last executing test programs:

6.936113623s ago: executing program 2 (id=2565):
r0 = getpid()
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xd, 0x13, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="00000000000000006600000000000000180000000000000000000000000000009500000000000000a60a000000000000180900002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x5, 0xde, &(0x7f0000000340)=""/222}, 0x94)
syz_clone(0xe69d6eb614d5b6bc, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000140)="d7d8edcb5f940218a1b67b1b4efd5f6d996550dbdb5fad6e60afd0927f4053961e530df701b42ae903fb0a0b3348d18882d2307347077b0df16def0de82a36815845bbddc8277c335fc1e99b3ebf4a0241dee8", 0x53}, {&(0x7f0000000280)="6b1d8e8aa81e70af4dde73224192c32d41f1f5a1520c25d78d273a230899fb2d44932a3127eda6e30ed93c3b8ed4dae26f9f39218cf4657742", 0x39}, {0x0}, {&(0x7f0000000680)="5ca228071a27178053ea8b1729940e7a6f266ac5ba550661b551d953b4a45205de2bc49d69645681f4033cb7a74411d4e89ec741f5aa2522b7025faa308f63b47e1b63ec30efe59dfc1fc660f763b9d5eb41b8a8e26f627eef48bd935f010e3ec4b3aa053e1d763c3e6cb51aa446a919d773c7db82cb3fc2f73f6d73cb9c3bf0a005cbd388ed457621ffc0d064f903e90f93448571d6e371b8fb4a5ebabdfb41751c6ddcbe386daf105ed29289530962746b8105afbeb8b4fd2f91081504509b5ac4703ab401c85012a609656fc8db78366477ab2870f727efc0995d1d0deb", 0xdf}, {&(0x7f0000000780)}, {&(0x7f00000007c0)="734d45c63fcd2b815ecaf0", 0xb}, {&(0x7f0000000800)="77a092858cb0f0f2ec9ca6d40bf0e60400719543168df60bbdf81481355f9df6be256d350f820715751b249f1aadb7f7f3488d8679a8bccde645229360ed096146f5ae20344a1b7f6f16692eac12a8e8ca83d393d427f16e7d38bb3881252d694260533177612a61b75699b6c5fbc2cedfe20578fb791d8c51bd9029fce5", 0x7e}, {0x0}], 0x8, &(0x7f0000003a00)=ANY=[@ANYBLOB="10100000000000003a00000008000000e4fc9c16cb11d21bddb6fe7c231e166fc7060c1851a58118bcbd852a32768ad32dda9a95244d34846a77d48462ed418a4c641326eb65878934e8662d4c537141f510960827aa452be898faa04d52d7839a659abc3c4790ab556bcc59c4961facb5c509efc114c72c1f80b3fdd08871b57635e945bf170aa125aada9d493f20a0e96a87dd992877687ee3c51875213ef5b8f34b4cc4fecba9a23d5507affa2044d91070ef72bbc17bae1cd68ebcc6bff5431e08c62196cb3a6e155fc15e4a737efef3fa1135a13d213be6e1e60deb1f0f7a27e33525ad5a0db7e80b4693486d817b685cc6353169e22127aa9f1ddda965d654289efbc39a3526675bdbc75eb53e715a26959efb81a1e0e0fdb863c971910714d9afec83445b8973ae6342af6c150bb3169b12fdff55a6f3adffd413213e3482e8ae10f9321a0c59f29f87568c78625cafec7ec1dde259cf16bb620fea1a39b7638971831189f03bd909cc45bccdc2eeedc912ad642511147ee93ff34b33145768ed462e1c2b56278050f81527313fc74e2dfbe5078ef6eca69da654bbd590de3013666c855aacb8e12a2edc39507692bb8b92ca9b79a9115244ff8c7d2b2082984ab520ca6eeb5c91afcd98a079d93c099e9d6728e14c14961c16e04f9f32cec717d978835f02aaaa16ef4c0a5e5c6940ef781a254b84589fc65899f30c854201cad54cb427f23f418ee4b08eae28c5848ee27a0963cd5954653ec773797f6a13c3aed25ce4a45912d4677c56f7b92695996918d7a254b9caf8c6fa14d88d2374820cd32b2d74054d3a77a957174cad3375e5ce747105f0f961942c6bc9910c9b03bf407fb36dc4ed19ec27eb7e951eb300a03c95e3a5cef2d885f063d33c89f5f9e16352e63dced20414726ad507413202826b7b51afc09f54d55b0269bb8c2c6253e74b8e172bd50dcbf3a72d1786efc61b8e17cb869551dccb7c2f10d411f85547cf122c24fe7c1f9dc3239cd7d547a13a7735929b0add45ac9d20112e5071f3e35d7e328271bf71ba601f6f3f1c384ff473a1fbc7818e702e646e4853145d8b3b3d19f0f42795f5ce079414515e5272ba480775a3a15b181da0774da46ce38c550410d59d3b6fb4269d11e6f87e5e0dd4e3749a06e03ff4ba75677606344d79cf8ec532af0ba2d53f59428159098bd1494104940f952cf8d99486007c22015b387f039bd861ccc1bf496add23b8a23afe41e15f936b7c51e25db8f3926ece9f83e5981f5654313487f1056e86532507f6e0b9f8d9ebcda61835b09e57f0f042fcb58688aaa16066ab62d365c66a78aa2331caa45e2ee6381cb60de