last executing test programs:

15.145915174s ago: executing program 1 (id=2443):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000002000000000000000000000000019000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x3f, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff})
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
ioctl$TUNSETIFF(r1, 0xb701, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0, <r9=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f00000003c0)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r9}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0x10, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r9}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

14.143392773s ago: executing program 1 (id=2445):
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x7}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x2, 0x922000000001, 0x106)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r2, @ANYBLOB="020000000000001d000000000000003396ac4427", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000000000000400"/28], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000500)={r2, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=r4, @ANYBLOB="0600"/20, @ANYRES32=r5, @ANYRES32=r2, @ANYBLOB="01000000000000800500"/28], 0x50)
setsockopt$sock_attach_bpf(r3, 0x6, 0x24, &(0x7f0000000000), 0xff7b)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0x3}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x3d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000540)={@map, 0xffffffffffffffff, 0xb}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'gre0\x00', 0x10})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f0, &(0x7f0000000080))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f1, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f2, &(0x7f0000000080))

13.071956029s ago: executing program 1 (id=2454):
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f00000001c0), 0x12)
r4 = openat$cgroup_freezer_state(r2, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r4, &(0x7f00000000c0)='THAWED\x00', 0x7)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4)
sendmsg$inet(r1, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1}, 0x3e8)

12.687647197s ago: executing program 1 (id=2459):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0x4000000000006, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x7, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x8000000000000001, 0x8b0}, 0x4, 0x1, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000008c0)=r0, 0x4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x21c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x7, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000200)={&(0x7f0000000000)=@in6={0xa, 0xce22, 0x1, @mcast2, 0x42}, 0x80, 0x0}, 0x0)
socket$kcm(0x2, 0x2, 0x73)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x215d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x265a, 0x7}, 0x100904, 0x0, 0x0, 0x0, 0x8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r3 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000001c0)={&(0x7f0000000140)=@qipcrtr, 0x80, 0x0}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r4 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0xf}, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x0, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'batadv_slave_0\x00', 0x1})
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8924, &(0x7f0000000080))

2.490083334s ago: executing program 3 (id=2514):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x15a46b2e6b50aa2d, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff, 0x1]}, 0x94)
r0 = socket$kcm(0x11, 0x2, 0x0)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000000c0)=r0, 0x8)
close(r0)
r2 = socket$kcm(0x11, 0x2, 0x0)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)
setsockopt$sock_attach_bpf(r3, 0x107, 0x12, &(0x7f00000000c0)=r2, 0x8)

2.005247182s ago: executing program 3 (id=2518):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'vlan0\x00', 0x1})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x2}, 0x94)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0x1}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x6, [@const={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x2, 0x0, 0x0, 0x12}, @typedef={0x4, 0x0, 0x0, 0x12, 0x2}]}, {0x0, [0x0, 0x5f, 0x0, 0x61]}}, 0x0, 0x42, 0x0, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x100)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={r5, &(0x7f0000000400)="11a26440878f37eb81ef02dd6aaf658cd06417d931a38e74e5236971c3d190152b306c882c23bd0a798512f536fb2d773cda3b50284da3475b31381bdbdc7c0f07b045d9a514a4f376b327d1e75398277895f452dedb9aa9e7f9b6c33ea0d9d8910ad900175e54456a25f1badd668914c83add3be2e04d67215cf175546bf1cd6020b250568760ad39a4e79fa169382813628b8702c1daccb7debf6b9d9665eee34082edfd3753", &(0x7f00000005c0)=""/252, 0x4}, 0x20)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00')
r6 = getpid()
perf_event_open(&(0x7f00000006c0)={0x3, 0x80, 0x2a, 0x3, 0x8, 0x7f, 0x0, 0x1ff, 0x80020, 0x7, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xff, 0x2, @perf_config_ext={0xabf, 0x71f4}, 0x200, 0xecd4, 0x1ff, 0x3, 0xd, 0xc, 0x1000, 0x0, 0x9, 0x0, 0x7}, r6, 0x4, r4, 0x0)
close(0xffffffffffffffff)

1.431281179s ago: executing program 3 (id=2523):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x202e, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1, 0x0, 0x0, 0x2, 0xd381, 0x0, 0x3}, 0x0, 0x0, r1, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3, 0x9e, 0x6, 0x22, 0x0, 0x8001, 0x42002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0xc18, 0x2, @perf_bp={&(0x7f0000000000), 0x5}, 0x100008, 0x5, 0x4, 0x8, 0xa, 0x5, 0x3991, 0x0, 0x2, 0x0, 0x8a}, r0, 0x4, r1, 0x9) (rerun: 64)

1.383292113s ago: executing program 0 (id=2524):
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b19, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})

1.234239138s ago: executing program 3 (id=2525):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x15a46b2e6b50aa2d, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff, 0x1]}, 0x94)
r0 = socket$kcm(0x11, 0x2, 0x0)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000000c0)=r0, 0x8)
close(r0)
r2 = socket$kcm(0x11, 0x2, 0x0)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)
setsockopt$sock_attach_bpf(r3, 0x107, 0x12, &(0x7f00000000c0)=r2, 0x8)

1.179479914s ago: executing program 0 (id=2526):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x3}, 0x80, &(0x7f0000000100)=[{&(0x7f00000006c0)="62043c00590200000001ad2f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee844", 0x46}, {&(0x7f0000000380)="2cdad6fd054319617d4f63962fcf63bc68a3dee9dd67fad7f3c8c93400ffac409209aa7d4f7787f19787ae18e57445c802d67b1f73a74486e95ede73def18ab2befcdd272f261b0ac2a96b43a87a3c714e1e0f9f238596c693859b0ce7c5c4805406ab02097ea4545220567c38f6cb82a72099c35f517c7332a8a8ec6828f25ed896e0eea94defe2d31311ae56e5cf8841d294050648364030d680e4c98f6b4d0db40f70ca405feb14e9d8db3e455d236114d2ad41b8769aca2bd91850c66091e58a49bb180390fbc00b12d838c500556fec4b2f2b40b612a96b4ad6371bb5f933932e78714b1df1fff759f0ddb90231a64806ac4fa84ce0adcd27bc5983", 0xfe}, {&(0x7f00000013c0)="7aa01a61ec0ffd9ed6f823dbdcedeb51308de288fc0ef42a65be95f86ead8d0288d015867d9a6264464c5084e2d7289c1d47824ba0ce381787d5328b4dd28eceb9b542b233f4f0dffe70ee8dde1cb55871fa4db5b595d4e4d44eacce09569ef51585e05453559db9123f62b4d9748239b1876487bad997383cc4e6986e63a4e9846e18cd919dd2aa7ef16475c1ee87eef6bf122811e5525acd89654184e1daeed5c9f4b795ca5e46abd84c93785c7b52c92be0a8ab11a372cd7a27f64e77402d019d654a0d74c05229d741604dec2e82d820cb848b4542393ccde8719843b4bfdc8c36f89d19b4766e9d88e75359f67917a6a102a3db17c620ec55786978958160c4cb957c899b3327d81958361091fd4554d1733a5128570b188793a74a244b153ace3a4066bcba18f5767af51d123f6d8b966ec4df14a9bcade8baa5c0b24a5c0165db06322e0bc1d6202549b37ee9f13da95db81149423b0be40babdd48902e6eff90ce171324476a7e7c32c5be42d4fe62484e2a4966", 0x178}], 0x3}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)="d80000001a0081044e81f782db4cb9040a1d0800fe0000000000000008000100fef74b0000000000080005007a010401a80016002000024004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f877514c2e8ae683f5aeb4edbb57a5025ccca9ee5350db798262f", 0xa2}, {&(0x7f00000012c0)="c64481705dfb551309917fe544addfea5b58dd5edce73f18d3b8d92b32aa6f17aca30250b0cbe0095e7e22a2b783f8cf3e7935682285", 0x36}], 0x2}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="d80000001c0081030081f782db44b904021d080201000000040000a118000c000600141a62600e1208000f0100810401a8001600200001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x4001)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000004680)={&(0x7f0000000780)=ANY=[@ANYBLOB="9fed0100180000000000000018000000180000000b0000000900000001000093040000000400ff6b3453faa2b28300000000005f615f5f2e305f00"], &(0x7f0000003680)=""/4096, 0x3b, 0x1000, 0x1}, 0x28)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0xfe33)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x4000}, 0x8)
r3 = socket$kcm(0x29, 0x2, 0x0)
recvmsg$kcm(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@sco={0x1f, @fixed}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000100)=""/78, 0x4e}, {&(0x7f0000000180)=""/118, 0x76}, {&(0x7f0000000980)=""/4096, 0x1000}], 0x3, &(0x7f0000000240)=""/88, 0x58}, 0x80000000)

1.055709356s ago: executing program 3 (id=2527):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit, @alu={0x6, 0x1, 0xd, 0xa, 0xa}]}, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@ifindex, 0xd, 0x0, 0x5, &(0x7f0000000040)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0], <r4=>0x0}, 0x40)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000300)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r6, 0xfffff000, 0xe, 0x0, &(0x7f0000000000)="619ff1e3c70400d5721ff59fe864", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={@fallback=r3, r3, 0x19, 0x0, 0x0, @void, @value=r6, @void, @void, r4}, 0x20)

961.863265ms ago: executing program 0 (id=2528):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3ffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair(0x18, 0x0, 0x1, &(0x7f0000001780))
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x12, 0x9, 0x4, 0x2}, 0x50)
socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r2)
socket$kcm(0x2, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)

927.650279ms ago: executing program 3 (id=2529):
r0 = perf_event_open$cgroup(&(0x7f0000000180)={0x2, 0x80, 0x0, 0x0, 0x0, 0xf, 0x0, 0x2, 0x220, 0x6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0xfffffffa, 0x4, @perf_config_ext={0x7, 0x5}, 0x100, 0x1, 0x7, 0x0, 0x847, 0xa75, 0x800, 0x0, 0x3, 0x0, 0x81}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0xd, 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000000008500000039000000950000009500"/40], &(0x7f0000000000)='GPL\x00'}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5}, 0x0, 0x1, r0, 0x0)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f00000000c0), 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x6f, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000780), &(0x7f0000000380), 0x8, 0x5d, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r2}, 0x4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x2, 0x200000000000001, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500), 0xc)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r4 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r4, &(0x7f0000000340)={&(0x7f0000000e80)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x17}, @multicast1}}}], 0x20}, 0x4040)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000400000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xc, 0x1c, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000100000018110000", @ANYRES32=r6, @ANYBLOB="0000030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000000000000000000000596d3c747623", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001d008104e00f80ecdb4cb9f207c804a020000000880802fb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000, 0xe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x88, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x2b, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80350, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8c40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x2040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x4, 0x5}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

923.138899ms ago: executing program 2 (id=2536):
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x70, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = socket$kcm(0x11, 0x2, 0x0)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000000c0)=r0, 0x8)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x230c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'virt_wifi0\x00', 0x11})
r2 = socket$kcm(0x10, 0x2, 0x4)
close(r2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r3)
socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8b28, &(0x7f0000000380)={'wlan1\x00', @random="01001000"})
r4 = socket$kcm(0x10, 0x2, 0x0)
close(r4)
r5 = socket$kcm(0xa, 0x2, 0x88)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e281ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c000140060404000a0404009bbc7a46e3988285dcdf12f213e6f768fe", 0x69}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{0xffffffffffffffff, <r7=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={&(0x7f0000000100)="36789bed4b2b10da626ded6aa9241cbefcf7d6a3badbed14f9de650f605af82d5365645f7ed37e8e8f168a1c6d98bff3775f3afe3881408d11a456d1d4243fb99812253114aaf5faff4376d0905e3d4e4cd79a671ac3e41a177e223066ac94e66dd4618ef42cdf651be4d60c563136004c39b9a665cde29cab31758e8ff07d77d1998abe29f724a358ffb95b9788458f494d11b9b5e206e0c319f1ac5ba4b0cd47de1053b81398fa8cf4afe3398f6db247bf6b664cefc424c61176c58e", &(0x7f0000000240)=""/77, &(0x7f00000002c0)="a9edaf", &(0x7f0000001880)="709b8e6648c69fc4d09c61454f441f04ed9aac75c7a6b0f6e9ca34eeeba38ba6eb7b3078639376f619435cc0dc0f1fab71c0376ca7cb03ca20d75a1b31b48b2095a709ea776bee730116aa5617f2ba689805c94c420bbfc7ac39184cb0e0d7a35bffcc013da514b2f3875212c253ec1944eebf83c75bfa546b9f03ce3f860fdc7253e2152ab322d5471c18f05bc6e06273f95096f73cafba1a2820eac7899d5bc22c3e825057c760c257de61c00ac4f5ceedfbaa8e4ff7ad20b1e257552b45518151eddc5506a18071058aaf7c48c8f63821e8ef043fb3349a2fa4cfa32469c11c0224ad2080ce17d288e54aa8fbb730769c91d3a419749875425ba02befd775453918bb5dbdeb52a5adbcc25321301ad836f2de589a8564821efd0de95d2866380ecbd33e4a74ed59f396cf6c607606933b8ea49e1c19cf3a29d06ae66d33c784b6c66ddd376f42fb4eba41684fe31aadd502dc2dc5188f2c5016549d1557a58fbe8003cb32463bf638ec5e40e833102cd505c17f84e16cc5fdc6a729a4245fcc0c851feb73b3eca8d87af1b47c8a123732b141cee8ea9a703567430135284d50dea374b3b638a691bde3fcd8db827bc1d18d987b7dab2dc422d5b1df4e9adb80eb5b936982c656e71fea6398e33deaa75225121b0f9fb4a6a31a35a576470c6d08b1472c528c8bce014a68b3be3be8e44c69d04107eda279607d112a0e169c0683f3c20aa465ae521ca82982c89a09ead4c90839d48e84dd64d7b4e6f67930d434ce7b24e8e4d3763bd3e013c9204157e4696f840b9252feacabaa6767ec6bb577741d125064d93ba075bf2e0b34453d4a44227e2a183f45a43c6a48e68c54b63c3c4aa2cc8ae82b8d966599bc19443f3c3347aa7b2830062a26d702cc8f1e8b5c4d6955f67bfaaf21bea2b7484f962004782cebee3ed3c302f3aca5409d1fba401d29adbd5bebb11b8c7f35bb9ec1531a2ae57f727ee5dfa90993ddb07fde7b8dd3ca3d8f309fb416349705cc68dec93f6e22ef64d732f6ebed29eaa7bfaf3d89674fc53ee4e6d1be9475fc85d9bb05bd9fa983db0da6b3eeec11f15019fe1422cfb9280968b0f957c13d1cef04e48a022d8112015186603473fe54c81a1b5ad8b01f0fdb550089671353fcafedb151bc23d3bbd81c7f031a0b76047d8b3d447b928af0522364dae3f754a51f976207464a193687e8da1b9640a1ae0680797f5605a1df697dbeed02678f8b7900648ba81a95e428310c06299b7fc2c22252530b1072921e6981239cfa933878d222591901eb856ec5b5247f8ca410eb10d44ce67156645b3139227e445cfb895a4af5bc1d4aeec54c873cc77029958d612d80d31ef617c6ad741ecc074a7c10c0abb3804f534f1efbf59c7abe5e3c292b34eb4f5f5996a3507f0a70dda1a674baf7e2efcb3638b0d8551b390295ab24d32999a932525fbb829e6497eac4ed74ccdad0a1ba4a37d4362cd2cf09a18cb6ca84cfe5969604d85739a54a980ce192b2c16e80eacc2eae8ffca3a49db8ca44bb5aba020350264863ea804d83be3440656f8aae4cd492ddf49cc558f52163bcbc9ee5fb0954be9c353af6c4bfc369490f6a4e495f3e766eed5a22c4b64d8604a9d5985a243f7dc9fca748da09ae48e3047a37bc7b947d2471682ecf4761fa24e48899cd37143cea470156993fbaaf44304e1f9108f0807d9a77de5ee88d4288de11863206c01779ad7815d22d09e5aed1a069b41ac87240f6b49e44a309160b2e4c0801e9a449ca19ab175b1d75a68cbf4c38647c4a48d5761382fe1d83e244947438ff1878f3939c8a70a7b8385049e62644c48eb2c5dda162476d2ac7746c534767a36cf8da6873eb4307660e6ef49594c43e0885fadb0a4e25937482b4a142f04bd6d0b00b139560ba3819993ea3ffc1185aab862b33ef17d96d5e750f4e3e7a91596874defa8deef48796111167a046a0137d1c561022956f6ac2148b83656a42ff686f19cc6e77c13618b2fd73b6fb91bb2ddf179948ffc253510d2cd42148f6c9476be6a0894b4b2624ec819287ebcee4e76d9b24c46397973aedc130beb0a42432e759fd3b877945ee730643ec69b9a1c7ebe94885b4a1b052f0cb080124ac7926ade7dbc11a5199d8db82e92d876609ed6f130e803d2ba3ff2d60b7600c32aabae0a5790e9992c75a190d3d8e8a305549073d3f1bd951e0d14dc5b17766fa62baa6787351bf2e4fb8a6d8351707c7b7f6bb16d55e10650165a338992981e323989e284b5a15bf03351bf76e9924df160c0860e368b199bdcdc5be11cd996a4bad0b42add153aec4324be9db280f1b4ca4a048152760bdfd2922c8dbeb702b36a981f4ae49c8e00877a4a63e45d4eb2ccc971ea9c8121b5feee2f7b8ce71fe950c53277b84c94c4511854e9144abf7439ed949db3d4fa4414887a83d306de7d839a509d15fbb27575ba437d19a0cf90463a95647585e4c2f937478b01885c3dee045b4e5f0ce8eab5f9bd3cf8338e1270ea4d15843f0ea98fbd2006671c7559d1e29595b0fd7d76a5eaf729105809d3b9a3a5d40f0edf87a549da1eb4e15bd37166180eab731ac7fe9b6fc9752e01b152a2ce66f27f004d158cfb106821f08b05b40863081756b82770c2ff8e662e55f6ee0739f5edd13dc87175f8ce3d124f88eff9cfd6ed95952f61e0fa438115df9fd72e8e30f18c1d98ca7b83d2290b287447e08bc006a67240b97175e70b0af34bca45cfffc6f5b548b2b46e92e91aabbdcd7abb309834a35f82c86f67ae6cbaa1b378616925e36abbb21d48c0bd5045fb87cd4d7c931d63a5359ef4984d18064f48fb52c67cf25ea6be7289d3bdd0b62737d75c4bf1a9464e290e72facaa41f1bdf7dffce5b221dfb98b6ff41879022892f4445ba48f160f847c64885240ac3c0bba4e1dbea76e11581fe03041aaa5d023f43898c76932e6ee5be08e5508b78422ffa9069e59e2fe6fb5bffebcff5a41c21108a8897889dcaddbb8df8ee829f51f6f4e076eac196bb0d8c39004180d9f3f14598238f0a46ef69454ee1714276effcc3eb7d6bfb92a9fbcd0860b327418a076e53aa33d67798064dccf44ea47a9435b5366cc666cccc7433141e054d347d3e5efb614bb73916f839adf0d0ea8b6c33dbb1464a34018fab73e5490e43178b55ee55769412268f7a5fdfc9b2721a8ff0191fb37862e005d1c35dabab0082ae5e93dfff547d79c8e12256d71270ad7f991273dd6da798347d949b5a0aa3f4d44e57263c631f83365071db39f0fbca102dbcf82aa48d15e972dba95f53918e5e2148badd8e6ffcab58ff07b3c3bae087a793b91f61399c55a670cf91419e697cad6e59ad42d044199438442369e2668e5936a4c98741084afae422aa7e386471f78ca5ede4516771b226ac810a254a7da9d54496f306bf90b9780a303d44b3dcf80b6f6e9823fa3e19c53236726479f4486e50c2ba80fc049326a5eee4d9ba3e9c98bd4dc37e8e3d8f63b17a4c6b3422747854e942898faa8ce0f7db0310637b65f3b29edbdf53636095c7666eede2feb9e42f5702b1bae0fafe2208c4eae652608bd91669eaa3a97747ba58a69e4c5ce41e83a6f509b63c8d4fb54ff1be2e7afa54430c0211072b0cdd0c39c6c555a85cbfc05c2fcddb35439942889a46f741dd7b399b3818224b786773e66759d0d759741f27dfed16ab1dd2c2c58489d2286f03dfaab8b787c564196b9a3550aa48fa9d3ca4df60cbdcd09379dbc39c7b95d2aef0edcae8395011436946a542091016d9688064d566e97fb52ab73b573779c13351cb3a2175955ec26d5abba596d3d7987554fcb81ae59a09a1022c16809b14d2f6f84b485bd9c0212f8471843bb1238d0f981f6a299bc9b864030b166f35681c9bd3f38968e8efdbd2792d8a00603f41711e9a7e895f2069067a8da067ea5d0d8e533d7a49c12ec7e260ad4f8f1c07a6f89f8d26b727ec9b65bf95eb1b7aabdf8fdf6e2e20be662b40962a7d2a6256ab9a9d401390a29ee2161a7cee50bb96b226647e465d4585135304fab4d6f75afd3ea20e281df40ec6131ef6fa083f7b396363a559b5f7dd64b9e53632097b3ad2d14d5250ebf559ff73764e2a34f8a020d9afb462971c5eabdd7ac79dac9952dac9956ad0c1ac3bca92bce833a02a68d1b6f6f05170cfd87768fe722beedf0d8a52c304c6771c062e63aef9252234422135c83530d1af1dee3d1ae482a4d9d1b99c7e39539346cde2cbadccd5f6234dc97ae3f976ebdbc266497e384594090abcb39eeaa32a2260ea1c0fbdd166f87baeb0194284bc932462af78eef794b058add038d4398eece7d4b6d73a577e1bb4c4f4bc1e0b64468bae15a21ada0d9fe2f0c8c258edc8bdaf6e0653b68de88056093a667c93870148565884f86fed0a9fb609291629275833b71c27efe11737733413989cb1c1954bb92ec9bd3346ec4e0ed0687d6b86334792a4ab9354bcf3cf8deee35e597bf8d266294a3b93d281a8608cf97d9f97eab5913467c1ceef8a148c6601bd8d1c4a03afb10a16c90af9ae780986d4070c8ea2ab3ced8844444dd2ed350b8a8c8beb3571b898ffa36e1cc18ec60528f11db24297ba00b750188778c297575672b3b49a273960efc5e61cfca659efc960505b80ed2d84c56fcf554c6c77edb0504888f4ce44c7b544b53e80e103acd15d6a46acd564cb9f6f92b9834f962b8120134f0e1759285b760891a8b46d042637a72dfeffa110b87a1f75ac8ed4bc5bc1d6b88971d723ddb6fe27d1d717c4d4f5f2b77a4ed0d625604a3a182e0946a36ffa56202617c9677f0d2eee6bc390bf43d9ae20a178c4a4c8bdf2cbcdde4e869e19ec6e8828cf28cdb7039f5a1b2ef6ff0c1adaf870a6389c4f6933ded4fb3fcad52d0e18a62f1c98b64a77432e6429cb712b1026bea8041ef8862311dbaee08a0ee9f35c80732f81cf8f20b42a875c7681e5daa8e806c3249c0e4d9b2e8a67c01d7c5e1012719e63f97b524257f238281eef7f2ce411948ff04eeeb39d4a313a2038c2e9eb9fa0a44eccdf9f3f7cb4377c5ea7587d3decd788f75fc6b938eda30c8824e9e0494e444964632fbddf7f2476d121d9b525fe5199566b13a8568b02136984486dd9664c832a22501dcf5f75e437a29581850534bf69c681f06a498199171a19c7cfddca10a2e7e856ed70224cd22ad70d5220e58ab1e3d327d1ac138a555c364393aeb25890f38490372c5f4bc94a64ebef5d114e1d0cd9c097c27df05461337d790615a6df1f4cf7fb24672318d42a30961023d0297e9adbbb15eb60cce43ee07bdb4b0b3685037a591a66bd567c980823c7dc859f0d0fa788e0d86f645bf3f3239a95b6447eca949c1a0faad31d8287d4408dee0df7b844158f4472228f20370adaaf799eb6f84a71514dc8c2e40fd773e3f4f221aa04aaba094012a1c06ff16ce15af44a7615dbe23a0b654f1fdeeaa7a966cbc226fa87144222d901085b3a94ebe46e95fcc4f371c6db5d9456b1dd334925a1df869a3dde2f97fee905e76d36d9ba73405aca2ec1b7b3d835ec8ed5673f6073a3e28e03e81d93615ae983ff58c83987337650e74e1943418944fd570c1dbe38052fc840ebf8f317d53b2198b9965b391ff4249e958dc5356aa34209a2d9505fbf0d2883ab5b1ecd434efbe3a8051d42be95422b9b0eef99916e5cf38544894dd704634200e724531beea56730e18ed024e9283e9e77ece34a5cccaa3bbfea0eea1353c5d466ff3cb8ebb3b1a47cf6c86541262c6dd1007f82594dc84b19d", 0x101, r7}, 0x38)
sendmsg$inet(r5, &(0x7f0000001600)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @multicast1}}}], 0x20}, 0x8000)
sendmsg$inet(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000580)="914781cba1", 0xffe3}], 0x2}, 0x48800)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x4000002)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000e4ffff020000009100000000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r8}, 0x10)
r9 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r9, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="020a000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
sendmsg$inet(r2, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb98}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030000000100001d44000000000000db0a00fee10000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

