last executing test programs:

4.809807729s ago: executing program 1 (id=9209):
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x0, 0x3ff78000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00'}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2000000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e002700100000000280000012", 0x2d}], 0x1}, 0x40000)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)}], 0x1, 0x0, 0x0, 0xc3ff}, 0x0)
perf_event_open(&(0x7f0000001240)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="9fcb010018000000000000000c0000000c00000009"], 0x0, 0x2d, 0x0, 0x1, 0x4}, 0x28)
r4 = socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r7, 0x400454d9, &(0x7f0000000280)={'veth1_to_bridge\x00', 0x400})
ioctl$TUNSETQUEUE(r7, 0x400454d9, &(0x7f0000000280)={'wlan0\x00', 0x400})
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41ff, 0x2122, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x80000, 0x1, 0x8, 0x0, 0x3}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r5, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
r9 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r9, 0x1, 0x41, &(0x7f0000000040)=r8, 0x4)
sendmsg$kcm(r9, &(0x7f0000000580)={&(0x7f00000001c0)=@in6={0xa, 0x4e21, 0x4, @mcast2, 0x9}, 0x80, 0x0}, 0x4000080)
sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1f, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800004001000000000000000000000095000000000000006438bf8db1377570b99c435bc1d0448bb8a6f62fc37b7672769a5e8ea6b7b828ddba7bfd6de7b6f832c19e04122d399034525ac9d1c6d2a1e3a4147bb93009239abdcd3993e07c707a982a1c43ad909863bcc31c40bd59a855e971e082"], 0x0, 0xfffffffd, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1f, 0x11, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000f240037a000000000000feffffff8500000005000000b7080000000000007bbef8ff0000005d9d30000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffff0300"/105, @ANYRES32=r10, @ANYBLOB="0000000000000000b70500000800000085000000a70000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r11}, 0xc)

4.78320613s ago: executing program 3 (id=9210):
r0 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x12280, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0x0, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a63619"], 0x0}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a00910006000000000000"], 0xfe33)
r2 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="18020000000000000000000000000000850000005000000018ff65d6690100000300000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000200000085000000170000009500000000000000"], 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1f, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000033000000b7030000000000008500000008000000bf09000000000000b60904000000000065000600090000001801000020646c2500000000002020207b9af8ff000000002d9a00000000000034090000f8ffffffb702000008000000b70300000000dd0015000000060000003d93000000000000b5030000000000008500000076000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x800000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, &(0x7f00000003c0)=[{0x0, 0x0, 0x80000000}, {0x1000000a, 0x4}], 0x10, 0x4}, 0x2)
close(0x3)
r6 = socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001540)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x6, 0x24, &(0x7f0000000200)=r8, 0x4)
ioctl$TUNGETFILTER(r8, 0x801054db, &(0x7f0000000680)=""/146)
r9 = socket$kcm(0xa, 0x5, 0x0)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000000)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x80, 0x0}, 0xd0a0)
setsockopt$sock_attach_bpf(r9, 0x84, 0x64, &(0x7f0000000340)=r4, 0x41)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='\b\x00'/12, @ANYRES32, @ANYBLOB="f42a2e8ca37120c3a573e478c4d1606e1006220e58d1ea605269f80c3e5f90740813f8bac2b2eb19087261a9c4ef41d1d772cc6b85a84239d415602d51457a8a988ab9ca891756d55cdb353421fea1ea0e764901d796f64e2cab9f45a8233a3d7401f68635243058f1891ede488264ae8c1c68f5756c94d86b59402496a85ca69bbca2e9c5d81410d2f420944d", @ANYRES64=0x0], 0x20)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)="5c00000013006bec9e3be35c6e17aa31076b876c1d0000007ea20864160af3653c001ac00400020208000200030001001400030007b556a737c160f9555b4755bb05251e180000000251f60a84c9f4d4938037e786a6", 0x56}, {&(0x7f0000000140)="7e3f15d6d2ee", 0x6}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)

4.543713489s ago: executing program 0 (id=9212):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x30100, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={&(0x7f00000000c0), 0xb}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x32}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x11, &(0x7f00000006c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xfffffffa, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000a40)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000a80)={0x1, 0xc, 0xec, 0x7}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000ac0)=[0xffffffffffffffff], &(0x7f0000000b00)=[{0x0, 0x2, 0x5, 0x4}, {0x2, 0x1, 0x2, 0x4}], 0x10, 0x6}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa88", @ANYRES32=r1, @ANYRESOCT=r0, @ANYRES32=r0], 0xfdef)
r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x842}, 0x114905, 0x4, 0x0, 0x1, 0x3, 0xffffffff, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x7ffffc, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc008001900030002000600090000800000005883c64d251e638294ff0051f60a84c9f4d4938037e7000000000000000000d1c566a000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x98010)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.swap.events\x00', 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000040)=r6, 0x4)
sendmsg$kcm(r5, 0x0, 0x40804)
sendmsg$inet(r5, 0x0, 0x20000000)
recvmsg(r5, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000380)={0x3ff, <r7=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1e, 0xd, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000300008018420000fcfffffd0000000000000000950000000000000018010000202070250000000000c6d8207b1af8ff00000000bfa1000000000000ee000000f8ffffffb702000008000300b7030000ff00000085000000060000000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, r6, 0x8, &(0x7f0000000200)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0xd, 0xf, 0x8}, 0x10, r7, r6, 0x0, &(0x7f0000000700), 0x0, 0x10, 0xad8}, 0x94)

3.858869673s ago: executing program 2 (id=9213):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x74, &(0x7f0000000200)=""/116, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x0, 0xa, 0x400, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xbf5c}, 0x94)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d40)={@map=r2, 0x11, 0x1, 0x1, &(0x7f0000000580)=[0x0], 0x1, 0x0, &(0x7f0000000680)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0], &(0x7f0000000d00)=[0x0, 0x0], <r3=>0x0}, 0x40)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x15, &(0x7f0000000540)=@raw=[@tail_call, @map_idx={0x18, 0x2, 0x5, 0x0, 0x6}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3a74}}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x21}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x3}], &(0x7f0000000600)='GPL\x00', 0x2, 0xd8, &(0x7f0000000640)=""/216, 0x41000, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000740)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000780)={0x1, 0xd, 0x60, 0x2}, 0x10, 0x0, 0x0, 0x9, &(0x7f00000007c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000800)=[{0x2, 0x4, 0x0, 0x9}, {0x0, 0x4, 0x2, 0x5}, {0x1, 0x5, 0x0, 0x6}, {0x1, 0x3, 0x5, 0xa}, {0x0, 0x1, 0xd, 0x1}, {0x5, 0x3, 0xc, 0x2}, {0x2, 0x3, 0xb, 0x4}, {0x3, 0x1, 0xc, 0x2}, {0x2, 0x2, 0xe, 0x6}], 0x10, 0x7}, 0x94)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000400)={@fallback, r0, 0x27, 0x4, 0x0, @void, @value=r4, @void, @void, r3}, 0x20)
r5 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r5, &(0x7f00000001c0)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x3, 0x4}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000180)="27850500000000000000002fb9f4129230564bc9680088a800008100", 0x1c}, {&(0x7f0000000440)="cb4e88a8af3288a8eef1", 0xa}, {&(0x7f0000000cc0)="c08c37436a83f0d48eac802fff3282862aa2b9db735b858f75790380f63134415abde6b7c5a5dbc279dfbafe7e0908b46c126b505dd04dd1139a4137506faaef937397b927dd69bf1a0d2cc953a4bb76b98b2be2e5a0394c2f21be91fb4180331f2c1a324b10bf7916d4691f8059e8a2f2d999f267ded058df273030e6bed4d8e5fda9f436d3055ec8312521e1121478dff769bf340686e73121a893ed0e70b7696b2ca10ad19bc3f068c0a3bf52f61e916c255145b3ac5bf5fe8a23e053ecf26335b69eab7a20b2bc87014be4270acb633bb9be6a2fe466e27e76790101d3d2815d34b31f3e8e5aa8fe9afda171fb05efbcc721f80290e5541f53b3b10c7d04de9f6872298d3deab4590fc404453cdd001df962275e89b09208b943c56f8a9fc2a300bde8295dae0b916b42677a86a2e83e346479fea33cbc5e1ff794fb6074261c1a623d40525b729e66ef952e013fa0eb5e4dbe47c196264089ea99d12382676a0f7703b342414fb43c80d653a726d5de02efc9425acb20e9c7c6b60d00be67b8f72ab9702560e08530b7dd4288562ebad39d3f3bfca5c431161067af878a7e35e0704913c12cdcd9ec215a82d958a72b91a3684e34860da3fb89f59dd736b4ce3c2a53524e916b334d0220e39815995b9e6367470516a36c0129925a9382e4880b6d9964203384eecc631b482e9158a90c48acd5b11a72870fbd2aca009ca5e137971408937066aabd4613f467d6e9690ff55100a07d30016dd344a222ff5ed48fe272df3f66f9085e9d06268120cf73c82de927cce2574e67f69516eb9d39a0c68df632a94191274e19bd51cb1065f0795833529cb29353c58e0c0726c1cbd72ec8d0ae1b4f43a76f891c1b584e24214583d38943b7bb523433b10a9502e3bc96c894a504d4abdae846cfbfc16cd1d20955fb074238fa21bc802688311bc9c673fa7aa8fa17b2f1fa6ab522264015aa17c6108360f04e9b6be863dab5f985c15edcb327c84a5b77c27be2dd40ca104ec1a40923ab2eb99b6433c1f4bc7d13424fd4376da6cd47c88de33ba6d272794d483f731f4c51542d81b9718bff97fc844a17194799a283322ace0f20e99108ca327d4ac163896ef1ce9e9affe6ca0ba008ba7072b35c05314c52fb4f6d853a1893fa11564621e46f81609fdaf9027e0327e76c778275e1f14c0868901bdb5900c1be908717fe61e5daff253b56aaafcd62a3e6713c500ca217c9d348e526dfc43a56275a5fae57fcea35f8a6bb1af125df2ead30374f4926959bad38ac7e4017200fc638e1c132cad17c423033e788eb3546954d62b4d7611152af28c7d207281331413c3f21573cdb943cd8a58daa25211a7a53c4afa48a1b423c0b018bd787b0271e0ef2e934233d7989e29ca78307787a142f848bb3ea5341764a4aea37e6e08f1034136bfe5dd9f593c33051a85abe9253354b282b414edb3b4be4a6c28d27b2654dcea7467ebc206ce7569d6045f585cf9853cfbcbbf4ee8132158025aa037002758856c9065bdead8ed1510e46862c5e318acb10b0d39da9cd6b51ac8a4bd3bd1e92f4fdf0af76d3692cc1bc9098d5c724f77ea91e2beef38c113f14bec3b4a487ef6c527a765b6bf54744fb6fa7ad3666c159b6b69af15c7ac78b8eb952c8567a138f9eb01d2ab198d5e61e06a517416f7a73e880e38fce0d4098d8024468993100f6079cef1d59d5ea93aa36f0e4e05c8b82c8c7c6f8b09427c9aff0a9f4a3bd0b7f01d9bdcd4cd10de5476d4f45cd23e29ec31d6a0d384a4f6d7a8c5c738257687eac706a7acaa76614b1aae05b380b4bc55cf8c78e18b90346fbc021cf15b32599c39729b2b6f1446968206adbd92e982a1f09fa9ffdacb266ec21eaffa97ac60c6b20efb5e33daf28c3747e3bdea943d01f56ea978580014b9f5686fa4caa82def8916a4529a86568d6f6a1651a56c0162727bebf97bcfb358cef0ee2972bad656f77bcc5edda571ddf1d79332757e3f49e9fcd72abd87a825c8e69b8037c88a5c9371739cb557c458eb5a1bf3fd9f0f581eab986bbcd732fe7dfc5369e596ddb58c38009ca24b7f0663ba62bdad5820d991e65c3663ffbc958e48d183e3f0ae37fb3fdbe9e6baf18ee8e1f5625db0c54a697756a05f9504dfc687d167eaee415699599ac3d6c32d859afd3f2c1e40b3fdfbec219a292796d3dc4db2297772ca202388d0367bd47ae6c1ddb9b22da63ca24dfd965bdb77c1cf1194888eacc17cd4d5c8283819954366e659cff2e2d067af7be6265002e28e70fa3048f6ff114412df84c7d5ab6d1a9a55de8d92f97d3ae20476ca6900d4f27f6fea807b3e9fe0795e3472ba6ed5a5b7b8274dd7beafa6a2163663ef8025a7cc7e38e7ba8afaeacfbf97e7a017c2a89c9e2bbc8ea8e4898569cd5c00737a728cfda895eddd2cdede530618cefe88f2fbf7fb58c5b96d716fa84b17396dc64ccae29ef4ab2c942d587107ad0b9ae83f738ff91c37e0099c09a19a4593866f63dd2415675d1386aaa05c3c12703dbe06e54a27fbf86f822cd954c2467b97d040adb9e186d23c1db12dbcfdc1cef8d2523a42da8bb7e23f9f56ac8303d988e86f69f15127f582e5965a3e2ac2637ca9cc489405f15accd6adbeab869bbced107cfc2cbd81e5696acb3ea62392c0d6643d991f0fe3c9abab6713af58764365efdcd69c62cfd8d553196454af92397d577b84860da82364b131d108f8245d75954477c66811e5842f7658a1119497ca82b1df1461e6c25ec80cd03e59003fa02c8c9df4fdd07726d6d4029c1e1fe696c9f7e1f713fa4b59ee8f414a4eff849ea1d1b1ece624cb808fc478eb74a9f4eedfa44e9285d16a296bde074548225a93431e086a2b7954007a662f8b15370afb5ab85f37300964fc12eeb95be497cf4770ac84e1ad91e18f4d47b901556ef8c716d6a4582caf243a6ce74314193425beb567e083145e6fb890678a96787cfa847a67584be6c375a6583fffc184db21f8718992c0657ddc491e2d3708464a72700aa607e96bd990361d68c71ac7cdcbf87d4809e6d1295b3c75db9a9c7f8ee217d0d69eb45614fd8f01f56761eafb6da14f168d190e9c54e4e196179921304df2b8fc3ac1965b04c5fbcee24ed771977a58f3bc1f5d58e5d392dadc65063ebbaccac6d27c7290c9f461b8d879667720cb894957dc779f38db3a57ed75ccf96e6a446999e93acde37b2721dabf4f542a2a86ac22777a405c65043b8daf2cf83a2d3bdfac2416aa223889ffcfecd725ba756de7b607dd2dd681cae141cf74b396484a7ca4803a734b4f00bceff4289edccf03d1c9435cd7cbc857b5684ab124cf1dee28f7d99f5c4e79449a1924dc0c0359f8579b6db343d70c51088c3bd40518d00f66d3cacc5ddd5e65e782095ec1e252c0b86ff9703e15bde74b25c4ec86b69e5aa78ad462991b8acbcc781d904917ca774ac7efdc4ba7e3156c3382344e78177d87aa930a69592b9290319e34ee2d6e6fb528e8437bc47f812a6505d1a8480ba7f212bbf31704914aa68a34db49a4ab89a153453c5b761d1dc60d781b9ff488471ddf6574ab03ea1d0b50d5aa1a7ef3bebc3ff20b204212e18fd2fc53e71eacdc65b0846e3c9f2461e479e6bf6c9856a9c9c4a9f49dd0f90c9c9bee0ccdcc847d5feeda021877c5111c2b80cf09424829fc698aa505f3db03799854ae2d7dbc6342745f14b6f137966f0aa07d1bb8022be6931352f36cb8df74252e5bd6f76e12578edb77183fe9eb1a6470d3a34c898c8448715caded1a961ef8e7785788f93975108c98a46882952a5f3ef912356c063b2aaf32d251abf25652f09a9add8231df86bea351f20013152dc86d5646f99110581000d6a27758d9a877d8a76e380477ae84c1e3a1e1d848453cc39d90b543a1d8e3e55e437a6cd54309c3bd5185721855b95a39da78028537e8737941439ed426ddf1c99fe57024a48215e80d37ffe97dc65d0fe64dd1d3ceba6deb6167a098750ded541031ff4e4970157b09531d8c46473ace9232a1e505f2653d8955cdc52c66793af3a21cfe91f88a2d7386a1c3e5a44898711b0cee38e7b8c848045885c9ee9f712bf563241e27a8a738e3d1c81aa9cd752be6b8af510c54165c6555c85f6bf94daa0acb2cd9d92479fb96f6210482e4a7fcedc78613217645269cdb02b86d54646cc047fd751053b82023950e14c9fb814ba6460b7b3efc9de4d5d9cd3d3a028a6e4318af5101cd7636565064db146dee35085edae30739bb0a2ef064611ec2d7a1993d0e0d21b37a2bfb6cce863b8cf0e91f46e4f2e342db87d8c04a0821f5021cffd436176c36fb90cecb497721475af52285b1c2d96043466ced18d1c142218f776846e99062b5f70959b3447824f1e55ae8897324b9ca1682f470c172a2a0dbb008af6d219259b5d063ad3aa1017d2500bd6dd43c0309212242d1c5e0c49aab629aefda8cded775147a091a382b3e959dd9ed1add84310de2bda6721f479e6e3873448d6dca109ac9c534a261747112cb16f6bda8e266b215936fabb998d87300675feab14ef3f189ef4f51dd24559c033f42adf22c1bba4c1a281167bd584a1b1a6b39d715f40bf73d68a8a4524264595d7d1034a519ffc2da98d637c25af8db2757b25b6ec2b433a400f0f9c33b6a36b39c3d0633f8e63226976dc90ddeacdb6599d58d7e205db9a85708bb83e7122015020e74c27de521df23698807e9c24e0c3e399b80ce7b5ae48bad93b4e40367cfad83ad2df37b3abb229739c6686c52302b8346e21b4f88ab5a3a2bbc8d28ee353097d0aae39d54a48a8b2c7a9162953551fffa241031110bb09812e0bad88d36599a4878303f25acef17078c3b6094dc235d30489d942b6ef3edacdde9c1002d8946e2ab5376689ee19b1b9c68132fc9b8ef47c655fd53e97903f44209f37fee9047938986f85a1fa93df14e405b0f374d6a4699650f9c1434d1deece94ef2ba7b779ded625951cf9cc4a1f1fc5d2f86375634ae90a0f5e3ef2bcadfbf38b0513a7928a0855f8f366c7e555e2ffba23438ac90be542c7b303b51695a4974f2e6d0c8d22b63063786e5910b35e23a2acf7603cbfb08c43596ba37d7663cf22118ef3573568afd6bbf45aa607b567d3065ccdf372759eed809416e243aaf87a347231ed61269f40fd2b38c2f2dc98d0d244c9ccecc3ba268ae1bbbc2876fc3e856f83b503d6a7d2e39ed81da44602230c41ff9fcfe6f4998d8f1573bf96196491e5f5816fa5f2098ac2076905db999c9bf8abae94c5123da05c992ac98b178d08d9de4f250e7783025af59c88eed7c9e5fc91d166afeab625329e1592fe3ee24ec421aee87a747cd329644197d4b11c24747d941be783c1e9661fe491304b7742643d038ab50b634559fa8b4a352bfa0104bebb81c921f3ede983992aafa332ae4e22ad8bc78a0369351a30eb194649f6e10a7eec6275a33a02f89e35daa3b9797efaab8d5eacbaede7cf20a225f0", 0xf34}], 0x3}, 0x0)

3.831551974s ago: executing program 0 (id=9214):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x0, 0x61, 0x0, 0xa4d4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2})
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0xa8, 0x2, 0x0, 0x0, 0x0, 0x50, 0x400, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xd, 0x5}, 0x1a2d, 0x1, 0x7fa, 0x7, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r0)

3.813357055s ago: executing program 3 (id=9215):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfb6}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x40, 0x8}, 0x10a410, 0x3, 0x43a1bd76, 0x7, 0x7, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
recvmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000a80)=[{0x0, 0x46}], 0x1, 0x0, 0xfffffffffffffe39}, 0x40000100)
socketpair(0x28, 0xa, 0x4, &(0x7f00000000c0))
r1 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a7401", 0x17}], 0x1}, 0x40000)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES8=r1], 0xfe33)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x1b, &(0x7f00000005c0), 0x0, 0x10, &(0x7f0000000100), &(0x7f0000000340), 0x8, 0x60, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0], 0x0, 0xa, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000b00)="2888493b0b66a41a3f161601170e47753c5c40c4dee1ccd2b528a89754cc7a77db2a96ebccf9786f1ac69521ef335c726686781440b17b65e1c0e77ecb16911b4172d40a0b1622ec3554ce37e1f6db678a654ee9882384b20ca42ad9575cc52a06af3cc70c8dcf0998a4591aed83c047e9aa4565dc96a8dce7ca2bec9e3fe7833d48422027f192e5fd6fe5737bcb41fb29b6413b2939809293847e2d8994352a92d7b39d26a3e0c47586f80dba5937c49668d3bb62bf2595dc97d9b58fa19d3774d47046a214b2db0c0328b2e7b69c48c5bb57c4ca094b77e39ba289162384d4f21ec97538633b635d039ed6514f636404b46c955e8230b91ab19e38c75f88b515bf1a6fb7e92b21c1b8d01ac80ced8b76c5773b89923439e823508bb01b6e78e176f98e281dd357c2a8204eab13c558cf2975600fb5", 0x136}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1000c1, 0x0, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0x8}, @printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f00000006c0)="00000000000000c88526faac0646", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$SIOCSIFHWADDR(r3, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
r4 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000300)=@generic={0x0}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0x40047440, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r6 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r6, 0x29, 0x4a, 0x0, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r7)

3.751635877s ago: executing program 1 (id=9216):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x0, 0x61, 0x0, 0xa4d4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r0)

3.6741432s ago: executing program 2 (id=9217):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b40)={r0, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001080)=[0x0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0), 0x4)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000100)=r1, 0x4)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r6}, 0xc)
r7 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r7, 0x84, 0x9, &(0x7f0000000380), 0x98)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_lsm={0x3, 0x5, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1124, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fffffff, 0x0, 0x0, 0x4000002, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r8, 0x29, 0x23, &(0x7f0000000040), 0xcf)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1200000001000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00g\x00\x00\x00\x00\x00\x00#\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000003c0)={r9, &(0x7f0000000180), 0x0}, 0x20)
close(r8)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x4c}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x19)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))

3.643996831s ago: executing program 0 (id=9218):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$kcm(0x11, 0x2, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], 0x0}, 0x94)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1f, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000980)=@bpf_tracing={0x1a, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000011000000000000000900bd5a184000000700000000000000000000009500000000000000"], &(0x7f0000000840)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x2fafa, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000940)=[{0x2, 0x3, 0x9, 0x7}], 0x10, 0x41e}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x2, 0xc, &(0x7f0000000c40)=ANY=[@ANYRES64=r0, @ANYBLOB="d68a6de995697835d959908e370966218be0ac995481a30cbbde19294f003f5a6486a898257110f943be7d93d968c6c639d4b7226e3cca0001ef0753b13536314cad2a5c8df9d42d4c7d3d993819160361413bd96e9c78f22e5919419dd7732d183055e3cd29eb00216f7bee14e0fe27b283de3a3004c7fdab2cc7c9f959a77154c1", @ANYBLOB="56ec"], &(0x7f0000000240)='GPL\x00', 0xb14, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x25, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r3, 0x0, 0x0}, 0x10)
r4 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0xf}, 0x410, 0x1fffffc, 0x0, 0x0, 0x1fffffd}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x11c03a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, 0x0}, 0x0)
r5 = syz_clone(0x10002400, &(0x7f00000003c0)="0d9773cc4b02688a0b", 0x9, &(0x7f0000000400), &(0x7f0000000440), &(0x7f0000000740)="b9a66e6c0fcb9fa99bf7036a555262eece78a5de5b5335b2831cf71bb08418af346c6fe659ae0a3d2666e8d65e861b244e8a283cc430f1dda60b9651626ffa474b17f5c3f6871e07324948436818a63c93af7e40a4cd86d6d47fda08682a826f4b7c24b0aa0851c28a5627ffc26288b40f927c7f1c8a38417534dec04a5c0daa21702f")
syz_open_procfs$namespace(r5, &(0x7f0000000480)='ns/pid\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000020000000000000000000003000000000100000001000000010001000000"], 0x0, 0x32}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/mnt\x00')
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001140)=@bpf_ext={0x1c, 0x12, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000070000000000000005000000186800000000000000000000e6000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000090000000800000085000000a50000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x1, 0xbe, &(0x7f0000000d00)=""/190, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x23551, r0, 0x5, &(0x7f0000001000)=[r1, 0xffffffffffffffff, r1], &(0x7f0000001040)=[{0x1, 0x5, 0xf, 0xc}, {0x3, 0x5, 0xc, 0x8}, {0x2, 0x5, 0xe, 0x1}, {0x3, 0x4, 0x0, 0x8}, {0x1, 0x1, 0x3, 0x2}], 0x10, 0xa}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r6, 0x3, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'nr0\x00', 0x31})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89a0, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89a2, &(0x7f0000000080))

