last executing test programs:

6.140547021s ago: executing program 3 (id=905):
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x71}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$kcm(0x11, 0xa, 0x300)
socket$kcm(0x11, 0xa, 0x300)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r2, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20040818)
sendmsg$sock(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='k', 0xffffffe2}, {&(0x7f0000000140)="ce15fc9dc237ed5b37773a15b2f2615b0230a382c5bd51f04ff7e6c1f67c42c528244c3436e3d42cd667901a878ce7a4ebb5c55bd9c6f14079c1afebfbd8107a4a469b59ae1543bdc3085d6a10876755db8093b364"}, {&(0x7f0000000040)="fe07e4ad9a397dadc913c79649675cd17df8bf86309a"}, {&(0x7f00000001c0)}], 0x1, &(0x7f0000000080)=[@timestamping={{0x14, 0x1, 0x25, 0x303}}], 0xa}, 0x4000081)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000001004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8", 0x47}], 0x1}, 0x0)

5.474318748s ago: executing program 3 (id=913):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, 0x0, &(0x7f0000000240)=r2}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

5.078290513s ago: executing program 4 (id=917):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$ENABLE_STATS(0x20, &(0x7f0000000000), 0x4)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x5, 0xe2, 0x4, 0x7, 0x0, 0x4, 0xa0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x36, 0x1}, 0x521, 0x6, 0x0, 0x1, 0xfc47, 0x6, 0x9, 0x0, 0x605b5611, 0x0, 0x7fffffff}, r1, 0xe, 0xffffffffffffffff, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e50200000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4000800)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0xe07e872420dfefca)
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0xf1, 0x0, 0x0, 0x4d31, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x10}, 0x100000, 0x7, 0xfffffffc, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_RESET(r4, 0x2403, 0x1)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4000800)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)="1c0000005e007f029e3b470d649bc33b0281bb9f72ab25399cd956c0", 0x1c}], 0x1}, 0x0)
r6 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000240)='cgroup.events\x00', 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
recvmsg$kcm(r5, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x10122)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0xc000)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="a50a0000000000006111600000800000180000000000400000000000000000009500000000000000"], &(0x7f0000000800)='syzkaller\x00'}, 0x94)
sendmsg$SOCK_DESTROY(r3, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000600)={0x1e4, 0x15, 0x20, 0x70bd2a, 0x25dfdbfd, {0x8, 0x8}, [@INET_DIAG_REQ_BYTECODE={0x71, 0x1, "14b27bed16dc4275a538eb36c0c5350dbdcda668498ccc4e8f5460a0c4a57fb69df80ca829fc261c734ae5d7731d11c646166511b5bf8e3d7f426396814d51471b92389f68bba8c1d87b0168c870cd8ad2c919637b19c168c9cbd4ccf2bb6e568bd0fbc30658951864e4672eea"}, @INET_DIAG_REQ_BYTECODE={0xfffffffffffffe93, 0x1, "77efbf7607e75315081259bd5a3a2f9f9dbd9c654bb82e4307b6d5f7f7099a1c38aba45d336fdd2bcb4ccb3e6d41"}, @INET_DIAG_REQ_BYTECODE={0x81, 0x1, "88c7611377d41ba21e90b79f244440cc8da3b42777f9d2645482d26c11b977c05ffa0f309769fc7ba83029a639075c056c71cc828c9be99e99e2f122b19e87fbab4326018a8ddcc4a42c6f2ff53af073e92b2499c6f04892099d04904afeef88eb3518ae73e622a35a5a53f283eb4bf79e03da9f73dee1eb330a501709"}, @INET_DIAG_REQ_BYTECODE={0x4}, @INET_DIAG_REQ_BYTECODE={0x9d, 0x1, "9cb0f24c63d538c24ab2beff3df57c9689b8d591e39013ea8b2fb2695f0054796a5732cfc4976e8dc15a169b530aa1a6256cf2631b67b204020f68bcf70a09ab0fa72864a594a31adb7c883cdcc28596d6ba35f7a58c36ed9f5f577d81e4d92e94ef4f0fe7a087152168a0401adc9913cb1aaab49b94c1e3eb270d892ddc5fe4566f5196cc0e34e538dbf043d590d79bfb315a9c5e074527f9"}]}, 0x1e4}, 0x1, 0x0, 0x0, 0x40080}, 0xd1)
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x40000)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[], 0xf4}, 0x1, 0x0, 0x0, 0x4}, 0x0)

5.012721081s ago: executing program 0 (id=919):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000001"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000480)={r1, 0xffffffffffffffff, 0x60000000}, 0xc)

4.971012833s ago: executing program 3 (id=920):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xdb, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_config_ext={0x4, 0x6}, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
socket$nl_audit(0x10, 0x3, 0x9)
socket$inet(0x2, 0x2, 0x1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001000010700000000000000000a000000060001001700000008000a00", @ANYRES32=r3], 0x24}}, 0x0)
syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000600)={&(0x7f0000000500)=ANY=[@ANYBLOB="fc0000001100000425bd7000fddbdf25100000000c0044800800b600ac14143d09a0b994b73dcbe63a6ad68f34a9be5ffec17cd01bb4be4e9dff0a253d1e23f93e884459d6711aeadbbca1e22d19383b3ac71750e732e0667128306d650d65ed2f216f1ca1e56124aaf034014669bac15d4578a7b8bcbcd9225d9b20060000006bd211152f5a7fa891dd59d836482ed2ccc0ea4437c6839a2d737d1a2f866ae3a1d81cb8d7feb08ba29daa6f66d6973c04e842852264d34d557153aaf4380d592cdd5f68eb3477b776a330652e6b0c1f5449f9b22f9c483a924b973abcbbdfd77361dcfa67a3c5311be0dbecee962a4a9e0e4300"], 0xfc}, 0x1, 0x0, 0x0, 0x4000000}, 0x44000)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2106, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bf8200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet(0x2, 0x2, 0x2c000000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000004000000080000000a00000000000000", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000e91500000000000000030000000040200000"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000001900000095"], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcf}, 0x94)
r8 = socket$kcm(0x28, 0x5, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1000000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="00000000000044f3000000f52e231aeed4e316f8793ca510da10cd400c61b7abc5d5dc000000000000000000c255135ea89cbb6d6d52735170e353b3119b8f24516f9e033cbdd8ded04278745d90d748e3e91bc8e8eedb5b456aeff83fd525cda3e3161fd256089f0c80b9160906c7bfc0597f02e742908e7bd904504114a2ac5543574138e443916ae9329a98980e2657710c02ab4570bedba824b54c061e00e118bb3bb03daee9d73d5af8361f00fafa20a2dbd17c646a6234fa6d92394c7f5f9e6157dd34439011f22e7e46878c5f194fd106ea450fc2059548de141462790ead28abe47063b190403f5918762ba380bde05bdbe6c90633b6d163206547eb8cbd758cca8cf29018d1aad490aacb8cafb04e4f477e39ef74ecb5ec1aed932fb4c5c206278dea0f52df9194cc596d6f094682e1f978ecf9696a08ea1a39465f407da0052b2ec932b0f4062fece35435b0ecb7c644ca7396b88383ddfd8fc342afceb8796f21ac736fe14a2c80af57b35b3d440913829ac175c75646775888a29e05efaf62da535455e849b50c2d3ec5792a2aaeb939e5a785c691be729371f96b80b6978d2009427f58b191b4b5612cb66301767e10b532f41cb38fd8edac5e239b1d37138c0da9e20f5a069b89084c70d2458a8714cfa4db6906e470be46e138c2d407d90d0b831140c602689ddc2026c2001e52873230b7c134d62615138cde531490293b3615633913fa44d7dcdffc2aa7319ff4cc917e92da17414a58e29375eb6f1a8e6d45378f81def5c9e39b44ea04659378a58999ddd23e543ef04a4f0215b393226d8a0bb0d0c518816d36db55d21a0859e1d8098086069c81b99d05eb06549d2b96724bf41b00"/631, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000400", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000b50000009500000000000000"], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x5411, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[], 0x8c}}, 0x0)

4.870353947s ago: executing program 0 (id=921):
bpf$PROG_LOAD(0x5, &(0x7f0000002500)={0x16, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

4.81926429s ago: executing program 0 (id=922):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x58fe7ab67a988db6}, 0x0)

4.214422329s ago: executing program 0 (id=923):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x58fe7ab67a988db6}, 0x0)

4.146604939s ago: executing program 4 (id=926):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x4, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x14, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 10)

3.830090061s ago: executing program 3 (id=927):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, 0x0, 0x3000c085)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0}, 0x18)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x3, 0x8000001946}, 0x0, 0x0, 0x0, 0x7, 0x3fe, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r1 = socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8936, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x0, 0x36, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee68886dd", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000700)={'dummy0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x44}})

3.447064071s ago: executing program 0 (id=928):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x4}, 0xf242, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x40800, 0x0)
close(r2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
socket$kcm(0x2, 0x922000000001, 0x106) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x18) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000f7"], 0x50) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000001, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000140)={0x3, &(0x7f0000000080)=[{0x1, 0x8a, 0x9e}, {0xe, 0x4, 0x2, 0x4}, {0x907, 0x3, 0x0, 0x5}]}) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r4, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)}, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000200000050bb3f1700000000000000040800000000000000000000090300000000000000000000040000"], 0x0, 0x3e}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000017c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x8, '\x00', 0x0, r5, 0x0, 0x1}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000600000000000004000000001500000000000000"], &(0x7f0000000300)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x1}, 0x94) (async)
socket$kcm(0xa, 0x3, 0x73) (async)
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[], 0x280) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r6, 0x0, 0x8000)

3.319168988s ago: executing program 4 (id=929):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_bp={0x0, 0x4}, 0x14105, 0x2e, 0x6, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x10000003, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x18, 0x15, 0x1, 0x0, 0x0, {0xa}, [@typed={0x4}]}, 0x18}}, 0x0)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x10}}], 0x60}, 0x122)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080))
socketpair(0x10, 0x1, 0x28, &(0x7f0000000280))

3.16089078s ago: executing program 1 (id=930):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, 0x0, &(0x7f0000000240)=r2}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

727.842238ms ago: executing program 2 (id=931):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x50)

714.456668ms ago: executing program 1 (id=932):
bpf$PROG_LOAD(0x5, &(0x7f0000002500)={0x16, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

586.633321ms ago: executing program 2 (id=933):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x58fe7ab67a988db6}, 0x0)

586.128227ms ago: executing program 0 (id=934):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r2, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

552.906824ms ago: executing program 1 (id=935):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0x98}}, 0x4c080)

529.64083ms ago: executing program 2 (id=936):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8}, [@call={0x85, 0x0, 0x0, 0x28}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000340)="e02742e8680d85ff9782762d0800", 0x0, 0x5, 0x4000, 0x0, 0x0, 0x0, 0x0}, 0x50)

520.072456ms ago: executing program 3 (id=937):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2005}, [@call={0x85, 0x0, 0x0, 0xe}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffb}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x7c, &(0x7f00000000c0)=[{&(0x7f0000000180)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe55a10a000400110000000a600e41b0000900ac00060411000000160012000a0003150248035c3b61c1d67f6f94207134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

458.426537ms ago: executing program 4 (id=938):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0x7}]}, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)

367.426358ms ago: executing program 4 (id=939):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1900000004000000040000000d"], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000900)={r0, 0x58, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000940), 0x8)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000980)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0xf2d, '\x00', r1, r2, 0x4, 0x1, 0x5}, 0x50)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x78)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r3, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0xb)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000fc007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xcff201a2f74c0e7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f00000005c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x5, [@int={0x5, 0x0, 0x0, 0x1, 0x0, 0x36, 0x0, 0x1c, 0x1}, @enum64={0xf, 0x1, 0x0, 0x13, 0x0, 0xa, [{0xd, 0x35, 0x800}]}]}, {0x0, [0x0, 0x5f, 0x2e]}}, &(0x7f0000000540)=""/58, 0x45, 0x3a, 0x1, 0xa}, 0x28)
sendmsg$nl_route_sched(r2, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)=@gettaction={0x80, 0x32, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@action_gd=@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x400}}]}, @action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x2}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x10800}, 0x20048800)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000006000000040000000000000e0400000000000000000000000100000d040000000400000004000000000000000000000404000000000000000000000a030000000000000061"], 0x0, 0x5a, 0x0, 0x4, 0x80000}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000840)=@o_path={&(0x7f0000000800)='./file0\x00', 0x0, 0x8000, r8}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f1, &(0x7f0000000080))
fstat(r3, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$TUNSETOWNER(r2, 0x400454cc, r9)
socket$l2tp(0x2, 0x2, 0x73)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x3, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000340)='syzkaller\x00', 0x7, 0xb4, &(0x7f0000000480)=""/180, 0x40f00, 0x32, '\x00', r4, 0x25, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x0, 0x10, 0x3, 0x8000}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000006c0)=[r5, r0, r0, r0, r0, r0], &(0x7f0000000700)=[{0x4, 0x1, 0x10, 0xf}, {0x3, 0x4, 0xa, 0x1}, {0x3, 0x1, 0x0, 0x6}], 0x10, 0x7ff}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000001a00)={r6}, 0xc)

363.109768ms ago: executing program 2 (id=940):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r0}, &(0x7f00000002c0), 0x0}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x3, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x94)

359.167164ms ago: executing program 1 (id=941):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000109500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x2, 0x0, 0x1, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x5}, 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000008c0)=ANY=[@ANYBLOB="0c030000120005010400000001dcdf2528001a"], 0x30c}, 0x13, 0x0, 0x0, 0x880}, 0x20040840)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="000000000000001166ffffff1f00000018000000000000000000000000000a009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50af8ff00000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="290600e1fdffff08e000"/20, @ANYRES32=r3, @ANYRES32, @ANYBLOB="020000000300"/28], 0x50) (async, rerun: 64)
socketpair(0x3, 0xa, 0x25, &(0x7f0000000300)={<r5=>0xffffffffffffffff}) (rerun: 64)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r5, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, 0x1, 0x8, 0x1, 0x0, 0x0, {0x3, 0x0, 0xa}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8100}, @CTA_TIMEOUT_DATA={0x3c, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0x3637}, @CTA_TIMEOUT_DCCP_OPEN={0x8, 0x4, 0x1, 0x0, 0x98e}, @CTA_TIMEOUT_DCCP_OPEN={0x8, 0x4, 0x1, 0x0, 0xdae}, @CTA_TIMEOUT_DCCP_RESPOND={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_DCCP_RESPOND={0x8, 0x2, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_DCCP_REQUEST={0x8}, @CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0x3}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}]}, 0x60}, 0x1, 0x0, 0x0, 0x400c820}, 0x881)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0xcc, 0x9f, 0x7, 0x402, r1, 0x1, '\x00', r3, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x80000000000a}, 0x50)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r0, r6}, 0xc)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffff6}, 0x50) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="dbaa00fe4000000071101d040000000095"], &(0x7f0000000480)='syzkaller\x00', 0x5}, 0x94)