756.488865ms ago: executing program 0 (id=2530):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}, 0xc68, 0x0, 0x0, 0x0, 0x0, 0x7ffffe, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x1d, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59a5a4d33f921921320000005e140602ffffffff0d0013000100000002800000121f", 0x2e}], 0x1}, 0x0)

627.801798ms ago: executing program 2 (id=2531):
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x27}, @multicast1}}}], 0x20}, 0x8000)
sendmsg$inet(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001640)="657573a2aaa76a04", 0x8}], 0x1}, 0x48800)

542.739537ms ago: executing program 0 (id=2532):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000005c0)=""/249, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r0}, 0x38)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000030000000100000000000062a127b29b790b8e"], &(0x7f0000000240)=""/48, 0x27, 0x30, 0x1, 0x529, 0x10000}, 0x28)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110c23004a)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0b00000005000000020000000900000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000000000000000000fcffffff180100000020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800001c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x5460, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001ec0)={0x0, &(0x7f0000000ec0)=""/4096, 0x0, 0x1000, 0x1}, 0x28)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b20, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$kcm(0x21, 0x2, 0x2)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=[{0x18, 0x110, 0x1, '\b'}], 0x18}, 0x0)
recvmsg$kcm(r5, &(0x7f0000000c40)={0x0, 0x0, 0x0}, 0x0)

502.577051ms ago: executing program 2 (id=2533):
r0 = socket$kcm(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x21, &(0x7f0000000100), 0x120)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x0, @loopback, 0x0, 0x1}, 0x80, 0x0}, 0x240440d1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x7c1, 0x4b, 0x5, 0x85181, 0x1, 0x2fa0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x5, 0xa}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x4, 0x5, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x78, &(0x7f0000000240)=[{}], 0x8, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0xfc, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r3}, 0x10)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x6a, 0xa, 0xff00}, [@call={0xc}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r6, 0x11, 0x0, 0x0, @void, @value=r5}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@bloom_filter={0x1e, 0x8, 0x6, 0x3, 0x4000, r1, 0x9, '\x00', r2, r5, 0x1, 0x5, 0x2, 0x8}, 0x50)

319.700849ms ago: executing program 2 (id=2534):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x22, 0x2, 0x21)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

232.998967ms ago: executing program 0 (id=2535):
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000080)}, 0x8000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000140)}, 0x20)
r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000240)=@generic={&(0x7f0000000200)='./file0\x00', 0x0, 0x18}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x2, 0x3, &(0x7f0000000480)=[0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0], 0x0, 0x90, &(0x7f0000000500)=[{}, {}], 0x10, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0x8a, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$TUNGETFILTER(r6, 0x801054db, &(0x7f00000007c0)=""/68)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB="0d00ff000000000083"], 0x0}, 0x90)
r8 = socket$kcm(0xa, 0x3, 0x73)
sendmsg$inet(r8, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x3c, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c068c0a7d2eaebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838029f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x38, 0x29, 0x43}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}], 0x50}, 0x0)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r9, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0)
r10 = openat$cgroup_ro(r9, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000040)=0x1, 0x12)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff})
recvmsg$unix(r11, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r12=>0xffffffffffffffff]}}], 0x18}, 0x0)
r13 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r13, 0x84, 0xb, &(0x7f0000000140)=r12, 0x4)
r14 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000008c0)=@generic={&(0x7f0000000880)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000009c0)={0x18, 0x18, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000002ecc000000000000010000009500000000000000185500000d000000000000000000000085000000cc00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000ed0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018250000", @ANYRES32=r3, @ANYBLOB="000000000000000018ad90eaa405053687a2faed62fe477795568faf000032b64ffd0000008e9500000000000000"], &(0x7f0000000400)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41000, 0x40, '\x00', r4, 0x0, r6, 0x8, &(0x7f0000000840)={0x2, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000900)=[r7, r10, r12, r14], &(0x7f0000000980)=[{0x3, 0x4, 0xe, 0x8}, {0x3, 0x1, 0x6, 0x5}, {0x5, 0x3, 0x3, 0x6}], 0x10, 0x4}, 0x94)
r15 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r15, 0x29, 0x30, &(0x7f0000000100), 0x120)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000540)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e02360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e8a9b", 0xd8}], 0x1}, 0x0)
r16 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r16, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1a003})
ioctl$TUNSETLINK(r16, 0x400454cd, 0x30a)

181.173713ms ago: executing program 1 (id=2469):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000007000000000000000000000001050000a2800000000000000001000085100000000000000002000000000000ff00000100da"], 0x0, 0x52}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000700)={'ip6tnl0\x00', 0x400})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f0000000680)={&(0x7f00000000c0), 0x6e, &(0x7f0000000500)=[{&(0x7f0000000180)=""/125, 0x7d}, {&(0x7f0000000200)=""/188, 0xbc}, {&(0x7f00000002c0)=""/22, 0x16}, {&(0x7f0000000300)=""/147, 0x93}, {&(0x7f00000003c0)=""/40, 0x28}, {&(0x7f0000000400)=""/66, 0x42}], 0x6, &(0x7f0000000580)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}, 0x40000143)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@struct={0x6, 0x0, 0x0, 0x4, 0x0, 0x80000000}]}, {0x0, [0x5f, 0x61, 0x61, 0x61, 0x0, 0x5f, 0x20]}}, 0x0, 0x2d, 0x0, 0x1, 0x2}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r4}, 0xc)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000480)={0x2, &(0x7f00000004c0)=[{0x48}, {0x6, 0x4, 0x0, 0x3}]})
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="25390000290003"], 0x33fe0)

180.178503ms ago: executing program 2 (id=2544):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x22, 0x2, 0x21)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

347.84µs ago: executing program 1 (id=2537):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit, @alu={0x6, 0x1, 0xd, 0xa, 0xa}]}, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@ifindex, 0xd, 0x0, 0x5, &(0x7f0000000040)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0], <r4=>0x0}, 0x40)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000300)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r6, 0xfffff000, 0xe, 0x0, &(0x7f0000000000)="619ff1e3c70400d5721ff59fe864", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={@fallback=r3, r3, 0x19, 0x0, 0x0, @void, @value=r6, @void, @void, r4}, 0x20)

0s ago: executing program 2 (id=2538):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'vlan0\x00', 0x1})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x2}, 0x94)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0x1}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x6, [@const={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x2, 0x0, 0x0, 0x12}, @typedef={0x4, 0x0, 0x0, 0x12, 0x2}]}, {0x0, [0x0, 0x5f, 0x0, 0x61]}}, 0x0, 0x42, 0x0, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x100)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={r5, &(0x7f0000000400)="11a26440878f37eb81ef02dd6aaf658cd06417d931a38e74e5236971c3d190152b306c882c23bd0a798512f536fb2d773cda3b50284da3475b31381bdbdc7c0f07b045d9a514a4f376b327d1e75398277895f452dedb9aa9e7f9b6c33ea0d9d8910ad900175e54456a25f1badd668914c83add3be2e04d67215cf175546bf1cd6020b250568760ad39a4e79fa169382813628b8702c1daccb7debf6b9d9665eee34082edfd3753", &(0x7f00000005c0)=""/252, 0x4}, 0x20)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00')
r6 = getpid()
perf_event_open(&(0x7f00000006c0)={0x3, 0x80, 0x2a, 0x3, 0x8, 0x7f, 0x0, 0x1ff, 0x80020, 0x7, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xff, 0x2, @perf_config_ext={0xabf, 0x71f4}, 0x200, 0xecd4, 0x1ff, 0x3, 0xd, 0xc, 0x1000, 0x0, 0x9, 0x0, 0x7}, r6, 0x4, r4, 0x0)
close(0xffffffffffffffff)

kernel console output (not intermixed with test programs):

