last executing test programs:

3.733797577s ago: executing program 1 (id=1015):
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x6, 0xc, &(0x7f0000000500), 0x4)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x8, &(0x7f0000004380)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7235f1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a49bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x91}, 0x2b)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
r2 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000240)="a2", 0x1}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
gettid()
sendmsg$unix(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x22, &(0x7f00000018c0), 0x4)
recvmsg(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002d00)=""/78, 0x4e}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x1}]}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
setsockopt$sock_attach_bpf(r2, 0x84, 0x7c, &(0x7f0000000000), 0xc)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x2c}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000340)="f40000ffffff890000000000000000000000ffffff8d00000100"/40, 0x28}], 0x1}, 0x0)

3.56928275s ago: executing program 2 (id=1018):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)

3.259793226s ago: executing program 3 (id=1020):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21bef5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f94306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a835701bea8240399c56ce8f58df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b262341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a28"], &(0x7f0000000000)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000003b40)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a0091"], 0xfe33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00'}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x9, &(0x7f0000000880)=@raw=[@map_idx={0x18, 0x8, 0x5, 0x0, 0x8}, @jmp={0x5, 0x1, 0x0, 0xb, 0x8, 0x4, 0xb497b837329af6d0}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5}, @generic={0x0, 0x3, 0xa, 0x1000, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}], &(0x7f0000000900)='syzkaller\x00', 0x8, 0xe, &(0x7f0000000980)=""/14, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000a40)=[{0x2, 0x2, 0x8, 0x1}, {0x0, 0x1, 0xb, 0x5}], 0x10, 0x4}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x0, 0x0, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x7, 0x3, 0x6}, 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x10101)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d80000001c0081054e81f782db44b904021d08040e000000100d10a118000c000600142603600e1208000f0000810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee0800080e408e8d8ef52a98516277ce06ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad8099639cace81ed0bffec193e2a9ecbee5de6ccd4d6e4ed6f3d93452a92954b43370e970189", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="140000002200356bd25a806f8c6394f91124fc60", 0x14}], 0x1}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000800)='./cgroup.net/syz1\x00', 0x1ff)
r5 = socket$kcm(0x2b, 0x1, 0x0)
r6 = gettid()
syz_open_procfs$namespace(r6, &(0x7f0000000840)='ns/ipc\x00')
r7 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r7, 0x0, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000240)=ANY=[@ANYBLOB="1d100000120091ef"], 0xfe33)
close(r5)

3.255071565s ago: executing program 2 (id=1021):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500), 0x8)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.usage_user\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x20000811)
socket$kcm(0x29, 0x2, 0x0)

2.824936571s ago: executing program 3 (id=1024):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB], 0xa)

2.7138781s ago: executing program 1 (id=1025):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500), 0x8)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.usage_user\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x20000811)
socket$kcm(0x29, 0x2, 0x0)

2.644115695s ago: executing program 3 (id=1027):
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$TUNGETDEVNETNS(r0, 0x8982, 0x20000000)
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000180), 0x2}, 0x140, 0x80, 0x2, 0x1, 0x2, 0x0, 0x400, 0x0, 0xffff, 0x0, 0x6}, r1, 0x0, 0xffffffffffffffff, 0x1)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85feff0fc9"], 0x0}, 0x90)
socket$kcm(0x2b, 0x1, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848390000005e140602000000000e0027000f000000028000001294", 0x2e}], 0x1}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES8], 0x12)

2.427721823s ago: executing program 3 (id=1030):
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x6, 0xc, &(0x7f0000000500), 0x4)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x8, &(0x7f0000004380)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7235f1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a49bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x91}, 0x2b)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
r2 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000240)="a2", 0x1}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
gettid()
sendmsg$unix(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x22, &(0x7f00000018c0), 0x4)
recvmsg(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002d00)=""/78, 0x4e}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x7c, &(0x7f0000000000), 0xc)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x2c}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000340)="f40000ffffff890000000000000000000000ffffff8d00000100"/40, 0x28}], 0x1}, 0x0)

2.376773507s ago: executing program 4 (id=1031):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x8001)
socket$kcm(0x10, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="d5c61c9849a2d88b9d75d7f3d6c2de07ffdae41cabc1e0f5b5b952e807c83fa32e2b5d12f0e6b2a100b64322969d6d07db66905bd694bebe9ffef3e1988c78b8ff", @ANYRES32, @ANYBLOB], 0xfe33)
socket$kcm(0x2a, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000006c0)}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffdbfffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r2, 0x29, 0x24, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000001180)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[@ANYBLOB='g'], 0x27)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b90402", 0x11}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r5, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="98eb000014006bcd9e", 0xeb98}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)

2.209334201s ago: executing program 2 (id=1033):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6d}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0)
socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f00000005c0)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018"], 0x0, 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x90)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000280))
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000000), 0x4)
gettid()
sendmsg$unix(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r0, <r2=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000240)='%ps    \x00'}, 0x20)
close(r2)
recvmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r3, 0x84, 0x7c, &(0x7f0000000000), 0xc)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.904616436s ago: executing program 4 (id=1034):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21bef5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f94306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a835701bea8240399c56ce8f58df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b262341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a28"], &(0x7f0000000000)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000003b40)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a0091"], 0xfe33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00'}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x9, &(0x7f0000000880)=@raw=[@map_idx={0x18, 0x8, 0x5, 0x0, 0x8}, @jmp={0x5, 0x1, 0x0, 0xb, 0x8, 0x4, 0xb497b837329af6d0}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5}, @generic={0x0, 0x3, 0xa, 0x1000, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}], &(0x7f0000000900)='syzkaller\x00', 0x8, 0xe, &(0x7f0000000980)=""/14, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000a40)=[{0x2, 0x2, 0x8, 0x1}, {0x0, 0x1, 0xb, 0x5}], 0x10, 0x4}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x0, 0x0, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x7, 0x3, 0x6}, 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x10101)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d80000001c0081054e81f782db44b904021d08040e000000100d10a118000c000600142603600e1208000f0000810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee0800080e408e8d8ef52a98516277ce06ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad8099639cace81ed0bffec193e2a9ecbee5de6ccd4d6e4ed6f3d93452a92954b43370e970189", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="140000002200356bd25a806f8c6394f91124fc60", 0x14}], 0x1}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000800)='./cgroup.net/syz1\x00', 0x1ff)
r5 = socket$kcm(0x2b, 0x1, 0x0)
r6 = gettid()
syz_open_procfs$namespace(r6, &(0x7f0000000840)='ns/ipc\x00')
r7 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r7, 0x0, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000240)=ANY=[@ANYBLOB="1d100000120091ef"], 0xfe33)
close(r5)

1.904244626s ago: executing program 0 (id=1035):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x8}, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1}, 0x48)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.usage_user\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket$kcm(0x29, 0x2, 0x0)

1.632258388s ago: executing program 1 (id=1036):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0, &(0x7f0000000240)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, 0x0, &(0x7f0000000b40)}, 0x72)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10)
socketpair(0x0, 0x1, 0x0, &(0x7f0000000200))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000000000000850000001000000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r3 = perf_event_open(&(0x7f0000000b80)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x2, 0x0, 0x7f, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x26cb0087}, 0x0, 0x100000000000, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
socket$kcm(0xa, 0x6, 0x0)

1.437807124s ago: executing program 4 (id=1037):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB], 0xa)

1.391831257s ago: executing program 3 (id=1038):
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x6, 0xc, &(0x7f0000000500), 0x4)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x8, &(0x7f0000004380)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7235f1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a49bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x91}, 0x2b)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
r2 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000240)="a2", 0x1}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
gettid()
sendmsg$unix(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x22, &(0x7f00000018c0), 0x4)
recvmsg(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002d00)=""/78, 0x4e}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x1}]}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
setsockopt$sock_attach_bpf(r2, 0x84, 0x7c, &(0x7f0000000000), 0xc)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x2c}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000340)="f40000ffffff890000000000000000000000ffffff8d00000100"/40, 0x28}], 0x1}, 0x0)

1.367123769s ago: executing program 2 (id=1039):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x8}, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.usage_user\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket$kcm(0x29, 0x2, 0x0)

1.336892992s ago: executing program 0 (id=1040):
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$TUNGETDEVNETNS(r0, 0x8982, 0x20000000)
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000180), 0x2}, 0x140, 0x80, 0x2, 0x1, 0x2, 0x0, 0x400, 0x0, 0xffff, 0x0, 0x6}, r1, 0x0, 0xffffffffffffffff, 0x1)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85feff0fc9"], 0x0}, 0x90)
socket$kcm(0x2b, 0x1, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848390000005e140602000000000e0027000f000000028000001294", 0x2e}], 0x1}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES8], 0x12)

1.218907381s ago: executing program 4 (id=1041):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="00290a80e5893f6ae4cfbf0bd30f003b390b1cb91004f841b604dd3c606ab25a33e2be6026fdf18e6f84ab1c", 0x2c}], 0x1, &(0x7f0000000fc0)=ANY=[@ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="000000001c0000000000000001000000020000009f883971329effefd03b20ea7555e97a1412fbe3400a0ca71c29e926fe8d7ec40751192f60b1f3b0212b4693c0fee03c06e159a7201bd1f4c10d7024ff39360d0ef40cce28e418594d2640c93e10a5e0b046d938d5503131936b0f6ce608dfb7d26284d935f0a8c2a1f3ec87a2f71ea0cdb33d6c6f11c46d2dd2f1e89b", @ANYRES32, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x60}, 0x4)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b40)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x4}, 0x48)
sendmsg$unix(r1, &(0x7f0000000c80)={&(0x7f0000000980)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000a00)="54e436c860a0e4e087fe3004c0d06f4cfc3b71776bc1c057529c63920e27eafddd0468b23c9edbe2eaed6538cc6916cad485832e077a285419283ed70305171b569d17bf30c2c797e5729f441c697d71a5a9df09fc37642c6e582330ab7e95a59153038a31444f0267664c73b1147ef59d54b929f5cf7f89f1b6d5fa94a20060deb32d0a78e42283510c78dfe503be58fe414d4eaf2db01884f87d691f26a14401600f658c7c3e6e92ed22205e9a7ba1eb530cf9603007b279453d3492ca5c3b901a6d40c97ef41d5c364a55ad91c8a680912c77f5565e92a7549d33c4103b44de36c55c8c16939abc93ca6d62fc5d876596944b8daacfff", 0xf8}], 0x1, &(0x7f0000000c00)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [r1, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}], 0x50, 0x40080}, 0x4008000)

1.095964381s ago: executing program 1 (id=1042):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
sendmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="00290a80e5893f6ae4cfbf0bd30f003b390b1cb91004f841b604dd3c606ab25a33e2be6026fdf18e6f84ab1c", 0x2c}], 0x1, &(0x7f0000000fc0)=ANY=[@ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYRES32=r0, @ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="000000001c0000000000000001000000020000009f883971329effefd03b20ea7555e97a1412fbe3400a0ca71c29e926fe8d7ec40751192f60b1f3b0212b4693c0fee03c06e159a7201bd1f4c10d7024ff39360d0ef40cce28e418594d2640c93e10a5e0b046d938d5503131936b0f6ce608dfb7d26284d935f0a8c2a1f3ec87a2f71ea0cdb33d6c6f11c46d2dd2f1e89b", @ANYRES32, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x60}, 0x4)

1.053395004s ago: executing program 2 (id=1043):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500), 0x8)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.usage_user\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x20000811)
socket$kcm(0x29, 0x2, 0x0)

1.019900127s ago: executing program 1 (id=1044):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x8}, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
socket$kcm(0x2, 0x0, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.usage_user\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket$kcm(0x29, 0x2, 0x0)

952.567293ms ago: executing program 0 (id=1045):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x4008}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f00000002c0)=@framed={{}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @cb_func={0x18, 0x3, 0x4, 0x0, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x90)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000240)={0x2, &(0x7f0000000040)=[{}, {0x6}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@array, @int={0x0, 0x0, 0x0, 0x1, 0x5}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x4e}, 0x20)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x112})

952.056213ms ago: executing program 4 (id=1046):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x8001)
socket$kcm(0x10, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="d5c61c9849a2d88b9d75d7f3d6c2de07ffdae41cabc1e0f5b5b952e807c83fa32e2b5d12f0e6b2a100b64322969d6d07db66905bd694bebe9ffef3e1988c78b8ff", @ANYRES32, @ANYBLOB], 0xfe33)
socket$kcm(0x2a, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000006c0)}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffdbfffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r2, 0x29, 0x24, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000001180)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[@ANYBLOB='g'], 0x27)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b90402", 0x11}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r5, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="98eb000014006bcd9e", 0xeb98}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)

643.317588ms ago: executing program 0 (id=1047):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21bef5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f94306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a835701bea8240399c56ce8f58df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b262341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a28"], &(0x7f0000000000)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000003b40)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a0091"], 0xfe33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00'}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x9, &(0x7f0000000880)=@raw=[@map_idx={0x18, 0x8, 0x5, 0x0, 0x8}, @jmp={0x5, 0x1, 0x0, 0xb, 0x8, 0x4, 0xb497b837329af6d0}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5}, @generic={0x0, 0x3, 0xa, 0x1000, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}], &(0x7f0000000900)='syzkaller\x00', 0x8, 0xe, &(0x7f0000000980)=""/14, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000a40)=[{0x2, 0x2, 0x8, 0x1}, {0x0, 0x1, 0xb, 0x5}], 0x10, 0x4}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x0, 0x0, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x7, 0x3, 0x6}, 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x10101)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d80000001c0081054e81f782db44b904021d08040e000000100d10a118000c000600142603600e1208000f0000810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee0800080e408e8d8ef52a98516277ce06ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad8099639cace81ed0bffec193e2a9ecbee5de6ccd4d6e4ed6f3d93452a92954b43370e970189", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="140000002200356bd25a806f8c6394f91124fc60", 0x14}], 0x1}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000800)='./cgroup.net/syz1\x00', 0x1ff)
r5 = socket$kcm(0x2b, 0x1, 0x0)
r6 = gettid()
syz_open_procfs$namespace(r6, &(0x7f0000000840)='ns/ipc\x00')
r7 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r7, 0x0, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000240)=ANY=[@ANYBLOB="1d100000120091ef"], 0xfe33)
close(r5)

629.858789ms ago: executing program 4 (id=1048):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500), 0x8)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.usage_user\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x20000811)
socket$kcm(0x29, 0x2, 0x0)

462.504373ms ago: executing program 1 (id=1049):
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x6, 0xc, &(0x7f0000000500), 0x4)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x8, &(0x7f0000004380)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7235f1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a49bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x91}, 0x2b)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
r2 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000240)="a2", 0x1}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
gettid()
sendmsg$unix(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x22, &(0x7f00000018c0), 0x4)
setsockopt$sock_attach_bpf(r2, 0x84, 0x7c, &(0x7f0000000000), 0xc)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x2c}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000340)="f40000ffffff890000000000000000000000ffffff8d00000100"/40, 0x28}], 0x1}, 0x0)

439.425004ms ago: executing program 3 (id=1050):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6d}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0)
socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f00000005c0)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018"], 0x0, 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x90)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000280))
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000000), 0x4)
gettid()
sendmsg$unix(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r0, <r2=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000240)='%ps    \x00'}, 0x20)
close(r2)
recvmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r3, 0x84, 0x7c, &(0x7f0000000000), 0xc)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

330.271013ms ago: executing program 0 (id=1051):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB], 0xa)

197.053694ms ago: executing program 0 (id=1052):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0, &(0x7f0000000240)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, 0x0, &(0x7f0000000b40)}, 0x72)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10)
socketpair(0x0, 0x1, 0x0, &(0x7f0000000200))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000000000000850000001000000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r3 = perf_event_open(&(0x7f0000000b80)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x2, 0x0, 0x7f, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x26cb0087}, 0x0, 0x100000000000, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
socket$kcm(0xa, 0x6, 0x0)