3.315066132s ago: executing program 1 (id=9219):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x0, 0x61, 0x0, 0xa4d4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000000000000000}, 0x104101, 0x4, 0x0, 0x3, 0x2000000, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
ioctl$SIOCSIFHWADDR(r0, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @broadcast})

3.254636225s ago: executing program 2 (id=9220):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001b80)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21ca0000cf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f94306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b262341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f9ac2f7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe8799fe266e2ccac80fefe750151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa796ea7b156d19612297c63bb20e1e0469f7615f67a9218cbace38f5236821314f76302b98afa93044b83989339ca10e6ae30e70e17a82f03e915b8425e8e"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002500)={0x1c, 0x0, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x7, 0xe4, &(0x7f0000000740)=""/228, 0x40f00, 0x18, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000002480)=[{0x2, 0x2, 0x0, 0xa}, {0x3, 0x5, 0x10, 0xa}, {0x1, 0x2, 0x6, 0x3}, {0x1, 0x1, 0x6, 0x6}, {0x4, 0x5, 0x7, 0xa}, {0x4, 0x4, 0xe, 0x1}, {0x1, 0x2, 0xa, 0xa}], 0x10, 0x2}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r5, &(0x7f0000000200)="39b83c1c43d31ae7f6d21defcba7e8442c6735061223f2b9808a05e7711b1860208215a12bb06edb753ca167a1cf6f097386ddc17bb81c"}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r5, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
r8 = bpf$ITER_CREATE(0xb, &(0x7f00000002c0)={r7}, 0x8)
write$cgroup_int(r8, &(0x7f00000001c0), 0xfffffdef)
ioctl$TUNSETIFF(r8, 0x5421, &(0x7f0000000000)={'syzkaller0\x00', 0x2})
write$cgroup_netprio_ifpriomap(r8, 0x0, 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x65, 0x3, 0x3, 0x103, r5, 0x1, '\x00', r6, r8, 0x4, 0x5, 0x0, 0x4}, 0x50)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@float={0x3, 0x0, 0x0, 0x10, 0x4}]}, {0x0, [0x71, 0x30, 0x0, 0x5f, 0x5f]}}, &(0x7f0000000b40)=""/4096, 0x2b, 0x1000, 0x0, 0xd, 0x10000}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x0, '\x00', r6, r9, 0x1, 0x4, 0x4}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000a80)="d80000001d0081044e81f777db44b904021d080201000000040000a1bc0001000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c16fb4007134cf6ee08000a0e408e8d8ef075c11503c6bbace801bcb090000001fb791643a5ee4001b1462", 0x71}, {&(0x7f0000000000)="54900bae767eb3f140c5", 0xa}, {&(0x7f0000000980)="027a64c0072ebbb1512b328dda11b4efd4ba07fc642b7e012bea071dbbdea51e41958755533ccce04d3e635cbe848495e723490d8e93db224d82d4fbfe76bd22fd358cd467795ad7febfc220d7", 0x4d}], 0x3, 0x0, 0x0, 0x7400}, 0x10)

3.162845138s ago: executing program 3 (id=9221):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x102, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x11, &(0x7f0000000600)=ANY=[@ANYRES16=r2, @ANYRES32=0x0, @ANYRES64=r1, @ANYRESDEC=0x0, @ANYRESDEC=r0], &(0x7f0000000040)='GPL\x00', 0xfffffffa, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000a80)={0x1, 0xc, 0xea, 0x7}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000ac0)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000b00)=[{0x0, 0x2, 0x5, 0x4}, {0x1, 0x5, 0x0, 0x4}], 0x10, 0x7}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0xec, 0x0, 0x0, 0x7, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x110915, 0x10, 0x0, 0x1, 0x0, 0x7fffffff, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
socket$kcm(0x10, 0x2, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x20a, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1}, 0x4084)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r7, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="030000000400000004000000", @ANYRES32=0x1], 0x48)
ioctl$TUNSETCARRIER(r5, 0x400454e2, &(0x7f0000000000)=0x1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bond_slave_1\x00'})
socketpair(0x25, 0x3, 0x6, &(0x7f0000000340)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8946, &(0x7f0000000080))
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000440)="5cadf2b3f1", &(0x7f0000000500)=""/243}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb9d001800000000000000280600002800000002000000"], 0x0, 0x42}, 0x28)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x3d)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x8946, &(0x7f0000000080))
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa88"], 0xfdef)

3.151964548s ago: executing program 0 (id=9222):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x30100, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={&(0x7f00000000c0), 0xb}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x32}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x11, &(0x7f00000006c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xfffffffa, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000a40)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000a80)={0x1, 0xc, 0xec, 0x7}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000ac0)=[0xffffffffffffffff], &(0x7f0000000b00)=[{0x0, 0x2, 0x5, 0x4}, {0x2, 0x1, 0x2, 0x4}], 0x10, 0x6}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa88", @ANYRES32=r1, @ANYRESOCT=r0, @ANYRES32=r0], 0xfdef)
r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x842}, 0x114905, 0x4, 0x0, 0x1, 0x3, 0xffffffff, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x7ffffc, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc008001900030002000600090000800000005883c64d251e638294ff0051f60a84c9f4d4938037e7000000000000000000d1c566a000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x98010)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.swap.events\x00', 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000040)=r6, 0x4)
sendmsg$kcm(r5, 0x0, 0x40804)
sendmsg$inet(r5, 0x0, 0x20000000)
recvmsg(r5, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000380)={0x3ff, <r7=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1e, 0xd, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000300008018420000fcfffffd0000000000000000950000000000000018010000202070250000000000c6d8207b1af8ff00000000bfa1000000000000ee000000f8ffffffb702000008000300b7030000ff00000085000000060000000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, r6, 0x8, &(0x7f0000000200)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0xd, 0xf, 0x8}, 0x10, r7, r6, 0x0, &(0x7f0000000700), 0x0, 0x10, 0xad8}, 0x94)

3.151405898s ago: executing program 1 (id=9223):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x10001, 0x0, 0xc, 0x2}, {0x2}]}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x5452, &(0x7f0000000400)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdf\x85\xaac{\x8c\x8ffp`-\xcd\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\t\xed\x13q2\xdd\xcc\xeeR\xf2/\xba\fE>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\xcb\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xbb\xca\x04\x00\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x03\x00\x00\x00\x00\x00\x00\x00\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\xf3\xcf\x17\xf5\x86%\x7f\xec\xb2\xc5E\x00\xb2e\xa8\xf1<\xb2\xc82\xbf=o\x00\x00\x00\x00E\x00\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x922A\x95\x8e\xbc\xc8<s,\xb023Z{\x9f\xc2\x94+e?\x87\x95\x8e\r\t\x0er\x92\xe2\t\xc4S\xd4\xd2\x87.&`\x95\'=0\r\xd2n\xf5\xcd\x9b\x15Oo\xd8Nj0\xe2\xe5A\xb2\xc3\xf7\xc8\xe7 \"+\xd6\x9e\x18\xec\xb7H\xf9\vd\xebE\x9dtI\xe5\xb5\x8e3\x19<\xdeS\xf4\xe6\xba\x0er\xfc]\xcbd@\xe8R#(u\xe1\x9b\xb7\xd5\x82\xab;\xdb\xa2\x9e\xe8W;\x86\x89\x99\xa1\x99\x1b\xbd\xaf\x11\xcf\x1d\xb5n\xe3&\x1b Z|\x18\n/\xe4\x83\xb5\xdd\xed\xd8\xba\xe8\x8d{@\xd1\x00\x00\x00\x00\x00')
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd6372ce22fdb92f"], 0xfdef)

3.044180722s ago: executing program 2 (id=9224):
r0 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x12280, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0x0, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a63619"], 0x0}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a0091000600000000000000"], 0xfe33)
r2 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="18020000000000000000000000000000850000005000000018ff65d6690100000300000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000200000085000000170000009500000000000000"], 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1f, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000033000000b7030000000000008500000008000000bf09000000000000b60904000000000065000600090000001801000020646c2500000000002020207b9af8ff000000002d9a00000000000034090000f8ffffffb702000008000000b70300000000dd0015000000060000003d93000000000000b5030000000000008500000076000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x800000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, &(0x7f00000003c0)=[{0x0, 0x0, 0x80000000}, {0x1000000a, 0x4}], 0x10, 0x4}, 0x2)
close(0x3)
r6 = socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001540)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x6, 0x24, &(0x7f0000000200)=r8, 0x4)
ioctl$TUNGETFILTER(r8, 0x801054db, &(0x7f0000000680)=""/146)
r9 = socket$kcm(0xa, 0x5, 0x0)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000000)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x80, 0x0}, 0xd0a0)
setsockopt$sock_attach_bpf(r9, 0x84, 0x64, &(0x7f0000000340)=r4, 0x41)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='\b\x00'/12, @ANYRES32, @ANYBLOB="f42a2e8ca37120c3a573e478c4d1606e1006220e58d1ea605269f80c3e5f90740813f8bac2b2eb19087261a9c4ef41d1d772cc6b85a84239d415602d51457a8a988ab9ca891756d55cdb353421fea1ea0e764901d796f64e2cab9f45a8233a3d7401f68635243058f1891ede488264ae8c1c68f5756c94d86b59402496a85ca69bbca2e9c5d81410d2f420944d", @ANYRES64=0x0], 0x20)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)="5c00000013006bec9e3be35c6e17aa31076b876c1d0000007ea20864160af3653c001ac00400020208000200030001001400030007b556a737c160f9555b4755bb05251e180000000251f60a84c9f4d4938037e786a6", 0x56}, {&(0x7f0000000140)="7e3f15d6d2ee", 0x6}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.97365261s ago: executing program 2 (id=9225):
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x0, 0x3ff78000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00'}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2000000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e002700100000000280000012", 0x2d}], 0x1}, 0x40000)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)}], 0x1, 0x0, 0x0, 0xc3ff}, 0x0)
perf_event_open(&(0x7f0000001240)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="9fcb010018000000000000000c0000000c00000009"], 0x0, 0x2d, 0x0, 0x1, 0x4}, 0x28)
r4 = socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r7, 0x400454d9, &(0x7f0000000280)={'veth1_to_bridge\x00', 0x400})
ioctl$TUNSETQUEUE(r7, 0x400454d9, &(0x7f0000000280)={'wlan0\x00', 0x400})
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41ff, 0x2122, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x80000, 0x1, 0x8, 0x0, 0x3}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r5, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
r9 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r9, 0x1, 0x41, &(0x7f0000000040)=r8, 0x4)
sendmsg$kcm(r9, &(0x7f0000000580)={&(0x7f00000001c0)=@in6={0xa, 0x4e21, 0x4, @mcast2, 0x9}, 0x80, 0x0}, 0x4000080)
sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1f, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800004001000000000000000000000095000000000000006438bf8db1377570b99c435bc1d0448bb8a6f62fc37b7672769a5e8ea6b7b828ddba7bfd6de7b6f832c19e04122d399034525ac9d1c6d2a1e3a4147bb93009239abdcd3993e07c707a982a1c43ad909863bcc31c40bd59a855e971e082"], 0x0, 0xfffffffd, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1f, 0x11, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000f240037a000000000000feffffff8500000005000000b7080000000000007bbef8ff0000005d9d30000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffff0300"/105, @ANYRES32=r10, @ANYBLOB="0000000000000000b70500000800000085000000a70000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r11}, 0xc)

536.87287ms ago: executing program 3 (id=9226):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x74, &(0x7f0000000200)=""/116, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x0, 0xa, 0x400, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xbf5c}, 0x94)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d40)={@map=r2, 0x11, 0x1, 0x1, &(0x7f0000000580)=[0x0], 0x1, 0x0, &(0x7f0000000680)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0], &(0x7f0000000d00)=[0x0, 0x0], <r3=>0x0}, 0x40)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x15, &(0x7f0000000540)=@raw=[@tail_call, @map_idx={0x18, 0x2, 0x5, 0x0, 0x6}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3a74}}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x21}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x3}], &(0x7f0000000600)='GPL\x00', 0x2, 0xd8, &(0x7f0000000640)=""/216, 0x41000, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000740)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000780)={0x1, 0xd, 0x60, 0x2}, 0x10, 0x0, 0x0, 0x9, &(0x7f00000007c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000800)=[{0x2, 0x4, 0x0, 0x9}, {0x0, 0x4, 0x2, 0x5}, {0x1, 0x5, 0x0, 0x6}, {0x1, 0x3, 0x5, 0xa}, {0x0, 0x1, 0xd, 0x1}, {0x5, 0x3, 0xc, 0x2}, {0x2, 0x3, 0xb, 0x4}, {0x3, 0x1, 0xc, 0x2}, {0x2, 0x2, 0xe, 0x6}], 0x10, 0x7}, 0x94)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000400)={@fallback, r0, 0x27, 0x4, 0x0, @void, @value=r4, @void, @void, r3}, 0x20)
r5 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r5, &(0x7f00000001c0)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x3, 0x4}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000180)="27850500000000000000002fb9f4129230564bc9680088a800008100", 0x1c}, {&(0x7f0000000440)="cb4e88a8af3288a8eef1", 0xa}, {&(0x7f0000000cc0)="c08c37436a83f0d48eac802fff3282862aa2b9db735b858f75790380f63134415abde6b7c5a5dbc279dfbafe7e0908b46c126b505dd04dd1139a4137506faaef937397b927dd69bf1a0d2cc953a4bb76b98b2be2e5a0394c2f21be91fb4180331f2c1a324b10bf7916d4691f8059e8a2f2d999f267ded058df273030e6bed4d8e5fda9f436d3055ec8312521e1121478dff769bf340686e73121a893ed0e70b7696b2ca10ad19bc3f068c0a3bf52f61e916c255145b3ac5bf5fe8a23e053ecf26335b69eab7a20b2bc87014be4270acb633bb9be6a2fe466e27e76790101d3d2815d34b31f3e8e5aa8fe9afda171fb05efbcc721f80290e5541f53b3b10c7d04de9f6872298d3deab4590fc404453cdd001df962275e89b09208b943c56f8a9fc2a300bde8295dae0b916b42677a86a2e83e346479fea33cbc5e1ff794fb6074261c1a623d40525b729e66ef952e013fa0eb5e4dbe47c196264089ea99d12382676a0f7703b342414fb43c80d653a726d5de02efc9425acb20e9c7c6b60d00be67b8f72ab9702560e08530b7dd4288562ebad39d3f3bfca5c431161067af878a7e35e0704913c12cdcd9ec215a82d958a72b91a3684e34860da3fb89f59dd736b4ce3c2a53524e916b334d0220e39815995b9e6367470516a36c0129925a9382e4880b6d9964203384eecc631b482e9158a90c48acd5b11a72870fbd2aca009ca5e137971408937066aabd4613f467d6e9690ff55100a07d30016dd344a222ff5ed48fe272df3f66f9085e9d06268120cf73c82de927cce2574e67f69516eb9d39a0c68df632a94191274e19bd51cb1065f0795833529cb29353c58e0c0726c1cbd72ec8d0ae1b4f43a76f891c1b584e24214583d38943b7bb523433b10a9502e3bc96c894a504d4abdae846cfbfc16cd1d20955fb074238fa21bc802688311bc9c673fa7aa8fa17b2f1fa6ab522264015aa17c6108360f04e9b6be863dab5f985c15edcb327c84a5b77c27be2dd40ca104ec1a40923ab2eb99b6433c1f4bc7d13424fd4376da6cd47c88de33ba6d272794d483f731f4c51542d81b9718bff97fc844a17194799a283322ace0f20e99108ca327d4ac163896ef1ce9e9affe6ca0ba008ba7072b35c05314c52fb4f6d853a1893fa11564621e46f81609fdaf9027e0327e76c778275e1f14c0868901bdb5900c1be908717fe61e5daff253b56aaafcd62a3e6713c500ca217c9d348e526dfc43a56275a5fae57fcea35f8a6bb1af125df2ead30374f4926959bad38ac7e4017200fc638e1c132cad17c423033e788eb3546954d62b4d7611152af28c7d207281331413c3f21573cdb943cd8a58daa25211a7a53c4afa48a1b423c0b018bd787b0271e0ef2e934233d7989e29ca78307787a142f848bb3ea5341764a4aea37e6e08f1034136bfe5dd9f593c33051a85abe9253354b282b414edb3b4be4a6c28d27b2654dcea7467ebc206ce7569d6045f585cf9853cfbcbbf4ee8132158025aa037002758856c9065bdead8ed1510e46862c5e318acb10b0d39da9cd6b51ac8a4bd3bd1e92f4fdf0af76d3692cc1bc9098d5c724f77ea91e2beef38c113f14bec3b4a487ef6c527a765b6bf54744fb6fa7ad3666c159b6b69af15c7ac78b8eb952c8567a138f9eb01d2ab198d5e61e06a517416f7a73e880e38fce0d4098d8024468993100f6079cef1d59d5ea93aa36f0e4e05c8b82c8c7c6f8b09427c9aff0a9f4a3bd0b7f01d9bdcd4cd10de5476d4f45cd23e29ec31d6a0d384a4f6d7a8c5c738257687eac706a7acaa76614b1aae05b380b4bc55cf8c78e18b90346fbc021cf15b32599c39729b2b6f1446968206adbd92e982a1f09fa9ffdacb266ec21eaffa97ac60c6b20efb5e33daf28c3747e3bdea943d01f56ea978580014b9f5686fa4caa82def8916a4529a86568d6f6a1651a56c0162727bebf97bcfb358cef0ee2972bad656f77bcc5edda571ddf1d79332757e3f49e9fcd72abd87a825c8e69b8037c88a5c9371739cb557c458eb5a1bf3fd9f0f581eab986bbcd732fe7dfc5369e596ddb58c38009ca24b7f0663ba62bdad5820d991e65c3663ffbc958e48d183e3f0ae37fb3fdbe9e6baf18ee8e1f5625db0c54a697756a05f9504dfc687d167eaee415699599ac3d6c32d859afd3f2c1e40b3fdfbec219a292796d3dc4db2297772ca202388d0367bd47ae6c1ddb9b22da63ca24dfd965bdb77c1cf1194888eacc17cd4d5c8283819954366e659cff2e2d067af7be6265002e28e70fa3048f6ff114412df84c7d5ab6d1a9a55de8d92f97d3ae20476ca6900d4f27f6fea807b3e9fe0795e3472ba6ed5a5b7b8274dd7beafa6a2163663ef8025a7cc7e38e7ba8afaeacfbf97e7a017c2a89c9e2bbc8ea8e4898569cd5c00737a728cfda895eddd2cdede530618cefe88f2fbf7fb58c5b96d716fa84b17396dc64ccae29ef4ab2c942d587107ad0b9ae83f738ff91c37e0099c09a19a4593866f63dd2415675d1386aaa05c3c12703dbe06e54a27fbf86f822cd954c2467b97d040adb9e186d23c1db12dbcfdc1cef8d2523a42da8bb7e23f9f56ac8303d988e86f69f15127f582e5965a3e2ac2637ca9cc489405f15accd6adbeab869bbced107cfc2cbd81e5696acb3ea62392c0d6643d991f0fe3c9abab6713af58764365efdcd69c62cfd8d553196454af92397d577b84860da82364b131d108f8245d75954477c66811e5842f7658a1119497ca82b1df1461e6c25ec80cd03e59003fa02c8c9df4fdd07726d6d4029c1e1fe696c9f7e1f713fa4b59ee8f414a4eff849ea1d1b1ece624cb808fc478eb74a9f4eedfa44e9285d16a296bde074548225a93431e086a2b7954007a662f8b15370afb5ab85f37300964fc12eeb95be497cf4770ac84e1ad91e18f4d47b901556ef8c716d6a4582caf243a6ce74314193425beb567e083145e6fb890678a96787cfa847a67584be6c375a6583fffc184db21f8718992c0657ddc491e2d3708464a72700aa607e96bd990361d68c71ac7cdcbf87d4809e6d1295b3c75db9a9c7f8ee217d0d69eb45614fd8f01f56761eafb6da14f168d190e9c54e4e196179921304df2b8fc3ac1965b04c5fbcee24ed771977a58f3bc1f5d58e5d392dadc65063ebbaccac6d27c7290c9f461b8d879667720cb894957dc779f38db3a57ed75ccf96e6a446999e93acde37b2721dabf4f542a2a86ac22777a405c65043b8daf2cf83a2d3bdfac2416aa223889ffcfecd725ba756de7b607dd2dd681cae141cf74b396484a7ca4803a734b4f00bceff4289edccf03d1c9435cd7cbc857b5684ab124cf1dee28f7d99f5c4e79449a1924dc0c0359f8579b6db343d70c51088c3bd40518d00f66d3cacc5ddd5e65e782095ec1e252c0b86ff9703e15bde74b25c4ec86b69e5aa78ad462991b8acbcc781d904917ca774ac7efdc4ba7e3156c3382344e78177d87aa930a69592b9290319e34ee2d6e6fb528e8437bc47f812a6505d1a8480ba7f212bbf31704914aa68a34db49a4ab89a153453c5b761d1dc60d781b9ff488471ddf6574ab03ea1d0b50d5aa1a7ef3bebc3ff20b204212e18fd2fc53e71eacdc65b0846e3c9f2461e479e6bf6c9856a9c9c4a9f49dd0f90c9c9bee0ccdcc847d5feeda021877c5111c2b80cf09424829fc698aa505f3db03799854ae2d7dbc6342745f14b6f137966f0aa07d1bb8022be6931352f36cb8df74252e5bd6f76e12578edb77183fe9eb1a6470d3a34c898c8448715caded1a961ef8e7785788f93975108c98a46882952a5f3ef912356c063b2aaf32d251abf25652f09a9add8231df86bea351f20013152dc86d5646f99110581000d6a27758d9a877d8a76e380477ae84c1e3a1e1d848453cc39d90b543a1d8e3e55e437a6cd54309c3bd5185721855b95a39da78028537e8737941439ed426ddf1c99fe57024a48215e80d37ffe97dc65d0fe64dd1d3ceba6deb6167a098750ded541031ff4e4970157b09531d8c46473ace9232a1e505f2653d8955cdc52c66793af3a21cfe91f88a2d7386a1c3e5a44898711b0cee38e7b8c848045885c9ee9f712bf563241e27a8a738e3d1c81aa9cd752be6b8af510c54165c6555c85f6bf94daa0acb2cd9d92479fb96f6210482e4a7fcedc78613217645269cdb02b86d54646cc047fd751053b82023950e14c9fb814ba6460b7b3efc9de4d5d9cd3d3a028a6e4318af5101cd7636565064db146dee35085edae30739bb0a2ef064611ec2d7a1993d0e0d21b37a2bfb6cce863b8cf0e91f46e4f2e342db87d8c04a0821f5021cffd436176c36fb90cecb497721475af52285b1c2d96043466ced18d1c142218f776846e99062b5f70959b3447824f1e55ae8897324b9ca1682f470c172a2a0dbb008af6d219259b5d063ad3aa1017d2500bd6dd43c0309212242d1c5e0c49aab629aefda8cded775147a091a382b3e959dd9ed1add84310de2bda6721f479e6e3873448d6dca109ac9c534a261747112cb16f6bda8e266b215936fabb998d87300675feab14ef3f189ef4f51dd24559c033f42adf22c1bba4c1a281167bd584a1b1a6b39d715f40bf73d68a8a4524264595d7d1034a519ffc2da98d637c25af8db2757b25b6ec2b433a400f0f9c33b6a36b39c3d0633f8e63226976dc90ddeacdb6599d58d7e205db9a85708bb83e7122015020e74c27de521df23698807e9c24e0c3e399b80ce7b5ae48bad93b4e40367cfad83ad2df37b3abb229739c6686c52302b8346e21b4f88ab5a3a2bbc8d28ee353097d0aae39d54a48a8b2c7a9162953551fffa241031110bb09812e0bad88d36599a4878303f25acef17078c3b6094dc235d30489d942b6ef3edacdde9c1002d8946e2ab5376689ee19b1b9c68132fc9b8ef47c655fd53e97903f44209f37fee9047938986f85a1fa93df14e405b0f374d6a4699650f9c1434d1deece94ef2ba7b779ded625951cf9cc4a1f1fc5d2f86375634ae90a0f5e3ef2bcadfbf38b0513a7928a0855f8f366c7e555e2ffba23438ac90be542c7b303b51695a4974f2e6d0c8d22b63063786e5910b35e23a2acf7603cbfb08c43596ba37d7663cf22118ef3573568afd6bbf45aa607b567d3065ccdf372759eed809416e243aaf87a347231ed61269f40fd2b38c2f2dc98d0d244c9ccecc3ba268ae1bbbc2876fc3e856f83b503d6a7d2e39ed81da44602230c41ff9fcfe6f4998d8f1573bf96196491e5f5816fa5f2098ac2076905db999c9bf8abae94c5123da05c992ac98b178d08d9de4f250e7783025af59c88eed7c9e5fc91d166afeab625329e1592fe3ee24ec421aee87a747cd329644197d4b11c24747d941be783c1e9661fe491304b7742643d038ab50b634559fa8b4a352bfa0104bebb81c921f3ede983992aafa332ae4e22ad8bc78a0369351a30eb194649f6e10a7eec6275a33a02f89e35daa3b9797efaab8d5eacbaede7cf20a225f0", 0xf34}], 0x3}, 0x0)