231.336259ms ago: executing program 2 (id=942):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x2000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xa0}, 0x1, 0x0, 0x0, 0x8040}, 0x24068000)

193.817374ms ago: executing program 3 (id=943):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x10558, 0x2, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x1e, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000000)=r2, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000440)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, r2, 0x2}, 0x50)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=r1, @ANYBLOB="010400"/20, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="010000000200000003000000000000000000000000000000000000006f6714ff5851c103baba261fdf337433ad6212add1326fda33976622c2efad2d6ae3744be49e9764ae17a44100140877ce6578c0a7d3074f7fefe5670dcc75e02e387efcca9d45485576418fad3140dadd8d1a6bb94e575ef9d0f16c9a295667525c673433e556e6763abc266ba340c12d08f1790fba"], 0x50)
r4 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}, 0x80, 0x0}, 0x20000000)
sendmsg$kcm(r4, &(0x7f0000000240)={&(0x7f0000000580)=@l2tp6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x101, 0x4000}, 0x80, 0x0}, 0x20000000)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90f24fc60", 0x8c0}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000"], 0x48)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x1000000}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x4, 0x4, 0x4, 0x8001, 0x808, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x40}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x280000c0}, 0x0)

192.86357ms ago: executing program 4 (id=944):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x2, 0x922000000001, 0x106)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0xfe, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x2, @perf_config_ext={0x0, 0xd}, 0x0, 0x3, 0x0, 0x8, 0x10001, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x2237}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0xfe, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x2, @perf_config_ext={0x0, 0xd}, 0x0, 0x3, 0x0, 0x8, 0x10001, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x2237}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x4}, 0x100c, 0x0, 0x4, 0x2, 0x0, 0x4}, 0x0, 0x9, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x4}, 0x100c, 0x0, 0x4, 0x2, 0x0, 0x4}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, 0x0, &(0x7f0000000c00)='GPL\x00'}, 0x94)
perf_event_open(0x0, 0x0, 0xe, 0xffffffffffffffff, 0x2) (async)
perf_event_open(0x0, 0x0, 0xe, 0xffffffffffffffff, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000640)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x28}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r2 = socket$kcm(0xa, 0x5, 0x0)
r3 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r3, 0x84, 0x1e, &(0x7f0000000000), 0x10) (async)
setsockopt$sock_attach_bpf(r3, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r4}) (async)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r4})
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8936, &(0x7f0000000000)={r4})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000006000000080000000800000040000000", @ANYRES32, @ANYBLOB="000000007aee7f855e65f9b3f6412008000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r6}, 0x10)

134.484495ms ago: executing program 1 (id=945):
bpf$PROG_LOAD(0x5, &(0x7f0000002500)={0x16, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

40.839457ms ago: executing program 1 (id=946):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x54}, 0x1, 0x0, 0x0, 0x58fe7ab67a988db6}, 0x0)