0s ago: executing program 2 (id=1053):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x8}, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.usage_user\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket$kcm(0x29, 0x2, 0x0)

kernel console output (not intermixed with test programs):

nted 6.1.102-syzkaller #0
[   95.603484][ T4684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   95.613564][ T4684] Call Trace:
[   95.616858][ T4684]  <TASK>
[   95.619807][ T4684]  dump_stack_lvl+0x1e3/0x2cb
[   95.624511][ T4684]  ? nf_tcp_handle_invalid+0x642/0x642
[   95.629998][ T4684]  ? panic+0x764/0x764
[   95.634088][ T4684]  ? __might_sleep+0xb0/0xb0
[   95.638699][ T4684]  ? __lock_acquire+0x125b/0x1f80
[   95.643752][ T4684]  should_fail_ex+0x3a6/0x4d0
[   95.648456][ T4684]  should_failslab+0x5/0x20
[   95.652973][ T4684]  slab_pre_alloc_hook+0x59/0x300
[   95.658020][ T4684]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[   95.663735][ T4684]  __kmem_cache_alloc_node+0x47/0x260
[   95.669105][ T4684]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[   95.674854][ T4684]  __kmalloc+0xa1/0x230
[   95.678998][ T4684]  ? rcu_is_watching+0x11/0xb0
[   95.683750][ T4684]  tomoyo_realpath_from_path+0xcb/0x5d0
[   95.689294][ T4684]  tomoyo_path_number_perm+0x21f/0x7f0
[   95.694743][ T4684]  ? tomoyo_path_number_perm+0x1f2/0x7f0
[   95.700361][ T4684]  ? trace_event_raw_event_lock+0x240/0x240
[   95.706246][ T4684]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[   95.711707][ T4684]  ? __fget_files+0x28/0x4a0
[   95.716303][ T4684]  ? __fget_files+0x28/0x4a0
[   95.720882][ T4684]  ? __fget_files+0x435/0x4a0
[   95.725547][ T4684]  ? __fget_files+0x28/0x4a0
[   95.730124][ T4684]  security_file_ioctl+0x6d/0xa0
[   95.735051][ T4684]  __se_sys_ioctl+0x47/0x160
[   95.739639][ T4684]  do_syscall_64+0x3b/0xb0
[   95.744044][ T4684]  ? clear_bhb_loop+0x45/0xa0
[   95.748731][ T4684]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   95.754625][ T4684] RIP: 0033:0x7ff3a17773b9
[   95.759033][ T4684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.778647][ T4684] RSP: 002b:00007ff3a2556048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   95.787053][ T4684] RAX: ffffffffffffffda RBX: 00007ff3a1905f80 RCX: 00007ff3a17773b9
[   95.795010][ T4684] RDX: 0000000020000000 RSI: 000000000000890b RDI: 0000000000000004
[   95.802966][ T4684] RBP: 00007ff3a25560a0 R08: 0000000000000000 R09: 0000000000000000
[   95.810924][ T4684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.818882][ T4684] R13: 000000000000000b R14: 00007ff3a1905f80 R15: 00007fff4f8286c8
[   95.826859][ T4684]  </TASK>
[   95.953044][ T4684] ERROR: Out of memory at tomoyo_realpath_from_path.
[   96.287874][ T4709] netlink: 'syz.0.257': attribute type 12 has an invalid length.
[   96.315225][ T4701] can: request_module (can-proto-0) failed.
[   96.321809][ T4709] netlink: 132 bytes leftover after parsing attributes in process `syz.0.257'.
[   96.361389][ T4710] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.258'.
[   96.376125][ T4709] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.257'.
[   96.407374][ T4709] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.257'.
[   96.420982][ T4706] delete_channel: no stack
[   96.602215][ T4721] netlink: 'syz.3.262': attribute type 39 has an invalid length.
[   96.704241][ T4723] netpci0: tun_chr_ioctl cmd 1074025676
[   96.710414][ T4723] netpci0: owner set to 0
[   97.168781][ T4743] netlink: 'syz.0.271': attribute type 12 has an invalid length.
[   97.192375][ T4743] netlink: 132 bytes leftover after parsing attributes in process `syz.0.271'.
[   97.218139][ T4743] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.271'.
[   97.231733][ T4743] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.271'.
[   97.243222][ T4740] delete_channel: no stack
[   97.416869][ T4752] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.274'.
[   97.461324][ T4756] netlink: 'syz.3.276': attribute type 39 has an invalid length.
[   97.596056][ T4760] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.603532][ T4760] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.638124][ T4760] device bridge_slave_1 left promiscuous mode
[   97.645292][ T4760] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.655063][ T4760] device bridge_slave_0 left promiscuous mode
[   97.664383][ T4760] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.075753][ T4777] netlink: 'syz.2.285': attribute type 12 has an invalid length.
[   98.083629][ T4777] netlink: 132 bytes leftover after parsing attributes in process `syz.2.285'.
[   98.109769][ T4777] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.285'.
[   98.144828][ T4776] delete_channel: no stack
[   98.344622][ T4790] netlink: 'syz.0.290': attribute type 39 has an invalid length.
[   98.964101][ T4814] netlink: 'syz.2.300': attribute type 12 has an invalid length.
[   98.981293][ T4813] delete_channel: no stack
[   99.425853][ T4830] netlink: 'syz.2.307': attribute type 39 has an invalid length.
[   99.867288][ T4846] netlink: 'syz.4.313': attribute type 12 has an invalid length.
[   99.947305][ T4845] delete_channel: no stack
[  100.350158][ T4870] netlink: 'syz.3.323': attribute type 39 has an invalid length.
[  100.711147][ T4887] netlink: 'syz.3.330': attribute type 12 has an invalid length.
[  100.737080][ T4886] delete_channel: no stack
[  101.468286][ T4918] netlink: 'syz.2.343': attribute type 12 has an invalid length.
[  101.497461][ T4918] __nla_validate_parse: 14 callbacks suppressed
[  101.497477][ T4918] netlink: 132 bytes leftover after parsing attributes in process `syz.2.343'.
[  101.541689][ T4918] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.343'.
[  101.555213][ T4918] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.343'.
[  101.568902][ T4917] delete_channel: no stack
[  101.926440][ T4943] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.353'.
[  102.278500][ T4961] netlink: 'syz.2.359': attribute type 12 has an invalid length.
[  102.287626][ T4961] netlink: 132 bytes leftover after parsing attributes in process `syz.2.359'.
[  102.308670][ T4961] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.359'.
[  102.325639][ T4961] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.359'.
[  102.349331][ T4958] delete_channel: no stack
[  103.115585][ T4990] netlink: 'syz.4.373': attribute type 12 has an invalid length.
[  103.123505][ T4990] netlink: 132 bytes leftover after parsing attributes in process `syz.4.373'.
[  103.167885][ T4990] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.373'.
[  103.192494][ T4990] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.373'.
[  103.233073][ T4989] delete_channel: no stack
[  103.919017][ T5031] netlink: 'syz.2.389': attribute type 12 has an invalid length.
[  103.932680][ T5029] delete_channel: no stack
[  104.639578][ T5058] netlink: 'syz.4.402': attribute type 12 has an invalid length.
[  104.672282][ T5057] delete_channel: no stack
[  105.344157][ T5089] netlink: 'syz.0.416': attribute type 12 has an invalid length.
[  105.380645][ T5091] netlink: 'syz.3.417': attribute type 12 has an invalid length.
[  105.408641][ T5088] delete_channel: no stack
[  105.426696][ T5090] delete_channel: no stack
[  105.588569][ T5096] netlink: 'syz.3.421': attribute type 39 has an invalid length.
[  106.222058][ T5123] netlink: 'syz.0.431': attribute type 12 has an invalid length.
[  106.292199][ T5122] delete_channel: no stack
[  106.657904][ T5142] netlink: 'syz.2.439': attribute type 39 has an invalid length.
[  106.726475][ T3649] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  106.735820][ T3649] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  106.743530][ T3649] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  106.751451][ T3649] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  106.759061][ T3649] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  106.766329][ T3649] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  107.004146][ T5145] chnl_net:caif_netlink_parms(): no params data found
[  107.110130][ T5150] can: request_module (can-proto-0) failed.
[  107.235095][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.275544][ T5145] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.314660][ T5145] device bridge_slave_0 entered promiscuous mode
[  107.335133][ T5145] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.342645][ T5145] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.351293][ T5145] device bridge_slave_1 entered promiscuous mode
[  107.443566][ T5145] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.475890][ T5145] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.580540][ T5145] team0: Port device team_slave_0 added
[  107.604003][ T5145] team0: Port device team_slave_1 added
[  107.664588][ T5184] netlink: 'syz.3.453': attribute type 12 has an invalid length.
[  107.683508][ T5184] __nla_validate_parse: 15 callbacks suppressed
[  107.683527][ T5184] netlink: 132 bytes leftover after parsing attributes in process `syz.3.453'.
[  107.733114][ T5145] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.735839][ T5184] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.453'.
[  107.749598][ T5145] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.788709][ T5145] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.829587][ T5189] netlink: 'syz.0.455': attribute type 39 has an invalid length.
[  107.844016][ T5184] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.453'.
[  107.865842][ T5145] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.872828][ T5145] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.880829][ T5182] delete_channel: no stack
[  107.913207][ T5145] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.023584][ T5145] device hsr_slave_0 entered promiscuous mode
[  108.081940][ T5145] device hsr_slave_1 entered promiscuous mode
[  108.092724][ T5145] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.103763][ T5145] Cannot create hsr debugfs directory
[  108.392623][ T5145] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.543165][ T5145] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.597365][ T5218] netlink: 'syz.2.467': attribute type 39 has an invalid length.
[  108.680018][ T5145] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.762514][ T5145] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.805646][ T3641] Bluetooth: hci6: command tx timeout
[  108.836926][ T5227] netlink: 'syz.3.472': attribute type 12 has an invalid length.
[  108.844925][ T5227] netlink: 132 bytes leftover after parsing attributes in process `syz.3.472'.
[  108.859422][ T5227] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.472'.
[  108.926206][ T5227] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.472'.
[  108.963889][ T5226] delete_channel: no stack
[  109.050079][ T5145] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  109.100039][ T5145] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  109.153026][ T5145] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  109.182353][ T5145] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  109.390155][ T5145] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.406825][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  109.416716][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  109.426598][ T5246] netlink: 'syz.3.479': attribute type 39 has an invalid length.
[  109.440045][ T5145] 8021q: adding VLAN 0 to HW filter on device team0
[  109.453627][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.464000][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.498586][ T3680] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.505858][ T3680] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.544811][ T3681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  109.556302][ T3681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.583174][ T3681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.593322][ T3681] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.600482][ T3681] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.613146][ T3681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  109.641895][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  109.672018][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  109.690291][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.699041][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.708843][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.717843][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  109.730980][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  109.747403][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  109.759254][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  109.770908][ T5145] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  109.805506][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  110.268413][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  110.301264][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  110.333673][ T5145] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.360421][ T5284] netlink: 'syz.2.492': attribute type 39 has an invalid length.
[  110.447789][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  110.461729][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  110.479978][ T5145] device veth0_vlan entered promiscuous mode
[  110.493371][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  110.503057][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  110.519748][ T5145] device veth1_vlan entered promiscuous mode
[  110.529265][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  110.543704][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  110.552272][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  110.626292][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  110.642594][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  110.662036][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  110.685225][ T5145] device veth0_macvtap entered promiscuous mode
[  110.695193][ T5145] device veth1_macvtap entered promiscuous mode
[  110.717287][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.729565][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.750258][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.789756][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.799893][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.810879][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.822952][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.836322][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.846448][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.857623][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.868287][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.879274][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.887220][ T3649] Bluetooth: hci6: command tx timeout
[  110.905796][ T5145] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.941092][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  110.957664][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  110.988563][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  111.011653][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  111.022439][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.034230][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.044366][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.057314][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.067361][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.079483][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.089764][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.100568][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.110866][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.121690][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.132194][ T5145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.143026][ T5145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.175076][ T5145] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.221664][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  111.241200][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  111.265562][ T5145] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.297912][ T5145] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.315039][ T5145] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.323969][ T5145] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.481819][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.515049][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.532658][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.546149][ T5321] netlink: 'syz.0.506': attribute type 39 has an invalid length.
[  111.565394][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.575530][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  111.610995][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  111.769235][ T5328] netlink: 'syz.1.432': attribute type 12 has an invalid length.
[  111.812729][ T5328] netlink: 132 bytes leftover after parsing attributes in process `syz.1.432'.
[  111.841282][ T5328] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.432'.
[  111.898852][ T5328] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.432'.
[  111.953633][ T5326] delete_channel: no stack
[  112.284766][ T5351] netlink: 'syz.2.519': attribute type 39 has an invalid length.
[  112.664765][ T5372] netlink: 'syz.3.526': attribute type 12 has an invalid length.
[  112.737826][ T5372] netlink: 132 bytes leftover after parsing attributes in process `syz.3.526'.
[  112.783284][ T5372] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.526'.
[  112.793398][ T5372] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.526'.
[  112.846263][ T5369] delete_channel: no stack
[  112.965927][ T3649] Bluetooth: hci6: command tx timeout
[  113.055901][ T5383] netlink: 'syz.1.532': attribute type 39 has an invalid length.
[  113.570407][ T5410] netlink: 'syz.3.544': attribute type 12 has an invalid length.
[  113.595506][ T5410] netlink: 132 bytes leftover after parsing attributes in process `syz.3.544'.
[  113.623448][ T5410] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.544'.
[  113.676794][ T5410] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.544'.
[  113.707085][ T5409] delete_channel: no stack
[  113.874320][ T5423] netlink: 'syz.2.550': attribute type 39 has an invalid length.
[  114.487034][ T5449] netlink: 'syz.2.562': attribute type 12 has an invalid length.
[  114.520560][ T5449] netlink: 132 bytes leftover after parsing attributes in process `syz.2.562'.
[  114.569322][ T5449] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.562'.
[  114.580018][ T5449] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.562'.
[  114.601374][ T5448] delete_channel: no stack
[  114.648078][ T5458] netlink: 'syz.1.566': attribute type 39 has an invalid length.
