5f]}}, &(0x7f0000000400)=""/41, 0x3f, 0x29, 0x400001, 0xbba7}, 0x28)
r4 = openat$cgroup_procs(r2, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000c40), 0x12)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000200000400"], 0xffffffffffffffff, 0x3e, 0x0, 0x2}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x12, r2}, 0x94)
socketpair(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040)='FROZEN\x00', 0xfffffffffffffd6c)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$cgroup_procs(r5, &(0x7f00000002c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000300)=r6, 0x12)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000100)={[{0x2b, 'pids'}]}, 0x6)
write$cgroup_subtree(r1, &(0x7f0000000500)=ANY=[@ANYBLOB='-cp'], 0x5)

355.204088ms ago: executing program 3 (id=5028):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffd7b}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x20, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000030000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b2af0ff00000000d609080000000000c39af0ff01000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000001500000076000000bf9800000000000054080000020000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000006110000000000000620700000000000095"], &(0x7f0000000100)='GPL\x00', 0x9, 0xdb, &(0x7f0000000700)=""/219}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x11, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x400}, {}, {}, [@map_idx={0x18, 0x7, 0x5, 0x0, 0x10}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x72, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000200), &(0x7f0000000240)=[{0x3, 0x5, 0xc}], 0x10, 0x10000}, 0x94)

252.039922ms ago: executing program 0 (id=5029):
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0}, 0x13440, 0x0, 0x2, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x13, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b706000008ffffff9c6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000004c000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010ddb03cf1c62d57c08a90b189d190c341035de53a9a53608c10556e5734eb84049761051ce540c772e201b2de17dfdb5b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be428ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e015064716897bced7798509e64df360d95f9a4099f86438ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c710bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03440eafe1c8660c73acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b8134301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3bd9b1d742e334319c8979c322e92fbc2c400"/1423], &(0x7f0000000100)='GPL\x00', 0x0, 0xfffe, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42)

162.128504ms ago: executing program 3 (id=5030):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b700000028000000bca30000000000002403000040feffff7b0af0ff0000000079a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000e61142000000000001d430000000000007a0a00fe0000001f61141c0000000001b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300"/4140], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)

75.659537ms ago: executing program 1 (id=5031):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1f, 0x4, &(0x7f0000000380)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x11}, 0x94)

0s ago: executing program 0 (id=5032):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="09000000040000000c0000000b"], 0x50)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, r2, 0xfffffff8, '\x00', 0x0, r1, 0x0, 0x5, 0x3}, 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r2, r3}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x8, 0x7, 0x14, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd}, 0x50)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r4, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

d_skb+0x4c/0x1d0
[  583.833284][T15795]  raw_sendmsg+0x163e/0x1c00
[  583.837955][T15795]  ? compat_raw_ioctl+0x70/0x70
[  583.842890][T15795]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  583.849368][T15795]  ? sock_rps_record_flow+0x19/0x3f0
[  583.854710][T15795]  ? inet_sendmsg+0x7c/0x2f0
[  583.859348][T15795]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  583.864947][T15795]  ? security_socket_sendmsg+0x80/0xa0
[  583.870462][T15795]  ? inet_send_prepare+0x260/0x260
[  583.875634][T15795]  ____sys_sendmsg+0x5ba/0x960
[  583.880460][T15795]  ? __lock_acquire+0x7d40/0x7d40
[  583.885544][T15795]  ? __sys_sendmsg_sock+0x30/0x30
[  583.890632][T15795]  ? __import_iovec+0x3fa/0x850
[  583.895569][T15795]  ? import_iovec+0x73/0xa0
[  583.900129][T15795]  ___sys_sendmsg+0x2a6/0x360
[  583.904863][T15795]  ? get_pid_task+0x20/0x1e0
[  583.909515][T15795]  ? __sys_sendmsg+0x2a0/0x2a0
[  583.914350][T15795]  ? __lock_acquire+0x7d40/0x7d40
[  583.919457][T15795]  __se_sys_sendmsg+0x1c2/0x2b0
[  583.924371][T15795]  ? __x64_sys_sendmsg+0x80/0x80
[  583.929378][T15795]  ? lockdep_hardirqs_on+0x98/0x150
[  583.934638][T15795]  do_syscall_64+0x55/0xa0
[  583.939096][T15795]  ? clear_bhb_loop+0x40/0x90
[  583.943910][T15795]  ? clear_bhb_loop+0x40/0x90
[  583.948637][T15795]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  583.954601][T15795] RIP: 0033:0x7fae7f79ce59
[  583.959077][T15795] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  583.978747][T15795] RSP: 002b:00007fae8066d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  583.987227][T15795] RAX: ffffffffffffffda RBX: 00007fae7fa15fa0 RCX: 00007fae7f79ce59
[  583.995257][T15795] RDX: 0000000000000000 RSI: 0000200000001000 RDI: 0000000000000003
[  584.003290][T15795] RBP: 00007fae8066d090 R08: 0000000000000000 R09: 0000000000000000
[  584.011313][T15795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  584.019344][T15795] R13: 00007fae7fa16038 R14: 00007fae7fa15fa0 R15: 00007ffedf64ba18
[  584.027387][T15795]  </TASK>
[  584.218878][T15792] mac80211_hwsim hwsim23 wlan1: entered allmulticast mode
[  584.341732][T15803] netlink: 'syz.3.3595': attribute type 39 has an invalid length.
[  584.481422][T15808] netlink: 'syz.0.3597': attribute type 27 has an invalid length.
[  584.510813][T15808] netlink: 'syz.0.3597': attribute type 4 has an invalid length.
[  584.539916][T15808] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3597'.
[  584.821883][T15816] netlink: 'syz.3.3601': attribute type 2 has an invalid length.
[  584.981799][T15816] netlink: 'syz.3.3601': attribute type 1 has an invalid length.
[  585.012129][T15816] netlink: 9 bytes leftover after parsing attributes in process `syz.3.3601'.
[  585.237411][T15827] netlink: 'syz.2.3603': attribute type 13 has an invalid length.
[  585.256070][T15827] netlink: 24859 bytes leftover after parsing attributes in process `syz.2.3603'.
[  585.667557][T15839] mac80211_hwsim hwsim18 wlan1: entered allmulticast mode
[  587.354476][T15871] netlink: 1041 bytes leftover after parsing attributes in process `syz.0.3620'.
[  588.239641][T15901] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3631'.
[  589.748979][T15912] netlink: 'syz.2.3634': attribute type 1 has an invalid length.
[  589.806697][T15912] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.3634'.
[  592.350722][T15929] netlink: 'syz.1.3641': attribute type 3 has an invalid length.
[  592.381963][T15929] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3641'.
[  592.463896][T15931] netlink: 'syz.3.3642': attribute type 39 has an invalid length.
[  592.584162][T15933] FAULT_INJECTION: forcing a failure.
[  592.584162][T15933] name failslab, interval 1, probability 0, space 0, times 0
[  592.624936][T15937] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.3645'.
[  592.649597][T15933] CPU: 0 PID: 15933 Comm: syz.2.3643 Not tainted syzkaller #0
[  592.657152][T15933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  592.667363][T15933] Call Trace:
[  592.670690][T15933]  <TASK>
[  592.673672][T15933]  dump_stack_lvl+0x18c/0x250
[  592.678419][T15933]  ? show_regs_print_info+0x20/0x20
[  592.683688][T15933]  ? load_image+0x420/0x420
[  592.688336][T15933]  ? __lock_acquire+0x7d40/0x7d40
[  592.693419][T15933]  ? nf_nat_ipv4_local_fn+0x1de/0x530
[  592.698948][T15933]  should_fail_ex+0x39d/0x4d0
[  592.703700][T15933]  should_failslab+0x9/0x20
[  592.708276][T15933]  slab_pre_alloc_hook+0x59/0x310
[  592.713363][T15933]  ? nf_hook+0xa2/0x390
[  592.717584][T15933]  kmem_cache_alloc+0x5a/0x2d0
[  592.722438][T15933]  ? skb_clone+0x1eb/0x370
[  592.728051][T15933]  skb_clone+0x1eb/0x370
[  592.732356][T15933]  ? ip_mc_output+0x1de/0x580
[  592.737098][T15933]  ip_mc_output+0x1eb/0x580
[  592.741671][T15933]  ip_send_skb+0x12f/0x1d0
[  592.746160][T15933]  raw_sendmsg+0x163e/0x1c00
[  592.750833][T15933]  ? compat_raw_ioctl+0x70/0x70
[  592.755784][T15933]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  592.762285][T15933]  ? sock_rps_record_flow+0x19/0x3f0
[  592.767635][T15933]  ? inet_sendmsg+0x7c/0x2f0
[  592.772261][T15933]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  592.777613][T15933]  ? security_socket_sendmsg+0x80/0xa0
[  592.783123][T15933]  ? inet_send_prepare+0x260/0x260
[  592.788279][T15933]  ____sys_sendmsg+0x5ba/0x960
[  592.793081][T15933]  ? __lock_acquire+0x7d40/0x7d40
[  592.798359][T15933]  ? __sys_sendmsg_sock+0x30/0x30
[  592.803423][T15933]  ? __import_iovec+0x3fa/0x850
[  592.808333][T15933]  ? import_iovec+0x73/0xa0
[  592.812893][T15933]  ___sys_sendmsg+0x2a6/0x360
[  592.817601][T15933]  ? get_pid_task+0x20/0x1e0
[  592.822326][T15933]  ? __sys_sendmsg+0x2a0/0x2a0
[  592.827136][T15933]  ? __lock_acquire+0x7d40/0x7d40
[  592.832239][T15933]  __se_sys_sendmsg+0x1c2/0x2b0
[  592.837562][T15933]  ? __x64_sys_sendmsg+0x80/0x80
[  592.842546][T15933]  ? lockdep_hardirqs_on+0x98/0x150
[  592.847805][T15933]  do_syscall_64+0x55/0xa0
[  592.852365][T15933]  ? clear_bhb_loop+0x40/0x90
[  592.857090][T15933]  ? clear_bhb_loop+0x40/0x90
[  592.861813][T15933]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  592.867755][T15933] RIP: 0033:0x7f541159ce59
[  592.872200][T15933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  592.891838][T15933] RSP: 002b:00007f54123c5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  592.900289][T15933] RAX: ffffffffffffffda RBX: 00007f5411815fa0 RCX: 00007f541159ce59
[  592.908290][T15933] RDX: 0000000000000000 RSI: 0000200000001000 RDI: 0000000000000003
[  592.916390][T15933] RBP: 00007f54123c5090 R08: 0000000000000000 R09: 0000000000000000
[  592.924409][T15933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  592.932409][T15933] R13: 00007f5411816038 R14: 00007f5411815fa0 R15: 00007ffeeb5fa038
[  592.940424][T15933]  </TASK>
[  593.075746][T15939] netlink: 'syz.1.3646': attribute type 4 has an invalid length.
[  593.091903][T15939] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3646'.
[  593.213550][T15941] syzkaller0: entered promiscuous mode
[  593.235079][T15941] syzkaller0: entered allmulticast mode
[  594.572128][T15967] netlink: 'syz.2.3655': attribute type 1 has an invalid length.
[  594.641637][T15967] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.3655'.
[  598.005224][T16007] pim6reg1: entered promiscuous mode
[  598.010605][T16007] pim6reg1: entered allmulticast mode
[  598.381096][T16014] netlink: 'syz.1.3671': attribute type 9 has an invalid length.
[  598.418639][T16014] netlink: 154020 bytes leftover after parsing attributes in process `syz.1.3671'.
[  598.501026][T16014] hsr0: left allmulticast mode
[  598.518797][T16014] hsr_slave_0: left allmulticast mode
[  598.529185][T16014] bridge0: port 2(hsr0) entered disabled state
[  598.545450][T16014] bond0: left allmulticast mode
[  598.550776][T16014] bond_slave_0: left allmulticast mode
[  598.559138][T16014] bond_slave_1: left allmulticast mode
[  598.567841][T16014] bridge_slave_1: left allmulticast mode
[  598.584956][T16014] bridge0: port 3(bond0) entered disabled state
[  598.598750][T16014] bridge_slave_0: left promiscuous mode
[  598.609655][T16014] bridge0: port 1(bridge_slave_0) entered disabled state
[  599.625556][T16025] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3674'.
[  599.759316][T16034] netlink: 'syz.1.3679': attribute type 14 has an invalid length.
[  599.777404][T16034] netlink: 164 bytes leftover after parsing attributes in process `syz.1.3679'.
[  600.267040][T16040] netlink: 'syz.2.3682': attribute type 39 has an invalid length.
[  601.198466][T16070] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3690'.
[  601.257273][ T3470] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  602.401189][T16101] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3703'.
[  602.614438][T16103] tap0: tun_chr_ioctl cmd 1074025677
[  602.624535][T16103] tap0: linktype set to 778
[  602.652533][T16103] tap0: tun_chr_ioctl cmd 2147767511
[  603.388947][T16129] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3715'.
[  603.522894][T16128] syzkaller0: entered promiscuous mode
[  603.547007][T16128] syzkaller0: entered allmulticast mode
[  603.627655][T16138] syz.3.3717[16138] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  603.627910][T16138] syz.3.3717[16138] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  604.004842][T16146] FAULT_INJECTION: forcing a failure.
[  604.004842][T16146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  604.090208][T16146] CPU: 1 PID: 16146 Comm: syz.2.3720 Not tainted syzkaller #0
[  604.097997][T16146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  604.108156][T16146] Call Trace:
[  604.111514][T16146]  <TASK>
[  604.114526][T16146]  dump_stack_lvl+0x18c/0x250
[  604.119410][T16146]  ? show_regs_print_info+0x20/0x20
[  604.124725][T16146]  ? load_image+0x420/0x420
[  604.129341][T16146]  ? __might_fault+0xaa/0x120
[  604.134111][T16146]  ? __lock_acquire+0x7d40/0x7d40
[  604.139243][T16146]  should_fail_ex+0x39d/0x4d0
[  604.144032][T16146]  _copy_to_user+0x2f/0xa0
[  604.148550][T16146]  generic_map_lookup_batch+0x8bd/0xc60
[  604.154244][T16146]  ? bpf_map_update_value+0x720/0x720
[  604.159813][T16146]  ? __fdget+0x180/0x210
[  604.164155][T16146]  ? bpf_map_update_value+0x720/0x720
[  604.169601][T16146]  bpf_map_do_batch+0x2cb/0x610
[  604.174537][T16146]  ? bpf_lsm_bpf+0x9/0x10
[  604.178967][T16146]  ? security_bpf+0x7e/0xa0
[  604.183589][T16146]  __sys_bpf+0x7d7/0x890
[  604.187939][T16146]  ? bpf_link_show_fdinfo+0x390/0x390
[  604.193469][T16146]  ? lock_chain_count+0x20/0x20
[  604.198456][T16146]  __x64_sys_bpf+0x7c/0x90
[  604.202974][T16146]  do_syscall_64+0x55/0xa0
[  604.207481][T16146]  ? clear_bhb_loop+0x40/0x90
[  604.212215][T16146]  ? clear_bhb_loop+0x40/0x90
[  604.216967][T16146]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  604.222934][T16146] RIP: 0033:0x7f541159ce59
[  604.227425][T16146] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  604.247086][T16146] RSP: 002b:00007f54123c5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  604.255573][T16146] RAX: ffffffffffffffda RBX: 00007f5411815fa0 RCX: 00007f541159ce59
[  604.263599][T16146] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  604.271621][T16146] RBP: 00007f54123c5090 R08: 0000000000000000 R09: 0000000000000000
[  604.279638][T16146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  604.287661][T16146] R13: 00007f5411816038 R14: 00007f5411815fa0 R15: 00007ffeeb5fa038
[  604.295727][T16146]  </TASK>
[  608.219321][T16158] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3725'.
[  610.545087][T16179] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3734'.
[  610.941620][T16133] netlink: 'syz.0.3716': attribute type 19 has an invalid length.
[  610.951161][T16133] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3716'.
[  610.961677][T16141] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.3719'.
[  611.448003][T16197] netlink: 'syz.0.3745': attribute type 10 has an invalid length.
[  611.474109][T16197] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3745'.
[  611.503987][T16197] caif0: entered promiscuous mode
[  611.509406][T16197] caif0: entered allmulticast mode
[  611.523688][T16200] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3743'.
[  611.543061][T16197] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  611.584113][T16202] netlink: 'syz.0.3745': attribute type 27 has an invalid length.
[  611.640218][T16202] netlink: 'syz.0.3745': attribute type 4 has an invalid length.
[  611.681941][T16202] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3745'.
[  612.095607][T16210] netlink: 209820 bytes leftover after parsing attributes in process `syz.0.3748'.
[  612.234381][T16219] netlink: 'syz.2.3751': attribute type 4 has an invalid length.
[  612.249899][T16219] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3751'.
[  612.304648][T16219] .`: renamed from bond0 (while UP)
[  612.334432][T16223] netlink: 15231 bytes leftover after parsing attributes in process `syz.2.3751'.