ribute type 33 has an invalid length.
[  317.349855][T10434] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1795'.
[  317.666895][T10446] delete_channel: no stack
[  318.136578][   T42] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  319.025703][T10481] delete_channel: no stack
[  319.852217][T10504] delete_channel: no stack
[  320.005019][   T50] Bluetooth: hci1: unexpected event 0x30 length: 15 > 3
[  320.263412][T10517] netlink: 'syz.0.1831': attribute type 33 has an invalid length.
[  320.289641][T10517] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1831'.
[  320.593279][T10529] delete_channel: no stack
[  320.757452][   T50] Bluetooth: hci2: unexpected event 0x30 length: 15 > 3
[  320.940389][T10542] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1844'.
[  321.110428][T10545] FAULT_INJECTION: forcing a failure.
[  321.110428][T10545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.123693][T10545] CPU: 0 PID: 10545 Comm: syz.3.1843 Not tainted syzkaller #0
[  321.131176][T10545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  321.141262][T10545] Call Trace:
[  321.144559][T10545]  <TASK>
[  321.147512][T10545]  dump_stack_lvl+0x16c/0x230
[  321.152295][T10545]  ? show_regs_print_info+0x20/0x20
[  321.157543][T10545]  ? load_image+0x3b0/0x3b0
[  321.162084][T10545]  ? __might_fault+0xaa/0x120
[  321.166792][T10545]  ? __lock_acquire+0x7c80/0x7c80
[  321.171850][T10545]  should_fail_ex+0x39d/0x4d0
[  321.176565][T10545]  _copy_to_user+0x2f/0xa0
[  321.181008][T10545]  __htab_map_lookup_and_delete_batch+0x110a/0x14c0
[  321.187671][T10545]  ? __fget_files+0x28/0x4d0
[  321.192298][T10545]  ? jhash+0x740/0x740
[  321.196397][T10545]  ? __fdget+0x180/0x210
[  321.200675][T10545]  ? htab_map_lookup_and_delete_elem+0x40/0x40
[  321.206862][T10545]  bpf_map_do_batch+0x477/0x610
[  321.211744][T10545]  __sys_bpf+0x725/0x800
[  321.216014][T10545]  ? bpf_link_show_fdinfo+0x350/0x350
[  321.221417][T10545]  ? bpf_trace_run1+0x3b0/0x3b0
[  321.226298][T10545]  ? lock_chain_count+0x20/0x20
[  321.231170][T10545]  __x64_sys_bpf+0x7c/0x90
[  321.235590][T10545]  do_syscall_64+0x55/0xb0
[  321.240011][T10545]  ? clear_bhb_loop+0x40/0x90
[  321.244699][T10545]  ? clear_bhb_loop+0x40/0x90
[  321.249383][T10545]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  321.255297][T10545] RIP: 0033:0x7f229f18eec9
[  321.259721][T10545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.279339][T10545] RSP: 002b:00007f229ffbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  321.287762][T10545] RAX: ffffffffffffffda RBX: 00007f229f3e6090 RCX: 00007f229f18eec9
[  321.295757][T10545] RDX: 0000000000000038 RSI: 0000200000000800 RDI: 0000000000000019
[  321.303754][T10545] RBP: 00007f229ffbb090 R08: 0000000000000000 R09: 0000000000000000
[  321.311733][T10545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.319709][T10545] R13: 00007f229f3e6128 R14: 00007f229f3e6090 R15: 00007ffc52514508
[  321.327698][T10545]  </TASK>
[  321.671428][T10553] delete_channel: no stack
[  322.255353][T10573] netlink: 'syz.2.1855': attribute type 33 has an invalid length.
[  322.276233][T10573] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1855'.
[  322.459807][T10581] delete_channel: no stack
[  322.771947][   T50] Bluetooth: hci2: unexpected event 0x30 length: 15 > 3
[  323.047914][T10602] delete_channel: no stack
[  323.468281][   T50] Bluetooth: hci0: unexpected event 0x30 length: 15 > 3
[  323.667702][T10626] netlink: 'syz.1.1880': attribute type 12 has an invalid length.
[  323.689694][T10626] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1880'.
[  323.769246][T10627] delete_channel: no stack
[  324.179372][   T50] Bluetooth: hci3: unexpected event 0x30 length: 15 > 3
[  324.390097][T10653] netlink: 'syz.1.1890': attribute type 21 has an invalid length.
[  324.410575][T10653] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1890'.
[  324.809888][T10662] delete_channel: no stack
[  325.254359][T10678] netlink: 'syz.3.1902': attribute type 58 has an invalid length.
[  325.280760][T10678] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1902'.
[  325.452230][T10678] FAULT_INJECTION: forcing a failure.
[  325.452230][T10678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  325.466559][T10678] CPU: 0 PID: 10678 Comm: syz.3.1902 Not tainted syzkaller #0
[  325.474063][T10678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  325.484153][T10678] Call Trace:
[  325.487444][T10678]  <TASK>
[  325.490383][T10678]  dump_stack_lvl+0x16c/0x230
[  325.495097][T10678]  ? show_regs_print_info+0x20/0x20
[  325.500305][T10678]  ? load_image+0x3b0/0x3b0
[  325.504835][T10678]  ? __might_fault+0xaa/0x120
[  325.509519][T10678]  ? __lock_acquire+0x7c80/0x7c80
[  325.514580][T10678]  should_fail_ex+0x39d/0x4d0
[  325.519293][T10678]  _copy_from_user+0x2f/0xe0
[  325.523890][T10678]  ___sys_sendmsg+0x159/0x290
[  325.528582][T10678]  ? __sys_sendmsg+0x270/0x270
[  325.533408][T10678]  __se_sys_sendmsg+0x1a5/0x270
[  325.538294][T10678]  ? __x64_sys_sendmsg+0x80/0x80
[  325.543265][T10678]  ? lockdep_hardirqs_on+0x98/0x150
[  325.548502][T10678]  do_syscall_64+0x55/0xb0
[  325.552944][T10678]  ? clear_bhb_loop+0x40/0x90
[  325.557634][T10678]  ? clear_bhb_loop+0x40/0x90
[  325.562354][T10678]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  325.568257][T10678] RIP: 0033:0x7f229f18eec9
[  325.572695][T10678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.592323][T10678] RSP: 002b:00007f229ffdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  325.600758][T10678] RAX: ffffffffffffffda RBX: 00007f229f3e5fa0 RCX: 00007f229f18eec9
[  325.608735][T10678] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  325.616710][T10678] RBP: 00007f229ffdc090 R08: 0000000000000000 R09: 0000000000000000
[  325.624690][T10678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.632672][T10678] R13: 00007f229f3e6038 R14: 00007f229f3e5fa0 R15: 00007ffc52514508
[  325.640690][T10678]  </TASK>
[  325.708318][T10683] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.1905'.
[  326.056196][T10692] delete_channel: no stack
[  326.061683][   T50] Bluetooth: hci1: unexpected event 0x30 length: 15 > 3
[  326.599968][T10710] FAULT_INJECTION: forcing a failure.
[  326.599968][T10710] name failslab, interval 1, probability 0, space 0, times 0
[  326.674670][T10710] CPU: 1 PID: 10710 Comm: syz.2.1916 Not tainted syzkaller #0
[  326.682281][T10710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  326.692354][T10710] Call Trace:
[  326.695647][T10710]  <TASK>
[  326.698587][T10710]  dump_stack_lvl+0x16c/0x230
[  326.703289][T10710]  ? show_regs_print_info+0x20/0x20
[  326.708520][T10710]  ? load_image+0x3b0/0x3b0
[  326.713042][T10710]  ? __might_sleep+0xe0/0xe0
[  326.717655][T10710]  ? __lock_acquire+0x7c80/0x7c80
[  326.722704][T10710]  should_fail_ex+0x39d/0x4d0
[  326.727411][T10710]  should_failslab+0x9/0x20
[  326.731933][T10710]  slab_pre_alloc_hook+0x59/0x310
[  326.736978][T10710]  ? lock_chain_count+0x20/0x20
[  326.741843][T10710]  ? tcp_sendmsg_fastopen+0x1de/0x5d0
[  326.747244][T10710]  __kmem_cache_alloc_node+0x53/0x260
[  326.752638][T10710]  ? __local_bh_enable_ip+0x12e/0x1c0
[  326.758024][T10710]  ? tcp_sendmsg_fastopen+0x1de/0x5d0
[  326.763417][T10710]  kmalloc_trace+0x2a/0xe0
[  326.767839][T10710]  tcp_sendmsg_fastopen+0x1de/0x5d0
[  326.773055][T10710]  mptcp_sendmsg_fastopen+0x138/0x4d0
[  326.778449][T10710]  mptcp_sendmsg+0x14a3/0x16b0
[  326.783232][T10710]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  326.789398][T10710]  ? lockdep_hardirqs_on+0x98/0x150
[  326.794634][T10710]  ? aa_sk_perm+0x7fc/0x930
[  326.799168][T10710]  ? aa_af_perm+0x2b0/0x2b0
[  326.803677][T10710]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  326.810102][T10710]  ? mptcp_shutdown+0x80/0x80
[  326.814802][T10710]  ? sock_rps_record_flow+0x19/0x400
[  326.820101][T10710]  ? inet_send_prepare+0x260/0x260
[  326.825220][T10710]  ? inet_sendmsg+0xe9/0x2f0
[  326.829814][T10710]  ? inet_send_prepare+0x260/0x260
[  326.834926][T10710]  ____sys_sendmsg+0x5bf/0x950
[  326.839729][T10710]  ? __asan_memset+0x22/0x40
[  326.844329][T10710]  ? __sys_sendmsg_sock+0x30/0x30
[  326.849356][T10710]  ? __import_iovec+0x3fa/0x860
[  326.854223][T10710]  ? import_iovec+0x73/0xa0
[  326.858737][T10710]  ___sys_sendmsg+0x220/0x290
[  326.863424][T10710]  ? __sys_sendmsg+0x270/0x270
[  326.868216][T10710]  ? __lock_acquire+0x7c80/0x7c80
[  326.873279][T10710]  __se_sys_sendmsg+0x1a5/0x270
[  326.878156][T10710]  ? __x64_sys_sendmsg+0x80/0x80
[  326.883137][T10710]  ? lockdep_hardirqs_on+0x98/0x150
[  326.888354][T10710]  do_syscall_64+0x55/0xb0
[  326.892807][T10710]  ? clear_bhb_loop+0x40/0x90
[  326.897500][T10710]  ? clear_bhb_loop+0x40/0x90
[  326.902202][T10710]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  326.908102][T10710] RIP: 0033:0x7f0de5f8eec9
[  326.912528][T10710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.932146][T10710] RSP: 002b:00007f0de6da7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.940590][T10710] RAX: ffffffffffffffda RBX: 00007f0de61e5fa0 RCX: 00007f0de5f8eec9
[  326.948572][T10710] RDX: 0000000030004001 RSI: 0000200000000080 RDI: 000000000000000b
[  326.956546][T10710] RBP: 00007f0de6da7090 R08: 0000000000000000 R09: 0000000000000000
[  326.964524][T10710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.972589][T10710] R13: 00007f0de61e6038 R14: 00007f0de61e5fa0 R15: 00007fffa26d1dc8
[  326.980587][T10710]  </TASK>
[  327.147559][T10714] FAULT_INJECTION: forcing a failure.
[  327.147559][T10714] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  327.180842][T10714] CPU: 1 PID: 10714 Comm: syz.0.1917 Not tainted syzkaller #0
[  327.188481][T10714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  327.198576][T10714] Call Trace:
[  327.201887][T10714]  <TASK>
[  327.204844][T10714]  dump_stack_lvl+0x16c/0x230
[  327.209571][T10714]  ? show_regs_print_info+0x20/0x20
[  327.214815][T10714]  ? load_image+0x3b0/0x3b0
[  327.219351][T10714]  ? __lock_acquire+0x7c80/0x7c80
[  327.224420][T10714]  ? mark_lock+0x94/0x320
[  327.228790][T10714]  should_fail_ex+0x39d/0x4d0
[  327.233519][T10714]  prepare_alloc_pages+0x1e2/0x5f0
[  327.238686][T10714]  __alloc_pages+0x127/0x460
[  327.243338][T10714]  ? zone_statistics+0x170/0x170
[  327.248334][T10714]  ? do_wp_page+0x826/0x3630
[  327.252977][T10714]  ? do_wp_page+0x1024/0x3630
[  327.257718][T10714]  __folio_alloc+0x10/0x20
[  327.262197][T10714]  vma_alloc_folio+0x47a/0x8f0
[  327.267012][T10714]  do_wp_page+0x128e/0x3630
[  327.271573][T10714]  ? folio_put+0xd0/0xd0
[  327.275848][T10714]  ? do_raw_spin_lock+0x121/0x2c0
[  327.280918][T10714]  ? __rwlock_init+0x150/0x150
[  327.285722][T10714]  ? handle_mm_fault+0xd1/0x4920
[  327.290693][T10714]  handle_mm_fault+0x12d4/0x4920
[  327.295752][T10714]  ? handle_mm_fault+0xd1/0x4920
[  327.300740][T10714]  ? numa_migrate_prep+0x350/0x350
[  327.305908][T10714]  ? lock_mm_and_find_vma+0x9c/0x300
[  327.311227][T10714]  do_user_addr_fault+0x738/0x12e0
[  327.316384][T10714]  exc_page_fault+0x67/0x110
[  327.321010][T10714]  asm_exc_page_fault+0x26/0x30
[  327.325887][T10714] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  327.331723][T10714] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  327.351356][T10714] RSP: 0018:ffffc9000540f718 EFLAGS: 00050206
[  327.357453][T10714] RAX: ffffffff841c9001 RBX: 1ffff92000a81fc7 RCX: 000000000000c5d0
[  327.365452][T10714] RDX: 0000000000000000 RSI: ffff888043e63ce8 RDI: 0000200000004000
[  327.373451][T10714] RBP: ffffc9000540f878 R08: ffff888043e702b7 R09: 1ffff110087ce056
[  327.381455][T10714] R10: dffffc0000000000 R11: ffffed10087ce057 R12: ffff888043e600e8
[  327.389467][T10714] R13: 00000000000101d0 R14: 00000000000101d0 R15: ffffc9000540fe48
[  327.397488][T10714]  ? _copy_to_iter+0x1b1/0x10d0
[  327.402387][T10714]  _copy_to_iter+0x249/0x10d0
[  327.407117][T10714]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  327.413060][T10714]  ? iov_iter_init+0x1e0/0x1e0
[  327.417971][T10714]  ? __virt_addr_valid+0x18c/0x540
[  327.423120][T10714]  ? __virt_addr_valid+0x469/0x540
[  327.428279][T10714]  ? __phys_addr_symbol+0x2f/0x70
[  327.433349][T10714]  ? __check_object_size+0x506/0xa30
[  327.438687][T10714]  __skb_datagram_iter+0xdb/0x780
[  327.443743][T10714]  ? tsk_importance+0x150/0x150
[  327.448634][T10714]  ? skb_copy_datagram_iter+0x200/0x200
[  327.454307][T10714]  skb_copy_datagram_iter+0xb1/0x200
[  327.459631][T10714]  tipc_recvstream+0x72b/0xe70
[  327.464468][T10714]  ? tipc_sendstream+0x70/0x70
[  327.469282][T10714]  ____sys_recvmsg+0x29e/0x5b0
[  327.474098][T10714]  ? __sys_recvmsg_sock+0x50/0x50
[  327.479170][T10714]  ? import_iovec+0x73/0xa0
[  327.483707][T10714]  ___sys_recvmsg+0x1b6/0x510
[  327.488419][T10714]  ? __sys_recvmsg+0x270/0x270
[  327.493231][T10714]  ? ksys_write+0x1c1/0x250
[  327.497789][T10714]  ? __fget_files+0x44a/0x4d0
[  327.502554][T10714]  __x64_sys_recvmsg+0x1f2/0x2c0
[  327.507546][T10714]  ? ___sys_recvmsg+0x510/0x510
[  327.512468][T10714]  ? lockdep_hardirqs_on+0x98/0x150
[  327.517711][T10714]  do_syscall_64+0x55/0xb0
[  327.522171][T10714]  ? clear_bhb_loop+0x40/0x90
[  327.526884][T10714]  ? clear_bhb_loop+0x40/0x90
[  327.531583][T10714]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  327.537505][T10714] RIP: 0033:0x7f4f27b8eec9
[  327.541951][T10714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.561587][T10714] RSP: 002b:00007f4f28a51038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  327.570031][T10714] RAX: ffffffffffffffda RBX: 00007f4f27de5fa0 RCX: 00007f4f27b8eec9
[  327.578033][T10714] RDX: 0000000000001f00 RSI: 0000200000000500 RDI: 0000000000000006
[  327.586027][T10714] RBP: 00007f4f28a51090 R08: 0000000000000000 R09: 0000000000000000
[  327.594043][T10714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.602046][T10714] R13: 00007f4f27de6038 R14: 00007f4f27de5fa0 R15: 00007ffe9d7e0f08
[  327.610068][T10714]  </TASK>
[  327.666259][T10720] delete_channel: no stack
[  328.040928][T10735] netlink: 'syz.3.1924': attribute type 21 has an invalid length.
[  328.089644][T10735] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1924'.
[  328.767499][   T50] Bluetooth: hci2: unexpected event 0x03 length: 15 > 11
[  328.899617][T10752] delete_channel: no stack
[  329.221268][T10755] netlink: 'syz.1.1932': attribute type 39 has an invalid length.
[  329.287062][T10755] veth0_macvtap: left promiscuous mode
[  329.569177][   T50] Bluetooth: hci1: unexpected event 0x03 length: 15 > 11
[  329.963192][T10780] delete_channel: no stack
[  330.537141][T10804] delete_channel: no stack
[  331.656766][T10824] delete_channel: no stack
[  332.063651][T10840] FAULT_INJECTION: forcing a failure.
[  332.063651][T10840] name failslab, interval 1, probability 0, space 0, times 0
[  332.079397][T10840] CPU: 1 PID: 10840 Comm: syz.2.1967 Not tainted syzkaller #0
[  332.086915][T10840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  332.097002][T10840] Call Trace:
[  332.100307][T10840]  <TASK>
[  332.103271][T10840]  dump_stack_lvl+0x16c/0x230
[  332.107995][T10840]  ? show_regs_print_info+0x20/0x20
[  332.113224][T10840]  ? load_image+0x3b0/0x3b0
[  332.117741][T10840]  ? __might_sleep+0xe0/0xe0
[  332.122344][T10840]  ? __lock_acquire+0x7c80/0x7c80
[  332.127385][T10840]  should_fail_ex+0x39d/0x4d0
[  332.132106][T10840]  should_failslab+0x9/0x20
[  332.136642][T10840]  slab_pre_alloc_hook+0x59/0x310
[  332.141682][T10840]  ? page_pool_create+0x71/0x5e0
[  332.146632][T10840]  __kmem_cache_alloc_node+0x53/0x260
[  332.152018][T10840]  ? page_pool_create+0x71/0x5e0
[  332.156965][T10840]  kmalloc_node_trace+0x26/0xe0
[  332.161828][T10840]  page_pool_create+0x71/0x5e0
[  332.166594][T10840]  bpf_test_run_xdp_live+0x1c1/0x1a20
[  332.171988][T10840]  ? 0xffffffffa0004740
[  332.176151][T10840]  ? bpf_dispatcher_change_prog+0xa76/0xcc0
[  332.182054][T10840]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  332.188218][T10840]  ? xdp_convert_md_to_buff+0x330/0x330
[  332.193795][T10840]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  332.200046][T10840]  ? _copy_from_user+0xa5/0xe0
[  332.204814][T10840]  ? bpf_test_init+0x134/0x150
[  332.209587][T10840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  332.215061][T10840]  bpf_prog_test_run_xdp+0x76c/0xfa0
[  332.220362][T10840]  ? dev_put+0x80/0x80
[  332.224441][T10840]  ? dev_put+0x80/0x80
[  332.228509][T10840]  bpf_prog_test_run+0x321/0x390
[  332.233475][T10840]  __sys_bpf+0x440/0x800
[  332.237785][T10840]  ? bpf_link_show_fdinfo+0x350/0x350
[  332.243181][T10840]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  332.249362][T10840]  __x64_sys_bpf+0x7c/0x90
[  332.253809][T10840]  do_syscall_64+0x55/0xb0
[  332.258252][T10840]  ? clear_bhb_loop+0x40/0x90
[  332.262949][T10840]  ? clear_bhb_loop+0x40/0x90
[  332.267646][T10840]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  332.273561][T10840] RIP: 0033:0x7f0de5f8eec9
[  332.277988][T10840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.297692][T10840] RSP: 002b:00007f0de6da7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  332.306109][T10840] RAX: ffffffffffffffda RBX: 00007f0de61e5fa0 RCX: 00007f0de5f8eec9
[  332.314084][T10840] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  332.322168][T10840] RBP: 00007f0de6da7090 R08: 0000000000000000 R09: 0000000000000000
[  332.330148][T10840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.338118][T10840] R13: 00007f0de61e6038 R14: 00007f0de61e5fa0 R15: 00007fffa26d1dc8
[  332.346105][T10840]  </TASK>
[  333.634696][T10889] netlink: 'syz.3.1984': attribute type 39 has an invalid length.
[  333.698053][T10889] veth0_macvtap: left promiscuous mode
[  334.285861][T10913] FAULT_INJECTION: forcing a failure.
[  334.285861][T10913] name failslab, interval 1, probability 0, space 0, times 0
[  334.326027][T10913] CPU: 0 PID: 10913 Comm: syz.1.1995 Not tainted syzkaller #0
[  334.333542][T10913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.343656][T10913] Call Trace:
[  334.346959][T10913]  <TASK>
[  334.349920][T10913]  dump_stack_lvl+0x16c/0x230
[  334.354635][T10913]  ? show_regs_print_info+0x20/0x20
[  334.359861][T10913]  ? load_image+0x3b0/0x3b0
[  334.364404][T10913]  ? __lock_acquire+0x7c80/0x7c80
[  334.369460][T10913]  should_fail_ex+0x39d/0x4d0
[  334.374175][T10913]  should_failslab+0x9/0x20
[  334.378704][T10913]  slab_pre_alloc_hook+0x59/0x310
[  334.383759][T10913]  ? __lock_acquire+0x7c80/0x7c80
[  334.388828][T10913]  ? bpf_test_init+0xc0/0x150
[  334.393551][T10913]  ? bpf_test_init+0xc0/0x150
[  334.398276][T10913]  __kmem_cache_alloc_node+0x53/0x260
[  334.403686][T10913]  ? bpf_test_init+0xc0/0x150
[  334.408394][T10913]  __kmalloc+0xa4/0x240
[  334.412656][T10913]  bpf_test_init+0xc0/0x150
[  334.417232][T10913]  bpf_prog_test_run_xdp+0x382/0xfa0
[  334.422661][T10913]  ? dev_put+0x80/0x80
[  334.426774][T10913]  ? dev_put+0x80/0x80
[  334.430870][T10913]  bpf_prog_test_run+0x321/0x390
[  334.435849][T10913]  __sys_bpf+0x440/0x800
[  334.440117][T10913]  ? bpf_link_show_fdinfo+0x350/0x350
[  334.445523][T10913]  ? lock_chain_count+0x20/0x20
[  334.450376][T10913]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  334.456370][T10913]  __x64_sys_bpf+0x7c/0x90
[  334.460807][T10913]  do_syscall_64+0x55/0xb0
[  334.465242][T10913]  ? clear_bhb_loop+0x40/0x90
[  334.469922][T10913]  ? clear_bhb_loop+0x40/0x90
[  334.474606][T10913]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  334.480500][T10913] RIP: 0033:0x7f0caa38eec9
[  334.484914][T10913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.504524][T10913] RSP: 002b:00007f0cab284038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  334.512950][T10913] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38eec9
[  334.520938][T10913] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  334.528929][T10913] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  334.536912][T10913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.544886][T10913] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  334.552900][T10913]  </TASK>
[  335.740161][   T50] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  336.608745][   T50] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  338.065255][   T50] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  339.870146][T11043] syz.3.2048 (11043) used obsolete PPPIOCDETACH ioctl
[  341.387913][T11066] FAULT_INJECTION: forcing a failure.
[  341.387913][T11066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.422022][T11066] CPU: 1 PID: 11066 Comm: syz.1.2058 Not tainted syzkaller #0
[  341.429525][T11066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  341.439618][T11066] Call Trace:
[  341.442934][T11066]  <TASK>
[  341.445895][T11066]  dump_stack_lvl+0x16c/0x230
[  341.450623][T11066]  ? show_regs_print_info+0x20/0x20
[  341.455842][T11066]  ? load_image+0x3b0/0x3b0
[  341.460352][T11066]  ? __might_fault+0xaa/0x120
[  341.465038][T11066]  ? __lock_acquire+0x7c80/0x7c80
[  341.470073][T11066]  should_fail_ex+0x39d/0x4d0
[  341.474767][T11066]  _copy_from_user+0x2f/0xe0
[  341.479366][T11066]  memdup_user+0x64/0xc0
[  341.483616][T11066]  ppp_get_filter+0x13d/0x1b0
[  341.488304][T11066]  ? ppp_set_compress+0x720/0x720
[  341.493358][T11066]  ? ppp_poll+0x250/0x250
[  341.497705][T11066]  ppp_ioctl+0xf1b/0x1980
[  341.502048][T11066]  ? ppp_poll+0x250/0x250
[  341.506414][T11066]  ? __fget_files+0x28/0x4d0
[  341.511022][T11066]  ? bpf_lsm_file_ioctl+0x9/0x10
[  341.515965][T11066]  ? security_file_ioctl+0x80/0xa0
[  341.521084][T11066]  ? ppp_poll+0x250/0x250
[  341.525424][T11066]  __se_sys_ioctl+0xfd/0x170
[  341.530039][T11066]  do_syscall_64+0x55/0xb0
[  341.534477][T11066]  ? clear_bhb_loop+0x40/0x90
[  341.539171][T11066]  ? clear_bhb_loop+0x40/0x90