[  115.045837][ T3649] Bluetooth: hci6: command tx timeout
[  115.384442][ T5486] netlink: 'syz.1.580': attribute type 12 has an invalid length.
[  115.395006][ T5486] netlink: 132 bytes leftover after parsing attributes in process `syz.1.580'.
[  115.413609][ T5490] netlink: 'syz.3.581': attribute type 39 has an invalid length.
[  115.458983][ T5485] delete_channel: no stack
[  116.150538][ T5521] netlink: 'syz.2.595': attribute type 12 has an invalid length.
[  116.196030][ T5520] delete_channel: no stack
[  116.301703][ T5528] netlink: 'syz.3.598': attribute type 39 has an invalid length.
[  116.869459][ T5552] netlink: 'syz.3.610': attribute type 12 has an invalid length.
[  116.940258][ T5550] delete_channel: no stack
[  117.067889][ T5560] netlink: 'syz.1.613': attribute type 39 has an invalid length.
[  117.340353][ T3649] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  117.349287][ T3649] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  117.360114][ T3649] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  117.376968][ T3649] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  117.386751][ T3649] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  117.394303][ T3649] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  117.591131][ T5574] can: request_module (can-proto-0) failed.
[  117.787405][ T5570] chnl_net:caif_netlink_parms(): no params data found
[  117.897879][ T5592] netlink: 'syz.1.625': attribute type 12 has an invalid length.
[  117.911796][ T5592] __nla_validate_parse: 8 callbacks suppressed
[  117.911813][ T5592] netlink: 132 bytes leftover after parsing attributes in process `syz.1.625'.
[  117.964086][ T5592] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.625'.
[  117.990982][ T5592] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.625'.
[  118.018455][ T5591] delete_channel: no stack
[  118.038088][ T5570] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.045604][ T5570] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.054071][ T5570] device bridge_slave_0 entered promiscuous mode
[  118.064389][ T5570] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.071992][ T5570] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.080494][ T5570] device bridge_slave_1 entered promiscuous mode
[  118.198306][ T5570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.232651][ T5570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.337483][ T5570] team0: Port device team_slave_0 added
[  118.361587][ T5570] team0: Port device team_slave_1 added
[  118.422687][ T5570] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.432884][ T5570] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.481258][ T5570] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.506811][ T5570] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.513871][ T5570] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.542236][ T5570] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.630824][ T5570] device hsr_slave_0 entered promiscuous mode
[  118.646370][ T5570] device hsr_slave_1 entered promiscuous mode
[  118.663290][ T5570] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  118.673435][ T5570] Cannot create hsr debugfs directory
[  118.879698][ T5630] validate_nla: 1 callbacks suppressed
[  118.879714][ T5630] netlink: 'syz.1.639': attribute type 12 has an invalid length.
[  118.903536][ T5630] netlink: 132 bytes leftover after parsing attributes in process `syz.1.639'.
[  118.937160][ T5630] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.639'.
[  118.957646][ T5630] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.639'.
[  118.968583][ T5632] netlink: 'syz.2.640': attribute type 39 has an invalid length.
[  118.978301][ T5629] delete_channel: no stack
[  119.059029][ T5570] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.206647][ T5570] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.334996][ T5570] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.445420][ T3641] Bluetooth: hci7: command tx timeout
[  119.481599][ T5570] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.533465][ T5656] netlink: 'syz.2.651': attribute type 39 has an invalid length.
[  119.639748][ T5660] netlink: 'syz.0.652': attribute type 12 has an invalid length.
[  119.655159][ T5660] netlink: 132 bytes leftover after parsing attributes in process `syz.0.652'.
[  119.714367][ T5660] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.652'.
[  119.734367][ T5570] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  119.768813][ T5570] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  119.814280][ T5660] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.652'.
[  119.832823][ T5570] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  119.846677][ T5659] delete_channel: no stack
[  119.872343][ T5570] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  120.131397][ T5570] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.202153][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  120.216302][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  120.238739][ T5570] 8021q: adding VLAN 0 to HW filter on device team0
[  120.265936][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  120.301132][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  120.320162][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.327355][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.382896][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  120.396140][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  120.419654][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  120.444931][ T2988] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.452114][ T2988] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.481666][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  120.519161][ T5690] netlink: 'syz.1.665': attribute type 39 has an invalid length.
[  120.548537][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  120.558483][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  120.570855][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  120.580175][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  120.599152][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  120.637077][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  120.687003][ T5695] netlink: 'syz.2.667': attribute type 12 has an invalid length.
[  120.694782][ T5695] netlink: 132 bytes leftover after parsing attributes in process `syz.2.667'.
[  120.709912][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  120.727960][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  120.747335][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  120.756988][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  120.778206][ T5570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  120.798647][ T5694] delete_channel: no stack
[  120.926284][ T5707] FAULT_INJECTION: forcing a failure.
[  120.926284][ T5707] name failslab, interval 1, probability 0, space 0, times 0
[  120.990366][ T5707] CPU: 0 PID: 5707 Comm: syz.0.672 Not tainted 6.1.102-syzkaller #0
[  120.998396][ T5707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  121.008475][ T5707] Call Trace:
[  121.011771][ T5707]  <TASK>
[  121.014714][ T5707]  dump_stack_lvl+0x1e3/0x2cb
[  121.019433][ T5707]  ? nf_tcp_handle_invalid+0x642/0x642
[  121.024919][ T5707]  ? panic+0x764/0x764
[  121.029017][ T5707]  should_fail_ex+0x3a6/0x4d0
[  121.033724][ T5707]  should_failslab+0x5/0x20
[  121.038256][ T5707]  slab_pre_alloc_hook+0x59/0x300
[  121.043307][ T5707]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  121.049317][ T5707]  kmem_cache_alloc+0x4e/0x2d0
[  121.054099][ T5707]  ? getname_flags+0xb8/0x4f0
[  121.058793][ T5707]  ? print_irqtrace_events+0x210/0x210
[  121.064278][ T5707]  getname_flags+0xb8/0x4f0
[  121.068803][ T5707]  ? syscall_enter_from_user_mode+0x2e/0x230
[  121.074806][ T5707]  ? lockdep_hardirqs_on+0x94/0x130
[  121.080029][ T5707]  __x64_sys_mkdir+0x5b/0x80
[  121.084644][ T5707]  do_syscall_64+0x3b/0xb0
[  121.089088][ T5707]  ? clear_bhb_loop+0x45/0xa0
[  121.093781][ T5707]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  121.099699][ T5707] RIP: 0033:0x7fd16ef773b9
[  121.104141][ T5707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.108117][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  121.123758][ T5707] RSP: 002b:00007fd16edff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  121.123785][ T5707] RAX: ffffffffffffffda RBX: 00007fd16f105f80 RCX: 00007fd16ef773b9
[  121.123797][ T5707] RDX: 0000000000000000 RSI: 7192346c17744cfa RDI: 0000000020000000
[  121.123809][ T5707] RBP: 00007fd16edff0a0 R08: 0000000000000000 R09: 0000000000000000
[  121.123820][ T5707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.123830][ T5707] R13: 000000000000000b R14: 00007fd16f105f80 R15: 00007ffdec2badb8
[  121.123853][ T5707]  </TASK>
[  121.133058][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  121.278168][ T5570] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.525379][ T3641] Bluetooth: hci7: command tx timeout
[  121.622898][ T5732] netlink: 'syz.0.680': attribute type 39 has an invalid length.
[  121.803534][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  121.825040][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  121.856166][ T5740] netlink: 'syz.0.683': attribute type 12 has an invalid length.
[  121.887379][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  121.910410][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  121.921489][ T5570] device veth0_vlan entered promiscuous mode
[  121.962799][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  121.977271][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  121.995922][ T5738] delete_channel: no stack
[  122.013613][ T5570] device veth1_vlan entered promiscuous mode
[  122.093924][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  122.116751][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  122.151665][ T5570] device veth0_macvtap entered promiscuous mode
[  122.171807][ T5570] device veth1_macvtap entered promiscuous mode
[  122.209143][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.219969][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.244038][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.259504][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.270457][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.281755][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.300531][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.314482][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.324570][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.336760][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.346659][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.359303][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.369329][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.380060][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.399856][ T5570] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.411087][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  122.420203][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  122.428790][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  122.439493][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  122.450725][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.462405][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.473182][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.484615][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.497137][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.524362][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.542887][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.553418][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.563328][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.576486][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.587346][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.599700][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.609698][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.620307][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.634564][ T5570] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.646507][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  122.657790][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  122.676317][ T5768] netlink: 'syz.0.692': attribute type 39 has an invalid length.
[  122.688507][ T5570] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.714043][ T5570] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.723438][ T5570] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.732449][ T5570] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.765627][ T5772] netlink: 'syz.1.694': attribute type 12 has an invalid length.
[  122.924731][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.944765][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.946007][ T5785] FAULT_INJECTION: forcing a failure.
[  122.946007][ T5785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.972400][ T4247] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.978403][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  122.981715][ T4247] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.003903][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  123.077563][ T5788] __nla_validate_parse: 6 callbacks suppressed
[  123.077581][ T5788] netlink: 132 bytes leftover after parsing attributes in process `syz.2.698'.
[  123.115154][ T5788] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.698'.
[  123.125450][ T5788] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.698'.
[  123.138497][ T5785] CPU: 0 PID: 5785 Comm: syz.1.697 Not tainted 6.1.102-syzkaller #0
[  123.139487][ T5787] delete_channel: no stack
[  123.146500][ T5785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  123.146514][ T5785] Call Trace:
[  123.146521][ T5785]  <TASK>
[  123.146528][ T5785]  dump_stack_lvl+0x1e3/0x2cb
[  123.146564][ T5785]  ? nf_tcp_handle_invalid+0x642/0x642
[  123.146587][ T5785]  ? panic+0x764/0x764
[  123.146607][ T5785]  ? __lock_acquire+0x1f80/0x1f80
[  123.146640][ T5785]  should_fail_ex+0x3a6/0x4d0
[  123.146668][ T5785]  _copy_from_user+0x2b/0x170
[  123.146688][ T5785]  copy_msghdr_from_user+0xaa/0x670
[  123.146717][ T5785]  ? sendmsg_copy_msghdr+0x70/0x70
[  123.206001][ T5785]  __sys_sendmsg+0x236/0x390
[  123.210601][ T5785]  ? ____sys_sendmsg+0x8f0/0x8f0
[  123.215546][ T5785]  ? vfs_write+0x6cf/0xbc0
[  123.219968][ T5785]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  123.225948][ T5785]  ? syscall_enter_from_user_mode+0x2e/0x230
[  123.231922][ T5785]  ? lockdep_hardirqs_on+0x94/0x130
[  123.237111][ T5785]  ? syscall_enter_from_user_mode+0x2e/0x230
[  123.243085][ T5785]  do_syscall_64+0x3b/0xb0
[  123.247503][ T5785]  ? clear_bhb_loop+0x45/0xa0
[  123.252219][ T5785]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  123.258116][ T5785] RIP: 0033:0x7fd6499773b9
[  123.262520][ T5785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.282112][ T5785] RSP: 002b:00007fd64a6d5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.290514][ T5785] RAX: ffffffffffffffda RBX: 00007fd649b05f80 RCX: 00007fd6499773b9
[  123.298476][ T5785] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003
[  123.306437][ T5785] RBP: 00007fd64a6d50a0 R08: 0000000000000000 R09: 0000000000000000
[  123.314398][ T5785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.322356][ T5785] R13: 000000000000000b R14: 00007fd649b05f80 R15: 00007ffc75bc04e8
[  123.330326][ T5785]  </TASK>
[  123.606165][ T3641] Bluetooth: hci7: command tx timeout
[  123.697932][ T5808] netlink: 132 bytes leftover after parsing attributes in process `syz.4.707'.
[  123.932005][ T5818] validate_nla: 3 callbacks suppressed
[  123.932025][ T5818] netlink: 'syz.1.711': attribute type 12 has an invalid length.
[  123.964754][ T5818] netlink: 132 bytes leftover after parsing attributes in process `syz.1.711'.
[  124.013427][ T5818] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.711'.
[  124.068835][ T5818] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.711'.
[  124.087865][ T5817] delete_channel: no stack
[  124.151962][ T5825] FAULT_INJECTION: forcing a failure.
[  124.151962][ T5825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.206753][ T5825] CPU: 0 PID: 5825 Comm: syz.2.714 Not tainted 6.1.102-syzkaller #0
[  124.214777][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  124.224848][ T5825] Call Trace:
[  124.228146][ T5825]  <TASK>
[  124.231100][ T5825]  dump_stack_lvl+0x1e3/0x2cb
[  124.235805][ T5825]  ? nf_tcp_handle_invalid+0x642/0x642
[  124.241276][ T5825]  ? panic+0x764/0x764
[  124.245357][ T5825]  ? __lock_acquire+0x1f80/0x1f80
[  124.250415][ T5825]  ? __might_fault+0x93/0x110
[  124.255120][ T5825]  should_fail_ex+0x3a6/0x4d0
[  124.259820][ T5825]  _copy_from_user+0x2b/0x170
[  124.264515][ T5825]  copy_msghdr_from_user+0xaa/0x670
[  124.269729][ T5825]  ? sendmsg_copy_msghdr+0x70/0x70
[  124.274848][ T5825]  __sys_sendmsg+0x236/0x390
[  124.279434][ T5825]  ? ____sys_sendmsg+0x8f0/0x8f0
[  124.284363][ T5825]  ? vfs_write+0x6cf/0xbc0
[  124.288788][ T5825]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  124.294776][ T5825]  ? syscall_enter_from_user_mode+0x2e/0x230
[  124.300743][ T5825]  ? lockdep_hardirqs_on+0x94/0x130
[  124.305928][ T5825]  ? syscall_enter_from_user_mode+0x2e/0x230
[  124.311893][ T5825]  do_syscall_64+0x3b/0xb0
[  124.316307][ T5825]  ? clear_bhb_loop+0x45/0xa0
[  124.320974][ T5825]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  124.326855][ T5825] RIP: 0033:0x7fd7abf773b9
[  124.331256][ T5825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.350849][ T5825] RSP: 002b:00007fd7acda0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  124.359249][ T5825] RAX: ffffffffffffffda RBX: 00007fd7ac105f80 RCX: 00007fd7abf773b9
[  124.367205][ T5825] RDX: 0000000000008054 RSI: 0000000020000080 RDI: 0000000000000008
[  124.375165][ T5825] RBP: 00007fd7acda00a0 R08: 0000000000000000 R09: 0000000000000000
[  124.383125][ T5825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.391080][ T5825] R13: 000000000000000b R14: 00007fd7ac105f80 R15: 00007fffadb93668
[  124.399048][ T5825]  </TASK>
[  124.600201][ T5840] netlink: 'syz.2.720': attribute type 39 has an invalid length.
[  124.804094][ T5850] netlink: 48 bytes leftover after parsing attributes in process `syz.4.725'.
[  125.196622][ T5860] netlink: 'syz.2.729': attribute type 3 has an invalid length.
[  125.222088][ T5862] netlink: 'syz.1.730': attribute type 12 has an invalid length.
[  125.231375][ T5860] netlink: 132 bytes leftover after parsing attributes in process `syz.2.729'.
[  125.250868][ T5862] netlink: 132 bytes leftover after parsing attributes in process `syz.1.730'.
[  125.281437][ T5861] delete_channel: no stack
[  125.362585][ T5864] FAULT_INJECTION: forcing a failure.