0s ago: executing program 2 (id=947):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x7, 0x6, 0x3, 0x4139}, 0x50)
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd"], 0xfdef)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x50)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110e22fff6)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x4004743d, 0x110e22fff6)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1943}, 0x5000, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[], 0x48)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000a80)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@rand_addr=0x64010100, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@private0, 0x0, 0x6c}, @in6=@remote, {0x0, 0x40, 0x0, 0x0, 0x0, 0x1f6}, {}, {}, 0x0, 0x3506, 0xa, 0x1, 0x0, 0x40}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000006c0)=ANY=[], 0x20)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[], 0x1c}}, 0x84)
r5 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000001140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x15}, @multicast1}}}], 0x20}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1d, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x8800)
close(0xffffffffffffffff)
close(0x4)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.148' (ED25519) to the list of known hosts.
[   67.368026][ T5847] cgroup: Unknown subsys name 'net'
[   67.559142][ T5847] cgroup: Unknown subsys name 'cpuset'
[   67.567826][ T5847] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   68.942677][ T5847] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   71.218147][ T5860] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   71.236674][ T5860] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   71.244409][ T5860] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   71.253409][ T5860] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   71.266224][ T5860] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.323200][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[   71.329982][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[   71.471911][ T5868] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   71.479995][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   71.488457][ T5868] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   71.497065][ T5868] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   71.504644][ T5868] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   71.536770][ T5874] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   71.543850][ T5874] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   71.558689][ T5869] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   71.569550][ T5874] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   71.571694][ T5869] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   71.584452][ T5869] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   71.586090][ T5874] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   71.592181][ T5869] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   71.606989][ T5869] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   71.615309][ T5869] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   71.616376][ T5874] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   71.623859][ T5869] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   71.631137][ T5876] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   71.646834][ T5877] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   71.663265][ T5876] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   71.750976][ T5857] chnl_net:caif_netlink_parms(): no params data found
[   71.995606][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.003182][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.010989][ T5857] bridge_slave_0: entered allmulticast mode
[   72.018171][ T5857] bridge_slave_0: entered promiscuous mode
[   72.027337][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.034442][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.041744][ T5857] bridge_slave_1: entered allmulticast mode
[   72.049096][ T5857] bridge_slave_1: entered promiscuous mode
[   72.125838][ T5857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.142956][ T5857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.201294][ T5857] team0: Port device team_slave_0 added
[   72.231002][ T5857] team0: Port device team_slave_1 added
[   72.347386][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.354357][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.380542][ T5857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.399162][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.406143][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.432155][ T5857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.460396][ T5864] chnl_net:caif_netlink_parms(): no params data found
[   72.617189][ T5863] chnl_net:caif_netlink_parms(): no params data found
[   72.639632][ T5857] hsr_slave_0: entered promiscuous mode
[   72.646218][ T5857] hsr_slave_1: entered promiscuous mode
[   72.680658][ T5873] chnl_net:caif_netlink_parms(): no params data found
[   72.798901][ T5864] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.806390][ T5864] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.813487][ T5864] bridge_slave_0: entered allmulticast mode
[   72.820616][ T5864] bridge_slave_0: entered promiscuous mode
[   72.828244][ T5862] chnl_net:caif_netlink_parms(): no params data found
[   72.864883][ T5864] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.872804][ T5864] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.880371][ T5864] bridge_slave_1: entered allmulticast mode
[   72.888304][ T5864] bridge_slave_1: entered promiscuous mode
[   73.026217][ T5864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.047616][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.054780][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.062099][ T5863] bridge_slave_0: entered allmulticast mode
[   73.069019][ T5863] bridge_slave_0: entered promiscuous mode
[   73.077723][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.084844][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.092131][ T5863] bridge_slave_1: entered allmulticast mode
[   73.099650][ T5863] bridge_slave_1: entered promiscuous mode
[   73.106865][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.113937][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.121411][ T5873] bridge_slave_0: entered allmulticast mode
[   73.128500][ T5873] bridge_slave_0: entered promiscuous mode
[   73.136180][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.144118][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.151461][ T5873] bridge_slave_1: entered allmulticast mode
[   73.159136][ T5873] bridge_slave_1: entered promiscuous mode
[   73.168098][ T5864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.268118][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.291498][ T5864] team0: Port device team_slave_0 added
[   73.316496][ T5184] Bluetooth: hci0: command tx timeout
[   73.324855][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.336621][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.348962][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.359388][ T5864] team0: Port device team_slave_1 added
[   73.433381][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.442543][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.450073][ T5862] bridge_slave_0: entered allmulticast mode
[   73.458580][ T5862] bridge_slave_0: entered promiscuous mode
[   73.466882][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.473941][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.481209][ T5862] bridge_slave_1: entered allmulticast mode
[   73.488914][ T5862] bridge_slave_1: entered promiscuous mode
[   73.503301][ T5863] team0: Port device team_slave_0 added
[   73.511984][ T5863] team0: Port device team_slave_1 added
[   73.592715][ T5873] team0: Port device team_slave_0 added
[   73.599368][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.606965][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.633202][ T5864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.663162][ T5862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.680032][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.687126][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.715054][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.715658][ T5184] Bluetooth: hci2: command tx timeout
[   73.731280][ T5860] Bluetooth: hci4: command tx timeout
[   73.731399][ T5876] Bluetooth: hci1: command tx timeout
[   73.737425][ T5860] Bluetooth: hci3: command tx timeout
[   73.745171][ T5873] team0: Port device team_slave_1 added
[   73.765370][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.772309][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.798538][ T5864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.811760][ T5862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.849366][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.856493][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.882876][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.905097][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.912070][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.938609][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.960000][ T5862] team0: Port device team_slave_0 added
[   73.971789][ T5862] team0: Port device team_slave_1 added
[   73.982626][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.989831][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.016067][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.105965][ T5864] hsr_slave_0: entered promiscuous mode
[   74.112080][ T5864] hsr_slave_1: entered promiscuous mode
[   74.118597][ T5864] debugfs: 'hsr0' already exists in 'hsr'
[   74.124394][ T5864] Cannot create hsr debugfs directory
[   74.131819][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.139446][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.165470][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.179907][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.187079][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.213083][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.289858][ T5873] hsr_slave_0: entered promiscuous mode
[   74.296501][ T5873] hsr_slave_1: entered promiscuous mode
[   74.302443][ T5873] debugfs: 'hsr0' already exists in 'hsr'
[   74.308625][ T5873] Cannot create hsr debugfs directory
[   74.320356][ T5863] hsr_slave_0: entered promiscuous mode
[   74.326801][ T5863] hsr_slave_1: entered promiscuous mode
[   74.332792][ T5863] debugfs: 'hsr0' already exists in 'hsr'
[   74.338562][ T5863] Cannot create hsr debugfs directory
[   74.444099][ T5857] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   74.460888][ T5862] hsr_slave_0: entered promiscuous mode
[   74.467619][ T5862] hsr_slave_1: entered promiscuous mode
[   74.473572][ T5862] debugfs: 'hsr0' already exists in 'hsr'
[   74.479335][ T5862] Cannot create hsr debugfs directory
[   74.520537][ T5857] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   74.564724][ T5857] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   74.601945][ T5857] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   74.937532][ T5863] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   74.952849][ T5863] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   74.964740][ T5863] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   74.980796][ T5863] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   75.072357][ T5857] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.081440][ T5864] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   75.093339][ T5864] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   75.107871][ T5864] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   75.121248][ T5864] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   75.171252][ T5857] 8021q: adding VLAN 0 to HW filter on device team0
[   75.202217][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.209750][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.249137][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.256356][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.288100][ T5873] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   75.322114][ T5873] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   75.333385][ T5873] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   75.343048][ T5873] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   75.395400][ T5184] Bluetooth: hci0: command tx timeout
[   75.431828][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.472627][ T5862] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   75.500838][ T5862] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   75.524116][ T5862] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   75.549600][ T5863] 8021q: adding VLAN 0 to HW filter on device team0
[   75.564839][ T5862] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   75.591049][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.598223][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.639475][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.646645][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.742629][ T5864] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.788214][ T5864] 8021q: adding VLAN 0 to HW filter on device team0
[   75.799800][ T5184] Bluetooth: hci2: command tx timeout
[   75.805450][ T5184] Bluetooth: hci3: command tx timeout
[   75.805794][ T5874] Bluetooth: hci4: command tx timeout
[   75.817540][ T5860] Bluetooth: hci1: command tx timeout
[   75.849162][ T5857] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.870255][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.877407][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.935956][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.943069][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.016934][ T5857] veth0_vlan: entered promiscuous mode
[   76.060726][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.080055][ T5857] veth1_vlan: entered promiscuous mode
[   76.132122][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.144354][ T5873] 8021q: adding VLAN 0 to HW filter on device team0
[   76.191913][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.199126][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.221117][ T5862] 8021q: adding VLAN 0 to HW filter on device team0
[   76.239628][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.246813][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.313995][ T5857] veth0_macvtap: entered promiscuous mode
[   76.345048][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.352209][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.368821][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.376002][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.412484][ T5873] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   76.423442][ T5873] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   76.448326][ T5857] veth1_macvtap: entered promiscuous mode
[   76.491898][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.554728][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.590818][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.701179][ T5965] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.716749][ T5965] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.756558][ T5965] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.815386][ T4377] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.851933][ T5864] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.058687][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.070136][ T1000] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.101732][ T1000] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.117256][ T5864] veth0_vlan: entered promiscuous mode