1e47b0f614a2c1707075f9f1d218849f1ffc1da0a02acf42340a3e8bc12e8f637f440c38ed057a38bb91b5bd55bd4cf60d97d7e6dd8ebeb751f290f65c57536af4e6f2f9ebc7acd4eb4a8acbc4d67b5e5db0e9fef56d7b6c302476b94814b32b496eaa9089385b7f2d1345029b0bd19518aae0a81f47de55ce933578694763c44b5c095388658437645b0f72e41c4d3c4e04623c694f4d94a8a4fd2fa6f3266c7c35bd4611efd69f6d4512410a86743afc500b0e4d642e2d1f42dc60a8833c2e947367c500d5b2586b9a63fe3ce39547119280837b85b87ecd8214cf82e9bca9392fbd631da220e2efe2726454f6f4cfc4c8b65d51070268b79a402f452162b6572626e38eba3e437684b47d35f0734a200987bb09edf10bdd6f937240d855b867bf4bbbb6e559232f212a8fc2e7dbefe79264245fa4ba8524c596f31315d3d8bec05dfd254237a02a1f536da586da34d353d364a2dd34554e4058577387c7889f6d363e7bf6803dbc27e660858a4e80a8ade8ce37fc81752fdae7afdc7d0cf48a1fba1eede73b068cea9a511e6b4e67b60ee0f8aab28530af8d3212592af0d26d83dd25f03ade5ce712044a0010346b72616cd8fa925720c97306942b120b5e71ca98d05e9e718800d64e1eda79a1abb68a644503481f52c67f89bf95836af5ba667a2d7c67e8d36f77af68b52711d249d1dcd1f73deb71dc42a1fffd9d670c81f4ee79e55140bffec4565c23dbdf44e1e149c6d79cd0378a2e49d2a3018fac711ce38fe9536fe6711072dbf1613f4e1d9a0fbb19c274e6c1ebfb8c031df1c15ee69693efb80d453f4ad7f1a9305c304f665b002031ec8d830872d5291654f87c8459f807644db4cb38323a7ff816e774bd0de6694b38c437faa3b79f14fdcdc4a4d6d5c3a2353d16e5884d5d29630a9c620687ad9c9e9cf91dd0e6a871c6334eb8f8dcb04797608b3a48f6e8c4794e834772d2837ba71e715dcb4c6ec34b8dda1cf1e601461184441e8591900ca713f95262b8283cf4302b464ea7663e4decf7bfddecaa977f83add5e27dcbe2cfa90a1c92d36cba0c81785ca7566beb839e17f717feb1dddd48b6fe83bc8671c8535c9d032bde138e6002db250eef500a73c849a64a9c99f53bc1fe2c86b63858a14f01906f0591c22d7885d005c5be0a786ddb0d2d5d4aa554c93440507307edc68a1533f7aaf210b4ef7f7a2d231be6a3566649d9ba6e7553024785b8d5ac6084f2044f63d608602b145eba8302c5a07ea6b068c4cbb26e67e5528a66af6af4d55038d9367a8e375a02ade89b5330f211cafa5f2bd9d53cb8ac4c8b867d82a6a997221d9ba9f4acd5a0d381bc8eb05d18abc985fec913a9633667be50d6bd43f42bc2db39e282cb415f3bbe521ead013133b371509f5333712ab5976d12a495f3ebe8a8789f3fd81f00dfe84b98bcc52d2ce742931e4b06e3938ca6a776905705ff74c00281090e96bbcd92bece81d04a2df56d61ca4f9b8f3640f9ff78910bb0fe2c9eb992bbecbbbb4badb21a113e0307b92f0cc6ee6531a527fe952ce790544a4aad046b38bc81976b343dedea047fbb688f1948ebb21f7945dbadf90250c894a03d21768a960f815c1a28ca5558e191e58428b735fee13b973abbe44213ce18a67b828740993043e0ee9d84912c53bbf6ccb8ee77c366a4eaaf91cbaf61418815fa8f5db652cfc12f21a4acc27b232df11a250ff7a9780de30df1b4a597c1c5b9afff3a01e7e16dda1f4d75c47b189902a8aeec17cfd226d7891b7b71a79d934a4b1eed2df03c9efb9c3feed8e7d4bce4b568c03690535949d6d110120b5874afb9d60ec55978316ec9057ab21e3122f15ad158a28d52b5416f32bb75a5d9ac90ad85aebe8fb6c574f8502db67e0360cc194941123f9a81adb979a4d9ba382faa9c8bc6d36fed9e4c7e5a70a075a84b52395ed2388173702b17babfb64d610cce945d2cc75bb4faae44bb0e037629123afac9bb7bc657fdade2d05112f697e3325489ca896367671b9d0069feba819925d3c8cd3ca55274843161957257a668ffee67ab0f3cb2d62f07d2bdb252c7a7c1ffb4edd319650746d7f7410d577d276d54f03d7012cdd6c86610c765243e823e7e7ba1a879dd43e840cea86aa9db416249232d1371d2701f72dc4c7d937287f26614f429e69c891a8219c285728f06da705f5d7d0c4136db0665816d3ab7120a9e82f9b8288fefefbfafb2bea649f3fe2b3d6413e3dc8e73937ddfcca6e98d2de13ce8d23faa6c5ce20b04c3ba69ec1944a8792931307a79e952367a06e71f723daad6ddb7036a34f3e4eac7b6751d1b64ca57d0df4d3112e9e64c80006b666a205eacc8568205e49dcd4c09b46445b0e48d75a82781a3ab6ffce19f260e41024f2b783fbb089f65b0b9e7fa42f4dc362a3f0189be4ccda8c22f4ba9e2130ef81927536d2eb5f8a1ccf0d51e8ae767d4f3764f73e29ab1216f924c99eef952ab960c262c515e5511745a52db234ce4fdc105bc4ad8bdce2285d55fc4ce55c20e2b37aae07a26bd1fa13e8bbdbf1b988271c