520.078961ms ago: executing program 0 (id=9227):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x0, 0x61, 0x0, 0xa4d4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r0)

474.092013ms ago: executing program 1 (id=9228):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x0, 0x61, 0x0, 0xa4d4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2})
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0xa8, 0x2, 0x0, 0x0, 0x0, 0x50, 0x400, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xd, 0x5}, 0x1a2d, 0x1, 0x7fa, 0x7, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
r1 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
setsockopt$sock_attach_bpf(r1, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r1)

403.012895ms ago: executing program 2 (id=9229):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfb6}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x40, 0x8}, 0x10a410, 0x3, 0x43a1bd76, 0x7, 0x7, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
recvmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000a80)=[{0x0, 0x46}], 0x1, 0x0, 0xfffffffffffffe39}, 0x40000100)
socketpair(0x28, 0xa, 0x4, &(0x7f00000000c0))
r1 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a7401", 0x17}], 0x1}, 0x40000)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="93430000520033d487", @ANYRES32, @ANYRES8=r1], 0xfe33)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x1b, &(0x7f00000005c0), 0x0, 0x10, &(0x7f0000000100), &(0x7f0000000340), 0x8, 0x60, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0], 0x0, 0xa, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000b00)="2888493b0b66a41a3f161601170e47753c5c40c4dee1ccd2b528a89754cc7a77db2a96ebccf9786f1ac69521ef335c726686781440b17b65e1c0e77ecb16911b4172d40a0b1622ec3554ce37e1f6db678a654ee9882384b20ca42ad9575cc52a06af3cc70c8dcf0998a4591aed83c047e9aa4565dc96a8dce7ca2bec9e3fe7833d48422027f192e5fd6fe5737bcb41fb29b6413b2939809293847e2d8994352a92d7b39d26a3e0c47586f80dba5937c49668d3bb62bf2595dc97d9b58fa19d3774d47046a214b2db0c0328b2e7b69c48c5bb57c4ca094b77e39ba289162384d4f21ec97538633b635d039ed6514f636404b46c955e8230b91ab19e38c75f88b515bf1a6fb7e92b21c1b8d01ac80ced8b76c5773b89923439e823508bb01b6e78e176f98e281dd357c2a8204eab13c558cf2975600fb5", 0x136}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1000c1, 0x0, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0x8}, @printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f00000006c0)="00000000000000c88526faac0646", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$SIOCSIFHWADDR(r3, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
r4 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000300)=@generic={0x0}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0x40047440, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r6 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r6, 0x29, 0x4a, 0x0, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r7)

387.276796ms ago: executing program 0 (id=9230):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b40)={r0, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001080)=[0x0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0), 0x4)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000100)=r1, 0x4)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r6}, 0xc)
r7 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r7, 0x84, 0x9, &(0x7f0000000380), 0x98)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_lsm={0x3, 0x5, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1124, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fffffff, 0x0, 0x0, 0x4000002, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r8, 0x29, 0x23, &(0x7f0000000040), 0xcf)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1200000001000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00g\x00\x00\x00\x00\x00\x00#\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000003c0)={r9, &(0x7f0000000180), 0x0}, 0x20)
close(r8)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x4c}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x19)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))

262.38714ms ago: executing program 3 (id=9231):
bpf$MAP_CREATE(0x600000000000000, 0x0, 0x0)

252.58606ms ago: executing program 1 (id=9232):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001b80)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21ca0000cf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f94306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b262341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f9ac2f7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe8799fe266e2ccac80fefe750151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa796ea7b156d19612297c63bb20e1e0469f7615f67a9218cbace38f5236821314f76302b98afa93044b83989339ca10e6ae30e70e17a82f03e915b8425e8e"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002500)={0x1c, 0x0, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x7, 0xe4, &(0x7f0000000740)=""/228, 0x40f00, 0x18, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000002480)=[{0x2, 0x2, 0x0, 0xa}, {0x3, 0x5, 0x10, 0xa}, {0x1, 0x2, 0x6, 0x3}, {0x1, 0x1, 0x6, 0x6}, {0x4, 0x5, 0x7, 0xa}, {0x4, 0x4, 0xe, 0x1}, {0x1, 0x2, 0xa, 0xa}], 0x10, 0x2}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r5, &(0x7f0000000200)="39b83c1c43d31ae7f6d21defcba7e8442c6735061223f2b9808a05e7711b1860208215a12bb06edb753ca167a1cf6f097386ddc17bb81c"}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r5, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
r8 = bpf$ITER_CREATE(0xb, &(0x7f00000002c0)={r7}, 0x8)
write$cgroup_int(r8, &(0x7f00000001c0), 0xfffffdef)
ioctl$TUNSETIFF(r8, 0x5421, &(0x7f0000000000)={'syzkaller0\x00', 0x2})
write$cgroup_netprio_ifpriomap(r8, 0x0, 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x65, 0x3, 0x3, 0x103, r5, 0x1, '\x00', r6, r8, 0x4, 0x5, 0x0, 0x4}, 0x50)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@float={0x3, 0x0, 0x0, 0x10, 0x4}]}, {0x0, [0x71, 0x30, 0x0, 0x5f, 0x5f]}}, &(0x7f0000000b40)=""/4096, 0x2b, 0x1000, 0x0, 0xd, 0x10000}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x0, '\x00', r6, r9, 0x1, 0x4, 0x4}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000a80)="d80000001d0081044e81f777db44b904021d080201000000040000a1bc0001000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c16fb4007134cf6ee08000a0e408e8d8ef075c11503c6bbace801bcb090000001fb791643a5ee4001b1462", 0x71}, {&(0x7f0000000000)="54900bae767eb3f140c5", 0xa}, {&(0x7f0000000980)="027a64c0072ebbb1512b328dda11b4efd4ba07fc642b7e012bea071dbbdea51e41958755533ccce04d3e635cbe848495e723490d8e93db224d82d4fbfe76bd22fd358cd467795ad7febfc220d7", 0x4d}], 0x3, 0x0, 0x0, 0x7400}, 0x10)

0s ago: executing program 3 (id=9233):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$kcm(0x11, 0x2, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], 0x0}, 0x94)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1f, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000980)=@bpf_tracing={0x1a, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000011000000000000000900bd5a184000000700000000000000000000009500000000000000"], &(0x7f0000000840)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x2fafa, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000940)=[{0x2, 0x3, 0x9, 0x7}], 0x10, 0x41e}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x2, 0xc, &(0x7f0000000c40)=ANY=[@ANYRES64=r0, @ANYBLOB="d68a6de995697835d959908e370966218be0ac995481a30cbbde19294f003f5a6486a898257110f943be7d93d968c6c639d4b7226e3cca0001ef0753b13536314cad2a5c8df9d42d4c7d3d993819160361413bd96e9c78f22e5919419dd7732d183055e3cd29eb00216f7bee14e0fe27b283de3a3004c7fdab2cc7c9f959a77154c1", @ANYBLOB="56ec"], &(0x7f0000000240)='GPL\x00', 0xb14, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x25, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r3, 0x0, 0x0}, 0x10)
r4 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x84002, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0xf}, 0x410, 0x1fffffc, 0x0, 0x0, 0x1fffffd}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x11c03a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, 0x0}, 0x0)
r5 = syz_clone(0x10002400, &(0x7f00000003c0)="0d9773cc4b02688a0b", 0x9, &(0x7f0000000400), &(0x7f0000000440), &(0x7f0000000740)="b9a66e6c0fcb9fa99bf7036a555262eece78a5de5b5335b2831cf71bb08418af346c6fe659ae0a3d2666e8d65e861b244e8a283cc430f1dda60b9651626ffa474b17f5c3f6871e07324948436818a63c93af7e40a4cd86d6d47fda08682a826f4b7c24b0aa0851c28a5627ffc26288b40f927c7f1c8a38417534dec04a5c0daa21702f")
syz_open_procfs$namespace(r5, &(0x7f0000000480)='ns/pid\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000020000000000000000000003000000000100000001000000010001000000"], 0x0, 0x32}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/mnt\x00')
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001140)=@bpf_ext={0x1c, 0x12, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000070000000000000005000000186800000000000000000000e6000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000090000000800000085000000a50000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x1, 0xbe, &(0x7f0000000d00)=""/190, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x23551, r0, 0x5, &(0x7f0000001000)=[r1, 0xffffffffffffffff, r1], &(0x7f0000001040)=[{0x1, 0x5, 0xf, 0xc}, {0x3, 0x5, 0xc, 0x8}, {0x2, 0x5, 0xe, 0x1}, {0x3, 0x4, 0x0, 0x8}, {0x1, 0x1, 0x3, 0x2}], 0x10, 0xa}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r6, 0x3, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'nr0\x00', 0x31})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89a0, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89a2, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