[   77.160088][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.172198][ T5864] veth1_vlan: entered promiscuous mode
[   77.181993][ T1898] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.204853][ T1898] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.222183][ T5864] veth0_macvtap: entered promiscuous mode
[   77.242614][ T5864] veth1_macvtap: entered promiscuous mode
[   77.291191][ T5873] veth0_vlan: entered promiscuous mode
[   77.299691][ T5863] veth0_vlan: entered promiscuous mode
[   77.332684][ T5857] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   77.335495][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.364800][ T5873] veth1_vlan: entered promiscuous mode
[   77.398195][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.419038][ T5863] veth1_vlan: entered promiscuous mode
[   77.464694][   T49] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.474426][   T49] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.483790][ T5860] Bluetooth: hci0: command tx timeout
[   77.503458][ T5862] veth0_vlan: entered promiscuous mode
[   77.531712][   T59] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.544096][ T1898] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.555140][    C1] hrtimer: interrupt took 57999 ns
[   77.591038][ T5863] veth0_macvtap: entered promiscuous mode
[   77.678151][ T5863] veth1_macvtap: entered promiscuous mode
[   77.693557][ T5873] veth0_macvtap: entered promiscuous mode
[   77.740358][ T5862] veth1_vlan: entered promiscuous mode
[   77.786228][ T5873] veth1_macvtap: entered promiscuous mode
[   77.825420][ T5981] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.833528][ T5981] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.851557][ T5981] bridge0: entered allmulticast mode
[   77.881485][ T5860] Bluetooth: hci3: command tx timeout
[   77.892220][ T5860] Bluetooth: hci2: command tx timeout
[   77.902132][ T5874] Bluetooth: hci1: command tx timeout
[   77.902268][ T5876] Bluetooth: hci4: command tx timeout
[   77.960815][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.006301][ T5982] bridge_slave_1: left allmulticast mode
[   78.021551][ T5982] bridge_slave_1: left promiscuous mode
[   78.036475][ T5982] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.070326][ T5982] bridge_slave_0: left allmulticast mode
[   78.080600][ T5982] bridge_slave_0: left promiscuous mode
[   78.087252][ T5982] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.167079][ T5981] veth0_vlan: entered allmulticast mode
[   78.182621][ T5979] ªªªªªª: renamed from vlan0
[   78.254781][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.265703][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.299565][ T5862] veth0_macvtap: entered promiscuous mode
[   78.318509][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.339888][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.350534][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.379014][ T5862] veth1_macvtap: entered promiscuous mode
[   78.416950][   T59] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.430897][   T59] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.467481][   T59] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.476551][   T59] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.494850][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.503686][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.514035][   T59] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.528260][   T59] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.585139][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.598747][   T59] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.609435][   T59] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.684609][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.730014][ T5992] pim6reg1: entered promiscuous mode
[   78.735991][ T5992] pim6reg1: entered allmulticast mode
[   78.751421][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.772704][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.872371][ T1000] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.910737][ T1000] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.987543][ T1000] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.008289][ T1000] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.101992][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.120468][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.395866][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.415116][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.525824][ T1898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.544242][ T1898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.557191][ T5876] Bluetooth: hci0: command tx timeout
[   79.955335][ T5876] Bluetooth: hci2: command tx timeout
[   79.955496][ T5860] Bluetooth: hci1: command tx timeout
[   79.965686][ T5876] Bluetooth: hci4: command tx timeout
[   79.966245][ T5874] Bluetooth: hci3: command tx timeout
[   80.065931][ T1000] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.091888][ T1000] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.239169][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.271416][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.283917][ T6043] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   82.067845][ T6062] veth1_macvtap: left promiscuous mode
[   82.074585][ T6062] macsec0: entered promiscuous mode
[   83.821204][ T6077] syzkaller0: entered promiscuous mode
[   83.827020][ T6077] syzkaller0: entered allmulticast mode
[   86.710359][   T24] cfg80211: failed to load regulatory.db
[   90.457174][ T5874] Bluetooth: hci1: ACL packet for unknown connection handle 0
[   93.059484][ T6228] warning: `syz.0.95' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   93.215498][ T6236] netlink: 'syz.0.95': attribute type 10 has an invalid length.
[   93.636845][ T6236] bond0: (slave bond_slave_0): Releasing backup interface
[   94.983347][ T6289] netlink: 'syz.4.118': attribute type 10 has an invalid length.
[   95.541528][   T30] audit: type=1107 audit(1759062340.260:2): pid=6305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[   96.329671][ T6289] bond0: (slave bond_slave_0): Releasing backup interface
[   96.591648][   T30] audit: type=1107 audit(1759062341.310:3): pid=6324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[   98.422100][ T6374] netlink: 4 bytes leftover after parsing attributes in process `syz.4.156'.
[  101.002774][ T6411] pim6reg1: entered promiscuous mode
[  101.009248][ T6411] pim6reg1: entered allmulticast mode
[  101.072784][ T6449] syzkaller0: entered promiscuous mode
[  101.108086][ T6449] syzkaller0: entered allmulticast mode
[  104.998692][ T6498] wg2: entered promiscuous mode
[  105.004039][ T6498] wg2: entered allmulticast mode
[  105.944546][ T6555] netlink: 56 bytes leftover after parsing attributes in process `syz.4.228'.
[  107.120165][ T6606] netlink: 340 bytes leftover after parsing attributes in process `syz.3.250'.
[  108.124876][ T6644] netlink: 104 bytes leftover after parsing attributes in process `syz.3.267'.
[  110.202088][ T6720] netlink: 'syz.0.302': attribute type 1 has an invalid length.
[  110.226780][ T6723] netlink: 8 bytes leftover after parsing attributes in process `syz.2.304'.
[  112.490444][ T6835] netlink: 'syz.3.355': attribute type 10 has an invalid length.
[  112.541596][ T6835] bond0: (slave bond_slave_0): Releasing backup interface
[  113.587480][ T6857] Driver unsupported XDP return value 0 on prog  (id 182) dev N/A, expect packet loss!
[  115.375841][ T6916] FAULT_INJECTION: forcing a failure.
[  115.375841][ T6916] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  115.414087][ T6916] CPU: 1 UID: 0 PID: 6916 Comm: syz.2.390 Not tainted syzkaller #0 PREEMPT(full) 
[  115.414133][ T6916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  115.414160][ T6916] Call Trace:
[  115.414168][ T6916]  <TASK>
[  115.414176][ T6916]  dump_stack_lvl+0x189/0x250
[  115.414207][ T6916]  ? __pfx____ratelimit+0x10/0x10
[  115.414228][ T6916]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.414247][ T6916]  ? __pfx__printk+0x10/0x10
[  115.414269][ T6916]  ? __might_fault+0xb0/0x130
[  115.414297][ T6916]  should_fail_ex+0x414/0x560
[  115.414321][ T6916]  _copy_from_user+0x2d/0xb0
[  115.414338][ T6916]  __sys_bpf+0x1e3/0x860
[  115.414361][ T6916]  ? __pfx___sys_bpf+0x10/0x10
[  115.414396][ T6916]  ? do_syscall_64+0xb7/0x3b0
[  115.414415][ T6916]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  115.414438][ T6916]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  115.414460][ T6916]  ? __pfx_ksys_write+0x10/0x10
[  115.414490][ T6916]  __x64_sys_bpf+0x7c/0x90
[  115.414510][ T6916]  do_syscall_64+0xfa/0x3b0
[  115.414529][ T6916]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.414548][ T6916]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.414564][ T6916]  ? clear_bhb_loop+0x60/0xb0
[  115.414584][ T6916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.414600][ T6916] RIP: 0033:0x7fc50818eec9
[  115.414619][ T6916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.414633][ T6916] RSP: 002b:00007fc509016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  115.414651][ T6916] RAX: ffffffffffffffda RBX: 00007fc5083e5fa0 RCX: 00007fc50818eec9
[  115.414663][ T6916] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  115.414674][ T6916] RBP: 00007fc509016090 R08: 0000000000000000 R09: 0000000000000000
[  115.414684][ T6916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.414693][ T6916] R13: 00007fc5083e6038 R14: 00007fc5083e5fa0 R15: 00007ffe9ef8a7f8
[  115.414722][ T6916]  </TASK>
[  115.698155][ T6918] FAULT_INJECTION: forcing a failure.
[  115.698155][ T6918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.733657][ T6918] CPU: 0 UID: 0 PID: 6918 Comm: syz.2.391 Not tainted syzkaller #0 PREEMPT(full) 
[  115.733679][ T6918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  115.733689][ T6918] Call Trace:
[  115.733695][ T6918]  <TASK>
[  115.733703][ T6918]  dump_stack_lvl+0x189/0x250
[  115.733727][ T6918]  ? __pfx____ratelimit+0x10/0x10
[  115.733748][ T6918]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.733767][ T6918]  ? __pfx__printk+0x10/0x10
[  115.733788][ T6918]  ? __might_fault+0xb0/0x130
[  115.733815][ T6918]  should_fail_ex+0x414/0x560
[  115.733838][ T6918]  _copy_from_user+0x2d/0xb0
[  115.733854][ T6918]  __sys_bpf+0x1e3/0x860
[  115.733877][ T6918]  ? __pfx___sys_bpf+0x10/0x10
[  115.733911][ T6918]  ? do_syscall_64+0xb7/0x3b0
[  115.733930][ T6918]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  115.733953][ T6918]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  115.733975][ T6918]  ? __pfx_ksys_write+0x10/0x10
[  115.733988][ T6918]  ? rcu_is_watching+0x15/0xb0
[  115.734013][ T6918]  __x64_sys_bpf+0x7c/0x90
[  115.734032][ T6918]  do_syscall_64+0xfa/0x3b0
[  115.734051][ T6918]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.734070][ T6918]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.734086][ T6918]  ? clear_bhb_loop+0x60/0xb0
[  115.734105][ T6918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.734121][ T6918] RIP: 0033:0x7fc50818eec9
[  115.734135][ T6918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.734147][ T6918] RSP: 002b:00007fc509016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  115.734162][ T6918] RAX: ffffffffffffffda RBX: 00007fc5083e5fa0 RCX: 00007fc50818eec9
[  115.734173][ T6918] RDX: 0000000000000020 RSI: 0000200000000080 RDI: 0000000000000003
[  115.734182][ T6918] RBP: 00007fc509016090 R08: 0000000000000000 R09: 0000000000000000
[  115.734192][ T6918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.734200][ T6918] R13: 00007fc5083e6038 R14: 00007fc5083e5fa0 R15: 00007ffe9ef8a7f8
[  115.734234][ T6918]  </TASK>
[  117.296057][ T6972] lo speed is unknown, defaulting to 1000
[  117.360707][ T6977] netlink: 'syz.2.415': attribute type 2 has an invalid length.
[  117.403972][ T6972] lo speed is unknown, defaulting to 1000
[  117.458932][ T6972] lo speed is unknown, defaulting to 1000
[  118.431634][ T7008] FAULT_INJECTION: forcing a failure.
[  118.431634][ T7008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.495711][ T7008] CPU: 1 UID: 0 PID: 7008 Comm: syz.3.427 Not tainted syzkaller #0 PREEMPT(full) 
[  118.495729][ T7008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  118.495737][ T7008] Call Trace:
[  118.495742][ T7008]  <TASK>
[  118.495748][ T7008]  dump_stack_lvl+0x189/0x250
[  118.495767][ T7008]  ? __pfx____ratelimit+0x10/0x10
[  118.495783][ T7008]  ? __pfx_dump_stack_lvl+0x10/0x10
[  118.495797][ T7008]  ? __pfx__printk+0x10/0x10
[  118.495813][ T7008]  ? __might_fault+0xb0/0x130
[  118.495834][ T7008]  should_fail_ex+0x414/0x560
[  118.495852][ T7008]  _copy_from_user+0x2d/0xb0
[  118.495864][ T7008]  __sys_bpf+0x1e3/0x860
[  118.495882][ T7008]  ? __pfx___sys_bpf+0x10/0x10
[  118.495929][ T7008]  ? ksys_write+0x22a/0x250
[  118.495944][ T7008]  ? __pfx_ksys_write+0x10/0x10
[  118.495954][ T7008]  ? rcu_is_watching+0x15/0xb0
[  118.495972][ T7008]  __x64_sys_bpf+0x7c/0x90
[  118.495987][ T7008]  do_syscall_64+0xfa/0x3b0
[  118.496002][ T7008]  ? lockdep_hardirqs_on+0x9c/0x150
[  118.496016][ T7008]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.496029][ T7008]  ? clear_bhb_loop+0x60/0xb0
[  118.496045][ T7008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.496057][ T7008] RIP: 0033:0x7f779298eec9
[  118.496070][ T7008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.496080][ T7008] RSP: 002b:00007f77937be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  118.496096][ T7008] RAX: ffffffffffffffda RBX: 00007f7792be6090 RCX: 00007f779298eec9
[  118.496105][ T7008] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000001c
[  118.496114][ T7008] RBP: 00007f77937be090 R08: 0000000000000000 R09: 0000000000000000
[  118.496123][ T7008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.496132][ T7008] R13: 00007f7792be6128 R14: 00007f7792be6090 R15: 00007ffd3e0c9bc8
[  118.496157][ T7008]  </TASK>
[  118.809379][ T6972] infiniband syz2: set active
[  118.815736][ T6972] infiniband syz2: added lo
[  118.816286][   T43] lo speed is unknown, defaulting to 1000
[  118.839745][ T6972] syz2: rxe_create_cq: returned err = -12
[  118.885316][ T6972] infiniband syz2: Couldn't create ib_mad CQ
[  118.929778][ T6972] infiniband syz2: Couldn't open port 1
[  119.053764][ T6972] RDS/IB: syz2: added
[  119.073311][ T6972] smc: adding ib device syz2 with port count 1
[  119.113458][ T6972] smc:    ib device syz2 port 1 has pnetid 
[  119.159526][ T6972] lo speed is unknown, defaulting to 1000
[  119.205949][   T43] lo speed is unknown, defaulting to 1000
[  119.658500][ T7043] syzkaller1: tun_chr_ioctl cmd 1074025681
[  120.020094][ T7063] FAULT_INJECTION: forcing a failure.
[  120.020094][ T7063] name failslab, interval 1, probability 0, space 0, times 0
[  120.055296][ T7063] CPU: 0 UID: 0 PID: 7063 Comm: syz.4.456 Not tainted syzkaller #0 PREEMPT(full) 
[  120.055318][ T7063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  120.055331][ T7063] Call Trace:
[  120.055337][ T7063]  <TASK>
[  120.055344][ T7063]  dump_stack_lvl+0x189/0x250
[  120.055378][ T7063]  ? __pfx____ratelimit+0x10/0x10
[  120.055399][ T7063]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.055418][ T7063]  ? __pfx__printk+0x10/0x10
[  120.055446][ T7063]  ? __pfx___might_resched+0x10/0x10
[  120.055467][ T7063]  should_fail_ex+0x414/0x560
[  120.055491][ T7063]  should_failslab+0xa8/0x100
[  120.055510][ T7063]  __kmalloc_noprof+0xcb/0x4f0
[  120.055525][ T7063]  ? bpf_test_init+0x9f/0x150
[  120.055550][ T7063]  bpf_test_init+0x9f/0x150
[  120.055574][ T7063]  bpf_prog_test_run_skb+0x206/0x1550
[  120.055594][ T7063]  ? __fget_files+0x2a/0x420
[  120.055618][ T7063]  ? __fget_files+0x2a/0x420
[  120.055641][ T7063]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  120.055662][ T7063]  bpf_prog_test_run+0x2c7/0x340