3db56e9a7cbaabf2eec3db8a07020ff704706e51a2434dcbb0b292f0060b1f9d894d1998669ff3d25743dc74f5cac9d175523e61ab4078f1eef775a4a23d84cde6ad91ecea6089cc0e3ec98674e918214ef198c8a7a514af97431c27b86d9484c603055e862333a6e970908d97667ecbd7ce523848e9045a55bf259acfc03efcf0d2c7f2c070e44cb73ca0d25305efa359fa532b92f5d1514d6abc755a8ed9e05fee82d49450db0316a6da29e571584fc77930d3e77e55371e5890aeed1935545feaf1219543d6ccb044b37ad1252aebee215dbe04893f1c0b54331c22ba73560958993c879f211ee591d6ccc62c8c68e3261ad4d420f842b47b77b3755a075d636d7a35045b4f25ee0de8566ed98476fa6e4cbf0ee93a2003c33bad01dc5113ce059c4bbd29a5594102f67b13eef3d9b710ebedd7eaabdd5901e0918b195cfca2ac6f6662a26e3db8c82f9e23c99fd31084175a7d928125f56666baf31cee0df81eb5ab35570b6cc66aef8d476256c31f498b035d821e2fd2d4d530cc7a1a540d150c1b208221e156202ebe6cadd40d8a13cc6eb78e919498f3e33e94e8507736ec0e5bd2318bf4b8edd82e6c7e69874d3a5eb978e38e2aaf910e2bfa9bbdfeccd46d03e4151cba001e5e4715901f1f20e552127fdf1fab8c4b8af8d5e06e0246719977f8bb890d35feb5172d46ad2ad905092232e2abc09e8ac0239028d07d817f0be7af6142ecfc539da7a2f6ed7c933658d9bf202b5c76d7bb5ed4be10e86e3898f8d125e35eeaa1b2d0d8bb3d1376941b819dd56e4b87f436c4caefff4f9e659cc7cfff4801daa6e73cb16dccd7aba94edb385db657f894bae8274be5dc897e1f9314298570e9d0f06ebc0314f37d676f58ef8223bb1e585af69966ffe01138e2f2a250557572ae48cafa964b8fa74c76b75c987310d9ccc4d0fbf07bbbba1c00b7cf415b9fd362795727ac099e68ceb4b500e6e12238d514909c0102308a5398e4dcac8a789a3f1ea591796795cc1f0cb6ede86f727925b92d07538d0ff1e8d71283632cd7e72d1edefdc584c8fd9a9c2c6dc90cd678f27410a607270c185cd99e730de5c16678b3a694e97797f6b152f265059960448d018bc1d74a4c678557ee1d96ecdba02a518d84feaafe0acbf69d821041efb31dbed58b4b11466c0fd0a221bef454dc5dc1fcf15758e375b93a71e7c841fc7d52368783a564e0eb29c1abc1df4bd53e2e7d4e4a8833247ef24a0d16e2f91ab32d8195dc64be14d46ee48c40b6f1fc26b9dc4e2dae765240d4e35793ed3c17b2d959cbd62cd8086be8999bc48b40d1767d4a516750053a1c6d7416ba02bd1d7aea0d0b53a78d27625cf2f3c522791656f567fbdc5c4c7070eb1facce74aad83a2d380ecac692a7e326dbdc611823be578fa114f8c5caca6cb2c64e3cbab40bf56f5df8bec5c35021e18e0f8e7546771552820138955374a3ae4152e7446b64b5370882bf997fa3d4161ce1f76b31ba98d7ce3c4179272b22266ef300f06fa343ee580b1e77ee6935ec1c3876eb4b76320284cc7e92de9d815124c1d4da6280a0e9d22ab43e501af9fc5284355e669dfe9e7362e3fa7c203fbfe7d1933018e4ce0f5361ad342ae6f556ad88218c77149c5003f0e06359f4d99e5ee4dbdf1b8dc4f6b9255007555d8ff141b02e3e978bf2eb361022cec093f192337f774e095f658ba7cfc15020f6a8d971880938692d75696d30c77200e81dfcc2f2d3d65b5b08f945bc704e0b953a6a826b3b76c1219096c6ab1fa3925778df1656981b34237526d0fcb3cb274422935ed0eda48969c1f5563f1bf69ad8e1bee2913f19c8df5cf2fe0c7ad3d5721a3528a9e7b463781aa32078f439be38d1dc6aa9f08a0cd0b0b865e2966a6279dbf443458f472514a610698ee40b9243163a9c58ca8bb57305ee6b8bf9cb51a5bbd49dd09de4be8c1b34603d"], 0x1010}, 0x40)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000064000000bca3000000000000240300001afeffff720af0fff80200ff71a4f0ff000000001f030000000000002e040200000000002604fdffffff000a6114080e000000001d430000000000007a0a00fe003d001f61141c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa035f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6d46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16fe8ddf44572a3996e7f653da18ec0ae564162a27afea62d84f3a10076443d601009393bf52d2105bd901128c7e0ec82701c8204a09eeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081dad507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39b21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6e78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b2045024a982f3c48153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98812106dec28eaeb883