info+0x390/0x390
[ 1810.096283][T32439]  ? lock_chain_count+0x20/0x20
[ 1810.101280][T32439]  __x64_sys_bpf+0x7c/0x90
[ 1810.105886][T32439]  do_syscall_64+0x55/0xa0
[ 1810.110437][T32439]  ? clear_bhb_loop+0x40/0x90
[ 1810.115249][T32439]  ? clear_bhb_loop+0x40/0x90
[ 1810.119966][T32439]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1810.125899][T32439] RIP: 0033:0x7ff9c959c799
[ 1810.130341][T32439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1810.150052][T32439] RSP: 002b:00007ff9ca3bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1810.158480][T32439] RAX: ffffffffffffffda RBX: 00007ff9c9815fa0 RCX: 00007ff9c959c799
[ 1810.166464][T32439] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[ 1810.174540][T32439] RBP: 00007ff9ca3bc090 R08: 0000000000000000 R09: 0000000000000000
[ 1810.182704][T32439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1810.190682][T32439] R13: 00007ff9c9816038 R14: 00007ff9c9815fa0 R15: 00007fff411c4878
[ 1810.198768][T32439]  </TASK>
[ 1810.210536][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1810.212396][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1810.339797][T32446] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.8206'.
[ 1810.467788][T32446] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1810.835117][T32455] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.8208'.
[ 1811.001467][T32455] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1811.534386][T32474] FAULT_INJECTION: forcing a failure.
[ 1811.534386][T32474] name failslab, interval 1, probability 0, space 0, times 0
[ 1811.563865][T32474] CPU: 1 PID: 32474 Comm: syz.2.8216 Not tainted syzkaller #0
[ 1811.571419][T32474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1811.581616][T32474] Call Trace:
[ 1811.584943][T32474]  <TASK>
[ 1811.587923][T32474]  dump_stack_lvl+0x18c/0x250
[ 1811.592659][T32474]  ? show_regs_print_info+0x20/0x20
[ 1811.597908][T32474]  ? load_image+0x400/0x400
[ 1811.602457][T32474]  ? __lock_acquire+0x7d40/0x7d40
[ 1811.607617][T32474]  ? __lock_acquire+0x7d40/0x7d40
[ 1811.612700][T32474]  should_fail_ex+0x39d/0x4d0
[ 1811.617592][T32474]  should_failslab+0x9/0x20
[ 1811.622099][T32474]  slab_pre_alloc_hook+0x59/0x310
[ 1811.627129][T32474]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[ 1811.632763][T32474]  kmem_cache_alloc_lru+0x4d/0x2d0
[ 1811.637888][T32474]  ? sock_alloc_inode+0x28/0xc0
[ 1811.643007][T32474]  sock_alloc_inode+0x28/0xc0
[ 1811.647716][T32474]  ? sockfs_init_fs_context+0xb0/0xb0
[ 1811.653119][T32474]  new_inode_pseudo+0x63/0x1d0
[ 1811.657905][T32474]  __sock_create+0x12d/0x940
[ 1811.662528][T32474]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1811.668562][T32474]  __sys_socket+0xd7/0x1a0
[ 1811.673095][T32474]  __x64_sys_socket+0x7a/0x90
[ 1811.677792][T32474]  do_syscall_64+0x55/0xa0
[ 1811.682234][T32474]  ? clear_bhb_loop+0x40/0x90
[ 1811.686917][T32474]  ? clear_bhb_loop+0x40/0x90
[ 1811.691619][T32474]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1811.697562][T32474] RIP: 0033:0x7f4d5b99c799
[ 1811.701989][T32474] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1811.721692][T32474] RSP: 002b:00007f4d5c7a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1811.730122][T32474] RAX: ffffffffffffffda RBX: 00007f4d5bc15fa0 RCX: 00007f4d5b99c799
[ 1811.738103][T32474] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 000000000000002c
[ 1811.746169][T32474] RBP: 00007f4d5c7a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1811.754142][T32474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1811.762133][T32474] R13: 00007f4d5bc16038 R14: 00007f4d5bc15fa0 R15: 00007ffc3d39c098
[ 1811.770224][T32474]  </TASK>
[ 1811.776488][T32474] socket: no more sockets
[ 1811.846483][T32476] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.8217'.
[ 1812.109319][T32476] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1812.593521][T32487] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.8222'.
[ 1812.613276][T32491] netlink: 'syz.1.8221': attribute type 25 has an invalid length.
[ 1812.648556][T32491] netlink: 'syz.1.8221': attribute type 9 has an invalid length.
[ 1813.406595][T32508] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1813.679518][T32515] netlink: 64 bytes leftover after parsing attributes in process `syz.2.8232'.
[ 1814.190126][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1814.338144][T32532] FAULT_INJECTION: forcing a failure.
[ 1814.338144][T32532] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1814.422187][T32532] CPU: 1 PID: 32532 Comm: syz.2.8238 Not tainted syzkaller #0
[ 1814.429724][T32532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1814.439802][T32532] Call Trace:
[ 1814.443217][T32532]  <TASK>
[ 1814.446188][T32532]  dump_stack_lvl+0x18c/0x250
[ 1814.450925][T32532]  ? show_regs_print_info+0x20/0x20
[ 1814.456174][T32532]  ? load_image+0x400/0x400
[ 1814.460807][T32532]  ? __might_fault+0xaa/0x120
[ 1814.465612][T32532]  ? __lock_acquire+0x7d40/0x7d40
[ 1814.470876][T32532]  ? mark_lock+0x94/0x320
[ 1814.475265][T32532]  should_fail_ex+0x39d/0x4d0
[ 1814.479992][T32532]  _copy_from_user+0x2f/0xe0
[ 1814.484630][T32532]  ___sys_sendmsg+0x1c7/0x360
[ 1814.489357][T32532]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1814.494272][T32532]  ? trace_call_bpf+0xc3/0x6c0
[ 1814.499109][T32532]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1814.503998][T32532]  ? __x64_sys_sendmsg+0x80/0x80
[ 1814.508983][T32532]  ? lockdep_hardirqs_on+0x98/0x150
[ 1814.514216][T32532]  do_syscall_64+0x55/0xa0
[ 1814.518664][T32532]  ? clear_bhb_loop+0x40/0x90
[ 1814.523372][T32532]  ? clear_bhb_loop+0x40/0x90
[ 1814.528116][T32532]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1814.534049][T32532] RIP: 0033:0x7f4d5b99c799
[ 1814.538592][T32532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1814.558262][T32532] RSP: 002b:00007f4d5c786028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1814.566728][T32532] RAX: ffffffffffffffda RBX: 00007f4d5bc16090 RCX: 00007f4d5b99c799
[ 1814.574730][T32532] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000009
[ 1814.582718][T32532] RBP: 00007f4d5c786090 R08: 0000000000000000 R09: 0000000000000000
[ 1814.590696][T32532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1814.598675][T32532] R13: 00007f4d5bc16128 R14: 00007f4d5bc16090 R15: 00007ffc3d39c098
[ 1814.606660][T32532]  </TASK>
[ 1814.811233][T32536] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.8239'.
[ 1814.921883][T32536] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1814.953138][T32541] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.8241'.
[ 1815.127094][T32541] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1815.165137][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1815.489611][T32555] netlink: 'syz.3.8247': attribute type 25 has an invalid length.
[ 1815.558842][T32555] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.8247'.
[ 1815.900740][T32566] netlink: 'syz.0.8250': attribute type 21 has an invalid length.
[ 1815.926811][T32566] netlink: 'syz.0.8250': attribute type 10 has an invalid length.
[ 1815.941359][T32566] netlink: 55 bytes leftover after parsing attributes in process `syz.0.8250'.
[ 1816.195044][ T5911] wlan1: Creating new IBSS network, BSSID 7e:6c:ad:10:9f:72
[ 1816.976933][T32571] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.8252'.
[ 1817.062213][T32572] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1817.160258][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1818.124498][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1818.619253][T32601] netlink: 'syz.3.8262': attribute type 29 has an invalid length.
[ 1818.679613][T32601] netlink: 'syz.3.8262': attribute type 29 has an invalid length.
[ 1818.833390][T32607] netlink: 'syz.1.8263': attribute type 21 has an invalid length.
[ 1818.953552][T32607] netlink: 'syz.1.8263': attribute type 10 has an invalid length.
[ 1818.995829][T32607] netlink: 55 bytes leftover after parsing attributes in process `syz.1.8263'.
[ 1819.078864][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1819.212977][ T5911] wlan1: Creating new IBSS network, BSSID 2e:5e:6e:2b:07:11
[ 1819.960360][T32619] netlink: 'syz.3.8266': attribute type 21 has an invalid length.
[ 1819.983409][T32619] netlink: 128 bytes leftover after parsing attributes in process `syz.3.8266'.
[ 1819.999149][T32619] netlink: 'syz.3.8266': attribute type 5 has an invalid length.
[ 1820.014758][T32619] netlink: 'syz.3.8266': attribute type 6 has an invalid length.
[ 1820.028891][T32619] netlink: 3 bytes leftover after parsing attributes in process `syz.3.8266'.
[ 1820.113481][T32623] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.8267'.
[ 1820.431046][T32634] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8273'.
[ 1820.798265][T32634] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1821.817731][T32655] netlink: 'syz.3.8279': attribute type 25 has an invalid length.
[ 1821.825909][T32655] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.8279'.
[ 1822.121956][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1822.128919][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1823.155533][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1823.826628][ T5911] wlan1: Creating new IBSS network, BSSID 46:9d:e5:42:16:ff
[ 1824.596900][T32694] netlink: 'syz.3.8293': attribute type 25 has an invalid length.
[ 1824.625906][T32694] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.8293'.
[ 1825.231556][ T5773] Bluetooth: hci2: command 0x0406 tx timeout
[ 1825.834028][T32703] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1825.879433][T32698] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8294'.
[ 1826.161066][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1827.004474][T32734] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.8305'.
[ 1827.056477][T32737] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1828.374806][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1830.039684][  T300] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.8316'.
[ 1830.130116][  T303] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1830.188316][  T305] FAULT_INJECTION: forcing a failure.
[ 1830.188316][  T305] name failslab, interval 1, probability 0, space 0, times 0
[ 1830.267790][  T305] CPU: 1 PID: 305 Comm: syz.1.8318 Not tainted syzkaller #0
[ 1830.275165][  T305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1830.285260][  T305] Call Trace:
[ 1830.288566][  T305]  <TASK>
[ 1830.291521][  T305]  dump_stack_lvl+0x18c/0x250
[ 1830.296241][  T305]  ? show_regs_print_info+0x20/0x20
[ 1830.301479][  T305]  ? load_image+0x400/0x400
[ 1830.306106][  T305]  ? __might_sleep+0xe0/0xe0
[ 1830.310815][  T305]  ? __lock_acquire+0x7d40/0x7d40
[ 1830.315878][  T305]  should_fail_ex+0x39d/0x4d0
[ 1830.320606][  T305]  should_failslab+0x9/0x20
[ 1830.325153][  T305]  slab_pre_alloc_hook+0x59/0x310
[ 1830.330220][  T305]  ? apparmor_sk_alloc_security+0x77/0x100
[ 1830.336062][  T305]  __kmem_cache_alloc_node+0x53/0x250
[ 1830.341474][  T305]  ? apparmor_sk_alloc_security+0x77/0x100
[ 1830.347313][  T305]  kmalloc_trace+0x2a/0xe0
[ 1830.351957][  T305]  apparmor_sk_alloc_security+0x77/0x100
[ 1830.357655][  T305]  security_sk_alloc+0x6e/0xa0
[ 1830.362473][  T305]  sk_prot_alloc+0x101/0x210
[ 1830.367277][  T305]  ? sk_alloc+0x24/0x360
[ 1830.371641][  T305]  sk_alloc+0x3a/0x360
[ 1830.375753][  T305]  ? bpf_ctx_init+0x163/0x1a0
[ 1830.380478][  T305]  ? bpf_prog_test_run_skb+0x273/0x12b0
[ 1830.386071][  T305]  bpf_prog_test_run_skb+0x3a5/0x12b0
[ 1830.391476][  T305]  ? __fget_files+0x28/0x4b0
[ 1830.396100][  T305]  ? __fget_files+0x28/0x4b0
[ 1830.400712][  T305]  ? __fget_files+0x43d/0x4b0
[ 1830.405424][  T305]  ? cpu_online+0x60/0x60
[ 1830.409961][  T305]  bpf_prog_test_run+0x321/0x390
[ 1830.414922][  T305]  __sys_bpf+0x49d/0x890
[ 1830.419190][  T305]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1830.424590][  T305]  ? lock_chain_count+0x20/0x20
[ 1830.429660][  T305]  __x64_sys_bpf+0x7c/0x90
[ 1830.434158][  T305]  do_syscall_64+0x55/0xa0
[ 1830.438686][  T305]  ? clear_bhb_loop+0x40/0x90
[ 1830.443396][  T305]  ? clear_bhb_loop+0x40/0x90
[ 1830.448117][  T305]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1830.454054][  T305] RIP: 0033:0x7fe1f8d9c799
[ 1830.458674][  T305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1830.478494][  T305] RSP: 002b:00007fe1f9d19028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1830.487201][  T305] RAX: ffffffffffffffda RBX: 00007fe1f9015fa0 RCX: 00007fe1f8d9c799
[ 1830.495186][  T305] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[ 1830.503337][  T305] RBP: 00007fe1f9d19090 R08: 0000000000000000 R09: 0000000000000000
[ 1830.511314][  T305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1830.519297][  T305] R13: 00007fe1f9016038 R14: 00007fe1f9015fa0 R15: 00007ffeb6b74d98
[ 1830.527381][  T305]  </TASK>
[ 1830.589568][  T310] netlink: 'syz.3.8319': attribute type 25 has an invalid length.
[ 1830.597684][  T310] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.8319'.
[ 1831.110171][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1831.410987][  T327] syz.2.8323[327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1831.411084][  T327] syz.2.8323[327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1832.129766][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1833.073087][T30391] wlan1: Creating new IBSS network, BSSID 22:6a:05:35:dc:f8
[ 1834.128093][  T345] FAULT_INJECTION: forcing a failure.
[ 1834.128093][  T345] name failslab, interval 1, probability 0, space 0, times 0
[ 1834.134063][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1834.147695][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1834.162022][  T345] CPU: 1 PID: 345 Comm: syz.2.8330 Not tainted syzkaller #0
[ 1834.169904][  T345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1834.179993][  T345] Call Trace:
[ 1834.183307][  T345]  <TASK>
[ 1834.186272][  T345]  dump_stack_lvl+0x18c/0x250
[ 1834.191003][  T345]  ? show_regs_print_info+0x20/0x20
[ 1834.196514][  T345]  ? load_image+0x400/0x400
[ 1834.201098][  T345]  ? __might_sleep+0xe0/0xe0
[ 1834.205811][  T345]  ? __lock_acquire+0x7d40/0x7d40
[ 1834.210884][  T345]  should_fail_ex+0x39d/0x4d0
[ 1834.215625][  T345]  should_failslab+0x9/0x20
[ 1834.220175][  T345]  slab_pre_alloc_hook+0x59/0x310
[ 1834.225239][  T345]  ? apparmor_sk_alloc_security+0x77/0x100
[ 1834.231085][  T345]  __kmem_cache_alloc_node+0x53/0x250
[ 1834.236581][  T345]  ? apparmor_sk_alloc_security+0x77/0x100
[ 1834.242428][  T345]  kmalloc_trace+0x2a/0xe0
[ 1834.246882][  T345]  apparmor_sk_alloc_security+0x77/0x100
[ 1834.252552][  T345]  security_sk_alloc+0x6e/0xa0
[ 1834.257350][  T345]  sk_prot_alloc+0x101/0x210
[ 1834.262107][  T345]  ? sk_alloc+0x24/0x360
[ 1834.266400][  T345]  sk_alloc+0x3a/0x360
[ 1834.270528][  T345]  ? bpf_ctx_init+0x163/0x1a0
[ 1834.275255][  T345]  ? bpf_prog_test_run_skb+0x273/0x12b0
[ 1834.280846][  T345]  bpf_prog_test_run_skb+0x3a5/0x12b0
[ 1834.286253][  T345]  ? __fget_files+0x28/0x4b0
[ 1834.290881][  T345]  ? __fget_files+0x28/0x4b0
[ 1834.295684][  T345]  ? __fget_files+0x43d/0x4b0
[ 1834.300405][  T345]  ? cpu_online+0x60/0x60
[ 1834.304766][  T345]  bpf_prog_test_run+0x321/0x390
[ 1834.309753][  T345]  __sys_bpf+0x49d/0x890
[ 1834.314128][  T345]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1834.319556][  T345]  ? lock_chain_count+0x20/0x20
[ 1834.324459][  T345]  __x64_sys_bpf+0x7c/0x90
[ 1834.328908][  T345]  do_syscall_64+0x55/0xa0
[ 1834.333371][  T345]  ? clear_bhb_loop+0x40/0x90
[ 1834.338081][  T345]  ? clear_bhb_loop+0x40/0x90
[ 1834.342799][  T345]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1834.348895][  T345] RIP: 0033:0x7f4d5b99c799
[ 1834.353346][  T345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1834.373171][  T345] RSP: 002b:00007f4d5c7a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1834.381635][  T345] RAX: ffffffffffffffda RBX: 00007f4d5bc15fa0 RCX: 00007f4d5b99c799
[ 1834.389649][  T345] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[ 1834.397714][  T345] RBP: 00007f4d5c7a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1834.405728][  T345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1834.413759][  T345] R13: 00007f4d5bc16038 R14: 00007f4d5bc15fa0 R15: 00007ffc3d39c098
[ 1834.421821][  T345]  </TASK>
[ 1834.583807][  T351] netlink: 'syz.1.8333': attribute type 25 has an invalid length.
[ 1834.615731][  T353] netlink: 'syz.3.8335': attribute type 2 has an invalid length.
[ 1834.628854][  T351] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.8333'.
[ 1834.643798][  T353] netlink: 'syz.3.8335': attribute type 8 has an invalid length.
[ 1834.665071][  T353] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8335'.
[ 1834.998312][  T356] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8336'.
[ 1835.452827][ T1131] wlan1: Creating new IBSS network, BSSID ee:fb:77:04:59:3b
[ 1835.489920][  T356] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1835.826349][  T375] syz.3.8341[375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1835.826489][  T375] syz.3.8341[375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1835.906471][  T377] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1835.938683][  T377] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1835.960709][  T377] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1835.968515][  T377] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1836.025599][  T377] bridge0: port 1(batadv0) entered disabled state
[ 1836.126962][  T377] bridge0: port 1(batadv0) entered disabled state
[ 1836.142264][  T386] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8345'.
[ 1836.155884][  T388] netlink: 'syz.2.8346': attribute type 25 has an invalid length.
[ 1836.164221][  T388] netlink: 2418 bytes leftover after parsing attributes in process `syz.2.8346'.
[ 1836.317616][  T393] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.8348'.
[ 1836.368281][  T397] FAULT_INJECTION: forcing a failure.
[ 1836.368281][  T397] name failslab, interval 1, probability 0, space 0, times 0
[ 1836.385321][  T397] CPU: 1 PID: 397 Comm: syz.0.8349 Not tainted syzkaller #0
[ 1836.392673][  T397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1836.402853][  T397] Call Trace:
[ 1836.406179][  T397]  <TASK>
[ 1836.409145][  T397]  dump_stack_lvl+0x18c/0x250
[ 1836.413874][  T397]  ? show_regs_print_info+0x20/0x20
[ 1836.419213][  T397]  ? load_image+0x400/0x400
[ 1836.423759][  T397]  ? __might_sleep+0xe0/0xe0
[ 1836.428387][  T397]  ? __lock_acquire+0x7d40/0x7d40
[ 1836.433458][  T397]  should_fail_ex+0x39d/0x4d0
[ 1836.438269][  T397]  should_failslab+0x9/0x20
[ 1836.442827][  T397]  slab_pre_alloc_hook+0x59/0x310
[ 1836.447934][  T397]  ? __lock_acquire+0x7d40/0x7d40
[ 1836.453086][  T397]  ? kvmalloc_node+0x70/0x180
[ 1836.457805][  T397]  ? kvmalloc_node+0x70/0x180
[ 1836.462532][  T397]  __kmem_cache_alloc_node+0x53/0x250
[ 1836.468054][  T397]  ? __schedule_delayed_monitor_work+0x200/0x200
[ 1836.474436][  T397]  ? kvmalloc_node+0x70/0x180
[ 1836.479337][  T397]  __kmalloc_node+0xa4/0x230
[ 1836.483970][  T397]  kvmalloc_node+0x70/0x180
[ 1836.488519][  T397]  bpf_test_run_xdp_live+0x1c2/0x1b20
[ 1836.493959][  T397]  ? 0xffffffffa0004740
[ 1836.498251][  T397]  ? 0xffffffffa0004740
[ 1836.502626][  T397]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[ 1836.508750][  T397]  ? 0xffffffffa0004740
[ 1836.512942][  T397]  ? xdp_convert_md_to_buff+0x330/0x330
[ 1836.518558][  T397]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[ 1836.524841][  T397]  ? _copy_from_user+0xa5/0xe0
[ 1836.529655][  T397]  ? bpf_test_init+0x119/0x140
[ 1836.534501][  T397]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1836.540004][  T397]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[ 1836.545441][  T397]  ? dev_put+0x80/0x80
[ 1836.549574][  T397]  ? dev_put+0x80/0x80
[ 1836.553692][  T397]  bpf_prog_test_run+0x321/0x390
[ 1836.558680][  T397]  __sys_bpf+0x49d/0x890
[ 1836.562969][  T397]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1836.568495][  T397]  ? lock_chain_count+0x20/0x20
[ 1836.573404][  T397]  __x64_sys_bpf+0x7c/0x90
[ 1836.577959][  T397]  do_syscall_64+0x55/0xa0
[ 1836.582416][  T397]  ? clear_bhb_loop+0x40/0x90
[ 1836.587141][  T397]  ? clear_bhb_loop+0x40/0x90
[ 1836.591878][  T397]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1836.597806][  T397] RIP: 0033:0x7ff9c959c799
[ 1836.602235][  T397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1836.621939][  T397] RSP: 002b:00007ff9ca3bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1836.630362][  T397] RAX: ffffffffffffffda RBX: 00007ff9c9815fa0 RCX: 00007ff9c959c799
[ 1836.638443][  T397] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[ 1836.646599][  T397] RBP: 00007ff9ca3bc090 R08: 0000000000000000 R09: 0000000000000000
[ 1836.654679][  T397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1836.662744][  T397] R13: 00007ff9c9816038 R14: 00007ff9c9815fa0 R15: 00007fff411c4878
[ 1836.671102][  T397]  </TASK>
[ 1836.710937][  T393] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1836.929212][  T406] syz.0.8352[406] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1836.929382][  T406] syz.0.8352[406] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1837.265261][  T420] netlink: 16255 bytes leftover after parsing attributes in process `syz.0.8358'.
[ 1837.291066][  T419] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1837.328556][  T419] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1837.341900][  T419] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1837.362125][  T419] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1837.396738][  T419] bridge0: port 1(batadv0) entered disabled state
[ 1837.448370][  T425] netlink: 'syz.1.8362': attribute type 25 has an invalid length.
[ 1837.466131][  T425] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.8362'.
[ 1837.520153][  T419] bridge0: port 1(batadv0) entered disabled state
[ 1837.824463][  T437] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8366'.
[ 1837.901082][  T437] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1838.174735][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1839.037449][  T459] FAULT_INJECTION: forcing a failure.
[ 1839.037449][  T459] name failslab, interval 1, probability 0, space 0, times 0
[ 1839.075599][  T459] CPU: 0 PID: 459 Comm: syz.2.8374 Not tainted syzkaller #0
[ 1839.082959][  T459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1839.093155][  T459] Call Trace:
[ 1839.096467][  T459]  <TASK>
[ 1839.099426][  T459]  dump_stack_lvl+0x18c/0x250
[ 1839.104411][  T459]  ? show_regs_print_info+0x20/0x20
[ 1839.109648][  T459]  ? load_image+0x400/0x400
[ 1839.114195][  T459]  ? __might_sleep+0xe0/0xe0
[ 1839.118830][  T459]  ? __lock_acquire+0x7d40/0x7d40
[ 1839.123915][  T459]  should_fail_ex+0x39d/0x4d0
[ 1839.128657][  T459]  should_failslab+0x9/0x20
[ 1839.133206][  T459]  slab_pre_alloc_hook+0x59/0x310
[ 1839.138292][  T459]  ? alloc_fd+0x58f/0x630
[ 1839.142662][  T459]  kmem_cache_alloc_node+0x60/0x320
[ 1839.147903][  T459]  ? perf_event_alloc+0x15a/0x21b0
[ 1839.153155][  T459]  perf_event_alloc+0x15a/0x21b0
[ 1839.158136][  T459]  ? _raw_spin_unlock+0x28/0x40
[ 1839.163049][  T459]  ? alloc_fd+0x58f/0x630
[ 1839.167423][  T459]  __se_sys_perf_event_open+0x61f/0x1c50
[ 1839.173115][  T459]  ? __x64_sys_perf_event_open+0xc0/0xc0
[ 1839.178812][  T459]  ? syscall_enter_from_user_mode+0x2e/0x80
[ 1839.184913][  T459]  ? __x64_sys_perf_event_open+0x20/0xc0
[ 1839.190686][  T459]  do_syscall_64+0x55/0xa0
[ 1839.195234][  T459]  ? clear_bhb_loop+0x40/0x90
[ 1839.199947][  T459]  ? clear_bhb_loop+0x40/0x90
[ 1839.204758][  T459]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1839.210777][  T459] RIP: 0033:0x7f4d5b99c799
[ 1839.215319][  T459] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1839.235078][  T459] RSP: 002b:00007f4d5c786028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 1839.243545][  T459] RAX: ffffffffffffffda RBX: 00007f4d5bc16090 RCX: 00007f4d5b99c799
[ 1839.251754][  T459] RDX: 0000000000000001 RSI: ffffffffffffffff RDI: 0000200000001100
[ 1839.259766][  T459] RBP: 00007f4d5c786090 R08: 0000000000000002 R09: 0000000000000000
[ 1839.267893][  T459] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 1839.276078][  T459] R13: 00007f4d5bc16128 R14: 00007f4d5bc16090 R15: 00007ffc3d39c098
[ 1839.284111][  T459]  </TASK>
[ 1839.336644][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1839.620396][ T5923] wlan1: Creating new IBSS network, BSSID ca:16:2f:f6:b9:d0
[ 1840.121897][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1840.406307][  T470] netlink: 'syz.2.8378': attribute type 25 has an invalid length.
[ 1840.452079][  T470] netlink: 2418 bytes leftover after parsing attributes in process `syz.2.8378'.