[  125.362585][ T5864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.376644][ T5864] CPU: 0 PID: 5864 Comm: syz.2.731 Not tainted 6.1.102-syzkaller #0
[  125.384654][ T5864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  125.394717][ T5864] Call Trace:
[  125.398022][ T5864]  <TASK>
[  125.400961][ T5864]  dump_stack_lvl+0x1e3/0x2cb
[  125.405662][ T5864]  ? nf_tcp_handle_invalid+0x642/0x642
[  125.411140][ T5864]  ? panic+0x764/0x764
[  125.415225][ T5864]  ? __lock_acquire+0x1f80/0x1f80
[  125.420285][ T5864]  should_fail_ex+0x3a6/0x4d0
[  125.424986][ T5864]  _copy_from_user+0x2b/0x170
[  125.429668][ T5864]  copy_msghdr_from_user+0xaa/0x670
[  125.434859][ T5864]  ? sendmsg_copy_msghdr+0x70/0x70
[  125.439979][ T5864]  __sys_recvmsg+0x24b/0x3d0
[  125.444570][ T5864]  ? ____sys_recvmsg+0x530/0x530
[  125.449511][ T5864]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  125.455488][ T5864]  ? syscall_enter_from_user_mode+0x2e/0x230
[  125.461452][ T5864]  ? lockdep_hardirqs_on+0x94/0x130
[  125.466635][ T5864]  ? syscall_enter_from_user_mode+0x2e/0x230
[  125.472601][ T5864]  do_syscall_64+0x3b/0xb0
[  125.477007][ T5864]  ? clear_bhb_loop+0x45/0xa0
[  125.481673][ T5864]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  125.487555][ T5864] RIP: 0033:0x7fd7abf773b9
[  125.491957][ T5864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.511555][ T5864] RSP: 002b:00007fd7acda0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  125.519958][ T5864] RAX: ffffffffffffffda RBX: 00007fd7ac105f80 RCX: 00007fd7abf773b9
[  125.527928][ T5864] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000004
[  125.535886][ T5864] RBP: 00007fd7acda00a0 R08: 0000000000000000 R09: 0000000000000000
[  125.543839][ T5864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.551793][ T5864] R13: 000000000000000b R14: 00007fd7ac105f80 R15: 00007fffadb93668
[  125.559760][ T5864]  </TASK>
[  125.685777][ T3641] Bluetooth: hci7: command tx timeout
[  125.708642][ T5874] netlink: 'syz.1.734': attribute type 39 has an invalid length.
[  126.063194][ T5889] netlink: 'syz.0.742': attribute type 12 has an invalid length.
[  126.094377][ T5891] netlink: 'syz.1.743': attribute type 12 has an invalid length.
[  126.121308][ T5887] delete_channel: no stack
[  126.148384][ T5888] delete_channel: no stack
[  126.345919][ T5899] FAULT_INJECTION: forcing a failure.
[  126.345919][ T5899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.375966][ T5900] device pim6reg1 entered promiscuous mode
[  126.383105][ T5899] CPU: 1 PID: 5899 Comm: syz.1.747 Not tainted 6.1.102-syzkaller #0
[  126.391100][ T5899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  126.401157][ T5899] Call Trace:
[  126.404436][ T5899]  <TASK>
[  126.407371][ T5899]  dump_stack_lvl+0x1e3/0x2cb
[  126.412067][ T5899]  ? nf_tcp_handle_invalid+0x642/0x642
[  126.417545][ T5899]  ? panic+0x764/0x764
[  126.421629][ T5899]  ? __lock_acquire+0x1f80/0x1f80
[  126.426674][ T5899]  should_fail_ex+0x3a6/0x4d0
[  126.431371][ T5899]  _copy_from_user+0x2b/0x170
[  126.436055][ T5899]  __sys_bpf+0x226/0x6c0
[  126.440310][ T5899]  ? __fget_files+0x435/0x4a0
[  126.444992][ T5899]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  126.450385][ T5899]  ? print_irqtrace_events+0x210/0x210
[  126.455854][ T5899]  ? print_irqtrace_events+0x210/0x210
[  126.461338][ T5899]  ? syscall_enter_from_user_mode+0x2e/0x230
[  126.467338][ T5899]  ? lockdep_hardirqs_on+0x94/0x130
[  126.472547][ T5899]  __x64_sys_bpf+0x78/0x90
[  126.476980][ T5899]  do_syscall_64+0x3b/0xb0
[  126.481402][ T5899]  ? clear_bhb_loop+0x45/0xa0
[  126.486088][ T5899]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  126.491995][ T5899] RIP: 0033:0x7fd6499773b9
[  126.496415][ T5899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.516025][ T5899] RSP: 002b:00007fd64a6d5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  126.524449][ T5899] RAX: ffffffffffffffda RBX: 00007fd649b05f80 RCX: 00007fd6499773b9
[  126.532430][ T5899] RDX: 0000000000000090 RSI: 0000000020000280 RDI: 0000000000000005
[  126.540409][ T5899] RBP: 00007fd64a6d50a0 R08: 0000000000000000 R09: 0000000000000000
[  126.548385][ T5899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.556360][ T5899] R13: 000000000000000b R14: 00007fd649b05f80 R15: 00007ffc75bc04e8
[  126.564352][ T5899]  </TASK>
[  126.834572][ T5904] netlink: 'syz.0.749': attribute type 39 has an invalid length.
[  128.083523][ T5922] netlink: 'syz.0.757': attribute type 12 has an invalid length.
[  128.127666][ T5922] __nla_validate_parse: 8 callbacks suppressed
[  128.127686][ T5922] netlink: 132 bytes leftover after parsing attributes in process `syz.0.757'.
[  128.176996][ T3649] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  128.187190][ T3649] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  128.196056][ T3649] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  128.203944][ T3649] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  128.212000][ T3649] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  128.224246][ T5927] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.757'.
[  128.233710][ T3649] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  128.255525][ T5927] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.757'.
[  128.309608][ T5925] netlink: 'syz.1.758': attribute type 12 has an invalid length.
[  128.318013][ T5921] delete_channel: no stack
[  128.323152][ T5925] netlink: 132 bytes leftover after parsing attributes in process `syz.1.758'.
[  128.360480][ T5925] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.758'.
[  128.399225][ T5925] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.758'.
[  128.411901][ T5924] delete_channel: no stack
[  128.613048][ T5923] chnl_net:caif_netlink_parms(): no params data found
[  128.796540][ T5923] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.819764][ T5923] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.851121][ T5923] device bridge_slave_0 entered promiscuous mode
[  128.892561][ T5923] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.920183][ T5923] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.943695][ T5923] device bridge_slave_1 entered promiscuous mode
[  129.037442][ T5923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  129.072754][ T5923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  129.227609][ T5923] team0: Port device team_slave_0 added
[  129.281262][ T5923] team0: Port device team_slave_1 added
[  129.454927][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_0
[  129.475051][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.514755][ T5923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.545714][ T5969] validate_nla: 1 callbacks suppressed
[  129.545732][ T5969] netlink: 'syz.1.771': attribute type 12 has an invalid length.
[  129.616337][ T5963] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.771'.
[  129.642263][ T5969] netlink: 132 bytes leftover after parsing attributes in process `syz.1.771'.
[  129.680894][ T5973] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.773'.
[  129.724817][ T5975] netlink: 'syz.2.774': attribute type 39 has an invalid length.
[  129.745765][ T5971] netlink: 'syz.4.773': attribute type 12 has an invalid length.
[  129.773591][ T5971] netlink: 132 bytes leftover after parsing attributes in process `syz.4.773'.
[  129.825209][ T5961] device pim6reg1 entered promiscuous mode
[  130.086169][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.093780][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.141696][ T5923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.163324][ T5962] delete_channel: no stack
[  130.185855][ T5966] delete_channel: no stack
[  130.325719][ T3649] Bluetooth: hci8: command tx timeout
[  130.798704][ T5923] device hsr_slave_0 entered promiscuous mode
[  130.856412][ T5923] device hsr_slave_1 entered promiscuous mode
[  130.863760][ T5923] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  130.909089][ T5923] Cannot create hsr debugfs directory
[  130.915234][ T5993] FAULT_INJECTION: forcing a failure.
[  130.915234][ T5993] name failslab, interval 1, probability 0, space 0, times 0
[  130.930665][ T5993] CPU: 0 PID: 5993 Comm: syz.2.779 Not tainted 6.1.102-syzkaller #0
[  130.938670][ T5993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  130.948806][ T5993] Call Trace:
[  130.952071][ T5993]  <TASK>
[  130.955006][ T5993]  dump_stack_lvl+0x1e3/0x2cb
[  130.959695][ T5993]  ? nf_tcp_handle_invalid+0x642/0x642
[  130.965158][ T5993]  ? panic+0x764/0x764
[  130.969223][ T5993]  ? __might_sleep+0xb0/0xb0
[  130.973804][ T5993]  ? __lock_acquire+0x125b/0x1f80
[  130.978917][ T5993]  should_fail_ex+0x3a6/0x4d0
[  130.983588][ T5993]  should_failslab+0x5/0x20
[  130.988083][ T5993]  slab_pre_alloc_hook+0x59/0x300
[  130.993102][ T5993]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  130.998810][ T5993]  __kmem_cache_alloc_node+0x47/0x260
[  131.004180][ T5993]  ? tomoyo_realpath_from_path+0xcb/0x5d0
[  131.009888][ T5993]  __kmalloc+0xa1/0x230
[  131.014033][ T5993]  ? rcu_is_watching+0x11/0xb0
[  131.018785][ T5993]  tomoyo_realpath_from_path+0xcb/0x5d0
[  131.024355][ T5993]  tomoyo_path_number_perm+0x21f/0x7f0
[  131.029823][ T5993]  ? tomoyo_path_number_perm+0x1f2/0x7f0
[  131.035454][ T5993]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  131.040943][ T5993]  ? __fget_files+0x28/0x4a0
[  131.045561][ T5993]  ? __fget_files+0x28/0x4a0
[  131.050160][ T5993]  ? __fget_files+0x435/0x4a0
[  131.054831][ T5993]  ? __fget_files+0x28/0x4a0
[  131.059419][ T5993]  security_file_ioctl+0x6d/0xa0
[  131.064480][ T5993]  __se_sys_ioctl+0x47/0x160
[  131.069077][ T5993]  do_syscall_64+0x3b/0xb0
[  131.073504][ T5993]  ? clear_bhb_loop+0x45/0xa0
[  131.078202][ T5993]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  131.084106][ T5993] RIP: 0033:0x7fd7abf773b9
[  131.088519][ T5993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.108230][ T5993] RSP: 002b:00007fd7acd7f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.116637][ T5993] RAX: ffffffffffffffda RBX: 00007fd7ac106058 RCX: 00007fd7abf773b9
[  131.124597][ T5993] RDX: 0000000020000080 RSI: 0000000000008946 RDI: 0000000000000005
[  131.132560][ T5993] RBP: 00007fd7acd7f0a0 R08: 0000000000000000 R09: 0000000000000000
[  131.140517][ T5993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.148481][ T5993] R13: 000000000000006e R14: 00007fd7ac106058 R15: 00007fffadb93668
[  131.156453][ T5993]  </TASK>
[  131.185551][ T5993] ERROR: Out of memory at tomoyo_realpath_from_path.
[  131.599508][ T6003] netlink: 'syz.4.784': attribute type 39 has an invalid length.
[  131.759814][ T5923] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.787174][ T6008] netlink: 'syz.2.786': attribute type 12 has an invalid length.
[  131.821886][ T6006] delete_channel: no stack
[  131.870831][ T5923] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.992207][ T5923] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.145977][ T5923] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.416431][ T3649] Bluetooth: hci8: command tx timeout
[  132.493168][ T5923] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  132.645139][ T5923] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  132.681137][ T5923] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  132.734549][ T5923] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  132.808037][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  132.814364][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  133.010007][ T6038] netlink: 'syz.0.796': attribute type 39 has an invalid length.
[  133.035779][ T6034] netlink: 'syz.4.798': attribute type 12 has an invalid length.
[  133.125785][ T6033] delete_channel: no stack
[  133.164425][ T5923] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.288725][ T5923] 8021q: adding VLAN 0 to HW filter on device team0
[  133.395206][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  133.407350][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  133.492575][ T6043] FAULT_INJECTION: forcing a failure.
[  133.492575][ T6043] name failslab, interval 1, probability 0, space 0, times 0
[  133.605699][ T6043] CPU: 0 PID: 6043 Comm: syz.2.800 Not tainted 6.1.102-syzkaller #0
[  133.613756][ T6043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  133.623821][ T6043] Call Trace:
[  133.627105][ T6043]  <TASK>
[  133.630042][ T6043]  dump_stack_lvl+0x1e3/0x2cb
[  133.634733][ T6043]  ? nf_tcp_handle_invalid+0x642/0x642
[  133.640205][ T6043]  ? panic+0x764/0x764
[  133.644278][ T6043]  ? __might_sleep+0xb0/0xb0
[  133.648880][ T6043]  should_fail_ex+0x3a6/0x4d0
[  133.653574][ T6043]  should_failslab+0x5/0x20
[  133.658081][ T6043]  slab_pre_alloc_hook+0x59/0x300
[  133.663141][ T6043]  ? __lock_acquire+0x1f80/0x1f80
[  133.668189][ T6043]  kmem_cache_alloc+0x4e/0x2d0
[  133.672961][ T6043]  ? getname_flags+0xb8/0x4f0
[  133.677652][ T6043]  getname_flags+0xb8/0x4f0
[  133.682248][ T6043]  ? build_open_flags+0x444/0x5b0
[  133.687284][ T6043]  do_sys_openat2+0xd2/0x4f0
[  133.691889][ T6043]  ? do_sys_open+0x220/0x220
[  133.696500][ T6043]  __x64_sys_openat+0x243/0x290
[  133.701365][ T6043]  ? __ia32_sys_open+0x270/0x270
[  133.706318][ T6043]  ? syscall_enter_from_user_mode+0x2e/0x230
[  133.712317][ T6043]  ? lockdep_hardirqs_on+0x94/0x130
[  133.717534][ T6043]  ? syscall_enter_from_user_mode+0x2e/0x230
[  133.723525][ T6043]  do_syscall_64+0x3b/0xb0
[  133.727948][ T6043]  ? clear_bhb_loop+0x45/0xa0
[  133.732630][ T6043]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  133.738529][ T6043] RIP: 0033:0x7fd7abf773b9
[  133.742945][ T6043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.762555][ T6043] RSP: 002b:00007fd7acda0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  133.770976][ T6043] RAX: ffffffffffffffda RBX: 00007fd7ac105f80 RCX: 00007fd7abf773b9
[  133.778952][ T6043] RDX: 00000000000026e1 RSI: 0000000020000180 RDI: ffffffffffffff9c
[  133.786930][ T6043] RBP: 00007fd7acda00a0 R08: 0000000000000000 R09: 0000000000000000
[  133.794906][ T6043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.802883][ T6043] R13: 000000000000000b R14: 00007fd7ac105f80 R15: 00007fffadb93668
[  133.810883][ T6043]  </TASK>
[  133.856512][ T6045] netlink: 'syz.0.799': attribute type 39 has an invalid length.
[  133.889657][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  133.926385][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  133.934947][ T3689] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.942139][ T3689] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.005977][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  134.016715][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  134.026036][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  134.034642][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.041807][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.052297][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  134.061308][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  134.070616][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  134.081827][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  134.093195][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  134.101987][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  134.112908][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  134.121548][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  134.132272][ T5923] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  134.158357][ T5923] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  134.194734][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  134.203105][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  134.223686][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  134.495872][ T3649] Bluetooth: hci8: command tx timeout
[  134.551317][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  134.559114][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  134.569982][ T5923] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.617446][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  134.636164][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  134.658301][ T5923] device veth0_vlan entered promiscuous mode
[  134.667109][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  134.686407][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  134.721301][ T5923] device veth1_vlan entered promiscuous mode
[  134.756159][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  134.764686][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  134.778627][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  134.837373][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  134.857839][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  134.875356][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  134.887517][ T5923] device veth0_macvtap entered promiscuous mode
[  134.924878][ T5923] device veth1_macvtap entered promiscuous mode
[  134.940128][ T6073] netlink: 'syz.2.809': attribute type 39 has an invalid length.
[  134.967884][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.979405][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.989911][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.001409][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.014736][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.039892][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.053549][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.064315][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.074447][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.092742][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.102628][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.121023][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.132835][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.147724][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.157805][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.168387][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.187932][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.208486][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  135.217584][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  135.237653][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  135.291277][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  135.310322][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.325476][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.390832][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.437763][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.469000][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.510611][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.542704][ T6087] __nla_validate_parse: 8 callbacks suppressed
[  135.542724][ T6087] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.811'.