418f5624e93aca9e560efa826e5d0c4bd26ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ffc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2540d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d5ef903a554d651186a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a687b8bd9259bc31b6b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700e89a56fe8e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f692192571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09d28c853c28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5cd2baf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a896192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf799b37463f000000a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12b92d7ae633d44086b3f03b20d54abc46271a30f1240fc52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a44434000000000000000000000000000000000021000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73943df80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c2f63453c7e228919b7500001a0000000000000000000017350000c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b512e34182084a3a3b2beb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a316572e92d44ca450b1457c64baeaf8d23f30097126ef7586ed63dd92005c79e4a8ab8a94f0b74903580ac987fd630780d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddffff070000d0288ec3899f1e3ba0151c4037148fb479de703fd52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23541320d8579c5ab42bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267c451ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de01fdee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d00000000caf2b6789509b1bacfd4fa812fc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795d35f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af620000232ec06f7170009d92bb7eddd12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe88100000000000003568bbc2f89596ceacbcbd1c76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0044f57d15e37e34fc5915499b88ae780a7bae4df603bd3c72808cf300440b1b63615b454a161d5fc1d1308f39b3aff5c03eef2e63a013f8a5bf4da6aa1b7d5ec55e8c7a0405fe718e42d4d613f992a0cbc16cb251386acae02f665544c9c02adae5839f1e00006e42fc051a0cb8685667c2edf4522f0f2a8eb7c7b56063a959c4b881e3dbff3c911435e84bc57f36afb8ff78168719dc5ed47eb309f8a12db461beffd0d091a132330579c9afac1a4ad2794987927eb61ad82a61a144d33283eaeda4836a684a6e2716d83e60f5e0e1ab6376960224dc96c839a1fef49475cc0e3053eeb4aebd0e1696f20d458f1aac2d2d871221d3a2d0e1790584ba14b9145a3f81298ae7871f0191a740a8e53b0b6f152dc4d8f28eaa2a5acadd2313f55287aa6ea469b90575839cd763b4703e87fbd6bd134c2cb62996c5d28e73df35744f19143c0b57a26d692dd9a5cf3ab615e432e38b0cbbcced5c39a73fc8e50e6590605cc0b7db1dbca3ea6fbcdff0e18fdeeb5360642d77171433e78bd9300fd171fc83700f0e92b116e7846719eecd94331354b35b9aac42b34fac350decfe5c2eac926f0a007cb6e3bda3effb84b4607468aaad19dcf0d54e5f4ed4ade1fca17d39be192a10516fb34eb6cde71136bb2b4ce1306c17744fefc2b884bdfebad173147780d8b0129f194a60ed6935400000000000000000000000000000000000000000000000000000000000004c8653a0befb2c2795c52e0efae157f1bb138dc7f7d566c964ecfaf388bd173e0174bc5a49d0595de6e1cb51ead265b156412045a00f396d3e180a71897028714e8730d44895d12589a2e0d8d7e4e6f03633ef0f714edad8a2515ac4886efe8c5e006ef4638a4c52577e7d04c2ca9b714aaabde444490ff17d8baad3e65a716a16492b9a887613426ef82e371f531f18d48a4dee61380595792dc07194a4184a76e1e5d1cb39e58f391af74825f4893f063ac0c722bd6e162b8e7ac7a0f7eb13b5267335fd87e13dda7aa19157a0a1a1c2905358c8fc2cd066ea0680b013109f06c293eb1867fbf919fa12364f5ca680bc96cc326e5d757305595bc124b824897524cdcf000000000000"], &(0x7f00000001c0)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)