[ 1840.474707][  T471] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1840.858351][  T478] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.8388'.
[ 1840.936746][  T478] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1840.962817][  T480] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.8380'.
[ 1841.001403][  T480] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1841.236128][  T486] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1841.255860][  T486] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1841.270293][  T486] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1841.278082][  T486] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1841.293285][  T486] bridge0: port 1(batadv0) entered disabled state
[ 1841.348250][  T486] bridge0: port 1(batadv0) entered disabled state
[ 1841.368007][  T488] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.8384'.
[ 1841.707711][  T493] netlink: 'syz.0.8386': attribute type 10 has an invalid length.
[ 1841.729095][  T493] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8386'.
[ 1841.748623][  T493] netlink: 'syz.0.8386': attribute type 10 has an invalid length.
[ 1841.756502][  T493] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8386'.
[ 1841.913384][  T504] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8391'.
[ 1842.001810][  T506] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1842.095912][  T509] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.8392'.
[ 1842.190869][  T514] netlink: 'syz.3.8393': attribute type 25 has an invalid length.
[ 1842.208632][  T514] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.8393'.
[ 1842.213181][  T509] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1842.255430][  T516] netlink: 'syz.2.8394': attribute type 3 has an invalid length.
[ 1842.264271][  T516] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.8394'.
[ 1842.375056][  T516] netlink: 209840 bytes leftover after parsing attributes in process `syz.2.8394'.
[ 1842.868169][  T531] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1843.054536][  T536] pim6reg1: entered allmulticast mode
[ 1843.134945][  T536] netlink: 'syz.0.8402': attribute type 10 has an invalid length.
[ 1843.520100][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1843.526723][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1843.854062][  T536] .`: (slave batadv_slave_0): Enslaving as an active interface with an up link
[ 1843.881327][  T541] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.8403'.
[ 1844.069863][  T546] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1844.079666][  T548] netlink: 'syz.2.8404': attribute type 10 has an invalid length.
[ 1844.093638][  T548] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1844.124291][  T551] netlink: 'syz.1.8405': attribute type 3 has an invalid length.
[ 1844.136016][  T548] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1844.143436][  T548] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1844.162231][  T551] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.8405'.
[ 1844.177951][  T548] .`: (slave bridge0): Enslaving as an active interface with an up link
[ 1845.164945][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1845.200236][  T582] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1845.278940][  T587] FAULT_INJECTION: forcing a failure.
[ 1845.278940][  T587] name failslab, interval 1, probability 0, space 0, times 0
[ 1845.316280][  T587] CPU: 0 PID: 587 Comm: syz.0.8417 Not tainted syzkaller #0
[ 1845.323633][  T587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1845.333784][  T587] Call Trace:
[ 1845.337177][  T587]  <TASK>
[ 1845.340220][  T587]  dump_stack_lvl+0x18c/0x250
[ 1845.345110][  T587]  ? show_regs_print_info+0x20/0x20
[ 1845.350342][  T587]  ? load_image+0x400/0x400
[ 1845.354895][  T587]  ? verify_lock_unused+0x140/0x140
[ 1845.360217][  T587]  should_fail_ex+0x39d/0x4d0
[ 1845.365292][  T587]  should_failslab+0x9/0x20
[ 1845.369805][  T587]  slab_pre_alloc_hook+0x59/0x310
[ 1845.374850][  T587]  kmem_cache_alloc+0x5a/0x2d0
[ 1845.379623][  T587]  ? skb_clone+0x1eb/0x370
[ 1845.384065][  T587]  skb_clone+0x1eb/0x370
[ 1845.388325][  T587]  __netlink_deliver_tap+0x41c/0x830
[ 1845.393643][  T587]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1845.398958][  T587]  netlink_deliver_tap+0x19c/0x1b0
[ 1845.404089][  T587]  netlink_unicast+0x72c/0x8d0
[ 1845.408880][  T587]  netlink_sendmsg+0x8d0/0xbf0
[ 1845.413697][  T587]  ? netlink_getsockopt+0x590/0x590
[ 1845.418941][  T587]  ? aa_sock_msg_perm+0x94/0x150
[ 1845.423922][  T587]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1845.429283][  T587]  ? security_socket_sendmsg+0x80/0xa0
[ 1845.434760][  T587]  ? netlink_getsockopt+0x590/0x590
[ 1845.439992][  T587]  ____sys_sendmsg+0x5ba/0x960
[ 1845.444808][  T587]  ? __asan_memset+0x22/0x40
[ 1845.449430][  T587]  ? __sys_sendmsg_sock+0x30/0x30
[ 1845.454484][  T587]  ? __import_iovec+0x5f2/0x850
[ 1845.459368][  T587]  ? import_iovec+0x73/0xa0
[ 1845.464081][  T587]  ___sys_sendmsg+0x2a6/0x360
[ 1845.468891][  T587]  ? get_pid_task+0x20/0x1e0
[ 1845.473506][  T587]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1845.478383][  T587]  ? __lock_acquire+0x7d40/0x7d40
[ 1845.483465][  T587]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1845.488328][  T587]  ? __x64_sys_sendmsg+0x80/0x80
[ 1845.493288][  T587]  ? lockdep_hardirqs_on+0x98/0x150
[ 1845.498648][  T587]  do_syscall_64+0x55/0xa0
[ 1845.503094][  T587]  ? clear_bhb_loop+0x40/0x90
[ 1845.507879][  T587]  ? clear_bhb_loop+0x40/0x90
[ 1845.512645][  T587]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1845.518554][  T587] RIP: 0033:0x7ff9c959c799
[ 1845.522980][  T587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1845.542605][  T587] RSP: 002b:00007ff9ca3bc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1845.551055][  T587] RAX: ffffffffffffffda RBX: 00007ff9c9815fa0 RCX: 00007ff9c959c799
[ 1845.559082][  T587] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1845.567078][  T587] RBP: 00007ff9ca3bc090 R08: 0000000000000000 R09: 0000000000000000
[ 1845.575064][  T587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1845.583049][  T587] R13: 00007ff9c9816038 R14: 00007ff9c9815fa0 R15: 00007fff411c4878
[ 1845.591049][  T587]  </TASK>
[ 1845.599592][  T587] netlink: 'syz.0.8417': attribute type 2 has an invalid length.
[ 1845.618638][  T587] netlink: 'syz.0.8417': attribute type 8 has an invalid length.
[ 1845.992932][  T597] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1846.120041][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1847.228811][  T614] __nla_validate_parse: 4 callbacks suppressed
[ 1847.228855][  T614] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8427'.
[ 1847.392838][  T616] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1847.697836][  T627] netlink: 'syz.3.8429': attribute type 10 has an invalid length.
[ 1847.901918][  T627] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[ 1848.123699][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1848.364891][  T652] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.8437'.
[ 1848.423013][  T652] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1848.711004][  T657] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.8441'.
[ 1848.954304][  T657] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1849.167736][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1849.956716][  T686] netlink: 'syz.0.8449': attribute type 8 has an invalid length.
[ 1849.967510][  T686] netlink: 156 bytes leftover after parsing attributes in process `syz.0.8449'.
[ 1850.119959][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1850.127256][  T686] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8449'.
[ 1850.259203][  T692] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.8452'.
[ 1850.369474][  T696] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.8453'.
[ 1850.401434][  T692] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1850.427016][  T696] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1850.616429][  T699] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8454'.
[ 1850.683386][  T699] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1850.859741][  T710] netlink: 'syz.2.8458': attribute type 4 has an invalid length.
[ 1850.867660][  T710] netlink: 152 bytes leftover after parsing attributes in process `syz.2.8458'.
[ 1851.035511][  T706] pim6reg1: entered allmulticast mode
[ 1851.158757][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1851.252867][  T706] netlink: 'syz.1.8457': attribute type 10 has an invalid length.
[ 1851.277187][  T706] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1851.294804][  T720] FAULT_INJECTION: forcing a failure.
[ 1851.294804][  T720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1851.309588][  T720] CPU: 1 PID: 720 Comm: syz.2.8464 Not tainted syzkaller #0
[ 1851.316929][  T720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1851.327109][  T720] Call Trace:
[ 1851.330420][  T720]  <TASK>
[ 1851.333379][  T720]  dump_stack_lvl+0x18c/0x250
[ 1851.338454][  T720]  ? show_regs_print_info+0x20/0x20
[ 1851.343703][  T720]  ? load_image+0x400/0x400
[ 1851.348336][  T720]  ? __might_fault+0xaa/0x120
[ 1851.353139][  T720]  ? __lock_acquire+0x7d40/0x7d40
[ 1851.358208][  T720]  should_fail_ex+0x39d/0x4d0
[ 1851.362940][  T720]  _copy_from_user+0x2f/0xe0
[ 1851.367664][  T720]  ___sys_sendmsg+0x1c7/0x360
[ 1851.372380][  T720]  ? get_pid_task+0x20/0x1e0
[ 1851.377013][  T720]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1851.380220][  T706] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1851.381817][  T720]  ? __lock_acquire+0x7d40/0x7d40
[ 1851.381874][  T720]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1851.381899][  T720]  ? __x64_sys_sendmsg+0x80/0x80
[ 1851.381937][  T720]  ? lockdep_hardirqs_on+0x98/0x150
[ 1851.381964][  T720]  do_syscall_64+0x55/0xa0
[ 1851.381990][  T720]  ? clear_bhb_loop+0x40/0x90
[ 1851.382013][  T720]  ? clear_bhb_loop+0x40/0x90
[ 1851.382037][  T720]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1851.382059][  T720] RIP: 0033:0x7f4d5b99c799
[ 1851.382077][  T720] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1851.382095][  T720] RSP: 002b:00007f4d5c7a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1851.461724][  T720] RAX: ffffffffffffffda RBX: 00007f4d5bc15fa0 RCX: 00007f4d5b99c799
[ 1851.469718][  T720] RDX: 0000000060044084 RSI: 0000200000000040 RDI: 0000000000000003
[ 1851.477730][  T720] RBP: 00007f4d5c7a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1851.485803][  T720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1851.493815][  T720] R13: 00007f4d5bc16038 R14: 00007f4d5bc15fa0 R15: 00007ffc3d39c098
[ 1851.501847][  T720]  </TASK>
[ 1851.795172][  T726] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8465'.
[ 1852.025511][  T730] netlink: 'syz.1.8468': attribute type 25 has an invalid length.
[ 1852.038702][  T730] netlink: 'syz.1.8468': attribute type 9 has an invalid length.
[ 1852.111289][  T726] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1852.422215][  T734] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1853.078934][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1853.169904][  T767] netlink: 'syz.0.8478': attribute type 2 has an invalid length.
[ 1853.178102][  T767] netlink: 'syz.0.8478': attribute type 8 has an invalid length.
[ 1853.187515][  T767] __nla_validate_parse: 2 callbacks suppressed
[ 1853.187531][  T767] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8478'.
[ 1853.306297][  T769] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.8479'.
[ 1853.377165][  T769] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1853.454858][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.462047][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1854.506807][  T800] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.8489'.
[ 1854.894221][  T812] netlink: 'syz.3.8492': attribute type 9 has an invalid length.
[ 1854.926587][  T812] netlink: 399 bytes leftover after parsing attributes in process `syz.3.8492'.
[ 1855.041718][  T816] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1855.051734][  T814] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.8493'.
[ 1855.080039][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1855.157163][  T820] netlink: 'syz.2.8502': attribute type 10 has an invalid length.
[ 1855.165234][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1855.205703][  T820] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1855.493763][  T827] FAULT_INJECTION: forcing a failure.
[ 1855.493763][  T827] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1855.514354][  T827] CPU: 0 PID: 827 Comm: syz.1.8497 Not tainted syzkaller #0
[ 1855.521718][  T827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1855.531788][  T827] Call Trace:
[ 1855.535166][  T827]  <TASK>
[ 1855.538138][  T827]  dump_stack_lvl+0x18c/0x250
[ 1855.542842][  T827]  ? show_regs_print_info+0x20/0x20
[ 1855.548151][  T827]  ? load_image+0x400/0x400
[ 1855.552933][  T827]  ? __might_fault+0xaa/0x120
[ 1855.557716][  T827]  ? __lock_acquire+0x7d40/0x7d40
[ 1855.562847][  T827]  should_fail_ex+0x39d/0x4d0
[ 1855.567569][  T827]  _copy_to_user+0x2f/0xa0
[ 1855.572003][  T827]  bpf_test_finish+0x25a/0x650
[ 1855.576786][  T827]  ? convert___skb_to_skb+0x590/0x590
[ 1855.582175][  T827]  ? convert_skb_to___skb+0x420/0x420
[ 1855.587911][  T827]  ? bpf_test_init+0x119/0x140
[ 1855.592690][  T827]  bpf_prog_test_run_xdp+0x8a9/0x10e0
[ 1855.598087][  T827]  ? dev_put+0x80/0x80
[ 1855.602189][  T827]  ? dev_put+0x80/0x80
[ 1855.606287][  T827]  bpf_prog_test_run+0x321/0x390
[ 1855.611337][  T827]  __sys_bpf+0x49d/0x890
[ 1855.615680][  T827]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1855.621079][  T827]  ? lock_chain_count+0x20/0x20
[ 1855.625953][  T827]  __x64_sys_bpf+0x7c/0x90
[ 1855.630382][  T827]  do_syscall_64+0x55/0xa0
[ 1855.634818][  T827]  ? clear_bhb_loop+0x40/0x90
[ 1855.639508][  T827]  ? clear_bhb_loop+0x40/0x90
[ 1855.644285][  T827]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1855.650190][  T827] RIP: 0033:0x7fe1f8d9c799
[ 1855.654703][  T827] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1855.674577][  T827] RSP: 002b:00007fe1f9d19028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1855.683117][  T827] RAX: ffffffffffffffda RBX: 00007fe1f9015fa0 RCX: 00007fe1f8d9c799
[ 1855.691188][  T827] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[ 1855.699168][  T827] RBP: 00007fe1f9d19090 R08: 0000000000000000 R09: 0000000000000000
[ 1855.707147][  T827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1855.715245][  T827] R13: 00007fe1f9016038 R14: 00007fe1f9015fa0 R15: 00007ffeb6b74d98
[ 1855.723331][  T827]  </TASK>
[ 1855.802224][  T830] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.8498'.
[ 1855.828711][  T830] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.8498'.
[ 1855.850384][  T830] netlink: 2 bytes leftover after parsing attributes in process `syz.0.8498'.
[ 1855.861077][  T838] netlink: 142556 bytes leftover after parsing attributes in process `syz.3.8503'.
[ 1855.876087][  T838] netlink: 'syz.3.8503': attribute type 1 has an invalid length.
[ 1855.876528][  T840] FAULT_INJECTION: forcing a failure.
[ 1855.876528][  T840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1855.885451][  T838] netlink: 'syz.3.8503': attribute type 2 has an invalid length.
[ 1855.897745][  T840] CPU: 0 PID: 840 Comm: syz.1.8500 Not tainted syzkaller #0
[ 1855.907186][  T838] netlink: 'syz.3.8503': attribute type 3 has an invalid length.
[ 1855.912640][  T840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1855.912657][  T840] Call Trace:
[ 1855.912666][  T840]  <TASK>
[ 1855.912675][  T840]  dump_stack_lvl+0x18c/0x250
[ 1855.912715][  T840]  ? show_regs_print_info+0x20/0x20
[ 1855.912743][  T840]  ? load_image+0x400/0x400
[ 1855.923425][  T838] netlink: 'syz.3.8503': attribute type 4 has an invalid length.
[ 1855.930699][  T840]  ? __might_fault+0xaa/0x120
[ 1855.930730][  T840]  ? __lock_acquire+0x7d40/0x7d40
[ 1855.930766][  T840]  should_fail_ex+0x39d/0x4d0
[ 1855.930800][  T840]  _copy_from_user+0x2f/0xe0
[ 1855.979894][  T840]  ___sys_sendmsg+0x1c7/0x360
[ 1855.984602][  T840]  ? get_pid_task+0x20/0x1e0
[ 1855.989222][  T840]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1855.994029][  T840]  ? __lock_acquire+0x7d40/0x7d40
[ 1855.999201][  T840]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1856.004184][  T840]  ? __x64_sys_sendmsg+0x80/0x80
[ 1856.009163][  T840]  ? lockdep_hardirqs_on+0x98/0x150
[ 1856.014474][  T840]  do_syscall_64+0x55/0xa0
[ 1856.018928][  T840]  ? clear_bhb_loop+0x40/0x90
[ 1856.023643][  T840]  ? clear_bhb_loop+0x40/0x90
[ 1856.028393][  T840]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1856.034326][  T840] RIP: 0033:0x7fe1f8d9c799
[ 1856.039027][  T840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1856.058825][  T840] RSP: 002b:00007fe1f9d19028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1856.067252][  T840] RAX: ffffffffffffffda RBX: 00007fe1f9015fa0 RCX: 00007fe1f8d9c799
[ 1856.075318][  T840] RDX: 0000000000000090 RSI: 0000200000000340 RDI: 0000000000000003
[ 1856.083398][  T840] RBP: 00007fe1f9d19090 R08: 0000000000000000 R09: 0000000000000000
[ 1856.091649][  T840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1856.099627][  T840] R13: 00007fe1f9016038 R14: 00007fe1f9015fa0 R15: 00007ffeb6b74d98
[ 1856.107618][  T840]  </TASK>
[ 1856.119430][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1856.221100][  T846] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.8505'.
[ 1856.241433][  T846] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1856.490204][ T5911] wlan1: Creating new IBSS network, BSSID d6:2c:cb:17:19:0b
[ 1857.002256][  T876] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1857.257641][  T885] netlink: 'syz.1.8520': attribute type 1 has an invalid length.
[ 1857.951412][  T896] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1858.115481][  T912] FAULT_INJECTION: forcing a failure.
[ 1858.115481][  T912] name failslab, interval 1, probability 0, space 0, times 0
[ 1858.419406][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1858.528044][  T912] CPU: 0 PID: 912 Comm: syz.1.8527 Not tainted syzkaller #0
[ 1858.535405][  T912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1858.545600][  T912] Call Trace:
[ 1858.548918][  T912]  <TASK>
[ 1858.551885][  T912]  dump_stack_lvl+0x18c/0x250
[ 1858.556784][  T912]  ? show_regs_print_info+0x20/0x20
[ 1858.562111][  T912]  ? load_image+0x400/0x400
[ 1858.566658][  T912]  ? verify_lock_unused+0x140/0x140
[ 1858.571989][  T912]  ? perf_trace_lock+0xfc/0x3b0
[ 1858.576963][  T912]  should_fail_ex+0x39d/0x4d0
[ 1858.581690][  T912]  should_failslab+0x9/0x20
[ 1858.586317][  T912]  slab_pre_alloc_hook+0x59/0x310
[ 1858.591487][  T912]  kmem_cache_alloc+0x5a/0x2d0
[ 1858.596288][  T912]  ? skb_clone+0x1eb/0x370
[ 1858.600745][  T912]  skb_clone+0x1eb/0x370
[ 1858.605200][  T912]  __netlink_deliver_tap+0x41c/0x830
[ 1858.610543][  T912]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1858.615955][  T912]  netlink_deliver_tap+0x19c/0x1b0
[ 1858.621146][  T912]  netlink_unicast+0x72c/0x8d0
[ 1858.626076][  T912]  netlink_sendmsg+0x8d0/0xbf0
[ 1858.630999][  T912]  ? netlink_getsockopt+0x590/0x590
[ 1858.636342][  T912]  ? aa_sock_msg_perm+0x94/0x150
[ 1858.641335][  T912]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1858.646658][  T912]  ? security_socket_sendmsg+0x80/0xa0
[ 1858.652151][  T912]  ? netlink_getsockopt+0x590/0x590
[ 1858.657387][  T912]  ____sys_sendmsg+0x5ba/0x960
[ 1858.662181][  T912]  ? __asan_memset+0x22/0x40
[ 1858.666864][  T912]  ? __sys_sendmsg_sock+0x30/0x30
[ 1858.671941][  T912]  ? __import_iovec+0x5f2/0x850
[ 1858.676849][  T912]  ? import_iovec+0x73/0xa0
[ 1858.681380][  T912]  ___sys_sendmsg+0x2a6/0x360
[ 1858.686109][  T912]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1858.690908][  T912]  ? __lock_acquire+0x7d40/0x7d40
[ 1858.695972][  T912]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1858.700837][  T912]  ? __x64_sys_sendmsg+0x80/0x80
[ 1858.705807][  T912]  ? lockdep_hardirqs_on+0x98/0x150
[ 1858.711131][  T912]  do_syscall_64+0x55/0xa0
[ 1858.715658][  T912]  ? clear_bhb_loop+0x40/0x90
[ 1858.720353][  T912]  ? clear_bhb_loop+0x40/0x90
[ 1858.725044][  T912]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1858.730947][  T912] RIP: 0033:0x7fe1f8d9c799
[ 1858.735373][  T912] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1858.755344][  T912] RSP: 002b:00007fe1f9d19028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1858.763858][  T912] RAX: ffffffffffffffda RBX: 00007fe1f9015fa0 RCX: 00007fe1f8d9c799
[ 1858.771927][  T912] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1858.780003][  T912] RBP: 00007fe1f9d19090 R08: 0000000000000000 R09: 0000000000000000
[ 1858.788067][  T912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1858.796219][  T912] R13: 00007fe1f9016038 R14: 00007fe1f9015fa0 R15: 00007ffeb6b74d98
[ 1858.804306][  T912]  </TASK>
[ 1859.039635][  T912] netlink: 'syz.1.8527': attribute type 8 has an invalid length.
[ 1859.062382][  T912] __nla_validate_parse: 7 callbacks suppressed
[ 1859.062402][  T912] netlink: 156 bytes leftover after parsing attributes in process `syz.1.8527'.
[ 1859.080530][  T906] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1859.169176][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1859.180313][  T918] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.8528'.
[ 1859.312873][  T927] FAULT_INJECTION: forcing a failure.
[ 1859.312873][  T927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1859.351064][  T927] CPU: 1 PID: 927 Comm: syz.0.8530 Not tainted syzkaller #0
[ 1859.358426][  T927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1859.369134][  T927] Call Trace:
[ 1859.372445][  T927]  <TASK>
[ 1859.375409][  T927]  dump_stack_lvl+0x18c/0x250
[ 1859.380316][  T927]  ? show_regs_print_info+0x20/0x20
[ 1859.385588][  T927]  ? load_image+0x400/0x400
[ 1859.390315][  T927]  ? __lock_acquire+0x7d40/0x7d40
[ 1859.395473][  T927]  ? snprintf+0xe9/0x140
[ 1859.399769][  T927]  should_fail_ex+0x39d/0x4d0
[ 1859.404922][  T927]  _copy_to_user+0x2f/0xa0
[ 1859.409464][  T927]  simple_read_from_buffer+0xe7/0x150
[ 1859.414892][  T927]  proc_fail_nth_read+0x1e8/0x260
[ 1859.419961][  T927]  ? proc_fault_inject_write+0x360/0x360
[ 1859.425645][  T927]  ? fsnotify_perm+0x271/0x5e0
[ 1859.430455][  T927]  ? proc_fault_inject_write+0x360/0x360
[ 1859.436138][  T927]  vfs_read+0x28b/0x970
[ 1859.440342][  T927]  ? kernel_read+0x1e0/0x1e0
[ 1859.444968][  T927]  ? __fget_files+0x28/0x4b0
[ 1859.449592][  T927]  ? __fget_files+0x28/0x4b0
[ 1859.454224][  T927]  ? __fget_files+0x43d/0x4b0
[ 1859.458940][  T927]  ? __fdget_pos+0x2a3/0x330
[ 1859.463764][  T927]  ? ksys_read+0x75/0x260
[ 1859.468097][  T927]  ksys_read+0x150/0x260
[ 1859.472341][  T927]  ? vfs_write+0x990/0x990
[ 1859.476792][  T927]  ? lockdep_hardirqs_on+0x98/0x150
[ 1859.482144][  T927]  do_syscall_64+0x55/0xa0
[ 1859.486584][  T927]  ? clear_bhb_loop+0x40/0x90
[ 1859.491269][  T927]  ? clear_bhb_loop+0x40/0x90
[ 1859.496316][  T927]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1859.502234][  T927] RIP: 0033:0x7ff9c955cfce
[ 1859.506763][  T927] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1859.526602][  T927] RSP: 002b:00007ff9ca3bbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1859.535052][  T927] RAX: ffffffffffffffda RBX: 00007ff9ca3bc6c0 RCX: 00007ff9c955cfce
[ 1859.543296][  T927] RDX: 000000000000000f RSI: 00007ff9ca3bc0a0 RDI: 0000000000000004
[ 1859.551533][  T927] RBP: 00007ff9ca3bc090 R08: 0000000000000000 R09: 0000000000000000
[ 1859.559788][  T927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1859.568111][  T927] R13: 00007ff9c9816038 R14: 00007ff9c9815fa0 R15: 00007fff411c4878
[ 1859.576092][  T927]  </TASK>
[ 1859.847651][  T946] syzkaller0: entered allmulticast mode
[ 1860.121480][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1860.460810][ T5923] wlan1: Creating new IBSS network, BSSID c6:2b:c1:2c:11:2b
[ 1860.944735][  T969] netlink: 'syz.0.8540': attribute type 10 has an invalid length.
[ 1860.960419][  T969] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1860.983424][  T969] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1860.990881][  T969] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1860.993321][  T971] FAULT_INJECTION: forcing a failure.
[ 1860.993321][  T971] name failslab, interval 1, probability 0, space 0, times 0
[ 1861.029407][  T971] CPU: 0 PID: 971 Comm: syz.2.8544 Not tainted syzkaller #0
[ 1861.036874][  T971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1861.047237][  T971] Call Trace:
[ 1861.050544][  T971]  <TASK>
[ 1861.053596][  T971]  dump_stack_lvl+0x18c/0x250
[ 1861.058332][  T971]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1861.064604][  T971]  ? show_regs_print_info+0x20/0x20