[  341.543872][T11066]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  341.549774][T11066] RIP: 0033:0x7f0caa38eec9
[  341.554279][T11066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.573904][T11066] RSP: 002b:00007f0cab284038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  341.582327][T11066] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38eec9
[  341.590333][T11066] RDX: 00002000000000c0 RSI: 0000000040107446 RDI: 0000000000000003
[  341.598309][T11066] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  341.606284][T11066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  341.614259][T11066] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  341.622257][T11066]  </TASK>
[  341.658640][T11071] netlink: 'syz.2.2059': attribute type 9 has an invalid length.
[  341.668169][T11070] netlink: 'syz.2.2059': attribute type 9 has an invalid length.
[  341.676441][T11071] netlink: 399 bytes leftover after parsing attributes in process `syz.2.2059'.
[  341.686059][T11070] netlink: 399 bytes leftover after parsing attributes in process `syz.2.2059'.
[  341.722291][T11060] netlink: 'syz.3.2055': attribute type 21 has an invalid length.
[  342.283186][ T3536] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  343.642191][T11086] netlink: 'syz.0.2061': attribute type 39 has an invalid length.
[  343.913254][T11093] netlink: 'syz.3.2066': attribute type 4 has an invalid length.
[  343.938189][T11093] netlink: 14345 bytes leftover after parsing attributes in process `syz.3.2066'.
[  344.095870][   T50] Bluetooth: hci1: ISO packet for unknown connection handle 2622
[  344.132522][T11102] netlink: 173820 bytes leftover after parsing attributes in process `syz.2.2070'.
[  345.034542][T11122] FAULT_INJECTION: forcing a failure.
[  345.034542][T11122] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.048417][T11122] CPU: 0 PID: 11122 Comm: syz.0.2076 Not tainted syzkaller #0
[  345.055907][T11122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  345.065995][T11122] Call Trace:
[  345.069297][T11122]  <TASK>
[  345.072268][T11122]  dump_stack_lvl+0x16c/0x230
[  345.076986][T11122]  ? show_regs_print_info+0x20/0x20
[  345.082235][T11122]  ? load_image+0x3b0/0x3b0
[  345.086778][T11122]  ? __might_fault+0xaa/0x120
[  345.091477][T11122]  ? __lock_acquire+0x7c80/0x7c80
[  345.096562][T11122]  ? __virt_addr_valid+0x18c/0x540
[  345.101718][T11122]  should_fail_ex+0x39d/0x4d0
[  345.106453][T11122]  _copy_from_user+0x2f/0xe0
[  345.111071][T11122]  bpf_prog_test_run_skb+0x259/0x11c0
[  345.116455][T11122]  ? __fget_files+0x28/0x4d0
[  345.121057][T11122]  ? __fget_files+0x44a/0x4d0
[  345.125754][T11122]  ? cpu_online+0x60/0x60
[  345.130095][T11122]  bpf_prog_test_run+0x321/0x390
[  345.135043][T11122]  __sys_bpf+0x440/0x800
[  345.139287][T11122]  ? bpf_link_show_fdinfo+0x350/0x350
[  345.144672][T11122]  ? lock_chain_count+0x20/0x20
[  345.149540][T11122]  __x64_sys_bpf+0x7c/0x90
[  345.153974][T11122]  do_syscall_64+0x55/0xb0
[  345.158397][T11122]  ? clear_bhb_loop+0x40/0x90
[  345.163081][T11122]  ? clear_bhb_loop+0x40/0x90
[  345.167770][T11122]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  345.173664][T11122] RIP: 0033:0x7f4f27b8eec9
[  345.178079][T11122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.197699][T11122] RSP: 002b:00007f4f28a51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  345.206148][T11122] RAX: ffffffffffffffda RBX: 00007f4f27de5fa0 RCX: 00007f4f27b8eec9
[  345.214125][T11122] RDX: 0000000000000048 RSI: 0000200000000340 RDI: 000000000000000a
[  345.222101][T11122] RBP: 00007f4f28a51090 R08: 0000000000000000 R09: 0000000000000000
[  345.230074][T11122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.238049][T11122] R13: 00007f4f27de6038 R14: 00007f4f27de5fa0 R15: 00007ffe9d7e0f08
[  345.246041][T11122]  </TASK>
[  345.884659][T11133] netlink: 63503 bytes leftover after parsing attributes in process `syz.1.2081'.
[  346.851831][T11158] FAULT_INJECTION: forcing a failure.
[  346.851831][T11158] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.868168][T11158] CPU: 1 PID: 11158 Comm: syz.2.2090 Not tainted syzkaller #0
[  346.875674][T11158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  346.885757][T11158] Call Trace:
[  346.889071][T11158]  <TASK>
[  346.892034][T11158]  dump_stack_lvl+0x16c/0x230
[  346.896758][T11158]  ? show_regs_print_info+0x20/0x20
[  346.902000][T11158]  ? load_image+0x3b0/0x3b0
[  346.906559][T11158]  ? __might_fault+0xaa/0x120
[  346.911265][T11158]  ? __lock_acquire+0x7c80/0x7c80
[  346.916312][T11158]  should_fail_ex+0x39d/0x4d0
[  346.921030][T11158]  _copy_from_user+0x2f/0xe0
[  346.925644][T11158]  ___sys_sendmsg+0x159/0x290
[  346.930346][T11158]  ? __sys_sendmsg+0x270/0x270
[  346.935168][T11158]  ? __lock_acquire+0x7c80/0x7c80
[  346.940247][T11158]  __se_sys_sendmsg+0x1a5/0x270
[  346.945124][T11158]  ? __x64_sys_sendmsg+0x80/0x80
[  346.950109][T11158]  ? lockdep_hardirqs_on+0x98/0x150
[  346.955335][T11158]  do_syscall_64+0x55/0xb0
[  346.959767][T11158]  ? clear_bhb_loop+0x40/0x90
[  346.964468][T11158]  ? clear_bhb_loop+0x40/0x90
[  346.969159][T11158]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  346.975075][T11158] RIP: 0033:0x7f0de5f8eec9
[  346.979546][T11158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.999185][T11158] RSP: 002b:00007f0de6da7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.007622][T11158] RAX: ffffffffffffffda RBX: 00007f0de61e5fa0 RCX: 00007f0de5f8eec9
[  347.015607][T11158] RDX: 0000000020000000 RSI: 0000200000000780 RDI: 0000000000000004
[  347.023610][T11158] RBP: 00007f0de6da7090 R08: 0000000000000000 R09: 0000000000000000
[  347.031594][T11158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.039577][T11158] R13: 00007f0de61e6038 R14: 00007f0de61e5fa0 R15: 00007fffa26d1dc8
[  347.047580][T11158]  </TASK>
[  347.400764][T11166] netlink: 'syz.2.2094': attribute type 21 has an invalid length.
[  347.415062][T11166] netlink: 'syz.2.2094': attribute type 6 has an invalid length.
[  347.439546][T11166] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2094'.
[  347.535750][T11163] netlink: 'syz.3.2092': attribute type 10 has an invalid length.
[  347.547437][T11163] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2092'.
[  348.235125][T11163] syz.3.2092 (11163) used greatest stack depth: 18824 bytes left
[  348.844647][T11200] Q±6ã×\b‹¡Y­4��: renamed from lo (while UP)
[  348.871505][T11200] FAULT_INJECTION: forcing a failure.
[  348.871505][T11200] name failslab, interval 1, probability 0, space 0, times 0
[  348.911895][T11200] CPU: 1 PID: 11200 Comm: syz.3.2106 Not tainted syzkaller #0
[  348.919504][T11200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  348.929608][T11200] Call Trace:
[  348.932940][T11200]  <TASK>
[  348.935929][T11200]  dump_stack_lvl+0x16c/0x230
[  348.940677][T11200]  ? show_regs_print_info+0x20/0x20
[  348.945931][T11200]  ? load_image+0x3b0/0x3b0
[  348.950498][T11200]  ? __lock_acquire+0x7c80/0x7c80
[  348.955610][T11200]  should_fail_ex+0x39d/0x4d0
[  348.960386][T11200]  should_failslab+0x9/0x20
[  348.964963][T11200]  slab_pre_alloc_hook+0x59/0x310
[  348.970048][T11200]  ? device_rename+0xb3/0x1e0
[  348.974787][T11200]  ? device_rename+0xb3/0x1e0
[  348.979517][T11200]  __kmem_cache_alloc_node+0x53/0x260
[  348.984979][T11200]  ? device_rename+0xb3/0x1e0
[  348.989902][T11200]  __kmalloc_node_track_caller+0xa2/0x230
[  348.995721][T11200]  kstrdup+0x3b/0x80
[  348.999697][T11200]  device_rename+0xb3/0x1e0
[  349.004268][T11200]  dev_change_name+0x2ee/0x8a0
[  349.009115][T11200]  ? dev_alloc_name+0x1c0/0x1c0
[  349.014005][T11200]  ? trace_contention_end+0x39/0xe0
[  349.019252][T11200]  ? __mutex_lock+0x304/0xcc0
[  349.023970][T11200]  ? end_current_label_crit_section+0x170/0x170
[  349.030284][T11200]  dev_ifsioc+0x8c7/0xe20
[  349.034660][T11200]  ? dev_ioctl+0x1170/0x1170
[  349.039286][T11200]  ? bpf_lsm_capable+0x9/0x10
[  349.044006][T11200]  ? security_capable+0x89/0xb0
[  349.049020][T11200]  dev_ioctl+0x705/0x1170
[  349.053412][T11200]  sock_do_ioctl+0x226/0x2f0
[  349.058047][T11200]  ? sock_show_fdinfo+0xb0/0xb0
[  349.062998][T11200]  sock_ioctl+0x623/0x7a0
[  349.067398][T11200]  ? sock_poll+0x3d0/0x3d0
[  349.071893][T11200]  ? bpf_lsm_file_ioctl+0x9/0x10
[  349.076864][T11200]  ? security_file_ioctl+0x80/0xa0
[  349.082018][T11200]  ? sock_poll+0x3d0/0x3d0
[  349.086486][T11200]  __se_sys_ioctl+0xfd/0x170
[  349.091127][T11200]  do_syscall_64+0x55/0xb0
[  349.095588][T11200]  ? clear_bhb_loop+0x40/0x90
[  349.100305][T11200]  ? clear_bhb_loop+0x40/0x90
[  349.105030][T11200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  349.110961][T11200] RIP: 0033:0x7f229f18eec9
[  349.115418][T11200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.135061][T11200] RSP: 002b:00007f229ffdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  349.143520][T11200] RAX: ffffffffffffffda RBX: 00007f229f3e5fa0 RCX: 00007f229f18eec9
[  349.151535][T11200] RDX: 0000200000000cc0 RSI: 0000000000008923 RDI: 0000000000000006
[  349.159548][T11200] RBP: 00007f229ffdc090 R08: 0000000000000000 R09: 0000000000000000
[  349.167558][T11200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.175558][T11200] R13: 00007f229f3e6038 R14: 00007f229f3e5fa0 R15: 00007ffc52514508
[  349.183611][T11200]  </TASK>
[  349.199758][   T77] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  349.268929][T11205] FAULT_INJECTION: forcing a failure.
[  349.268929][T11205] name failslab, interval 1, probability 0, space 0, times 0
[  349.297372][T11205] CPU: 1 PID: 11205 Comm: syz.2.2108 Not tainted syzkaller #0
[  349.304881][T11205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  349.315047][T11205] Call Trace:
[  349.318341][T11205]  <TASK>
[  349.321286][T11205]  dump_stack_lvl+0x16c/0x230
[  349.325981][T11205]  ? show_regs_print_info+0x20/0x20
[  349.331193][T11205]  ? load_image+0x3b0/0x3b0
[  349.335725][T11205]  ? __might_sleep+0xe0/0xe0
[  349.340329][T11205]  ? __lock_acquire+0x7c80/0x7c80
[  349.345364][T11205]  should_fail_ex+0x39d/0x4d0
[  349.350057][T11205]  should_failslab+0x9/0x20
[  349.354575][T11205]  slab_pre_alloc_hook+0x59/0x310
[  349.359614][T11205]  ? d_instantiate+0x6f/0x90
[  349.364228][T11205]  kmem_cache_alloc+0x5a/0x2e0
[  349.368998][T11205]  ? alloc_empty_file+0x9e/0x1d0
[  349.373952][T11205]  alloc_empty_file+0x9e/0x1d0
[  349.378726][T11205]  alloc_file+0x5c/0x600
[  349.382986][T11205]  alloc_file_pseudo+0x17e/0x200
[  349.387942][T11205]  ? alloc_empty_backing_file+0xe0/0xe0
[  349.393519][T11205]  anon_inode_getfile+0xc5/0x1a0
[  349.398492][T11205]  __se_sys_perf_event_open+0xeb5/0x1c20
[  349.404160][T11205]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  349.409823][T11205]  ? lock_chain_count+0x20/0x20
[  349.414698][T11205]  ? lockdep_hardirqs_on+0x98/0x150
[  349.419938][T11205]  ? __x64_sys_perf_event_open+0x20/0xc0
[  349.425586][T11205]  do_syscall_64+0x55/0xb0
[  349.430020][T11205]  ? clear_bhb_loop+0x40/0x90
[  349.434710][T11205]  ? clear_bhb_loop+0x40/0x90
[  349.439410][T11205]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  349.445328][T11205] RIP: 0033:0x7f0de5f8eec9
[  349.449755][T11205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.469378][T11205] RSP: 002b:00007f0de6da7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  349.477827][T11205] RAX: ffffffffffffffda RBX: 00007f0de61e5fa0 RCX: 00007f0de5f8eec9
[  349.485808][T11205] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000200
[  349.493787][T11205] RBP: 00007f0de6da7090 R08: 0000000000000000 R09: 0000000000000000
[  349.501766][T11205] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  349.509743][T11205] R13: 00007f0de61e6038 R14: 00007f0de61e5fa0 R15: 00007fffa26d1dc8
[  349.517746][T11205]  </TASK>
[  350.505380][T11241] netlink: 22 bytes leftover after parsing attributes in process `syz.1.2123'.
[  351.542453][T11261] netlink: 'syz.1.2130': attribute type 10 has an invalid length.
[  351.583099][T11261] netlink: 55 bytes leftover after parsing attributes in process `syz.1.2130'.
[  352.148998][T11285] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.2140'.
[  352.454816][T11298] netlink: 'syz.0.2146': attribute type 10 has an invalid length.
[  352.465126][T11298] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2146'.
[  352.474753][T11298] vcan0: entered promiscuous mode
[  352.481129][T11298] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check.
[  352.908842][T11310] netlink: 'syz.3.2149': attribute type 2 has an invalid length.
[  352.920083][T11310] netlink: 164 bytes leftover after parsing attributes in process `syz.3.2149'.
[  353.065704][T11318] FAULT_INJECTION: forcing a failure.
[  353.065704][T11318] name failslab, interval 1, probability 0, space 0, times 0
[  353.106230][T11318] CPU: 0 PID: 11318 Comm: syz.0.2151 Not tainted syzkaller #0
[  353.113750][T11318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  353.123854][T11318] Call Trace:
[  353.127164][T11318]  <TASK>
[  353.130130][T11318]  dump_stack_lvl+0x16c/0x230
[  353.134863][T11318]  ? show_regs_print_info+0x20/0x20
[  353.140112][T11318]  ? load_image+0x3b0/0x3b0
[  353.144670][T11318]  ? __lock_acquire+0x7c80/0x7c80
[  353.149721][T11318]  should_fail_ex+0x39d/0x4d0
[  353.154430][T11318]  should_failslab+0x9/0x20
[  353.159059][T11318]  slab_pre_alloc_hook+0x59/0x310
[  353.164108][T11318]  ? __lock_acquire+0x7c80/0x7c80
[  353.169163][T11318]  kmem_cache_alloc+0x5a/0x2e0
[  353.173954][T11318]  ? security_file_alloc+0x34/0x120
[  353.179202][T11318]  security_file_alloc+0x34/0x120
[  353.184280][T11318]  init_file+0x94/0x1f0
[  353.188473][T11318]  alloc_empty_file+0xb7/0x1d0
[  353.193278][T11318]  alloc_file+0x5c/0x600
[  353.197584][T11318]  alloc_file_pseudo+0x17e/0x200
[  353.202566][T11318]  ? alloc_empty_backing_file+0xe0/0xe0
[  353.208155][T11318]  ? _raw_spin_unlock+0x28/0x40
[  353.213030][T11318]  ? alloc_fd+0x58f/0x630
[  353.217400][T11318]  sock_alloc_file+0xb7/0x280
[  353.222101][T11318]  __sys_socket+0x13d/0x1a0
[  353.226713][T11318]  __x64_sys_socket+0x7a/0x90
[  353.231405][T11318]  do_syscall_64+0x55/0xb0
[  353.235855][T11318]  ? clear_bhb_loop+0x40/0x90
[  353.240562][T11318]  ? clear_bhb_loop+0x40/0x90
[  353.245271][T11318]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  353.251196][T11318] RIP: 0033:0x7f4f27b8eec9
[  353.255725][T11318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.275354][T11318] RSP: 002b:00007f4f28a51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  353.283791][T11318] RAX: ffffffffffffffda RBX: 00007f4f27de5fa0 RCX: 00007f4f27b8eec9
[  353.291777][T11318] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 000000000000002c
[  353.299767][T11318] RBP: 00007f4f28a51090 R08: 0000000000000000 R09: 0000000000000000
[  353.307761][T11318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.315755][T11318] R13: 00007f4f27de6038 R14: 00007f4f27de5fa0 R15: 00007ffe9d7e0f08
[  353.323757][T11318]  </TASK>
[  353.553466][T11313] netlink: 'syz.2.2150': attribute type 10 has an invalid length.
[  353.591396][T11313] netlink: 55 bytes leftover after parsing attributes in process `syz.2.2150'.
[  353.780691][T11339] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2157'.
[  354.237305][T11355] FAULT_INJECTION: forcing a failure.
[  354.237305][T11355] name failslab, interval 1, probability 0, space 0, times 0
[  354.260179][T11355] CPU: 0 PID: 11355 Comm: syz.3.2161 Not tainted syzkaller #0
[  354.267476][T11360] netlink: 'syz.0.2162': attribute type 21 has an invalid length.
[  354.267665][T11355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  354.276262][T11360] netlink: 'syz.0.2162': attribute type 6 has an invalid length.
[  354.285605][T11355] Call Trace:
[  354.285616][T11355]  <TASK>
[  354.285625][T11355]  dump_stack_lvl+0x16c/0x230
[  354.285657][T11355]  ? show_regs_print_info+0x20/0x20
[  354.293612][T11360] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2162'.
[  354.296656][T11355]  ? load_image+0x3b0/0x3b0
[  354.323080][T11355]  ? __might_sleep+0xe0/0xe0
[  354.327718][T11355]  ? __lock_acquire+0x7c80/0x7c80
[  354.332787][T11355]  should_fail_ex+0x39d/0x4d0
[  354.337519][T11355]  should_failslab+0x9/0x20
[  354.342054][T11355]  slab_pre_alloc_hook+0x59/0x310
[  354.347108][T11355]  ? d_instantiate+0x6f/0x90
[  354.351730][T11355]  kmem_cache_alloc+0x5a/0x2e0
[  354.356534][T11355]  ? alloc_empty_file+0x9e/0x1d0
[  354.361517][T11355]  alloc_empty_file+0x9e/0x1d0
[  354.366331][T11355]  alloc_file+0x5c/0x600
[  354.370610][T11355]  alloc_file_pseudo+0x17e/0x200
[  354.375582][T11355]  ? alloc_empty_backing_file+0xe0/0xe0
[  354.381141][T11355]  ? alloc_fd+0x58f/0x630
[  354.385515][T11355]  anon_inode_getfd+0xca/0x1c0
[  354.390297][T11355]  map_create+0xf14/0x12f0
[  354.394722][T11355]  __sys_bpf+0x5f0/0x800
[  354.398971][T11355]  ? bpf_link_show_fdinfo+0x350/0x350
[  354.404374][T11355]  ? lock_chain_count+0x20/0x20
[  354.409242][T11355]  __x64_sys_bpf+0x7c/0x90
[  354.413667][T11355]  do_syscall_64+0x55/0xb0
[  354.418103][T11355]  ? clear_bhb_loop+0x40/0x90
[  354.422800][T11355]  ? clear_bhb_loop+0x40/0x90
[  354.427491][T11355]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  354.433396][T11355] RIP: 0033:0x7f229f18eec9
[  354.437832][T11355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.457547][T11355] RSP: 002b:00007f229ffdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  354.465969][T11355] RAX: ffffffffffffffda RBX: 00007f229f3e5fa0 RCX: 00007f229f18eec9
[  354.473946][T11355] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 0000000000000000
[  354.481922][T11355] RBP: 00007f229ffdc090 R08: 0000000000000000 R09: 0000000000000000
[  354.489894][T11355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.497869][T11355] R13: 00007f229f3e6038 R14: 00007f229f3e5fa0 R15: 00007ffc52514508
[  354.505856][T11355]  </TASK>
[  355.143606][T11385] netlink: 'syz.0.2169': attribute type 10 has an invalid length.
[  355.185230][T11385] netlink: 55 bytes leftover after parsing attributes in process `syz.0.2169'.
[  355.514409][T11391] netlink: 'syz.2.2174': attribute type 21 has an invalid length.
[  355.546570][T11391] netlink: 'syz.2.2174': attribute type 6 has an invalid length.
[  355.587346][T11391] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2174'.
[  355.622245][T11395] netlink: 184 bytes leftover after parsing attributes in process `syz.3.2176'.
[  355.773401][T11395] netlink: 15191 bytes leftover after parsing attributes in process `syz.3.2176'.
[  355.835236][T11406] FAULT_INJECTION: forcing a failure.
[  355.835236][T11406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.848619][T11406] CPU: 0 PID: 11406 Comm: syz.1.2180 Not tainted syzkaller #0
[  355.856107][T11406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  355.866185][T11406] Call Trace:
[  355.869487][T11406]  <TASK>
[  355.872442][T11406]  dump_stack_lvl+0x16c/0x230
[  355.877172][T11406]  ? show_regs_print_info+0x20/0x20
[  355.882411][T11406]  ? load_image+0x3b0/0x3b0
[  355.886951][T11406]  ? __lock_acquire+0x7c80/0x7c80
[  355.892007][T11406]  ? snprintf+0xdb/0x120
[  355.896289][T11406]  should_fail_ex+0x39d/0x4d0
[  355.901029][T11406]  _copy_to_user+0x2f/0xa0
[  355.905483][T11406]  simple_read_from_buffer+0xe7/0x150
[  355.910892][T11406]  proc_fail_nth_read+0x1e3/0x250
[  355.915964][T11406]  ? proc_fault_inject_write+0x340/0x340
[  355.921640][T11406]  ? fsnotify_perm+0x271/0x5e0
[  355.926437][T11406]  ? proc_fault_inject_write+0x340/0x340
[  355.932101][T11406]  vfs_read+0x27e/0x920
[  355.936313][T11406]  ? kernel_read+0x1e0/0x1e0
[  355.940935][T11406]  ? __fget_files+0x28/0x4d0
[  355.945561][T11406]  ? __fget_files+0x44a/0x4d0
[  355.950281][T11406]  ? __fdget_pos+0x2a3/0x330
[  355.954894][T11406]  ? ksys_read+0x75/0x250
[  355.959252][T11406]  ksys_read+0x147/0x250
[  355.963530][T11406]  ? vfs_write+0x940/0x940
[  355.967996][T11406]  ? lockdep_hardirqs_on+0x98/0x150
[  355.973235][T11406]  do_syscall_64+0x55/0xb0
[  355.977694][T11406]  ? clear_bhb_loop+0x40/0x90
[  355.982400][T11406]  ? clear_bhb_loop+0x40/0x90
[  355.987116][T11406]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  355.993042][T11406] RIP: 0033:0x7f0caa38d8dc
[  355.997482][T11406] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  356.017111][T11406] RSP: 002b:00007f0cab284030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  356.025576][T11406] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38d8dc
[  356.033574][T11406] RDX: 000000000000000f RSI: 00007f0cab2840a0 RDI: 0000000000000004
[  356.041568][T11406] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  356.049563][T11406] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  356.057559][T11406] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  356.065590][T11406]  </TASK>
[  356.185020][T11417] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.2185'.
[  356.651193][T11437] FAULT_INJECTION: forcing a failure.
[  356.651193][T11437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.699515][T11437] CPU: 1 PID: 11437 Comm: syz.2.2194 Not tainted syzkaller #0
[  356.707033][T11437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  356.717104][T11437] Call Trace:
[  356.720399][T11437]  <TASK>
[  356.723348][T11437]  dump_stack_lvl+0x16c/0x230
[  356.728061][T11437]  ? show_regs_print_info+0x20/0x20
[  356.733284][T11437]  ? load_image+0x3b0/0x3b0
[  356.737825][T11437]  ? __might_fault+0xaa/0x120
[  356.742520][T11437]  ? __lock_acquire+0x7c80/0x7c80
[  356.747563][T11437]  should_fail_ex+0x39d/0x4d0
[  356.752268][T11437]  _copy_from_user+0x2f/0xe0
[  356.756875][T11437]  __sys_bpf+0x1e9/0x800
[  356.761132][T11437]  ? bpf_link_show_fdinfo+0x350/0x350
[  356.766527][T11437]  ? lock_chain_count+0x20/0x20
[  356.771400][T11437]  __x64_sys_bpf+0x7c/0x90
[  356.775830][T11437]  do_syscall_64+0x55/0xb0