6.931718143s ago: executing program 0 (id=2575):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x20000}, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1e, 0x2, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x53, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x7, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0], 0x0, 0x10000002, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="1c0000001d008103e00f80ecdb4cb9f207", 0x11}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000200)=ANY=[], 0xfe33)

6.618277996s ago: executing program 0 (id=2570):
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f00000004c0)=ANY=[@ANYBLOB="9110f8ff0000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
r1 = socket$kcm(0x2, 0x3, 0x84)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x108b84, 0x4, 0x0, 0x1, 0x0, 0x8001, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
sendmsg$inet(r1, &(0x7f0000000700)={&(0x7f0000000280)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="280000000000000000000000070000000717a87f000001ac141400e0000001ac1e0001ac1414bb011c000000000000000000000008000000", @ANYRES64=r1], 0x48}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x541b, &(0x7f0000000640))
setsockopt$sock_attach_bpf(r0, 0x29, 0x18, &(0x7f0000000100), 0x120)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d2f, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x8000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030025000b12d25a80648c2594f90224fc60100c034002bf0900053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x600300)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)=""/160, 0xa0}, {&(0x7f0000000940)=""/187, 0xbb}, {&(0x7f0000005980)=""/4118, 0x1016}, {&(0x7f0000000a00)=""/4054, 0xfffffffffffffe05}], 0x4}, 0x40012102)