[  135.571945][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.595761][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.626596][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.658089][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.678966][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.703824][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.727351][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.753859][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.773415][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.803622][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.841695][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_1
[  135.894713][ T6081] netlink: 'syz.2.811': attribute type 12 has an invalid length.
[  135.906147][ T6081] netlink: 132 bytes leftover after parsing attributes in process `syz.2.811'.
[  135.928335][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  136.028032][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  136.152943][ T6078] delete_channel: no stack
[  136.197906][ T6087] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.811'.
[  136.227220][ T5923] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.256455][ T5923] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.304596][ T5923] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.350707][ T5923] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.398919][ T6097] netlink: 'syz.4.814': attribute type 39 has an invalid length.
[  136.423935][ T6090] device pim6reg1 entered promiscuous mode
[  136.577742][ T3649] Bluetooth: hci8: command tx timeout
[  136.650490][ T6111] FAULT_INJECTION: forcing a failure.
[  136.650490][ T6111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.715219][ T6111] CPU: 0 PID: 6111 Comm: syz.4.818 Not tainted 6.1.102-syzkaller #0
[  136.723258][ T6111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  136.733332][ T6111] Call Trace:
[  136.736617][ T6111]  <TASK>
[  136.739549][ T6111]  dump_stack_lvl+0x1e3/0x2cb
[  136.744254][ T6111]  ? nf_tcp_handle_invalid+0x642/0x642
[  136.749735][ T6111]  ? panic+0x764/0x764
[  136.753822][ T6111]  ? __lock_acquire+0x1f80/0x1f80
[  136.758876][ T6111]  should_fail_ex+0x3a6/0x4d0
[  136.763569][ T6111]  _copy_from_user+0x2b/0x170
[  136.768253][ T6111]  copy_msghdr_from_user+0xaa/0x670
[  136.773474][ T6111]  ? sendmsg_copy_msghdr+0x70/0x70
[  136.778610][ T6111]  __sys_recvmsg+0x24b/0x3d0
[  136.783218][ T6111]  ? ____sys_recvmsg+0x530/0x530
[  136.788188][ T6111]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  136.794192][ T6111]  ? syscall_enter_from_user_mode+0x2e/0x230
[  136.800178][ T6111]  ? lockdep_hardirqs_on+0x94/0x130
[  136.805386][ T6111]  ? syscall_enter_from_user_mode+0x2e/0x230
[  136.811383][ T6111]  do_syscall_64+0x3b/0xb0
[  136.815819][ T6111]  ? clear_bhb_loop+0x45/0xa0
[  136.820512][ T6111]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  136.826414][ T6111] RIP: 0033:0x7f51eab773b9
[  136.830845][ T6111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.850478][ T6111] RSP: 002b:00007f51eb8ae048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  136.858916][ T6111] RAX: ffffffffffffffda RBX: 00007f51ead05f80 RCX: 00007f51eab773b9
[  136.866895][ T6111] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000003
[  136.874876][ T6111] RBP: 00007f51eb8ae0a0 R08: 0000000000000000 R09: 0000000000000000
[  136.882860][ T6111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.890841][ T6111] R13: 000000000000000b R14: 00007f51ead05f80 R15: 00007ffcabf3e8a8
[  136.898838][ T6111]  </TASK>
[  137.090431][ T6113] netlink: 'syz.0.820': attribute type 39 has an invalid length.
[  137.234365][  T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.244929][ T4274] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.489626][ T4274] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.497323][  T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.642227][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  137.650924][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  138.121450][ T6135] netlink: 'syz.2.826': attribute type 12 has an invalid length.
[  138.158865][ T6135] netlink: 132 bytes leftover after parsing attributes in process `syz.2.826'.
[  138.199841][ T6135] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.826'.
[  138.230633][ T6135] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.826'.
[  138.254898][ T6134] delete_channel: no stack
[  138.388495][ T6143] netlink: 'syz.1.829': attribute type 39 has an invalid length.
[  138.575703][ T6149] netlink: 'syz.1.832': attribute type 39 has an invalid length.
[  139.242342][ T6170] netlink: 'syz.3.840': attribute type 12 has an invalid length.
[  139.263860][ T6170] netlink: 132 bytes leftover after parsing attributes in process `syz.3.840'.
[  139.303301][ T6170] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.840'.
[  139.323952][ T6170] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.840'.
[  139.336692][ T6177] FAULT_INJECTION: forcing a failure.
[  139.336692][ T6177] name failslab, interval 1, probability 0, space 0, times 0
[  139.351278][ T6169] delete_channel: no stack
[  139.355951][ T6177] CPU: 1 PID: 6177 Comm: syz.0.843 Not tainted 6.1.102-syzkaller #0
[  139.363953][ T6177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  139.374024][ T6177] Call Trace:
[  139.377316][ T6177]  <TASK>
[  139.380336][ T6177]  dump_stack_lvl+0x1e3/0x2cb
[  139.385028][ T6177]  ? nf_tcp_handle_invalid+0x642/0x642
[  139.390510][ T6177]  ? panic+0x764/0x764
[  139.394666][ T6177]  ? __might_sleep+0xb0/0xb0
[  139.399272][ T6177]  ? perf_trace_lock+0x138/0x440
[  139.404232][ T6177]  should_fail_ex+0x3a6/0x4d0
[  139.408930][ T6177]  should_failslab+0x5/0x20
[  139.413444][ T6177]  slab_pre_alloc_hook+0x59/0x300
[  139.418500][ T6177]  ? __get_vm_area_node+0x126/0x360
[  139.423712][ T6177]  __kmem_cache_alloc_node+0x47/0x260
[  139.429108][ T6177]  ? __get_vm_area_node+0x126/0x360
[  139.434325][ T6177]  kmalloc_node_trace+0x23/0xe0
[  139.439202][ T6177]  __get_vm_area_node+0x126/0x360
[  139.444257][ T6177]  __vmalloc_node_range+0x389/0x1490
[  139.449572][ T6177]  ? netlink_sendmsg+0x644/0xd60
[  139.454559][ T6177]  ? free_vm_area+0x50/0x50
[  139.459080][ T6177]  ? __netlink_lookup+0x658/0x6d0
[  139.464131][ T6177]  ? netlink_sendmsg+0x644/0xd60
[  139.469087][ T6177]  vmalloc+0x75/0x80
[  139.473002][ T6177]  ? netlink_sendmsg+0x644/0xd60
[  139.477961][ T6177]  netlink_sendmsg+0x644/0xd60
[  139.482763][ T6177]  ? netlink_getsockopt+0x580/0x580
[  139.488078][ T6177]  ? aa_sock_msg_perm+0x91/0x150
[  139.493043][ T6177]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  139.498355][ T6177]  ? security_socket_sendmsg+0x7d/0xa0
[  139.503851][ T6177]  ? netlink_getsockopt+0x580/0x580
[  139.509081][ T6177]  sock_write_iter+0x394/0x4e0
[  139.513875][ T6177]  ? sock_read_iter+0x4b0/0x4b0
[  139.518760][ T6177]  ? common_file_perm+0x17d/0x1d0
[  139.523812][ T6177]  vfs_write+0x857/0xbc0
[  139.528077][ T6177]  ? file_end_write+0x250/0x250
[  139.532953][ T6177]  ? __fget_files+0x28/0x4a0
[  139.537561][ T6177]  ? __fget_files+0x435/0x4a0
[  139.542265][ T6177]  ? __fdget_pos+0x1db/0x360
[  139.547050][ T6177]  ? ksys_write+0x77/0x2c0
[  139.551504][ T6177]  ksys_write+0x19c/0x2c0
[  139.555855][ T6177]  ? print_irqtrace_events+0x210/0x210
[  139.561339][ T6177]  ? __ia32_sys_read+0x80/0x80
[  139.566120][ T6177]  ? syscall_enter_from_user_mode+0x2e/0x230
[  139.572104][ T6177]  ? lockdep_hardirqs_on+0x94/0x130
[  139.577301][ T6177]  ? syscall_enter_from_user_mode+0x2e/0x230
[  139.583273][ T6177]  do_syscall_64+0x3b/0xb0
[  139.587680][ T6177]  ? clear_bhb_loop+0x45/0xa0
[  139.592349][ T6177]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  139.598230][ T6177] RIP: 0033:0x7fd16ef773b9
[  139.602635][ T6177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.622230][ T6177] RSP: 002b:00007fd16edff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  139.630720][ T6177] RAX: ffffffffffffffda RBX: 00007fd16f105f80 RCX: 00007fd16ef773b9
[  139.638683][ T6177] RDX: 000000000000fe33 RSI: 0000000020000580 RDI: 0000000000000004
[  139.646737][ T6177] RBP: 00007fd16edff0a0 R08: 0000000000000000 R09: 0000000000000000
[  139.654699][ T6177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.662666][ T6177] R13: 000000000000000b R14: 00007fd16f105f80 R15: 00007ffdec2badb8
[  139.670733][ T6177]  </TASK>
[  139.759260][ T6187] netlink: 'syz.3.845': attribute type 39 has an invalid length.
[  139.774113][ T6190] netlink: 10 bytes leftover after parsing attributes in process `syz.4.846'.
[  139.834839][ T6177] syz.0.843: vmalloc error: size 65408, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  139.921096][ T6177] CPU: 0 PID: 6177 Comm: syz.0.843 Not tainted 6.1.102-syzkaller #0
[  139.929132][ T6177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  139.939283][ T6177] Call Trace:
[  139.942569][ T6177]  <TASK>
[  139.945507][ T6177]  dump_stack_lvl+0x1e3/0x2cb
[  139.950211][ T6177]  ? nf_tcp_handle_invalid+0x642/0x642
[  139.955692][ T6177]  ? panic+0x764/0x764
[  139.959769][ T6177]  ? strlcpy+0x82/0xc0
[  139.963949][ T6177]  ? cpuset_print_current_mems_allowed+0x1b/0x350
[  139.970380][ T6177]  ? cpuset_print_current_mems_allowed+0x30f/0x350
[  139.976902][ T6177]  warn_alloc+0x26f/0x400
[  139.981248][ T6177]  ? __get_vm_area_node+0x126/0x360
[  139.986467][ T6177]  ? zone_watermark_ok_safe+0x270/0x270
[  139.992039][ T6177]  ? __get_vm_area_node+0x351/0x360
[  139.997266][ T6177]  __vmalloc_node_range+0x3ae/0x1490
[  140.002610][ T6177]  ? free_vm_area+0x50/0x50
[  140.007132][ T6177]  ? __netlink_lookup+0x658/0x6d0
[  140.012189][ T6177]  ? netlink_sendmsg+0x644/0xd60
[  140.017143][ T6177]  vmalloc+0x75/0x80
[  140.021060][ T6177]  ? netlink_sendmsg+0x644/0xd60
[  140.026014][ T6177]  netlink_sendmsg+0x644/0xd60
[  140.030837][ T6177]  ? netlink_getsockopt+0x580/0x580
[  140.036079][ T6177]  ? aa_sock_msg_perm+0x91/0x150
[  140.041049][ T6177]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  140.046351][ T6177]  ? security_socket_sendmsg+0x7d/0xa0
[  140.051843][ T6177]  ? netlink_getsockopt+0x580/0x580
[  140.057065][ T6177]  sock_write_iter+0x394/0x4e0
[  140.061858][ T6177]  ? sock_read_iter+0x4b0/0x4b0
[  140.066753][ T6177]  ? common_file_perm+0x17d/0x1d0
[  140.071807][ T6177]  vfs_write+0x857/0xbc0
[  140.076085][ T6177]  ? file_end_write+0x250/0x250
[  140.080955][ T6177]  ? __fget_files+0x28/0x4a0
[  140.085552][ T6177]  ? __fget_files+0x435/0x4a0
[  140.090254][ T6177]  ? __fdget_pos+0x1db/0x360
[  140.094861][ T6177]  ? ksys_write+0x77/0x2c0
[  140.099291][ T6177]  ksys_write+0x19c/0x2c0
[  140.103631][ T6177]  ? print_irqtrace_events+0x210/0x210
[  140.109120][ T6177]  ? __ia32_sys_read+0x80/0x80
[  140.113981][ T6177]  ? syscall_enter_from_user_mode+0x2e/0x230
[  140.119971][ T6177]  ? lockdep_hardirqs_on+0x94/0x130
[  140.125182][ T6177]  ? syscall_enter_from_user_mode+0x2e/0x230
[  140.131181][ T6177]  do_syscall_64+0x3b/0xb0
[  140.135609][ T6177]  ? clear_bhb_loop+0x45/0xa0
[  140.140318][ T6177]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  140.146223][ T6177] RIP: 0033:0x7fd16ef773b9
[  140.150677][ T6177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.170300][ T6177] RSP: 002b:00007fd16edff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  140.178732][ T6177] RAX: ffffffffffffffda RBX: 00007fd16f105f80 RCX: 00007fd16ef773b9
[  140.186712][ T6177] RDX: 000000000000fe33 RSI: 0000000020000580 RDI: 0000000000000004
[  140.194693][ T6177] RBP: 00007fd16edff0a0 R08: 0000000000000000 R09: 0000000000000000
[  140.202670][ T6177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.210652][ T6177] R13: 000000000000000b R14: 00007fd16f105f80 R15: 00007ffdec2badb8
[  140.218660][ T6177]  </TASK>
[  140.344154][ T6177] Mem-Info:
[  140.389220][ T6177] active_anon:4633 inactive_anon:0 isolated_anon:0
[  140.389220][ T6177]  active_file:11394 inactive_file:38169 isolated_file:0
[  140.389220][ T6177]  unevictable:768 dirty:247 writeback:0
[  140.389220][ T6177]  slab_reclaimable:20199 slab_unreclaimable:103606
[  140.389220][ T6177]  mapped:35532 shmem:1265 pagetables:628
[  140.389220][ T6177]  sec_pagetables:0 bounce:0
[  140.389220][ T6177]  kernel_misc_reclaimable:0
[  140.389220][ T6177]  free:1325800 free_pcp:10859 free_cma:0
[  140.518027][ T6177] Node 0 active_anon:18632kB inactive_anon:0kB active_file:45576kB inactive_file:152600kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:142128kB dirty:988kB writeback:0kB shmem:3524kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:10876kB pagetables:2512kB sec_pagetables:0kB all_unreclaimable? no
[  140.568756][ T6177] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  140.713828][ T6177] Node 0 DMA free:15360kB boost:0kB min:200kB low:248kB high:296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  140.822650][ T6205] FAULT_INJECTION: forcing a failure.
[  140.822650][ T6205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.859010][ T6177] lowmem_reserve[]: 0 2615 2616 2616 2616
[  140.877762][ T6177] Node 0 DMA32 free:1358376kB boost:0kB min:35424kB low:44280kB high:53136kB reserved_highatomic:0KB active_anon:18632kB inactive_anon:0kB active_file:45576kB inactive_file:152600kB unevictable:1536kB writepending:988kB present:3129332kB managed:2683904kB mlocked:0kB bounce:0kB free_pcp:28436kB local_pcp:20388kB free_cma:0kB
[  140.915807][ T6205] CPU: 0 PID: 6205 Comm: syz.3.852 Not tainted 6.1.102-syzkaller #0
[  140.923832][ T6205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  140.933898][ T6205] Call Trace:
[  140.937184][ T6205]  <TASK>
[  140.940120][ T6205]  dump_stack_lvl+0x1e3/0x2cb
[  140.944816][ T6205]  ? nf_tcp_handle_invalid+0x642/0x642
[  140.950286][ T6205]  ? panic+0x764/0x764
[  140.954370][ T6205]  ? __lock_acquire+0x1f80/0x1f80
[  140.959416][ T6205]  should_fail_ex+0x3a6/0x4d0
[  140.964113][ T6205]  _copy_from_user+0x2b/0x170
[  140.968885][ T6205]  copy_msghdr_from_user+0xaa/0x670
[  140.974105][ T6205]  ? sendmsg_copy_msghdr+0x70/0x70
[  140.979248][ T6205]  __sys_sendmsg+0x236/0x390
[  140.983855][ T6205]  ? ____sys_sendmsg+0x8f0/0x8f0
[  140.988803][ T6205]  ? vfs_write+0x6cf/0xbc0
[  140.993263][ T6205]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  140.999277][ T6205]  ? syscall_enter_from_user_mode+0x2e/0x230
[  141.005449][ T6205]  ? lockdep_hardirqs_on+0x94/0x130
[  141.010658][ T6205]  ? syscall_enter_from_user_mode+0x2e/0x230
[  141.016649][ T6205]  do_syscall_64+0x3b/0xb0
[  141.021107][ T6205]  ? clear_bhb_loop+0x45/0xa0
[  141.025882][ T6205]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  141.031797][ T6205] RIP: 0033:0x7f07cf7773b9
[  141.036320][ T6205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.055947][ T6205] RSP: 002b:00007f07d055a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.064384][ T6205] RAX: ffffffffffffffda RBX: 00007f07cf905f80 RCX: 00007f07cf7773b9
[  141.072370][ T6205] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
[  141.080462][ T6205] RBP: 00007f07d055a0a0 R08: 0000000000000000 R09: 0000000000000000
[  141.088529][ T6205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.096518][ T6205] R13: 000000000000000b R14: 00007f07cf905f80 R15: 00007ffd893570c8
[  141.104516][ T6205]  </TASK>
[  141.192321][ T6177] lowmem_reserve[]: 0 0 1 1 1
[  141.213816][ T6177] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:1168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  141.354428][ T6177] lowmem_reserve[]: 0 0 0 0 0
[  141.359264][ T6177] Node 1 Normal free:3929464kB boost:0kB min:54464kB low:68080kB high:81696kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117620kB mlocked:0kB bounce:0kB free_pcp:14432kB local_pcp:7296kB free_cma:0kB
[  141.409796][ T6177] lowmem_reserve[]: 0 0 0 0 0
[  141.440184][ T6177] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  141.496850][ T6212] netlink: 'syz.3.855': attribute type 12 has an invalid length.
[  141.504759][ T6177] Node 0 DMA32: 4*4kB (UE) 233*8kB (UME) 443*16kB (UM) 341*32kB (ME) 319*64kB (UME) 40*128kB (UME) 15*256kB (ME) 11*512kB (UME) 5*1024kB (ME) 2*2048kB (ME) 316*4096kB (M) = 1358440kB
[  141.575003][ T6212] netlink: 132 bytes leftover after parsing attributes in process `syz.3.855'.
[  141.598276][ T6177] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  141.636882][ T6214] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.855'.
[  141.664299][ T6177] Node 1 Normal: 162*4kB (U) 38*8kB (UE) 22*16kB (UME) 31*32kB (UME) 22*64kB (UME) 10*128kB (UE) 2*256kB (U) 0*512kB 2*1024kB (ME) 1*2048kB (E) 957*4096kB (UM) = 3929464kB
[  141.682554][ T6214] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.855'.
[  141.723385][ T6211] delete_channel: no stack
[  141.776275][ T6177] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  141.813735][ T6177] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  141.895478][ T6177] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  141.950591][ T6177] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  141.991584][ T6177] 50832 total pagecache pages
[  142.001227][ T6177] 0 pages in swap cache
[  142.006985][ T6177] Free swap  = 124996kB
[  142.011312][ T6177] Total swap = 124996kB
[  142.016817][ T6177] 2097051 pages RAM
[  142.022904][ T6177] 0 pages HighMem/MovableOnly
[  142.029476][ T6177] 392538 pages reserved
[  142.036232][ T6177] 0 pages cma reserved
[  142.041207][ T6223] netlink: 'syz.1.859': attribute type 39 has an invalid length.
[  142.105827][ T6230] netlink: 10 bytes leftover after parsing attributes in process `syz.2.858'.
[  142.837060][ T6256] netlink: 'syz.1.870': attribute type 12 has an invalid length.
[  142.854950][ T6256] netlink: 132 bytes leftover after parsing attributes in process `syz.1.870'.
[  142.931595][ T6256] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.870'.
[  142.943722][ T6260] FAULT_INJECTION: forcing a failure.
[  142.943722][ T6260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.957163][ T6256] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.870'.
[  142.967233][ T6260] CPU: 1 PID: 6260 Comm: syz.4.873 Not tainted 6.1.102-syzkaller #0
[  142.975239][ T6260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  142.985311][ T6260] Call Trace:
[  142.988595][ T6260]  <TASK>
[  142.991533][ T6260]  dump_stack_lvl+0x1e3/0x2cb
[  142.996235][ T6260]  ? nf_tcp_handle_invalid+0x642/0x642
[  143.001713][ T6260]  ? panic+0x764/0x764
[  143.005794][ T6260]  ? __lock_acquire+0x1f80/0x1f80
[  143.010845][ T6260]  should_fail_ex+0x3a6/0x4d0
[  143.015545][ T6260]  _copy_from_user+0x2b/0x170
[  143.020328][ T6260]  __sys_bpf+0x226/0x6c0
[  143.024584][ T6260]  ? __fget_files+0x435/0x4a0
[  143.029276][ T6260]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  143.034677][ T6260]  ? print_irqtrace_events+0x210/0x210
[  143.040163][ T6260]  ? print_irqtrace_events+0x210/0x210