[  612.367960][T16224] FAULT_INJECTION: forcing a failure.
[  612.367960][T16224] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  612.383222][T16224] CPU: 1 PID: 16224 Comm: syz.0.3753 Not tainted syzkaller #0
[  612.390762][T16224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  612.400871][T16224] Call Trace:
[  612.404204][T16224]  <TASK>
[  612.407183][T16224]  dump_stack_lvl+0x18c/0x250
[  612.411941][T16224]  ? show_regs_print_info+0x20/0x20
[  612.417215][T16224]  ? load_image+0x420/0x420
[  612.421784][T16224]  ? __might_fault+0xaa/0x120
[  612.426517][T16224]  ? __lock_acquire+0x7d40/0x7d40
[  612.431610][T16224]  should_fail_ex+0x39d/0x4d0
[  612.436364][T16224]  _copy_to_user+0x2f/0xa0
[  612.440860][T16224]  generic_map_lookup_batch+0x860/0xc60
[  612.446480][T16224]  ? bpf_map_update_value+0x720/0x720
[  612.451909][T16224]  ? __fdget+0x180/0x210
[  612.456210][T16224]  ? bpf_map_update_value+0x720/0x720
[  612.461676][T16224]  bpf_map_do_batch+0x2cb/0x610
[  612.466586][T16224]  ? bpf_lsm_bpf+0x9/0x10
[  612.470981][T16224]  ? security_bpf+0x7e/0xa0
[  612.475556][T16224]  __sys_bpf+0x7d7/0x890
[  612.479850][T16224]  ? bpf_link_show_fdinfo+0x390/0x390
[  612.486978][T16224]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  612.493213][T16224]  __x64_sys_bpf+0x7c/0x90
[  612.497681][T16224]  do_syscall_64+0x55/0xa0
[  612.502260][T16224]  ? clear_bhb_loop+0x40/0x90
[  612.507098][T16224]  ? clear_bhb_loop+0x40/0x90
[  612.511831][T16224]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  612.517774][T16224] RIP: 0033:0x7fae7f79ce59
[  612.522228][T16224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  612.541882][T16224] RSP: 002b:00007fae8066d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  612.550337][T16224] RAX: ffffffffffffffda RBX: 00007fae7fa15fa0 RCX: 00007fae7f79ce59
[  612.558432][T16224] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  612.566444][T16224] RBP: 00007fae8066d090 R08: 0000000000000000 R09: 0000000000000000
[  612.574442][T16224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  612.582440][T16224] R13: 00007fae7fa16038 R14: 00007fae7fa15fa0 R15: 00007ffedf64ba18
[  612.590662][T16224]  </TASK>
[  612.742961][T16228] netlink: 'syz.2.3755': attribute type 21 has an invalid length.
[  612.751010][T16228] netlink: 'syz.2.3755': attribute type 4 has an invalid length.
[  612.915744][T16236] IPv6: Can't replace route, no match found
[  612.956670][T16236] IPv6: Can't replace route, no match found
[  613.231381][T16246] __nla_validate_parse: 2 callbacks suppressed
[  613.273750][T16246] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.3761'.
[  613.558545][T16252] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3764'.
[  613.895823][T16263] sit0: entered allmulticast mode
[  614.148281][T16264] sit0: entered promiscuous mode
[  614.404504][T16262] delete_channel: no stack
[  614.574739][T16276] netlink: 'syz.1.3774': attribute type 10 has an invalid length.
[  614.605014][T16276] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3774'.
[  614.645255][T16276] caif0: entered promiscuous mode
[  614.655155][T16276] caif0: entered allmulticast mode
[  614.669991][T16276] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  614.723941][T16279] netlink: 'syz.1.3774': attribute type 27 has an invalid length.
[  614.766490][T16279] netlink: 'syz.1.3774': attribute type 4 has an invalid length.
[  614.841893][T16279] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3774'.
[  615.825937][T16314] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3788'.
[  615.851331][T16314] caif0: entered promiscuous mode
[  615.857374][T16314] caif0: entered allmulticast mode
[  615.863779][T16314] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  615.911352][T16314] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3788'.
[  616.374140][T16333] validate_nla: 3 callbacks suppressed
[  616.374193][T16333] netlink: 'syz.1.3794': attribute type 3 has an invalid length.
[  616.389049][T16333] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3794'.
[  616.545067][T16340] netlink: 'syz.1.3797': attribute type 10 has an invalid length.
[  616.599439][T16340] team0: Device ipvlan1 failed to register rx_handler
[  616.671620][T16345] netlink: 'syz.1.3797': attribute type 10 has an invalid length.
[  616.695987][T16345] team0: Device wg1 is up. Set it down before adding it as a team port
[  617.074226][T16357] syz.1.3810: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  617.103877][T16359] netlink: 'syz.3.3802': attribute type 10 has an invalid length.
[  617.104080][T16359] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3802'.
[  617.143213][T16359] caif0: entered promiscuous mode
[  617.146878][T16357] CPU: 0 PID: 16357 Comm: syz.1.3810 Not tainted syzkaller #0
[  617.149301][T16359] caif0: entered allmulticast mode
[  617.155835][T16357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  617.155852][T16357] Call Trace:
[  617.155863][T16357]  <TASK>
[  617.155873][T16357]  dump_stack_lvl+0x18c/0x250
[  617.155911][T16357]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  617.155944][T16357]  ? show_regs_print_info+0x20/0x20
[  617.155974][T16357]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  617.156019][T16357]  warn_alloc+0x246/0x340
[  617.156059][T16357]  ? zone_watermark_ok_safe+0x230/0x230
[  617.156103][T16357]  ? kasan_set_track+0x5f/0x70
[  617.156126][T16357]  ? kasan_set_track+0x4e/0x70
[  617.156147][T16357]  ? __kasan_kmalloc+0x8f/0xa0
[  617.156171][T16357]  ? xsk_init_queue+0xad/0x100
[  617.156305][T16357]  ? xsk_setsockopt+0x4e5/0x760
[  617.156332][T16357]  ? do_sock_setsockopt+0x175/0x1a0
[  617.156354][T16357]  ? __x64_sys_setsockopt+0x182/0x200
[  617.156388][T16357]  __vmalloc_node_range+0x126/0x1330
[  617.156451][T16357]  ? free_vm_area+0x50/0x50
[  617.156493][T16357]  vmalloc_user+0x74/0x80
[  617.156524][T16357]  ? xskq_create+0xbf/0x170
[  617.156553][T16357]  xskq_create+0xbf/0x170
[  617.156587][T16357]  xsk_init_queue+0xad/0x100
[  617.156619][T16357]  xsk_setsockopt+0x4e5/0x760
[  617.156653][T16357]  ? xsk_poll+0x680/0x680
[  617.213351][T16359] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  617.215107][T16357]  ? __fget_files+0x28/0x4b0
[  617.215147][T16357]  ? __fget_files+0x28/0x4b0
[  617.215177][T16357]  ? aa_sock_opt_perm+0x74/0x100
[  617.215209][T16357]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  617.215238][T16357]  ? security_socket_setsockopt+0x7e/0xa0
[  617.322983][T16357]  ? xsk_poll+0x680/0x680
[  617.327459][T16357]  do_sock_setsockopt+0x175/0x1a0
[  617.332582][T16357]  ? __fdget+0x180/0x210
[  617.336907][T16357]  __x64_sys_setsockopt+0x182/0x200
[  617.342178][T16357]  do_syscall_64+0x55/0xa0
[  617.346649][T16357]  ? clear_bhb_loop+0x40/0x90
[  617.351392][T16357]  ? clear_bhb_loop+0x40/0x90
[  617.356146][T16357]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  617.362105][T16357] RIP: 0033:0x7fdf3859ce59
[  617.366571][T16357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  617.386242][T16357] RSP: 002b:00007fdf394a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  617.394818][T16357] RAX: ffffffffffffffda RBX: 00007fdf38815fa0 RCX: 00007fdf3859ce59
[  617.402944][T16357] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000008
[  617.410976][T16357] RBP: 00007fdf38632d6f R08: 0000000000000004 R09: 0000000000000000
[  617.419003][T16357] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  617.427032][T16357] R13: 00007fdf38816038 R14: 00007fdf38815fa0 R15: 00007ffe792f3df8
[  617.435088][T16357]  </TASK>
[  617.486072][T16359] netlink: 'syz.3.3802': attribute type 27 has an invalid length.
[  617.497210][T16359] netlink: 'syz.3.3802': attribute type 4 has an invalid length.
[  617.552306][T16357] Mem-Info:
[  617.555928][T16357] active_anon:7199 inactive_anon:0 isolated_anon:0
[  617.555928][T16357]  active_file:18733 inactive_file:40163 isolated_file:0
[  617.555928][T16357]  unevictable:768 dirty:166 writeback:0
[  617.555928][T16357]  slab_reclaimable:10574 slab_unreclaimable:94221
[  617.555928][T16357]  mapped:24706 shmem:1361 pagetables:539
[  617.555928][T16357]  sec_pagetables:0 bounce:0
[  617.555928][T16357]  kernel_misc_reclaimable:0
[  617.555928][T16357]  free:1336259 free_pcp:13562 free_cma:0
[  617.605344][T16357] Node 0 active_anon:28796kB inactive_anon:0kB active_file:74932kB inactive_file:160452kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98824kB dirty:664kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10952kB pagetables:2156kB sec_pagetables:0kB all_unreclaimable? no
[  617.626012][T16359] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3802'.
[  617.665447][T16357] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  617.698074][T16357] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  617.728378][T16357] lowmem_reserve[]: 0 2521 2522 2522 2522
[  617.737880][T16357] Node 0 DMA32 free:1439104kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:28860kB inactive_anon:0kB active_file:74932kB inactive_file:159624kB unevictable:1536kB writepending:664kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:31188kB local_pcp:16576kB free_cma:0kB
[  617.809937][T16357] lowmem_reserve[]: 0 0 0 0 0
[  617.815854][T16357] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  617.882082][T16357] lowmem_reserve[]: 0 0 0 0 0
[  617.895185][T16357] Node 1 Normal free:3890572kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:22888kB local_pcp:10116kB free_cma:0kB
[  617.926887][T16357] lowmem_reserve[]: 0 0 0 0 0
[  617.951164][T16357] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  617.965361][T16357] Node 0 DMA32: 624*4kB (UME) 1132*8kB (UME) 1034*16kB (UME) 504*32kB (UME) 231*64kB (UME) 178*128kB (UM) 72*256kB (UME) 41*512kB (UME) 21*1024kB (UME) 7*2048kB (UM) 313*4096kB (UM) = 1439104kB
[  618.028501][T16357] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  618.061663][T16357] Node 1 Normal: 239*4kB (UM) 56*8kB (UME) 45*16kB (UME) 38*32kB (UME) 18*64kB (UE) 8*128kB (UME) 0*256kB 2*512kB (UM) 1*1024kB (U) 2*2048kB (UE) 947*4096kB (M) = 3890572kB
[  618.120336][T16357] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  618.136227][T16357] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  618.151375][T16357] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  618.181842][T16357] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  618.194347][T16357] 60259 total pagecache pages
[  618.199094][T16357] 0 pages in swap cache
[  618.231550][T16357] Free swap  = 124996kB
[  618.235799][T16357] Total swap = 124996kB
[  618.240005][T16357] 2097051 pages RAM
[  618.271199][T16357] 0 pages HighMem/MovableOnly
[  618.276221][T16357] 416927 pages reserved
[  618.280465][T16357] 0 pages cma reserved
[  618.400956][T16388] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3815'.
[  618.548337][T16394] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.3818'.
[  618.558228][T16394] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.3818'.
[  618.577802][T16394] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3818'.
[  619.604602][T16416] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3827'.
[  622.307238][T16449] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3837'.
[  622.487156][T16456] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3840'.
[  622.527436][T16458] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3848'.
[  623.285613][T16487] netlink: 'syz.0.3859': attribute type 4 has an invalid length.
[  623.330568][T16487] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.3859'.
[  624.486702][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  624.493239][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  624.676647][T16541] netlink: 'syz.3.3873': attribute type 12 has an invalid length.
[  624.687316][T16541] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3873'.
[  625.005577][T16561] IPv6: NLM_F_CREATE should be specified when creating new route
[  625.105250][T16561] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3880'.
[  625.299311][T16573] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3885'.
[  625.462771][T16579] netlink: 'syz.1.3888': attribute type 2 has an invalid length.
[  625.586013][T16586] netlink: 63503 bytes leftover after parsing attributes in process `syz.0.3891'.
[  625.879776][T16599] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.3897'.
[  626.097147][T16609] netlink: 'syz.2.3900': attribute type 3 has an invalid length.
[  626.122763][T16609] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.3900'.
[  626.498924][T16629] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.3909'.
[  626.630100][T16631] netlink: 'syz.3.3910': attribute type 25 has an invalid length.
[  626.639158][T16631] netlink: 'syz.3.3910': attribute type 29 has an invalid length.
[  627.072938][T16650] netlink: 'syz.2.3918': attribute type 39 has an invalid length.
[  627.598782][T16662] netlink: 'syz.2.3924': attribute type 4 has an invalid length.
[  627.611690][T16662] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3924'.
[  630.187910][T16703] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.3938'.
[  630.361960][T16706] netlink: 212424 bytes leftover after parsing attributes in process `syz.0.3939'.
[  631.020388][T16729] netlink: 'syz.3.3949': attribute type 10 has an invalid length.
[  631.358758][T16733] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3950'.
[  631.535047][T16737] netlink: 212424 bytes leftover after parsing attributes in process `syz.1.3951'.
[  631.704379][ T5784] Bluetooth: hci4: ISO packet for unknown connection handle 2622
[  631.726055][T16744] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.3953'.
[  631.993988][T16750] netlink: 'syz.3.3953': attribute type 10 has an invalid length.
[  632.004929][T16750] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  632.048666][T16752] FAULT_INJECTION: forcing a failure.
[  632.048666][T16752] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  632.082027][T16752] CPU: 0 PID: 16752 Comm: syz.2.3956 Not tainted syzkaller #0
[  632.089576][T16752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  632.099693][T16752] Call Trace:
[  632.103018][T16752]  <TASK>
[  632.105991][T16752]  dump_stack_lvl+0x18c/0x250
[  632.110738][T16752]  ? show_regs_print_info+0x20/0x20
[  632.116013][T16752]  ? load_image+0x420/0x420
[  632.120583][T16752]  ? __might_fault+0xaa/0x120
[  632.125318][T16752]  ? __lock_acquire+0x7d40/0x7d40
[  632.130420][T16752]  should_fail_ex+0x39d/0x4d0
[  632.135198][T16752]  _copy_to_user+0x2f/0xa0
[  632.139695][T16752]  generic_map_lookup_batch+0x8bd/0xc60
[  632.145348][T16752]  ? bpf_map_update_value+0x720/0x720
[  632.150808][T16752]  ? __fdget+0x180/0x210
[  632.155124][T16752]  ? bpf_map_update_value+0x720/0x720
[  632.160545][T16752]  bpf_map_do_batch+0x2cb/0x610
[  632.165453][T16752]  ? bpf_lsm_bpf+0x9/0x10
[  632.169832][T16752]  ? security_bpf+0x7e/0xa0
[  632.174406][T16752]  __sys_bpf+0x7d7/0x890
[  632.178731][T16752]  ? bpf_link_show_fdinfo+0x390/0x390
[  632.184204][T16752]  ? lock_chain_count+0x20/0x20
[  632.189226][T16752]  __x64_sys_bpf+0x7c/0x90
[  632.193703][T16752]  do_syscall_64+0x55/0xa0
[  632.198161][T16752]  ? clear_bhb_loop+0x40/0x90
[  632.202888][T16752]  ? clear_bhb_loop+0x40/0x90
[  632.207624][T16752]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  632.213566][T16752] RIP: 0033:0x7f541159ce59
[  632.218034][T16752] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  632.237692][T16752] RSP: 002b:00007f54123a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  632.246166][T16752] RAX: ffffffffffffffda RBX: 00007f5411816090 RCX: 00007f541159ce59
[  632.254182][T16752] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  632.262200][T16752] RBP: 00007f54123a4090 R08: 0000000000000000 R09: 0000000000000000
[  632.270214][T16752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  632.278228][T16752] R13: 00007f5411816128 R14: 00007f5411816090 R15: 00007ffeeb5fa038
[  632.286283][T16752]  </TASK>
[  632.483653][T14760] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  632.812093][T16766] netlink: 'syz.3.3962': attribute type 4 has an invalid length.
[  632.819908][T16766] netlink: 'syz.3.3962': attribute type 16 has an invalid length.
[  632.870618][T16766] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3962'.
[  633.033537][T16771] netlink: 'syz.2.3964': attribute type 9 has an invalid length.
[  633.046420][T16771] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3964'.
[  633.574716][T16780] netlink: 212424 bytes leftover after parsing attributes in process `syz.3.3965'.