3.627577255s ago: executing program 0 (id=2571):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000180)={0x2, 0xa0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4022, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x5, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

3.627259065s ago: executing program 2 (id=2572):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x122}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f00000001c0)={0x0, <r8=>0x0}, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r8}, 0x2)

3.4981104s ago: executing program 2 (id=2577):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080)
recvmsg$kcm(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x2020)
recvmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x40000100)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xe8001, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)

3.462094971s ago: executing program 1 (id=2578):
perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/166}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xbc, 0x0, 0x0, 0x38b7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400))
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080))

3.344658746s ago: executing program 3 (id=2579):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x45, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa0}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu&\t\t')
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0xf, &(0x7f00000002c0), 0x161)
sendmsg$inet(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x31, 0x0, 0x0)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x0, 0x61, 0x0, 0xa4d4)

3.221308512s ago: executing program 3 (id=2580):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x20000}, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1e, 0x2, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x53, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x7, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0], 0x0, 0x10000002, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="1c0000001d008103e00f80ecdb4cb9f207", 0x11}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000200)=ANY=[], 0xfe33)

3.219393312s ago: executing program 0 (id=2581):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc}, 0x100c, 0x0, 0x0, 0x0, 0x1, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x10000000000000c8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000071043b000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000180)={&(0x7f0000000000)="e84c6b234c07ff7b5d62", &(0x7f0000000040), &(0x7f00000008c0)="c27bdaad361d9ccee6c3b67360122003b8df2ade1fdaf2093912baca9b08614f488804ffec4bd023033833ba0315835966e2203c681d438745bed2d02b993f6833f20352fd9488dd675a7f7a355fead603329333ef2910b9244268aca249a85b9c46310b1adfed625cdc2a14a4bdbc72be1fcfc650775d4aa09b7f8ba6a95c936e6b0a30c9a8a5c5eabf35166076269dfbe77fc17a71ddbc884d69b65b5268bf7a9cc33658b5b2211e33b1d47f783d7a0c9c9fd4cbde13040ee67b4ad9c12d94d2d50e68006a4409f731819224ad50205d2739700bf6fbceb2cb0fe69620b76c2aaf8f465a5d55e46e1aede8342f9c7574a2b7e3c543855f6fdf0ba131248e2475114b11353183b11742046a3902b21a1f578d02cca16618ae88363201f8c15ef99738a2e8445e96e69da46209c89b41b19536be08265c3989b462d214857a1ec5aa6edad690d69b6351a8982e09a7ca81770c25324b7c9468c19b1f2125627557760ea265f4fd837b554b98782a06f33bcddad0a85bd8bb6e49e632e306ad5c83c4e281028e59c77b0adc693884d788925a4ecf14ea170daec230c553f59c2e7186fa15c5b4e0e2ea548f0215c489efa4289caf418dd95eb0de770781193f20b96c588b5268501cc32cbc6c7827a9aeb685d14ae26598dd52c3b67055d19f54bf4614e6345ecd8807aa728a32fec428593caa044f5040b20195886c59e9d2b72e784f30fd9175321eec46728a557e5d18b4776813b2040c3dc295af93af4127350f4ad94033d8313f78ad883343e8094e77616d0794688122443a233b6780b54f284077f4f6d6ef67e46be1208f8f636a31cdbbe1d50b34fd5dc8a89dd1f66a455b254342ce1a63571f34fb3241281b5481552d7d57fd37953520e6a1da794f7b3fccc61c787edbf3a103e947675f133ea3004a9f45169e864eda070378ec0b7b96ac4c639cc77f672e3d66253ecc9f6104b9ea3fd66e04245301314cbd1f2635d534b78f2eef353adbf21bc43e8bfe408833a903b0b2f1b843b86316d4bb1819c1b69af3872b829c88d917e77c6f9b3c3f078e58121b55d67061cedc9bbe3ec41d7203ba01725fe6b26908e59764de54cd4d1a0f1195841899361f34b7e95032261d78d357bbfb3ebe55b95de3cf9e4f6e7f55d03c