[  356.780267][T11437]  ? clear_bhb_loop+0x40/0x90
[  356.784966][T11437]  ? clear_bhb_loop+0x40/0x90
[  356.789657][T11437]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  356.795563][T11437] RIP: 0033:0x7f0de5f8eec9
[  356.799988][T11437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.819651][T11437] RSP: 002b:00007f0de6da7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  356.828082][T11437] RAX: ffffffffffffffda RBX: 00007f0de61e5fa0 RCX: 00007f0de5f8eec9
[  356.836066][T11437] RDX: 0000000000000050 RSI: 0000200000000440 RDI: 000000000000000a
[  356.844048][T11437] RBP: 00007f0de6da7090 R08: 0000000000000000 R09: 0000000000000000
[  356.852033][T11437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.860021][T11437] R13: 00007f0de61e6038 R14: 00007f0de61e5fa0 R15: 00007fffa26d1dc8
[  356.868018][T11437]  </TASK>
[  357.363651][T11462] tun0: tun_chr_ioctl cmd 1074812118
[  357.934249][T11481] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  358.069016][T11482] __nla_validate_parse: 2 callbacks suppressed
[  358.069030][T11482] netlink: 62779 bytes leftover after parsing attributes in process `syz.3.2211'.
[  361.311022][   T50] Bluetooth: hci2: ISO packet for unknown connection handle 4095
[  361.317945][T11523] netlink: 'syz.0.2225': attribute type 3 has an invalid length.
[  361.346838][T11523] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2225'.
[  361.657078][T11536] netlink: 'syz.3.2229': attribute type 10 has an invalid length.
[  361.690672][T11534] delete_channel: no stack
[  361.761260][T11536] dummy0: left allmulticast mode
[  361.767900][T11536] dummy0: left promiscuous mode
[  361.783330][T11536] bridge0: port 3(dummy0) entered disabled state
[  361.870801][T11536] team0: Port device dummy0 added
[  362.081049][T11557] netlink: 'syz.0.2238': attribute type 29 has an invalid length.
[  362.088949][T11557] netlink: 'syz.0.2238': attribute type 3 has an invalid length.
[  362.097757][T11557] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2238'.
[  362.458937][T11566] delete_channel: no stack
[  362.574862][T11569] FAULT_INJECTION: forcing a failure.
[  362.574862][T11569] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.590104][T11569] CPU: 1 PID: 11569 Comm: syz.3.2244 Not tainted syzkaller #0
[  362.597605][T11569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  362.607674][T11569] Call Trace:
[  362.610965][T11569]  <TASK>
[  362.613904][T11569]  dump_stack_lvl+0x16c/0x230
[  362.618720][T11569]  ? show_regs_print_info+0x20/0x20
[  362.623937][T11569]  ? load_image+0x3b0/0x3b0
[  362.628454][T11569]  ? __might_fault+0xaa/0x120
[  362.633148][T11569]  ? __lock_acquire+0x7c80/0x7c80
[  362.638199][T11569]  should_fail_ex+0x39d/0x4d0
[  362.642904][T11569]  _copy_from_iter+0x1d3/0x1290
[  362.647779][T11569]  ? __virt_addr_valid+0x18c/0x540
[  362.652913][T11569]  ? __lock_acquire+0x7c80/0x7c80
[  362.657955][T11569]  ? __asan_memcpy+0x40/0x70
[  362.662581][T11569]  ? copyout_mc+0x70/0x70
[  362.666939][T11569]  ? __virt_addr_valid+0x18c/0x540
[  362.672076][T11569]  ? __virt_addr_valid+0x18c/0x540
[  362.677214][T11569]  ? __virt_addr_valid+0x469/0x540
[  362.682362][T11569]  ? __phys_addr_symbol+0x2f/0x70
[  362.687407][T11569]  ? __check_object_size+0x506/0xa30
[  362.692726][T11569]  sctp_user_addto_chunk+0x8f/0x220
[  362.698007][T11569]  sctp_datamsg_from_user+0x741/0xee0
[  362.703430][T11569]  ? perf_trace_lock+0x2ed/0x380
[  362.708494][T11569]  sctp_sendmsg_to_asoc+0xff2/0x17f0
[  362.713829][T11569]  ? jhash+0x740/0x740
[  362.717920][T11569]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  362.723751][T11569]  ? sctp_sendmsg_check_sflags+0x2e0/0x2e0
[  362.729596][T11569]  ? __local_bh_enable_ip+0x12e/0x1c0
[  362.735013][T11569]  ? _local_bh_enable+0xa0/0xa0
[  362.739886][T11569]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  362.745736][T11569]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  362.751576][T11569]  ? sctp_sendmsg_check_sflags+0x18d/0x2e0
[  362.757440][T11569]  sctp_sendmsg+0x1941/0x27e0
[  362.762163][T11569]  ? sctp_getsockopt+0xb60/0xb60
[  362.767151][T11569]  ? aa_sk_perm+0x7fc/0x930
[  362.771697][T11569]  ? aa_af_perm+0x2b0/0x2b0
[  362.776234][T11569]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  362.782685][T11569]  ? sock_rps_record_flow+0x19/0x400
[  362.787994][T11569]  ? inet_send_prepare+0x260/0x260
[  362.793123][T11569]  ? inet_sendmsg+0x7c/0x2f0
[  362.797734][T11569]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  362.803039][T11569]  ? security_socket_sendmsg+0x80/0xa0
[  362.808519][T11569]  ? inet_send_prepare+0x260/0x260
[  362.813639][T11569]  ____sys_sendmsg+0x5bf/0x950
[  362.818475][T11569]  ? __asan_memset+0x22/0x40
[  362.823101][T11569]  ? __sys_sendmsg_sock+0x30/0x30
[  362.828157][T11569]  ? __import_iovec+0x5f2/0x860
[  362.833054][T11569]  ? import_iovec+0x73/0xa0
[  362.837590][T11569]  ___sys_sendmsg+0x220/0x290
[  362.842313][T11569]  ? __sys_sendmsg+0x270/0x270
[  362.847155][T11569]  ? __lock_acquire+0x7c80/0x7c80
[  362.852243][T11569]  __se_sys_sendmsg+0x1a5/0x270
[  362.857130][T11569]  ? __x64_sys_sendmsg+0x80/0x80
[  362.862142][T11569]  ? lockdep_hardirqs_on+0x98/0x150
[  362.867397][T11569]  do_syscall_64+0x55/0xb0
[  362.871839][T11569]  ? clear_bhb_loop+0x40/0x90
[  362.876550][T11569]  ? clear_bhb_loop+0x40/0x90
[  362.881252][T11569]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  362.887172][T11569] RIP: 0033:0x7f229f18eec9
[  362.891626][T11569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.911253][T11569] RSP: 002b:00007f229ffdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  362.919693][T11569] RAX: ffffffffffffffda RBX: 00007f229f3e5fa0 RCX: 00007f229f18eec9
[  362.927683][T11569] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  362.935770][T11569] RBP: 00007f229ffdc090 R08: 0000000000000000 R09: 0000000000000000
[  362.943856][T11569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.951849][T11569] R13: 00007f229f3e6038 R14: 00007f229f3e5fa0 R15: 00007ffc52514508
[  362.959867][T11569]  </TASK>
[  364.689746][T11594] delete_channel: no stack
[  365.355992][T11626] delete_channel: no stack
[  366.673916][T11660] delete_channel: no stack
[  367.110271][T11683] FAULT_INJECTION: forcing a failure.
[  367.110271][T11683] name failslab, interval 1, probability 0, space 0, times 0
[  367.122996][T11683] CPU: 1 PID: 11683 Comm: syz.1.2286 Not tainted syzkaller #0
[  367.130487][T11683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  367.140570][T11683] Call Trace:
[  367.143857][T11683]  <TASK>
[  367.146812][T11683]  dump_stack_lvl+0x16c/0x230
[  367.151522][T11683]  ? __lock_acquire+0x7c80/0x7c80
[  367.156563][T11683]  ? show_regs_print_info+0x20/0x20
[  367.161771][T11683]  ? load_image+0x3b0/0x3b0
[  367.166277][T11683]  ? register_lock_class+0xb5/0x890
[  367.171491][T11683]  ? mark_lock+0x94/0x320
[  367.175835][T11683]  ? is_dynamic_key+0x260/0x260
[  367.180691][T11683]  should_fail_ex+0x39d/0x4d0
[  367.185405][T11683]  should_failslab+0x9/0x20
[  367.189925][T11683]  slab_pre_alloc_hook+0x59/0x310
[  367.194975][T11683]  kmem_cache_alloc+0x5a/0x2e0
[  367.199754][T11683]  ? fib6_add_1+0x6ee/0x1430
[  367.204363][T11683]  fib6_add_1+0x6ee/0x1430
[  367.208801][T11683]  fib6_add+0x1da/0x3d20
[  367.213056][T11683]  ? netlink_rcv_skb+0x216/0x480
[  367.218006][T11683]  ? netlink_sendmsg+0x8c1/0xbe0
[  367.222953][T11683]  ? ____sys_sendmsg+0x5bf/0x950
[  367.227904][T11683]  ? ___sys_sendmsg+0x220/0x290
[  367.232776][T11683]  ? __se_sys_sendmsg+0x1a5/0x270
[  367.237840][T11683]  ? do_syscall_64+0x55/0xb0
[  367.242473][T11683]  ? fib6_update_sernum_stub+0x1e0/0x1e0
[  367.248129][T11683]  ? do_raw_spin_lock+0x121/0x2c0
[  367.253181][T11683]  ? __rwlock_init+0x150/0x150
[  367.257972][T11683]  ? inet6_rtm_newroute+0xc41/0x1b40
[  367.263275][T11683]  inet6_rtm_newroute+0xc5d/0x1b40
[  367.268427][T11683]  ? ipv6_route_sysctl_table_size+0x50/0x50
[  367.274359][T11683]  ? rcu_is_watching+0x15/0xb0
[  367.279140][T11683]  ? trace_contention_end+0x39/0xe0
[  367.284376][T11683]  ? ipv6_route_sysctl_table_size+0x50/0x50
[  367.290288][T11683]  rtnetlink_rcv_msg+0x7c7/0xf10
[  367.295247][T11683]  ? rtnetlink_rcv_msg+0x1eb/0xf10
[  367.300392][T11683]  ? rtnetlink_bind+0x80/0x80
[  367.305078][T11683]  ? mark_lock+0x94/0x320
[  367.309433][T11683]  ? __lock_acquire+0x1260/0x7c80
[  367.314476][T11683]  ? __kernel_text_address+0xd/0x30
[  367.319691][T11683]  ? mark_lock+0x94/0x320
[  367.324025][T11683]  ? mark_lock+0x94/0x320
[  367.328365][T11683]  ? __lock_acquire+0x1260/0x7c80
[  367.333446][T11683]  ? trace_event_raw_event_lock+0x230/0x230
[  367.339353][T11683]  ? perf_trace_lock+0xf7/0x380
[  367.344229][T11683]  ? verify_lock_unused+0x140/0x140
[  367.349439][T11683]  ? net_generic+0x1e/0x240
[  367.353955][T11683]  ? perf_trace_lock+0xf7/0x380
[  367.358845][T11683]  ? netlink_lookup+0x30/0x200
[  367.363618][T11683]  ? netlink_deliver_tap+0x2e/0x1b0
[  367.368833][T11683]  ? perf_trace_lock+0xf7/0x380
[  367.373703][T11683]  netlink_rcv_skb+0x216/0x480
[  367.378474][T11683]  ? rtnetlink_bind+0x80/0x80
[  367.383173][T11683]  ? netlink_ack+0x1110/0x1110
[  367.387962][T11683]  ? __lock_acquire+0x7c80/0x7c80
[  367.393001][T11683]  ? net_generic+0x1e/0x240
[  367.397526][T11683]  ? netlink_deliver_tap+0x2e/0x1b0
[  367.402746][T11683]  netlink_unicast+0x751/0x8d0
[  367.407539][T11683]  netlink_sendmsg+0x8c1/0xbe0
[  367.412325][T11683]  ? netlink_getsockopt+0x580/0x580
[  367.417542][T11683]  ? aa_sock_msg_perm+0x94/0x150
[  367.422579][T11683]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  367.427914][T11683]  ? security_socket_sendmsg+0x80/0xa0
[  367.433391][T11683]  ? netlink_getsockopt+0x580/0x580
[  367.438607][T11683]  ____sys_sendmsg+0x5bf/0x950
[  367.443408][T11683]  ? __asan_memset+0x22/0x40
[  367.448021][T11683]  ? __sys_sendmsg_sock+0x30/0x30
[  367.453064][T11683]  ? __import_iovec+0x5f2/0x860
[  367.457945][T11683]  ? import_iovec+0x73/0xa0
[  367.462473][T11683]  ___sys_sendmsg+0x220/0x290
[  367.467178][T11683]  ? __sys_sendmsg+0x270/0x270
[  367.472016][T11683]  ? __lock_acquire+0x7c80/0x7c80
[  367.477089][T11683]  __se_sys_sendmsg+0x1a5/0x270
[  367.481962][T11683]  ? __x64_sys_sendmsg+0x80/0x80
[  367.486936][T11683]  ? lockdep_hardirqs_on+0x98/0x150
[  367.492247][T11683]  do_syscall_64+0x55/0xb0
[  367.496720][T11683]  ? clear_bhb_loop+0x40/0x90
[  367.501414][T11683]  ? clear_bhb_loop+0x40/0x90
[  367.506104][T11683]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  367.512022][T11683] RIP: 0033:0x7f0caa38eec9
[  367.516460][T11683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.536083][T11683] RSP: 002b:00007f0cab284038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.544511][T11683] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38eec9
[  367.552498][T11683] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  367.560485][T11683] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  367.568460][T11683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.576470][T11683] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  367.584473][T11683]  </TASK>
[  367.605910][T11685] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.2283'.
[  368.225932][T11710] netlink: 'syz.1.2294': attribute type 10 has an invalid length.
[  368.237821][T11710] : entered allmulticast mode
[  368.253581][T11710] : left promiscuous mode
[  368.313738][T11710] : entered promiscuous mode
[  368.329782][T11710] team0: Device 
5 failed to register rx_handler
[  368.489006][T11711] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2294'.
[  371.914478][T11752] FAULT_INJECTION: forcing a failure.
[  371.914478][T11752] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.928237][T11752] CPU: 1 PID: 11752 Comm: syz.1.2306 Not tainted syzkaller #0
[  371.935731][T11752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  371.945818][T11752] Call Trace:
[  371.949115][T11752]  <TASK>
[  371.952071][T11752]  dump_stack_lvl+0x16c/0x230
[  371.956794][T11752]  ? show_regs_print_info+0x20/0x20
[  371.962019][T11752]  ? load_image+0x3b0/0x3b0
[  371.966565][T11752]  ? __might_fault+0xaa/0x120
[  371.971267][T11752]  ? __lock_acquire+0x7c80/0x7c80
[  371.976345][T11752]  should_fail_ex+0x39d/0x4d0
[  371.981068][T11752]  _copy_from_user+0x2f/0xe0
[  371.985692][T11752]  __sys_bpf+0x1e9/0x800
[  371.989981][T11752]  ? bpf_link_show_fdinfo+0x350/0x350
[  371.995380][T11752]  ? lock_chain_count+0x20/0x20
[  372.000263][T11752]  __x64_sys_bpf+0x7c/0x90
[  372.004706][T11752]  do_syscall_64+0x55/0xb0
[  372.009139][T11752]  ? clear_bhb_loop+0x40/0x90
[  372.013829][T11752]  ? clear_bhb_loop+0x40/0x90
[  372.018520][T11752]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  372.024430][T11752] RIP: 0033:0x7f0caa38eec9
[  372.028862][T11752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.048522][T11752] RSP: 002b:00007f0cab284038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  372.056950][T11752] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38eec9
[  372.064935][T11752] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[  372.072924][T11752] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  372.080916][T11752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.088897][T11752] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  372.096896][T11752]  </TASK>
[  372.164523][T11762] netlink: 'syz.3.2309': attribute type 23 has an invalid length.
[  373.616342][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  374.888413][T11768] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2311'.
[  375.089938][T11772] netlink: 'syz.3.2315': attribute type 21 has an invalid length.
[  375.097854][T11772] netlink: 'syz.3.2315': attribute type 6 has an invalid length.
[  375.138331][T11772] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2315'.
[  375.621818][ T5789] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  375.631415][ T5789] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  375.650645][ T5789] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  375.659298][ T5789] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  375.668641][ T5789] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  375.676403][ T5789] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  375.978309][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.018294][T11796] netlink: 'syz.0.2323': attribute type 21 has an invalid length.
[  376.026403][T11796] netlink: 'syz.0.2323': attribute type 6 has an invalid length.
[  376.035526][T11796] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2323'.
[  376.174991][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.247482][T11788] tap0: tun_chr_ioctl cmd 1074025677
[  376.255101][T11788] tap0: linktype set to 270
[  376.297706][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.320775][T11805] FAULT_INJECTION: forcing a failure.
[  376.320775][T11805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.336549][T11805] CPU: 0 PID: 11805 Comm: syz.3.2326 Not tainted syzkaller #0
[  376.344048][T11805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  376.354121][T11805] Call Trace:
[  376.357426][T11805]  <TASK>
[  376.360382][T11805]  dump_stack_lvl+0x16c/0x230
[  376.365100][T11805]  ? show_regs_print_info+0x20/0x20
[  376.370342][T11805]  ? load_image+0x3b0/0x3b0
[  376.374874][T11805]  ? __might_fault+0xaa/0x120
[  376.379575][T11805]  ? __lock_acquire+0x7c80/0x7c80
[  376.384646][T11805]  should_fail_ex+0x39d/0x4d0
[  376.389355][T11805]  _copy_to_user+0x2f/0xa0
[  376.393796][T11805]  bpf_verifier_vlog+0x45c/0x870
[  376.398776][T11805]  __btf_verifier_log+0xd5/0x120
[  376.403746][T11805]  ? btf_check_sec_info+0x330/0x330
[  376.408960][T11805]  ? __lock_acquire+0x7c80/0x7c80
[  376.413989][T11805]  ? btf_parse_hdr+0x1da/0x6d0
[  376.418761][T11805]  btf_parse_hdr+0x312/0x6d0
[  376.423370][T11805]  btf_new_fd+0x37b/0x980
[  376.427731][T11805]  ? bpf_btf_show_fdinfo+0x80/0x80
[  376.432859][T11805]  ? capable+0x88/0xe0
[  376.436945][T11805]  __sys_bpf+0x60e/0x800
[  376.441193][T11805]  ? bpf_link_show_fdinfo+0x350/0x350
[  376.446600][T11805]  ? lock_chain_count+0x20/0x20
[  376.451466][T11805]  __x64_sys_bpf+0x7c/0x90
[  376.455891][T11805]  do_syscall_64+0x55/0xb0
[  376.460313][T11805]  ? clear_bhb_loop+0x40/0x90
[  376.464991][T11805]  ? clear_bhb_loop+0x40/0x90
[  376.469672][T11805]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  376.475571][T11805] RIP: 0033:0x7f229f18eec9
[  376.479990][T11805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.499613][T11805] RSP: 002b:00007f229ffdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  376.508142][T11805] RAX: ffffffffffffffda RBX: 00007f229f3e5fa0 RCX: 00007f229f18eec9
[  376.516144][T11805] RDX: 0000000000000028 RSI: 0000200000000000 RDI: 0000000000000012
[  376.524134][T11805] RBP: 00007f229ffdc090 R08: 0000000000000000 R09: 0000000000000000
[  376.532109][T11805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.540095][T11805] R13: 00007f229f3e6038 R14: 00007f229f3e5fa0 R15: 00007ffc52514508
[  376.548084][T11805]  </TASK>
[  376.616808][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.738803][T11784] chnl_net:caif_netlink_parms(): no params data found
[  377.048138][T11822] netlink: 'syz.3.2331': attribute type 21 has an invalid length.
[  377.056908][T11822] netlink: 'syz.3.2331': attribute type 6 has an invalid length.
[  377.065820][T11822] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2331'.
[  377.095780][T11784] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.117613][T11784] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.155838][T11784] bridge_slave_0: entered allmulticast mode
[  377.176433][T11784] bridge_slave_0: entered promiscuous mode
[  377.187400][T11784] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.194875][T11784] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.202870][T11784] bridge_slave_1: entered allmulticast mode
[  377.210604][T11784] bridge_slave_1: entered promiscuous mode
[  377.250994][T11826] netlink: 'syz.0.2339': attribute type 21 has an invalid length.
[  377.259244][T11826] netlink: 'syz.0.2339': attribute type 6 has an invalid length.
[  377.267689][T11826] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2339'.
[  377.332561][T11784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  377.352906][T11784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  377.501326][T11784] team0: Port device team_slave_0 added
[  377.583506][T11784] team0: Port device team_slave_1 added
[  377.626617][T11784] batman_adv: batadv0: Adding interface: batadv_slave_0
[  377.649748][T11784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  377.710404][ T5789] Bluetooth: hci1: command tx timeout
[  377.710416][T11784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  377.840103][T11784] batman_adv: batadv0: Adding interface: batadv_slave_1
[  377.847268][T11784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  377.979791][T11784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  378.229616][T11857] netlink: 'syz.3.2341': attribute type 21 has an invalid length.
[  378.237568][T11857] netlink: 'syz.3.2341': attribute type 6 has an invalid length.
[  378.283732][T11857] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2341'.
[  378.318283][T11784] hsr_slave_0: entered promiscuous mode
[  378.343486][T11784] hsr_slave_1: entered promiscuous mode
[  378.358729][T11784] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  378.373145][T11784] Cannot create hsr debugfs directory
[  378.515471][T11864] FAULT_INJECTION: forcing a failure.
[  378.515471][T11864] name failslab, interval 1, probability 0, space 0, times 0
[  378.542456][T11864] CPU: 1 PID: 11864 Comm: syz.0.2343 Not tainted syzkaller #0
[  378.549959][T11864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  378.560037][T11864] Call Trace:
[  378.563321][T11864]  <TASK>
[  378.566257][T11864]  dump_stack_lvl+0x16c/0x230
[  378.570948][T11864]  ? show_regs_print_info+0x20/0x20
[  378.576200][T11864]  ? load_image+0x3b0/0x3b0
[  378.580711][T11864]  ? __might_sleep+0xe0/0xe0
[  378.585302][T11864]  ? __lock_acquire+0x7c80/0x7c80
[  378.590336][T11864]  should_fail_ex+0x39d/0x4d0
[  378.595032][T11864]  should_failslab+0x9/0x20
[  378.599545][T11864]  slab_pre_alloc_hook+0x59/0x310
[  378.604586][T11864]  ? __lock_acquire+0x7c80/0x7c80
[  378.609619][T11864]  kmem_cache_alloc_node+0x60/0x330
[  378.614846][T11864]  ? __alloc_skb+0x108/0x2c0
[  378.619451][T11864]  __alloc_skb+0x108/0x2c0
[  378.623872][T11864]  netlink_sendmsg+0x65b/0xbe0
[  378.628641][T11864]  ? netlink_getsockopt+0x580/0x580
[  378.633846][T11864]  ? aa_sock_msg_perm+0x94/0x150
[  378.638797][T11864]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  378.644083][T11864]  ? security_socket_sendmsg+0x80/0xa0
[  378.649633][T11864]  ? netlink_getsockopt+0x580/0x580
[  378.654837][T11864]  ____sys_sendmsg+0x5bf/0x950
[  378.659610][T11864]  ? __asan_memset+0x22/0x40
[  378.664203][T11864]  ? __sys_sendmsg_sock+0x30/0x30
[  378.669235][T11864]  ? __import_iovec+0x5f2/0x860
[  378.674121][T11864]  ? import_iovec+0x73/0xa0
[  378.678638][T11864]  ___sys_sendmsg+0x220/0x290
[  378.683350][T11864]  ? __sys_sendmsg+0x270/0x270
[  378.688150][T11864]  ? __lock_acquire+0x7c80/0x7c80
[  378.693198][T11864]  __se_sys_sendmsg+0x1a5/0x270
[  378.698068][T11864]  ? __x64_sys_sendmsg+0x80/0x80
[  378.703032][T11864]  ? lockdep_hardirqs_on+0x98/0x150
[  378.708249][T11864]  do_syscall_64+0x55/0xb0
[  378.712679][T11864]  ? clear_bhb_loop+0x40/0x90
[  378.717367][T11864]  ? clear_bhb_loop+0x40/0x90
[  378.722051][T11864]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  378.727942][T11864] RIP: 0033:0x7f4f27b8eec9