[  635.598457][T16821] netlink: 12159 bytes leftover after parsing attributes in process `syz.2.3982'.
[  635.877449][T16828] netlink: 'syz.3.3986': attribute type 21 has an invalid length.
[  635.927203][T16828] netlink: 'syz.3.3986': attribute type 6 has an invalid length.
[  635.947243][T16828] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3986'.
[  636.176556][T16836] netlink: 'syz.2.3988': attribute type 10 has an invalid length.
[  636.998204][T16836] team0: Port device macvlan0 added
[  637.402081][T16855] netlink: 63503 bytes leftover after parsing attributes in process `syz.1.3994'.
[  638.179650][T16872] netlink: 'syz.2.3999': attribute type 21 has an invalid length.
[  638.200788][T16872] netlink: 'syz.2.3999': attribute type 6 has an invalid length.
[  638.220609][T16872] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3999'.
[  638.519501][T16882] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.4002'.
[  639.576374][T16908] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.4014'.
[  641.343594][T16935] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4024'.
[  641.364311][T16932] netlink: 128 bytes leftover after parsing attributes in process `syz.0.4021'.
[  641.455706][T16932] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  641.815377][T16938] netlink: 'syz.2.4026': attribute type 4 has an invalid length.
[  641.853951][T16938] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4026'.
[  642.965802][T16954] Ÿë
: port 2(gretap0) entered blocking state
[  642.980285][T16954] Ÿë
: port 2(gretap0) entered disabled state
[  643.011309][T16954] gretap0: entered allmulticast mode
[  643.073179][T16954] gretap0: entered promiscuous mode
[  643.160713][T16960] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4034'.
[  645.014098][T17000] netlink: 'syz.1.4047': attribute type 29 has an invalid length.
[  645.056434][T17002] Ÿë
: port 1(gretap0) entered blocking state
[  645.095528][T17002] Ÿë
: port 1(gretap0) entered disabled state
[  645.131731][T17002] gretap0: entered allmulticast mode
[  645.154311][T17002] gretap0: entered promiscuous mode
[  645.172856][T17000] netlink: 'syz.1.4047': attribute type 29 has an invalid length.
[  646.786155][T17036] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4059'.
[  646.817040][T17036] netlink: set zone limit has 4 unknown bytes
[  646.856601][T17036] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4059'.
[  646.903586][T17036] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  646.922828][T17036] CPU: 1 PID: 17036 Comm: syz.3.4059 Not tainted syzkaller #0
[  646.930391][T17036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  646.940685][T17036] Call Trace:
[  646.944023][T17036]  <TASK>
[  646.947008][T17036]  dump_stack_lvl+0x18c/0x250
[  646.951762][T17036]  ? show_regs_print_info+0x20/0x20
[  646.957033][T17036]  ? load_image+0x420/0x420
[  646.961618][T17036]  sysfs_warn_dup+0x8e/0xa0
[  646.966182][T17036]  sysfs_do_create_link_sd+0xc0/0x110
[  646.971639][T17036]  device_add_class_symlinks+0x1cf/0x240
[  646.977405][T17036]  device_add+0x507/0xc20
[  646.981800][T17036]  wiphy_register+0x1dad/0x2ae0
[  646.986836][T17036]  ? cfg80211_event_work+0x40/0x40
[  646.992008][T17036]  ? minstrel_ht_alloc+0x88a/0x990
[  646.997279][T17036]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  647.003443][T17036]  ieee80211_register_hw+0x3464/0x4250
[  647.009015][T17036]  ? ieee80211_tasklet_handler+0x20/0x20
[  647.014695][T17036]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  647.020717][T17036]  ? __debug_object_init+0xec/0x450
[  647.025975][T17036]  ? __asan_memset+0x22/0x40
[  647.030605][T17036]  ? __hrtimer_init+0x186/0x270
[  647.035501][T17036]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  647.041326][T17036]  ? mac80211_hwsim_free+0x220/0x220
[  647.046659][T17036]  ? rcu_is_watching+0x15/0xb0
[  647.051470][T17036]  ? kstrndup+0xbd/0x140
[  647.055774][T17036]  hwsim_new_radio_nl+0xdc9/0x1a90
[  647.060921][T17036]  ? __nla_validate+0x50/0x50
[  647.065639][T17036]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  647.072018][T17036]  ? __nla_parse+0x40/0x50
[  647.076473][T17036]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  647.082932][T17036]  genl_family_rcv_msg_doit+0x211/0x310
[  647.088519][T17036]  ? end_current_label_crit_section+0x170/0x170
[  647.094807][T17036]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  647.100747][T17036]  ? bpf_lsm_capable+0x9/0x10
[  647.105467][T17036]  ? security_capable+0x89/0xb0
[  647.110456][T17036]  genl_rcv_msg+0x619/0x7a0
[  647.115000][T17036]  ? genl_bind+0x360/0x360
[  647.119448][T17036]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  647.125851][T17036]  ? ref_tracker_free+0x690/0x840
[  647.130932][T17036]  netlink_rcv_skb+0x241/0x4d0
[  647.135817][T17036]  ? genl_bind+0x360/0x360
[  647.140268][T17036]  ? netlink_ack+0x1180/0x1180
[  647.145084][T17036]  ? __lock_acquire+0x7d40/0x7d40
[  647.150150][T17036]  ? down_read+0x1ac/0x2e0
[  647.154609][T17036]  genl_rcv+0x28/0x40
[  647.158623][T17036]  netlink_unicast+0x751/0x8d0
[  647.163437][T17036]  netlink_sendmsg+0x8d0/0xbf0
[  647.168267][T17036]  ? netlink_getsockopt+0x590/0x590
[  647.173521][T17036]  ? aa_sock_msg_perm+0x94/0x150
[  647.178509][T17036]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  647.183833][T17036]  ? security_socket_sendmsg+0x80/0xa0
[  647.189322][T17036]  ? netlink_getsockopt+0x590/0x590
[  647.194561][T17036]  ____sys_sendmsg+0x5ba/0x960
[  647.199383][T17036]  ? __asan_memset+0x22/0x40
[  647.204007][T17036]  ? __sys_sendmsg_sock+0x30/0x30
[  647.209071][T17036]  ? __import_iovec+0x5f2/0x850
[  647.213968][T17036]  ? import_iovec+0x73/0xa0
[  647.218512][T17036]  ___sys_sendmsg+0x2a6/0x360
[  647.223225][T17036]  ? __sys_sendmsg+0x2a0/0x2a0
[  647.228062][T17036]  ? debug_mutex_init+0x38/0x70
[  647.232993][T17036]  __se_sys_sendmsg+0x1c2/0x2b0
[  647.237894][T17036]  ? __x64_sys_sendmsg+0x80/0x80
[  647.242884][T17036]  ? lockdep_hardirqs_on+0x98/0x150
[  647.248120][T17036]  do_syscall_64+0x55/0xa0
[  647.252565][T17036]  ? clear_bhb_loop+0x40/0x90
[  647.257279][T17036]  ? clear_bhb_loop+0x40/0x90
[  647.261995][T17036]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  647.267930][T17036] RIP: 0033:0x7fce3c59ce59
[  647.272382][T17036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  647.292027][T17036] RSP: 002b:00007fce3d448028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  647.300476][T17036] RAX: ffffffffffffffda RBX: 00007fce3c815fa0 RCX: 00007fce3c59ce59
[  647.308504][T17036] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  647.316520][T17036] RBP: 00007fce3c632d6f R08: 0000000000000000 R09: 0000000000000000
[  647.324620][T17036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  647.332633][T17036] R13: 00007fce3c816038 R14: 00007fce3c815fa0 R15: 00007ffcf18d33b8
[  647.340662][T17036]  </TASK>
[  648.671237][T17078] netlink: 'syz.3.4074': attribute type 21 has an invalid length.
[  648.680443][T17078] netlink: 16166 bytes leftover after parsing attributes in process `syz.3.4074'.
[  648.861861][T17084] FAULT_INJECTION: forcing a failure.
[  648.861861][T17084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  648.891887][T17084] CPU: 1 PID: 17084 Comm: syz.0.4076 Not tainted syzkaller #0
[  648.899519][T17084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  648.909635][T17084] Call Trace:
[  648.912967][T17084]  <TASK>
[  648.915943][T17084]  dump_stack_lvl+0x18c/0x250
[  648.920696][T17084]  ? show_regs_print_info+0x20/0x20
[  648.925953][T17084]  ? load_image+0x420/0x420
[  648.930519][T17084]  ? __might_fault+0xaa/0x120
[  648.935262][T17084]  ? __lock_acquire+0x7d40/0x7d40
[  648.940344][T17084]  should_fail_ex+0x39d/0x4d0
[  648.945088][T17084]  _copy_to_user+0x2f/0xa0
[  648.949564][T17084]  generic_map_lookup_batch+0x860/0xc60
[  648.955176][T17084]  ? bpf_map_update_value+0x720/0x720
[  648.960608][T17084]  ? bpf_map_update_value+0x720/0x720
[  648.966042][T17084]  ? bpf_map_do_batch+0x2c0/0x610
[  648.971146][T17084]  ? bpf_map_update_value+0x720/0x720
[  648.976665][T17084]  bpf_map_do_batch+0x2cb/0x610
[  648.981575][T17084]  __sys_bpf+0x7d7/0x890
[  648.985887][T17084]  ? bpf_link_show_fdinfo+0x390/0x390
[  648.991335][T17084]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  648.997576][T17084]  __x64_sys_bpf+0x7c/0x90
[  649.002045][T17084]  do_syscall_64+0x55/0xa0
[  649.006520][T17084]  ? clear_bhb_loop+0x40/0x90
[  649.011264][T17084]  ? clear_bhb_loop+0x40/0x90
[  649.016016][T17084]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  649.021962][T17084] RIP: 0033:0x7fae7f79ce59
[  649.026431][T17084] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  649.046252][T17084] RSP: 002b:00007fae8066d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  649.054737][T17084] RAX: ffffffffffffffda RBX: 00007fae7fa15fa0 RCX: 00007fae7f79ce59
[  649.062757][T17084] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  649.070778][T17084] RBP: 00007fae8066d090 R08: 0000000000000000 R09: 0000000000000000
[  649.078800][T17084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  649.086907][T17084] R13: 00007fae7fa16038 R14: 00007fae7fa15fa0 R15: 00007ffedf64ba18
[  649.094945][T17084]  </TASK>
[  650.607122][T17127] netlink: 'syz.2.4092': attribute type 10 has an invalid length.
[  650.635044][T17127] netlink: 55 bytes leftover after parsing attributes in process `syz.2.4092'.
[  651.309235][T17127] team0: Port device macvlan0 removed
[  651.415284][T17134] netlink: 'syz.3.4096': attribute type 39 has an invalid length.
[  651.755290][T17150] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4104'.
[  651.771991][T17150] openvswitch: netlink: Key type 4112 is out of range max 32
[  652.021407][T17159] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.4105'.
[  653.196882][T17178] netlink: 'syz.2.4114': attribute type 10 has an invalid length.
[  653.679587][T17191] netlink: 'syz.1.4117': attribute type 39 has an invalid length.
[  654.130754][T17202] syzkaller0: entered promiscuous mode
[  654.147079][T17202] syzkaller0: entered allmulticast mode
[  656.536478][T17228] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.4131'.
[  657.084199][T17251] netlink: 'syz.2.4141': attribute type 29 has an invalid length.
[  657.102459][T17251] netlink: 'syz.2.4141': attribute type 29 has an invalid length.
[  657.116831][T17252] netlink: 'syz.2.4141': attribute type 29 has an invalid length.
[  657.157016][T17251] netlink: 'syz.2.4141': attribute type 29 has an invalid length.
[  659.161207][T17297] netlink: 'syz.1.4155': attribute type 12 has an invalid length.
[  659.187513][T17297] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4155'.
[  659.984368][T17325] FAULT_INJECTION: forcing a failure.
[  659.984368][T17325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  660.072292][T17325] CPU: 0 PID: 17325 Comm: syz.3.4166 Not tainted syzkaller #0
[  660.079865][T17325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  660.090000][T17325] Call Trace:
[  660.093356][T17325]  <TASK>
[  660.096357][T17325]  dump_stack_lvl+0x18c/0x250
[  660.101127][T17325]  ? show_regs_print_info+0x20/0x20
[  660.106410][T17325]  ? load_image+0x420/0x420
[  660.111014][T17325]  ? __might_fault+0xaa/0x120
[  660.115779][T17325]  ? __lock_acquire+0x7d40/0x7d40
[  660.120897][T17325]  should_fail_ex+0x39d/0x4d0
[  660.125687][T17325]  _copy_to_user+0x2f/0xa0
[  660.130202][T17325]  generic_map_lookup_batch+0x860/0xc60
[  660.135890][T17325]  ? bpf_map_update_value+0x720/0x720
[  660.141359][T17325]  ? __fdget+0x180/0x210
[  660.145704][T17325]  ? bpf_map_update_value+0x720/0x720
[  660.151157][T17325]  bpf_map_do_batch+0x2cb/0x610
[  660.156095][T17325]  ? bpf_lsm_bpf+0x9/0x10
[  660.160511][T17325]  ? security_bpf+0x7e/0xa0
[  660.165111][T17325]  __sys_bpf+0x7d7/0x890
[  660.169443][T17325]  ? bpf_link_show_fdinfo+0x390/0x390
[  660.174952][T17325]  ? lock_chain_count+0x20/0x20
[  660.179913][T17325]  __x64_sys_bpf+0x7c/0x90
[  660.184419][T17325]  do_syscall_64+0x55/0xa0
[  660.188914][T17325]  ? clear_bhb_loop+0x40/0x90
[  660.193679][T17325]  ? clear_bhb_loop+0x40/0x90
[  660.198441][T17325]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  660.204419][T17325] RIP: 0033:0x7fce3c59ce59
[  660.208913][T17325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  660.228593][T17325] RSP: 002b:00007fce3d448028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  660.237101][T17325] RAX: ffffffffffffffda RBX: 00007fce3c815fa0 RCX: 00007fce3c59ce59
[  660.245150][T17325] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  660.253206][T17325] RBP: 00007fce3d448090 R08: 0000000000000000 R09: 0000000000000000
[  660.261268][T17325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  660.269307][T17325] R13: 00007fce3c816038 R14: 00007fce3c815fa0 R15: 00007ffcf18d33b8
[  660.277415][T17325]  </TASK>
[  660.913831][T17316] netlink: 'syz.2.4164': attribute type 25 has an invalid length.
[  660.922058][T17316] netlink: 'syz.2.4164': attribute type 1 has an invalid length.
[  660.945192][T17316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  662.461573][T17362] syzkaller0: entered promiscuous mode
[  662.490768][T17362] syzkaller0: entered allmulticast mode
[  663.518344][T14761] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  663.964640][T17402] netlink: 'syz.2.4198': attribute type 4 has an invalid length.
[  663.973768][T17402] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4198'.
[  666.219163][T17407] netlink: 'syz.2.4200': attribute type 39 has an invalid length.
[  666.235205][T17409] netlink: 'syz.0.4201': attribute type 25 has an invalid length.
[  666.261668][T17409] netlink: 'syz.0.4201': attribute type 1 has an invalid length.
[  666.269578][T17409] bridge0: port 1(bridge_slave_0) entered forwarding state
[  666.619980][T17430] netlink: 'syz.2.4208': attribute type 29 has an invalid length.
[  666.679043][T17430] netlink: 'syz.2.4208': attribute type 29 has an invalid length.
[  667.096614][T17430] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.4208'.
[  667.106796][T17430] bridge_slave_1: default FDB implementation only supports local addresses
[  667.182052][T17430] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4208'.
[  667.256797][T17430] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[  667.293869][T17444] FAULT_INJECTION: forcing a failure.
[  667.293869][T17444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  667.330213][T17444] CPU: 0 PID: 17444 Comm: syz.3.4212 Not tainted syzkaller #0
[  667.337768][T17444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  667.347889][T17444] Call Trace:
[  667.351218][T17444]  <TASK>
[  667.354190][T17444]  dump_stack_lvl+0x18c/0x250
[  667.359019][T17444]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  667.365232][T17444]  ? show_regs_print_info+0x20/0x20
[  667.370489][T17444]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  667.376714][T17444]  ? dump_stack+0x9/0x20
[  667.381009][T17444]  should_fail_ex+0x39d/0x4d0
[  667.385758][T17444]  _copy_to_user+0x2f/0xa0
[  667.390236][T17444]  generic_map_lookup_batch+0x8bd/0xc60
[  667.395848][T17444]  ? bpf_map_update_value+0x720/0x720
[  667.401291][T17444]  ? __fdget+0x180/0x210
[  667.405638][T17444]  ? bpf_map_update_value+0x720/0x720
[  667.411063][T17444]  bpf_map_do_batch+0x2cb/0x610
[  667.415972][T17444]  ? bpf_lsm_bpf+0x9/0x10
[  667.420357][T17444]  ? security_bpf+0x7e/0xa0
[  667.424919][T17444]  __sys_bpf+0x7d7/0x890
[  667.429209][T17444]  ? bpf_link_show_fdinfo+0x390/0x390
[  667.434644][T17444]  ? lock_chain_count+0x20/0x20
[  667.439569][T17444]  __x64_sys_bpf+0x7c/0x90
[  667.444040][T17444]  do_syscall_64+0x55/0xa0
[  667.448690][T17444]  ? clear_bhb_loop+0x40/0x90
[  667.453427][T17444]  ? clear_bhb_loop+0x40/0x90
[  667.458161][T17444]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  667.464105][T17444] RIP: 0033:0x7fce3c59ce59
[  667.468573][T17444] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  667.488229][T17444] RSP: 002b:00007fce3d448028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  667.496719][T17444] RAX: ffffffffffffffda RBX: 00007fce3c815fa0 RCX: 00007fce3c59ce59
[  667.504746][T17444] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  667.512766][T17444] RBP: 00007fce3d448090 R08: 0000000000000000 R09: 0000000000000000
[  667.520788][T17444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  667.528817][T17444] R13: 00007fce3c816038 R14: 00007fce3c815fa0 R15: 00007ffcf18d33b8
[  667.536852][T17444]  </TASK>
[  667.575945][T17447] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4213'.