018bfd4e5f44a9eab012b8debebbca5d79d69b0f2d6f53d7ddf457060c05bb795546cf72859c05aeb40574b54303ed6487237602c801aa50ec16c1d35df2e4a9e7c9ec8e5135f4f3a022b28d243d72dbede4d43a9829af3c1c2be4b2fed5ed79b108905574186ec28525bead7dd7da75e079f02ee70910ab426d8387bbdf97e0313040034e5e8b88b324166fa71edf3c59e95a6feb7a5b53b05af310a5dc1267e95d7f200dd622719a0fc2220a35385c782efb94adf0e7ee5d4e726890cb850a94da44cc4e2d0c83abe0223754cd4338f405aa65737692668a626661ccb3909360223e5eb9eb2125b71d4bac599f825f2d59b0d505ae47dd659fd60470ffdd6b340ebff42faa8bfd388fe56354b4b49dc5093570d991436d130a4e63e30d0c0b0f7a6c237c8759258e0b6da637099631ac733215e410f1830bccbaeb1e56b6f171c4e50bb25bb1ec7721250cac9e25bddb26419a178479ddfdef9913fa2bd2da5d0f290e5ed3912ff16b532529f2cbc36819ecfb3794a7fe25ef578c695fade6aaded6b8d684da071588c9a8cbfeaeb244894f74ff81a0b4a308a66b9c2476dc74ef1f7a568c54d5a22c9ac0d6c2549143ddff820a553e8285d9b3c36ca97b4efbfe7dd59bb169d3f9d8e41fb4f4684c89fc088132746bd8220ce4db2293a4b13c1958ab96bf34b28cc0379a195ce17fc99bfe317a7e2aad23f8a57f565c503450e69c69391c8303f67f608d9f648609edd197980b1627fa9874ceedf2adc6cff29b7a963fb52c01abd827c0669d0f7e6bf62cd52c611ebd03e2d9bac0471a2cb5c50d693518c7dbd43ef2d763f2ae71edaf833bc50f3f808bc790a5627cdb2748d974a0dec06f2aefb5ce58cfc5884cb1f81e567eb1aa6e2349725f2ae56c200a388b72983c425c049aa59a9056c4340920e19fba81d5c71dd65b279bafa7957b3117a0aaf47440d65695caa90fff63c04829b7a305c8710086de9895c43b0699d333739b7918c3a74486319a461f5cc7eb2d64deac5cab417d609fff4cd5997dc9ff57e0befd1efd387b8cfa01d0fd9b96894426f212e50c80d0dd772bc4cbdd48bc0c089cf0c5bce51aafb58eb9c8634c7a4a59200ae15168e8f158246e1be4329ee5c61899d2dbbaab22bb36e5bbd59c00ed0dd21cb763123af474f7316fa1a954e6c04d86d6db4f8f335943a64886669b12187df62d7baa4363d6415ee380aca4b2e5510c7710712be559161aa0307d494d32222d83343e19b165dbd198c61d1c9bddd7d6397a90f0aa69c11719943c4d70828ac04e28be86c3f0464735f9ef2c93fa6b6d4de943e308c6c06d82bcbccb2e2524d171306f6990f57ce95c72e957888a3534badd54ab088b6188a41f86cf6a0742783eb3fed0f090472dc93b9ea404e9b9b371330b262b9eaefe1922cc3effd88072a026a3a418b070dd45edba11e0d07bc7b411a741a79fccbd07a8dccbc662461e759e6fa8865831dcb4c7e12116fbc3f404ba35889de6c071f717ecb4d15a31f1bcdec096ceb65fe822d52e4897ad4184a9779bad53505577fa0a9fdbce64eafaaace80cfe690aa77f72e22cfd42f9b80ecaddc38e2c75d4b4bb41745afc90d4ba5ebde5e1e9220e50c3caa1488035e23d95b5bff804e755a3c8ef3f248fdfc95da1c544bb1f184eeccdea1a583894a65948d1b96eab69eb835e57c2af1a239ecf91479e84585a2e7b55b315daaef954ec127fec838557ec89a559140d53935a358044fb4d6eef78292dcabf867a7499f7cd858986046547b36ea1c3d5f85be81d1488f32c1db4644794a396ce9f34dc048f7bc6d4d27b0d39e8d1771b4e599ecc83bf03fd76cdad256dbdb4f663f7a0ac6ba25a042cd788da4a0f54500c2576e36811ad588e9bb59eec11744948f5750eef55a4c90cf875d83b85e726e89c026912a4878247e14205442c6ace36a54b0b78fe83084754973db43a96d29f5397dd15595cd900735782f7e52fd0bc863e0265f97011a5477dcbaa93c98215a201587eb9550737780e4fbe6e2dab39684d27029ac87a4f498cd743379b4bd008077e03fd07e6d2c148238e1892f1043afb0fc6a405e425c9f421833a57f90cc1c1883ff41af2d1427168fb7722c1ead0f6f1ee9f4fa1d98051016cf291b7bf26798c73b5e1c89a78e8a742516b037cbf30b6a152b97f98148c800361668920dc5bef1b8604c63ca100d4688e59ffce91a53c91ce7f8ca38f47ef2dcaa4556a9b8b8bec58a15318afa41c84244f92fba76c9a241a7467436e8d57cba00171c1401f877919a72fc01adcc4a3dc93e43ea507538386bef17f03b1bc9310e8d0e2a89ca4e26386f89b652fe3abc65bf68ece93d3707de32b351782d901c3324573db920bfe7f665b87a3c99b1e9f2d34663dfc98d2298e8a0c9ef7aef9bc2b13e9e902ea0f0f992174f6c8ffc97034de359806d24bc77b346ca776036502639f81e8e549cdbc95ef16341ac7fc3472e83efeff674dfffc1fea36e64a582aabb291a42e98b7234a5eba286d2efb875aca5c557fc25e3d149d2285fc36ff150085271b8ed20e4fe711c9b69fe243194c057275c86e6ef8099a2e192aa62d8c9bbd8328d735719d0bde6c2ba875a9dd411eca0483490165eeb5c8506312be57fa47fed3b481131746821ba7a621fb527e90b69d54aef34ffe899acd54b5a61af7e24dcd618b12877425bf1c392f6a48174cd88354f8474c77b3d0143f69e30026682c05b1fbf52dc661c6eab67eea860c7b3af8ea815193387343fd7bf52105b605c078970f3d59abd67b5e944bdb647a61c934e47bd89217d0860c248d3a5042c431dd752c3b98a08ba7c43a7de894d32015cfeb5b333dce3b2683ffc55bb5b6989a30577e10a2f72397e876a4a875c5d52adedb21338fad99a836ffb05686d32ad253d383cf5623e75e6aa98a4f920604b0122b457604240cdbbde8232cab0248c743fdf86289faeadc9f72162d504e768e7a1ac5c4c13ee56ecd