[  378.732365][T11864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.751993][T11864] RSP: 002b:00007f4f28a51038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  378.760415][T11864] RAX: ffffffffffffffda RBX: 00007f4f27de5fa0 RCX: 00007f4f27b8eec9
[  378.768386][T11864] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  378.776356][T11864] RBP: 00007f4f28a51090 R08: 0000000000000000 R09: 0000000000000000
[  378.784323][T11864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.792387][T11864] R13: 00007f4f27de6038 R14: 00007f4f27de5fa0 R15: 00007ffe9d7e0f08
[  378.800386][T11864]  </TASK>
[  378.819550][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  378.825918][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  379.323202][T11877] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2347'.
[  379.664605][   T12] hsr_slave_0: left promiscuous mode
[  379.700215][   T12] hsr_slave_1: left promiscuous mode
[  379.711849][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  379.725186][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  379.751898][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  379.776465][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  379.789591][ T5789] Bluetooth: hci1: command tx timeout
[  379.797623][   T12] macsec0: left allmulticast mode
[  379.816990][   T12] veth1_macvtap: left allmulticast mode
[  379.832467][   T12] macsec0: left promiscuous mode
[  379.848803][   T12] bridge0: port 5(macsec0) entered disabled state
[  379.882250][   T12] bridge0: port 4(team0) entered disabled state
[  379.901834][   T12] dummy0: left allmulticast mode
[  379.908351][   T12] bridge0: port 3(dummy0) entered disabled state
[  379.925648][   T12] bridge_slave_1: left allmulticast mode
[  379.944127][   T12] bridge_slave_1: left promiscuous mode
[  379.956136][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.977284][   T12] bridge_slave_0: left allmulticast mode
[  379.984965][   T12] bridge_slave_0: left promiscuous mode
[  379.996964][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.020605][T11900] FAULT_INJECTION: forcing a failure.
[  380.020605][T11900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.034142][T11900] CPU: 1 PID: 11900 Comm: syz.1.2352 Not tainted syzkaller #0
[  380.041640][T11900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  380.051724][T11900] Call Trace:
[  380.055022][T11900]  <TASK>
[  380.058021][T11900]  dump_stack_lvl+0x16c/0x230
[  380.062728][T11900]  ? show_regs_print_info+0x20/0x20
[  380.067945][T11900]  ? load_image+0x3b0/0x3b0
[  380.072458][T11900]  ? __might_fault+0xaa/0x120
[  380.077142][T11900]  ? __lock_acquire+0x7c80/0x7c80
[  380.082192][T11900]  should_fail_ex+0x39d/0x4d0
[  380.086885][T11900]  _copy_to_user+0x2f/0xa0
[  380.091312][T11900]  bpf_test_finish+0x24b/0x620
[  380.096102][T11900]  ? convert_skb_to___skb+0x420/0x420
[  380.101503][T11900]  bpf_prog_test_run_skb+0xc28/0x11c0
[  380.106900][T11900]  ? cpu_online+0x60/0x60
[  380.111267][T11900]  bpf_prog_test_run+0x321/0x390
[  380.116217][T11900]  __sys_bpf+0x440/0x800
[  380.120467][T11900]  ? bpf_link_show_fdinfo+0x350/0x350
[  380.125858][T11900]  ? lock_chain_count+0x20/0x20
[  380.130730][T11900]  __x64_sys_bpf+0x7c/0x90
[  380.135157][T11900]  do_syscall_64+0x55/0xb0
[  380.139587][T11900]  ? clear_bhb_loop+0x40/0x90
[  380.144264][T11900]  ? clear_bhb_loop+0x40/0x90
[  380.148958][T11900]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  380.154859][T11900] RIP: 0033:0x7f0caa38eec9
[  380.159282][T11900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.178889][T11900] RSP: 002b:00007f0cab284038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  380.187314][T11900] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38eec9
[  380.195295][T11900] RDX: 000000000000004c RSI: 0000200000000640 RDI: 000000000000000a
[  380.203274][T11900] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  380.211261][T11900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.219240][T11900] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  380.227324][T11900]  </TASK>
[  380.238210][   T12] veth1_macvtap: left promiscuous mode
[  380.244405][   T12] veth0_macvtap: left promiscuous mode
[  380.250381][   T12] veth1_vlan: left promiscuous mode
[  380.256110][   T12] veth0_vlan: left promiscuous mode
[  380.374852][   T77] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  380.433340][   T12] geneve1 (unregistering): left promiscuous mode
[  380.442597][   T12] geneve1 (unregistering): left allmulticast mode
[  380.452178][   T12] team0 (unregistering): Port device geneve1 removed
[  380.754501][   T12] team_slave_1 (unregistering): left promiscuous mode
[  380.761508][   T12] team_slave_1 (unregistering): left allmulticast mode
[  380.770339][   T12] team0 (unregistering): Port device team_slave_1 removed
[  380.811082][   T12] team_slave_0 (unregistering): left promiscuous mode
[  380.817885][   T12] team_slave_0 (unregistering): left allmulticast mode
[  380.827432][   T12] team0 (unregistering): Port device team_slave_0 removed
[  380.867740][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  380.911919][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  381.284536][   T12] bond0 (unregistering): Released all slaves
[  381.365347][T11889] validate_nla: 2 callbacks suppressed
[  381.365364][T11889] netlink: 'syz.3.2349': attribute type 21 has an invalid length.
[  381.379141][T11889] netlink: 'syz.3.2349': attribute type 6 has an invalid length.
[  381.386915][T11889] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2349'.
[  381.777248][T11909] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2357'.
[  381.872495][ T5789] Bluetooth: hci1: command tx timeout
[  382.369457][T11921] tap0: tun_chr_ioctl cmd 1074025677
[  382.384283][T11921] tap0: linktype set to 270
[  382.427565][T11924] FAULT_INJECTION: forcing a failure.
[  382.427565][T11924] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  382.455734][T11924] CPU: 0 PID: 11924 Comm: syz.1.2359 Not tainted syzkaller #0
[  382.463244][T11924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  382.473354][T11924] Call Trace:
[  382.476661][T11924]  <TASK>
[  382.479628][T11924]  dump_stack_lvl+0x16c/0x230
[  382.484345][T11924]  ? show_regs_print_info+0x20/0x20
[  382.489585][T11924]  ? load_image+0x3b0/0x3b0
[  382.494136][T11924]  ? __might_fault+0xaa/0x120
[  382.498841][T11924]  ? __lock_acquire+0x7c80/0x7c80
[  382.503918][T11924]  should_fail_ex+0x39d/0x4d0
[  382.508633][T11924]  _copy_to_user+0x2f/0xa0
[  382.513085][T11924]  bpf_test_finish+0x4d8/0x620
[  382.517899][T11924]  ? convert___skb_to_skb+0x590/0x590
[  382.523312][T11924]  ? convert_skb_to___skb+0x420/0x420
[  382.528747][T11924]  ? slab_build_skb+0x25f/0x3f0
[  382.533634][T11924]  bpf_prog_test_run_skb+0xc28/0x11c0
[  382.539068][T11924]  ? cpu_online+0x60/0x60
[  382.543446][T11924]  bpf_prog_test_run+0x321/0x390
[  382.548429][T11924]  __sys_bpf+0x440/0x800
[  382.552717][T11924]  ? bpf_link_show_fdinfo+0x350/0x350
[  382.558151][T11924]  ? lock_chain_count+0x20/0x20
[  382.563049][T11924]  __x64_sys_bpf+0x7c/0x90
[  382.567509][T11924]  do_syscall_64+0x55/0xb0
[  382.571979][T11924]  ? clear_bhb_loop+0x40/0x90
[  382.576694][T11924]  ? clear_bhb_loop+0x40/0x90
[  382.581415][T11924]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  382.587338][T11924] RIP: 0033:0x7f0caa38eec9
[  382.591780][T11924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.611501][T11924] RSP: 002b:00007f0cab284038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  382.619925][T11924] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38eec9
[  382.627903][T11924] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  382.635893][T11924] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  382.643871][T11924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.651856][T11924] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  382.659851][T11924]  </TASK>
[  382.820374][T11935] FAULT_INJECTION: forcing a failure.
[  382.820374][T11935] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  382.839026][T11935] CPU: 1 PID: 11935 Comm: syz.0.2361 Not tainted syzkaller #0
[  382.846546][T11935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  382.856632][T11935] Call Trace:
[  382.859944][T11935]  <TASK>
[  382.862907][T11935]  dump_stack_lvl+0x16c/0x230
[  382.867629][T11935]  ? show_regs_print_info+0x20/0x20
[  382.872865][T11935]  ? load_image+0x3b0/0x3b0
[  382.877412][T11935]  ? __might_fault+0xaa/0x120
[  382.882117][T11935]  ? __lock_acquire+0x7c80/0x7c80
[  382.887208][T11935]  should_fail_ex+0x39d/0x4d0
[  382.891930][T11935]  _copy_to_user+0x2f/0xa0
[  382.896401][T11935]  bpf_test_finish+0x4d8/0x620
[  382.901287][T11935]  ? convert___skb_to_skb+0x590/0x590
[  382.906664][T11935]  ? convert_skb_to___skb+0x420/0x420
[  382.912064][T11935]  ? slab_build_skb+0x25f/0x3f0
[  382.916943][T11935]  bpf_prog_test_run_skb+0xc28/0x11c0
[  382.922339][T11935]  ? cpu_online+0x60/0x60
[  382.926678][T11935]  bpf_prog_test_run+0x321/0x390
[  382.931632][T11935]  __sys_bpf+0x440/0x800
[  382.935904][T11935]  ? bpf_link_show_fdinfo+0x350/0x350
[  382.941284][T11935]  ? lock_chain_count+0x20/0x20
[  382.946134][T11935]  __x64_sys_bpf+0x7c/0x90
[  382.950566][T11935]  do_syscall_64+0x55/0xb0
[  382.955003][T11935]  ? clear_bhb_loop+0x40/0x90
[  382.959678][T11935]  ? clear_bhb_loop+0x40/0x90
[  382.964349][T11935]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  382.970250][T11935] RIP: 0033:0x7f4f27b8eec9
[  382.974676][T11935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.994631][T11935] RSP: 002b:00007f4f28a51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  383.003061][T11935] RAX: ffffffffffffffda RBX: 00007f4f27de5fa0 RCX: 00007f4f27b8eec9
[  383.011047][T11935] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  383.019032][T11935] RBP: 00007f4f28a51090 R08: 0000000000000000 R09: 0000000000000000
[  383.027015][T11935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.035015][T11935] R13: 00007f4f27de6038 R14: 00007f4f27de5fa0 R15: 00007ffe9d7e0f08
[  383.043016][T11935]  </TASK>
[  383.168420][T11784] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  383.198334][T11784] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  383.227930][T11784] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  383.283457][T11784] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  383.361377][T11944] netlink: 'syz.1.2363': attribute type 3 has an invalid length.
[  383.384303][T11944] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2363'.
[  383.608476][T11784] 8021q: adding VLAN 0 to HW filter on device bond0
[  383.728305][T11784] 8021q: adding VLAN 0 to HW filter on device team0
[  383.891729][ T3474] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.898903][ T3474] bridge0: port 1(bridge_slave_0) entered forwarding state
[  383.949933][ T5789] Bluetooth: hci1: command tx timeout
[  383.957230][ T3474] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.964437][ T3474] bridge0: port 2(bridge_slave_1) entered forwarding state
[  383.993604][T11965] netlink: 'syz.0.2368': attribute type 3 has an invalid length.
[  384.013262][T11965] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2368'.
[  384.416681][T11985] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  384.494168][T11985] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.947764][T11784] 8021q: adding VLAN 0 to HW filter on device batadv0
[  384.996366][T12007] FAULT_INJECTION: forcing a failure.
[  384.996366][T12007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  385.008970][T11987] tap0: tun_chr_ioctl cmd 1074025677
[  385.016455][T11987] tap0: linktype set to 270
[  385.040873][T12007] CPU: 1 PID: 12007 Comm: syz.1.2377 Not tainted syzkaller #0
[  385.048379][T12007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  385.058461][T12007] Call Trace:
[  385.061858][T12007]  <TASK>
[  385.064817][T12007]  dump_stack_lvl+0x16c/0x230
[  385.069545][T12007]  ? show_regs_print_info+0x20/0x20
[  385.074778][T12007]  ? load_image+0x3b0/0x3b0
[  385.079312][T12007]  ? __lock_acquire+0x7c80/0x7c80
[  385.084365][T12007]  ? snprintf+0xdb/0x120
[  385.088637][T12007]  should_fail_ex+0x39d/0x4d0
[  385.093373][T12007]  _copy_to_user+0x2f/0xa0
[  385.097828][T12007]  simple_read_from_buffer+0xe7/0x150
[  385.103255][T12007]  proc_fail_nth_read+0x1e3/0x250
[  385.108330][T12007]  ? proc_fault_inject_write+0x340/0x340
[  385.113996][T12007]  ? fsnotify_perm+0x271/0x5e0
[  385.118800][T12007]  ? proc_fault_inject_write+0x340/0x340
[  385.124458][T12007]  vfs_read+0x27e/0x920
[  385.128651][T12007]  ? kernel_read+0x1e0/0x1e0
[  385.133277][T12007]  ? __fget_files+0x28/0x4d0
[  385.137917][T12007]  ? __fget_files+0x44a/0x4d0
[  385.142639][T12007]  ? __fdget_pos+0x2a3/0x330
[  385.147267][T12007]  ? ksys_read+0x75/0x250
[  385.151622][T12007]  ksys_read+0x147/0x250
[  385.155892][T12007]  ? vfs_write+0x940/0x940
[  385.160332][T12007]  ? lockdep_hardirqs_on+0x98/0x150
[  385.165549][T12007]  do_syscall_64+0x55/0xb0
[  385.169997][T12007]  ? clear_bhb_loop+0x40/0x90
[  385.174684][T12007]  ? clear_bhb_loop+0x40/0x90
[  385.179384][T12007]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  385.185290][T12007] RIP: 0033:0x7f0caa38d8dc
[  385.189713][T12007] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  385.209329][T12007] RSP: 002b:00007f0cab284030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  385.217766][T12007] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38d8dc
[  385.225737][T12007] RDX: 000000000000000f RSI: 00007f0cab2840a0 RDI: 0000000000000004
[  385.233713][T12007] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  385.241685][T12007] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.249663][T12007] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  385.257658][T12007]  </TASK>
[  385.263420][T11784] veth0_vlan: entered promiscuous mode
[  385.283005][T11784] veth1_vlan: entered promiscuous mode
[  385.326127][T12013] netlink: 'syz.3.2378': attribute type 1 has an invalid length.
[  385.329280][T11784] veth0_macvtap: entered promiscuous mode
[  385.334136][T12013] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.2378'.
[  385.406366][T11784] veth1_macvtap: entered promiscuous mode
[  385.561766][T11784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.589611][T11784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.631041][T11784] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.662545][T11784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.673829][T11784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.699293][T11784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.749486][T11784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.759328][T11784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.801907][T11784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.831493][T11784] batman_adv: batadv0: Interface activated: batadv_slave_1
[  385.865631][T12031] netlink: 'syz.1.2381': attribute type 10 has an invalid length.
[  385.943074][T12031] team0: Port device netdevsim0 added
[  386.018604][T12033] netlink: 'syz.1.2381': attribute type 10 has an invalid length.
[  386.068784][T12033] team0: Port device netdevsim0 removed
[  386.092014][T12033] : (slave netdevsim0): Enslaving as an active interface with an up link
[  386.141530][T11784] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.166987][T11784] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.182555][T11784] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.194595][T11784] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.337612][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.373678][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.468952][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.489832][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.527037][T12045] netlink: 'syz.0.2386': attribute type 1 has an invalid length.
[  386.548742][T12045] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.2386'.
[  386.659285][T12049] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2310'.
[  386.692591][T12049] bond_slave_0: entered promiscuous mode
[  386.698555][T12049] bond_slave_1: entered promiscuous mode
[  386.775005][T12049] netlink: 14568 bytes leftover after parsing attributes in process `syz.2.2310'.
[  387.684142][T12078] FAULT_INJECTION: forcing a failure.
[  387.684142][T12078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  387.769584][T12078] CPU: 0 PID: 12078 Comm: syz.1.2396 Not tainted syzkaller #0
[  387.777121][T12078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  387.787229][T12078] Call Trace:
[  387.790543][T12078]  <TASK>
[  387.793505][T12078]  dump_stack_lvl+0x16c/0x230
[  387.798233][T12078]  ? show_regs_print_info+0x20/0x20
[  387.803491][T12078]  ? load_image+0x3b0/0x3b0
[  387.808028][T12078]  ? __might_fault+0xaa/0x120
[  387.812754][T12078]  ? __lock_acquire+0x7c80/0x7c80
[  387.817826][T12078]  ? tomoyo_path_number_perm+0x4dc/0x590
[  387.823509][T12078]  ? tomoyo_path_number_perm+0x1ba/0x590
[  387.829206][T12078]  should_fail_ex+0x39d/0x4d0
[  387.833940][T12078]  _copy_from_user+0x2f/0xe0
[  387.838580][T12078]  wext_handle_ioctl+0xbb/0x1c0
[  387.843485][T12078]  ? call_commit_handler+0xf0/0xf0
[  387.848662][T12078]  sock_ioctl+0x160/0x7a0
[  387.853050][T12078]  ? sock_poll+0x3d0/0x3d0
[  387.857546][T12078]  ? bpf_lsm_file_ioctl+0x9/0x10
[  387.862518][T12078]  ? security_file_ioctl+0x80/0xa0
[  387.867680][T12078]  ? sock_poll+0x3d0/0x3d0
[  387.872138][T12078]  __se_sys_ioctl+0xfd/0x170
[  387.876796][T12078]  do_syscall_64+0x55/0xb0
[  387.881281][T12078]  ? clear_bhb_loop+0x40/0x90
[  387.885993][T12078]  ? clear_bhb_loop+0x40/0x90
[  387.890704][T12078]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  387.896614][T12078] RIP: 0033:0x7f0caa38eec9
[  387.901048][T12078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.920659][T12078] RSP: 002b:00007f0cab284038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  387.929082][T12078] RAX: ffffffffffffffda RBX: 00007f0caa5e5fa0 RCX: 00007f0caa38eec9
[  387.937061][T12078] RDX: 0000200000000000 RSI: 0000000000008b1a RDI: 0000000000000004
[  387.945039][T12078] RBP: 00007f0cab284090 R08: 0000000000000000 R09: 0000000000000000
[  387.953028][T12078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.961014][T12078] R13: 00007f0caa5e6038 R14: 00007f0caa5e5fa0 R15: 00007ffd2571bc18
[  387.969016][T12078]  </TASK>
[  388.164102][   T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  388.174020][   T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  388.190065][   T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  388.210504][   T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  388.219842][   T50] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  388.228111][   T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  388.284289][T12094] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  388.298402][T12094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.308725][T12094] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  388.319541][T12094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.405260][T12097] tap0: tun_chr_ioctl cmd 1074025680
[  388.437153][T12097] netlink: 'syz.3.2404': attribute type 4 has an invalid length.
[  388.454550][T12097] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2404'.
[  388.903082][T12112] bridge0: port 1(bridge_slave_0) entered forwarding state
[  388.935355][T12113] netlink: 'syz.1.2409': attribute type 21 has an invalid length.
[  388.943631][T12113] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2409'.
[  388.970105][T12114] netlink: 'syz.1.2409': attribute type 3 has an invalid length.
[  388.978698][T12114] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2409'.
[  389.024798][T12089] chnl_net:caif_netlink_parms(): no params data found
[  389.435874][T12089] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.459691][T12089] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.466999][T12089] bridge_slave_0: entered allmulticast mode
[  389.475255][T12089] bridge_slave_0: entered promiscuous mode
[  389.496629][T12089] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.510148][T12089] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.533966][T12089] bridge_slave_1: entered allmulticast mode
[  389.560633][T12089] bridge_slave_1: entered promiscuous mode
[  389.710077][T12089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.744536][T12089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.871358][   T77] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.994851][   T77] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.106527][   T77] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.151915][T12146] netlink: 'syz.1.2420': attribute type 19 has an invalid length.
[  390.177566][T12089] team0: Port device team_slave_0 added
[  390.190445][T12089] team0: Port device team_slave_1 added
[  390.270532][   T50] Bluetooth: hci4: command tx timeout
[  390.302407][   T77] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.332926][T12089] batman_adv: batadv0: Adding interface: batadv_slave_0
[  390.346218][T12089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  390.374171][T12089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  390.397284][T12089] batman_adv: batadv0: Adding interface: batadv_slave_1
[  390.406172][T12089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  390.466271][T12089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  390.649127][T12089] hsr_slave_0: entered promiscuous mode
[  390.710139][T12089] hsr_slave_1: entered promiscuous mode
[  390.731370][T12089] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  390.738982][T12089] Cannot create hsr debugfs directory
[  391.006484][T12167] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2428'.