[  143.045659][ T6260]  ? syscall_enter_from_user_mode+0x2e/0x230
[  143.051657][ T6260]  ? lockdep_hardirqs_on+0x94/0x130
[  143.056869][ T6260]  __x64_sys_bpf+0x78/0x90
[  143.061305][ T6260]  do_syscall_64+0x3b/0xb0
[  143.065734][ T6260]  ? clear_bhb_loop+0x45/0xa0
[  143.070425][ T6260]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  143.076331][ T6260] RIP: 0033:0x7f51eab773b9
[  143.080754][ T6260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.100808][ T6260] RSP: 002b:00007f51eb8ae048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  143.109242][ T6260] RAX: ffffffffffffffda RBX: 00007f51ead05f80 RCX: 00007f51eab773b9
[  143.117223][ T6260] RDX: 000000000000000c RSI: 0000000020000500 RDI: 000000000000000a
[  143.125202][ T6260] RBP: 00007f51eb8ae0a0 R08: 0000000000000000 R09: 0000000000000000
[  143.133177][ T6260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.141155][ T6260] R13: 000000000000000b R14: 00007f51ead05f80 R15: 00007ffcabf3e8a8
[  143.149158][ T6260]  </TASK>
[  143.174089][ T6255] delete_channel: no stack
[  143.391817][ T6264] netlink: 'syz.1.874': attribute type 39 has an invalid length.
[  144.719048][ T6295] netlink: 'syz.3.884': attribute type 12 has an invalid length.
[  144.742763][ T6295] netlink: 132 bytes leftover after parsing attributes in process `syz.3.884'.
[  144.823516][ T6295] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.884'.
[  144.859677][ T6295] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.884'.
[  144.913423][ T6294] delete_channel: no stack
[  145.104026][ T6300] netlink: 'syz.1.886': attribute type 12 has an invalid length.
[  145.182760][ T6299] delete_channel: no stack
[  145.339665][ T6306] netlink: 'syz.3.887': attribute type 39 has an invalid length.
[  145.612107][ T6309] IPv6: Can't replace route, no match found
[  146.064109][ T6322] netlink: 'syz.0.897': attribute type 12 has an invalid length.
[  146.084851][ T6321] delete_channel: no stack
[  146.263960][ T6328] device syzkaller0 entered promiscuous mode
[  146.767276][ T6344] __nla_validate_parse: 6 callbacks suppressed
[  146.767294][ T6344] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.902'.
[  146.851145][ T3641] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  146.865842][ T3641] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  146.879039][ T3641] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  146.891903][ T3644] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  146.903260][ T3641] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  146.916785][ T3641] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  147.410631][ T6338] delete_channel: no stack
[  147.766265][ T6340] netlink: 'syz.4.902': attribute type 12 has an invalid length.
[  147.774021][ T6340] netlink: 132 bytes leftover after parsing attributes in process `syz.4.902'.
[  147.810596][ T6344] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.902'.
[  147.830955][ T6345] netlink: 'syz.2.903': attribute type 39 has an invalid length.
[  148.198513][ T4277] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.292678][ T6365] netlink: 'syz.2.909': attribute type 12 has an invalid length.
[  148.316818][ T6365] netlink: 132 bytes leftover after parsing attributes in process `syz.2.909'.
[  148.350329][ T6361] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.909'.
[  148.397535][ T4277] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.434281][ T6361] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.909'.
[  148.504740][ T6377] FAULT_INJECTION: forcing a failure.
[  148.504740][ T6377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.519055][ T6360] delete_channel: no stack
[  148.531924][ T6377] CPU: 1 PID: 6377 Comm: syz.4.914 Not tainted 6.1.102-syzkaller #0
[  148.539947][ T6377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  148.550015][ T6377] Call Trace:
[  148.553308][ T6377]  <TASK>
[  148.556252][ T6377]  dump_stack_lvl+0x1e3/0x2cb
[  148.560956][ T6377]  ? nf_tcp_handle_invalid+0x642/0x642
[  148.566436][ T6377]  ? panic+0x764/0x764
[  148.570519][ T6377]  should_fail_ex+0x3a6/0x4d0
[  148.575185][ T6377]  strncpy_from_user+0x32/0x360
[  148.580042][ T6377]  bpf_prog_load+0x188/0x1bb0
[  148.584758][ T6377]  ? map_freeze+0x390/0x390
[  148.589286][ T6377]  ? __might_fault+0xa1/0x110
[  148.593995][ T6377]  ? __might_fault+0xbd/0x110
[  148.598694][ T6377]  ? bpf_lsm_bpf+0x5/0x10
[  148.603035][ T6377]  ? security_bpf+0x7d/0xa0
[  148.607555][ T6377]  __sys_bpf+0x382/0x6c0
[  148.611813][ T6377]  ? __fget_files+0x435/0x4a0
[  148.616485][ T6377]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  148.621870][ T6377]  ? print_irqtrace_events+0x210/0x210
[  148.627323][ T6377]  ? print_irqtrace_events+0x210/0x210
[  148.632781][ T6377]  ? syscall_enter_from_user_mode+0x2e/0x230
[  148.638765][ T6377]  ? lockdep_hardirqs_on+0x94/0x130
[  148.643954][ T6377]  __x64_sys_bpf+0x78/0x90
[  148.648365][ T6377]  do_syscall_64+0x3b/0xb0
[  148.652776][ T6377]  ? clear_bhb_loop+0x45/0xa0
[  148.657450][ T6377]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  148.663338][ T6377] RIP: 0033:0x7f51eab773b9
[  148.667748][ T6377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.687345][ T6377] RSP: 002b:00007f51eb8ae048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.695764][ T6377] RAX: ffffffffffffffda RBX: 00007f51ead05f80 RCX: 00007f51eab773b9
[  148.703723][ T6377] RDX: 0000000000000048 RSI: 0000000020caefb8 RDI: 0000000000000005
[  148.711683][ T6377] RBP: 00007f51eb8ae0a0 R08: 0000000000000000 R09: 0000000000000000
[  148.719642][ T6377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.727605][ T6377] R13: 000000000000000b R14: 00007f51ead05f80 R15: 00007ffcabf3e8a8
[  148.735608][ T6377]  </TASK>
[  148.814216][ T4277] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.873438][ T6380] netlink: 'syz.2.915': attribute type 39 has an invalid length.
[  148.906689][ T4277] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.960547][ T6347] chnl_net:caif_netlink_parms(): no params data found
[  148.967801][ T3641] Bluetooth: hci6: command tx timeout
[  149.306810][ T6386] netlink: 'syz.4.917': attribute type 12 has an invalid length.
[  149.314574][ T6386] netlink: 132 bytes leftover after parsing attributes in process `syz.4.917'.
[  149.438097][ T6386] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.917'.
[  149.662173][ T6386] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.917'.
[  149.703850][ T6347] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.738905][ T6385] delete_channel: no stack
[  149.751968][ T6347] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.805482][ T6347] device bridge_slave_0 entered promiscuous mode
[  150.300811][ T6415] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.924'.
[  150.914307][ T6403] delete_channel: no stack
[  151.001341][ T6347] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.019591][ T6347] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.045578][ T3641] Bluetooth: hci6: command tx timeout
[  151.075491][ T6347] device bridge_slave_1 entered promiscuous mode
[  151.111611][ T6411] netlink: 'syz.4.924': attribute type 12 has an invalid length.
[  151.256682][ T6429] FAULT_INJECTION: forcing a failure.
[  151.256682][ T6429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.289377][ T6347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  151.305693][ T6429] CPU: 1 PID: 6429 Comm: syz.2.926 Not tainted 6.1.102-syzkaller #0
[  151.313713][ T6429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  151.323772][ T6429] Call Trace:
[  151.327065][ T6429]  <TASK>
[  151.330005][ T6429]  dump_stack_lvl+0x1e3/0x2cb
[  151.334700][ T6429]  ? nf_tcp_handle_invalid+0x642/0x642
[  151.340165][ T6429]  ? panic+0x764/0x764
[  151.344245][ T6429]  ? __might_fault+0xa1/0x110
[  151.348937][ T6429]  should_fail_ex+0x3a6/0x4d0
[  151.353627][ T6429]  _copy_from_user+0x2b/0x170
[  151.358312][ T6429]  move_addr_to_kernel+0x7e/0x140
[  151.363343][ T6429]  copy_msghdr_from_user+0x436/0x670
[  151.368642][ T6429]  ? sendmsg_copy_msghdr+0x70/0x70
[  151.373780][ T6429]  __sys_sendmsg+0x236/0x390
[  151.378391][ T6429]  ? ____sys_sendmsg+0x8f0/0x8f0
[  151.383347][ T6429]  ? vfs_write+0x6cf/0xbc0
[  151.387801][ T6429]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  151.393804][ T6429]  ? syscall_enter_from_user_mode+0x2e/0x230
[  151.399788][ T6429]  ? lockdep_hardirqs_on+0x94/0x130
[  151.404991][ T6429]  ? syscall_enter_from_user_mode+0x2e/0x230
[  151.410980][ T6429]  do_syscall_64+0x3b/0xb0
[  151.415411][ T6429]  ? clear_bhb_loop+0x45/0xa0
[  151.420097][ T6429]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.426000][ T6429] RIP: 0033:0x7fd7abf773b9
[  151.430423][ T6429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.450125][ T6429] RSP: 002b:00007fd7acda0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.458644][ T6429] RAX: ffffffffffffffda RBX: 00007fd7ac105f80 RCX: 00007fd7abf773b9
[  151.466621][ T6429] RDX: 0000000000000000 RSI: 0000000020007940 RDI: 0000000000000003
[  151.474603][ T6429] RBP: 00007fd7acda00a0 R08: 0000000000000000 R09: 0000000000000000
[  151.482577][ T6429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.490562][ T6429] R13: 000000000000000b R14: 00007fd7ac105f80 R15: 00007fffadb93668
[  151.498571][ T6429]  </TASK>
[  151.695928][ T6430] netlink: 'syz.0.925': attribute type 12 has an invalid length.
[  151.758742][ T6347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  151.788053][ T6435] netlink: 'syz.4.927': attribute type 39 has an invalid length.
[  151.803509][ T6432] __nla_validate_parse: 4 callbacks suppressed
[  151.803526][ T6432] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.925'.
[  151.916753][ T6426] delete_channel: no stack
[  153.125628][ T3641] Bluetooth: hci6: command tx timeout
[  153.232624][ T6347] team0: Port device team_slave_0 added
[  153.257158][ T6347] team0: Port device team_slave_1 added
[  153.569276][ T6475] FAULT_INJECTION: forcing a failure.
[  153.569276][ T6475] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.708232][ T6475] CPU: 1 PID: 6475 Comm: syz.4.935 Not tainted 6.1.102-syzkaller #0
[  153.716257][ T6475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  153.726325][ T6475] Call Trace:
[  153.729608][ T6475]  <TASK>
[  153.732539][ T6475]  dump_stack_lvl+0x1e3/0x2cb
[  153.737230][ T6475]  ? nf_tcp_handle_invalid+0x642/0x642
[  153.742700][ T6475]  ? panic+0x764/0x764
[  153.746786][ T6475]  should_fail_ex+0x3a6/0x4d0
[  153.751471][ T6475]  strncpy_from_user+0x32/0x360
[  153.756336][ T6475]  bpf_prog_load+0x188/0x1bb0
[  153.761037][ T6475]  ? map_freeze+0x390/0x390
[  153.765557][ T6475]  ? __might_fault+0xa1/0x110
[  153.770265][ T6475]  ? __might_fault+0xbd/0x110
[  153.774962][ T6475]  ? bpf_lsm_bpf+0x5/0x10
[  153.779307][ T6475]  ? security_bpf+0x7d/0xa0
[  153.783834][ T6475]  __sys_bpf+0x382/0x6c0
[  153.788101][ T6475]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  153.793511][ T6475]  ? print_irqtrace_events+0x210/0x210
[  153.798995][ T6475]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  153.805002][ T6475]  ? syscall_enter_from_user_mode+0x2e/0x230
[  153.811002][ T6475]  ? lockdep_hardirqs_on+0x94/0x130
[  153.816225][ T6475]  __x64_sys_bpf+0x78/0x90
[  153.820660][ T6475]  do_syscall_64+0x3b/0xb0
[  153.825089][ T6475]  ? clear_bhb_loop+0x45/0xa0
[  153.829784][ T6475]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  153.835693][ T6475] RIP: 0033:0x7f51eab773b9
[  153.840120][ T6475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.859742][ T6475] RSP: 002b:00007f51eb8ae048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  153.868180][ T6475] RAX: ffffffffffffffda RBX: 00007f51ead05f80 RCX: 00007f51eab773b9
[  153.876173][ T6475] RDX: 0000000000000048 RSI: 000000002000e000 RDI: 0000000000000005
[  153.884163][ T6475] RBP: 00007f51eb8ae0a0 R08: 0000000000000000 R09: 0000000000000000
[  153.892149][ T6475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.900135][ T6475] R13: 000000000000000b R14: 00007f51ead05f80 R15: 00007ffcabf3e8a8
[  153.908142][ T6475]  </TASK>
[  153.948222][ T6347] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.971309][ T6347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.031803][ T6347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.099537][ T6347] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.112054][ T6347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.185478][ T6347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.218341][ T6490] netlink: 'syz.0.936': attribute type 12 has an invalid length.
[  154.247895][ T6490] netlink: 132 bytes leftover after parsing attributes in process `syz.0.936'.
[  154.314186][ T6487] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.936'.
[  154.388206][ T6500] netlink: 'syz.4.939': attribute type 39 has an invalid length.
[  154.405728][ T6487] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.936'.
[  154.428039][ T6485] delete_channel: no stack
[  154.471515][ T6347] device hsr_slave_0 entered promiscuous mode
[  154.494622][ T6347] device hsr_slave_1 entered promiscuous mode
[  154.535909][ T6347] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  154.550101][ T6347] Cannot create hsr debugfs directory
[  154.636726][ T6513] netlink: 'syz.0.943': attribute type 12 has an invalid length.
[  154.648007][ T6513] netlink: 132 bytes leftover after parsing attributes in process `syz.0.943'.
[  154.703537][ T6509] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.943'.
[  154.780119][ T6509] netlink: 4093 bytes leftover after parsing attributes in process `syz.0.943'.
[  154.803881][ T6508] delete_channel: no stack
[  155.206045][ T3641] Bluetooth: hci6: command tx timeout
[  155.350968][ T4277] device hsr_slave_0 left promiscuous mode
[  155.393669][ T4277] device hsr_slave_1 left promiscuous mode
[  155.407126][ T4277] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.426196][ T4277] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.434708][ T4277] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.447260][ T4277] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.469507][ T4277] device bridge_slave_1 left promiscuous mode
[  155.476709][ T4277] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.506593][ T4277] device bridge_slave_0 left promiscuous mode
[  155.533818][ T4277] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.561874][ T4277] device veth1_macvtap left promiscuous mode
[  155.568377][ T4277] device veth0_macvtap left promiscuous mode
[  155.580120][ T4277] device veth1_vlan left promiscuous mode
[  155.781614][ T6552] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.952'.
[  156.110303][ T4277] team0 (unregistering): Port device team_slave_1 removed
[  156.149157][ T4277] team0 (unregistering): Port device team_slave_0 removed
[  156.184323][ T4277] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.215522][ T4277] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.411949][ T6543] delete_channel: no stack
[  156.488713][ T4277] bond0 (unregistering): Released all slaves
[  156.599318][ T6537] netlink: 'syz.2.951': attribute type 22 has an invalid length.
[  156.607312][ T6548] netlink: 'syz.3.952': attribute type 12 has an invalid length.
[  156.625703][ T6548] netlink: 132 bytes leftover after parsing attributes in process `syz.3.952'.
[  156.647763][ T6552] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.952'.
[  157.479039][ T6570] netlink: 'syz.2.957': attribute type 39 has an invalid length.
[  157.496055][ T6576] netlink: 'syz.3.958': attribute type 12 has an invalid length.
[  157.577512][ T6569] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.958'.
[  157.665651][ T6576] netlink: 132 bytes leftover after parsing attributes in process `syz.3.958'.
[  157.769003][ T6569] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.958'.
[  157.860134][ T6568] delete_channel: no stack
[  157.988674][ T6586] raw_sendmsg: syz.0.961 forgot to set AF_INET. Fix it!
[  158.189442][ T6347] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  158.353807][ T6347] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  158.418582][ T6347] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  158.469604][ T6598] FAULT_INJECTION: forcing a failure.
[  158.469604][ T6598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.499779][ T6347] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  158.634575][ T6598] CPU: 0 PID: 6598 Comm: syz.0.964 Not tainted 6.1.102-syzkaller #0
[  158.642603][ T6598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  158.652665][ T6598] Call Trace:
[  158.655946][ T6598]  <TASK>
[  158.658880][ T6598]  dump_stack_lvl+0x1e3/0x2cb
[  158.663576][ T6598]  ? nf_tcp_handle_invalid+0x642/0x642
[  158.669047][ T6598]  ? panic+0x764/0x764
[  158.673136][ T6598]  should_fail_ex+0x3a6/0x4d0
[  158.677831][ T6598]  strncpy_from_user+0x32/0x360
[  158.682701][ T6598]  bpf_prog_load+0x188/0x1bb0
[  158.687405][ T6598]  ? map_freeze+0x390/0x390
[  158.692016][ T6598]  ? __might_fault+0xa1/0x110
[  158.696721][ T6598]  ? __might_fault+0xbd/0x110
[  158.701428][ T6598]  ? bpf_lsm_bpf+0x5/0x10
[  158.705766][ T6598]  ? security_bpf+0x7d/0xa0
[  158.710284][ T6598]  __sys_bpf+0x382/0x6c0
[  158.714536][ T6598]  ? __fget_files+0x435/0x4a0
[  158.719220][ T6598]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  158.724620][ T6598]  ? print_irqtrace_events+0x210/0x210
[  158.730090][ T6598]  ? print_irqtrace_events+0x210/0x210
[  158.735568][ T6598]  ? syscall_enter_from_user_mode+0x2e/0x230
[  158.741555][ T6598]  ? lockdep_hardirqs_on+0x94/0x130
[  158.746768][ T6598]  __x64_sys_bpf+0x78/0x90
[  158.751201][ T6598]  do_syscall_64+0x3b/0xb0
[  158.755625][ T6598]  ? clear_bhb_loop+0x45/0xa0
[  158.760317][ T6598]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  158.766242][ T6598] RIP: 0033:0x7fd16ef773b9
[  158.770673][ T6598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.790300][ T6598] RSP: 002b:00007fd16edff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  158.798740][ T6598] RAX: ffffffffffffffda RBX: 00007fd16f105f80 RCX: 00007fd16ef773b9
[  158.806736][ T6598] RDX: 0000000000000070 RSI: 0000000020000440 RDI: 0000000000000005
[  158.812437][ T6347] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.814708][ T6598] RBP: 00007fd16edff0a0 R08: 0000000000000000 R09: 0000000000000000
[  158.829379][ T6598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.837378][ T6598] R13: 000000000000000b R14: 00007fd16f105f80 R15: 00007ffdec2badb8
[  158.845409][ T6598]  </TASK>
[  158.866536][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  158.879274][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  158.909697][ T6347] 8021q: adding VLAN 0 to HW filter on device team0
[  158.943542][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  158.954410][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  158.974490][ T3682] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.981658][ T3682] bridge0: port 1(bridge_slave_0) entered forwarding state