[ 1861.069834][  T971]  ? load_image+0x400/0x400
[ 1861.074367][  T971]  should_fail_ex+0x39d/0x4d0
[ 1861.079069][  T971]  should_failslab+0x9/0x20
[ 1861.084021][  T971]  slab_pre_alloc_hook+0x59/0x310
[ 1861.089067][  T971]  ? sctp_association_new+0x89/0x25c0
[ 1861.094626][  T971]  __kmem_cache_alloc_node+0x53/0x250
[ 1861.100030][  T971]  ? sctp_association_new+0x89/0x25c0
[ 1861.105586][  T971]  kmalloc_trace+0x2a/0xe0
[ 1861.110032][  T971]  sctp_association_new+0x89/0x25c0
[ 1861.115243][  T971]  ? sctp_v4_scope+0xca/0x180
[ 1861.119933][  T971]  ? sctp_v4_scope+0xca/0x180
[ 1861.124626][  T971]  sctp_connect_new_asoc+0x2de/0x6a0
[ 1861.130029][  T971]  ? __sctp_connect+0xd80/0xd80
[ 1861.134887][  T971]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1861.140539][  T971]  ? __sanitizer_cov_trace_pc+0x8/0x60
[ 1861.146452][  T971]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1861.152037][  T971]  ? security_sctp_bind_connect+0x89/0xb0
[ 1861.157967][  T971]  sctp_sendmsg+0x1575/0x28c0
[ 1861.162690][  T971]  ? sctp_getsockopt+0xb60/0xb60
[ 1861.167772][  T971]  ? aa_sk_perm+0x83c/0x970
[ 1861.172495][  T971]  ? aa_af_perm+0x330/0x330
[ 1861.177037][  T971]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[ 1861.183557][  T971]  ? sock_rps_record_flow+0x19/0x3f0
[ 1861.188863][  T971]  ? inet_sendmsg+0xe9/0x2f0
[ 1861.193585][  T971]  ? inet_send_prepare+0x260/0x260
[ 1861.198753][  T971]  ____sys_sendmsg+0x5ba/0x960
[ 1861.203535][  T971]  ? __asan_memset+0x22/0x40
[ 1861.208146][  T971]  ? __sys_sendmsg_sock+0x30/0x30
[ 1861.213178][  T971]  ? __import_iovec+0x5f2/0x850
[ 1861.218135][  T971]  ? import_iovec+0x73/0xa0
[ 1861.222744][  T971]  ___sys_sendmsg+0x2a6/0x360
[ 1861.227435][  T971]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1861.232503][  T971]  ? irqentry_enter+0x37/0x50
[ 1861.237250][  T971]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1861.242142][  T971]  ? __x64_sys_sendmsg+0x80/0x80
[ 1861.247199][  T971]  ? syscall_enter_from_user_mode+0x2e/0x80
[ 1861.253397][  T971]  do_syscall_64+0x55/0xa0
[ 1861.257851][  T971]  ? clear_bhb_loop+0x40/0x90
[ 1861.262572][  T971]  ? clear_bhb_loop+0x40/0x90
[ 1861.267278][  T971]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1861.273211][  T971] RIP: 0033:0x7f4d5b99c799
[ 1861.277654][  T971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1861.297387][  T971] RSP: 002b:00007f4d5c7a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1861.305830][  T971] RAX: ffffffffffffffda RBX: 00007f4d5bc15fa0 RCX: 00007f4d5b99c799
[ 1861.313902][  T971] RDX: 000000000000c000 RSI: 00002000000006c0 RDI: 0000000000000004
[ 1861.321884][  T971] RBP: 00007f4d5c7a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1861.329955][  T971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1861.337935][  T971] R13: 00007f4d5bc16038 R14: 00007f4d5bc15fa0 R15: 00007ffc3d39c098
[ 1861.346035][  T971]  </TASK>
[ 1861.371916][  T969] .`: (slave bridge0): Enslaving as an active interface with an up link
[ 1861.474308][  T973] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8545'.
[ 1861.571621][  T973] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1862.211108][  T995] syzkaller0: entered allmulticast mode
[ 1863.733975][ T1026] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.8559'.
[ 1863.811339][ T1026] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1863.988241][ T1039] syzkaller0: entered allmulticast mode
[ 1864.120446][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1864.129198][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1864.135998][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1864.454872][ T1048] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8566'.
[ 1864.733480][ T1048] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1865.149202][T30045] wlan1: Creating new IBSS network, BSSID da:e4:49:79:e5:40
[ 1865.515491][ T1068] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8572'.
[ 1865.646962][ T1068] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1866.159944][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1867.110424][ T1099] netlink: 14975 bytes leftover after parsing attributes in process `syz.2.8582'.
[ 1867.259126][ T1099] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1867.496985][ T1112] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.8588'.
[ 1867.652895][ T1112] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1868.118824][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1868.361599][ T1140] netlink: 'syz.3.8595': attribute type 10 has an invalid length.
[ 1868.409570][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1868.446888][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1868.454249][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1868.484746][ T1140] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1868.504864][ T1133] netlink: 'syz.2.8593': attribute type 10 has an invalid length.
[ 1868.601625][ T1133] netlink: 128 bytes leftover after parsing attributes in process `syz.2.8593'.
[ 1868.752623][ T1139] netlink: 'syz.1.8597': attribute type 10 has an invalid length.
[ 1868.867702][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1868.936403][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1869.155637][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1869.465000][ T1145] syzkaller0: entered promiscuous mode
[ 1869.480825][ T1145] syzkaller0: entered allmulticast mode
[ 1869.512017][ T1131] syzkaller0: tun_net_xmit 48
[ 1869.844731][ T1161] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8601'.
[ 1870.126874][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1870.503549][ T1164] FAULT_INJECTION: forcing a failure.
[ 1870.503549][ T1164] name failslab, interval 1, probability 0, space 0, times 0
[ 1870.668535][ T1164] CPU: 1 PID: 1164 Comm: syz.3.8602 Not tainted syzkaller #0
[ 1870.676009][ T1164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1870.686115][ T1164] Call Trace:
[ 1870.689561][ T1164]  <TASK>
[ 1870.692526][ T1164]  dump_stack_lvl+0x18c/0x250
[ 1870.697259][ T1164]  ? show_regs_print_info+0x20/0x20
[ 1870.702517][ T1164]  ? load_image+0x400/0x400
[ 1870.707082][ T1164]  ? __might_sleep+0xe0/0xe0
[ 1870.711725][ T1164]  ? __lock_acquire+0x7d40/0x7d40
[ 1870.716807][ T1164]  should_fail_ex+0x39d/0x4d0
[ 1870.721720][ T1164]  should_failslab+0x9/0x20
[ 1870.726267][ T1164]  slab_pre_alloc_hook+0x59/0x310
[ 1870.731484][ T1164]  ? xskq_create+0x56/0x170
[ 1870.736050][ T1164]  __kmem_cache_alloc_node+0x53/0x250
[ 1870.741469][ T1164]  ? __might_fault+0xaa/0x120
[ 1870.746195][ T1164]  ? xskq_create+0x56/0x170
[ 1870.750751][ T1164]  kmalloc_trace+0x2a/0xe0
[ 1870.755305][ T1164]  xskq_create+0x56/0x170
[ 1870.759697][ T1164]  xsk_init_queue+0xad/0x100
[ 1870.764434][ T1164]  xsk_setsockopt+0x4e5/0x760
[ 1870.769157][ T1164]  ? xsk_poll+0x680/0x680
[ 1870.773521][ T1164]  ? __fget_files+0x28/0x4b0
[ 1870.778146][ T1164]  ? __fget_files+0x28/0x4b0
[ 1870.782748][ T1164]  ? aa_sock_opt_perm+0x74/0x100
[ 1870.787713][ T1164]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[ 1870.793271][ T1164]  ? security_socket_setsockopt+0x7e/0xa0
[ 1870.799094][ T1164]  ? xsk_poll+0x680/0x680
[ 1870.803443][ T1164]  do_sock_setsockopt+0x175/0x1a0
[ 1870.808478][ T1164]  ? __fdget+0x180/0x210
[ 1870.812827][ T1164]  __x64_sys_setsockopt+0x182/0x200
[ 1870.818064][ T1164]  do_syscall_64+0x55/0xa0
[ 1870.822502][ T1164]  ? clear_bhb_loop+0x40/0x90
[ 1870.827191][ T1164]  ? clear_bhb_loop+0x40/0x90
[ 1870.831882][ T1164]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1870.837786][ T1164] RIP: 0033:0x7f5f7899c799
[ 1870.842217][ T1164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1870.862067][ T1164] RSP: 002b:00007f5f798e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1870.870507][ T1164] RAX: ffffffffffffffda RBX: 00007f5f78c16090 RCX: 00007f5f7899c799
[ 1870.878497][ T1164] RDX: 0000000000000003 RSI: 000000000000011b RDI: 0000000000000007
[ 1870.886477][ T1164] RBP: 00007f5f798e0090 R08: 0000000000000004 R09: 0000000000000000
[ 1870.894465][ T1164] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[ 1870.902620][ T1164] R13: 00007f5f78c16128 R14: 00007f5f78c16090 R15: 00007ffcb181fcf8
[ 1870.910619][ T1164]  </TASK>
[ 1871.174704][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1872.130590][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1873.072726][T30045] wlan1: Creating new IBSS network, BSSID d2:a4:05:15:05:e0
[ 1873.172811][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1873.353618][ T1161] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1873.517007][ T1169] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8603'.
[ 1874.118877][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1874.775556][ T1194] netlink: 'syz.3.8612': attribute type 10 has an invalid length.
[ 1874.853399][ T1194] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1875.338289][ T1131] wlan1: Creating new IBSS network, BSSID 9a:57:47:c6:9a:68
[ 1875.399411][ T1195] netlink: 180 bytes leftover after parsing attributes in process `syz.0.8611'.
[ 1875.411279][ T1197] mac80211_hwsim hwsim41 wlan0: entered promiscuous mode
[ 1875.428599][ T1197] mac80211_hwsim hwsim41 wlan0: entered allmulticast mode
[ 1875.448278][ T1187] netlink: 'syz.1.8609': attribute type 10 has an invalid length.
[ 1875.469192][ T1187] netlink: 128 bytes leftover after parsing attributes in process `syz.1.8609'.
[ 1876.124945][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1876.290053][ T1219] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.8618'.
[ 1876.531827][ T1226] netlink: 'syz.1.8618': attribute type 41 has an invalid length.
[ 1876.871381][ T1242] netlink: 'syz.2.8622': attribute type 10 has an invalid length.
[ 1877.698059][T22182] wlan1: Creating new IBSS network, BSSID 06:8b:17:6e:81:9a
[ 1877.707006][ T1240] netlink: 'syz.0.8625': attribute type 10 has an invalid length.
[ 1877.735154][ T1240] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1877.778795][ T1246] netlink: 180 bytes leftover after parsing attributes in process `syz.1.8626'.
[ 1877.797509][ T1247] mac80211_hwsim hwsim49 wlan0: entered promiscuous mode
[ 1877.811430][ T1247] mac80211_hwsim hwsim49 wlan0: entered allmulticast mode
[ 1878.407292][ T1264] netlink: 'syz.1.8635': attribute type 25 has an invalid length.
[ 1878.443987][ T1264] netlink: 'syz.1.8635': attribute type 9 has an invalid length.
[ 1878.519769][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1879.139965][ T1267] netlink: 'syz.3.8627': attribute type 10 has an invalid length.
[ 1879.184375][ T1267] netlink: 128 bytes leftover after parsing attributes in process `syz.3.8627'.
[ 1880.714097][ T1295] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8637'.
[ 1881.018123][ T1295] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1881.035437][ T1302] netlink: 180 bytes leftover after parsing attributes in process `syz.2.8636'.
[ 1881.631552][ T1314] netlink: 'syz.2.8639': attribute type 10 has an invalid length.
[ 1881.786515][ T1307] netlink: 'syz.0.8648': attribute type 10 has an invalid length.
[ 1881.936344][ T1318] netlink: 'syz.1.8643': attribute type 2 has an invalid length.
[ 1881.948589][ T1318] netlink: 'syz.1.8643': attribute type 8 has an invalid length.
[ 1881.956504][ T1318] netlink: 132 bytes leftover after parsing attributes in process `syz.1.8643'.
[ 1882.059295][ T1322] FAULT_INJECTION: forcing a failure.
[ 1882.059295][ T1322] name failslab, interval 1, probability 0, space 0, times 0
[ 1882.082461][ T1322] CPU: 1 PID: 1322 Comm: syz.1.8646 Not tainted syzkaller #0
[ 1882.089926][ T1322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1882.100015][ T1322] Call Trace:
[ 1882.103390][ T1322]  <TASK>
[ 1882.106353][ T1322]  dump_stack_lvl+0x18c/0x250
[ 1882.111054][ T1322]  ? show_regs_print_info+0x20/0x20
[ 1882.116320][ T1322]  ? load_image+0x400/0x400
[ 1882.120839][ T1322]  ? __might_sleep+0xe0/0xe0
[ 1882.125439][ T1322]  ? __lock_acquire+0x7d40/0x7d40
[ 1882.130511][ T1322]  should_fail_ex+0x39d/0x4d0
[ 1882.131862][T30391] wlan1: Creating new IBSS network, BSSID 7a:88:a5:91:87:7f
[ 1882.135397][ T1322]  should_failslab+0x9/0x20
[ 1882.147224][ T1322]  slab_pre_alloc_hook+0x59/0x310
[ 1882.152272][ T1322]  kmem_cache_alloc+0x5a/0x2d0
[ 1882.157049][ T1322]  ? security_inode_alloc+0x34/0x110
[ 1882.162354][ T1322]  security_inode_alloc+0x34/0x110
[ 1882.167569][ T1322]  inode_init_always+0x8fc/0xc90
[ 1882.172524][ T1322]  new_inode_pseudo+0x95/0x1d0
[ 1882.177297][ T1322]  __sock_create+0x12d/0x940
[ 1882.182002][ T1322]  mptcp_subflow_create_socket+0x10b/0xac0
[ 1882.187854][ T1322]  ? mark_lock+0x94/0x320
[ 1882.192432][ T1322]  ? __mptcp_subflow_connect+0x1450/0x1450
[ 1882.198634][ T1322]  ? lock_chain_count+0x20/0x20
[ 1882.203518][ T1322]  __mptcp_nmpc_sk+0x157/0x740
[ 1882.208585][ T1322]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1882.214015][ T1322]  ? __bpf_trace_subflow_check_data_avail+0x160/0x160
[ 1882.220843][ T1322]  mptcp_setsockopt+0xfef/0x3390
[ 1882.225809][ T1322]  ? __fget_files+0x28/0x4b0
[ 1882.230446][ T1322]  ? pm_nl_exit_net+0x230/0x230
[ 1882.235443][ T1322]  ? aa_af_perm+0x330/0x330
[ 1882.239999][ T1322]  ? __fget_files+0x28/0x4b0
[ 1882.244789][ T1322]  ? __fget_files+0x28/0x4b0
[ 1882.249413][ T1322]  ? aa_sock_opt_perm+0x74/0x100
[ 1882.254381][ T1322]  ? sock_common_setsockopt+0x36/0xc0
[ 1882.259783][ T1322]  ? sock_common_recvmsg+0x190/0x190
[ 1882.265106][ T1322]  do_sock_setsockopt+0x175/0x1a0
[ 1882.270154][ T1322]  ? __fdget+0x180/0x210
[ 1882.274431][ T1322]  __x64_sys_setsockopt+0x182/0x200
[ 1882.279974][ T1322]  do_syscall_64+0x55/0xa0
[ 1882.284456][ T1322]  ? clear_bhb_loop+0x40/0x90
[ 1882.289273][ T1322]  ? clear_bhb_loop+0x40/0x90
[ 1882.294081][ T1322]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1882.300011][ T1322] RIP: 0033:0x7fe1f8d9c799
[ 1882.304450][ T1322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1882.324339][ T1322] RSP: 002b:00007fe1f9d19028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1882.332875][ T1322] RAX: ffffffffffffffda RBX: 00007fe1f9015fa0 RCX: 00007fe1f8d9c799
[ 1882.340865][ T1322] RDX: 0000000000000021 RSI: 0000000000000006 RDI: 0000000000000004
[ 1882.348878][ T1322] RBP: 00007fe1f9d19090 R08: 0000000000000000 R09: 0000000000000000
[ 1882.356999][ T1322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1882.365011][ T1322] R13: 00007fe1f9016038 R14: 00007fe1f9015fa0 R15: 00007ffeb6b74d98
[ 1882.373127][ T1322]  </TASK>
[ 1882.380812][ T1322] socket: no more sockets
[ 1882.567073][ T1329] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8651'.
[ 1882.724971][ T1329] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1882.757030][ T1330] netlink: 180 bytes leftover after parsing attributes in process `syz.3.8650'.
[ 1882.842713][ T1334] mac80211_hwsim hwsim47 wlan0: entered promiscuous mode
[ 1882.884038][ T1334] mac80211_hwsim hwsim47 wlan0: entered allmulticast mode
[ 1882.897689][ T1338] netlink: 'syz.0.8649': attribute type 10 has an invalid length.
[ 1882.912083][ T1338] netlink: 128 bytes leftover after parsing attributes in process `syz.0.8649'.
[ 1882.935448][ T1337] netlink: 164 bytes leftover after parsing attributes in process `syz.1.8652'.
[ 1883.168593][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1883.521369][ T1354] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8659'.
[ 1883.540606][ T1354] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8659'.
[ 1883.551381][ T1354] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8659'.
[ 1883.846205][ T1359] netlink: 'syz.2.8658': attribute type 9 has an invalid length.
[ 1883.955203][ T1351] netlink: 'syz.1.8655': attribute type 10 has an invalid length.
[ 1883.966773][ T1358] netlink: 'syz.2.8658': attribute type 9 has an invalid length.
[ 1884.302345][ T1373] FAULT_INJECTION: forcing a failure.
[ 1884.302345][ T1373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1884.327648][ T1373] CPU: 1 PID: 1373 Comm: syz.3.8662 Not tainted syzkaller #0
[ 1884.335087][ T1373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1884.345265][ T1373] Call Trace:
[ 1884.348583][ T1373]  <TASK>
[ 1884.351567][ T1373]  dump_stack_lvl+0x18c/0x250
[ 1884.356295][ T1373]  ? show_regs_print_info+0x20/0x20
[ 1884.361532][ T1373]  ? load_image+0x400/0x400
[ 1884.366068][ T1373]  ? __lock_acquire+0x7d40/0x7d40
[ 1884.371129][ T1373]  ? __virt_addr_valid+0x18c/0x540
[ 1884.376383][ T1373]  should_fail_ex+0x39d/0x4d0
[ 1884.381101][ T1373]  _copy_from_user+0x2f/0xe0
[ 1884.385727][ T1373]  bpf_test_init+0xde/0x140
[ 1884.390267][ T1373]  bpf_prog_test_run_xdp+0x4d1/0x10e0
[ 1884.395687][ T1373]  ? dev_put+0x80/0x80
[ 1884.399802][ T1373]  ? dev_put+0x80/0x80
[ 1884.403984][ T1373]  bpf_prog_test_run+0x321/0x390
[ 1884.409049][ T1373]  __sys_bpf+0x49d/0x890
[ 1884.413359][ T1373]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1884.418826][ T1373]  ? lock_chain_count+0x20/0x20
[ 1884.423959][ T1373]  __x64_sys_bpf+0x7c/0x90
[ 1884.428472][ T1373]  do_syscall_64+0x55/0xa0
[ 1884.432920][ T1373]  ? clear_bhb_loop+0x40/0x90
[ 1884.437597][ T1373]  ? clear_bhb_loop+0x40/0x90
[ 1884.442337][ T1373]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1884.448315][ T1373] RIP: 0033:0x7f5f7899c799
[ 1884.452726][ T1373] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1884.472356][ T1373] RSP: 002b:00007f5f79901028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1884.480780][ T1373] RAX: ffffffffffffffda RBX: 00007f5f78c15fa0 RCX: 00007f5f7899c799
[ 1884.488783][ T1373] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[ 1884.496784][ T1373] RBP: 00007f5f79901090 R08: 0000000000000000 R09: 0000000000000000
[ 1884.504767][ T1373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1884.512766][ T1373] R13: 00007f5f78c16038 R14: 00007f5f78c15fa0 R15: 00007ffcb181fcf8
[ 1884.520833][ T1373]  </TASK>
[ 1884.528069][ T1369] sit0: entered promiscuous mode
[ 1884.546817][ T1369] sit0: entered allmulticast mode
[ 1885.167003][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1885.348773][ T1386] netlink: 'syz.2.8668': attribute type 3 has an invalid length.
[ 1885.561100][ T1393] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1886.398254][ T1407] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1886.885554][ T1414] netlink: 'syz.3.8677': attribute type 10 has an invalid length.
[ 1886.931117][ T1415] netlink: 'syz.3.8677': attribute type 9 has an invalid length.
[ 1886.948504][ T1415] __nla_validate_parse: 5 callbacks suppressed
[ 1886.948534][ T1415] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.8677'.
[ 1887.795443][ T1419] netlink: 'syz.3.8677': attribute type 9 has an invalid length.
[ 1887.803743][ T1419] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.8677'.
[ 1887.964513][ T1423] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.8680'.
[ 1887.999946][ T1432] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8683'.
[ 1888.150408][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1888.461846][ T1437] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.8685'.
[ 1888.924745][ T1454] netlink: 'syz.2.8691': attribute type 21 has an invalid length.
[ 1888.939053][ T1454] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.8691'.
[ 1889.150973][ T1460] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8694'.
[ 1889.306553][ T1464] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8695'.
[ 1889.361175][ T1460] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1889.425658][ T1464] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1889.552748][ T1466] netlink: 'syz.3.8696': attribute type 10 has an invalid length.
[ 1890.904642][ T1488] FAULT_INJECTION: forcing a failure.
[ 1890.904642][ T1488] name failslab, interval 1, probability 0, space 0, times 0
[ 1890.918823][ T1491] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.8706'.
[ 1890.964548][ T1488] CPU: 0 PID: 1488 Comm: syz.3.8707 Not tainted syzkaller #0
[ 1890.972083][ T1488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1890.982180][ T1488] Call Trace:
[ 1890.985494][ T1488]  <TASK>
[ 1890.988548][ T1488]  dump_stack_lvl+0x18c/0x250
[ 1890.993316][ T1488]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1890.999508][ T1488]  ? show_regs_print_info+0x20/0x20
[ 1891.004820][ T1488]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1891.011005][ T1488]  should_fail_ex+0x39d/0x4d0
[ 1891.015703][ T1488]  should_failslab+0x9/0x20
[ 1891.020222][ T1488]  slab_pre_alloc_hook+0x59/0x310
[ 1891.025273][ T1488]  ? lockdep_hardirqs_on+0x98/0x150
[ 1891.030485][ T1488]  kmem_cache_alloc+0x5a/0x2d0
[ 1891.035329][ T1488]  ? skb_clone+0x1eb/0x370
[ 1891.039800][ T1488]  skb_clone+0x1eb/0x370
[ 1891.044054][ T1488]  __netlink_deliver_tap+0x41c/0x830
[ 1891.049543][ T1488]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1891.054756][ T1488]  netlink_deliver_tap+0x19c/0x1b0
[ 1891.059883][ T1488]  netlink_unicast+0x72c/0x8d0
[ 1891.064676][ T1488]  netlink_sendmsg+0x8d0/0xbf0
[ 1891.069461][ T1488]  ? lockdep_hardirqs_on+0x98/0x150
[ 1891.074680][ T1488]  ? netlink_getsockopt+0x590/0x590
[ 1891.079897][ T1488]  ? security_socket_sendmsg+0x45/0xa0
[ 1891.085377][ T1488]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1891.090763][ T1488]  ? security_socket_sendmsg+0x80/0xa0
[ 1891.096231][ T1488]  ? netlink_getsockopt+0x590/0x590
[ 1891.101453][ T1488]  ____sys_sendmsg+0x5ba/0x960
[ 1891.106234][ T1488]  ? __asan_memset+0x22/0x40
[ 1891.110846][ T1488]  ? __sys_sendmsg_sock+0x30/0x30
[ 1891.115964][ T1488]  ? __import_iovec+0x5f2/0x850
[ 1891.120836][ T1488]  ? import_iovec+0x73/0xa0
[ 1891.125350][ T1488]  ___sys_sendmsg+0x2a6/0x360
[ 1891.130158][ T1488]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1891.134952][ T1488]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[ 1891.141402][ T1488]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1891.146274][ T1488]  ? __x64_sys_sendmsg+0x80/0x80
[ 1891.151238][ T1488]  ? lockdep_hardirqs_on+0x98/0x150
[ 1891.156457][ T1488]  do_syscall_64+0x55/0xa0
[ 1891.160891][ T1488]  ? clear_bhb_loop+0x40/0x90
[ 1891.165582][ T1488]  ? clear_bhb_loop+0x40/0x90
[ 1891.170325][ T1488]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1891.176319][ T1488] RIP: 0033:0x7f5f7899c799
[ 1891.180919][ T1488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1891.200625][ T1488] RSP: 002b:00007f5f79901028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1891.209141][ T1488] RAX: ffffffffffffffda RBX: 00007f5f78c15fa0 RCX: 00007f5f7899c799
[ 1891.217386][ T1488] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000009
[ 1891.225365][ T1488] RBP: 00007f5f79901090 R08: 0000000000000000 R09: 0000000000000000
[ 1891.233357][ T1488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1891.241338][ T1488] R13: 00007f5f78c16038 R14: 00007f5f78c15fa0 R15: 00007ffcb181fcf8
[ 1891.249509][ T1488]  </TASK>
[ 1891.279093][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1891.321860][ T1488] netlink: 'syz.3.8707': attribute type 10 has an invalid length.
[ 1891.715003][ T1488] hsr0: left allmulticast mode
[ 1891.721313][ T1488] hsr_slave_0: left allmulticast mode
[ 1891.729281][ T1488] hsr_slave_1: left allmulticast mode
[ 1891.739873][ T1488] hsr0: left promiscuous mode
[ 1891.745051][ T1488] nr0: port 1(hsr0) entered disabled state
[ 1891.762220][ T1488] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1891.940572][ T1505] nr0: port 1(hsr0) entered blocking state
[ 1891.957890][ T1505] nr0: port 1(hsr0) entered disabled state
[ 1891.969568][ T1505] hsr0: entered allmulticast mode
[ 1891.982571][ T1505] hsr_slave_0: entered allmulticast mode
[ 1892.008802][ T1505] hsr_slave_1: entered allmulticast mode
[ 1892.037092][ T1505] hsr0: entered promiscuous mode
[ 1892.138572][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1892.138613][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1893.014131][ T1528] netlink: 60 bytes leftover after parsing attributes in process `syz.2.8718'.
[ 1893.202966][ T1528] netlink: 60 bytes leftover after parsing attributes in process `syz.2.8718'.
[ 1893.219032][ T1530] netlink: 60 bytes leftover after parsing attributes in process `syz.2.8718'.
[ 1895.168636][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1895.512426][ T1538] netlink: 'syz.1.8722': attribute type 10 has an invalid length.
[ 1895.520564][ T1538] netlink: 65015 bytes leftover after parsing attributes in process `syz.1.8722'.
[ 1895.723991][ T1552] FAULT_INJECTION: forcing a failure.
[ 1895.723991][ T1552] name failslab, interval 1, probability 0, space 0, times 0
[ 1895.746133][ T1548] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8725'.
[ 1895.747141][ T1552] CPU: 0 PID: 1552 Comm: syz.0.8726 Not tainted syzkaller #0
[ 1895.763180][ T1552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1895.773283][ T1552] Call Trace:
[ 1895.776600][ T1552]  <TASK>
[ 1895.779667][ T1552]  dump_stack_lvl+0x18c/0x250
[ 1895.784497][ T1552]  ? show_regs_print_info+0x20/0x20