[  391.136641][T12167] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.2428'.
[  392.349600][   T50] Bluetooth: hci4: command tx timeout
[  392.624077][   T77] hsr_slave_0: left promiscuous mode
[  392.652209][   T77] hsr_slave_1: left promiscuous mode
[  392.674589][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  392.698289][   T77] batman_adv: batadv0: Removing interface: batadv_slave_0
[  392.750581][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.777591][   T77] batman_adv: batadv0: Removing interface: batadv_slave_1
[  392.801834][   T77] macsec0: left allmulticast mode
[  392.806896][   T77] veth1_macvtap: left allmulticast mode
[  392.815323][   T77] macsec0: left promiscuous mode
[  392.824821][   T77] bridge0: port 3(macsec0) entered disabled state
[  392.834011][   T77] bridge_slave_1: left allmulticast mode
[  392.839950][   T77] bridge_slave_1: left promiscuous mode
[  392.845841][   T77] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.855768][   T77] bridge_slave_0: left allmulticast mode
[  392.861594][   T77] bridge_slave_0: left promiscuous mode
[  392.868199][   T77] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.904490][   T77] veth1_macvtap: left promiscuous mode
[  392.910533][   T77] veth1_vlan: left promiscuous mode
[  393.517870][   T77] team0 (unregistering): Port device team_slave_1 removed
[  393.605069][   T77] team0 (unregistering): Port device team_slave_0 removed
[  393.656360][   T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  393.739854][   T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.208567][   T77] bond0 (unregistering): Released all slaves
[  394.283565][T12089] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  394.294834][T12253] netlink: 'syz.3.2451': attribute type 7 has an invalid length.
[  394.303457][T12253] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2451'.
[  394.338103][T12089] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  394.367918][T12089] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  394.418931][T12089] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  394.439845][   T50] Bluetooth: hci4: command tx timeout
[  394.735013][T12089] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.797532][T12089] 8021q: adding VLAN 0 to HW filter on device team0
[  394.817902][ T3487] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.825564][ T3487] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.866704][ T3487] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.873907][ T3487] bridge0: port 2(bridge_slave_1) entered forwarding state
[  395.063705][T12089] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  395.426074][T12089] 8021q: adding VLAN 0 to HW filter on device batadv0
[  395.497963][T12089] veth0_vlan: entered promiscuous mode
[  395.515394][T12089] veth1_vlan: entered promiscuous mode
[  395.557538][T12089] veth0_macvtap: entered promiscuous mode
[  395.574442][T12089] veth1_macvtap: entered promiscuous mode
[  395.602749][T12089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  395.616631][T12089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  395.635475][T12089] batman_adv: batadv0: Interface activated: batadv_slave_0
[  395.652375][T12089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  395.663451][T12089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  395.674827][T12089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  395.688635][T12089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  395.698837][T12089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  395.710012][T12089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  395.721743][T12089] batman_adv: batadv0: Interface activated: batadv_slave_1
[  395.737536][T12089] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  395.747460][T12089] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.760806][T12089] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.771979][T12089] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  395.879890][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  395.887861][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  395.926385][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  395.940977][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.352841][T12327] FAULT_INJECTION: forcing a failure.
[  396.352841][T12327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.380865][T12327] CPU: 1 PID: 12327 Comm: syz.2.2463 Not tainted syzkaller #0
[  396.388360][T12327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  396.398442][T12327] Call Trace:
[  396.401744][T12327]  <TASK>
[  396.404690][T12327]  dump_stack_lvl+0x16c/0x230
[  396.409397][T12327]  ? show_regs_print_info+0x20/0x20
[  396.414624][T12327]  ? load_image+0x3b0/0x3b0
[  396.419143][T12327]  ? __might_fault+0xaa/0x120
[  396.424017][T12327]  ? __lock_acquire+0x7c80/0x7c80
[  396.429073][T12327]  ? unix_ioctl+0x254/0x660
[  396.433641][T12327]  should_fail_ex+0x39d/0x4d0
[  396.438362][T12327]  _copy_from_user+0x2f/0xe0
[  396.443007][T12327]  sock_do_ioctl+0x17c/0x2f0
[  396.447634][T12327]  ? sock_show_fdinfo+0xb0/0xb0
[  396.452534][T12327]  sock_ioctl+0x623/0x7a0
[  396.456912][T12327]  ? sock_poll+0x3d0/0x3d0
[  396.461398][T12327]  ? bpf_lsm_file_ioctl+0x9/0x10
[  396.466352][T12327]  ? security_file_ioctl+0x80/0xa0
[  396.471500][T12327]  ? sock_poll+0x3d0/0x3d0
[  396.475974][T12327]  __se_sys_ioctl+0xfd/0x170
[  396.480604][T12327]  do_syscall_64+0x55/0xb0
[  396.485040][T12327]  ? clear_bhb_loop+0x40/0x90
[  396.489740][T12327]  ? clear_bhb_loop+0x40/0x90
[  396.494447][T12327]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  396.500369][T12327] RIP: 0033:0x7f3cefd8eec9
[  396.504806][T12327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.524426][T12327] RSP: 002b:00007f3cedff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  396.532854][T12327] RAX: ffffffffffffffda RBX: 00007f3ceffe5fa0 RCX: 00007f3cefd8eec9
[  396.540839][T12327] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000004
[  396.548815][T12327] RBP: 00007f3cedff6090 R08: 0000000000000000 R09: 0000000000000000
[  396.556798][T12327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.564779][T12327] R13: 00007f3ceffe6038 R14: 00007f3ceffe5fa0 R15: 00007fffb782ec48
[  396.572780][T12327]  </TASK>
[  396.599511][   T50] Bluetooth: hci4: command tx timeout
[  397.088910][ T5789] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  397.101833][ T5789] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  397.110965][ T5789] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  397.119648][ T5789] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  397.127874][ T5789] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  397.135253][ T5789] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  397.348474][   T42] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.504573][   T42] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.598669][T12364] FAULT_INJECTION: forcing a failure.
[  397.598669][T12364] name failslab, interval 1, probability 0, space 0, times 0
[  397.602295][   T42] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.611611][T12364] CPU: 1 PID: 12364 Comm: syz.2.2472 Not tainted syzkaller #0
[  397.629347][T12364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  397.639421][T12364] Call Trace:
[  397.642729][T12364]  <TASK>
[  397.645680][T12364]  dump_stack_lvl+0x16c/0x230
[  397.650388][T12364]  ? show_regs_print_info+0x20/0x20
[  397.655598][T12364]  ? load_image+0x3b0/0x3b0
[  397.660107][T12364]  should_fail_ex+0x39d/0x4d0
[  397.664788][T12364]  should_failslab+0x9/0x20
[  397.669290][T12364]  slab_pre_alloc_hook+0x59/0x310
[  397.674332][T12364]  kmem_cache_alloc+0x5a/0x2e0
[  397.679108][T12364]  ? sctp_get_port_local+0x6b6/0x1610
[  397.684499][T12364]  sctp_get_port_local+0x6b6/0x1610
[  397.689733][T12364]  ? sctp_do_bind+0x9a0/0x9a0
[  397.694496][T12364]  ? sctp_bind_addr_match+0x30/0x2a0
[  397.699920][T12364]  sctp_do_bind+0x553/0x9a0
[  397.704469][T12364]  sctp_connect_new_asoc+0x256/0x690
[  397.709788][T12364]  ? __sctp_connect+0xd20/0xd20
[  397.714857][T12364]  ? __local_bh_enable_ip+0x12e/0x1c0
[  397.720314][T12364]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  397.725914][T12364]  ? security_sctp_bind_connect+0x89/0xb0
[  397.731669][T12364]  sctp_sendmsg+0x155c/0x27e0
[  397.736408][T12364]  ? sctp_getsockopt+0xb60/0xb60
[  397.741385][T12364]  ? aa_sk_perm+0x7fc/0x930
[  397.745969][T12364]  ? aa_af_perm+0x2b0/0x2b0
[  397.750609][T12364]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  397.757077][T12364]  ? sock_rps_record_flow+0x19/0x400
[  397.762398][T12364]  ? inet_send_prepare+0x260/0x260
[  397.767541][T12364]  ? inet_sendmsg+0xe9/0x2f0
[  397.772167][T12364]  ? inet_send_prepare+0x260/0x260
[  397.777315][T12364]  ____sys_sendmsg+0x5bf/0x950
[  397.782144][T12364]  ? __asan_memset+0x22/0x40
[  397.786806][T12364]  ? __sys_sendmsg_sock+0x30/0x30
[  397.791872][T12364]  ? __import_iovec+0x5f2/0x860
[  397.796773][T12364]  ? import_iovec+0x73/0xa0
[  397.801322][T12364]  ___sys_sendmsg+0x220/0x290
[  397.806062][T12364]  ? __sys_sendmsg+0x270/0x270
[  397.810889][T12364]  ? __lock_acquire+0x7c80/0x7c80
[  397.815970][T12364]  __se_sys_sendmsg+0x1a5/0x270
[  397.820850][T12364]  ? __x64_sys_sendmsg+0x80/0x80
[  397.825851][T12364]  ? lockdep_hardirqs_on+0x98/0x150
[  397.831095][T12364]  do_syscall_64+0x55/0xb0
[  397.835545][T12364]  ? clear_bhb_loop+0x40/0x90
[  397.840247][T12364]  ? clear_bhb_loop+0x40/0x90
[  397.844948][T12364]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  397.850864][T12364] RIP: 0033:0x7f3cefd8eec9
[  397.855304][T12364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.874929][T12364] RSP: 002b:00007f3cedff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  397.883375][T12364] RAX: ffffffffffffffda RBX: 00007f3ceffe5fa0 RCX: 00007f3cefd8eec9
[  397.891392][T12364] RDX: 00000000000000c9 RSI: 0000200000002dc0 RDI: 0000000000000003
[  397.899394][T12364] RBP: 00007f3cedff6090 R08: 0000000000000000 R09: 0000000000000000
[  397.907383][T12364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.915369][T12364] R13: 00007f3ceffe6038 R14: 00007f3ceffe5fa0 R15: 00007fffb782ec48
[  397.923382][T12364]  </TASK>
[  397.985263][   T42] : (slave netdevsim0): Releasing backup interface
[  397.997876][   T42] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.098588][T12370] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2474'.
[  398.223496][T12348] chnl_net:caif_netlink_parms(): no params data found
[  398.269209][T12376] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2475'.
[  398.314781][T12375] FAULT_INJECTION: forcing a failure.
[  398.314781][T12375] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  398.336283][T12375] CPU: 0 PID: 12375 Comm: syz.2.2475 Not tainted syzkaller #0
[  398.343794][T12375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  398.353882][T12375] Call Trace:
[  398.357185][T12375]  <TASK>
[  398.360147][T12375]  dump_stack_lvl+0x16c/0x230
[  398.364866][T12375]  ? show_regs_print_info+0x20/0x20
[  398.370106][T12375]  ? load_image+0x3b0/0x3b0
[  398.374628][T12375]  ? __lock_acquire+0x7c80/0x7c80
[  398.379682][T12375]  ? mark_lock+0x94/0x320
[  398.384025][T12375]  should_fail_ex+0x39d/0x4d0
[  398.388710][T12375]  prepare_alloc_pages+0x1e2/0x5f0
[  398.393839][T12375]  __alloc_pages+0x127/0x460
[  398.398452][T12375]  ? zone_statistics+0x170/0x170
[  398.403419][T12375]  ? do_wp_page+0x826/0x3630
[  398.408021][T12375]  ? do_wp_page+0x1024/0x3630
[  398.412717][T12375]  __folio_alloc+0x10/0x20
[  398.417155][T12375]  vma_alloc_folio+0x47a/0x8f0
[  398.421964][T12375]  do_wp_page+0x128e/0x3630
[  398.426532][T12375]  ? folio_put+0xd0/0xd0
[  398.430803][T12375]  ? do_raw_spin_lock+0x121/0x2c0
[  398.435861][T12375]  ? __rwlock_init+0x150/0x150
[  398.440656][T12375]  ? handle_mm_fault+0xd1/0x4920
[  398.445624][T12375]  handle_mm_fault+0x12d4/0x4920
[  398.450602][T12375]  ? handle_mm_fault+0xd1/0x4920
[  398.455588][T12375]  ? numa_migrate_prep+0x350/0x350
[  398.460734][T12375]  ? lock_mm_and_find_vma+0x9c/0x300
[  398.466043][T12375]  do_user_addr_fault+0x738/0x12e0
[  398.471201][T12375]  exc_page_fault+0x67/0x110
[  398.475834][T12375]  asm_exc_page_fault+0x26/0x30
[  398.480704][T12375] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  398.486540][T12375] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  398.506171][T12375] RSP: 0018:ffffc90003467630 EFLAGS: 00050202
[  398.512291][T12375] RAX: ffffffff841c9f01 RBX: 0000000000000e50 RCX: 0000000000000e50
[  398.520287][T12375] RDX: 0000000000000000 RSI: ffff88807a94e000 RDI: 0000200000002640
[  398.528273][T12375] RBP: ffffc900034677c0 R08: ffff88807a94ee4f R09: 1ffff1100f529dc9
[  398.536261][T12375] R10: dffffc0000000000 R11: ffffed100f529dca R12: 0000200000003490
[  398.544255][T12375] R13: ffffc90003467e40 R14: 0000200000002640 R15: ffff88807a94e000
[  398.552348][T12375]  ? _copy_to_iter+0x10b1/0x10d0
[  398.557347][T12375]  copyout+0x70/0x90
[  398.561284][T12375]  _copy_to_iter+0x432/0x10d0
[  398.566001][T12375]  ? iov_iter_init+0x1e0/0x1e0
[  398.570795][T12375]  ? __virt_addr_valid+0x18c/0x540
[  398.575950][T12375]  ? __virt_addr_valid+0x469/0x540
[  398.581081][T12375]  ? __phys_addr_symbol+0x2f/0x70
[  398.586137][T12375]  __skb_datagram_iter+0xdb/0x780
[  398.591196][T12375]  ? skb_copy_datagram_iter+0x200/0x200
[  398.596779][T12375]  skb_copy_datagram_iter+0xb1/0x200
[  398.602109][T12375]  netlink_recvmsg+0x2c5/0xdf0
[  398.606909][T12375]  ? netlink_sendmsg+0xbe0/0xbe0
[  398.611878][T12375]  ? aa_sk_perm+0x7fc/0x930
[  398.616423][T12375]  ? aa_af_perm+0x2b0/0x2b0
[  398.620975][T12375]  ? __lock_acquire+0x1260/0x7c80
[  398.626018][T12375]  ? verify_lock_unused+0x140/0x140
[  398.631239][T12375]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  398.636557][T12375]  ? security_socket_recvmsg+0x89/0xb0
[  398.642030][T12375]  ? netlink_sendmsg+0xbe0/0xbe0
[  398.647009][T12375]  ____sys_recvmsg+0x29e/0x5b0
[  398.651806][T12375]  ? __sys_recvmsg_sock+0x50/0x50
[  398.656874][T12375]  ? import_iovec+0x73/0xa0
[  398.661450][T12375]  ___sys_recvmsg+0x1b6/0x510
[  398.666160][T12375]  ? __sys_recvmsg+0x270/0x270
[  398.670960][T12375]  ? ksys_write+0x1c1/0x250
[  398.675516][T12375]  ? __fget_files+0x44a/0x4d0
[  398.680258][T12375]  __x64_sys_recvmsg+0x1f2/0x2c0
[  398.685242][T12375]  ? ___sys_recvmsg+0x510/0x510
[  398.690154][T12375]  ? lockdep_hardirqs_on+0x98/0x150
[  398.695385][T12375]  do_syscall_64+0x55/0xb0
[  398.699827][T12375]  ? clear_bhb_loop+0x40/0x90
[  398.704518][T12375]  ? clear_bhb_loop+0x40/0x90
[  398.709217][T12375]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  398.715145][T12375] RIP: 0033:0x7f3cefd8eec9
[  398.719583][T12375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.739208][T12375] RSP: 002b:00007f3cedff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  398.747646][T12375] RAX: ffffffffffffffda RBX: 00007f3ceffe5fa0 RCX: 00007f3cefd8eec9
[  398.755635][T12375] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000003
[  398.763621][T12375] RBP: 00007f3cedff6090 R08: 0000000000000000 R09: 0000000000000000
[  398.771611][T12375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.779605][T12375] R13: 00007f3ceffe6038 R14: 00007f3ceffe5fa0 R15: 00007fffb782ec48
[  398.787605][T12375]  </TASK>
[  398.863116][T12375] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2475'.
[  399.035165][T12348] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.053660][T12348] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.063358][T12348] bridge_slave_0: entered allmulticast mode
[  399.073509][T12348] bridge_slave_0: entered promiscuous mode
[  399.083045][T12348] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.091461][T12348] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.098627][T12348] bridge_slave_1: entered allmulticast mode
[  399.112072][T12348] bridge_slave_1: entered promiscuous mode
[  399.234035][   T50] Bluetooth: hci0: command tx timeout
[  399.402167][T12348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  399.428466][T12348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  399.663356][T12348] team0: Port device team_slave_0 added
[  399.700077][T12348] team0: Port device team_slave_1 added
[  399.908359][T12416] netlink: 'syz.3.2483': attribute type 10 has an invalid length.
[  399.919075][T12416] veth1_macvtap: left promiscuous mode
[  400.041398][T12348] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.055699][T12348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.114170][T12348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.196060][T12348] batman_adv: batadv0: Adding interface: batadv_slave_1
[  400.205055][T12348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.233997][T12348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  400.590718][T12348] hsr_slave_0: entered promiscuous mode
[  400.604078][T12348] hsr_slave_1: entered promiscuous mode
[  400.616768][T12348] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  400.625184][T12348] Cannot create hsr debugfs directory
[  400.656815][T12439] batman_adv: batadv0: adding TT local entry 06:e1:05:00:07:00 to non-existent VLAN 768
[  400.778195][T12438] bridge_slave_1: left allmulticast mode
[  400.786039][T12442] FAULT_INJECTION: forcing a failure.
[  400.786039][T12442] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  400.786071][T12442] CPU: 1 PID: 12442 Comm: syz.2.2493 Not tainted syzkaller #0
[  400.786092][T12442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  400.786106][T12442] Call Trace:
[  400.786115][T12442]  <TASK>
[  400.786126][T12442]  dump_stack_lvl+0x16c/0x230
[  400.786173][T12442]  ? show_regs_print_info+0x20/0x20
[  400.786204][T12442]  ? load_image+0x3b0/0x3b0
[  400.786240][T12442]  ? __might_fault+0xaa/0x120
[  400.786274][T12442]  should_fail_ex+0x39d/0x4d0
[  400.786315][T12442]  copyin+0x1a/0x90
[  400.786347][T12442]  _copy_from_iter+0x404/0x1290
[  400.786401][T12442]  ? copyout_mc+0x70/0x70
[  400.786448][T12442]  ? dev_get_by_index+0x22/0x2d0
[  400.786480][T12442]  ? dev_get_by_index+0x22/0x2d0
[  400.786526][T12442]  packet_sendmsg+0x2df4/0x4d30
[  400.786562][T12442]  ? aa_sk_perm+0x930/0x930
[  400.786629][T12442]  ? __might_sleep+0xe0/0xe0
[  400.786657][T12442]  ? perf_trace_lock_acquire+0x32a/0x3e0
[  400.786706][T12442]  ? trace_event_raw_event_lock_acquire+0x2a0/0x2a0
[  400.786750][T12442]  ? aa_sk_perm+0x7fc/0x930
[  400.786785][T12442]  ? packet_getsockopt+0xa20/0xa20
[  400.786830][T12442]  ? aa_sock_msg_perm+0x94/0x150
[  400.786861][T12442]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  400.786886][T12442]  ? security_socket_sendmsg+0x80/0xa0
[  400.786911][T12442]  ? packet_getsockopt+0xa20/0xa20
[  400.786939][T12442]  ____sys_sendmsg+0x5bf/0x950
[  400.786985][T12442]  ? __asan_memset+0x22/0x40
[  400.787014][T12442]  ? __sys_sendmsg_sock+0x30/0x30
[  400.787042][T12442]  ? __import_iovec+0x3fa/0x860
[  400.787092][T12442]  ? import_iovec+0x73/0xa0
[  400.787131][T12442]  ___sys_sendmsg+0x220/0x290
[  400.787175][T12442]  ? __sys_sendmsg+0x270/0x270
[  400.787251][T12442]  ? __lock_acquire+0x7c80/0x7c80
[  400.787326][T12442]  __se_sys_sendmsg+0x1a5/0x270
[  400.787364][T12442]  ? __x64_sys_sendmsg+0x80/0x80
[  400.787428][T12442]  ? lockdep_hardirqs_on+0x98/0x150
[  400.787470][T12442]  do_syscall_64+0x55/0xb0
[  400.787496][T12442]  ? clear_bhb_loop+0x40/0x90
[  400.787518][T12442]  ? clear_bhb_loop+0x40/0x90
[  400.787546][T12442]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  400.787568][T12442] RIP: 0033:0x7f3cefd8eec9
[  400.787589][T12442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.787609][T12442] RSP: 002b:00007f3cedff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  400.787635][T12442] RAX: ffffffffffffffda RBX: 00007f3ceffe5fa0 RCX: 00007f3cefd8eec9
[  400.787652][T12442] RDX: 0000000020000800 RSI: 0000200000000200 RDI: 0000000000000004
[  400.787667][T12442] RBP: 00007f3cedff6090 R08: 0000000000000000 R09: 0000000000000000
[  400.787682][T12442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.787696][T12442] R13: 00007f3ceffe6038 R14: 00007f3ceffe5fa0 R15: 00007fffb782ec48
[  400.787743][T12442]  </TASK>
[  401.135436][T12438] bridge_slave_1: left promiscuous mode
[  401.160720][T12438] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.197664][T12438] bridge_slave_0: left allmulticast mode
[  401.214687][T12438] bridge_slave_0: left promiscuous mode
[  401.231977][T12438] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.309782][   T50] Bluetooth: hci0: command tx timeout
[  401.516927][T12452] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.2495'.
[  401.527514][T12456] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2496'.
[  401.910089][T12469] netlink: 'syz.0.2497': attribute type 10 has an invalid length.
[  401.926095][T12469] veth1_macvtap: left promiscuous mode
[  402.525491][T12484] netlink: 'syz.0.2502': attribute type 10 has an invalid length.
[  402.703632][T12484] team0: Port device wlan1 added
[  402.738991][   T42] hsr_slave_0: left promiscuous mode
[  402.745355][   T42] hsr_slave_1: left promiscuous mode
[  402.773088][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  402.789750][   T42] batman_adv: batadv0: Removing interface: batadv_slave_0
[  402.798183][T12483] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  402.810418][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  402.818904][   T42] batman_adv: batadv0: Removing interface: batadv_slave_1
[  402.827379][   T42] macsec0: left allmulticast mode
[  402.834884][   T42] veth1_macvtap: left allmulticast mode
[  402.847512][   T42] macsec0: left promiscuous mode
[  402.858561][   T42] bridge0: port 3(macsec0) entered disabled state