[  667.586219][T17447] tc_dump_action: action bad kind
[  669.246265][T17507] netlink: zone id is out of range
[  669.257421][T17507] netlink: set zone limit has 8 unknown bytes
[  669.950881][T17522] netlink: 'syz.0.4243': attribute type 1 has an invalid length.
[  670.045124][T17522] netlink: 1057 bytes leftover after parsing attributes in process `syz.0.4243'.
[  670.768969][T17522] syz.0.4243 (17522) used greatest stack depth: 18152 bytes left
[  672.147024][T17588] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  672.220746][T17591] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4273'.
[  672.247855][T17591] openvswitch: netlink: Tunnel attr 2548 out of range max 16
[  672.252589][T17592] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4273'.
[  672.285593][T17592] openvswitch: netlink: Tunnel attr 2548 out of range max 16
[  672.798756][T17610] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4281'.
[  672.835175][T17610] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  672.854237][T17615] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4281'.
[  672.855563][T17610] openvswitch: netlink: Message has 1 unknown bytes.
[  672.960649][T17615] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4281'.
[  672.991964][T17610] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4281'.
[  673.014533][T17615] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4281'.
[  673.974356][T17641] netlink: 'syz.3.4295': attribute type 10 has an invalid length.
[  674.033395][T17641] bridge_slave_1: left allmulticast mode
[  674.039395][T17641] bridge_slave_1: left promiscuous mode
[  674.048423][T17641] bridge0: port 2(bridge_slave_1) entered disabled state
[  674.129914][T17641] bridge_slave_1: entered promiscuous mode
[  674.144302][T17641] bridge_slave_1: entered allmulticast mode
[  674.148922][T17650] netlink: 135856 bytes leftover after parsing attributes in process `syz.2.4299'.
[  674.170443][T17641] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  674.375641][T17659] netlink: 'syz.1.4302': attribute type 2 has an invalid length.
[  674.401725][T17659] netlink: 'syz.1.4302': attribute type 8 has an invalid length.
[  674.409536][T17659] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4302'.
[  674.427210][T17658] cgroup: fork rejected by pids controller in /syz1
[  674.496390][T17661] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.4305'.
[  674.829729][T17770] netlink: 'syz.0.4308': attribute type 4 has an invalid length.
[  675.188394][T14760] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.385129][T14760] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.478168][T14760] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.620705][T14760] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.743190][T17795] netlink: 'syz.3.4317': attribute type 39 has an invalid length.
[  676.006782][T17791] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  676.672663][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  676.683323][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  676.691588][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  676.700394][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  676.710426][   T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  676.729560][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  676.957015][T14760] ip6gretap0 (unregistering): left allmulticast mode
[  676.984376][T14760] ip6gretap0 (unregistering): left promiscuous mode
[  676.991137][T14760] Ÿë
: port 1(ip6gretap0) entered disabled state
[  678.244384][T14760] gretap0 (unregistering): left allmulticast mode
[  678.294923][T14760] gretap0 (unregistering): left promiscuous mode
[  678.302449][T14760] Ÿë
: port 2(gretap0) entered disabled state
[  678.413402][T17850] netlink: 'syz.0.4331': attribute type 10 has an invalid length.
[  678.491133][T17850] bridge0: port 2(bridge_slave_1) entered disabled state
[  678.527221][T17850] bridge_slave_1: left allmulticast mode
[  678.551849][T17850] bridge_slave_1: left promiscuous mode
[  678.589200][T17850] bridge0: port 2(bridge_slave_1) entered disabled state
[  678.657537][T17850] bridge_slave_1: entered promiscuous mode
[  678.689728][T17850] bridge_slave_1: entered allmulticast mode
[  678.705553][T17850] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  678.802238][ T5784] Bluetooth: hci0: command tx timeout
[  679.111052][T17874] netlink: 'syz.2.4338': attribute type 10 has an invalid length.
[  679.131793][T17874] __nla_validate_parse: 3 callbacks suppressed
[  679.131830][T17874] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4338'.
[  679.223966][T17815] chnl_net:caif_netlink_parms(): no params data found
[  679.421357][T17886] netlink: 'syz.0.4341': attribute type 1 has an invalid length.
[  679.471848][T17886] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.4341'.
[  679.748525][T17899] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.4344'.
[  680.028544][T17815] bridge0: port 1(bridge_slave_0) entered blocking state
[  680.047845][T17815] bridge0: port 1(bridge_slave_0) entered disabled state
[  680.076529][T17815] bridge_slave_0: entered allmulticast mode
[  680.111693][T17815] bridge_slave_0: entered promiscuous mode
[  680.181249][T14760] vlan0: left allmulticast mode
[  680.202879][T14760] veth0_vlan: left allmulticast mode
[  680.208265][T14760] vlan0: left promiscuous mode
[  680.252029][T14760] À: port 1(vlan0) entered disabled state
[  680.293157][T14760] hsr_slave_0: left promiscuous mode
[  680.363209][T14760] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  680.381541][T14760] batman_adv: batadv0: Removing interface: batadv_slave_0
[  680.392605][T14760] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  680.436001][T14760] batman_adv: batadv0: Removing interface: batadv_slave_1
[  680.516460][T14760] veth1_macvtap: left promiscuous mode
[  680.539580][T14760] veth1_vlan: left promiscuous mode
[  680.547075][T14760] veth0_vlan: left promiscuous mode
[  680.881983][ T5784] Bluetooth: hci0: command tx timeout
[  681.071349][T17922] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4352'.
[  681.518402][T14760] team0 (unregistering): Port device team_slave_1 removed
[  681.624650][T14760] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  681.636618][T14760] bond_slave_1 (unregistering): left promiscuous mode
[  681.688688][T14760] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  681.699913][T14760] bond_slave_0 (unregistering): left promiscuous mode
[  681.751347][T14760] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  681.764817][T14760] bridge_slave_1 (unregistering): left promiscuous mode
[  682.108267][T14760] bond0 (unregistering): Released all slaves
[  682.149373][T17815] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.158922][T17815] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.176825][T17815] bridge_slave_1: entered allmulticast mode
[  682.184467][T17815] bridge_slave_1: entered promiscuous mode
[  682.205582][T17914] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4347'.
[  682.222000][T17913] netlink: 'syz.2.4348': attribute type 10 has an invalid length.
[  682.263378][T17913] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.287168][T17913] bridge_slave_1: left allmulticast mode
[  682.292988][T17913] bridge_slave_1: left promiscuous mode
[  682.298833][T17913] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.315177][T17913] bridge_slave_1: entered promiscuous mode
[  682.321199][T17913] bridge_slave_1: entered allmulticast mode
[  682.328188][T17913] .`: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  682.341973][T17922] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4352'.
[  682.427104][T17815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  682.490206][T17815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  682.526754][T17930] netlink: 'syz.2.4354': attribute type 4 has an invalid length.
[  682.565485][T17930] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4354'.
[  682.586205][T17934] FAULT_INJECTION: forcing a failure.
[  682.586205][T17934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.623041][T17934] CPU: 1 PID: 17934 Comm: syz.0.4355 Not tainted syzkaller #0
[  682.630767][T17934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  682.640938][T17934] Call Trace:
[  682.644265][T17934]  <TASK>
[  682.647243][T17934]  dump_stack_lvl+0x18c/0x250
[  682.648727][T17815] team0: Port device team_slave_0 added
[  682.651960][T17934]  ? show_regs_print_info+0x20/0x20
[  682.651996][T17934]  ? load_image+0x420/0x420
[  682.652031][T17934]  ? __might_fault+0xaa/0x120
[  682.669539][T17815] team0: Port device team_slave_1 added
[  682.672138][T17934]  ? __lock_acquire+0x7d40/0x7d40
[  682.672180][T17934]  should_fail_ex+0x39d/0x4d0
[  682.687545][T17934]  _copy_to_user+0x2f/0xa0
[  682.692010][T17934]  generic_map_lookup_batch+0x8bd/0xc60
[  682.697609][T17934]  ? bpf_map_update_value+0x720/0x720
[  682.703034][T17934]  ? __fdget+0x180/0x210
[  682.707328][T17934]  ? bpf_map_update_value+0x720/0x720
[  682.712727][T17934]  bpf_map_do_batch+0x2cb/0x610
[  682.717612][T17934]  ? bpf_lsm_bpf+0x9/0x10
[  682.721971][T17934]  ? security_bpf+0x7e/0xa0
[  682.726509][T17934]  __sys_bpf+0x7d7/0x890
[  682.730776][T17934]  ? bpf_link_show_fdinfo+0x390/0x390
[  682.736190][T17934]  ? lock_chain_count+0x20/0x20
[  682.741066][T17934]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  682.747086][T17934]  __x64_sys_bpf+0x7c/0x90
[  682.751534][T17934]  do_syscall_64+0x55/0xa0
[  682.755982][T17934]  ? clear_bhb_loop+0x40/0x90
[  682.760692][T17934]  ? clear_bhb_loop+0x40/0x90
[  682.765412][T17934]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  682.771334][T17934] RIP: 0033:0x7fae7f79ce59
[  682.775771][T17934] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  682.795418][T17934] RSP: 002b:00007fae8066d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  682.803867][T17934] RAX: ffffffffffffffda RBX: 00007fae7fa15fa0 RCX: 00007fae7f79ce59
[  682.811869][T17934] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  682.819873][T17934] RBP: 00007fae8066d090 R08: 0000000000000000 R09: 0000000000000000
[  682.827902][T17934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  682.835909][T17934] R13: 00007fae7fa16038 R14: 00007fae7fa15fa0 R15: 00007ffedf64ba18
[  682.843925][T17934]  </TASK>
[  682.872691][T17815] batman_adv: batadv0: Adding interface: batadv_slave_0
[  682.879706][T17815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  682.905977][T17815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  682.920946][T17815] batman_adv: batadv0: Adding interface: batadv_slave_1
[  682.930385][T17815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  682.971998][ T5784] Bluetooth: hci0: command tx timeout
[  682.999408][T17815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  683.256642][T17815] hsr_slave_0: entered promiscuous mode
[  683.294751][T17815] hsr_slave_1: entered promiscuous mode
[  684.200531][T17973] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4366'.
[  684.587997][T17963] syzkaller0: entered promiscuous mode
[  684.594618][T17963] syzkaller0: entered allmulticast mode
[  684.718683][T17984] netlink: 'syz.3.4370': attribute type 21 has an invalid length.
[  684.916084][T17815] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  684.937895][T17815] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  684.972350][T17815] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  685.000605][T17815] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  685.053582][ T5784] Bluetooth: hci0: command tx timeout
[  685.164463][T18006] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4376'.
[  685.246212][T17815] 8021q: adding VLAN 0 to HW filter on device bond0
[  685.308127][T17815] 8021q: adding VLAN 0 to HW filter on device team0
[  685.340487][T18009] netlink: 'syz.3.4377': attribute type 29 has an invalid length.
[  685.369970][ T3470] bridge0: port 1(bridge_slave_0) entered blocking state
[  685.377268][ T3470] bridge0: port 1(bridge_slave_0) entered forwarding state
[  685.407115][ T3470] bridge0: port 2(bridge_slave_1) entered blocking state
[  685.414400][ T3470] bridge0: port 2(bridge_slave_1) entered forwarding state
[  685.430121][T18009] netlink: 'syz.3.4377': attribute type 29 has an invalid length.
[  685.440795][T18014] netlink: 'syz.3.4377': attribute type 29 has an invalid length.
[  685.461845][T18013] netlink: 'syz.3.4377': attribute type 29 has an invalid length.
[  685.573556][T17815] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  685.609940][T17815] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  685.982211][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  685.988647][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  686.516161][T17815] 8021q: adding VLAN 0 to HW filter on device batadv0
[  686.557991][T18052] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4387'.
[  686.587926][T18043] can: request_module (can-proto-0) failed.
[  686.693698][T17815] veth0_vlan: entered promiscuous mode
[  686.740443][T17815] veth1_vlan: entered promiscuous mode
[  686.889130][T17815] veth0_macvtap: entered promiscuous mode
[  686.916728][T17815] veth1_macvtap: entered promiscuous mode
[  686.948369][T17815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.001681][T17815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.016978][T17815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.036536][T17815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.047793][T17815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.081821][T17815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.100088][T17815] batman_adv: batadv0: Interface activated: batadv_slave_0
[  687.113196][T17815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  687.142768][T17815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.168295][T17815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  687.201678][T17815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.221607][T17815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  687.241544][T17815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.285837][T17815] batman_adv: batadv0: Interface activated: batadv_slave_1
[  687.342352][T17815] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  687.351137][T17815] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  687.401542][T17815] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  687.410412][T17815] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  687.509800][T18085] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4398'.
[  687.631047][T18088] netlink: 'syz.2.4399': attribute type 1 has an invalid length.
[  687.640207][T18088] netlink: 112865 bytes leftover after parsing attributes in process `syz.2.4399'.
[  689.878630][T18086] netlink: 'syz.0.4396': attribute type 21 has an invalid length.
[  689.901557][T18086] netlink: 128 bytes leftover after parsing attributes in process `syz.0.4396'.
[  690.295747][T18108] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4400'.
[  690.956733][ T1137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  690.995468][ T1137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  691.152508][T14755] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  691.192910][T14755] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  691.805740][T18152] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4408'.
[  692.281547][T18170] netlink: 'syz.3.4415': attribute type 39 has an invalid length.
[  692.606986][T18176] netlink: 'syz.3.4418': attribute type 10 has an invalid length.
[  692.631723][T18176] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4418'.
[  692.927651][T18185] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4422'.
[  692.943293][T18177] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4418'.
[  693.714245][T18203] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.4425'.
[  694.428141][T18220] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4432'.
[  694.543431][T14753] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  694.624611][T18227] netlink: 'syz.3.4435': attribute type 17 has an invalid length.
[  694.677073][T18227] netlink: 65027 bytes leftover after parsing attributes in process `syz.3.4435'.
[  695.506696][T18252] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4446'.
[  695.899895][T18264] netlink: 'syz.1.4451': attribute type 4 has an invalid length.
[  695.935307][T18264] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4451'.
[  696.565534][T18267] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4452'.
[  696.719264][T18278] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4457'.
[  697.011115][T18282] syzkaller0: entered promiscuous mode
[  697.019699][T18282] syzkaller0: entered allmulticast mode
[  700.296358][T18312] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4468'.
[  701.199518][T18337] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4480'.
[  702.306507][T18359] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4491'.
[  702.341914][T18361] netlink: 'syz.2.4492': attribute type 22 has an invalid length.
[  702.370581][T18361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4492'.
[  703.059972][T18394] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4504'.
[  703.328960][T18400] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  703.469089][T18407] syzkaller0: entered promiscuous mode
[  703.503127][T18407] syzkaller0: entered allmulticast mode
[  704.606368][T18427] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4517'.
[  704.844203][T18431] netlink: 'syz.3.4519': attribute type 3 has an invalid length.
[  704.852346][T18431] netlink: 'syz.3.4519': attribute type 6 has an invalid length.
[  704.860144][T18431] netlink: 144448 bytes leftover after parsing attributes in process `syz.3.4519'.
[  706.921633][T18436] netlink: 'syz.2.4520': attribute type 2 has an invalid length.
[  706.930231][T18436] netlink: 'syz.2.4520': attribute type 8 has an invalid length.
[  706.941542][T18436] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4520'.
[  706.952801][T18440] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4520'.
[  707.128507][T18460] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4527'.
[  707.195501][T18456] netlink: 'syz.0.4524': attribute type 4 has an invalid length.
[  707.222605][T18456] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4524'.
[  707.493611][T18472] netlink: 'syz.1.4532': attribute type 39 has an invalid length.