[  120.055689][ T7063]  __sys_bpf+0x562/0x860
[  120.055712][ T7063]  ? __pfx___sys_bpf+0x10/0x10
[  120.055769][ T7063]  ? ksys_write+0x22a/0x250
[  120.055787][ T7063]  ? __pfx_ksys_write+0x10/0x10
[  120.055800][ T7063]  ? rcu_is_watching+0x15/0xb0
[  120.055824][ T7063]  __x64_sys_bpf+0x7c/0x90
[  120.055844][ T7063]  do_syscall_64+0xfa/0x3b0
[  120.055863][ T7063]  ? lockdep_hardirqs_on+0x9c/0x150
[  120.055882][ T7063]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.055898][ T7063]  ? clear_bhb_loop+0x60/0xb0
[  120.055918][ T7063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.055933][ T7063] RIP: 0033:0x7fdf6e78eec9
[  120.055952][ T7063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.055966][ T7063] RSP: 002b:00007fdf6f6a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  120.055990][ T7063] RAX: ffffffffffffffda RBX: 00007fdf6e9e5fa0 RCX: 00007fdf6e78eec9
[  120.056002][ T7063] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  120.056017][ T7063] RBP: 00007fdf6f6a1090 R08: 0000000000000000 R09: 0000000000000000
[  120.056027][ T7063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.056037][ T7063] R13: 00007fdf6e9e6038 R14: 00007fdf6e9e5fa0 R15: 00007ffe775d8108
[  120.056066][ T7063]  </TASK>
[  120.113705][ T6972] lo speed is unknown, defaulting to 1000
[  121.560918][ T6972] lo speed is unknown, defaulting to 1000
[  121.773280][ T7112] FAULT_INJECTION: forcing a failure.
[  121.773280][ T7112] name failslab, interval 1, probability 0, space 0, times 0
[  121.793865][ T7112] CPU: 0 UID: 0 PID: 7112 Comm: syz.0.478 Not tainted syzkaller #0 PREEMPT(full) 
[  121.793887][ T7112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  121.793895][ T7112] Call Trace:
[  121.793902][ T7112]  <TASK>
[  121.793909][ T7112]  dump_stack_lvl+0x189/0x250
[  121.793933][ T7112]  ? __pfx____ratelimit+0x10/0x10
[  121.793953][ T7112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.793972][ T7112]  ? __pfx__printk+0x10/0x10
[  121.793999][ T7112]  ? __pfx___might_resched+0x10/0x10
[  121.794014][ T7112]  ? fs_reclaim_acquire+0x7d/0x100
[  121.794036][ T7112]  should_fail_ex+0x414/0x560
[  121.794059][ T7112]  should_failslab+0xa8/0x100
[  121.794078][ T7112]  __kmalloc_noprof+0xcb/0x4f0
[  121.794093][ T7112]  ? bpf_test_init+0x9f/0x150
[  121.794116][ T7112]  bpf_test_init+0x9f/0x150
[  121.794140][ T7112]  bpf_prog_test_run_xdp+0x49e/0x10e0
[  121.794176][ T7112]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  121.794202][ T7112]  ? __fget_files+0x2a/0x420
[  121.794225][ T7112]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  121.794246][ T7112]  bpf_prog_test_run+0x2c7/0x340
[  121.794272][ T7112]  __sys_bpf+0x562/0x860
[  121.794294][ T7112]  ? __pfx___sys_bpf+0x10/0x10
[  121.794328][ T7112]  ? do_syscall_64+0xb7/0x3b0
[  121.794346][ T7112]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  121.794368][ T7112]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  121.794391][ T7112]  ? __pfx_ksys_write+0x10/0x10
[  121.794404][ T7112]  ? rcu_is_watching+0x15/0xb0
[  121.794428][ T7112]  __x64_sys_bpf+0x7c/0x90
[  121.794448][ T7112]  do_syscall_64+0xfa/0x3b0
[  121.794467][ T7112]  ? lockdep_hardirqs_on+0x9c/0x150
[  121.794486][ T7112]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.794500][ T7112]  ? clear_bhb_loop+0x60/0xb0
[  121.794519][ T7112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.794534][ T7112] RIP: 0033:0x7f21b758eec9
[  121.794549][ T7112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.794562][ T7112] RSP: 002b:00007f21b843b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  121.794580][ T7112] RAX: ffffffffffffffda RBX: 00007f21b77e5fa0 RCX: 00007f21b758eec9
[  121.794591][ T7112] RDX: 0000000000000050 RSI: 0000200000000380 RDI: 000000000000000a
[  121.794602][ T7112] RBP: 00007f21b843b090 R08: 0000000000000000 R09: 0000000000000000
[  121.794612][ T7112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.794621][ T7112] R13: 00007f21b77e6038 R14: 00007f21b77e5fa0 R15: 00007ffe7c8091e8
[  121.794649][ T7112]  </TASK>
[  121.985638][ T6972] lo speed is unknown, defaulting to 1000
[  122.163493][ T7121] FAULT_INJECTION: forcing a failure.
[  122.163493][ T7121] name failslab, interval 1, probability 0, space 0, times 0
[  122.176774][ T7121] CPU: 0 UID: 0 PID: 7121 Comm: syz.1.482 Not tainted syzkaller #0 PREEMPT(full) 
[  122.176796][ T7121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  122.176813][ T7121] Call Trace:
[  122.176820][ T7121]  <TASK>
[  122.176827][ T7121]  dump_stack_lvl+0x189/0x250
[  122.176850][ T7121]  ? __pfx____ratelimit+0x10/0x10
[  122.176871][ T7121]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.176890][ T7121]  ? __pfx__printk+0x10/0x10
[  122.176917][ T7121]  ? __pfx___might_resched+0x10/0x10
[  122.176937][ T7121]  should_fail_ex+0x414/0x560
[  122.176960][ T7121]  should_failslab+0xa8/0x100
[  122.176980][ T7121]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  122.177004][ T7121]  ? __alloc_skb+0x112/0x2d0
[  122.177027][ T7121]  __alloc_skb+0x112/0x2d0
[  122.177051][ T7121]  netlink_sendmsg+0x5c6/0xb30
[  122.177085][ T7121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.177109][ T7121]  ? aa_sock_msg_perm+0xf1/0x1d0
[  122.177131][ T7121]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  122.177151][ T7121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.177172][ T7121]  __sock_sendmsg+0x219/0x270
[  122.177193][ T7121]  ____sys_sendmsg+0x505/0x830
[  122.177221][ T7121]  ? __pfx_____sys_sendmsg+0x10/0x10
[  122.177249][ T7121]  ? import_iovec+0x74/0xa0
[  122.177276][ T7121]  ___sys_sendmsg+0x21f/0x2a0
[  122.177301][ T7121]  ? __pfx____sys_sendmsg+0x10/0x10
[  122.177358][ T7121]  ? __fget_files+0x2a/0x420
[  122.177374][ T7121]  ? __fget_files+0x3a0/0x420
[  122.177402][ T7121]  __x64_sys_sendmsg+0x19b/0x260
[  122.177427][ T7121]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  122.177459][ T7121]  ? __pfx_ksys_write+0x10/0x10
[  122.177471][ T7121]  ? rcu_is_watching+0x15/0xb0
[  122.177492][ T7121]  ? do_syscall_64+0xbe/0x3b0
[  122.177516][ T7121]  do_syscall_64+0xfa/0x3b0
[  122.177534][ T7121]  ? lockdep_hardirqs_on+0x9c/0x150
[  122.177552][ T7121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.177568][ T7121]  ? clear_bhb_loop+0x60/0xb0
[  122.177588][ T7121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.177603][ T7121] RIP: 0033:0x7fc17878eec9
[  122.177618][ T7121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.177632][ T7121] RSP: 002b:00007fc179689038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.177649][ T7121] RAX: ffffffffffffffda RBX: 00007fc1789e5fa0 RCX: 00007fc17878eec9
[  122.177662][ T7121] RDX: 0000000024068000 RSI: 00002000000005c0 RDI: 0000000000000003
[  122.177672][ T7121] RBP: 00007fc179689090 R08: 0000000000000000 R09: 0000000000000000
[  122.177682][ T7121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.177692][ T7121] R13: 00007fc1789e6038 R14: 00007fc1789e5fa0 R15: 00007ffdfe62eb58
[  122.177720][ T7121]  </TASK>
[  122.815063][ T7142] netlink: 1 bytes leftover after parsing attributes in process `syz.0.490'.
[  122.905848][ T7149] netlink: 4276 bytes leftover after parsing attributes in process `syz.1.494'.
[  122.922627][ T7149] netlink: 4276 bytes leftover after parsing attributes in process `syz.1.494'.
[  122.931718][ T7149] netlink: 396 bytes leftover after parsing attributes in process `syz.1.494'.
[  123.693019][ T7165] Zero length message leads to an empty skb
[  123.872663][ T7174] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  123.890322][ T6972] lo speed is unknown, defaulting to 1000
[  124.026162][ T7172] netlink: 48 bytes leftover after parsing attributes in process `syz.0.503'.
[  124.195546][ T7176] =======================================================
[  124.195546][ T7176] WARNING: The mand mount option has been deprecated and
[  124.195546][ T7176]          and is ignored by this kernel. Remove the mand
[  124.195546][ T7176]          option from the mount to silence this warning.
[  124.195546][ T7176] =======================================================
[  129.400855][ T7272] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.547'.
[  129.425590][ T7272] netlink: 65047 bytes leftover after parsing attributes in process `syz.3.547'.
[  129.931467][ T7302] netlink: 'syz.1.561': attribute type 10 has an invalid length.
[  130.022563][ T7299] netlink: 'syz.3.557': attribute type 10 has an invalid length.
[  130.081575][ T7295] lo speed is unknown, defaulting to 1000
[  130.089651][ T7299] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.098303][ T7299] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.223752][ T7299] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.231144][ T7299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.239491][ T7299] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.246832][ T7299] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.378997][ T7299] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  130.909238][ T7339] netlink: 12 bytes leftover after parsing attributes in process `syz.2.579'.
[  131.087951][ T7346] netlink: 12 bytes leftover after parsing attributes in process `syz.0.582'.
[  131.160232][ T7348] netlink: 40 bytes leftover after parsing attributes in process `syz.2.583'.
[  131.721337][ T7371] netlink: 12 bytes leftover after parsing attributes in process `syz.3.593'.
[  131.960950][ T7385] netlink: 12 bytes leftover after parsing attributes in process `syz.1.598'.
[  132.637870][ T7412] netlink: 12 bytes leftover after parsing attributes in process `syz.3.609'.
[  132.761344][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  132.771526][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  132.795606][ T7422] netlink: 12 bytes leftover after parsing attributes in process `syz.4.613'.
[  133.541501][ T7460] netlink: 'syz.4.632': attribute type 10 has an invalid length.
[  133.568012][ T7460] netlink: 55 bytes leftover after parsing attributes in process `syz.4.632'.
[  133.778503][ T7467] FAULT_INJECTION: forcing a failure.
[  133.778503][ T7467] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.832551][ T7467] CPU: 0 UID: 0 PID: 7467 Comm: syz.3.635 Not tainted syzkaller #0 PREEMPT(full) 
[  133.832575][ T7467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  133.832585][ T7467] Call Trace:
[  133.832595][ T7467]  <TASK>
[  133.832606][ T7467]  dump_stack_lvl+0x189/0x250
[  133.832638][ T7467]  ? __pfx____ratelimit+0x10/0x10
[  133.832666][ T7467]  ? __pfx_dump_stack_lvl+0x10/0x10
[  133.832694][ T7467]  ? __pfx__printk+0x10/0x10
[  133.832789][ T7467]  should_fail_ex+0x414/0x560
[  133.832839][ T7467]  _copy_to_user+0x31/0xb0
[  133.832873][ T7467]  bpf_test_finish+0x1ab/0x700
[  133.832943][ T7467]  ? __pfx_bpf_test_finish+0x10/0x10
[  133.833003][ T7467]  ? bpf_test_init+0x113/0x150
[  133.833045][ T7467]  bpf_prog_test_run_xdp+0x893/0x10e0
[  133.833145][ T7467]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  133.833192][ T7467]  ? __fget_files+0x2a/0x420
[  133.833238][ T7467]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  133.833270][ T7467]  bpf_prog_test_run+0x2c7/0x340
[  133.833318][ T7467]  __sys_bpf+0x562/0x860
[  133.833358][ T7467]  ? __pfx___sys_bpf+0x10/0x10
[  133.833475][ T7467]  ? ksys_write+0x22a/0x250
[  133.833517][ T7467]  ? __pfx_ksys_write+0x10/0x10
[  133.833530][ T7467]  ? rcu_is_watching+0x15/0xb0
[  133.833588][ T7467]  __x64_sys_bpf+0x7c/0x90
[  133.833620][ T7467]  do_syscall_64+0xfa/0x3b0
[  133.833641][ T7467]  ? lockdep_hardirqs_on+0x9c/0x150
[  133.833666][ T7467]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.833685][ T7467]  ? clear_bhb_loop+0x60/0xb0
[  133.833721][ T7467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.833738][ T7467] RIP: 0033:0x7f779298eec9
[  133.833767][ T7467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.833781][ T7467] RSP: 002b:00007f77937df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  133.833799][ T7467] RAX: ffffffffffffffda RBX: 00007f7792be5fa0 RCX: 00007f779298eec9
[  133.833811][ T7467] RDX: 0000000000000050 RSI: 0000200000000380 RDI: 000000000000000a
[  133.833822][ T7467] RBP: 00007f77937df090 R08: 0000000000000000 R09: 0000000000000000
[  133.833831][ T7467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.833841][ T7467] R13: 00007f7792be6038 R14: 00007f7792be5fa0 R15: 00007ffd3e0c9bc8
[  133.833927][ T7467]  </TASK>
[  134.698930][ T7481] netlink: 'syz.3.639': attribute type 8 has an invalid length.
[  134.734534][ T7481] netlink: 'syz.3.639': attribute type 1 has an invalid length.
[  135.346157][ T7521] FAULT_INJECTION: forcing a failure.
[  135.346157][ T7521] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.410405][ T7521] CPU: 0 UID: 0 PID: 7521 Comm: syz.2.654 Not tainted syzkaller #0 PREEMPT(full) 
[  135.410429][ T7521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  135.410439][ T7521] Call Trace:
[  135.410446][ T7521]  <TASK>
[  135.410454][ T7521]  dump_stack_lvl+0x189/0x250
[  135.410478][ T7521]  ? __pfx____ratelimit+0x10/0x10
[  135.410499][ T7521]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.410519][ T7521]  ? __pfx__printk+0x10/0x10
[  135.410543][ T7521]  ? __might_fault+0xb0/0x130
[  135.410563][ T7521]  ? __might_fault+0xb0/0x130
[  135.410586][ T7521]  should_fail_ex+0x414/0x560
[  135.410617][ T7521]  _copy_from_user+0x2d/0xb0
[  135.410634][ T7521]  ___sys_sendmsg+0x158/0x2a0
[  135.410661][ T7521]  ? __pfx____sys_sendmsg+0x10/0x10
[  135.410711][ T7521]  ? __fget_files+0x2a/0x420
[  135.410745][ T7521]  ? __fget_files+0x2a/0x420
[  135.410761][ T7521]  ? __fget_files+0x3a0/0x420
[  135.410795][ T7521]  __x64_sys_sendmsg+0x19b/0x260
[  135.410822][ T7521]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  135.410857][ T7521]  ? __pfx_ksys_write+0x10/0x10
[  135.410869][ T7521]  ? rcu_is_watching+0x15/0xb0
[  135.410892][ T7521]  ? do_syscall_64+0xbe/0x3b0
[  135.410917][ T7521]  do_syscall_64+0xfa/0x3b0
[  135.410934][ T7521]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.410953][ T7521]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.410969][ T7521]  ? clear_bhb_loop+0x60/0xb0
[  135.410990][ T7521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.411005][ T7521] RIP: 0033:0x7fc50818eec9
[  135.411020][ T7521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.411033][ T7521] RSP: 002b:00007fc509016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  135.411050][ T7521] RAX: ffffffffffffffda RBX: 00007fc5083e5fa0 RCX: 00007fc50818eec9
[  135.411062][ T7521] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  135.411071][ T7521] RBP: 00007fc509016090 R08: 0000000000000000 R09: 0000000000000000
[  135.411080][ T7521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.411089][ T7521] R13: 00007fc5083e6038 R14: 00007fc5083e5fa0 R15: 00007ffe9ef8a7f8
[  135.411121][ T7521]  </TASK>
[  135.718740][ T7528] netlink: 12 bytes leftover after parsing attributes in process `syz.3.657'.
[  135.735460][ T7523] netlink: 'syz.4.653': attribute type 10 has an invalid length.
[  135.761166][ T7523] 8021q: adding VLAN 0 to HW filter on device batadv0
[  135.770234][ T7523] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  135.789423][ T7523] netlink: 'syz.4.653': attribute type 10 has an invalid length.
[  135.848008][ T7523] netlink: 40 bytes leftover after parsing attributes in process `syz.4.653'.
[  135.864704][ T7523] batadv0: entered promiscuous mode
[  135.870460][ T7523] batadv0: entered allmulticast mode
[  135.929706][ T7523] bond0: (slave batadv0): Releasing backup interface
[  135.989451][ T7523] bridge0: port 3(batadv0) entered blocking state
[  136.013969][ T7523] bridge0: port 3(batadv0) entered disabled state
[  136.278827][   T36] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  136.288554][   T36] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  136.857605][ T7574] FAULT_INJECTION: forcing a failure.