[  402.879693][T12484] syz.0.2502 (12484) used greatest stack depth: 16936 bytes left
[  402.888328][   T42] bridge_slave_1: left allmulticast mode
[  402.902340][   T42] bridge_slave_1: left promiscuous mode
[  402.936026][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.950721][   T42] bridge_slave_0: left allmulticast mode
[  402.957566][   T42] bridge_slave_0: left promiscuous mode
[  402.969048][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.072791][   T42] veth1_macvtap: left promiscuous mode
[  403.081079][   T42] veth1_vlan: left promiscuous mode
[  403.390159][   T50] Bluetooth: hci0: command tx timeout
[  403.566655][   T42] team0 (unregistering): Port device macvlan1 removed
[  403.769263][   T42] team0 (unregistering): Port device team_slave_1 removed
[  403.809079][   T42] team0 (unregistering): Port device team_slave_0 removed
[  403.845705][   T42]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  403.882488][   T42]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  404.257686][   T42]  (unregistering): Released all slaves
[  404.315406][T12491] IPv6: Can't replace route, no match found
[  404.699103][T12522] netlink: 'syz.2.2510': attribute type 10 has an invalid length.
[  404.724791][T12522] veth1_macvtap: left promiscuous mode
[  404.790597][T12526] netlink: 'syz.3.2513': attribute type 10 has an invalid length.
[  404.810241][T12525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  404.821229][T12348] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  404.849622][T12348] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  404.882870][T12348] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  404.911199][T12348] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  405.005864][T12535] FAULT_INJECTION: forcing a failure.
[  405.005864][T12535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.053574][T12535] CPU: 0 PID: 12535 Comm: syz.0.2515 Not tainted syzkaller #0
[  405.061088][T12535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  405.071174][T12535] Call Trace:
[  405.074494][T12535]  <TASK>
[  405.077464][T12535]  dump_stack_lvl+0x16c/0x230
[  405.082183][T12535]  ? show_regs_print_info+0x20/0x20
[  405.087443][T12535]  ? load_image+0x3b0/0x3b0
[  405.091981][T12535]  ? __might_fault+0xaa/0x120
[  405.096689][T12535]  ? __lock_acquire+0x7c80/0x7c80
[  405.101750][T12535]  ? __virt_addr_valid+0x18c/0x540
[  405.106902][T12535]  should_fail_ex+0x39d/0x4d0
[  405.111626][T12535]  _copy_from_user+0x2f/0xe0
[  405.116259][T12535]  bpf_prog_test_run_skb+0x259/0x11c0
[  405.121672][T12535]  ? __fget_files+0x28/0x4d0
[  405.126294][T12535]  ? __fget_files+0x44a/0x4d0
[  405.131023][T12535]  ? cpu_online+0x60/0x60
[  405.135410][T12535]  bpf_prog_test_run+0x321/0x390
[  405.140384][T12535]  __sys_bpf+0x440/0x800
[  405.144664][T12535]  ? bpf_link_show_fdinfo+0x350/0x350
[  405.150113][T12535]  ? lock_chain_count+0x20/0x20
[  405.155014][T12535]  __x64_sys_bpf+0x7c/0x90
[  405.159472][T12535]  do_syscall_64+0x55/0xb0
[  405.163919][T12535]  ? clear_bhb_loop+0x40/0x90
[  405.168624][T12535]  ? clear_bhb_loop+0x40/0x90
[  405.173333][T12535]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  405.179278][T12535] RIP: 0033:0x7f4cb078eec9
[  405.183725][T12535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.203373][T12535] RSP: 002b:00007f4cb1553038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  405.211938][T12535] RAX: ffffffffffffffda RBX: 00007f4cb09e5fa0 RCX: 00007f4cb078eec9
[  405.219942][T12535] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  405.227946][T12535] RBP: 00007f4cb1553090 R08: 0000000000000000 R09: 0000000000000000
[  405.235951][T12535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.243953][T12535] R13: 00007f4cb09e6038 R14: 00007f4cb09e5fa0 R15: 00007fff79822098
[  405.251974][T12535]  </TASK>
[  405.421920][T12348] 8021q: adding VLAN 0 to HW filter on device bond0
[  405.470167][   T50] Bluetooth: hci0: command tx timeout
[  405.523253][T12348] 8021q: adding VLAN 0 to HW filter on device team0
[  405.593290][T12552] IPv6: Can't replace route, no match found
[  405.643622][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.650863][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[  405.751670][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.758889][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  406.023963][T12569] netlink: 'syz.2.2522': attribute type 10 has an invalid length.
[  406.172851][T12569] team0: Port device wlan1 added
[  406.303698][T12579] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2526'.
[  406.324922][T12579] netlink: 'syz.0.2526': attribute type 12 has an invalid length.
[  406.339206][T12567] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  406.343504][T12579] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2526'.
[  406.406400][T12582] IPv6: Can't replace route, no match found
[  406.418200][T12348] 8021q: adding VLAN 0 to HW filter on device batadv0
[  406.525945][T12348] veth0_vlan: entered promiscuous mode
[  406.575109][T12348] veth1_vlan: entered promiscuous mode
[  406.637338][T12348] veth0_macvtap: entered promiscuous mode
[  406.651331][T12586] netlink: 64019 bytes leftover after parsing attributes in process `syz.2.2536'.
[  406.667818][T12348] veth1_macvtap: entered promiscuous mode
[  406.704372][T12348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  406.723891][T12348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  406.738996][T12348] batman_adv: batadv0: Interface activated: batadv_slave_0
[  406.751102][T12589] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2529'.
[  406.765431][T12591] netlink: 'syz.0.2530': attribute type 19 has an invalid length.
[  406.793133][T12348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  406.836714][T12348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  406.851768][T12348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  406.865190][T12348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  406.878063][T12348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  406.891170][T12348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  406.907666][T12348] batman_adv: batadv0: Interface activated: batadv_slave_1
[  406.932578][T12348] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  406.947358][T12348] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  406.964018][T12348] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  406.975185][T12348] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  407.116753][T12599] delete_channel: no stack
[  407.119188][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.136415][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.176749][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.186321][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.290844][T12603] delete_channel: no stack
[  407.302391][T12606] syz.1.2469[12606] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  407.302605][T12606] syz.1.2469[12606] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  407.319330][T12606] netlink: 14593 bytes leftover after parsing attributes in process `syz.1.2469'.
[  407.495554][T12612] IPv6: Can't replace route, no match found
[  408.601569][   T77] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.703741][   T77] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.761523][   T77] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.866729][   T77] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  409.649306][   T77] 
[  409.651684][   T77] ======================================================
[  409.658777][   T77] WARNING: possible circular locking dependency detected
[  409.665794][   T77] syzkaller #0 Not tainted
[  409.670201][   T77] ------------------------------------------------------
[  409.677219][   T77] kworker/u4:4/77 is trying to acquire lock:
[  409.683201][   T77] ffff88802ee40d00 (team->team_lock_key#3){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  409.692785][   T77] 
[  409.692785][   T77] but task is already holding lock:
[  409.700153][   T77] ffff88801fb00768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  409.710539][   T77] 
[  409.710539][   T77] which lock already depends on the new lock.
[  409.710539][   T77] 
[  409.720955][   T77] 
[  409.720955][   T77] the existing dependency chain (in reverse order) is:
[  409.729974][   T77] 
[  409.729974][   T77] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  409.737702][   T77]        __mutex_lock+0x129/0xcc0
[  409.742731][   T77]        ieee80211_open+0x144/0x200
[  409.747938][   T77]        __dev_open+0x2bc/0x430
[  409.752788][   T77]        dev_open+0xab/0x170
[  409.757400][   T77]        team_add_slave+0xae7/0x2660
[  409.762712][   T77]        do_setlink+0xe14/0x3fb0
[  409.767675][   T77]        rtnl_newlink+0x175b/0x2020
[  409.772880][   T77]        rtnetlink_rcv_msg+0x7c7/0xf10
[  409.778342][   T77]        netlink_rcv_skb+0x216/0x480
[  409.783645][   T77]        netlink_unicast+0x751/0x8d0
[  409.788925][   T77]        netlink_sendmsg+0x8c1/0xbe0
[  409.794208][   T77]        ____sys_sendmsg+0x5bf/0x950
[  409.799498][   T77]        ___sys_sendmsg+0x220/0x290
[  409.804706][   T77]        __se_sys_sendmsg+0x1a5/0x270
[  409.810079][   T77]        do_syscall_64+0x55/0xb0
[  409.815016][   T77]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  409.821528][   T77] 
[  409.821528][   T77] -> #0 (team->team_lock_key#3){+.+.}-{3:3}:
[  409.829694][   T77]        __lock_acquire+0x2ddb/0x7c80
[  409.835080][   T77]        lock_acquire+0x197/0x410
[  409.840106][   T77]        __mutex_lock+0x129/0xcc0
[  409.845142][   T77]        team_del_slave+0x32/0x1c0
[  409.850256][   T77]        team_device_event+0x28d/0xa20
[  409.855713][   T77]        notifier_call_chain+0x197/0x390
[  409.861342][   T77]        unregister_netdevice_many_notify+0xf36/0x1810
[  409.868189][   T77]        unregister_netdevice_queue+0x324/0x360
[  409.874431][   T77]        _cfg80211_unregister_wdev+0x16b/0x580
[  409.880593][   T77]        ieee80211_remove_interfaces+0x496/0x680
[  409.886936][   T77]        ieee80211_unregister_hw+0x5d/0x2a0
[  409.892835][   T77]        mac80211_hwsim_del_radio+0x274/0x450
[  409.898897][   T77]        hwsim_exit_net+0x585/0x640
[  409.904087][   T77]        cleanup_net+0x6f4/0xb90
[  409.909017][   T77]        process_scheduled_works+0xa45/0x15b0
[  409.915081][   T77]        worker_thread+0xa55/0xfc0
[  409.920197][   T77]        kthread+0x2fa/0x390
[  409.924787][   T77]        ret_from_fork+0x48/0x80
[  409.929753][   T77]        ret_from_fork_asm+0x11/0x20
[  409.935034][   T77] 
[  409.935034][   T77] other info that might help us debug this:
[  409.935034][   T77] 
[  409.945262][   T77]  Possible unsafe locking scenario:
[  409.945262][   T77] 
[  409.952709][   T77]        CPU0                    CPU1
[  409.958067][   T77]        ----                    ----
[  409.963435][   T77]   lock(&rdev->wiphy.mtx);
[  409.967934][   T77]                                lock(team->team_lock_key#3);
[  409.975387][   T77]                                lock(&rdev->wiphy.mtx);
[  409.982403][   T77]   lock(team->team_lock_key#3);
[  409.987356][   T77] 
[  409.987356][   T77]  *** DEADLOCK ***
[  409.987356][   T77] 
[  409.995488][   T77] 5 locks held by kworker/u4:4/77:
[  410.000594][   T77]  #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  410.011487][   T77]  #1: ffffc900024bfd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  410.022008][   T77]  #2: ffffffff8dfae850 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90
[  410.031404][   T77]  #3: ffffffff8dfbb688 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[  410.041250][   T77]  #4: ffff88801fb00768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  410.052032][   T77] 
[  410.052032][   T77] stack backtrace:
[  410.057911][   T77] CPU: 1 PID: 77 Comm: kworker/u4:4 Not tainted syzkaller #0
[  410.065272][   T77] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  410.075324][   T77] Workqueue: netns cleanup_net
[  410.080170][   T77] Call Trace:
[  410.083450][   T77]  <TASK>
[  410.086389][   T77]  dump_stack_lvl+0x16c/0x230
[  410.091088][   T77]  ? load_image+0x3b0/0x3b0
[  410.095601][   T77]  ? show_regs_print_info+0x20/0x20
[  410.100805][   T77]  ? print_circular_bug+0x12b/0x1a0
[  410.106019][   T77]  check_noncircular+0x2bd/0x3c0
[  410.110961][   T77]  ? print_deadlock_bug+0x5d0/0x5d0
[  410.116160][   T77]  ? lockdep_lock+0xe0/0x220
[  410.120754][   T77]  ? __lock_acquire+0x1334/0x7c80
[  410.125783][   T77]  ? _find_first_zero_bit+0xd3/0x100
[  410.131086][   T77]  __lock_acquire+0x2ddb/0x7c80
[  410.135963][   T77]  ? verify_lock_unused+0x140/0x140
[  410.141170][   T77]  ? verify_lock_unused+0x140/0x140
[  410.146382][   T77]  lock_acquire+0x197/0x410
[  410.150885][   T77]  ? team_del_slave+0x32/0x1c0
[  410.155648][   T77]  ? __might_sleep+0xe0/0xe0
[  410.160239][   T77]  ? read_lock_is_recursive+0x20/0x20
[  410.165622][   T77]  __mutex_lock+0x129/0xcc0
[  410.170134][   T77]  ? team_del_slave+0x32/0x1c0
[  410.174896][   T77]  ? __lock_acquire+0x7c80/0x7c80
[  410.179916][   T77]  ? rcu_is_watching+0x15/0xb0
[  410.184686][   T77]  ? trace_contention_end+0x39/0xe0
[  410.189920][   T77]  ? __mutex_lock+0x304/0xcc0
[  410.194599][   T77]  ? team_del_slave+0x32/0x1c0
[  410.199349][   T77]  ? mutex_lock_nested+0x20/0x20
[  410.204292][   T77]  ? bond_netdev_event+0xe1/0xef0
[  410.209316][   T77]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  410.214947][   T77]  ? bond_ipsec_offload_ok+0x410/0x410
[  410.220454][   T77]  team_del_slave+0x32/0x1c0
[  410.225059][   T77]  team_device_event+0x28d/0xa20
[  410.229997][   T77]  notifier_call_chain+0x197/0x390
[  410.235114][   T77]  unregister_netdevice_many_notify+0xf36/0x1810
[  410.241460][   T77]  ? lock_chain_count+0x20/0x20
[  410.246328][   T77]  ? unregister_netdevice_many+0x20/0x20
[  410.251989][   T77]  ? kernfs_remove_by_name_ns+0x117/0x150
[  410.257708][   T77]  ? __lock_acquire+0x7c80/0x7c80
[  410.262733][   T77]  unregister_netdevice_queue+0x324/0x360
[  410.268461][   T77]  ? list_netdevice+0x730/0x730
[  410.273362][   T77]  ? kernfs_remove_by_name_ns+0x117/0x150
[  410.279096][   T77]  _cfg80211_unregister_wdev+0x16b/0x580
[  410.284729][   T77]  ieee80211_remove_interfaces+0x496/0x680
[  410.290539][   T77]  ? ieee80211_do_stop+0x1db0/0x1db0
[  410.295830][   T77]  ? rcu_is_watching+0x15/0xb0
[  410.300597][   T77]  ieee80211_unregister_hw+0x5d/0x2a0
[  410.305981][   T77]  mac80211_hwsim_del_radio+0x274/0x450
[  410.311519][   T77]  ? rhashtable_remove_fast+0xbf0/0xbf0
[  410.317068][   T77]  hwsim_exit_net+0x585/0x640
[  410.321739][   T77]  ? hwsim_init_net+0x90/0x90
[  410.326409][   T77]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[  410.332207][   T77]  cleanup_net+0x6f4/0xb90
[  410.336624][   T77]  ? ops_free_list+0x3b0/0x3b0
[  410.341389][   T77]  ? _raw_spin_unlock_irq+0x23/0x50
[  410.346573][   T77]  ? process_scheduled_works+0x957/0x15b0
[  410.352293][   T77]  ? process_scheduled_works+0x957/0x15b0
[  410.358010][   T77]  process_scheduled_works+0xa45/0x15b0
[  410.363558][   T77]  ? assign_work+0x400/0x400
[  410.368143][   T77]  ? assign_work+0x39e/0x400
[  410.372735][   T77]  worker_thread+0xa55/0xfc0
[  410.377336][   T77]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  410.383253][   T77]  ? _raw_spin_unlock+0x40/0x40
[  410.388104][   T77]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  410.393997][   T77]  kthread+0x2fa/0x390
[  410.398068][   T77]  ? pr_cont_work+0x560/0x560
[  410.402746][   T77]  ? kthread_blkcg+0xd0/0xd0
[  410.407330][   T77]  ret_from_fork+0x48/0x80
[  410.411738][   T77]  ? kthread_blkcg+0xd0/0xd0
[  410.416312][   T77]  ret_from_fork_asm+0x11/0x20
[  410.421078][   T77]  </TASK>
[  410.427119][   T77] team0: Port device wlan1 removed
[  410.529507][   T77] hsr_slave_0: left promiscuous mode
[  410.535313][   T77] hsr_slave_1: left promiscuous mode
[  410.541145][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  410.548528][   T77] batman_adv: batadv0: Removing interface: batadv_slave_0
[  410.556030][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  410.565295][   T77] batman_adv: batadv0: Removing interface: batadv_slave_1
[  410.574575][   T77] veth1_vlan: left promiscuous mode
[  410.636083][   T77] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  410.773166][   T77] team0 (unregistering): Port device team_slave_1 removed
[  410.800655][   T77] team0 (unregistering): Port device team_slave_0 removed
[  410.823466][   T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  410.837235][   T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.906556][   T77] team0 (unregistering): Port device dummy0 removed
[  410.933999][   T77] bond0 (unregistering): Released all slaves
[  411.327900][   T77] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.374418][   T77] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.424682][   T77] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.484029][   T77] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.550878][   T77] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.614843][   T77] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.664687][   T77] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.715850][   T77] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.793839][   T77] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.855501][   T77] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.904036][   T77] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.944642][   T77] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.740449][   T77] team0: Port device wlan1 removed
[  412.856383][   T77] team0: Port device wlan1 removed
[  412.972486][   T77] hsr_slave_0: left promiscuous mode
[  412.978167][   T77] hsr_slave_1: left promiscuous mode
[  412.984210][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  412.993415][   T77] batman_adv: batadv0: Removing interface: batadv_slave_0
[  413.001017][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  413.008399][   T77] batman_adv: batadv0: Removing interface: batadv_slave_1
[  413.017146][   T77] bridge_slave_1: left allmulticast mode
[  413.022825][   T77] bridge_slave_1: left promiscuous mode
[  413.028485][   T77] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.036783][   T77] bridge_slave_0: left allmulticast mode
[  413.042551][   T77] bridge_slave_0: left promiscuous mode
[  413.048207][   T77] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.059118][   T77] hsr_slave_0: left promiscuous mode
[  413.064848][   T77] hsr_slave_1: left promiscuous mode
[  413.070854][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  413.078247][   T77] batman_adv: batadv0: Removing interface: batadv_slave_0
[  413.085788][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  413.093248][   T77] batman_adv: batadv0: Removing interface: batadv_slave_1
[  413.102298][   T77] bridge_slave_1: left allmulticast mode
[  413.107938][   T77] bridge_slave_1: left promiscuous mode
[  413.113651][   T77] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.121829][   T77] bridge_slave_0: left allmulticast mode
[  413.127465][   T77] bridge_slave_0: left promiscuous mode
[  413.133302][   T77] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.144328][   T77] hsr_slave_0: left promiscuous mode
[  413.150756][   T77] hsr_slave_1: left promiscuous mode
[  413.156492][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  413.163948][   T77] batman_adv: batadv0: Removing interface: batadv_slave_0
[  413.171860][   T77] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  413.179244][   T77] batman_adv: batadv0: Removing interface: batadv_slave_1
[  413.187211][   T77] bridge_slave_1: left allmulticast mode
[  413.192880][   T77] bridge_slave_1: left promiscuous mode
[  413.198536][   T77] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.207304][   T77] bridge_slave_0: left allmulticast mode
[  413.213062][   T77] bridge_slave_0: left promiscuous mode
[  413.218716][   T77] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.231968][   T77] veth1_macvtap: left promiscuous mode
[  413.237462][   T77] veth0_macvtap: left promiscuous mode
[  413.243039][   T77] veth1_vlan: left promiscuous mode
[  413.248301][   T77] veth0_vlan: left promiscuous mode
[  413.254451][   T77] veth0_macvtap: left promiscuous mode
[  413.260282][   T77] veth1_vlan: left promiscuous mode
[  413.265535][   T77] veth0_vlan: left promiscuous mode
[  413.272661][   T77] veth0_macvtap: left promiscuous mode
[  413.278207][   T77] veth1_vlan: left promiscuous mode
[  413.283720][   T77] veth0_vlan: left promiscuous mode
[  413.597759][   T77] team0 (unregistering): Port device team_slave_1 removed
[  413.618937][   T77] team0 (unregistering): Port device team_slave_0 removed
[  413.647457][   T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  413.669243][   T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  413.735050][   T77] bond0 (unregistering): Released all slaves
[  413.895293][   T77] team0 (unregistering): Port device team_slave_1 removed
[  413.916957][   T77] team0 (unregistering): Port device team_slave_0 removed
[  413.941185][   T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  413.954527][   T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  414.018956][   T77] bond0 (unregistering): Released all slaves
[  414.192659][   T77] team0 (unregistering): Port device team_slave_1 removed
[  414.214230][   T77] team0 (unregistering): Port device team_slave_0 removed
[  414.235497][   T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  414.266823][   T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  414.334721][   T77] bond0 (unregistering): Released all slaves