[  707.969857][T18482] Ÿë
: port 1(ip6gretap0) entered blocking state
[  708.002841][T18482] Ÿë
: port 1(ip6gretap0) entered disabled state
[  708.088544][T18482] ip6gretap0: entered allmulticast mode
[  708.153907][T18482] ip6gretap0: entered promiscuous mode
[  708.286455][T18492] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4539'.
[  708.581230][T18505] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4551'.
[  708.680238][T18501] syzkaller0: entered promiscuous mode
[  708.693833][T18501] syzkaller0: entered allmulticast mode
[  708.714058][T18507] netlink: 'syz.0.4545': attribute type 39 has an invalid length.
[  711.045175][T18533] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4556'.
[  711.064329][T18534] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4554'.
[  711.129693][T18536] netlink: 'syz.2.4557': attribute type 39 has an invalid length.
[  711.372747][T18545] syzkaller0: entered promiscuous mode
[  711.380367][T18545] syzkaller0: entered allmulticast mode
[  711.399723][T18549] netlink: 'syz.3.4562': attribute type 29 has an invalid length.
[  711.414255][T18549] netlink: 'syz.3.4562': attribute type 29 has an invalid length.
[  712.350000][T18560] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4567'.
[  712.616838][T18564] netlink: 'syz.0.4568': attribute type 4 has an invalid length.
[  712.641144][T18564] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4568'.
[  714.296813][T18591] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4576'.
[  714.337411][T18546] netlink: 'syz.1.4561': attribute type 10 has an invalid length.
[  714.345543][T18546] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4561'.
[  714.354665][T18546] hsr0: entered promiscuous mode
[  714.360888][T18546] bridge0: port 3(hsr0) entered blocking state
[  714.370066][T18546] bridge0: port 3(hsr0) entered disabled state
[  714.379408][T18546] hsr0: entered allmulticast mode
[  714.386025][T18546] hsr_slave_0: entered allmulticast mode
[  714.392181][T18546] hsr_slave_1: entered allmulticast mode
[  714.400466][T18546] bridge0: port 3(hsr0) entered blocking state
[  714.406879][T18546] bridge0: port 3(hsr0) entered forwarding state
[  714.576847][T18595] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.4578'.
[  714.597610][T18595] netlink: zone id is out of range
[  714.603387][T18595] netlink: zone id is out of range
[  714.618471][T18595] netlink: zone id is out of range
[  714.630039][T18595] netlink: zone id is out of range
[  714.642828][T18595] netlink: zone id is out of range
[  714.652295][T18595] netlink: zone id is out of range
[  714.661801][T18595] netlink: zone id is out of range
[  714.670981][T18595] netlink: zone id is out of range
[  714.678180][T18595] netlink: zone id is out of range
[  714.688593][T18595] netlink: zone id is out of range
[  714.774438][T18599] netlink: 'syz.1.4580': attribute type 21 has an invalid length.
[  714.801877][T18599] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4580'.
[  715.034375][T18613] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4585'.
[  715.265941][T18624] FAULT_INJECTION: forcing a failure.
[  715.265941][T18624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  715.280026][T18624] CPU: 0 PID: 18624 Comm: syz.0.4588 Not tainted syzkaller #0
[  715.287555][T18624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  715.297675][T18624] Call Trace:
[  715.301008][T18624]  <TASK>
[  715.303977][T18624]  dump_stack_lvl+0x18c/0x250
[  715.308733][T18624]  ? show_regs_print_info+0x20/0x20
[  715.313990][T18624]  ? load_image+0x420/0x420
[  715.318535][T18624]  ? __might_fault+0xaa/0x120
[  715.323514][T18624]  ? __lock_acquire+0x7d40/0x7d40
[  715.328581][T18624]  should_fail_ex+0x39d/0x4d0
[  715.333304][T18624]  _copy_to_user+0x2f/0xa0
[  715.337766][T18624]  generic_map_lookup_batch+0x8bd/0xc60
[  715.343352][T18624]  ? bpf_map_update_value+0x720/0x720
[  715.348758][T18624]  ? __fdget+0x180/0x210
[  715.353038][T18624]  ? bpf_map_update_value+0x720/0x720
[  715.358434][T18624]  bpf_map_do_batch+0x2cb/0x610
[  715.363325][T18624]  ? bpf_lsm_bpf+0x9/0x10
[  715.367707][T18624]  ? security_bpf+0x7e/0xa0
[  715.372261][T18624]  __sys_bpf+0x7d7/0x890
[  715.376549][T18624]  ? bpf_link_show_fdinfo+0x390/0x390
[  715.381963][T18624]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  715.388163][T18624]  __x64_sys_bpf+0x7c/0x90
[  715.392606][T18624]  do_syscall_64+0x55/0xa0
[  715.397042][T18624]  ? clear_bhb_loop+0x40/0x90
[  715.401748][T18624]  ? clear_bhb_loop+0x40/0x90
[  715.406460][T18624]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  715.412391][T18624] RIP: 0033:0x7fae7f79ce59
[  715.416831][T18624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  715.436476][T18624] RSP: 002b:00007fae8066d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  715.444934][T18624] RAX: ffffffffffffffda RBX: 00007fae7fa15fa0 RCX: 00007fae7f79ce59
[  715.453027][T18624] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  715.461036][T18624] RBP: 00007fae8066d090 R08: 0000000000000000 R09: 0000000000000000
[  715.469045][T18624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  715.477055][T18624] R13: 00007fae7fa16038 R14: 00007fae7fa15fa0 R15: 00007ffedf64ba18
[  715.485070][T18624]  </TASK>
[  716.688547][T18646] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4594'.
[  718.419314][T18655] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.4597'.
[  718.815072][T18671] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4604'.
[  718.926093][T18664] netlink: 'syz.0.4601': attribute type 10 has an invalid length.
[  718.937719][T18664] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4601'.
[  718.950117][T18664] hsr0: entered promiscuous mode
[  718.963873][T18664] bridge0: port 2(hsr0) entered blocking state
[  718.973231][T18664] bridge0: port 2(hsr0) entered disabled state
[  718.980539][T18664] hsr0: entered allmulticast mode
[  718.987836][T18664] hsr_slave_0: entered allmulticast mode
[  719.048461][T18664] bridge0: port 2(hsr0) entered blocking state
[  719.056478][T18664] bridge0: port 2(hsr0) entered forwarding state
[  719.582083][T18696] netlink: 'syz.2.4614': attribute type 10 has an invalid length.
[  719.600186][T18696] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  719.618458][T18696] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  719.643543][T18696] .`: (slave netdevsim0): Enslaving as an active interface with an up link
[  719.697711][T18697] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4615'.
[  720.196446][T18706] mac80211_hwsim hwsim23 ..ãc¤±: renamed from wlan1
[  720.866337][T18712] netlink: 'syz.3.4618': attribute type 10 has an invalid length.
[  720.875578][T18712] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4618'.
[  720.891548][T18712] hsr0: entered promiscuous mode
[  720.900373][T18712] bridge0: port 2(hsr0) entered blocking state
[  720.921016][T18712] bridge0: port 2(hsr0) entered disabled state
[  720.936545][T18712] hsr0: entered allmulticast mode
[  720.951496][T18712] hsr_slave_0: entered allmulticast mode
[  721.070334][T18721] FAULT_INJECTION: forcing a failure.
[  721.070334][T18721] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  721.085197][T18721] CPU: 0 PID: 18721 Comm: syz.1.4622 Not tainted syzkaller #0
[  721.092732][T18721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  721.102844][T18721] Call Trace:
[  721.106172][T18721]  <TASK>
[  721.109141][T18721]  dump_stack_lvl+0x18c/0x250
[  721.113891][T18721]  ? show_regs_print_info+0x20/0x20
[  721.119148][T18721]  ? load_image+0x420/0x420
[  721.123700][T18721]  ? __might_fault+0xaa/0x120
[  721.128427][T18721]  ? __lock_acquire+0x7d40/0x7d40
[  721.133592][T18721]  should_fail_ex+0x39d/0x4d0
[  721.138325][T18721]  _copy_to_user+0x2f/0xa0
[  721.142780][T18721]  generic_map_lookup_batch+0x860/0xc60
[  721.148368][T18721]  ? bpf_map_update_value+0x720/0x720
[  721.153770][T18721]  ? __fdget+0x180/0x210
[  721.158048][T18721]  ? bpf_map_update_value+0x720/0x720
[  721.163444][T18721]  bpf_map_do_batch+0x2cb/0x610
[  721.168324][T18721]  ? bpf_lsm_bpf+0x9/0x10
[  721.172683][T18721]  ? security_bpf+0x7e/0xa0
[  721.177214][T18721]  __sys_bpf+0x7d7/0x890
[  721.181492][T18721]  ? bpf_link_show_fdinfo+0x390/0x390
[  721.186904][T18721]  ? lock_chain_count+0x20/0x20
[  721.191785][T18721]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  721.197800][T18721]  __x64_sys_bpf+0x7c/0x90
[  721.202248][T18721]  do_syscall_64+0x55/0xa0
[  721.206687][T18721]  ? clear_bhb_loop+0x40/0x90
[  721.211391][T18721]  ? clear_bhb_loop+0x40/0x90
[  721.216104][T18721]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  721.222030][T18721] RIP: 0033:0x7f3cb979ce59
[  721.226501][T18721] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  721.246134][T18721] RSP: 002b:00007f3cba70c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  721.254666][T18721] RAX: ffffffffffffffda RBX: 00007f3cb9a15fa0 RCX: 00007f3cb979ce59
[  721.262668][T18721] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  721.270842][T18721] RBP: 00007f3cba70c090 R08: 0000000000000000 R09: 0000000000000000
[  721.278840][T18721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  721.286835][T18721] R13: 00007f3cb9a16038 R14: 00007f3cb9a15fa0 R15: 00007ffe3034cee8
[  721.294847][T18721]  </TASK>
[  721.349396][T18719] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4621'.
[  721.961963][T18748] netlink: 'syz.0.4634': attribute type 39 has an invalid length.
[  722.307785][T18767] netlink: 'syz.3.4642': attribute type 1 has an invalid length.
[  722.315854][T18767] netlink: 191376 bytes leftover after parsing attributes in process `syz.3.4642'.
[  723.873577][T18792] netlink: 65047 bytes leftover after parsing attributes in process `syz.3.4649'.
[  723.905175][T18792] netlink: 148 bytes leftover after parsing attributes in process `syz.3.4649'.
[  724.019287][T18796] netlink: 'syz.2.4651': attribute type 4 has an invalid length.
[  724.035219][T18796] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4651'.
[  724.429115][T18810] netlink: 'syz.2.4657': attribute type 10 has an invalid length.
[  724.458184][T18810] mac80211_hwsim hwsim23 ..ãc¤±: left allmulticast mode
[  724.490706][T18817] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4661'.
[  724.509427][T18810] team0: Port device ..ãc¤± added
[  724.584616][T18820] netlink: 144 bytes leftover after parsing attributes in process `syz.1.4662'.
[  724.685219][T18820] team0: Port device team_slave_0 removed
[  724.772260][T18820] net_ratelimit: 216 callbacks suppressed
[  724.772281][T18820] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  725.565201][T14753] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  725.697064][T18847] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4672'.
[  726.209615][T18872] netlink: 'syz.0.4680': attribute type 39 has an invalid length.
[  726.508115][T18885] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4685'.
[  727.195627][T18904] syzkaller0: entered promiscuous mode
[  727.231758][T18904] syzkaller0: entered allmulticast mode
[  727.273720][T18917] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4697'.
[  731.432599][T18929] À: port 1(vlan0) entered blocking state
[  731.438765][T18929] À: port 1(vlan0) entered disabled state
[  731.445072][T18929] vlan0: entered allmulticast mode
[  731.450327][T18929] veth0_vlan: entered allmulticast mode
[  731.460022][T18929] vlan0: entered promiscuous mode
[  731.859471][T18953] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4708'.
[  732.068887][T18957] netlink: 'syz.3.4709': attribute type 10 has an invalid length.
[  732.270537][T18957] team0: Port device geneve1 added
[  732.688560][T18973] FAULT_INJECTION: forcing a failure.
[  732.688560][T18973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  732.721275][T18973] CPU: 0 PID: 18973 Comm: syz.0.4716 Not tainted syzkaller #0
[  732.728828][T18973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  732.738936][T18973] Call Trace:
[  732.742260][T18973]  <TASK>
[  732.745233][T18973]  dump_stack_lvl+0x18c/0x250
[  732.750019][T18973]  ? show_regs_print_info+0x20/0x20
[  732.755276][T18973]  ? load_image+0x420/0x420
[  732.759832][T18973]  ? __might_fault+0xaa/0x120
[  732.764565][T18973]  ? __lock_acquire+0x7d40/0x7d40
[  732.769817][T18973]  should_fail_ex+0x39d/0x4d0
[  732.774571][T18973]  _copy_to_user+0x2f/0xa0
[  732.779048][T18973]  generic_map_lookup_batch+0x860/0xc60
[  732.784657][T18973]  ? bpf_map_update_value+0x720/0x720
[  732.790084][T18973]  ? __fdget+0x180/0x210
[  732.794386][T18973]  ? bpf_map_update_value+0x720/0x720
[  732.799797][T18973]  bpf_map_do_batch+0x2cb/0x610
[  732.804713][T18973]  ? bpf_lsm_bpf+0x9/0x10
[  732.809108][T18973]  ? security_bpf+0x7e/0xa0
[  732.813674][T18973]  __sys_bpf+0x7d7/0x890
[  732.817980][T18973]  ? bpf_link_show_fdinfo+0x390/0x390
[  732.823413][T18973]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  732.829642][T18973]  __x64_sys_bpf+0x7c/0x90
[  732.834120][T18973]  do_syscall_64+0x55/0xa0
[  732.838586][T18973]  ? clear_bhb_loop+0x40/0x90
[  732.843312][T18973]  ? clear_bhb_loop+0x40/0x90
[  732.848047][T18973]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  732.854005][T18973] RIP: 0033:0x7fae7f79ce59
[  732.858474][T18973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  732.878150][T18973] RSP: 002b:00007fae8066d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  732.886624][T18973] RAX: ffffffffffffffda RBX: 00007fae7fa15fa0 RCX: 00007fae7f79ce59
[  732.894649][T18973] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  732.902940][T18973] RBP: 00007fae8066d090 R08: 0000000000000000 R09: 0000000000000000
[  732.911051][T18973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  732.919073][T18973] R13: 00007fae7fa16038 R14: 00007fae7fa15fa0 R15: 00007ffedf64ba18
[  732.927116][T18973]  </TASK>
[  733.449606][T18981] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4718'.
[  735.209848][T19000] netlink: 'syz.2.4722': attribute type 4 has an invalid length.
[  735.241871][T19000] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4722'.
[  735.482604][T19009] veth1_macvtap: left promiscuous mode
[  735.518642][T19009] macsec0: entered allmulticast mode
[  735.571608][T19010] veth1_macvtap: entered promiscuous mode
[  735.577424][T19010] veth1_macvtap: entered allmulticast mode
[  735.631546][T19010] macsec0: entered promiscuous mode
[  735.847573][T19021] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4730'.
[  736.245423][T19005] syz.0.4724 (19005) used greatest stack depth: 17832 bytes left
[  736.638289][T19041] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4741'.
[  736.977040][T19054] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.4745'.
[  737.329267][T19070] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4751'.
[  737.777074][T19088] netlink: 'syz.0.4760': attribute type 1 has an invalid length.
[  737.808298][T19088] netlink: 176 bytes leftover after parsing attributes in process `syz.0.4760'.
[  737.886727][T19088] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.4760'.
[  737.936663][T19088] netlink: zone id is out of range
[  737.960772][T19088] netlink: zone id is out of range
[  737.991773][T19092] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4761'.
[  738.001796][T19088] netlink: zone id is out of range
[  738.017340][T19088] netlink: zone id is out of range
[  738.037638][T19088] netlink: zone id is out of range
[  738.073134][T19088] netlink: zone id is out of range
[  738.086947][T19088] netlink: zone id is out of range
[  738.127054][T19088] netlink: zone id is out of range
[  738.160463][T19088] netlink: zone id is out of range
[  738.196442][T19088] netlink: zone id is out of range
[  738.788347][T19121] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4771'.