[  136.857605][ T7574] name failslab, interval 1, probability 0, space 0, times 0
[  136.962502][ T7574] CPU: 1 UID: 0 PID: 7574 Comm: syz.0.675 Not tainted syzkaller #0 PREEMPT(full) 
[  136.962525][ T7574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  136.962535][ T7574] Call Trace:
[  136.962542][ T7574]  <TASK>
[  136.962549][ T7574]  dump_stack_lvl+0x189/0x250
[  136.962573][ T7574]  ? __pfx____ratelimit+0x10/0x10
[  136.962593][ T7574]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.962612][ T7574]  ? __pfx__printk+0x10/0x10
[  136.962636][ T7574]  ? __pfx___might_resched+0x10/0x10
[  136.962652][ T7574]  ? fs_reclaim_acquire+0x7d/0x100
[  136.962675][ T7574]  should_fail_ex+0x414/0x560
[  136.962698][ T7574]  should_failslab+0xa8/0x100
[  136.962717][ T7574]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  136.962741][ T7574]  ? __alloc_skb+0x112/0x2d0
[  136.962766][ T7574]  __alloc_skb+0x112/0x2d0
[  136.962790][ T7574]  alloc_skb_with_frags+0xca/0x890
[  136.962825][ T7574]  sock_alloc_send_pskb+0x857/0x990
[  136.962860][ T7574]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  136.962881][ T7574]  ? dev_get_by_index+0x22/0x2e0
[  136.962897][ T7574]  ? dev_get_by_index+0x22/0x2e0
[  136.962920][ T7574]  packet_sendmsg+0x33a0/0x5080
[  136.962947][ T7574]  ? aa_pivotroot+0xa60/0x13c0
[  136.962983][ T7574]  ? __pfx___might_resched+0x10/0x10
[  136.962997][ T7574]  ? __lock_acquire+0xab9/0xd20
[  136.963035][ T7574]  ? __pfx_packet_sendmsg+0x10/0x10
[  136.963049][ T7574]  ? aa_sk_perm+0x81e/0x950
[  136.963073][ T7574]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  136.963099][ T7574]  ? __lock_acquire+0xab9/0xd20
[  136.963118][ T7574]  ? aa_sock_msg_perm+0xf1/0x1d0
[  136.963139][ T7574]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  136.963159][ T7574]  ? __pfx_packet_sendmsg+0x10/0x10
[  136.963176][ T7574]  __sock_sendmsg+0x219/0x270
[  136.963197][ T7574]  ____sys_sendmsg+0x505/0x830
[  136.963236][ T7574]  ? __pfx_____sys_sendmsg+0x10/0x10
[  136.963267][ T7574]  ? import_iovec+0x74/0xa0
[  136.963293][ T7574]  ___sys_sendmsg+0x21f/0x2a0
[  136.963318][ T7574]  ? __pfx____sys_sendmsg+0x10/0x10
[  136.963376][ T7574]  ? __fget_files+0x2a/0x420
[  136.963393][ T7574]  ? __fget_files+0x3a0/0x420
[  136.963422][ T7574]  __x64_sys_sendmsg+0x19b/0x260
[  136.963446][ T7574]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  136.963478][ T7574]  ? __pfx_ksys_write+0x10/0x10
[  136.963491][ T7574]  ? rcu_is_watching+0x15/0xb0
[  136.963512][ T7574]  ? do_syscall_64+0xbe/0x3b0
[  136.963540][ T7574]  do_syscall_64+0xfa/0x3b0
[  136.963559][ T7574]  ? lockdep_hardirqs_on+0x9c/0x150
[  136.963578][ T7574]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.963593][ T7574]  ? clear_bhb_loop+0x60/0xb0
[  136.963613][ T7574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.963629][ T7574] RIP: 0033:0x7f21b758eec9
[  136.963643][ T7574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.963657][ T7574] RSP: 002b:00007f21b843b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.963674][ T7574] RAX: ffffffffffffffda RBX: 00007f21b77e5fa0 RCX: 00007f21b758eec9
[  136.963686][ T7574] RDX: 0000000000008010 RSI: 0000200000000040 RDI: 0000000000000003
[  136.963696][ T7574] RBP: 00007f21b843b090 R08: 0000000000000000 R09: 0000000000000000
[  136.963706][ T7574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.963715][ T7574] R13: 00007f21b77e6038 R14: 00007f21b77e5fa0 R15: 00007ffe7c8091e8
[  136.963743][ T7574]  </TASK>
[  138.163622][ T7622] netlink: 32 bytes leftover after parsing attributes in process `syz.1.691'.
[  138.330664][ T7630] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  138.345712][ T7630] syzkaller0: entered promiscuous mode
[  138.351281][ T7630] syzkaller0: entered allmulticast mode
[  138.382246][ T7631] pimreg: tun_chr_ioctl cmd 1074025678
[  138.390027][ T7631] pimreg: group set to 0
[  138.462308][ T7633] FAULT_INJECTION: forcing a failure.
[  138.462308][ T7633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.476938][ T7633] CPU: 1 UID: 0 PID: 7633 Comm: syz.0.697 Not tainted syzkaller #0 PREEMPT(full) 
[  138.476960][ T7633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  138.476970][ T7633] Call Trace:
[  138.476977][ T7633]  <TASK>
[  138.476984][ T7633]  dump_stack_lvl+0x189/0x250
[  138.477009][ T7633]  ? __pfx____ratelimit+0x10/0x10
[  138.477038][ T7633]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.477057][ T7633]  ? __pfx__printk+0x10/0x10
[  138.477095][ T7633]  should_fail_ex+0x414/0x560
[  138.477121][ T7633]  _copy_to_user+0x31/0xb0
[  138.477140][ T7633]  bpf_test_finish+0x24e/0x700
[  138.477172][ T7633]  ? __pfx_bpf_test_finish+0x10/0x10
[  138.477200][ T7633]  ? rep_movs_alternative+0x4a/0x90
[  138.477222][ T7633]  bpf_prog_test_run_xdp+0x893/0x10e0
[  138.477262][ T7633]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  138.477289][ T7633]  ? __fget_files+0x2a/0x420
[  138.477312][ T7633]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  138.477334][ T7633]  bpf_prog_test_run+0x2c7/0x340
[  138.477361][ T7633]  __sys_bpf+0x562/0x860
[  138.477385][ T7633]  ? __pfx___sys_bpf+0x10/0x10
[  138.477425][ T7633]  ? do_syscall_64+0xb7/0x3b0
[  138.477443][ T7633]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  138.477467][ T7633]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  138.477490][ T7633]  ? __pfx_ksys_write+0x10/0x10
[  138.477503][ T7633]  ? rcu_is_watching+0x15/0xb0
[  138.477530][ T7633]  __x64_sys_bpf+0x7c/0x90
[  138.477551][ T7633]  do_syscall_64+0xfa/0x3b0
[  138.477570][ T7633]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.477587][ T7633]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.477603][ T7633]  ? clear_bhb_loop+0x60/0xb0
[  138.477624][ T7633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.477639][ T7633] RIP: 0033:0x7f21b758eec9
[  138.477654][ T7633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.477667][ T7633] RSP: 002b:00007f21b843b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  138.477684][ T7633] RAX: ffffffffffffffda RBX: 00007f21b77e5fa0 RCX: 00007f21b758eec9
[  138.477696][ T7633] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  138.477706][ T7633] RBP: 00007f21b843b090 R08: 0000000000000000 R09: 0000000000000000
[  138.477715][ T7633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.477725][ T7633] R13: 00007f21b77e6038 R14: 00007f21b77e5fa0 R15: 00007ffe7c8091e8
[  138.477757][ T7633]  </TASK>
[  139.964163][ T7674] FAULT_INJECTION: forcing a failure.
[  139.964163][ T7674] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.014524][ T7674] CPU: 0 UID: 0 PID: 7674 Comm: syz.1.712 Not tainted syzkaller #0 PREEMPT(full) 
[  140.014547][ T7674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  140.014561][ T7674] Call Trace:
[  140.014571][ T7674]  <TASK>
[  140.014581][ T7674]  dump_stack_lvl+0x189/0x250
[  140.014613][ T7674]  ? __pfx____ratelimit+0x10/0x10
[  140.014641][ T7674]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.014669][ T7674]  ? __pfx__printk+0x10/0x10
[  140.014706][ T7674]  ? __might_fault+0xb0/0x130
[  140.014742][ T7674]  ? __might_fault+0xb0/0x130
[  140.014797][ T7674]  should_fail_ex+0x414/0x560
[  140.014853][ T7674]  _copy_from_user+0x2d/0xb0
[  140.014879][ T7674]  __sys_bpf+0x1e3/0x860
[  140.014920][ T7674]  ? __pfx___sys_bpf+0x10/0x10
[  140.015024][ T7674]  ? ksys_write+0x22a/0x250
[  140.015062][ T7674]  ? __pfx_ksys_write+0x10/0x10
[  140.015075][ T7674]  ? rcu_is_watching+0x15/0xb0
[  140.015130][ T7674]  __x64_sys_bpf+0x7c/0x90
[  140.015162][ T7674]  do_syscall_64+0xfa/0x3b0
[  140.015185][ T7674]  ? lockdep_hardirqs_on+0x9c/0x150
[  140.015208][ T7674]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.015227][ T7674]  ? clear_bhb_loop+0x60/0xb0
[  140.015260][ T7674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.015277][ T7674] RIP: 0033:0x7fc17878eec9
[  140.015298][ T7674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.015312][ T7674] RSP: 002b:00007fc179689038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  140.015329][ T7674] RAX: ffffffffffffffda RBX: 00007fc1789e5fa0 RCX: 00007fc17878eec9
[  140.015341][ T7674] RDX: 0000000000000050 RSI: 0000200000000380 RDI: 000000000000000a
[  140.015352][ T7674] RBP: 00007fc179689090 R08: 0000000000000000 R09: 0000000000000000
[  140.015362][ T7674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.015371][ T7674] R13: 00007fc1789e6038 R14: 00007fc1789e5fa0 R15: 00007ffdfe62eb58
[  140.015456][ T7674]  </TASK>
[  144.589164][ T7697] netlink: 'syz.4.721': attribute type 10 has an invalid length.
[  144.664853][ T7698] netlink: 'syz.4.721': attribute type 11 has an invalid length.
[  144.706371][ T7698] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.721'.
[  145.604754][ T7695] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.653813][ T7708] netlink: 'syz.2.724': attribute type 39 has an invalid length.
[  146.612055][ T7715] FAULT_INJECTION: forcing a failure.
[  146.612055][ T7715] name failslab, interval 1, probability 0, space 0, times 0
[  146.630328][ T7715] CPU: 1 UID: 0 PID: 7715 Comm: syz.0.727 Not tainted syzkaller #0 PREEMPT(full) 
[  146.630351][ T7715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  146.630361][ T7715] Call Trace:
[  146.630370][ T7715]  <TASK>
[  146.630381][ T7715]  dump_stack_lvl+0x189/0x250
[  146.630411][ T7715]  ? __pfx____ratelimit+0x10/0x10
[  146.630440][ T7715]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.630468][ T7715]  ? __pfx__printk+0x10/0x10
[  146.630533][ T7715]  ? __pfx___might_resched+0x10/0x10
[  146.630584][ T7715]  should_fail_ex+0x414/0x560
[  146.630635][ T7715]  should_failslab+0xa8/0x100
[  146.630666][ T7715]  __kmalloc_cache_noprof+0x70/0x3d0
[  146.630685][ T7715]  ? bpf_raw_tp_link_attach+0x24e/0x6c0
[  146.630729][ T7715]  bpf_raw_tp_link_attach+0x24e/0x6c0
[  146.630766][ T7715]  ? __fget_files+0x2a/0x420
[  146.630794][ T7715]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  146.630872][ T7715]  ? __fget_files+0x2a/0x420
[  146.630938][ T7715]  bpf_raw_tracepoint_open+0x1b2/0x220
[  146.630982][ T7715]  __sys_bpf+0x73e/0x860
[  146.631023][ T7715]  ? __pfx___sys_bpf+0x10/0x10
[  146.631127][ T7715]  ? ksys_write+0x22a/0x250
[  146.631162][ T7715]  ? __pfx_ksys_write+0x10/0x10
[  146.631175][ T7715]  ? rcu_is_watching+0x15/0xb0
[  146.631233][ T7715]  __x64_sys_bpf+0x7c/0x90
[  146.631265][ T7715]  do_syscall_64+0xfa/0x3b0
[  146.631287][ T7715]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.631311][ T7715]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.631330][ T7715]  ? clear_bhb_loop+0x60/0xb0
[  146.631367][ T7715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.631384][ T7715] RIP: 0033:0x7f21b758eec9
[  146.631405][ T7715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.631419][ T7715] RSP: 002b:00007f21b843b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  146.631437][ T7715] RAX: ffffffffffffffda RBX: 00007f21b77e5fa0 RCX: 00007f21b758eec9
[  146.631449][ T7715] RDX: 0000000000000010 RSI: 0000200000000480 RDI: 0000000000000011
[  146.631459][ T7715] RBP: 00007f21b843b090 R08: 0000000000000000 R09: 0000000000000000
[  146.631469][ T7715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.631479][ T7715] R13: 00007f21b77e6038 R14: 00007f21b77e5fa0 R15: 00007ffe7c8091e8
[  146.631570][ T7715]  </TASK>
[  148.654203][ T7697] team0: Port device wlan1 added
[  148.697586][ T7708] veth0_macvtap: left promiscuous mode
[  152.766820][ T7779] netlink: 'syz.0.753': attribute type 10 has an invalid length.
[  153.535015][ T7798] netlink: 'syz.1.760': attribute type 13 has an invalid length.
[  153.543603][ T7798] netlink: 4 bytes leftover after parsing attributes in process `syz.1.760'.
[  153.726079][ T7807] FAULT_INJECTION: forcing a failure.
[  153.726079][ T7807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.805321][ T7807] CPU: 1 UID: 0 PID: 7807 Comm: syz.4.763 Not tainted syzkaller #0 PREEMPT(full) 
[  153.805344][ T7807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  153.805353][ T7807] Call Trace:
[  153.805359][ T7807]  <TASK>
[  153.805366][ T7807]  dump_stack_lvl+0x189/0x250
[  153.805389][ T7807]  ? __pfx____ratelimit+0x10/0x10
[  153.805410][ T7807]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.805429][ T7807]  ? __pfx__printk+0x10/0x10
[  153.805465][ T7807]  should_fail_ex+0x414/0x560
[  153.805488][ T7807]  _copy_to_user+0x31/0xb0
[  153.805506][ T7807]  bpf_prog_test_run_raw_tp+0x503/0x6a0
[  153.805534][ T7807]  ? __pfx_bpf_prog_test_run_raw_tp+0x10/0x10
[  153.805556][ T7807]  ? __fget_files+0x2a/0x420
[  153.805579][ T7807]  ? __pfx_bpf_prog_test_run_raw_tp+0x10/0x10
[  153.805608][ T7807]  bpf_prog_test_run+0x2c7/0x340
[  153.805634][ T7807]  __sys_bpf+0x562/0x860
[  153.805657][ T7807]  ? __pfx___sys_bpf+0x10/0x10
[  153.805694][ T7807]  ? ksys_write+0x22a/0x250
[  153.805712][ T7807]  ? __pfx_ksys_write+0x10/0x10
[  153.805725][ T7807]  ? rcu_is_watching+0x15/0xb0
[  153.805749][ T7807]  __x64_sys_bpf+0x7c/0x90
[  153.805769][ T7807]  do_syscall_64+0xfa/0x3b0
[  153.805788][ T7807]  ? lockdep_hardirqs_on+0x9c/0x150
[  153.805806][ T7807]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.805822][ T7807]  ? clear_bhb_loop+0x60/0xb0
[  153.805842][ T7807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.805857][ T7807] RIP: 0033:0x7fdf6e78eec9
[  153.805871][ T7807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.805885][ T7807] RSP: 002b:00007fdf6f6a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  153.805902][ T7807] RAX: ffffffffffffffda RBX: 00007fdf6e9e5fa0 RCX: 00007fdf6e78eec9
[  153.805914][ T7807] RDX: 000000000000000c RSI: 0000200000001a00 RDI: 000000000000000a
[  153.805924][ T7807] RBP: 00007fdf6f6a1090 R08: 0000000000000000 R09: 0000000000000000
[  153.805934][ T7807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.805943][ T7807] R13: 00007fdf6e9e6038 R14: 00007fdf6e9e5fa0 R15: 00007ffe775d8108
[  153.805972][ T7807]  </TASK>
[  153.873226][ T7814] netlink: 'syz.0.767': attribute type 22 has an invalid length.
[  154.134056][ T7823] netlink: 'syz.3.768': attribute type 1 has an invalid length.
[  154.213967][ T7831] FAULT_INJECTION: forcing a failure.
[  154.213967][ T7831] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.230774][ T7831] CPU: 1 UID: 0 PID: 7831 Comm: syz.4.772 Not tainted syzkaller #0 PREEMPT(full) 
[  154.230796][ T7831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  154.230805][ T7831] Call Trace:
[  154.230812][ T7831]  <TASK>
[  154.230819][ T7831]  dump_stack_lvl+0x189/0x250
[  154.230844][ T7831]  ? __pfx____ratelimit+0x10/0x10
[  154.230864][ T7831]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.230883][ T7831]  ? __pfx__printk+0x10/0x10
[  154.230917][ T7831]  should_fail_ex+0x414/0x560
[  154.230940][ T7831]  _copy_to_user+0x31/0xb0
[  154.230958][ T7831]  bpf_obj_get_info_by_fd+0x2a25/0x3160
[  154.230997][ T7831]  ? __pfx_bpf_obj_get_info_by_fd+0x10/0x10
[  154.231018][ T7831]  ? __lock_acquire+0xab9/0xd20
[  154.231092][ T7831]  ? bpf_lsm_bpf+0x9/0x20
[  154.231106][ T7831]  ? security_bpf+0x7e/0x300
[  154.231126][ T7831]  __sys_bpf+0x5b3/0x860
[  154.231148][ T7831]  ? __pfx___sys_bpf+0x10/0x10
[  154.231184][ T7831]  ? ksys_write+0x22a/0x250
[  154.231202][ T7831]  ? __pfx_ksys_write+0x10/0x10
[  154.231215][ T7831]  ? rcu_is_watching+0x15/0xb0
[  154.231239][ T7831]  __x64_sys_bpf+0x7c/0x90
[  154.231258][ T7831]  do_syscall_64+0xfa/0x3b0
[  154.231277][ T7831]  ? lockdep_hardirqs_on+0x9c/0x150
[  154.231296][ T7831]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.231312][ T7831]  ? clear_bhb_loop+0x60/0xb0
[  154.231332][ T7831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.231347][ T7831] RIP: 0033:0x7fdf6e78eec9
[  154.231363][ T7831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.231376][ T7831] RSP: 002b:00007fdf6f6a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  154.231393][ T7831] RAX: ffffffffffffffda RBX: 00007fdf6e9e5fa0 RCX: 00007fdf6e78eec9