[  159.040544][ T6605] netlink: 'syz.4.965': attribute type 12 has an invalid length.
[  159.085610][ T6605] netlink: 132 bytes leftover after parsing attributes in process `syz.4.965'.
[  159.097373][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  159.118972][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  159.120844][ T6605] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.965'.
[  159.159041][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  159.179101][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.186287][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.247130][ T6605] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.965'.
[  159.267535][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  159.284675][ T6600] delete_channel: no stack
[  159.296706][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  159.316514][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  159.368144][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  159.403867][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  159.429914][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  159.463917][ T6347] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  159.513141][ T6347] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  159.578460][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  159.591961][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  159.606682][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  159.635334][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  159.680589][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  159.714017][ T6625] netlink: 'syz.4.971': attribute type 39 has an invalid length.
[  159.752116][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  159.883417][ T6635] FAULT_INJECTION: forcing a failure.
[  159.883417][ T6635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.947492][ T6635] CPU: 0 PID: 6635 Comm: syz.2.975 Not tainted 6.1.102-syzkaller #0
[  159.955518][ T6635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  159.965593][ T6635] Call Trace:
[  159.968875][ T6635]  <TASK>
[  159.971804][ T6635]  dump_stack_lvl+0x1e3/0x2cb
[  159.976504][ T6635]  ? nf_tcp_handle_invalid+0x642/0x642
[  159.981994][ T6635]  ? panic+0x764/0x764
[  159.986083][ T6635]  ? __lock_acquire+0x1f80/0x1f80
[  159.991133][ T6635]  ? __virt_addr_valid+0x17f/0x530
[  159.996267][ T6635]  should_fail_ex+0x3a6/0x4d0
[  160.001044][ T6635]  _copy_from_iter+0x1de/0xff0
[  160.005833][ T6635]  ? __lock_acquire+0x1f80/0x1f80
[  160.010889][ T6635]  ? copyout_mc+0x100/0x100
[  160.015417][ T6635]  ? __virt_addr_valid+0x17f/0x530
[  160.020549][ T6635]  ? __virt_addr_valid+0x17f/0x530
[  160.025668][ T6635]  ? __virt_addr_valid+0x45b/0x530
[  160.030796][ T6635]  ? __phys_addr_symbol+0x2b/0x70
[  160.035830][ T6635]  ? __check_object_size+0x4dd/0xa30
[  160.041125][ T6635]  kernfs_fop_write_iter+0x1a6/0x4f0
[  160.046426][ T6635]  vfs_write+0x857/0xbc0
[  160.050681][ T6635]  ? file_end_write+0x250/0x250
[  160.055539][ T6635]  ? __fget_files+0x28/0x4a0
[  160.060135][ T6635]  ? __fget_files+0x435/0x4a0
[  160.064827][ T6635]  ? __fdget_pos+0x2ba/0x360
[  160.069415][ T6635]  ? ksys_write+0x77/0x2c0
[  160.073834][ T6635]  ksys_write+0x19c/0x2c0
[  160.078168][ T6635]  ? print_irqtrace_events+0x210/0x210
[  160.083641][ T6635]  ? __ia32_sys_read+0x80/0x80
[  160.088408][ T6635]  ? syscall_enter_from_user_mode+0x2e/0x230
[  160.094388][ T6635]  ? lockdep_hardirqs_on+0x94/0x130
[  160.099588][ T6635]  ? syscall_enter_from_user_mode+0x2e/0x230
[  160.105571][ T6635]  do_syscall_64+0x3b/0xb0
[  160.109996][ T6635]  ? clear_bhb_loop+0x45/0xa0
[  160.114686][ T6635]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  160.120682][ T6635] RIP: 0033:0x7fd7abf773b9
[  160.125110][ T6635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.144727][ T6635] RSP: 002b:00007fd7acda0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  160.153156][ T6635] RAX: ffffffffffffffda RBX: 00007fd7ac105f80 RCX: 00007fd7abf773b9
[  160.161130][ T6635] RDX: 0000000000000016 RSI: 0000000020000380 RDI: 0000000000000005
[  160.169104][ T6635] RBP: 00007fd7acda00a0 R08: 0000000000000000 R09: 0000000000000000
[  160.177065][ T6635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.185028][ T6635] R13: 000000000000000b R14: 00007fd7ac105f80 R15: 00007fffadb93668
[  160.192998][ T6635]  </TASK>
[  160.223933][ T6642] FAULT_INJECTION: forcing a failure.
[  160.223933][ T6642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.273631][ T6642] CPU: 0 PID: 6642 Comm: syz.4.976 Not tainted 6.1.102-syzkaller #0
[  160.281663][ T6642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  160.291735][ T6642] Call Trace:
[  160.295022][ T6642]  <TASK>
[  160.297959][ T6642]  dump_stack_lvl+0x1e3/0x2cb
[  160.302655][ T6642]  ? nf_tcp_handle_invalid+0x642/0x642
[  160.308134][ T6642]  ? panic+0x764/0x764
[  160.312217][ T6642]  ? __lock_acquire+0x1f80/0x1f80
[  160.317270][ T6642]  ? __import_iovec+0x316/0x4c0
[  160.322140][ T6642]  should_fail_ex+0x3a6/0x4d0
[  160.326841][ T6642]  _copy_from_user+0x2b/0x170
[  160.331530][ T6642]  ____sys_sendmsg+0x2f9/0x8f0
[  160.336297][ T6642]  ? __sys_sendmsg_sock+0x30/0x30
[  160.341323][ T6642]  __sys_sendmsg+0x2a9/0x390
[  160.345904][ T6642]  ? ____sys_sendmsg+0x8f0/0x8f0
[  160.350829][ T6642]  ? vfs_write+0x6cf/0xbc0
[  160.355260][ T6642]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  160.361252][ T6642]  ? syscall_enter_from_user_mode+0x2e/0x230
[  160.367220][ T6642]  ? lockdep_hardirqs_on+0x94/0x130
[  160.372411][ T6642]  ? syscall_enter_from_user_mode+0x2e/0x230
[  160.378382][ T6642]  do_syscall_64+0x3b/0xb0
[  160.382789][ T6642]  ? clear_bhb_loop+0x45/0xa0
[  160.387458][ T6642]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  160.393340][ T6642] RIP: 0033:0x7f51eab773b9
[  160.397743][ T6642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.417333][ T6642] RSP: 002b:00007f51eb8ae048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.425735][ T6642] RAX: ffffffffffffffda RBX: 00007f51ead05f80 RCX: 00007f51eab773b9
[  160.433695][ T6642] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  160.441656][ T6642] RBP: 00007f51eb8ae0a0 R08: 0000000000000000 R09: 0000000000000000
[  160.449612][ T6642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.457570][ T6642] R13: 000000000000000b R14: 00007f51ead05f80 R15: 00007ffcabf3e8a8
[  160.465538][ T6642]  </TASK>
[  160.630344][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  160.659847][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  160.700018][ T6347] 8021q: adding VLAN 0 to HW filter on device batadv0
[  160.758306][ T6658] netlink: 'syz.4.980': attribute type 12 has an invalid length.
[  160.792370][ T6658] netlink: 132 bytes leftover after parsing attributes in process `syz.4.980'.
[  160.882902][ T6658] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.980'.
[  160.892520][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  160.925958][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  160.996526][ T6658] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.980'.
[  161.060542][ T6657] delete_channel: no stack
[  161.090197][ T6347] device veth0_vlan entered promiscuous mode
[  161.106948][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  161.125834][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  161.157209][ T6347] device veth1_vlan entered promiscuous mode
[  161.216314][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  161.224819][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  161.256082][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  161.285884][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  161.319851][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  161.338016][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  161.381519][ T6347] device veth0_macvtap entered promiscuous mode
[  161.396284][ T6680] netlink: 'syz.4.985': attribute type 39 has an invalid length.
[  161.426000][ T6347] device veth1_macvtap entered promiscuous mode
[  161.471425][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.502622][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.521055][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.543033][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.572566][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.591004][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.612860][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.644375][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.669347][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.691093][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.717817][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.741116][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.762469][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.786746][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.807877][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.828207][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.840624][ T6347] batman_adv: batadv0: Interface activated: batadv_slave_0
[  161.864004][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  161.877884][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  161.897912][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  161.917023][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  161.950479][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.983320][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.003474][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.024418][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.049906][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.073128][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.096491][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.112528][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.123797][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.134867][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.145354][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.156678][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.169746][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.180686][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.192546][ T6347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.203260][ T6347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.215501][ T6347] batman_adv: batadv0: Interface activated: batadv_slave_1
[  162.231335][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  162.247122][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  162.266497][ T6347] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  162.278627][ T6347] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  162.287893][ T6347] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  162.305855][ T6347] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.478368][ T6711] netlink: 'syz.0.994': attribute type 12 has an invalid length.
[  162.504638][ T6711] netlink: 132 bytes leftover after parsing attributes in process `syz.0.994'.
[  162.549676][ T4269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.570884][ T4269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.585807][ T6709] delete_channel: no stack
[  162.635657][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  162.661924][ T4269] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.680563][ T4269] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.731699][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  163.027907][ T6731] netlink: 'syz.3.998': attribute type 39 has an invalid length.
[  163.204698][ T6744] FAULT_INJECTION: forcing a failure.
[  163.204698][ T6744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.263290][ T6744] CPU: 0 PID: 6744 Comm: syz.4.1001 Not tainted 6.1.102-syzkaller #0
[  163.271403][ T6744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  163.281481][ T6744] Call Trace:
[  163.284777][ T6744]  <TASK>
[  163.287727][ T6744]  dump_stack_lvl+0x1e3/0x2cb
[  163.292432][ T6744]  ? nf_tcp_handle_invalid+0x642/0x642
[  163.297924][ T6744]  ? panic+0x764/0x764
[  163.302013][ T6744]  ? __lock_acquire+0x1f80/0x1f80
[  163.307066][ T6744]  should_fail_ex+0x3a6/0x4d0
[  163.311769][ T6744]  _copy_from_user+0x2b/0x170
[  163.316562][ T6744]  iovec_from_user+0x13d/0x380
[  163.321335][ T6744]  ? __might_fault+0xa1/0x110
[  163.326004][ T6744]  __import_iovec+0x72/0x4c0
[  163.330589][ T6744]  import_iovec+0xe6/0x120
[  163.335001][ T6744]  copy_msghdr_from_user+0x527/0x670
[  163.340300][ T6744]  ? sendmsg_copy_msghdr+0x70/0x70
[  163.345428][ T6744]  __sys_sendmsg+0x236/0x390
[  163.350023][ T6744]  ? ____sys_sendmsg+0x8f0/0x8f0
[  163.354956][ T6744]  ? vfs_write+0x6cf/0xbc0
[  163.359386][ T6744]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  163.365364][ T6744]  ? syscall_enter_from_user_mode+0x2e/0x230
[  163.371328][ T6744]  ? lockdep_hardirqs_on+0x94/0x130
[  163.376514][ T6744]  ? syscall_enter_from_user_mode+0x2e/0x230
[  163.382481][ T6744]  do_syscall_64+0x3b/0xb0
[  163.386886][ T6744]  ? clear_bhb_loop+0x45/0xa0
[  163.391552][ T6744]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  163.397432][ T6744] RIP: 0033:0x7f51eab773b9
[  163.401835][ T6744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.421426][ T6744] RSP: 002b:00007f51eb8ae048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.429824][ T6744] RAX: ffffffffffffffda RBX: 00007f51ead05f80 RCX: 00007f51eab773b9
[  163.437781][ T6744] RDX: 0000000000000600 RSI: 0000000020000540 RDI: 0000000000000003
[  163.445737][ T6744] RBP: 00007f51eb8ae0a0 R08: 0000000000000000 R09: 0000000000000000
[  163.453690][ T6744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.461644][ T6744] R13: 000000000000000b R14: 00007f51ead05f80 R15: 00007ffcabf3e8a8
[  163.469611][ T6744]  </TASK>
[  163.673648][ T6757] netlink: 'syz.2.1006': attribute type 12 has an invalid length.
[  163.729705][ T6757] __nla_validate_parse: 2 callbacks suppressed
[  163.729723][ T6757] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1006'.
[  163.831355][ T6763] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.1006'.
[  163.857297][ T6763] netlink: 4093 bytes leftover after parsing attributes in process `syz.2.1006'.
[  163.889152][ T6756] delete_channel: no stack
[  164.233802][ T6783] netlink: 'syz.0.1012': attribute type 39 has an invalid length.
[  164.797409][ T6807] netlink: 'syz.3.1020': attribute type 12 has an invalid length.
[  164.832488][ T6807] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1020'.
[  164.928046][ T6807] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.1020'.
[  164.965857][ T6807] netlink: 4093 bytes leftover after parsing attributes in process `syz.3.1020'.
[  165.007156][ T6806] delete_channel: no stack
[  165.398682][ T6835] netlink: 'syz.3.1027': attribute type 39 has an invalid length.
[  166.092364][ T6861] netlink: 'syz.4.1034': attribute type 12 has an invalid length.
[  166.140721][ T6861] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1034'.
[  166.197493][ T6863] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.1034'.
[  166.223706][ T6863] netlink: 4093 bytes leftover after parsing attributes in process `syz.4.1034'.
[  166.260359][ T6859] delete_channel: no stack
[  166.828547][ T6885] netlink: 'syz.0.1040': attribute type 39 has an invalid length.
[  167.399793][ T6911] netlink: 'syz.0.1047': attribute type 12 has an invalid length.
[  167.425450][ T6911] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1047'.
[  167.478346][ T6909] delete_channel: no stack
[  273.195288][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  273.202034][    C0] rcu: 	0-...!: (10499 ticks this GP) idle=79dc/1/0x4000000000000000 softirq=19558/19558 fqs=9
[  273.213385][    C0] 	(t=10500 jiffies g=23817 q=673 ncpus=2)
[  273.219209][    C0] rcu: rcu_preempt kthread starved for 10450 jiffies! g23817 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  273.230418][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  273.240395][    C0] rcu: RCU grace-period kthread stack dump:
[  273.246298][    C0] task:rcu_preempt     state:R  running task     stack:27160 pid:16    ppid:2      flags:0x00004000
[  273.257111][    C0] Call Trace:
[  273.260393][    C0]  <TASK>
[  273.263335][    C0]  __schedule+0x143f/0x4570
[  273.267857][    C0]  ? _raw_spin_unlock+0x40/0x40
[  273.272729][    C0]  ? __mod_timer+0x956/0xee0
[  273.277339][    C0]  ? release_firmware_map_entry+0x186/0x186
[  273.283245][    C0]  ? lockdep_softirqs_off+0x420/0x420
[  273.288628][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  273.294530][    C0]  ? _raw_spin_unlock+0x40/0x40
[  273.299399][    C0]  schedule+0xbf/0x180
[  273.303481][    C0]  schedule_timeout+0x1b9/0x300
[  273.308340][    C0]  ? console_conditional_schedule+0x40/0x40
[  273.314241][    C0]  ? update_process_times+0x1b0/0x1b0
[  273.319636][    C0]  ? prepare_to_swait_event+0x329/0x350
[  273.325201][    C0]  rcu_gp_fqs_loop+0x2d2/0x1150
[  273.330075][    C0]  ? dyntick_save_progress_counter+0x2b0/0x2b0
[  273.336244][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  273.341451][    C0]  ? rcu_gp_init+0x15f0/0x15f0
[  273.346223][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  273.352132][    C0]  ? finish_swait+0xcf/0x1e0
[  273.356739][    C0]  rcu_gp_kthread+0xa3/0x3b0
[  273.361343][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  273.366463][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  273.372376][    C0]  ? __kthread_parkme+0x168/0x1c0
[  273.377420][    C0]  kthread+0x28d/0x320
[  273.381494][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  273.386614][    C0]  ? kthread_blkcg+0xd0/0xd0
[  273.391212][    C0]  ret_from_fork+0x1f/0x30
[  273.395660][    C0]  </TASK>
[  273.398697][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  273.405026][    C0] Sending NMI from CPU 0 to CPUs 1:
[  273.410243][    C1] NMI backtrace for cpu 1
[  273.410261][    C1] CPU: 1 PID: 21 Comm: ksoftirqd/1 Not tainted 6.1.102-syzkaller #0
[  273.410278][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  273.410287][    C1] RIP: 0010:unwind_next_frame+0x1ca/0x2220
[  273.410311][    C1] Code: 49 29 c6 49 c1 ee 08 48 c7 c0 28 65 af 8f 48 c7 c1 08 e7 d6 8f 48 29 c1 48 c1 e9 02 45 31 ff 80 3d aa d9 9b 0b 00 44 0f 45 f9 <41> 8d 47 ff 44 39 f0 0f 86 26 19 00 00 44 89 f0 48 8d 1c 85 28 65
[  273.410323][    C1] RSP: 0018:ffffc900001b7100 EFLAGS: 00000202
[  273.410338][    C1] RAX: ffffffff8faf6528 RBX: ffffc900001b7228 RCX: 000000000009e078
[  273.410350][    C1] RDX: dffffc0000000000 RSI: ffffffff889d3ed7 RDI: dffffc0000000000
[  273.410361][    C1] RBP: 1ffff92000036e42 R08: 0000000000000008 R09: ffffc900001b72d0
[  273.410373][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888012b59dc0