[  739.070390][T19129] syz.3.4774: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  739.116455][T19129] CPU: 0 PID: 19129 Comm: syz.3.4774 Not tainted syzkaller #0
[  739.124012][T19129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  739.134122][T19129] Call Trace:
[  739.137473][T19129]  <TASK>
[  739.140481][T19129]  dump_stack_lvl+0x18c/0x250
[  739.145264][T19129]  ? show_regs_print_info+0x20/0x20
[  739.150567][T19129]  ? load_image+0x420/0x420
[  739.155165][T19129]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  739.161698][T19129]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  739.168282][T19129]  warn_alloc+0x246/0x340
[  739.172709][T19129]  ? stack_trace_save+0xaa/0x100
[  739.177739][T19129]  ? zone_watermark_ok_safe+0x230/0x230
[  739.183475][T19129]  ? kasan_set_track+0x5f/0x70
[  739.188321][T19129]  ? kasan_set_track+0x4e/0x70
[  739.193243][T19129]  ? __kasan_kmalloc+0x8f/0xa0
[  739.198176][T19129]  ? xsk_init_queue+0xad/0x100
[  739.203015][T19129]  ? xsk_setsockopt+0x4e5/0x760
[  739.207942][T19129]  ? do_sock_setsockopt+0x175/0x1a0
[  739.213194][T19129]  ? __x64_sys_setsockopt+0x182/0x200
[  739.218605][T19129]  __vmalloc_node_range+0x126/0x1330
[  739.223953][T19129]  ? free_vm_area+0x50/0x50
[  739.228608][T19129]  vmalloc_user+0x74/0x80
[  739.233001][T19129]  ? xskq_create+0xbf/0x170
[  739.237546][T19129]  xskq_create+0xbf/0x170
[  739.241919][T19129]  xsk_init_queue+0xad/0x100
[  739.246644][T19129]  xsk_setsockopt+0x4e5/0x760
[  739.251539][T19129]  ? xsk_poll+0x680/0x680
[  739.255914][T19129]  ? __fget_files+0x28/0x4b0
[  739.260544][T19129]  ? __fget_files+0x28/0x4b0
[  739.265172][T19129]  ? aa_sock_opt_perm+0x74/0x100
[  739.270148][T19129]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  739.275735][T19129]  ? security_socket_setsockopt+0x7e/0xa0
[  739.281496][T19129]  ? xsk_poll+0x680/0x680
[  739.285877][T19129]  do_sock_setsockopt+0x175/0x1a0
[  739.290934][T19129]  ? __fdget+0x180/0x210
[  739.295317][T19129]  __x64_sys_setsockopt+0x182/0x200
[  739.300647][T19129]  do_syscall_64+0x55/0xa0
[  739.305098][T19129]  ? clear_bhb_loop+0x40/0x90
[  739.309812][T19129]  ? clear_bhb_loop+0x40/0x90
[  739.314521][T19129]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  739.320470][T19129] RIP: 0033:0x7fce3c59ce59
[  739.324915][T19129] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  739.344563][T19129] RSP: 002b:00007fce3d448028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  739.353014][T19129] RAX: ffffffffffffffda RBX: 00007fce3c815fa0 RCX: 00007fce3c59ce59
[  739.361363][T19129] RDX: 0000000000000002 RSI: 000000000000011b RDI: 000000000000000a
[  739.369376][T19129] RBP: 00007fce3c632d6f R08: 0000000000000004 R09: 0000000000000000
[  739.377381][T19129] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  739.385473][T19129] R13: 00007fce3c816038 R14: 00007fce3c815fa0 R15: 00007ffcf18d33b8
[  739.393500][T19129]  </TASK>
[  739.413865][T19129] Mem-Info:
[  739.417647][T19129] active_anon:7200 inactive_anon:0 isolated_anon:0
[  739.417647][T19129]  active_file:18733 inactive_file:40211 isolated_file:0
[  739.417647][T19129]  unevictable:768 dirty:129 writeback:0
[  739.417647][T19129]  slab_reclaimable:10810 slab_unreclaimable:97563
[  739.417647][T19129]  mapped:24687 shmem:1361 pagetables:517
[  739.417647][T19129]  sec_pagetables:0 bounce:0
[  739.417647][T19129]  kernel_misc_reclaimable:0
[  739.417647][T19129]  free:1337044 free_pcp:9660 free_cma:0
[  739.472294][T19129] Node 0 active_anon:28800kB inactive_anon:0kB active_file:74932kB inactive_file:160644kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98748kB dirty:516kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10872kB pagetables:2168kB sec_pagetables:0kB all_unreclaimable? no
[  739.538617][T19129] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  739.583330][T19129] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  739.621283][T19129] lowmem_reserve[]: 0 2521 2522 2522 2522
[  739.632182][T19129] Node 0 DMA32 free:1442372kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:28764kB inactive_anon:0kB active_file:74932kB inactive_file:159816kB unevictable:1536kB writepending:516kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:14956kB local_pcp:2852kB free_cma:0kB
[  739.676110][T19129] lowmem_reserve[]: 0 0 0 0 0
[  739.693500][T19129] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  739.752109][T19129] lowmem_reserve[]: 0 0 0 0 0
[  739.763120][T19129] Node 1 Normal free:3890572kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:22888kB local_pcp:10116kB free_cma:0kB
[  739.799388][T19129] lowmem_reserve[]: 0 0 0 0 0
[  739.831331][T19140] netlink: 'syz.1.4780': attribute type 4 has an invalid length.
[  739.849083][T19129] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  739.873986][T19140] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4780'.
[  739.887799][T19129] Node 0 DMA32: 545*4kB (UM) 952*8kB (UME) 1094*16kB (UME) 1123*32kB (UME) 655*64kB (UME) 239*128kB (UME) 64*256kB (UME) 52*512kB (UME) 18*1024kB (UM) 8*2048kB (UM) 300*4096kB (UM) = 1442372kB
[  739.914456][T19129] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  739.926865][T19129] Node 1 Normal: 239*4kB (UM) 56*8kB (UME) 45*16kB (UME) 38*32kB (UME) 18*64kB (UE) 8*128kB (UME) 0*256kB 2*512kB (UM) 1*1024kB (U) 2*2048kB (UE) 947*4096kB (M) = 3890572kB
[  739.946437][T19129] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  739.957535][T19129] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  739.971032][T19129] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  739.985678][T19129] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  740.017184][T19129] 60307 total pagecache pages
[  740.026142][T19129] 0 pages in swap cache
[  740.030950][T19129] Free swap  = 124996kB
[  740.036735][T19129] Total swap = 124996kB
[  740.041109][T19129] 2097051 pages RAM
[  740.045435][T19129] 0 pages HighMem/MovableOnly
[  740.050171][T19129] 416927 pages reserved
[  740.055106][T19129] 0 pages cma reserved
[  740.116989][T19147] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4783'.
[  740.396927][T19162] netlink: 'syz.0.4789': attribute type 46 has an invalid length.
[  740.444165][T19166] netlink: 65047 bytes leftover after parsing attributes in process `syz.2.4790'.
[  740.493270][T19170] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4792'.
[  741.692853][T19200] FAULT_INJECTION: forcing a failure.
[  741.692853][T19200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  741.741692][T19200] CPU: 1 PID: 19200 Comm: syz.3.4807 Not tainted syzkaller #0
[  741.749242][T19200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  741.759605][T19200] Call Trace:
[  741.762928][T19200]  <TASK>
[  741.765901][T19200]  dump_stack_lvl+0x18c/0x250
[  741.770647][T19200]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  741.776863][T19200]  ? show_regs_print_info+0x20/0x20
[  741.782122][T19200]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  741.788345][T19200]  should_fail_ex+0x39d/0x4d0
[  741.793081][T19200]  _copy_to_user+0x2f/0xa0
[  741.797558][T19200]  generic_map_lookup_batch+0x860/0xc60
[  741.803179][T19200]  ? bpf_map_update_value+0x720/0x720
[  741.808598][T19200]  ? __fdget+0x180/0x210
[  741.812866][T19200]  ? bpf_map_update_value+0x720/0x720
[  741.818304][T19200]  bpf_map_do_batch+0x2cb/0x610
[  741.823178][T19200]  ? security_bpf+0x7e/0xa0
[  741.827782][T19200]  __sys_bpf+0x7d7/0x890
[  741.832047][T19200]  ? bpf_link_show_fdinfo+0x390/0x390
[  741.837455][T19200]  ? lock_chain_count+0x20/0x20
[  741.842387][T19200]  __x64_sys_bpf+0x7c/0x90
[  741.846825][T19200]  do_syscall_64+0x55/0xa0
[  741.851261][T19200]  ? clear_bhb_loop+0x40/0x90
[  741.855972][T19200]  ? clear_bhb_loop+0x40/0x90
[  741.860735][T19200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  741.866681][T19200] RIP: 0033:0x7fce3c59ce59
[  741.871149][T19200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  741.890813][T19200] RSP: 002b:00007fce3d448028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  741.899304][T19200] RAX: ffffffffffffffda RBX: 00007fce3c815fa0 RCX: 00007fce3c59ce59
[  741.907329][T19200] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  741.915358][T19200] RBP: 00007fce3d448090 R08: 0000000000000000 R09: 0000000000000000
[  741.923390][T19200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  741.931423][T19200] R13: 00007fce3c816038 R14: 00007fce3c815fa0 R15: 00007ffcf18d33b8
[  741.939555][T19200]  </TASK>
[  742.600208][T19226] __nla_validate_parse: 3 callbacks suppressed
[  742.600229][T19226] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4820'.
[  743.033443][T19238] netlink: 208064 bytes leftover after parsing attributes in process `syz.1.4823'.
[  743.081487][T19238] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4823'.
[  743.144802][T19243] netlink: 763 bytes leftover after parsing attributes in process `syz.0.4825'.
[  743.247833][T19240] can: request_module (can-proto-5) failed.
[  743.577708][T19257] syzkaller0: entered promiscuous mode
[  743.584940][T19257] syzkaller0: entered allmulticast mode
[  743.835999][T19267] netlink: 'syz.2.4834': attribute type 8 has an invalid length.
[  743.853685][T19267] netlink: 199848 bytes leftover after parsing attributes in process `syz.2.4834'.
[  744.622022][T19302] GPL: port 1(ip6gretap0) entered blocking state
[  744.628573][T19302] GPL: port 1(ip6gretap0) entered disabled state
[  744.674772][T19302] ip6gretap0: entered allmulticast mode
[  744.689940][T19302] ip6gretap0: entered promiscuous mode
[  745.631786][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  745.645808][T19326] FAULT_INJECTION: forcing a failure.
[  745.645808][T19326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.662527][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  745.691665][T19326] CPU: 0 PID: 19326 Comm: syz.1.4856 Not tainted syzkaller #0
[  745.699205][T19326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  745.709376][T19326] Call Trace:
[  745.712685][T19326]  <TASK>
[  745.715642][T19326]  dump_stack_lvl+0x18c/0x250
[  745.720608][T19326]  ? show_regs_print_info+0x20/0x20
[  745.725883][T19326]  ? load_image+0x420/0x420
[  745.730442][T19326]  ? __might_fault+0xaa/0x120
[  745.735154][T19326]  ? __lock_acquire+0x7d40/0x7d40
[  745.740219][T19326]  ? __phys_addr+0x4b/0x170
[  745.744798][T19326]  should_fail_ex+0x39d/0x4d0
[  745.749523][T19326]  _copy_to_user+0x2f/0xa0
[  745.753977][T19326]  generic_map_lookup_batch+0x8bd/0xc60
[  745.759589][T19326]  ? bpf_map_update_value+0x720/0x720
[  745.765011][T19326]  ? __fdget+0x180/0x210
[  745.769317][T19326]  ? bpf_map_update_value+0x720/0x720
[  745.774729][T19326]  bpf_map_do_batch+0x2cb/0x610
[  745.779615][T19326]  __sys_bpf+0x7d7/0x890
[  745.783889][T19326]  ? bpf_link_show_fdinfo+0x390/0x390
[  745.789317][T19326]  __x64_sys_bpf+0x7c/0x90
[  745.793762][T19326]  do_syscall_64+0x55/0xa0
[  745.798365][T19326]  ? clear_bhb_loop+0x40/0x90
[  745.803085][T19326]  ? clear_bhb_loop+0x40/0x90
[  745.807805][T19326]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  745.813732][T19326] RIP: 0033:0x7f3cb979ce59
[  745.818177][T19326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  745.837823][T19326] RSP: 002b:00007f3cba70c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  745.846274][T19326] RAX: ffffffffffffffda RBX: 00007f3cb9a15fa0 RCX: 00007f3cb979ce59
[  745.854284][T19326] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  745.862302][T19326] RBP: 00007f3cba70c090 R08: 0000000000000000 R09: 0000000000000000
[  745.870342][T19326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  745.878341][T19326] R13: 00007f3cb9a16038 R14: 00007f3cb9a15fa0 R15: 00007ffe3034cee8
[  745.886359][T19326]  </TASK>
[  745.911630][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  745.931551][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  745.943575][   T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  745.953705][ T3470] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  745.968128][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  746.216394][ T3470] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  746.357822][ T3470] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  746.605010][ T3470] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  746.678678][T19322] chnl_net:caif_netlink_parms(): no params data found
[  746.911267][T19322] bridge0: port 1(bridge_slave_0) entered blocking state
[  746.940042][T19322] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.954073][T19322] bridge_slave_0: entered allmulticast mode
[  746.969198][T19322] bridge_slave_0: entered promiscuous mode
[  746.987353][T19322] bridge0: port 2(bridge_slave_1) entered blocking state
[  746.994884][T19322] bridge0: port 2(bridge_slave_1) entered disabled state
[  747.002325][T19322] bridge_slave_1: entered allmulticast mode
[  747.016704][T19322] bridge_slave_1: entered promiscuous mode
[  747.051057][T19359] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4867'.
[  747.312940][T19322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  747.376065][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  747.382558][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  747.431207][T19322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  747.672188][T19322] team0: Port device team_slave_0 added
[  747.706320][T19322] team0: Port device team_slave_1 added
[  747.934161][T19373] netlink: 'syz.0.4873': attribute type 21 has an invalid length.
[  747.958048][T19373] netlink: 'syz.0.4873': attribute type 1 has an invalid length.
[  748.006540][T19373] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4873'.
[  748.081673][   T51] Bluetooth: hci2: command tx timeout
[  748.150462][T19322] batman_adv: batadv0: Adding interface: batadv_slave_0
[  748.157590][T19322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  748.191499][T19322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  748.283095][T19322] batman_adv: batadv0: Adding interface: batadv_slave_1
[  748.290119][T19322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  748.328335][T19322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  748.557524][T19322] hsr_slave_0: entered promiscuous mode
[  748.588405][T19322] hsr_slave_1: entered promiscuous mode
[  748.612002][T19322] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  748.619640][T19322] Cannot create hsr debugfs directory
[  748.986888][T19410] netlink: 'syz.2.4883': attribute type 21 has an invalid length.
[  749.001670][T19410] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4883'.
[  749.272861][T19419] netlink: 'syz.2.4886': attribute type 21 has an invalid length.
[  750.161726][   T51] Bluetooth: hci2: command tx timeout
[  750.398385][ T3470] vlan0: left allmulticast mode
[  750.425933][ T3470] veth0_vlan: left allmulticast mode
[  750.431323][ T3470] vlan0: left promiscuous mode
[  750.462006][ T3470] À: port 1(vlan0) entered disabled state
[  750.511731][ T3470] hsr_slave_0: left promiscuous mode
[  750.535323][ T3470] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  750.546487][ T3470] batman_adv: batadv0: Removing interface: batadv_slave_0
[  750.567385][ T3470] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  750.579187][ T3470] batman_adv: batadv0: Removing interface: batadv_slave_1
[  750.602038][ T3470] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  750.615071][ T3470] batman_adv: batadv0: Removing interface: virt_wifi0
[  750.637820][ T3470] hsr0: left allmulticast mode
[  750.650292][ T3470] bridge0: port 2(hsr0) entered disabled state
[  750.670875][ T3470] bond0: left allmulticast mode
[  750.681703][ T3470] bond_slave_0: left allmulticast mode
[  750.687287][ T3470] 
@0Ù: left allmulticast mode
[  750.711550][ T3470] bridge_slave_1: left allmulticast mode
[  750.727903][ T3470] bridge0: port 3(bond0) entered disabled state
[  750.749964][ T3470] bridge_slave_0: left allmulticast mode
[  750.764234][ T3470] bridge_slave_0: left promiscuous mode
[  750.780654][ T3470] bridge0: port 1(bridge_slave_0) entered disabled state
[  750.885119][ T3470] veth1_vlan: left promiscuous mode
[  750.893164][ T3470] veth0_vlan: left promiscuous mode
[  751.218625][ T3470] team0 (unregistering): Port device geneve1 removed
[  751.289505][T19476] FAULT_INJECTION: forcing a failure.