[  154.231405][ T7831] RDX: 0000000000000010 RSI: 00002000000004c0 RDI: 000000000000000f
[  154.231415][ T7831] RBP: 00007fdf6f6a1090 R08: 0000000000000000 R09: 0000000000000000
[  154.231424][ T7831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.231433][ T7831] R13: 00007fdf6e9e6038 R14: 00007fdf6e9e5fa0 R15: 00007ffe775d8108
[  154.231461][ T7831]  </TASK>
[  154.785029][ T7844] netlink: 'syz.4.774': attribute type 10 has an invalid length.
[  155.567814][ T7867] netlink: 'syz.4.785': attribute type 2 has an invalid length.
[  155.633209][ T7867] netlink: 'syz.4.785': attribute type 2 has an invalid length.
[  155.682717][ T7867] netlink: 51 bytes leftover after parsing attributes in process `syz.4.785'.
[  156.536813][ T7893] netlink: 12 bytes leftover after parsing attributes in process `syz.3.797'.
[  156.587297][ T7895] caif0: entered promiscuous mode
[  156.599510][ T7895] caif0: entered allmulticast mode
[  158.093703][ T7944] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  158.223255][ T7953] FAULT_INJECTION: forcing a failure.
[  158.223255][ T7953] name failslab, interval 1, probability 0, space 0, times 0
[  158.265306][ T7953] CPU: 0 UID: 0 PID: 7953 Comm: syz.1.822 Not tainted syzkaller #0 PREEMPT(full) 
[  158.265329][ T7953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  158.265339][ T7953] Call Trace:
[  158.265345][ T7953]  <TASK>
[  158.265352][ T7953]  dump_stack_lvl+0x189/0x250
[  158.265383][ T7953]  ? __pfx____ratelimit+0x10/0x10
[  158.265402][ T7953]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.265420][ T7953]  ? __pfx__printk+0x10/0x10
[  158.265444][ T7953]  ? __pfx___might_resched+0x10/0x10
[  158.265459][ T7953]  ? fs_reclaim_acquire+0x7d/0x100
[  158.265481][ T7953]  should_fail_ex+0x414/0x560
[  158.265504][ T7953]  should_failslab+0xa8/0x100
[  158.265521][ T7953]  __kmalloc_noprof+0xcb/0x4f0
[  158.265536][ T7953]  ? sock_kmalloc+0xd6/0x160
[  158.265555][ T7953]  sock_kmalloc+0xd6/0x160
[  158.265570][ T7953]  ____sys_sendmsg+0x1b5/0x830
[  158.265599][ T7953]  ? __pfx_____sys_sendmsg+0x10/0x10
[  158.265630][ T7953]  ? import_iovec+0x74/0xa0
[  158.265656][ T7953]  ___sys_sendmsg+0x21f/0x2a0
[  158.265681][ T7953]  ? __pfx____sys_sendmsg+0x10/0x10
[  158.265737][ T7953]  ? __fget_files+0x2a/0x420
[  158.265754][ T7953]  ? __fget_files+0x3a0/0x420
[  158.265781][ T7953]  __x64_sys_sendmsg+0x19b/0x260
[  158.265806][ T7953]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  158.265839][ T7953]  ? __pfx_ksys_write+0x10/0x10
[  158.265851][ T7953]  ? rcu_is_watching+0x15/0xb0
[  158.265872][ T7953]  ? do_syscall_64+0xbe/0x3b0
[  158.265895][ T7953]  do_syscall_64+0xfa/0x3b0
[  158.265912][ T7953]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.265931][ T7953]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.265947][ T7953]  ? clear_bhb_loop+0x60/0xb0
[  158.265967][ T7953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.265982][ T7953] RIP: 0033:0x7fc17878eec9
[  158.265995][ T7953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.266006][ T7953] RSP: 002b:00007fc179689038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.266022][ T7953] RAX: ffffffffffffffda RBX: 00007fc1789e5fa0 RCX: 00007fc17878eec9
[  158.266033][ T7953] RDX: 0000000000000000 RSI: 0000200000000b40 RDI: 0000000000000003
[  158.266043][ T7953] RBP: 00007fc179689090 R08: 0000000000000000 R09: 0000000000000000
[  158.266052][ T7953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.266060][ T7953] R13: 00007fc1789e6038 R14: 00007fc1789e5fa0 R15: 00007ffdfe62eb58
[  158.266086][ T7953]  </TASK>
[  158.811470][ T7961] netlink: 24 bytes leftover after parsing attributes in process `syz.4.827'.
[  159.047139][ T7972] netlink: 'syz.1.830': attribute type 10 has an invalid length.
[  159.106703][ T7972] bond0: (slave bond_slave_0): Releasing backup interface
[  159.599082][ T7984] netlink: 32 bytes leftover after parsing attributes in process `syz.4.835'.
[  159.762461][ T7984] netlink: 'syz.4.835': attribute type 4 has an invalid length.
[  159.791305][ T7989] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.836'.
[  159.797934][ T7988] netlink: 'syz.2.837': attribute type 10 has an invalid length.
[  159.825672][ T7984] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.835'.
[  159.839627][ T7990] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.836'.
[  159.848733][ T7988] 8021q: adding VLAN 0 to HW filter on device batadv0
[  159.855888][ T7988] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  159.964389][ T7988] netlink: 'syz.2.837': attribute type 10 has an invalid length.
[  159.977345][ T7988] netlink: 40 bytes leftover after parsing attributes in process `syz.2.837'.
[  159.987998][ T7988] batadv0: entered promiscuous mode
[  159.993277][ T7988] batadv0: entered allmulticast mode
[  160.020265][ T7988] bond0: (slave batadv0): Releasing backup interface
[  160.121439][ T7988] bridge0: port 3(batadv0) entered blocking state
[  160.174991][ T7988] bridge0: port 3(batadv0) entered disabled state
[  160.219200][ T8004] netlink: 28 bytes leftover after parsing attributes in process `syz.1.843'.
[  160.318581][   T59] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  160.327882][   T59] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  160.851918][ T8037] FAULT_INJECTION: forcing a failure.
[  160.851918][ T8037] name failslab, interval 1, probability 0, space 0, times 0
[  160.935260][ T8037] CPU: 0 UID: 0 PID: 8037 Comm: syz.4.855 Not tainted syzkaller #0 PREEMPT(full) 
[  160.935283][ T8037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  160.935293][ T8037] Call Trace:
[  160.935300][ T8037]  <TASK>
[  160.935308][ T8037]  dump_stack_lvl+0x189/0x250
[  160.935332][ T8037]  ? __pfx____ratelimit+0x10/0x10
[  160.935353][ T8037]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.935372][ T8037]  ? __pfx__printk+0x10/0x10
[  160.935395][ T8037]  ? __lock_acquire+0xab9/0xd20
[  160.935428][ T8037]  should_fail_ex+0x414/0x560
[  160.935452][ T8037]  should_failslab+0xa8/0x100
[  160.935471][ T8037]  kmem_cache_alloc_noprof+0x73/0x3c0
[  160.935494][ T8037]  ? skb_clone+0x212/0x3a0
[  160.935514][ T8037]  skb_clone+0x212/0x3a0
[  160.935533][ T8037]  __netlink_deliver_tap+0x404/0x850
[  160.935567][ T8037]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.935590][ T8037]  netlink_deliver_tap+0x19c/0x1b0
[  160.935612][ T8037]  netlink_unicast+0x7fa/0x9e0
[  160.935640][ T8037]  ? __pfx_netlink_unicast+0x10/0x10
[  160.935660][ T8037]  ? netlink_sendmsg+0x642/0xb30
[  160.935678][ T8037]  ? skb_put+0x11b/0x210
[  160.935703][ T8037]  netlink_sendmsg+0x805/0xb30
[  160.935733][ T8037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.935757][ T8037]  ? aa_sock_msg_perm+0xf1/0x1d0
[  160.935778][ T8037]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  160.935799][ T8037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.935820][ T8037]  __sock_sendmsg+0x219/0x270
[  160.935841][ T8037]  ____sys_sendmsg+0x505/0x830
[  160.935870][ T8037]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.935902][ T8037]  ? import_iovec+0x74/0xa0
[  160.935929][ T8037]  ___sys_sendmsg+0x21f/0x2a0
[  160.935954][ T8037]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.936014][ T8037]  ? __fget_files+0x2a/0x420
[  160.936031][ T8037]  ? __fget_files+0x3a0/0x420
[  160.936060][ T8037]  __x64_sys_sendmsg+0x19b/0x260
[  160.936085][ T8037]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  160.936117][ T8037]  ? __pfx_ksys_write+0x10/0x10
[  160.936136][ T8037]  ? rcu_is_watching+0x15/0xb0
[  160.936158][ T8037]  ? do_syscall_64+0xbe/0x3b0
[  160.936182][ T8037]  do_syscall_64+0xfa/0x3b0
[  160.936201][ T8037]  ? lockdep_hardirqs_on+0x9c/0x150
[  160.936220][ T8037]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.936236][ T8037]  ? clear_bhb_loop+0x60/0xb0
[  160.936256][ T8037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.936272][ T8037] RIP: 0033:0x7fdf6e78eec9
[  160.936291][ T8037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.936304][ T8037] RSP: 002b:00007fdf6f6a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.936321][ T8037] RAX: ffffffffffffffda RBX: 00007fdf6e9e5fa0 RCX: 00007fdf6e78eec9
[  160.936332][ T8037] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  160.936342][ T8037] RBP: 00007fdf6f6a1090 R08: 0000000000000000 R09: 0000000000000000
[  160.936352][ T8037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.936361][ T8037] R13: 00007fdf6e9e6038 R14: 00007fdf6e9e5fa0 R15: 00007ffe775d8108
[  160.936390][ T8037]  </TASK>
[  163.937604][ T8071] FAULT_INJECTION: forcing a failure.
[  163.937604][ T8071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.959527][ T8071] CPU: 1 UID: 0 PID: 8071 Comm: syz.1.867 Not tainted syzkaller #0 PREEMPT(full) 
[  163.959554][ T8071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  163.959564][ T8071] Call Trace:
[  163.959571][ T8071]  <TASK>
[  163.959583][ T8071]  dump_stack_lvl+0x189/0x250
[  163.959607][ T8071]  ? __pfx____ratelimit+0x10/0x10
[  163.959628][ T8071]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.959647][ T8071]  ? __pfx__printk+0x10/0x10
[  163.959681][ T8071]  should_fail_ex+0x414/0x560
[  163.959704][ T8071]  _copy_to_user+0x31/0xb0
[  163.959722][ T8071]  bpf_test_finish+0x56f/0x700
[  163.959752][ T8071]  ? __pfx_bpf_test_finish+0x10/0x10
[  163.959786][ T8071]  bpf_prog_test_run_skb+0xef8/0x1550
[  163.959823][ T8071]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  163.959844][ T8071]  bpf_prog_test_run+0x2c7/0x340
[  163.959870][ T8071]  __sys_bpf+0x562/0x860
[  163.959892][ T8071]  ? __pfx___sys_bpf+0x10/0x10
[  163.959928][ T8071]  ? ksys_write+0x22a/0x250
[  163.959946][ T8071]  ? __pfx_ksys_write+0x10/0x10
[  163.959959][ T8071]  ? rcu_is_watching+0x15/0xb0
[  163.959983][ T8071]  __x64_sys_bpf+0x7c/0x90
[  163.960003][ T8071]  do_syscall_64+0xfa/0x3b0
[  163.960022][ T8071]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.960040][ T8071]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.960056][ T8071]  ? clear_bhb_loop+0x60/0xb0
[  163.960076][ T8071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.960091][ T8071] RIP: 0033:0x7fc17878eec9
[  163.960106][ T8071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.960119][ T8071] RSP: 002b:00007fc179689038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  163.960137][ T8071] RAX: ffffffffffffffda RBX: 00007fc1789e5fa0 RCX: 00007fc17878eec9
[  163.960148][ T8071] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  163.960159][ T8071] RBP: 00007fc179689090 R08: 0000000000000000 R09: 0000000000000000
[  163.960168][ T8071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.960178][ T8071] R13: 00007fc1789e6038 R14: 00007fc1789e5fa0 R15: 00007ffdfe62eb58
[  163.960205][ T8071]  </TASK>
[  165.072907][ T8102] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.879'.
[  165.088590][ T8099] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.879'.
[  165.109021][ T8102] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.879'.
[  165.122435][ T8100] tap0: tun_chr_ioctl cmd 1074025677
[  165.135427][ T8100] tap0: linktype set to 773
[  165.361482][ T8098] netlink: 'syz.3.881': attribute type 2 has an invalid length.
[  165.381583][ T8098] netlink: 76 bytes leftover after parsing attributes in process `syz.3.881'.
[  167.004373][ T8126] netlink: 40 bytes leftover after parsing attributes in process `syz.1.888'.
[  167.239490][ T8143] netlink: 148 bytes leftover after parsing attributes in process `syz.4.893'.
[  168.246169][ T8162] netlink: 'syz.2.903': attribute type 4 has an invalid length.
[  168.296161][ T8162] netlink: 184 bytes leftover after parsing attributes in process `syz.2.903'.
[  168.350788][ T8169] netlink: 'syz.2.903': attribute type 7 has an invalid length.
[  168.426714][ T8173] netlink: 24 bytes leftover after parsing attributes in process `syz.1.908'.
[  168.920235][ T8188] FAULT_INJECTION: forcing a failure.
[  168.920235][ T8188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.953964][ T8188] CPU: 1 UID: 0 PID: 8188 Comm: syz.1.912 Not tainted syzkaller #0 PREEMPT(full) 
[  168.953988][ T8188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  168.953997][ T8188] Call Trace:
[  168.954005][ T8188]  <TASK>
[  168.954012][ T8188]  dump_stack_lvl+0x189/0x250
[  168.954038][ T8188]  ? __pfx____ratelimit+0x10/0x10
[  168.954058][ T8188]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.954078][ T8188]  ? __pfx__printk+0x10/0x10
[  168.954112][ T8188]  should_fail_ex+0x414/0x560
[  168.954136][ T8188]  _copy_to_user+0x31/0xb0
[  168.954154][ T8188]  simple_read_from_buffer+0xe1/0x170
[  168.954177][ T8188]  proc_fail_nth_read+0x1b3/0x220
[  168.954202][ T8188]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.954226][ T8188]  ? rw_verify_area+0x2a6/0x4d0
[  168.954248][ T8188]  ? __lock_acquire+0xab9/0xd20
[  168.954268][ T8188]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.954291][ T8188]  vfs_read+0x200/0xa30
[  168.954312][ T8188]  ? fdget_pos+0x247/0x320
[  168.954334][ T8188]  ? __pfx___mutex_lock+0x10/0x10
[  168.954361][ T8188]  ? __pfx_vfs_read+0x10/0x10
[  168.954386][ T8188]  ? __fget_files+0x2a/0x420
[  168.954407][ T8188]  ? __fget_files+0x3a0/0x420
[  168.954424][ T8188]  ? __fget_files+0x2a/0x420
[  168.954451][ T8188]  ksys_read+0x145/0x250
[  168.954468][ T8188]  ? __pfx_ksys_read+0x10/0x10
[  168.954480][ T8188]  ? rcu_is_watching+0x15/0xb0
[  168.954503][ T8188]  ? do_syscall_64+0xbe/0x3b0
[  168.954528][ T8188]  do_syscall_64+0xfa/0x3b0
[  168.954547][ T8188]  ? lockdep_hardirqs_on+0x9c/0x150
[  168.954565][ T8188]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.954579][ T8188]  ? clear_bhb_loop+0x60/0xb0
[  168.954598][ T8188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.954613][ T8188] RIP: 0033:0x7fc17878d8dc
[  168.954627][ T8188] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  168.954640][ T8188] RSP: 002b:00007fc179689030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  168.954658][ T8188] RAX: ffffffffffffffda RBX: 00007fc1789e5fa0 RCX: 00007fc17878d8dc
[  168.954670][ T8188] RDX: 000000000000000f RSI: 00007fc1796890a0 RDI: 0000000000000007
[  168.954680][ T8188] RBP: 00007fc179689090 R08: 0000000000000000 R09: 0000000000000000
[  168.954690][ T8188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.954700][ T8188] R13: 00007fc1789e6038 R14: 00007fc1789e5fa0 R15: 00007ffdfe62eb58
[  168.954729][ T8188]  </TASK>
[  170.230788][ T8218] FAULT_INJECTION: forcing a failure.
[  170.230788][ T8218] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.247454][ T8218] CPU: 0 UID: 0 PID: 8218 Comm: syz.4.926 Not tainted syzkaller #0 PREEMPT(full) 
[  170.247478][ T8218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  170.247488][ T8218] Call Trace:
[  170.247494][ T8218]  <TASK>
[  170.247502][ T8218]  dump_stack_lvl+0x189/0x250
[  170.247526][ T8218]  ? __pfx____ratelimit+0x10/0x10
[  170.247547][ T8218]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.247566][ T8218]  ? __pfx__printk+0x10/0x10
[  170.247600][ T8218]  should_fail_ex+0x414/0x560
[  170.247624][ T8218]  _copy_to_user+0x31/0xb0
[  170.247643][ T8218]  simple_read_from_buffer+0xe1/0x170
[  170.247666][ T8218]  proc_fail_nth_read+0x1b3/0x220
[  170.247691][ T8218]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  170.247715][ T8218]  ? rw_verify_area+0x2a6/0x4d0
[  170.247737][ T8218]  ? __lock_acquire+0xab9/0xd20
[  170.247757][ T8218]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  170.247780][ T8218]  vfs_read+0x200/0xa30
[  170.247801][ T8218]  ? fdget_pos+0x247/0x320
[  170.247823][ T8218]  ? __pfx___mutex_lock+0x10/0x10
[  170.247844][ T8218]  ? __pfx_vfs_read+0x10/0x10
[  170.247869][ T8218]  ? __fget_files+0x2a/0x420
[  170.247891][ T8218]  ? __fget_files+0x3a0/0x420
[  170.247907][ T8218]  ? __fget_files+0x2a/0x420
[  170.247934][ T8218]  ksys_read+0x145/0x250
[  170.247952][ T8218]  ? __pfx_ksys_read+0x10/0x10