[ 1895.789743][ T1552]  ? load_image+0x400/0x400
[ 1895.794378][ T1552]  ? __might_sleep+0xe0/0xe0
[ 1895.799098][ T1552]  ? __lock_acquire+0x7d40/0x7d40
[ 1895.804191][ T1552]  should_fail_ex+0x39d/0x4d0
[ 1895.808927][ T1552]  should_failslab+0x9/0x20
[ 1895.813564][ T1552]  slab_pre_alloc_hook+0x59/0x310
[ 1895.818639][ T1552]  ? __request_module+0x2ed/0x600
[ 1895.823701][ T1552]  ? __request_module+0x2ed/0x600
[ 1895.828759][ T1552]  __kmem_cache_alloc_node+0x53/0x250
[ 1895.834184][ T1552]  ? __request_module+0x2ed/0x600
[ 1895.839336][ T1552]  __kmalloc_node_track_caller+0xa2/0x230
[ 1895.845109][ T1552]  kstrdup+0x3b/0x80
[ 1895.849029][ T1552]  __request_module+0x2ed/0x600
[ 1895.853898][ T1552]  ? module_enforce_rwx_sections+0x150/0x150
[ 1895.860067][ T1552]  ? dev_load+0x21/0x1f0
[ 1895.864331][ T1552]  ? bpf_lsm_capable+0x9/0x10
[ 1895.869135][ T1552]  ? dev_load+0x21/0x1f0
[ 1895.873476][ T1552]  dev_load+0x18b/0x1f0
[ 1895.877647][ T1552]  dev_ioctl+0x79f/0x1140
[ 1895.881997][ T1552]  sock_do_ioctl+0x239/0x310
[ 1895.886603][ T1552]  ? sock_show_fdinfo+0xb0/0xb0
[ 1895.891489][ T1552]  sock_ioctl+0x5ba/0x7e0
[ 1895.896013][ T1552]  ? sock_poll+0x3e0/0x3e0
[ 1895.900453][ T1552]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1895.905406][ T1552]  ? security_file_ioctl+0x80/0xa0
[ 1895.910709][ T1552]  ? sock_poll+0x3e0/0x3e0
[ 1895.915222][ T1552]  __se_sys_ioctl+0xfd/0x170
[ 1895.920012][ T1552]  do_syscall_64+0x55/0xa0
[ 1895.924447][ T1552]  ? clear_bhb_loop+0x40/0x90
[ 1895.929151][ T1552]  ? clear_bhb_loop+0x40/0x90
[ 1895.933842][ T1552]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1895.939747][ T1552] RIP: 0033:0x7ff9c959c799
[ 1895.944186][ T1552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1895.963893][ T1552] RSP: 002b:00007ff9ca3bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1895.972502][ T1552] RAX: ffffffffffffffda RBX: 00007ff9c9815fa0 RCX: 00007ff9c959c799
[ 1895.980499][ T1552] RDX: 0000200000000080 RSI: 0000000000008993 RDI: 0000000000000004
[ 1895.988494][ T1552] RBP: 00007ff9ca3bc090 R08: 0000000000000000 R09: 0000000000000000
[ 1895.996473][ T1552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1896.004722][ T1552] R13: 00007ff9c9816038 R14: 00007ff9c9815fa0 R15: 00007fff411c4878
[ 1896.012891][ T1552]  </TASK>
[ 1896.040829][ T1548] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1896.528759][ T1560] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8729'.
[ 1896.538107][ T1560] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8729'.
[ 1896.551526][ T1560] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8729'.
[ 1896.566544][ T1561] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.8728'.
[ 1897.167396][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1897.653985][ T1584] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8745'.
[ 1898.070073][ T1591] __nla_validate_parse: 1 callbacks suppressed
[ 1898.070111][ T1591] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8739'.
[ 1898.090648][ T1594] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1898.169806][ T1597] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8741'.
[ 1898.179761][ T1599] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8741'.
[ 1899.168755][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1899.175462][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1900.769202][ T1614] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8746'.
[ 1901.383533][ T1630] netlink: 'syz.1.8752': attribute type 10 has an invalid length.
[ 1901.474064][ T1636] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8754'.
[ 1901.710975][ T1636] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1902.126315][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1902.138710][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1903.018963][ T1662] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.8763'.
[ 1903.076146][ T1667] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8764'.
[ 1903.113144][ T1662] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1903.149517][ T1668] netlink: 'syz.3.8765': attribute type 21 has an invalid length.
[ 1903.177878][ T1668] netlink: 156 bytes leftover after parsing attributes in process `syz.3.8765'.
[ 1903.238328][ T1667] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1903.331984][ T1131] wlan1: Creating new IBSS network, BSSID 72:1d:b5:0c:12:84
[ 1903.404801][ T1678] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8768'.
[ 1903.779882][ T1681] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1903.821103][ T1684] netlink: 'syz.1.8770': attribute type 10 has an invalid length.
[ 1903.966427][ T1675] netlink: 'syz.0.8767': attribute type 10 has an invalid length.
[ 1904.119413][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1905.195668][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1906.129657][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1906.136560][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1907.296455][ T1709] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.8776'.
[ 1907.303350][ T1711] netlink: 'syz.0.8778': attribute type 10 has an invalid length.
[ 1907.322805][ T1711] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1907.333278][ T1711] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1907.345431][ T1711] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1907.355183][ T1711] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1907.367591][ T1716] netlink: 'syz.0.8778': attribute type 9 has an invalid length.
[ 1907.398575][ T1716] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.8778'.
[ 1907.738715][ T1714] netlink: 'syz.0.8778': attribute type 9 has an invalid length.
[ 1907.746551][ T1714] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.8778'.
[ 1907.923269][ T1730] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8781'.
[ 1907.963288][ T1729] netlink: 'syz.2.8782': attribute type 10 has an invalid length.
[ 1908.177293][ T1730] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1908.312764][ T1736] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.8792'.
[ 1908.406631][ T1740] Ù: renamed from bond_slave_1 (while UP)
[ 1909.174646][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1909.183773][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1909.191101][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1909.541897][ T1765] FAULT_INJECTION: forcing a failure.
[ 1909.541897][ T1765] name failslab, interval 1, probability 0, space 0, times 0
[ 1909.560229][ T1765] CPU: 1 PID: 1765 Comm: syz.2.8790 Not tainted syzkaller #0
[ 1909.567770][ T1765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1909.577879][ T1765] Call Trace:
[ 1909.581209][ T1765]  <TASK>
[ 1909.584178][ T1765]  dump_stack_lvl+0x18c/0x250
[ 1909.588901][ T1765]  ? show_regs_print_info+0x20/0x20
[ 1909.594304][ T1765]  ? load_image+0x400/0x400
[ 1909.598827][ T1765]  ? __might_sleep+0xe0/0xe0
[ 1909.603457][ T1765]  ? __lock_acquire+0x7d40/0x7d40
[ 1909.608507][ T1765]  should_fail_ex+0x39d/0x4d0
[ 1909.613198][ T1765]  should_failslab+0x9/0x20
[ 1909.617706][ T1765]  slab_pre_alloc_hook+0x59/0x310
[ 1909.622823][ T1765]  ? br_netlink_fini+0x30/0x30
[ 1909.627595][ T1765]  kmem_cache_alloc_node+0x60/0x320
[ 1909.632801][ T1765]  ? __alloc_skb+0x103/0x2c0
[ 1909.637394][ T1765]  __alloc_skb+0x103/0x2c0
[ 1909.641830][ T1765]  rtmsg_ifinfo_build_skb+0x8c/0x260
[ 1909.647182][ T1765]  rtnetlink_event+0x1b7/0x260
[ 1909.652087][ T1765]  notifier_call_chain+0x197/0x380
[ 1909.657242][ T1765]  dev_set_mac_address+0x39a/0x4d0
[ 1909.662390][ T1765]  ? dev_pre_changeaddr_notify+0x120/0x120
[ 1909.668232][ T1765]  ? down_write+0x16e/0x200
[ 1909.672778][ T1765]  dev_set_mac_address_user+0x31/0x50
[ 1909.678183][ T1765]  dev_ioctl+0x7b4/0x1140
[ 1909.682636][ T1765]  sock_do_ioctl+0x239/0x310
[ 1909.687295][ T1765]  ? sock_show_fdinfo+0xb0/0xb0
[ 1909.692274][ T1765]  sock_ioctl+0x5ba/0x7e0
[ 1909.696747][ T1765]  ? sock_poll+0x3e0/0x3e0
[ 1909.701414][ T1765]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1909.706383][ T1765]  ? security_file_ioctl+0x80/0xa0
[ 1909.711524][ T1765]  ? sock_poll+0x3e0/0x3e0
[ 1909.715976][ T1765]  __se_sys_ioctl+0xfd/0x170
[ 1909.720588][ T1765]  do_syscall_64+0x55/0xa0
[ 1909.725028][ T1765]  ? clear_bhb_loop+0x40/0x90
[ 1909.729748][ T1765]  ? clear_bhb_loop+0x40/0x90
[ 1909.734609][ T1765]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1909.740786][ T1765] RIP: 0033:0x7f4d5b99c799
[ 1909.745239][ T1765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1909.764900][ T1765] RSP: 002b:00007f4d5c7a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1909.773366][ T1765] RAX: ffffffffffffffda RBX: 00007f4d5bc15fa0 RCX: 00007f4d5b99c799
[ 1909.781440][ T1765] RDX: 0000200000000080 RSI: 0000000000008924 RDI: 0000000000000004
[ 1909.789481][ T1765] RBP: 00007f4d5c7a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1909.797684][ T1765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1909.805700][ T1765] R13: 00007f4d5bc16038 R14: 00007f4d5bc15fa0 R15: 00007ffc3d39c098
[ 1909.813751][ T1765]  </TASK>
[ 1910.393243][ T5905] wlan1: Creating new IBSS network, BSSID fe:8f:de:a7:66:87
[ 1910.429908][T30045] wlan1: Creating new IBSS network, BSSID 2a:3a:39:4b:f5:d2
[ 1910.464672][ T1779] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8796'.
[ 1910.481658][ T1782] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1910.494949][ T1781] netlink: 'syz.2.8795': attribute type 10 has an invalid length.
[ 1910.666778][ T1789] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.8798'.
[ 1912.121657][ T5911] wlan1: Trigger new scan to find an IBSS to join
[ 1912.806077][ T1796] FAULT_INJECTION: forcing a failure.
[ 1912.806077][ T1796] name failslab, interval 1, probability 0, space 0, times 0
[ 1912.821926][ T1796] CPU: 0 PID: 1796 Comm: syz.2.8800 Not tainted syzkaller #0
[ 1912.829364][ T1796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1912.839453][ T1796] Call Trace:
[ 1912.842753][ T1796]  <TASK>
[ 1912.845770][ T1796]  dump_stack_lvl+0x18c/0x250
[ 1912.850615][ T1796]  ? show_regs_print_info+0x20/0x20
[ 1912.855959][ T1796]  ? load_image+0x400/0x400
[ 1912.860512][ T1796]  ? __lock_acquire+0x7d40/0x7d40
[ 1912.865669][ T1796]  should_fail_ex+0x39d/0x4d0
[ 1912.870403][ T1796]  should_failslab+0x9/0x20
[ 1912.874937][ T1796]  slab_pre_alloc_hook+0x59/0x310
[ 1912.879994][ T1796]  ? nsim_bpf+0x6f4/0xce0
[ 1912.884390][ T1796]  __kmem_cache_alloc_node+0x53/0x250
[ 1912.889804][ T1796]  ? nsim_bpf+0x6f4/0xce0
[ 1912.894167][ T1796]  kmalloc_trace+0x2a/0xe0
[ 1912.898878][ T1796]  nsim_bpf+0x6f4/0xce0
[ 1912.903065][ T1796]  bpf_map_offload_map_alloc+0x3cf/0x610
[ 1912.908816][ T1796]  ? bpf_prog_offload_info_fill_ns+0x290/0x290
[ 1912.915092][ T1796]  map_create+0x877/0x12f0
[ 1912.919531][ T1796]  ? bpf_lsm_bpf+0x9/0x10
[ 1912.923878][ T1796]  __sys_bpf+0x651/0x890
[ 1912.928130][ T1796]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1912.933532][ T1796]  ? lock_chain_count+0x20/0x20
[ 1912.938410][ T1796]  __x64_sys_bpf+0x7c/0x90
[ 1912.942841][ T1796]  do_syscall_64+0x55/0xa0
[ 1912.947272][ T1796]  ? clear_bhb_loop+0x40/0x90
[ 1912.951982][ T1796]  ? clear_bhb_loop+0x40/0x90
[ 1912.956778][ T1796]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1912.962777][ T1796] RIP: 0033:0x7f4d5b99c799
[ 1912.967208][ T1796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1912.987008][ T1796] RSP: 002b:00007f4d5c7a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1912.995524][ T1796] RAX: ffffffffffffffda RBX: 00007f4d5bc15fa0 RCX: 00007f4d5b99c799
[ 1913.003599][ T1796] RDX: 0000000000000048 RSI: 00002000000000c0 RDI: 0000000000000000
[ 1913.011583][ T1796] RBP: 00007f4d5c7a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1913.019650][ T1796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1913.027626][ T1796] R13: 00007f4d5bc16038 R14: 00007f4d5bc15fa0 R15: 00007ffc3d39c098
[ 1913.035626][ T1796]  </TASK>
[ 1913.079696][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1914.182937][ T1827] netlink: 14975 bytes leftover after parsing attributes in process `syz.0.8807'.
[ 1914.261189][ T1823] netlink: 'syz.1.8806': attribute type 10 has an invalid length.
[ 1914.501748][ T1825] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1914.555275][ T1830] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.8808'.
[ 1914.862147][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.869103][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1914.890341][ T1836] netlink: 16410 bytes leftover after parsing attributes in process `syz.1.8809'.
[ 1914.927777][ T1830] netlink: 21068 bytes leftover after parsing attributes in process `syz.2.8808'.
[ 1914.968235][ T1830] tipc: Started in network mode
[ 1915.010626][ T1830] tipc: Node identity b, cluster identity 73
[ 1915.040106][ T1830] tipc: Node number set to 11
[ 1916.224711][ T1860] FAULT_INJECTION: forcing a failure.
[ 1916.224711][ T1860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1916.248665][ T1860] CPU: 1 PID: 1860 Comm: syz.2.8818 Not tainted syzkaller #0
[ 1916.256222][ T1860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1916.266319][ T1860] Call Trace:
[ 1916.269624][ T1860]  <TASK>
[ 1916.272576][ T1860]  dump_stack_lvl+0x18c/0x250
[ 1916.277290][ T1860]  ? show_regs_print_info+0x20/0x20
[ 1916.282517][ T1860]  ? load_image+0x400/0x400
[ 1916.287063][ T1860]  ? __might_fault+0xaa/0x120
[ 1916.291773][ T1860]  ? __lock_acquire+0x7d40/0x7d40
[ 1916.296829][ T1860]  should_fail_ex+0x39d/0x4d0
[ 1916.301545][ T1860]  _copy_to_user+0x2f/0xa0
[ 1916.306090][ T1860]  map_lookup_and_delete_elem+0x8b0/0xa50
[ 1916.311864][ T1860]  __sys_bpf+0x528/0x890
[ 1916.316242][ T1860]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1916.321669][ T1860]  ? lock_chain_count+0x20/0x20
[ 1916.326557][ T1860]  __x64_sys_bpf+0x7c/0x90
[ 1916.331005][ T1860]  do_syscall_64+0x55/0xa0
[ 1916.335548][ T1860]  ? clear_bhb_loop+0x40/0x90
[ 1916.340513][ T1860]  ? clear_bhb_loop+0x40/0x90
[ 1916.345213][ T1860]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1916.351223][ T1860] RIP: 0033:0x7f4d5b99c799
[ 1916.355661][ T1860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1916.375548][ T1860] RSP: 002b:00007f4d5c7a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1916.384147][ T1860] RAX: ffffffffffffffda RBX: 00007f4d5bc15fa0 RCX: 00007f4d5b99c799
[ 1916.392248][ T1860] RDX: 0000000000000020 RSI: 0000200000000640 RDI: 0000000000000015
[ 1916.400322][ T1860] RBP: 00007f4d5c7a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1916.408408][ T1860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1916.416404][ T1860] R13: 00007f4d5bc16038 R14: 00007f4d5bc15fa0 R15: 00007ffc3d39c098
[ 1916.424513][ T1860]  </TASK>
[ 1916.572501][ T1862] netlink: 'syz.0.8817': attribute type 10 has an invalid length.
[ 1916.716022][ T1867] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8820'.
[ 1916.805870][ T1867] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1916.901704][ T1875] netlink: 16410 bytes leftover after parsing attributes in process `syz.1.8824'.
[ 1917.082758][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1917.160709][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1917.167417][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1917.501529][ T1877] netlink: 830 bytes leftover after parsing attributes in process `syz.3.8826'.
[ 1917.962041][ T1898] FAULT_INJECTION: forcing a failure.
[ 1917.962041][ T1898] name failslab, interval 1, probability 0, space 0, times 0
[ 1917.973768][ T1892] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.8836'.
[ 1918.053621][ T1899] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1918.064789][ T1898] CPU: 0 PID: 1898 Comm: syz.3.8829 Not tainted syzkaller #0
[ 1918.072399][ T1898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1918.082494][ T1898] Call Trace:
[ 1918.085813][ T1898]  <TASK>
[ 1918.088760][ T1898]  dump_stack_lvl+0x18c/0x250
[ 1918.093502][ T1898]  ? show_regs_print_info+0x20/0x20
[ 1918.099189][ T1898]  ? load_image+0x400/0x400
[ 1918.103837][ T1898]  ? __might_sleep+0xe0/0xe0
[ 1918.108567][ T1898]  ? __lock_acquire+0x7d40/0x7d40
[ 1918.113698][ T1898]  ? __fget_files+0x28/0x4b0
[ 1918.118343][ T1898]  should_fail_ex+0x39d/0x4d0
[ 1918.123249][ T1898]  should_failslab+0x9/0x20
[ 1918.127810][ T1898]  slab_pre_alloc_hook+0x59/0x310
[ 1918.132884][ T1898]  ? __fget_files+0x28/0x4b0
[ 1918.137516][ T1898]  ? __fget_files+0x28/0x4b0
[ 1918.142171][ T1898]  kmem_cache_alloc+0x5a/0x2d0
[ 1918.147108][ T1898]  ? getname_flags+0xbb/0x500
[ 1918.151846][ T1898]  getname_flags+0xbb/0x500
[ 1918.156484][ T1898]  user_path_create+0x25/0x50
[ 1918.161304][ T1898]  bpf_obj_pin_user+0x149/0x330
[ 1918.166303][ T1898]  ? verifier_remove_insns+0x1370/0x1370
[ 1918.172259][ T1898]  ? __might_fault+0xaa/0x120
[ 1918.177143][ T1898]  __sys_bpf+0x7be/0x890
[ 1918.181514][ T1898]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1918.186941][ T1898]  ? lock_chain_count+0x20/0x20
[ 1918.191926][ T1898]  __x64_sys_bpf+0x7c/0x90
[ 1918.196477][ T1898]  do_syscall_64+0x55/0xa0
[ 1918.200933][ T1898]  ? clear_bhb_loop+0x40/0x90
[ 1918.205836][ T1898]  ? clear_bhb_loop+0x40/0x90
[ 1918.210645][ T1898]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1918.216756][ T1898] RIP: 0033:0x7f5f7899c799
[ 1918.221302][ T1898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1918.241137][ T1898] RSP: 002b:00007f5f79901028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1918.249769][ T1898] RAX: ffffffffffffffda RBX: 00007f5f78c15fa0 RCX: 00007f5f7899c799
[ 1918.257772][ T1898] RDX: 0000000000000018 RSI: 0000200000000140 RDI: 0000000000000006
[ 1918.265891][ T1898] RBP: 00007f5f79901090 R08: 0000000000000000 R09: 0000000000000000
[ 1918.274333][ T1898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1918.282334][ T1898] R13: 00007f5f78c16038 R14: 00007f5f78c15fa0 R15: 00007ffcb181fcf8
[ 1918.290392][ T1898]  </TASK>
[ 1918.306175][T30045] wlan1: Creating new IBSS network, BSSID 9a:d8:04:34:51:79
[ 1918.412539][ T5905] wlan1: Creating new IBSS network, BSSID c6:38:40:93:66:88
[ 1918.910910][ T1915] netlink: 16410 bytes leftover after parsing attributes in process `syz.1.8837'.
[ 1919.110367][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1919.931059][ T1934] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.8844'.
[ 1921.033081][ T1960] ±ÿ: renamed from team_slave_1 (while UP)
[ 1921.078625][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1921.090532][ T1962] FAULT_INJECTION: forcing a failure.
[ 1921.090532][ T1962] name failslab, interval 1, probability 0, space 0, times 0
[ 1921.113915][ T1962] CPU: 1 PID: 1962 Comm: syz.1.8851 Not tainted syzkaller #0
[ 1921.121360][ T1962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1921.131433][ T1962] Call Trace:
[ 1921.134785][ T1962]  <TASK>
[ 1921.137735][ T1962]  dump_stack_lvl+0x18c/0x250
[ 1921.142445][ T1962]  ? show_regs_print_info+0x20/0x20
[ 1921.147659][ T1962]  ? load_image+0x400/0x400
[ 1921.152181][ T1962]  ? __might_sleep+0xe0/0xe0
[ 1921.156787][ T1962]  ? __lock_acquire+0x7d40/0x7d40
[ 1921.162091][ T1962]  should_fail_ex+0x39d/0x4d0
[ 1921.166792][ T1962]  should_failslab+0x9/0x20
[ 1921.171315][ T1962]  slab_pre_alloc_hook+0x59/0x310
[ 1921.176364][ T1962]  ? tomoyo_encode+0x28b/0x540
[ 1921.181400][ T1962]  ? tomoyo_encode+0x28b/0x540
[ 1921.186173][ T1962]  __kmem_cache_alloc_node+0x53/0x250
[ 1921.191567][ T1962]  ? tomoyo_encode+0x28b/0x540
[ 1921.196349][ T1962]  __kmalloc+0xa4/0x230
[ 1921.200524][ T1962]  tomoyo_encode+0x28b/0x540
[ 1921.205132][ T1962]  tomoyo_realpath_from_path+0x592/0x5d0
[ 1921.210798][ T1962]  tomoyo_path_number_perm+0x248/0x620
[ 1921.216452][ T1962]  ? tomoyo_path_number_perm+0x217/0x620
[ 1921.222124][ T1962]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1921.227782][ T1962]  ? ksys_write+0x1c4/0x260
[ 1921.232334][ T1962]  ? __fget_files+0x28/0x4b0
[ 1921.236937][ T1962]  ? __fget_files+0x28/0x4b0
[ 1921.241553][ T1962]  security_file_ioctl+0x70/0xa0
[ 1921.246516][ T1962]  __se_sys_ioctl+0x48/0x170
[ 1921.251127][ T1962]  do_syscall_64+0x55/0xa0
[ 1921.255559][ T1962]  ? clear_bhb_loop+0x40/0x90
[ 1921.260246][ T1962]  ? clear_bhb_loop+0x40/0x90
[ 1921.264943][ T1962]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1921.270846][ T1962] RIP: 0033:0x7fe1f8d9c799
[ 1921.275276][ T1962] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1921.294981][ T1962] RSP: 002b:00007fe1f9d19028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1921.303422][ T1962] RAX: ffffffffffffffda RBX: 00007fe1f9015fa0 RCX: 00007fe1f8d9c799
[ 1921.311495][ T1962] RDX: 00002000000000c0 RSI: 0000000000008923 RDI: 0000000000000004
[ 1921.319480][ T1962] RBP: 00007fe1f9d19090 R08: 0000000000000000 R09: 0000000000000000
[ 1921.327521][ T1962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1921.335499][ T1962] R13: 00007fe1f9016038 R14: 00007fe1f9015fa0 R15: 00007ffeb6b74d98
[ 1921.343529][ T1962]  </TASK>
[ 1921.390473][ T1962] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1921.397423][ T1962] ±ÿ: renamed from team_slave_1 (while UP)
[ 1921.855254][ T1974] netlink: 'syz.0.8862': attribute type 29 has an invalid length.
[ 1922.214593][ T1974] netlink: 'syz.0.8862': attribute type 29 has an invalid length.
[ 1922.225123][ T1973] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8854'.
[ 1922.278121][ T1971] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1922.645052][ T1978] ±ÿ: renamed from team_slave_1 (while UP)
[ 1923.158674][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1924.116123][T30391] wlan1: Creating new IBSS network, BSSID 82:eb:2c:69:a3:fe
[ 1925.162796][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1925.831889][ T1997] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8861'.
[ 1925.842076][ T1999] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1925.852397][ T2005] netlink: 164 bytes leftover after parsing attributes in process `syz.1.8864'.
[ 1926.049469][T30391] wlan1: Creating new IBSS network, BSSID 72:db:55:71:f1:2b
[ 1926.063129][ T2007] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8865'.
[ 1926.129150][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1926.355761][ T2007] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1927.520917][ T2033] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8875'.
[ 1927.662327][ T2038] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.8876'.
[ 1927.673353][ T2033] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1928.594064][ T2041] netlink: 164 bytes leftover after parsing attributes in process `syz.0.8877'.
[ 1928.699208][ T2050] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1929.084689][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1930.119920][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1931.081673][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1931.655991][ T2077] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8888'.
[ 1931.741913][ T2081] netlink: 'syz.0.8890': attribute type 9 has an invalid length.
[ 1931.773817][ T2081] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.8890'.
[ 1931.861182][ T2077] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1932.128634][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1932.385691][ T2096] netlink: 'syz.1.8891': attribute type 9 has an invalid length.
[ 1932.448004][ T2096] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.8891'.
[ 1932.621304][ T2095] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.8892'.
[ 1932.746374][ T2095] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1933.160240][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1933.562875][ T2101] netlink: 'syz.3.8894': attribute type 10 has an invalid length.
[ 1933.922638][ T2112] netlink: 'syz.3.8899': attribute type 10 has an invalid length.
[ 1934.129710][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1934.531703][ T2134] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1934.550593][ T2128] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8904'.
[ 1935.064341][ T2142] netlink: 'syz.1.8908': attribute type 10 has an invalid length.
[ 1935.098667][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1935.161461][T22182] wlan1: Creating new IBSS network, BSSID 8a:d0:53:22:6f:e9
[ 1935.313443][ T2145] netlink: 'syz.2.8909': attribute type 10 has an invalid length.
[ 1936.130743][ T5923] wlan1: Creating new IBSS network, BSSID ae:56:f0:29:ee:b4
[ 1936.147104][ T2161] netlink: 'syz.1.8913': attribute type 21 has an invalid length.
[ 1936.571252][ T2162] netlink: 'syz.1.8913': attribute type 21 has an invalid length.
[ 1936.590850][ T2162] netlink: 'syz.1.8913': attribute type 1 has an invalid length.
[ 1936.609272][ T2162] netlink: 132 bytes leftover after parsing attributes in process `syz.1.8913'.
[ 1938.994837][ T2173] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8917'.