[  751.289505][T19476] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  751.303909][T19476] CPU: 0 PID: 19476 Comm: syz.1.4905 Not tainted syzkaller #0
[  751.311440][T19476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  751.321546][T19476] Call Trace:
[  751.324871][T19476]  <TASK>
[  751.327836][T19476]  dump_stack_lvl+0x18c/0x250
[  751.332581][T19476]  ? show_regs_print_info+0x20/0x20
[  751.337838][T19476]  ? load_image+0x420/0x420
[  751.342394][T19476]  ? __might_fault+0xaa/0x120
[  751.347115][T19476]  ? __lock_acquire+0x7d40/0x7d40
[  751.352186][T19476]  should_fail_ex+0x39d/0x4d0
[  751.356928][T19476]  _copy_to_user+0x2f/0xa0
[  751.361388][T19476]  generic_map_lookup_batch+0x860/0xc60
[  751.366995][T19476]  ? bpf_map_update_value+0x720/0x720
[  751.372431][T19476]  ? __fdget+0x180/0x210
[  751.376730][T19476]  ? bpf_map_update_value+0x720/0x720
[  751.382147][T19476]  bpf_map_do_batch+0x2cb/0x610
[  751.387057][T19476]  ? bpf_lsm_bpf+0x9/0x10
[  751.391447][T19476]  ? security_bpf+0x7e/0xa0
[  751.395992][T19476]  __sys_bpf+0x7d7/0x890
[  751.400249][T19476]  ? bpf_link_show_fdinfo+0x390/0x390
[  751.405673][T19476]  ? lock_chain_count+0x20/0x20
[  751.410584][T19476]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  751.417166][T19476]  __x64_sys_bpf+0x7c/0x90
[  751.421644][T19476]  do_syscall_64+0x55/0xa0
[  751.426112][T19476]  ? clear_bhb_loop+0x40/0x90
[  751.430849][T19476]  ? clear_bhb_loop+0x40/0x90
[  751.435595][T19476]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  751.441642][T19476] RIP: 0033:0x7f3cb979ce59
[  751.446117][T19476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  751.465785][T19476] RSP: 002b:00007f3cba70c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  751.474256][T19476] RAX: ffffffffffffffda RBX: 00007f3cb9a15fa0 RCX: 00007f3cb979ce59
[  751.482282][T19476] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  751.490307][T19476] RBP: 00007f3cba70c090 R08: 0000000000000000 R09: 0000000000000000
[  751.498334][T19476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  751.506358][T19476] R13: 00007f3cb9a16038 R14: 00007f3cb9a15fa0 R15: 00007ffe3034cee8
[  751.514410][T19476]  </TASK>
[  751.980738][ T3470] team0 (unregistering): Port device team_slave_1 removed
[  752.038723][ T3470] team0 (unregistering): Port device team_slave_0 removed
[  752.096538][ T3470] bond0 (unregistering): (slave 
4
@0Ù): Releasing backup interface
[  752.105067][ T3470] 
@0Ù (unregistering): left promiscuous mode
[  752.156797][ T3470] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  752.167668][ T3470] bond_slave_0 (unregistering): left promiscuous mode
[  752.233204][ T3470] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  752.243102][   T51] Bluetooth: hci2: command tx timeout
[  752.252810][ T3470] bridge_slave_1 (unregistering): left promiscuous mode
[  752.632114][ T3470] bond0 (unregistering): Released all slaves
[  752.761487][T19485] netlink: 14548 bytes leftover after parsing attributes in process `syz.0.4906'.
[  753.067996][T19322] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  753.125317][T19322] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  753.165123][T19322] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  753.231997][T19322] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  753.555805][T19511] netlink: 'syz.1.4917': attribute type 39 has an invalid length.
[  754.324623][   T51] Bluetooth: hci2: command tx timeout
[  756.597113][T14761] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  757.036079][T19556] netlink: 'syz.1.4926': attribute type 39 has an invalid length.
[  757.189806][T19322] 8021q: adding VLAN 0 to HW filter on device bond0
[  757.256852][T19322] 8021q: adding VLAN 0 to HW filter on device team0
[  757.280219][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[  757.287501][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  757.373464][T14751] bridge0: port 2(bridge_slave_1) entered blocking state
[  757.380731][T14751] bridge0: port 2(bridge_slave_1) entered forwarding state
[  758.226970][T19322] 8021q: adding VLAN 0 to HW filter on device batadv0
[  758.391966][T19322] veth0_vlan: entered promiscuous mode
[  758.437693][T19322] veth1_vlan: entered promiscuous mode
[  758.530812][T19618] netlink: 'syz.0.4943': attribute type 1 has an invalid length.
[  758.551685][T19618] netlink: 'syz.0.4943': attribute type 4 has an invalid length.
[  758.559521][T19618] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.4943'.
[  758.600314][T19322] veth0_macvtap: entered promiscuous mode
[  758.650092][T19322] veth1_macvtap: entered promiscuous mode
[  758.706204][T19322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  758.741519][T19322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.764498][T19322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  758.790939][T19322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.811764][T19322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  758.831687][T19322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.853186][T19322] batman_adv: batadv0: Interface activated: batadv_slave_0
[  758.896911][T19322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  758.923683][T19322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.940693][T19322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  758.961288][T19322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.981470][T19322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  759.009229][T19322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  759.033127][T19322] batman_adv: batadv0: Interface activated: batadv_slave_1
[  759.070800][T19322] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  759.111456][T19322] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  759.120272][T19322] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  759.141818][T19322] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  759.366461][T14761] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  759.425617][T14761] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  759.491096][T19647] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  759.506483][T14761] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  759.539846][T14761] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  759.704567][T19653] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4951'.
[  759.988420][T19661] IPv6: NLM_F_CREATE should be specified when creating new route
[  760.022421][T19661] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4955'.
[  760.035788][T19665] FAULT_INJECTION: forcing a failure.
[  760.035788][T19665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  760.071620][T19665] CPU: 0 PID: 19665 Comm: syz.0.4956 Not tainted syzkaller #0
[  760.079195][T19665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  760.089309][T19665] Call Trace:
[  760.092644][T19665]  <TASK>
[  760.095623][T19665]  dump_stack_lvl+0x18c/0x250
[  760.100717][T19665]  ? show_regs_print_info+0x20/0x20
[  760.106017][T19665]  ? load_image+0x420/0x420
[  760.110590][T19665]  ? __might_fault+0xaa/0x120
[  760.115322][T19665]  ? __lock_acquire+0x7d40/0x7d40
[  760.120406][T19665]  should_fail_ex+0x39d/0x4d0
[  760.125150][T19665]  _copy_from_user+0x2f/0xe0
[  760.129805][T19665]  __sys_bpf+0x23e/0x890
[  760.134294][T19665]  ? bpf_link_show_fdinfo+0x390/0x390
[  760.139737][T19665]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  760.145957][T19665]  __x64_sys_bpf+0x7c/0x90
[  760.150473][T19665]  do_syscall_64+0x55/0xa0
[  760.154948][T19665]  ? clear_bhb_loop+0x40/0x90
[  760.159679][T19665]  ? clear_bhb_loop+0x40/0x90
[  760.164412][T19665]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  760.170359][T19665] RIP: 0033:0x7fae7f79ce59
[  760.174811][T19665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  760.194471][T19665] RSP: 002b:00007fae8066d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  760.202922][T19665] RAX: ffffffffffffffda RBX: 00007fae7fa15fa0 RCX: 00007fae7f79ce59
[  760.210930][T19665] RDX: 0000000000000020 RSI: 00002000000009c0 RDI: 0000000000000002
[  760.219369][T19665] RBP: 00007fae8066d090 R08: 0000000000000000 R09: 0000000000000000
[  760.227453][T19665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  760.235455][T19665] R13: 00007fae7fa16038 R14: 00007fae7fa15fa0 R15: 00007ffedf64ba18
[  760.243468][T19665]  </TASK>
[  760.522161][T19672] syzkaller0: entered promiscuous mode
[  760.538208][T19672] syzkaller0: entered allmulticast mode
[  761.316491][ T5784] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  761.340287][ T5784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  761.350789][ T5784] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  761.361945][ T5784] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  761.379507][ T5784] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  761.387219][ T5784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  763.443052][   T51] Bluetooth: hci1: command tx timeout
[  763.670163][ T1137] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.816608][ T1137] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.950100][ T1137] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.079737][ T1137] .`: (slave netdevsim0): Releasing backup interface
[  764.102801][ T1137] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[  764.122363][ T1137] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[  764.153073][ T1137] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.217222][T19718] netlink: 'syz.3.4973': attribute type 19 has an invalid length.
[  764.225550][T19718] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4973'.
[  764.258591][T19718] caif0: entered promiscuous mode
[  764.264987][T19718] caif0: entered allmulticast mode
[  764.282015][T19718] net_ratelimit: 42 callbacks suppressed
[  764.282032][T19718] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  764.560909][T19693] chnl_net:caif_netlink_parms(): no params data found
[  764.936976][T19735] syzkaller0: entered promiscuous mode
[  764.971587][T19735] syzkaller0: entered allmulticast mode
[  765.372381][T19693] bridge0: port 1(bridge_slave_0) entered blocking state
[  765.386645][T19693] bridge0: port 1(bridge_slave_0) entered disabled state
[  765.401220][T19693] bridge_slave_0: entered allmulticast mode
[  765.420574][T19693] bridge_slave_0: entered promiscuous mode
[  765.524160][   T51] Bluetooth: hci1: command tx timeout
[  767.618039][   T51] Bluetooth: hci1: command tx timeout
[  767.913245][T19693] bridge0: port 2(bridge_slave_1) entered blocking state
[  767.920439][T19693] bridge0: port 2(bridge_slave_1) entered disabled state
[  767.928682][T19693] bridge_slave_1: entered allmulticast mode
[  767.936229][T19693] bridge_slave_1: entered promiscuous mode
[  768.477362][T19693] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  768.511240][T19693] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  769.033700][T19818] netlink: 'syz.1.4996': attribute type 4 has an invalid length.
[  769.052093][T19818] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4996'.
[  769.681696][   T51] Bluetooth: hci1: command tx timeout
[  769.804097][T19832] FAULT_INJECTION: forcing a failure.
[  769.804097][T19832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  769.819121][T19832] CPU: 0 PID: 19832 Comm: syz.1.4999 Not tainted syzkaller #0
[  769.826647][T19832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  769.836755][T19832] Call Trace:
[  769.840074][T19832]  <TASK>
[  769.843032][T19832]  dump_stack_lvl+0x18c/0x250
[  769.847775][T19832]  ? show_regs_print_info+0x20/0x20
[  769.853021][T19832]  ? load_image+0x420/0x420
[  769.857595][T19832]  ? __might_fault+0xaa/0x120
[  769.862344][T19832]  ? __lock_acquire+0x7d40/0x7d40
[  769.867440][T19832]  should_fail_ex+0x39d/0x4d0
[  769.872176][T19832]  _copy_to_user+0x2f/0xa0
[  769.876646][T19832]  generic_map_lookup_batch+0x8bd/0xc60
[  769.882250][T19832]  ? bpf_map_update_value+0x720/0x720
[  769.887656][T19832]  ? __fdget+0x180/0x210
[  769.892025][T19832]  ? bpf_map_update_value+0x720/0x720
[  769.897439][T19832]  bpf_map_do_batch+0x2cb/0x610
[  769.902355][T19832]  ? bpf_lsm_bpf+0x9/0x10
[  769.906742][T19832]  ? security_bpf+0x7e/0xa0
[  769.911285][T19832]  __sys_bpf+0x7d7/0x890
[  769.915559][T19832]  ? bpf_link_show_fdinfo+0x390/0x390
[  769.920981][T19832]  ? lock_chain_count+0x20/0x20
[  769.925873][T19832]  __x64_sys_bpf+0x7c/0x90
[  769.930334][T19832]  do_syscall_64+0x55/0xa0
[  769.934785][T19832]  ? clear_bhb_loop+0x40/0x90
[  769.939506][T19832]  ? clear_bhb_loop+0x40/0x90
[  769.944228][T19832]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  769.950163][T19832] RIP: 0033:0x7f3cb979ce59
[  769.954621][T19832] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  769.974374][T19832] RSP: 002b:00007f3cba70c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  769.982865][T19832] RAX: ffffffffffffffda RBX: 00007f3cb9a15fa0 RCX: 00007f3cb979ce59
[  769.990913][T19832] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  769.998919][T19832] RBP: 00007f3cba70c090 R08: 0000000000000000 R09: 0000000000000000
[  770.006922][T19832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  770.015032][T19832] R13: 00007f3cb9a16038 R14: 00007f3cb9a15fa0 R15: 00007ffe3034cee8
[  770.023071][T19832]  </TASK>
[  771.870634][T19802] netlink: 'syz.0.4993': attribute type 2 has an invalid length.
[  771.878835][T19802] netlink: 'syz.0.4993': attribute type 8 has an invalid length.
[  771.887174][T19802] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4993'.
[  771.939331][T19693] team0: Port device team_slave_0 added
[  771.945962][T19805] netlink: 'syz.0.4993': attribute type 11 has an invalid length.
[  771.994343][T19693] team0: Port device team_slave_1 added
[  772.204735][ T1137] gretap0 (unregistering): left allmulticast mode
[  772.211233][ T1137] gretap0 (unregistering): left promiscuous mode
[  772.244992][ T1137] Ÿë
: port 1(gretap0) entered disabled state
[  772.304347][T19693] batman_adv: batadv0: Adding interface: batadv_slave_0
[  772.311365][T19693] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  772.392295][T19693] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  772.474388][T19693] batman_adv: batadv0: Adding interface: batadv_slave_1
[  772.482715][T19693] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  772.509740][T19693] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  772.608291][T19865] netlink: 192436 bytes leftover after parsing attributes in process `syz.1.5008'.
[  772.650084][T19865] openvswitch: netlink: Duplicate key (type 0).
[  772.689718][T19852] syzkaller0: entered promiscuous mode
[  772.698671][T19852] syzkaller0: entered allmulticast mode
[  772.742431][T19861] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5008'.
[  775.320552][T19879] netlink: 65051 bytes leftover after parsing attributes in process `syz.3.5011'.
[  775.372165][T19693] hsr_slave_0: entered promiscuous mode
[  775.392664][T19693] hsr_slave_1: entered promiscuous mode
[  775.416845][T19693] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  775.446493][T19693] Cannot create hsr debugfs directory
[  775.816688][T19906] FAULT_INJECTION: forcing a failure.
[  775.816688][T19906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  775.834937][T19906] CPU: 0 PID: 19906 Comm: syz.0.5016 Not tainted syzkaller #0
[  775.842486][T19906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  775.852591][T19906] Call Trace:
[  775.855912][T19906]  <TASK>
[  775.859053][T19906]  dump_stack_lvl+0x18c/0x250
[  775.863797][T19906]  ? show_regs_print_info+0x20/0x20
[  775.869074][T19906]  ? load_image+0x420/0x420
[  775.873652][T19906]  ? __might_fault+0xaa/0x120
[  775.878381][T19906]  ? __lock_acquire+0x7d40/0x7d40
[  775.883461][T19906]  ? __virt_addr_valid+0x18c/0x540
[  775.888633][T19906]  should_fail_ex+0x39d/0x4d0
[  775.893375][T19906]  _copy_from_user+0x2f/0xe0
[  775.898027][T19906]  ___bpf_copy_key+0xb0/0x100
[  775.902769][T19906]  map_update_elem+0x260/0x700
[  775.907604][T19906]  __sys_bpf+0x6b5/0x890
[  775.911907][T19906]  ? bpf_link_show_fdinfo+0x390/0x390
[  775.917379][T19906]  ? lock_chain_count+0x20/0x20
[  775.922304][T19906]  __x64_sys_bpf+0x7c/0x90
[  775.926810][T19906]  do_syscall_64+0x55/0xa0
[  775.931271][T19906]  ? clear_bhb_loop+0x40/0x90
[  775.936181][T19906]  ? clear_bhb_loop+0x40/0x90
[  775.940920][T19906]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  775.946872][T19906] RIP: 0033:0x7fae7f79ce59
[  775.951339][T19906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  775.971094][T19906] RSP: 002b:00007fae8062b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  775.979563][T19906] RAX: ffffffffffffffda RBX: 00007fae7fa16180 RCX: 00007fae7f79ce59
[  775.987666][T19906] RDX: 0000000000000020 RSI: 00002000000009c0 RDI: 0000000000000002
[  775.995765][T19906] RBP: 00007fae8062b090 R08: 0000000000000000 R09: 0000000000000000
[  776.003782][T19906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  776.011802][T19906] R13: 00007fae7fa16218 R14: 00007fae7fa16180 R15: 00007ffedf64ba18
[  776.019938][T19906]  </TASK>
[  776.332798][T19913] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5017'.
[  778.647209][T19913] netlink: 'syz.0.5017': attribute type 2 has an invalid length.
[  778.919984][T19930] netlink: 'syz.0.5020': attribute type 21 has an invalid length.
[  778.938310][T19930] netlink: 'syz.0.5020': attribute type 6 has an invalid length.
[  779.427624][T19940] netlink: 'syz.0.5024': attribute type 39 has an invalid length.
[  779.901488][ T1137] 
[  779.903903][ T1137] ======================================================
[  779.910968][ T1137] WARNING: possible circular locking dependency detected
[  779.918051][ T1137] syzkaller #0 Not tainted
[  779.922520][ T1137] ------------------------------------------------------
[  779.929582][ T1137] kworker/u4:7/1137 is trying to acquire lock:
[  779.935778][ T1137] ffff888030bb8d00 (team->team_lock_key#8){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  779.945456][ T1137] 
[  779.945456][ T1137] but task is already holding lock:
[  779.952864][ T1137] ffff888031b48768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x29a/0x690
[  779.963290][ T1137] 
[  779.963290][ T1137] which lock already depends on the new lock.