[  170.247964][ T8218]  ? rcu_is_watching+0x15/0xb0
[  170.248005][ T8218]  ? do_syscall_64+0xbe/0x3b0
[  170.248030][ T8218]  do_syscall_64+0xfa/0x3b0
[  170.248049][ T8218]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.248068][ T8218]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.248084][ T8218]  ? clear_bhb_loop+0x60/0xb0
[  170.248104][ T8218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.248120][ T8218] RIP: 0033:0x7fdf6e78d8dc
[  170.248135][ T8218] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  170.248149][ T8218] RSP: 002b:00007fdf6f6a1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  170.248166][ T8218] RAX: ffffffffffffffda RBX: 00007fdf6e9e5fa0 RCX: 00007fdf6e78d8dc
[  170.248178][ T8218] RDX: 000000000000000f RSI: 00007fdf6f6a10a0 RDI: 0000000000000004
[  170.248188][ T8218] RBP: 00007fdf6f6a1090 R08: 0000000000000000 R09: 0000000000000000
[  170.248198][ T8218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  170.248207][ T8218] R13: 00007fdf6e9e6038 R14: 00007fdf6e9e5fa0 R15: 00007ffe775d8108
[  170.248235][ T8218]  </TASK>
[  171.203294][ T8226] dummy0: entered allmulticast mode
[  174.032702][ T8257] netlink: 'syz.3.937': attribute type 4 has an invalid length.
[  174.502810][ T8283] ==================================================================
[  174.510906][ T8283] BUG: KASAN: slab-use-after-free in __xfrm_state_insert+0x8af/0x1450
[  174.519067][ T8283] Read of size 1 at addr ffff88802952c770 by task syz.2.947/8283
[  174.526760][ T8283] 
[  174.529072][ T8283] CPU: 1 UID: 0 PID: 8283 Comm: syz.2.947 Not tainted syzkaller #0 PREEMPT(full) 
[  174.529086][ T8283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  174.529092][ T8283] Call Trace:
[  174.529096][ T8283]  <TASK>
[  174.529101][ T8283]  dump_stack_lvl+0x189/0x250
[  174.529117][ T8283]  ? __virt_addr_valid+0x1c8/0x5c0
[  174.529130][ T8283]  ? rcu_is_watching+0x15/0xb0
[  174.529140][ T8283]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.529150][ T8283]  ? rcu_is_watching+0x15/0xb0
[  174.529159][ T8283]  ? lock_release+0x4b/0x3e0
[  174.529171][ T8283]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  174.529182][ T8283]  ? __virt_addr_valid+0x1c8/0x5c0
[  174.529192][ T8283]  ? __virt_addr_valid+0x4a5/0x5c0
[  174.529203][ T8283]  print_report+0xca/0x240
[  174.529212][ T8283]  ? __xfrm_state_insert+0x8af/0x1450
[  174.529226][ T8283]  kasan_report+0x118/0x150
[  174.529236][ T8283]  ? __xfrm_state_insert+0x8af/0x1450
[  174.529250][ T8283]  __xfrm_state_insert+0x8af/0x1450
[  174.529264][ T8283]  ? xfrm_state_insert+0x44/0x60
[  174.529277][ T8283]  xfrm_state_insert+0x54/0x60
[  174.529289][ T8283]  ipcomp6_init_state+0x655/0x900
[  174.529303][ T8283]  __xfrm_init_state+0xa76/0x13f0
[  174.529312][ T8283]  ? __xfrm_init_state+0x7ef/0x13f0
[  174.529321][ T8283]  xfrm_add_sa+0x2f5b/0x4070
[  174.529332][ T8283]  ? __pfx_xfrm_add_sa+0x10/0x10
[  174.529340][ T8283]  ? apparmor_capable+0x137/0x1b0
[  174.529353][ T8283]  ? __nla_parse+0x40/0x60
[  174.529365][ T8283]  xfrm_user_rcv_msg+0x7a3/0xab0
[  174.529375][ T8283]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  174.529392][ T8283]  ? netlink_rcv_skb+0x102/0x470
[  174.529403][ T8283]  ? kasan_check_range+0x1d4/0x2c0
[  174.529414][ T8283]  netlink_rcv_skb+0x208/0x470
[  174.529424][ T8283]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  174.529433][ T8283]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  174.529446][ T8283]  ? netlink_deliver_tap+0x2e/0x1b0
[  174.529457][ T8283]  ? netlink_deliver_tap+0x2e/0x1b0
[  174.529468][ T8283]  xfrm_netlink_rcv+0x79/0x90
[  174.529477][ T8283]  netlink_unicast+0x82c/0x9e0
[  174.529488][ T8283]  ? __pfx_netlink_unicast+0x10/0x10
[  174.529498][ T8283]  ? netlink_sendmsg+0x642/0xb30
[  174.529509][ T8283]  ? skb_put+0x11b/0x210
[  174.529520][ T8283]  netlink_sendmsg+0x805/0xb30
[  174.529536][ T8283]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.529547][ T8283]  ? aa_sock_msg_perm+0xf1/0x1d0
[  174.529558][ T8283]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  174.529569][ T8283]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.529580][ T8283]  __sock_sendmsg+0x219/0x270
[  174.529590][ T8283]  ____sys_sendmsg+0x505/0x830
[  174.529603][ T8283]  ? __pfx_____sys_sendmsg+0x10/0x10
[  174.529617][ T8283]  ? import_iovec+0x74/0xa0
[  174.529631][ T8283]  ___sys_sendmsg+0x21f/0x2a0
[  174.529643][ T8283]  ? __pfx____sys_sendmsg+0x10/0x10
[  174.529663][ T8283]  ? __fget_files+0x2a/0x420
[  174.529672][ T8283]  ? __fget_files+0x3a0/0x420
[  174.529683][ T8283]  __x64_sys_sendmsg+0x19b/0x260
[  174.529694][ T8283]  ? clockevents_program_event+0x24d/0x360
[  174.529706][ T8283]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  174.529722][ T8283]  ? do_syscall_64+0xbe/0x3b0
[  174.529741][ T8283]  do_syscall_64+0xfa/0x3b0
[  174.529760][ T8283]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.529783][ T8283]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  174.529800][ T8283]  ? clear_bhb_loop+0x60/0xb0
[  174.529817][ T8283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.529834][ T8283] RIP: 0033:0x7fc50818eec9
[  174.529849][ T8283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.529860][ T8283] RSP: 002b:00007fc508fd4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.529871][ T8283] RAX: ffffffffffffffda RBX: 00007fc5083e6180 RCX: 00007fc50818eec9
[  174.529878][ T8283] RDX: 0000000000000000 RSI: 00002000000035c0 RDI: 000000000000000b
[  174.529884][ T8283] RBP: 00007fc508211f91 R08: 0000000000000000 R09: 0000000000000000
[  174.529890][ T8283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  174.529896][ T8283] R13: 00007fc5083e6218 R14: 00007fc5083e6180 R15: 00007ffe9ef8a7f8
[  174.529906][ T8283]  </TASK>
[  174.529910][ T8283] 
[  174.926369][ T8283] Allocated by task 8138:
[  174.930679][ T8283]  kasan_save_track+0x3e/0x80
[  174.935349][ T8283]  __kasan_slab_alloc+0x6c/0x80
[  174.940185][ T8283]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  174.945631][ T8283]  xfrm_state_alloc+0x24/0x2f0
[  174.950377][ T8283]  xfrm_add_sa+0x17d1/0x4070
[  174.954942][ T8283]  xfrm_user_rcv_msg+0x7a3/0xab0
[  174.959856][ T8283]  netlink_rcv_skb+0x208/0x470
[  174.964600][ T8283]  xfrm_netlink_rcv+0x79/0x90
[  174.969254][ T8283]  netlink_unicast+0x82c/0x9e0
[  174.973998][ T8283]  netlink_sendmsg+0x805/0xb30
[  174.978742][ T8283]  __sock_sendmsg+0x219/0x270
[  174.983419][ T8283]  ____sys_sendmsg+0x505/0x830
[  174.988164][ T8283]  ___sys_sendmsg+0x21f/0x2a0
[  174.992822][ T8283]  __x64_sys_sendmsg+0x19b/0x260
[  174.997741][ T8283]  do_syscall_64+0xfa/0x3b0
[  175.002226][ T8283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.008097][ T8283] 
[  175.010400][ T8283] Freed by task 43:
[  175.014182][ T8283]  kasan_save_track+0x3e/0x80
[  175.018840][ T8283]  kasan_save_free_info+0x46/0x50
[  175.023847][ T8283]  __kasan_slab_free+0x5b/0x80
[  175.028586][ T8283]  kmem_cache_free+0x18f/0x400
[  175.033324][ T8283]  xfrm_state_gc_task+0x52d/0x6b0
[  175.038329][ T8283]  process_scheduled_works+0xae1/0x17b0
[  175.043852][ T8283]  worker_thread+0x8a0/0xda0
[  175.048417][ T8283]  kthread+0x70e/0x8a0
[  175.052466][ T8283]  ret_from_fork+0x436/0x7d0
[  175.057032][ T8283]  ret_from_fork_asm+0x1a/0x30
[  175.061779][ T8283] 
[  175.064079][ T8283] The buggy address belongs to the object at ffff88802952c440
[  175.064079][ T8283]  which belongs to the cache xfrm_state of size 928
[  175.078019][ T8283] The buggy address is located 816 bytes inside of
[  175.078019][ T8283]  freed 928-byte region [ffff88802952c440, ffff88802952c7e0)
[  175.091791][ T8283] 
[  175.094096][ T8283] The buggy address belongs to the physical page:
[  175.100501][ T8283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802952c000 pfn:0x2952c
[  175.110548][ T8283] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  175.119026][ T8283] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  175.126555][ T8283] page_type: f5(slab)
[  175.130516][ T8283] raw: 00fff00000000040 ffff888145a83b40 dead000000000122 0000000000000000
[  175.139088][ T8283] raw: ffff88802952c000 00000000800f000e 00000000f5000000 0000000000000000
[  175.147655][ T8283] head: 00fff00000000040 ffff888145a83b40 dead000000000122 0000000000000000
[  175.156307][ T8283] head: ffff88802952c000 00000000800f000e 00000000f5000000 0000000000000000
[  175.164955][ T8283] head: 00fff00000000002 ffffea0000a54b01 00000000ffffffff 00000000ffffffff
[  175.173627][ T8283] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  175.182270][ T8283] page dumped because: kasan: bad access detected
[  175.188678][ T8283] page_owner tracks the page as allocated
[  175.194367][ T8283] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6548, tgid 6546 (syz.1.223), ts 105765669832, free_ts 98861315633
[  175.213446][ T8283]  post_alloc_hook+0x240/0x2a0
[  175.218193][ T8283]  get_page_from_freelist+0x21e4/0x22c0
[  175.223893][ T8283]  __alloc_frozen_pages_noprof+0x181/0x370
[  175.229680][ T8283]  alloc_pages_mpol+0x232/0x4a0
[  175.234513][ T8283]  allocate_slab+0x8a/0x370
[  175.238995][ T8283]  ___slab_alloc+0xbeb/0x1420
[  175.243657][ T8283]  kmem_cache_alloc_noprof+0x283/0x3c0
[  175.249099][ T8283]  xfrm_state_alloc+0x24/0x2f0
[  175.253848][ T8283]  xfrm_add_sa+0x17d1/0x4070
[  175.258418][ T8283]  xfrm_user_rcv_msg+0x7a3/0xab0
[  175.263334][ T8283]  netlink_rcv_skb+0x208/0x470
[  175.268081][ T8283]  xfrm_netlink_rcv+0x79/0x90
[  175.272734][ T8283]  netlink_unicast+0x82c/0x9e0
[  175.277475][ T8283]  netlink_sendmsg+0x805/0xb30
[  175.282218][ T8283]  __sock_sendmsg+0x219/0x270
[  175.286886][ T8283]  ____sys_sendmsg+0x505/0x830
[  175.291635][ T8283] page last free pid 6382 tgid 6377 stack trace:
[  175.297940][ T8283]  __free_frozen_pages+0xbc4/0xd30
[  175.303030][ T8283]  __slab_free+0x303/0x3c0
[  175.307428][ T8283]  qlist_free_all+0x97/0x140
[  175.312002][ T8283]  kasan_quarantine_reduce+0x148/0x160
[  175.317444][ T8283]  __kasan_slab_alloc+0x22/0x80
[  175.322273][ T8283]  __kmalloc_cache_noprof+0x1be/0x3d0
[  175.327621][ T8283]  pfifo_fast_change_tx_queue_len+0xa2/0xa30
[  175.333583][ T8283]  dev_qdisc_change_tx_queue_len+0x3a6/0x510
[  175.339545][ T8283]  netif_change_tx_queue_len+0x162/0x270
[  175.345162][ T8283]  dev_change_tx_queue_len+0x125/0x260
[  175.350607][ T8283]  dev_ioctl+0x7b4/0x1150
[  175.354919][ T8283]  sock_do_ioctl+0x22c/0x300
[  175.359490][ T8283]  sock_ioctl+0x576/0x790
[  175.363800][ T8283]  __se_sys_ioctl+0xfc/0x170
[  175.368373][ T8283]  do_syscall_64+0xfa/0x3b0
[  175.372859][ T8283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.378743][ T8283] 
[  175.381046][ T8283] Memory state around the buggy address:
[  175.386651][ T8283]  ffff88802952c600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  175.394702][ T8283]  ffff88802952c680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  175.402750][ T8283] >ffff88802952c700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  175.410788][ T8283]                                                              ^
[  175.418477][ T8283]  ffff88802952c780: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  175.426515][ T8283]  ffff88802952c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  175.434551][ T8283] ==================================================================
[  175.442714][ T8283] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  175.449908][ T8283] CPU: 1 UID: 0 PID: 8283 Comm: syz.2.947 Not tainted syzkaller #0 PREEMPT(full) 
[  175.459102][ T8283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  175.469152][ T8283] Call Trace:
[  175.472429][ T8283]  <TASK>
[  175.475358][ T8283]  dump_stack_lvl+0x99/0x250
[  175.479952][ T8283]  ? __asan_memcpy+0x40/0x70
[  175.484547][ T8283]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.489748][ T8283]  ? __pfx__printk+0x10/0x10
[  175.494386][ T8283]  vpanic+0x281/0x750
[  175.498374][ T8283]  ? __pfx_vpanic+0x10/0x10
[  175.502883][ T8283]  ? irqentry_exit+0x74/0x90
[  175.507478][ T8283]  panic+0xb9/0xc0
[  175.511189][ T8283]  ? __pfx_panic+0x10/0x10
[  175.515598][ T8283]  ? __xfrm_state_insert+0x8af/0x1450
[  175.520961][ T8283]  ? __pfx_panic+0x10/0x10
[  175.525358][ T8283]  ? __xfrm_state_insert+0x8af/0x1450
[  175.530714][ T8283]  check_panic_on_warn+0x89/0xb0
[  175.535642][ T8283]  ? __xfrm_state_insert+0x8af/0x1450
[  175.541004][ T8283]  end_report+0x78/0x160
[  175.545229][ T8283]  kasan_report+0x129/0x150
[  175.549724][ T8283]  ? __xfrm_state_insert+0x8af/0x1450
[  175.555090][ T8283]  __xfrm_state_insert+0x8af/0x1450
[  175.560277][ T8283]  ? xfrm_state_insert+0x44/0x60
[  175.565200][ T8283]  xfrm_state_insert+0x54/0x60
[  175.569949][ T8283]  ipcomp6_init_state+0x655/0x900
[  175.574960][ T8283]  __xfrm_init_state+0xa76/0x13f0
[  175.579965][ T8283]  ? __xfrm_init_state+0x7ef/0x13f0
[  175.585146][ T8283]  xfrm_add_sa+0x2f5b/0x4070
[  175.589726][ T8283]  ? __pfx_xfrm_add_sa+0x10/0x10
[  175.594664][ T8283]  ? apparmor_capable+0x137/0x1b0
[  175.599682][ T8283]  ? __nla_parse+0x40/0x60
[  175.604086][ T8283]  xfrm_user_rcv_msg+0x7a3/0xab0
[  175.609005][ T8283]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  175.614460][ T8283]  ? netlink_rcv_skb+0x102/0x470
[  175.619380][ T8283]  ? kasan_check_range+0x1d4/0x2c0
[  175.624475][ T8283]  netlink_rcv_skb+0x208/0x470
[  175.629221][ T8283]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  175.634660][ T8283]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  175.639940][ T8283]  ? netlink_deliver_tap+0x2e/0x1b0
[  175.645118][ T8283]  ? netlink_deliver_tap+0x2e/0x1b0
[  175.650300][ T8283]  xfrm_netlink_rcv+0x79/0x90
[  175.654958][ T8283]  netlink_unicast+0x82c/0x9e0
[  175.659709][ T8283]  ? __pfx_netlink_unicast+0x10/0x10
[  175.664981][ T8283]  ? netlink_sendmsg+0x642/0xb30
[  175.669900][ T8283]  ? skb_put+0x11b/0x210
[  175.674128][ T8283]  netlink_sendmsg+0x805/0xb30
[  175.678879][ T8283]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.684147][ T8283]  ? aa_sock_msg_perm+0xf1/0x1d0
[  175.689069][ T8283]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  175.694339][ T8283]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.699608][ T8283]  __sock_sendmsg+0x219/0x270
[  175.704268][ T8283]  ____sys_sendmsg+0x505/0x830
[  175.709019][ T8283]  ? __pfx_____sys_sendmsg+0x10/0x10
[  175.714292][ T8283]  ? import_iovec+0x74/0xa0
[  175.718782][ T8283]  ___sys_sendmsg+0x21f/0x2a0
[  175.723462][ T8283]  ? __pfx____sys_sendmsg+0x10/0x10
[  175.728664][ T8283]  ? __fget_files+0x2a/0x420
[  175.733234][ T8283]  ? __fget_files+0x3a0/0x420
[  175.737896][ T8283]  __x64_sys_sendmsg+0x19b/0x260
[  175.742819][ T8283]  ? clockevents_program_event+0x24d/0x360
[  175.748615][ T8283]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  175.754069][ T8283]  ? do_syscall_64+0xbe/0x3b0
[  175.758734][ T8283]  do_syscall_64+0xfa/0x3b0
[  175.763223][ T8283]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.769268][ T8283]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  175.775403][ T8283]  ? clear_bhb_loop+0x60/0xb0
[  175.780064][ T8283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.785936][ T8283] RIP: 0033:0x7fc50818eec9
[  175.790342][ T8283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.809930][ T8283] RSP: 002b:00007fc508fd4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  175.818356][ T8283] RAX: ffffffffffffffda RBX: 00007fc5083e6180 RCX: 00007fc50818eec9
[  175.826308][ T8283] RDX: 0000000000000000 RSI: 00002000000035c0 RDI: 000000000000000b
[  175.834289][ T8283] RBP: 00007fc508211f91 R08: 0000000000000000 R09: 0000000000000000
[  175.842241][ T8283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  175.850192][ T8283] R13: 00007fc5083e6218 R14: 00007fc5083e6180 R15: 00007ffe9ef8a7f8
[  175.858154][ T8283]  </TASK>
[  175.861444][ T8283] Kernel Offset: disabled
[  175.865753][ T8283] Rebooting in 86400 seconds..