[  273.410384][    C1] R13: ffffffff889d3ed6 R14: 0000000000079d3e R15: 000000000009e078
[  273.410395][    C1] FS:  0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  273.410409][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  273.410421][    C1] CR2: 00007f68651b0270 CR3: 000000007f9c3000 CR4: 00000000003506e0
[  273.410434][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  273.410444][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  273.410454][    C1] Call Trace:
[  273.410458][    C1]  <NMI>
[  273.410465][    C1]  ? nmi_cpu_backtrace+0x3de/0x560
[  273.410485][    C1]  ? read_lock_is_recursive+0x10/0x10
[  273.410510][    C1]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  273.410530][    C1]  ? nmi_handle+0x25/0x440
[  273.410564][    C1]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  273.410585][    C1]  ? nmi_handle+0x12e/0x440
[  273.410606][    C1]  ? nmi_handle+0x25/0x440
[  273.410628][    C1]  ? unwind_next_frame+0x1ca/0x2220
[  273.410644][    C1]  ? default_do_nmi+0x62/0x150
[  273.410666][    C1]  ? exc_nmi+0xa8/0x100
[  273.410685][    C1]  ? end_repeat_nmi+0x16/0x31
[  273.410705][    C1]  ? __napi_poll+0xc6/0x470
[  273.410729][    C1]  ? __napi_poll+0xc7/0x470
[  273.410748][    C1]  ? unwind_next_frame+0x1ca/0x2220
[  273.410765][    C1]  ? unwind_next_frame+0x1ca/0x2220
[  273.410784][    C1]  ? unwind_next_frame+0x1ca/0x2220
[  273.410801][    C1]  </NMI>
[  273.410806][    C1]  <TASK>
[  273.410820][    C1]  ? __napi_poll+0xc7/0x470
[  273.410842][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  273.410862][    C1]  arch_stack_walk+0x10d/0x140
[  273.410883][    C1]  ? __napi_poll+0xc7/0x470
[  273.410906][    C1]  stack_trace_save+0x113/0x1c0
[  273.410928][    C1]  ? stack_trace_snprint+0xe0/0xe0
[  273.410955][    C1]  ? ip6_mc_input+0x9bf/0xbd0
[  273.410974][    C1]  kasan_set_track+0x4b/0x70
[  273.410993][    C1]  ? kasan_set_track+0x4b/0x70
[  273.411011][    C1]  ? kasan_save_free_info+0x27/0x40
[  273.411027][    C1]  ? ____kasan_slab_free+0xd6/0x120
[  273.411047][    C1]  ? kmem_cache_free+0x292/0x510
[  273.411062][    C1]  ? ip6_mc_input+0x9bf/0xbd0
[  273.411080][    C1]  ? NF_HOOK+0x39d/0x450
[  273.411095][    C1]  ? __netif_receive_skb+0x1c6/0x530
[  273.411114][    C1]  ? process_backlog+0x381/0x760
[  273.411132][    C1]  ? __napi_poll+0xc7/0x470
[  273.411192][    C1]  kasan_save_free_info+0x27/0x40
[  273.411209][    C1]  ____kasan_slab_free+0xd6/0x120
[  273.411232][    C1]  kmem_cache_free+0x292/0x510
[  273.411250][    C1]  ? ip6_mc_input+0x9bf/0xbd0
[  273.411272][    C1]  ip6_mc_input+0x9bf/0xbd0
[  273.411295][    C1]  ? ip6_input_finish+0x2c0/0x2c0
[  273.411317][    C1]  ? ip6_rcv_finish+0x199/0x230
[  273.411336][    C1]  ? net_zcopy_put_abort+0x80/0x80
[  273.411354][    C1]  NF_HOOK+0x39d/0x450
[  273.411370][    C1]  ? sock_wfree+0x23d/0x610
[  273.411389][    C1]  ? NF_HOOK+0x96/0x450
[  273.411406][    C1]  ? ip6_rcv_core+0x1680/0x1680
[  273.411426][    C1]  ? net_zcopy_put_abort+0x80/0x80
[  273.411452][    C1]  ? ip6_rcv_finish_core+0x410/0x410
[  273.411471][    C1]  __netif_receive_skb+0x1c6/0x530
[  273.411493][    C1]  ? read_lock_is_recursive+0x10/0x10
[  273.411514][    C1]  ? __netif_receive_skb_list_core+0x890/0x890
[  273.411536][    C1]  ? __lock_acquire+0x1f80/0x1f80
[  273.411556][    C1]  ? perf_trace_lock+0x138/0x440
[  273.411582][    C1]  ? process_backlog+0x2c9/0x760
[  273.411602][    C1]  process_backlog+0x381/0x760
[  273.411632][    C1]  ? trigger_rx_softirq+0x60/0x60
[  273.411651][    C1]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  273.411674][    C1]  ? print_irqtrace_events+0x210/0x210
[  273.411696][    C1]  __napi_poll+0xc7/0x470
[  273.411720][    C1]  net_rx_action+0x70f/0xeb0
[  273.411752][    C1]  ? net_tx_action+0x9a0/0x9a0
[  273.411770][    C1]  ? ct_irq_exit_irqson+0x150/0x1b0
[  273.411792][    C1]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  273.411818][    C1]  ? handle_softirqs+0x1ef/0xa40
[  273.411844][    C1]  handle_softirqs+0x2ee/0xa40
[  273.411871][    C1]  ? run_ksoftirqd+0xc6/0x120
[  273.411889][    C1]  ? do_softirq+0x240/0x240
[  273.411911][    C1]  ? run_ksoftirqd+0xa3/0x120
[  273.411925][    C1]  ? run_ksoftirqd+0xa3/0x120
[  273.411943][    C1]  run_ksoftirqd+0xc6/0x120
[  273.411957][    C1]  ? ksoftirqd_should_run+0x20/0x20
[  273.411977][    C1]  ? ksoftirqd_should_run+0x20/0x20
[  273.411993][    C1]  smpboot_thread_fn+0x52c/0xa30
[  273.412014][    C1]  ? smpboot_thread_fn+0x4a/0xa30
[  273.412041][    C1]  kthread+0x28d/0x320
[  273.412055][    C1]  ? cpu_report_death+0x2b0/0x2b0
[  273.412073][    C1]  ? kthread_blkcg+0xd0/0xd0
[  273.412089][    C1]  ret_from_fork+0x1f/0x30
[  273.412120][    C1]  </TASK>
[  273.412240][    C0] CPU: 0 PID: 6920 Comm: syz.3.1050 Not tainted 6.1.102-syzkaller #0
[  273.941537][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  273.951570][    C0] RIP: 0010:__ipv6_addr_type+0x170/0x2e0
[  273.957185][    C0] Code: 87 0b f8 bb 42 00 05 00 eb 17 e8 1b 87 0b f8 bb 22 00 02 00 eb 0b e8 0f 87 0b f8 c1 e3 10 83 cb 02 89 d8 5b 41 5c 41 5e 41 5f <5d> c3 4d 8d 77 04 4c 89 f0 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85
[  273.976766][    C0] RSP: 0018:ffffc90000006ba8 EFLAGS: 00000246
[  273.982809][    C0] RAX: 0000000000020021 RBX: 0000000000000000 RCX: ffff888058360000
[  273.990757][    C0] RDX: 0000000000000301 RSI: ffffffff8e618e70 RDI: 00000000000080fe
[  273.998705][    C0] RBP: 00000000000080fe R08: 0000000000000003 R09: ffffffff897f1414
[  274.006652][    C0] R10: 0000000000000002 R11: ffff888058360000 R12: ffffc90000006c88
[  274.014771][    C0] R13: ffffc90000006c80 R14: ffff888020528000 R15: ffff888073e69c00
[  274.022720][    C0] FS:  00007f07d055a6c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  274.031626][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  274.038187][    C0] CR2: 000056466ca26950 CR3: 000000004e7ed000 CR4: 00000000003506f0
[  274.046136][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  274.054080][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  274.062027][    C0] Call Trace:
[  274.065288][    C0]  <IRQ>
[  274.068113][    C0]  ? rcu_dump_cpu_stacks+0x296/0x4f0
[  274.073383][    C0]  ? print_cpu_stall+0x346/0x5f0
[  274.078298][    C0]  ? rcu_sched_clock_irq+0x997/0x1200
[  274.083648][    C0]  ? rcutree_dead_cpu+0x20/0x20
[  274.088476][    C0]  ? hrtimer_run_queues+0x163/0x450
[  274.093655][    C0]  ? update_process_times+0x147/0x1b0
[  274.099006][    C0]  ? tick_sched_timer+0x386/0x550
[  274.104006][    C0]  ? tick_setup_sched_timer+0x2f0/0x2f0
[  274.109528][    C0]  ? __hrtimer_run_queues+0x5a7/0xe50
[  274.114887][    C0]  ? hrtimer_interrupt+0x980/0x980
[  274.119978][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  274.126028][    C0]  ? hrtimer_interrupt+0x392/0x980
[  274.131132][    C0]  ? __sysvec_apic_timer_interrupt+0x156/0x580
[  274.137264][    C0]  ? sysvec_apic_timer_interrupt+0x3e/0xb0
[  274.143044][    C0]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  274.149179][    C0]  ? __ipv6_addr_type+0xf4/0x2e0
[  274.154096][    C0]  ? __ipv6_addr_type+0x170/0x2e0
[  274.159098][    C0]  __ipv6_dev_get_saddr+0x117/0x4a0
[  274.164307][    C0]  ipv6_dev_get_saddr+0x413/0xb60
[  274.169333][    C0]  ? ipv6_dev_get_saddr+0x226/0xb60
[  274.174527][    C0]  ? in6_dev_put+0x80/0x80
[  274.178928][    C0]  ? perf_trace_lock+0x138/0x440
[  274.183852][    C0]  ? __ipv6_addr_type+0x142/0x2e0
[  274.188864][    C0]  ? ip6_dst_lookup_tail+0x1f6/0x11f0
[  274.194216][    C0]  ip6_dst_lookup_tail+0xcd4/0x11f0
[  274.199399][    C0]  ? ip6_dst_lookup+0x60/0x60
[  274.204054][    C0]  ? __lock_acquire+0x1f80/0x1f80
[  274.209068][    C0]  ip6_dst_lookup_flow+0xb5/0x170
[  274.214070][    C0]  ? ip6_dst_lookup_tail+0x11f0/0x11f0
[  274.219508][    C0]  ? dst_cache_get_ip6+0xb7/0xe0
[  274.224427][    C0]  ? ip6_dst_lookup_tail+0x11f0/0x11f0
[  274.229863][    C0]  geneve_get_v6_dst+0x852/0xb80
[  274.234791][    C0]  ? skb_vlan_inet_prepare+0x6c0/0x6c0
[  274.240237][    C0]  geneve_xmit+0x8a4/0x3550
[  274.244737][    C0]  ? geneve_xmit+0x14a/0x3550
[  274.249392][    C0]  ? skb_network_protocol+0x5a4/0x7a0
[  274.254743][    C0]  ? geneve_stop+0x1d0/0x1d0
[  274.259308][    C0]  ? __lock_acquire+0x125b/0x1f80
[  274.264314][    C0]  ? validate_xmit_xfrm+0xb4/0x10b0
[  274.269489][    C0]  ? skb_crc32c_csum_help+0x540/0x540
[  274.274849][    C0]  ? xfrm_init_replay+0x2a0/0x2a0
[  274.279857][    C0]  ? validate_xmit_skb+0x881/0x10e0
[  274.285036][    C0]  dev_hard_start_xmit+0x261/0x8c0
[  274.290144][    C0]  __dev_queue_xmit+0x1bb1/0x3cf0
[  274.295153][    C0]  ? __dev_queue_xmit+0x2d6/0x3cf0
[  274.300330][    C0]  ? netdev_core_pick_tx+0x320/0x320
[  274.305587][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  274.310762][    C0]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  274.316894][    C0]  ? llc_sysctl_exit+0x60/0x60
[  274.321637][    C0]  ? neigh_resolve_output+0x4fa/0x730
[  274.326987][    C0]  ? neigh_resolve_output+0x610/0x730
[  274.332342][    C0]  ip6_finish_output2+0xee1/0x1530
[  274.337438][    C0]  ? __lock_acquire+0x1f80/0x1f80
[  274.342442][    C0]  ? ip6_finish_output2+0x698/0x1530
[  274.347715][    C0]  ? nf_hook+0x450/0x450
[  274.351939][    C0]  ? ip6_mtu+0x7d/0x3e0
[  274.356077][    C0]  ip6_finish_output+0x6a0/0xa80
[  274.360999][    C0]  ndisc_send_skb+0xbab/0x14e0
[  274.365739][    C0]  ? ndisc_send_skb+0x5a8/0x14e0
[  274.370659][    C0]  ? ndisc_mc_map+0x7d0/0x7d0
[  274.375311][    C0]  ? skb_dst+0xd0/0xd0
[  274.379354][    C0]  ? skb_set_owner_w+0x20b/0x380
[  274.384275][    C0]  ? ndisc_send_rs+0x517/0x6a0
[  274.389018][    C0]  addrconf_rs_timer+0x357/0x610
[  274.393932][    C0]  ? addrconf_disable_policy_idev+0x4e0/0x4e0
[  274.399973][    C0]  ? perf_trace_preemptirq_template+0x2d1/0x3d0
[  274.406195][    C0]  call_timer_fn+0x1ad/0x6b0
[  274.410763][    C0]  ? addrconf_disable_policy_idev+0x4e0/0x4e0
[  274.416806][    C0]  ? call_timer_fn+0xc2/0x6b0
[  274.421457][    C0]  ? __run_timers+0x890/0x890
[  274.426117][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  274.431288][    C0]  ? addrconf_disable_policy_idev+0x4e0/0x4e0
[  274.437326][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  274.442502][    C0]  ? addrconf_disable_policy_idev+0x4e0/0x4e0
[  274.448542][    C0]  __run_timers+0x67c/0x890
[  274.453033][    C0]  ? detach_timer+0x380/0x380
[  274.457687][    C0]  ? run_timer_softirq+0x1e/0xf0
[  274.462596][    C0]  ? run_timer_softirq+0x2c/0xf0
[  274.467513][    C0]  run_timer_softirq+0x63/0xf0
[  274.472252][    C0]  handle_softirqs+0x2ee/0xa40
[  274.477000][    C0]  ? __irq_exit_rcu+0x157/0x240
[  274.481837][    C0]  ? do_softirq+0x240/0x240
[  274.486315][    C0]  ? hrtimer_interrupt+0x76b/0x980
[  274.491403][    C0]  ? irqtime_account_irq+0xd0/0x1e0
[  274.496580][    C0]  __irq_exit_rcu+0x157/0x240
[  274.501235][    C0]  ? irq_exit_rcu+0x20/0x20
[  274.505726][    C0]  irq_exit_rcu+0x5/0x20
[  274.509945][    C0]  sysvec_apic_timer_interrupt+0x91/0xb0
[  274.515555][    C0]  </IRQ>
[  274.518462][    C0]  <TASK>
[  274.521374][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  274.527331][    C0] RIP: 0010:preempt_schedule_irq+0xf2/0x1c0
[  274.533205][    C0] Code: 89 f5 49 c1 ed 03 eb 0d 48 f7 03 08 00 00 00 0f 84 97 00 00 00 bf 01 00 00 00 e8 f9 e1 b0 f6 e8 a4 de e3 f6 fb bf 01 00 00 00 <e8> 79 b4 ff ff 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 39 a4 34 f7 48
[  274.552790][    C0] RSP: 0018:ffffc90004ba7560 EFLAGS: 00000286
[  274.558835][    C0] RAX: ea2b7b1c87cd5700 RBX: 1ffff92000974eb4 RCX: ffffffff816ad9fa
[  274.566792][    C0] RDX: dffffc0000000000 RSI: ffffffff8b0c0240 RDI: 0000000000000001
[  274.574737][    C0] RBP: ffffc90004ba7620 R08: dffffc0000000000 R09: fffffbfff20e7259
[  274.582684][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000974eac
[  274.590630][    C0] R13: 1ffff92000974eb0 R14: ffffc90004ba7580 R15: dffffc0000000000
[  274.598583][    C0]  ? mark_lock+0x9a/0x340
[  274.602897][    C0]  ? preempt_schedule_notrace+0x140/0x140
[  274.608594][    C0]  ? print_irqtrace_events+0x210/0x210
[  274.614037][    C0]  irqentry_exit+0x53/0x80
[  274.618428][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  274.624385][    C0] RIP: 0010:qlink_to_cache+0x21/0xa0
[  274.629648][    C0] Code: 5d 41 5e 41 5f 5d c3 66 90 e8 9b 7d 5b ff 48 c1 e8 06 48 83 e0 c0 48 ba 00 00 00 00 00 ea ff ff 48 8b 4c 10 08 f6 c1 01 75 3c <48> 01 d0 66 90 48 8b 48 08 f6 c1 01 75 59 66 90 48 8b 08 48 c1 e1
[  274.649225][    C0] RSP: 0018:ffffc90004ba76e0 EFLAGS: 00000246
[  274.655270][    C0] RAX: 0000000000855f40 RBX: ffff88802157d140 RCX: 0000000000000000
[  274.663217][    C0] RDX: ffffea0000000000 RSI: 000000000001ab79 RDI: 000000000001ab7a
[  274.671172][    C0] RBP: dffffc0000000000 R08: ffffffff813db118 R09: 000000008080007e
[  274.679116][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  274.687062][    C0] R13: 0000000000000cc0 R14: ffff88802157d140 R15: 0000000000000000
[  274.695013][    C0]  ? __phys_addr+0xa8/0x170
[  274.699499][    C0]  qlist_free_all+0x3b/0xe0
[  274.703980][    C0]  kasan_quarantine_reduce+0x156/0x170
[  274.709418][    C0]  __kasan_slab_alloc+0x1f/0x70
[  274.714248][    C0]  slab_post_alloc_hook+0x52/0x3a0
[  274.719339][    C0]  kmem_cache_alloc+0x10c/0x2d0
[  274.724165][    C0]  ? vm_area_dup+0x23/0x1b0
[  274.728652][    C0]  vm_area_dup+0x23/0x1b0
[  274.732963][    C0]  copy_mm+0xbbc/0x1990
[  274.737195][    C0]  ? copy_signal+0x670/0x670
[  274.741760][    C0]  ? lockdep_init_map_type+0x9d/0x900
[  274.747123][    C0]  ? __init_rwsem+0x11e/0x160
[  274.751783][    C0]  ? copy_signal+0x548/0x670
[  274.756347][    C0]  copy_process+0x19d5/0x4060
[  274.761005][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  274.766965][    C0]  ? print_irqtrace_events+0x210/0x210
[  274.772399][    C0]  ? copy_process+0x9e1/0x4060
[  274.777146][    C0]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  274.783279][    C0]  ? idle_dummy+0x10/0x10
[  274.787585][    C0]  ? kernel_clone+0x1f8/0x920
[  274.792239][    C0]  kernel_clone+0x222/0x920
[  274.796722][    C0]  ? create_io_thread+0x180/0x180
[  274.801740][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  274.807705][    C0]  __x64_sys_clone+0x231/0x280
[  274.812445][    C0]  ? __do_sys_vfork+0x110/0x110
[  274.817267][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  274.822448][    C0]  ? syscall_enter_from_user_mode+0x37/0x230
[  274.828411][    C0]  ? syscall_enter_from_user_mode+0x2e/0x230
[  274.834365][    C0]  do_syscall_64+0x3b/0xb0
[  274.838762][    C0]  ? clear_bhb_loop+0x45/0xa0
[  274.843421][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  274.849290][    C0] RIP: 0033:0x7f07cf7773b9
[  274.853683][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.873264][    C0] RSP: 002b:00007f07d0559ff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  274.881655][    C0] RAX: ffffffffffffffda RBX: 00007f07cf905f80 RCX: 00007f07cf7773b9
[  274.889601][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  274.897548][    C0] RBP: 00007f07cf7e48e6 R08: 0000000000000000 R09: 0000000000000000
[  274.905493][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  274.913438][    C0] R13: 000000000000000b R14: 00007f07cf905f80 R15: 00007ffd893570c8
[  274.921396][    C0]  </TASK>
[  274.955688][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  274.962028][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  276.976066][ T3648] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  276.993626][ T3649] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  277.001619][ T3648] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  277.011019][ T3649] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  277.018792][ T3648] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  277.028789][ T3649] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  277.125566][ T3651] Bluetooth: hci5: command 0x0406 tx timeout
[  277.131776][ T3651] Bluetooth: hci1: command 0x0406 tx timeout
[  277.138033][ T3639] Bluetooth: hci6: command 0x0406 tx timeout
[  277.144064][ T3639] Bluetooth: hci8: command 0x0406 tx timeout
[  277.150148][ T3636] Bluetooth: hci4: command 0x0406 tx timeout
[  277.156226][ T3650] Bluetooth: hci3: command 0x0406 tx timeout
[  277.162243][ T3650] Bluetooth: hci2: command 0x0406 tx timeout
[  277.171774][ T3641] Bluetooth: hci0: command 0x0406 tx timeout
[  277.275842][ T3650] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  277.287163][ T3650] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  277.295154][ T3650] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  277.304377][ T3651] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  277.312216][ T3651] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  277.320128][ T3650] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  277.426008][ T3651] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  277.435094][ T3651] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  277.443690][ T3641] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  277.452821][ T3641] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  277.461076][ T3651] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  277.475740][ T3651] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  277.512919][ T3639] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  277.522855][ T3651] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  277.532397][ T3641] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  277.541684][ T3651] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  277.549507][ T3651] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  277.557406][ T3641] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=-1 (errno 104: Connection reset by peer)
[  277.739079][ T3641] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  277.748352][ T3641] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  277.756703][ T3651] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  277.776492][ T3641] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  277.787018][ T3651] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  277.794591][ T3641] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  279.094193][ T3650] Bluetooth: hci9: command tx timeout
[  279.496802][ T3650] Bluetooth: hci10: command tx timeout
[  279.525516][ T3650] Bluetooth: hci11: command tx timeout
[  279.656927][ T3650] Bluetooth: hci12: command tx timeout
[  279.663131][ T3650] Bluetooth: hci7: command 0x0406 tx timeout
[  279.863788][ T3650] Bluetooth: hci13: command tx timeout
[  280.229929][ T3640] syz-executor (3640) used greatest stack depth: 20152 bytes left
[  281.525669][ T3650] Bluetooth: hci10: command tx timeout
[  281.614735][ T3650] Bluetooth: hci11: command tx timeout
[  281.695453][ T3650] Bluetooth: hci12: command tx timeout