[ 1939.006269][ T2178] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1939.016874][ T2180] netlink: 'syz.1.8920': attribute type 10 has an invalid length.
[ 1939.028531][ T2182] netlink: 144 bytes leftover after parsing attributes in process `syz.0.8921'.
[ 1939.125765][ T2182] team0: Port device team_slave_0 removed
[ 1939.152144][ T2182] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1939.174648][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1939.547297][ T2195] FAULT_INJECTION: forcing a failure.
[ 1939.547297][ T2195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1939.570035][ T2195] CPU: 1 PID: 2195 Comm: syz.2.8927 Not tainted syzkaller #0
[ 1939.577478][ T2195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1939.587562][ T2195] Call Trace:
[ 1939.590868][ T2195]  <TASK>
[ 1939.593834][ T2195]  dump_stack_lvl+0x18c/0x250
[ 1939.598692][ T2195]  ? show_regs_print_info+0x20/0x20
[ 1939.603957][ T2195]  ? load_image+0x400/0x400
[ 1939.608527][ T2195]  ? __might_fault+0xaa/0x120
[ 1939.613345][ T2195]  ? __lock_acquire+0x7d40/0x7d40
[ 1939.618456][ T2195]  ? mark_lock+0x94/0x320
[ 1939.622842][ T2195]  should_fail_ex+0x39d/0x4d0
[ 1939.627664][ T2195]  _copy_from_user+0x2f/0xe0
[ 1939.632385][ T2195]  get_user_ifreq+0x6b/0x180
[ 1939.637015][ T2195]  inet_ioctl+0x3ed/0x560
[ 1939.641381][ T2195]  ? tomoyo_path_number_perm+0x217/0x620
[ 1939.647060][ T2195]  ? inet_shutdown+0x370/0x370
[ 1939.651858][ T2195]  ? slab_free_freelist_hook+0x130/0x1a0
[ 1939.657529][ T2195]  ? tomoyo_path_number_perm+0x500/0x620
[ 1939.663201][ T2195]  ? __kmem_cache_free+0xba/0x1e0
[ 1939.668278][ T2195]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1939.673783][ T2195]  ? packet_ioctl+0x269/0x340
[ 1939.678513][ T2195]  sock_do_ioctl+0xfc/0x310
[ 1939.683051][ T2195]  ? sock_show_fdinfo+0xb0/0xb0
[ 1939.688037][ T2195]  sock_ioctl+0x5ba/0x7e0
[ 1939.692416][ T2195]  ? sock_poll+0x3e0/0x3e0
[ 1939.696938][ T2195]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1939.701885][ T2195]  ? security_file_ioctl+0x80/0xa0
[ 1939.707001][ T2195]  ? sock_poll+0x3e0/0x3e0
[ 1939.711415][ T2195]  __se_sys_ioctl+0xfd/0x170
[ 1939.716005][ T2195]  do_syscall_64+0x55/0xa0
[ 1939.720419][ T2195]  ? clear_bhb_loop+0x40/0x90
[ 1939.725118][ T2195]  ? clear_bhb_loop+0x40/0x90
[ 1939.729813][ T2195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1939.735711][ T2195] RIP: 0033:0x7f4d5b99c799
[ 1939.740321][ T2195] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1939.760281][ T2195] RSP: 002b:00007f4d5c7a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1939.768864][ T2195] RAX: ffffffffffffffda RBX: 00007f4d5bc15fa0 RCX: 00007f4d5b99c799
[ 1939.776828][ T2195] RDX: 0000200000000000 RSI: 000000000000891a RDI: 0000000000000003
[ 1939.784808][ T2195] RBP: 00007f4d5c7a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1939.792897][ T2195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1939.800937][ T2195] R13: 00007f4d5bc16038 R14: 00007f4d5bc15fa0 R15: 00007ffc3d39c098
[ 1939.809007][ T2195]  </TASK>
[ 1940.032910][ T2201] netlink: 'syz.0.8928': attribute type 21 has an invalid length.
[ 1940.119762][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1940.221263][ T2204] netlink: 'syz.0.8928': attribute type 21 has an invalid length.
[ 1940.368841][ T2204] netlink: 'syz.0.8928': attribute type 1 has an invalid length.
[ 1940.398587][ T2204] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8928'.
[ 1940.448334][ T2210] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8931'.
[ 1940.472438][ T2210] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1940.519430][ T2208] netlink: 'syz.1.8932': attribute type 10 has an invalid length.
[ 1941.078755][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1941.143082][T30045] wlan1: Creating new IBSS network, BSSID 0a:15:00:cb:9a:18
[ 1941.177221][ T2218] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.8942'.
[ 1941.197403][ T2215] netlink: 144 bytes leftover after parsing attributes in process `syz.3.8934'.
[ 1941.284878][ T2215] team0: Port device team_slave_0 removed
[ 1941.293076][ T2215] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1941.313810][ T2220] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1943.095283][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1943.163439][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1944.017105][T30391] wlan1: Creating new IBSS network, BSSID 8a:32:be:5c:1b:fd
[ 1944.125226][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1944.132177][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1944.374729][ T2242] netlink: 'syz.3.8943': attribute type 21 has an invalid length.
[ 1944.395920][ T2245] netlink: 'syz.3.8943': attribute type 21 has an invalid length.
[ 1944.408826][ T2245] netlink: 'syz.3.8943': attribute type 1 has an invalid length.
[ 1944.416753][ T2245] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8943'.
[ 1944.448543][ T2247] netlink: 'syz.0.8944': attribute type 10 has an invalid length.
[ 1944.665542][ T2256] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.8947'.
[ 1944.711689][ T2257] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1944.981319][ T2260] netlink: 144 bytes leftover after parsing attributes in process `syz.2.8948'.
[ 1945.102903][ T2260] team0: Port device C removed
[ 1945.132187][ T2260] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[ 1946.129818][ T2282] netlink: 'syz.3.8958': attribute type 10 has an invalid length.
[ 1947.089876][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1947.163880][ T5905] wlan1: Trigger new scan to find an IBSS to join
[ 1947.168536][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1948.113731][T30391] wlan1: Creating new IBSS network, BSSID 12:00:d2:d3:fc:eb
[ 1948.340333][ T2289] netlink: 'syz.2.8968': attribute type 10 has an invalid length.
[ 1948.477710][ T2299] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.8962'.
[ 1949.370558][ T2299] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1949.382046][ T2314] netlink: 144 bytes leftover after parsing attributes in process `syz.1.8967'.
[ 1949.664540][ T2314] team0: Port device team_slave_0 removed
[ 1949.683930][ T2314] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1950.125529][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1950.132984][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1951.059046][ T5905] wlan1: Creating new IBSS network, BSSID f2:00:3c:27:11:10
[ 1951.932212][ T2322] netlink: 'syz.3.8971': attribute type 10 has an invalid length.
[ 1952.105921][ T2335] FAULT_INJECTION: forcing a failure.
[ 1952.105921][ T2335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1952.130866][ T2335] CPU: 0 PID: 2335 Comm: syz.1.8975 Not tainted syzkaller #0
[ 1952.138573][ T2335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1952.144381][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1952.148640][ T2335] Call Trace:
[ 1952.148651][ T2335]  <TASK>
[ 1952.148661][ T2335]  dump_stack_lvl+0x18c/0x250
[ 1952.148703][ T2335]  ? show_regs_print_info+0x20/0x20
[ 1952.148733][ T2335]  ? load_image+0x400/0x400
[ 1952.148762][ T2335]  ? __lock_acquire+0x7d40/0x7d40
[ 1952.148787][ T2335]  ? __virt_addr_valid+0x18c/0x540
[ 1952.148816][ T2335]  should_fail_ex+0x39d/0x4d0
[ 1952.148851][ T2335]  _copy_from_user+0x2f/0xe0
[ 1952.148878][ T2335]  map_update_elem+0x4e8/0x700
[ 1952.148911][ T2335]  __sys_bpf+0x6b5/0x890
[ 1952.148934][ T2335]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1952.210216][ T2335]  ? lock_chain_count+0x20/0x20
[ 1952.215100][ T2335]  __x64_sys_bpf+0x7c/0x90
[ 1952.219532][ T2335]  do_syscall_64+0x55/0xa0
[ 1952.223992][ T2335]  ? clear_bhb_loop+0x40/0x90
[ 1952.228697][ T2335]  ? clear_bhb_loop+0x40/0x90
[ 1952.233396][ T2335]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1952.239306][ T2335] RIP: 0033:0x7fe1f8d9c799
[ 1952.243737][ T2335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1952.263546][ T2335] RSP: 002b:00007fe1f9d19028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1952.271973][ T2335] RAX: ffffffffffffffda RBX: 00007fe1f9015fa0 RCX: 00007fe1f8d9c799
[ 1952.279963][ T2335] RDX: 0000000000000020 RSI: 0000200000000900 RDI: 0000000000000002
[ 1952.288037][ T2335] RBP: 00007fe1f9d19090 R08: 0000000000000000 R09: 0000000000000000
[ 1952.296040][ T2335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1952.304105][ T2335] R13: 00007fe1f9016038 R14: 00007fe1f9015fa0 R15: 00007ffeb6b74d98
[ 1952.312109][ T2335]  </TASK>
[ 1952.449697][ T2344] FAULT_INJECTION: forcing a failure.
[ 1952.449697][ T2344] name failslab, interval 1, probability 0, space 0, times 0
[ 1952.463124][ T2344] CPU: 1 PID: 2344 Comm: syz.3.8981 Not tainted syzkaller #0
[ 1952.470638][ T2344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1952.478176][ T2345] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8979'.
[ 1952.480870][ T2344] Call Trace:
[ 1952.480886][ T2344]  <TASK>
[ 1952.480895][ T2344]  dump_stack_lvl+0x18c/0x250
[ 1952.480936][ T2344]  ? show_regs_print_info+0x20/0x20
[ 1952.480965][ T2344]  ? load_image+0x400/0x400
[ 1952.480994][ T2344]  ? verify_lock_unused+0x140/0x140
[ 1952.481019][ T2344]  ? perf_trace_lock+0xfc/0x3b0
[ 1952.481042][ T2344]  should_fail_ex+0x39d/0x4d0
[ 1952.481075][ T2344]  should_failslab+0x9/0x20
[ 1952.481103][ T2344]  slab_pre_alloc_hook+0x59/0x310
[ 1952.481136][ T2344]  kmem_cache_alloc+0x5a/0x2d0
[ 1952.481162][ T2344]  ? skb_clone+0x1eb/0x370
[ 1952.481187][ T2344]  skb_clone+0x1eb/0x370
[ 1952.481211][ T2344]  __netlink_deliver_tap+0x41c/0x830
[ 1952.481254][ T2344]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1952.481282][ T2344]  netlink_deliver_tap+0x19c/0x1b0
[ 1952.481313][ T2344]  netlink_unicast+0x72c/0x8d0
[ 1952.481350][ T2344]  netlink_sendmsg+0x8d0/0xbf0
[ 1952.481387][ T2344]  ? netlink_getsockopt+0x590/0x590
[ 1952.481418][ T2344]  ? aa_sock_msg_perm+0x94/0x150
[ 1952.481444][ T2344]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1952.481468][ T2344]  ? security_socket_sendmsg+0x80/0xa0
[ 1952.481489][ T2344]  ? netlink_getsockopt+0x590/0x590
[ 1952.600332][ T2344]  ____sys_sendmsg+0x5ba/0x960
[ 1952.605123][ T2344]  ? __asan_memset+0x22/0x40
[ 1952.609727][ T2344]  ? __sys_sendmsg_sock+0x30/0x30
[ 1952.614764][ T2344]  ? __import_iovec+0x5f2/0x850
[ 1952.619737][ T2344]  ? import_iovec+0x73/0xa0
[ 1952.624369][ T2344]  ___sys_sendmsg+0x2a6/0x360
[ 1952.629082][ T2344]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1952.633894][ T2344]  ? __lock_acquire+0x7d40/0x7d40
[ 1952.638999][ T2344]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1952.643880][ T2344]  ? __x64_sys_sendmsg+0x80/0x80
[ 1952.648909][ T2344]  ? lockdep_hardirqs_on+0x98/0x150
[ 1952.654140][ T2344]  do_syscall_64+0x55/0xa0
[ 1952.658581][ T2344]  ? clear_bhb_loop+0x40/0x90
[ 1952.663280][ T2344]  ? clear_bhb_loop+0x40/0x90
[ 1952.667976][ T2344]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1952.673981][ T2344] RIP: 0033:0x7f5f7899c799
[ 1952.678410][ T2344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1952.698203][ T2344] RSP: 002b:00007f5f79901028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1952.706629][ T2344] RAX: ffffffffffffffda RBX: 00007f5f78c15fa0 RCX: 00007f5f7899c799
[ 1952.714628][ T2344] RDX: 0000000000008044 RSI: 0000200000000600 RDI: 0000000000000003
[ 1952.722608][ T2344] RBP: 00007f5f79901090 R08: 0000000000000000 R09: 0000000000000000
[ 1952.730585][ T2344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1952.738648][ T2344] R13: 00007f5f78c16038 R14: 00007f5f78c15fa0 R15: 00007ffcb181fcf8
[ 1952.746729][ T2344]  </TASK>
[ 1952.756914][ T2345] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1952.767048][ T2344] netlink: 'syz.3.8981': attribute type 10 has an invalid length.
[ 1952.871768][ T2344] team0: Port device dummy0 added
[ 1953.174875][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1954.045652][ T2349] netlink: 830 bytes leftover after parsing attributes in process `syz.0.8983'.
[ 1954.200889][T22182] wlan1: Creating new IBSS network, BSSID ee:a5:d9:9c:3b:aa
[ 1955.036218][ T2394] netlink: 'syz.3.8996': attribute type 10 has an invalid length.
[ 1955.080159][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1956.161624][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1957.367041][ T5923] wlan1: Creating new IBSS network, BSSID c2:01:fd:8b:d5:a0
[ 1959.275568][ T2429] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1959.757723][ T2438] netlink: 'syz.1.9008': attribute type 10 has an invalid length.
[ 1960.119200][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1960.506840][ T2472] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1960.946065][ T2480] netlink: 'syz.1.9020': attribute type 25 has an invalid length.
[ 1960.955339][ T2480] netlink: 'syz.1.9020': attribute type 9 has an invalid length.
[ 1961.155935][ T2490] netlink: 'syz.2.9022': attribute type 10 has an invalid length.
[ 1961.894797][ T2508] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1963.088619][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1964.129640][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1964.607085][ T2534] netlink: 'syz.0.9035': attribute type 10 has an invalid length.
[ 1965.024328][ T2543] mac80211_hwsim hwsim42 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1965.096809][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1965.681637][ T2570] netlink: 'syz.3.9047': attribute type 10 has an invalid length.
[ 1967.080408][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1968.128621][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1968.466847][ T2600] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1968.885015][ T2609] netlink: 'syz.0.9058': attribute type 10 has an invalid length.
[ 1969.089094][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 1969.108616][ T1131] wlan1: Creating new IBSS network, BSSID 5e:47:10:99:47:b4
[ 1969.240646][ T2632] netlink: 17279 bytes leftover after parsing attributes in process `syz.2.9063'.
[ 1969.432842][ T2632] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1970.024922][T22182] wlan1: Creating new IBSS network, BSSID 4e:ff:bb:4a:e9:f7
[ 1970.120896][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1972.139456][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1972.312961][ T2669] netlink: 'syz.2.9071': attribute type 10 has an invalid length.
[ 1972.683833][ T2679] netlink: 17279 bytes leftover after parsing attributes in process `syz.2.9076'.
[ 1972.825921][ T2679] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1973.161057][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1974.141027][T30391] wlan1: Creating new IBSS network, BSSID 66:e5:37:a8:aa:a2
[ 1975.594968][ T2714] netlink: 'syz.1.9086': attribute type 25 has an invalid length.
[ 1975.604535][ T2714] netlink: 'syz.1.9086': attribute type 9 has an invalid length.
[ 1975.903945][ T2727] netlink: 'syz.0.9087': attribute type 10 has an invalid length.
[ 1975.989920][ T2728] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1976.306493][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.315875][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1977.079320][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1978.118668][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1979.517956][ T2751] netlink: 'syz.1.9097': attribute type 25 has an invalid length.
[ 1979.526267][ T2751] netlink: 'syz.1.9097': attribute type 9 has an invalid length.
[ 1979.543134][ T2764] netlink: 'syz.0.9100': attribute type 10 has an invalid length.
[ 1979.740614][ T2772] netlink: 17279 bytes leftover after parsing attributes in process `syz.1.9101'.
[ 1979.825851][ T2772] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1980.118787][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1980.665226][ T2799] netlink: 'syz.2.9111': attribute type 10 has an invalid length.
[ 1981.229791][T30391] wlan1: Creating new IBSS network, BSSID a2:16:d6:a5:ae:2a
[ 1982.128958][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1983.357236][ T2817] netlink: 17279 bytes leftover after parsing attributes in process `syz.1.9115'.
[ 1983.367268][ T2822] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1983.951863][ T2847] netlink: 'syz.1.9121': attribute type 25 has an invalid length.
[ 1983.967388][ T2847] netlink: 'syz.1.9121': attribute type 9 has an invalid length.
[ 1984.177414][ T2857] netlink: 'syz.2.9125': attribute type 10 has an invalid length.
[ 1984.565574][ T2866] netlink: 17279 bytes leftover after parsing attributes in process `syz.3.9129'.
[ 1984.750205][ T2866] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1986.129115][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1987.171010][T22182] wlan1: Trigger new scan to find an IBSS to join
[ 1987.533308][ T2878] netlink: 'syz.1.9134': attribute type 25 has an invalid length.
[ 1987.541275][ T2878] netlink: 'syz.1.9134': attribute type 9 has an invalid length.
[ 1987.908182][ T2909] netlink: 'syz.2.9143': attribute type 10 has an invalid length.
[ 1988.167505][ T2910] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1989.186702][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1991.482601][ T2945] netlink: 'syz.0.9156': attribute type 10 has an invalid length.
[ 1992.040104][ T2951] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1992.119756][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1993.156135][T22182] wlan1: Creating new IBSS network, BSSID e2:0b:7a:7a:98:e3
[ 1994.120239][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 1995.604977][ T2986] netlink: 'syz.2.9170': attribute type 10 has an invalid length.
[ 1995.934010][ T2997] mac80211_hwsim hwsim50 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1996.702686][ T3015] netlink: 'syz.1.9181': attribute type 10 has an invalid length.
[ 1997.159321][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 1998.124481][ T1131] wlan1: Trigger new scan to find an IBSS to join
[ 1999.579891][ T3033] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1999.982118][ T3049] netlink: 'syz.1.9194': attribute type 10 has an invalid length.
[ 2000.144052][T30045] wlan1: Trigger new scan to find an IBSS to join
[ 2000.697378][ T3064] netlink: 'syz.1.9199': attribute type 25 has an invalid length.
[ 2000.735243][ T3064] netlink: 'syz.1.9199': attribute type 9 has an invalid length.
[ 2000.820082][ T3070] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 2001.171377][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 2002.123664][T30391] wlan1: Trigger new scan to find an IBSS to join
[ 2003.306144][ T3084] netlink: 'syz.1.9207': attribute type 10 has an invalid length.
[ 2004.134377][T30045] wlan1: Creating new IBSS network, BSSID ae:e7:cf:be:cd:79
[ 2004.642602][ T3109] mac80211_hwsim hwsim48 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 2004.823239][ T3114] netlink: 'syz.2.9217': attribute type 10 has an invalid length.
[ 2005.163858][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 2006.360050][ T5905] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2007.084929][ T5923] wlan1: Trigger new scan to find an IBSS to join
[ 2008.125023][T22182] wlan1: Creating new IBSS network, BSSID 36:38:61:a8:97:72
[ 2008.372409][ T3153] mac80211_hwsim hwsim44 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 2008.389208][ T1131] ------------[ cut here ]------------
[ 2008.395176][ T1131] WARNING: CPU: 0 PID: 1131 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x3d2/0x440
[ 2008.405252][ T1131] Modules linked in:
[ 2008.409286][ T1131] CPU: 0 PID: 1131 Comm: kworker/u4:5 Not tainted syzkaller #0
[ 2008.416891][ T1131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2008.427416][ T1131] Workqueue: cfg80211 cfg80211_event_work
[ 2008.433357][ T1131] RIP: 0010:__cfg80211_ibss_joined+0x3d2/0x440
[ 2008.439829][ T1131] Code: 00 00 00 48 3b 84 24 80 00 00 00 75 5c 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 a7 f4 a0 f7 0f 0b eb bb e8 9e f4 a0 f7 <0f> 0b 4c 8b 6c 24 18 eb ad e8 90 f4 a0 f7 0f 0b e9 e0 fd ff ff e8
[ 2008.460282][ T1131] RSP: 0018:ffffc90004787a20 EFLAGS: 00010293
[ 2008.466593][ T1131] RAX: ffffffff89e62b82 RBX: dffffc0000000000 RCX: ffff88802412bc00
[ 2008.474759][ T1131] RDX: 0000000000000000 RSI: ffffffff8acac9e0 RDI: ffffffff8b1c89a0
[ 2008.482894][ T1131] RBP: ffffc90004787af8 R08: ffffffff911c356f R09: 1ffffffff22386ad
[ 2008.491051][ T1131] R10: dffffc0000000000 R11: fffffbfff22386ae R12: ffff888069a78c90
[ 2008.499262][ T1131] R13: 1ffff920008f0f4c R14: ffff888059b1b5b8 R15: 000000000000001f
[ 2008.507315][ T1131] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 2008.516573][ T1131] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2008.523578][ T1131] CR2: 00007ff9c95e9e80 CR3: 000000007d5bd000 CR4: 00000000003506f0
[ 2008.531981][ T1131] DR0: 0000000000000000 DR1: 00000000000000d4 DR2: 0000000000000000
[ 2008.540154][ T1131] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 2008.541312][ T3155] netlink: 'syz.0.9230': attribute type 10 has an invalid length.
[ 2008.548257][ T1131] Call Trace:
[ 2008.548403][ T1131]  <TASK>
[ 2008.548436][ T1131]  ? mutex_lock_nested+0x20/0x20
[ 2008.548550][ T1131]  ? trace_rdev_return_void+0x1c0/0x1c0
[ 2008.548637][ T1131]  cfg80211_process_wdev_events+0x3bc/0x550
[ 2008.548721][ T1131]  cfg80211_process_rdev_events+0xa1/0x110
[ 2008.548761][ T1131]  cfg80211_event_work+0x2f/0x40
[ 2008.548796][ T1131]  ? process_scheduled_works+0x96f/0x15d0
[ 2008.548833][ T1131]  process_scheduled_works+0xa5d/0x15d0
[ 2008.549000][ T1131]  ? worker_attach_to_pool+0x380/0x380
[ 2008.549076][ T1131]  ? assign_work+0x3d2/0x5d0
[ 2008.549147][ T1131]  worker_thread+0xa55/0xfc0
[ 2008.618939][ T1131]  kthread+0x2fa/0x390
[ 2008.623112][ T1131]  ? pr_cont_work+0x560/0x560
[ 2008.627909][ T1131]  ? kthread_blkcg+0xd0/0xd0
[ 2008.632717][ T1131]  ret_from_fork+0x48/0x80
[ 2008.637242][ T1131]  ? kthread_blkcg+0xd0/0xd0
[ 2008.642051][ T1131]  ret_from_fork_asm+0x11/0x20
[ 2008.647009][ T1131]  </TASK>
[ 2008.650189][ T1131] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 2008.657820][ T1131] CPU: 0 PID: 1131 Comm: kworker/u4:5 Not tainted syzkaller #0
[ 2008.665399][ T1131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2008.675685][ T1131] Workqueue: cfg80211 cfg80211_event_work
[ 2008.681469][ T1131] Call Trace:
[ 2008.684811][ T1131]  <TASK>
[ 2008.687785][ T1131]  dump_stack_lvl+0x18c/0x250
[ 2008.692565][ T1131]  ? show_regs_print_info+0x20/0x20
[ 2008.698002][ T1131]  ? load_image+0x400/0x400
[ 2008.703941][ T1131]  panic+0x2dc/0x730
[ 2008.707921][ T1131]  ? bpf_jit_dump+0xd0/0xd0
[ 2008.712527][ T1131]  ? ret_from_fork_asm+0x11/0x20
[ 2008.717587][ T1131]  __warn+0x2e0/0x470
[ 2008.721730][ T1131]  ? __cfg80211_ibss_joined+0x3d2/0x440
[ 2008.727444][ T1131]  ? __cfg80211_ibss_joined+0x3d2/0x440
[ 2008.733129][ T1131]  report_bug+0x2be/0x4f0
[ 2008.737672][ T1131]  ? __cfg80211_ibss_joined+0x3d2/0x440
[ 2008.743261][ T1131]  ? __cfg80211_ibss_joined+0x3d2/0x440
[ 2008.748851][ T1131]  ? __cfg80211_ibss_joined+0x3d4/0x440
[ 2008.754527][ T1131]  handle_bug+0xcf/0x120
[ 2008.758832][ T1131]  exc_invalid_op+0x1a/0x50
[ 2008.763416][ T1131]  asm_exc_invalid_op+0x1a/0x20
[ 2008.768297][ T1131] RIP: 0010:__cfg80211_ibss_joined+0x3d2/0x440
[ 2008.774500][ T1131] Code: 00 00 00 48 3b 84 24 80 00 00 00 75 5c 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 a7 f4 a0 f7 0f 0b eb bb e8 9e f4 a0 f7 <0f> 0b 4c 8b 6c 24 18 eb ad e8 90 f4 a0 f7 0f 0b e9 e0 fd ff ff e8
[ 2008.794148][ T1131] RSP: 0018:ffffc90004787a20 EFLAGS: 00010293
[ 2008.800271][ T1131] RAX: ffffffff89e62b82 RBX: dffffc0000000000 RCX: ffff88802412bc00
[ 2008.808271][ T1131] RDX: 0000000000000000 RSI: ffffffff8acac9e0 RDI: ffffffff8b1c89a0
[ 2008.816383][ T1131] RBP: ffffc90004787af8 R08: ffffffff911c356f R09: 1ffffffff22386ad
[ 2008.824396][ T1131] R10: dffffc0000000000 R11: fffffbfff22386ae R12: ffff888069a78c90
[ 2008.832409][ T1131] R13: 1ffff920008f0f4c R14: ffff888059b1b5b8 R15: 000000000000001f
[ 2008.840621][ T1131]  ? __cfg80211_ibss_joined+0x3d2/0x440
[ 2008.846249][ T1131]  ? mutex_lock_nested+0x20/0x20
[ 2008.851364][ T1131]  ? trace_rdev_return_void+0x1c0/0x1c0
[ 2008.857177][ T1131]  cfg80211_process_wdev_events+0x3bc/0x550
[ 2008.863374][ T1131]  cfg80211_process_rdev_events+0xa1/0x110
[ 2008.869252][ T1131]  cfg80211_event_work+0x2f/0x40
[ 2008.874251][ T1131]  ? process_scheduled_works+0x96f/0x15d0
[ 2008.880045][ T1131]  process_scheduled_works+0xa5d/0x15d0
[ 2008.885813][ T1131]  ? worker_attach_to_pool+0x380/0x380
[ 2008.891385][ T1131]  ? assign_work+0x3d2/0x5d0
[ 2008.896059][ T1131]  worker_thread+0xa55/0xfc0
[ 2008.900914][ T1131]  kthread+0x2fa/0x390
[ 2008.905019][ T1131]  ? pr_cont_work+0x560/0x560
[ 2008.909748][ T1131]  ? kthread_blkcg+0xd0/0xd0
[ 2008.914382][ T1131]  ret_from_fork+0x48/0x80
[ 2008.918836][ T1131]  ? kthread_blkcg+0xd0/0xd0
[ 2008.923467][ T1131]  ret_from_fork_asm+0x11/0x20
[ 2008.928336][ T1131]  </TASK>
[ 2008.931948][ T1131] Kernel Offset: disabled
[ 2008.936730][ T1131] Rebooting in 86400 seconds..