[  779.963290][ T1137] 
[  779.973749][ T1137] 
[  779.973749][ T1137] the existing dependency chain (in reverse order) is:
[  779.982797][ T1137] 
[  779.982797][ T1137] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  779.990580][ T1137]        __mutex_lock+0x136/0xcc0
[  779.995667][ T1137]        ieee80211_open+0x144/0x200
[  780.000933][ T1137]        __dev_open+0x2cb/0x430
[  780.005853][ T1137]        dev_open+0xab/0x190
[  780.010493][ T1137]        team_add_slave+0x75f/0x29a0
[  780.015835][ T1137]        do_setlink+0xdfe/0x4130
[  780.020801][ T1137]        rtnl_newlink+0x17da/0x20a0
[  780.026022][ T1137]        rtnetlink_rcv_msg+0x869/0xfa0
[  780.031503][ T1137]        netlink_rcv_skb+0x241/0x4d0
[  780.036812][ T1137]        netlink_unicast+0x751/0x8d0
[  780.042130][ T1137]        netlink_sendmsg+0x8d0/0xbf0
[  780.047531][ T1137]        ____sys_sendmsg+0x5ba/0x960
[  780.052832][ T1137]        ___sys_sendmsg+0x2a6/0x360
[  780.058148][ T1137]        __se_sys_sendmsg+0x1c2/0x2b0
[  780.063556][ T1137]        do_syscall_64+0x55/0xa0
[  780.068534][ T1137]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  780.074985][ T1137] 
[  780.074985][ T1137] -> #0 (team->team_lock_key#8){+.+.}-{3:3}:
[  780.083183][ T1137]        __lock_acquire+0x2df1/0x7d40
[  780.088585][ T1137]        lock_acquire+0x19e/0x420
[  780.093640][ T1137]        __mutex_lock+0x136/0xcc0
[  780.098702][ T1137]        team_del_slave+0x32/0x1c0
[  780.103837][ T1137]        team_device_event+0x28d/0xa20
[  780.109322][ T1137]        notifier_call_chain+0x197/0x380
[  780.114980][ T1137]        unregister_netdevice_many_notify+0x100d/0x1900
[  780.121934][ T1137]        unregister_netdevice_queue+0x32c/0x370
[  780.128188][ T1137]        _cfg80211_unregister_wdev+0x16b/0x580
[  780.134402][ T1137]        ieee80211_remove_interfaces+0x49e/0x690
[  780.140778][ T1137]        ieee80211_unregister_hw+0x5d/0x2a0
[  780.146704][ T1137]        mac80211_hwsim_del_radio+0x289/0x480
[  780.152809][ T1137]        hwsim_exit_net+0x58d/0x650
[  780.158036][ T1137]        cleanup_net+0x70a/0xbb0
[  780.163011][ T1137]        process_scheduled_works+0xa5d/0x15d0
[  780.169103][ T1137]        worker_thread+0xa55/0xfc0
[  780.174234][ T1137]        kthread+0x2fa/0x390
[  780.178843][ T1137]        ret_from_fork+0x48/0x80
[  780.183822][ T1137]        ret_from_fork_asm+0x11/0x20
[  780.189210][ T1137] 
[  780.189210][ T1137] other info that might help us debug this:
[  780.189210][ T1137] 
[  780.199460][ T1137]  Possible unsafe locking scenario:
[  780.199460][ T1137] 
[  780.206927][ T1137]        CPU0                    CPU1
[  780.212310][ T1137]        ----                    ----
[  780.217690][ T1137]   lock(&rdev->wiphy.mtx);
[  780.222220][ T1137]                                lock(team->team_lock_key#8);
[  780.229711][ T1137]                                lock(&rdev->wiphy.mtx);
[  780.236753][ T1137]   lock(team->team_lock_key#8);
[  780.241809][ T1137] 
[  780.241809][ T1137]  *** DEADLOCK ***
[  780.241809][ T1137] 
[  780.249979][ T1137] 5 locks held by kworker/u4:7/1137:
[  780.255288][ T1137]  #0: ffff88801a254938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  780.266205][ T1137]  #1: ffffc900046efd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  780.276859][ T1137]  #2: ffffffff8e3b5a90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x14c/0xbb0
[  780.286294][ T1137]  #3: ffffffff8e3c2ac8 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[  780.296152][ T1137]  #4: ffff888031b48768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x29a/0x690
[  780.306969][ T1137] 
[  780.306969][ T1137] stack backtrace:
[  780.312868][ T1137] CPU: 1 PID: 1137 Comm: kworker/u4:7 Not tainted syzkaller #0
[  780.320445][ T1137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  780.330521][ T1137] Workqueue: netns cleanup_net
[  780.335320][ T1137] Call Trace:
[  780.338638][ T1137]  <TASK>
[  780.341594][ T1137]  dump_stack_lvl+0x18c/0x250
[  780.346301][ T1137]  ? load_image+0x420/0x420
[  780.350917][ T1137]  ? show_regs_print_info+0x20/0x20
[  780.356158][ T1137]  ? print_circular_bug+0x12b/0x1a0
[  780.361384][ T1137]  check_noncircular+0x2fc/0x400
[  780.366353][ T1137]  ? print_deadlock_bug+0x5d0/0x5d0
[  780.371578][ T1137]  ? lockdep_lock+0xf5/0x230
[  780.376188][ T1137]  ? __lock_acquire+0x1273/0x7d40
[  780.381247][ T1137]  ? _find_first_zero_bit+0xd3/0x100
[  780.386553][ T1137]  __lock_acquire+0x2df1/0x7d40
[  780.391447][ T1137]  ? verify_lock_unused+0x140/0x140
[  780.396673][ T1137]  ? verify_lock_unused+0x140/0x140
[  780.401992][ T1137]  lock_acquire+0x19e/0x420
[  780.406530][ T1137]  ? team_del_slave+0x32/0x1c0
[  780.411842][ T1137]  ? __might_sleep+0xe0/0xe0
[  780.416475][ T1137]  ? read_lock_is_recursive+0x20/0x20
[  780.421963][ T1137]  __mutex_lock+0x136/0xcc0
[  780.426490][ T1137]  ? team_del_slave+0x32/0x1c0
[  780.431268][ T1137]  ? __lock_acquire+0x7d40/0x7d40
[  780.436310][ T1137]  ? rcu_is_watching+0x15/0xb0
[  780.441108][ T1137]  ? trace_contention_end+0x39/0xe0
[  780.446329][ T1137]  ? __mutex_lock+0x315/0xcc0
[  780.451029][ T1137]  ? team_del_slave+0x32/0x1c0
[  780.455825][ T1137]  ? mutex_lock_nested+0x20/0x20
[  780.460784][ T1137]  ? bond_netdev_event+0xeb/0xf20
[  780.465836][ T1137]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  780.471490][ T1137]  team_del_slave+0x32/0x1c0
[  780.476100][ T1137]  team_device_event+0x28d/0xa20
[  780.481085][ T1137]  notifier_call_chain+0x197/0x380
[  780.486236][ T1137]  unregister_netdevice_many_notify+0x100d/0x1900
[  780.492670][ T1137]  ? lock_chain_count+0x20/0x20
[  780.497543][ T1137]  ? unregister_netdevice_many+0x20/0x20
[  780.503201][ T1137]  ? kernfs_remove_by_name_ns+0x117/0x150
[  780.509060][ T1137]  ? __lock_acquire+0x7d40/0x7d40
[  780.514117][ T1137]  unregister_netdevice_queue+0x32c/0x370
[  780.519884][ T1137]  ? list_netdevice+0x730/0x730
[  780.524774][ T1137]  ? kernfs_remove_by_name_ns+0x117/0x150
[  780.530543][ T1137]  _cfg80211_unregister_wdev+0x16b/0x580
[  780.536206][ T1137]  ieee80211_remove_interfaces+0x49e/0x690
[  780.542046][ T1137]  ? ieee80211_do_stop+0x1e20/0x1e20
[  780.547363][ T1137]  ? rcu_is_watching+0x15/0xb0
[  780.552164][ T1137]  ieee80211_unregister_hw+0x5d/0x2a0
[  780.557570][ T1137]  mac80211_hwsim_del_radio+0x289/0x480
[  780.563144][ T1137]  ? rhashtable_remove_fast+0xc00/0xc00
[  780.568714][ T1137]  hwsim_exit_net+0x58d/0x650
[  780.573415][ T1137]  ? hwsim_init_net+0x90/0x90
[  780.578117][ T1137]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[  780.584021][ T1137]  cleanup_net+0x70a/0xbb0
[  780.588466][ T1137]  ? ops_free_list+0x3b0/0x3b0
[  780.593257][ T1137]  ? _raw_spin_unlock_irq+0x23/0x50
[  780.598482][ T1137]  ? process_scheduled_works+0x96f/0x15d0
[  780.604232][ T1137]  ? process_scheduled_works+0x96f/0x15d0
[  780.610010][ T1137]  process_scheduled_works+0xa5d/0x15d0
[  780.615617][ T1137]  ? worker_attach_to_pool+0x380/0x380
[  780.621115][ T1137]  ? assign_work+0x3d2/0x5d0
[  780.625731][ T1137]  worker_thread+0xa55/0xfc0
[  780.630352][ T1137]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  780.636271][ T1137]  ? _raw_spin_unlock+0x40/0x40
[  780.641148][ T1137]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  780.647097][ T1137]  kthread+0x2fa/0x390
[  780.651196][ T1137]  ? pr_cont_work+0x560/0x560
[  780.655932][ T1137]  ? kthread_blkcg+0xd0/0xd0
[  780.660566][ T1137]  ret_from_fork+0x48/0x80
[  780.665009][ T1137]  ? kthread_blkcg+0xd0/0xd0
[  780.669625][ T1137]  ret_from_fork_asm+0x11/0x20
[  780.674428][ T1137]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  780.762324][ T1137] team0: Port device ..ãc¤± removed
[  781.519550][ T1137] hsr_slave_0: left promiscuous mode
[  781.540264][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  781.564924][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  781.589270][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  781.597008][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  781.605189][ T1137] bridge_slave_0: left allmulticast mode
[  781.610880][ T1137] bridge_slave_0: left promiscuous mode
[  781.616832][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  781.630009][ T1137] veth1_macvtap: left allmulticast mode
[  781.636167][ T1137] veth1_macvtap: left promiscuous mode
[  781.642018][ T1137] veth0_macvtap: left promiscuous mode
[  783.706246][ T1137] team0 (unregistering): Port device team_slave_1 removed
[  783.738233][ T1137] team0 (unregistering): Port device team_slave_0 removed
[  783.783897][ T1137] .` (unregistering): (slave 
cÙ): Releasing backup interface
[  783.792952][ T1137] Ù (unregistering): left promiscuous mode
[  783.798877][ T1137] Ù (unregistering): left allmulticast mode
[  783.826684][ T1137] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  783.835567][ T1137] bond_slave_0 (unregistering): left promiscuous mode
[  783.845501][ T1137] bond_slave_0 (unregistering): left allmulticast mode
[  783.876836][ T1137] .` (unregistering): (slave bridge_slave_1): Releasing backup interface
[  783.885761][ T1137] bridge_slave_1 (unregistering): left promiscuous mode
[  783.893748][ T1137] bridge_slave_1 (unregistering): left allmulticast mode
[  784.030843][ T1137] .` (unregistering): (slave dummy0): Releasing backup interface
[  784.039603][ T1137] dummy0 (unregistering): left promiscuous mode
[  784.045946][ T1137] dummy0 (unregistering): left allmulticast mode
[  784.080064][ T1137] .` (unregistering): Released all slaves
[  784.765032][ T1137] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  784.828450][ T1137] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  784.896325][ T1137] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  784.946709][ T1137] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.097181][ T1137] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.139751][ T1137] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.200235][ T1137] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.247880][ T1137] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.377342][ T1137] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.418502][ T1137] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.459451][ T1137] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.519767][ T1137] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.815188][ T1137] ip6gretap0 (unregistering): left allmulticast mode
[  785.822015][ T1137] ip6gretap0 (unregistering): left promiscuous mode
[  785.828744][ T1137] Ÿë
: port 1(ip6gretap0) entered disabled state
[  785.859713][ T1137] ip6gretap0 (unregistering): left allmulticast mode
[  785.873087][ T1137] ip6gretap0 (unregistering): left promiscuous mode
[  785.880939][ T1137] GPL: port 1(ip6gretap0) entered disabled state
[  787.134750][ T1137] hsr_slave_0: left promiscuous mode
[  787.140768][ T1137] hsr_slave_1: left promiscuous mode
[  787.148055][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  787.157502][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  787.166793][ T1137] bridge_slave_1: left allmulticast mode
[  787.173909][ T1137] bridge_slave_1: left promiscuous mode
[  787.179686][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  787.189340][ T1137] bridge_slave_0: left allmulticast mode
[  787.196023][ T1137] bridge_slave_0: left promiscuous mode
[  787.203098][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  787.218120][ T1137] hsr_slave_0: left promiscuous mode
[  787.225360][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  787.236719][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  787.245702][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  787.254171][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  787.263038][ T1137] hsr0: left allmulticast mode
[  787.268013][ T1137] bridge0: port 2(hsr0) entered disabled state
[  787.284547][ T1137] team0: left allmulticast mode
[  787.289472][ T1137] C: left allmulticast mode
[  787.295260][ T1137] team_slave_1: left allmulticast mode
[  787.300960][ T1137] bridge0: port 4(team0) entered disabled state
[  787.310288][ T1137] bond0: left allmulticast mode
[  787.316111][ T1137] bond_slave_0: left allmulticast mode
[  787.322751][ T1137] bond_slave_1: left allmulticast mode
[  787.328344][ T1137] bridge_slave_1: left allmulticast mode
[  787.335568][ T1137] bridge0: port 3(bond0) entered disabled state
[  787.345941][ T1137] bridge_slave_0: left allmulticast mode
[  787.351781][ T1137] bridge_slave_0: left promiscuous mode
[  787.357501][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  787.370506][ T1137] hsr_slave_0: left promiscuous mode
[  787.376875][ T1137] hsr_slave_1: left promiscuous mode
[  787.382955][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  787.390388][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  787.398701][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  787.408181][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  787.415989][ T1137] hsr0: left allmulticast mode
[  787.420908][ T1137] bridge0: port 3(hsr0) entered disabled state
[  787.428589][ T1137] bridge_slave_1: left allmulticast mode
[  787.434304][ T1137] bridge_slave_1: left promiscuous mode
[  787.440076][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  787.448958][ T1137] bridge_slave_0: left allmulticast mode
[  787.454880][ T1137] bridge_slave_0: left promiscuous mode
[  787.460556][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  787.473686][ T1137] hsr_slave_0: left promiscuous mode
[  787.479465][ T1137] hsr_slave_1: left promiscuous mode
[  787.486155][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  787.493660][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  787.503120][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  787.510537][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  787.518488][ T1137] bridge_slave_1: left allmulticast mode
[  787.524596][ T1137] bridge_slave_1: left promiscuous mode
[  787.530273][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  787.539001][ T1137] bridge_slave_0: left allmulticast mode
[  787.544898][ T1137] bridge_slave_0: left promiscuous mode
[  787.550571][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  787.565279][ T1137] veth0_macvtap: left promiscuous mode
[  787.570859][ T1137] veth1_vlan: left promiscuous mode
[  787.577561][ T1137] veth1_macvtap: left promiscuous mode
[  787.583763][ T1137] veth0_macvtap: left promiscuous mode
[  787.589326][ T1137] veth1_vlan: left promiscuous mode
[  787.594702][ T1137] veth0_vlan: left promiscuous mode
[  787.600972][ T1137] veth1_macvtap: left promiscuous mode
[  787.607996][ T1137] veth0_macvtap: left promiscuous mode
[  787.613665][ T1137] veth1_vlan: left promiscuous mode
[  787.618947][ T1137] veth0_vlan: left promiscuous mode
[  787.936169][ T1137] team0 (unregistering): Port device team_slave_1 removed
[  787.981656][ T1137] team0 (unregistering): Port device team_slave_0 removed
[  788.010519][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  788.026921][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  788.100358][ T1137] bond0 (unregistering): Released all slaves
[  788.359668][ T1137] team_slave_1 (unregistering): left promiscuous mode
[  788.367344][ T1137] team0 (unregistering): Port device team_slave_1 removed
[  788.383718][ T1137] C (unregistering): left promiscuous mode
[  788.390243][ T1137] team0 (unregistering): Port device C removed
[  788.424980][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  788.433932][ T1137] bond_slave_1 (unregistering): left promiscuous mode
[  788.459513][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  788.468371][ T1137] bond_slave_0 (unregistering): left promiscuous mode
[  788.500088][ T1137] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  788.509393][ T1137] bridge_slave_1 (unregistering): left promiscuous mode
[  788.580466][ T1137] bond0 (unregistering): Released all slaves