2d15684b8500354381070ef32e793ea107b574295b76f73f9a65d3dc96dea6a837b99361eb9f7d028c602508062b2aab91bd44001ac683f2fa0349820427a5070b56ea1ead71e8540f3140f89f80538420c39e3293120f989fd616698509d04432722efbf7ddcb5a7063aaf8c2f88e10c22fd1c4f9e4bad7cc1a85fc5b1aea3d1b275cb4456d1a55e9d6ef5f9aa345a5ffd0438646d192c5b0e5aa1ec3d5933a9d4c312ada56fbb7cbd9caa98945dee02f0e5478fa2cc686d92997af3d03b28f977060d399bfce3dc8ea30ccb122806136b9208b6508c2e9261f5b4a8a809ed46e0e8cb32197eda56be9020be34a30f685d457af933147c6ab3be85e99e511c2e9ca40c912e02aad12d1f91f2ff90dcbec18acb315e155b505ef34239050ff2ae806ca74be82927601a8a5caee5085469a8ac2ef675e053570fb682e9234344551cf39dfbd9def6b287ba0556070435d8ca5343b3d67866bad10a72fbe57e0b6a6ef2b887a91f5c429a2fd5cfb90b176763dd49d8cae7b2ff963a399726dc5e2d6784ac9a737b21c52ee920a121a37135c857f64011de06f4e211367137ab7751fd2d079ee72d744c1a60360808ac049a987c24d96154fd6391d7d031cdd435ae550141a8eba956d8616833375b85256cb62e4eb3552f4a2a9918c48ad373ea4ee6119735f96e6481551b80bc63244c94256a36fd33757d9009f26c04719ce30bbd19a1e382d719f34cbeeef8231dd9867824016ae3dcef5de466196b8c8200d7c42af7fede8352948d535580aeebba8b53798d0896ea4bdcb77bcd9d7ba1e7d69b725d5383ea2033dd37563096ed3b66b7f2f88464c180a20fd3cdf3acf4d7072e4f0c93b62bb1762ac13c5a8ed08e86c1b08770f61c19039fd8f843b9248e930099fb03cf9b0f7801e6bb9b4ad0967901a7855803b3aac2fac60a621c711427a46941ce5e961ffa09f29a2e7670ee848ae05739bfe0b772ae81f987a50df02bbd873ca1b616fb049d4163ffbaafe157ab7150e0f399261881c02de5e5fe56d8e28272a484fa8de7998f116fbe2dd2e8531f75044e26c972dbf708be1596cd21583718dc6deff13a2db48b00615f9fd4f105a843b0eb44ab8cc6b1be334b16508c865e9d66c6b87d00f1312c9393966c6acde1488b0d15b48a41fcfd8a9b319b741eaba68671400a6cd83901418b09441b156b9167ff54d4f26321f581b21bd70ac48327860f92aec2a1c5cd8389b29991fa806aa9127b0f6a6cfa4169817e0ef368fc70991e7c338dfc86de4c0e8d36402e9071e323f21e2f84d0dede8e25b26d9ea35e37f965327cff1c12675149df7ae81c1847c550f1047bee80ad82da5d77436800591c2252a18350b292bd745409065f07896815923ed7d989dc18dc48dc580cc35b155f5402a1614e8957341e2fd8c383838aef70f8cf00491b367ecf155bbd5d32c273e3d312ff106a1a31669e7c1179306b538312fde558d4960ef4d533ae94ed07c4a513c0fd0c4359b8cd7eda39b3ccb1f15295c57b049f7ee27c7d0102dab6ef8e6bd00afd5f22d7305705ab1cdf1b03024afdd9dcab9e2496c75dbdf9ee6980f3a092e05b44125a3994fc0c2f6703766c7714dc0c52", &(0x7f0000000140), 0x7fffffff}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x1}, 0x86)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1b, 0x1, 0x0, 0x0}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan1\x00', 0x800})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8946, &(0x7f0000000080))

2.940437882s ago: executing program 1 (id=2582):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x16, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, @perf_bp={0x0, 0x6}, 0x100000, 0xca, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x800c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000001000)='ns/pid_for_children\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
syz_open_procfs$namespace(0x0, &(0x7f0000000380)='ns/uts\x00')
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000200)=ANY=[@ANYRES8=r1, @ANYRES8=r3], 0x12)

2.879627365s ago: executing program 3 (id=2583):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
close(0x3)
socketpair$unix(0x1, 0x5, 0x0, 0x0)

2.74097551s ago: executing program 3 (id=2584):
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x48440, 0x0)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9}, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e}, 0x94)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001240)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xc8}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

2.673114093s ago: executing program 1 (id=2585):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="240000001e006bcd9e3fe3dc6e08000007000000000000007ea60864160af36504005425", 0x24}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup(r3, &(0x7f00000002c0)='syz1\x00', 0x200002, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000080))
close(0xffffffffffffffff)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0x8b)
close(0xffffffffffffffff)

909.096824ms ago: executing program 0 (id=2586):
socket$kcm(0x21, 0x7, 0x2)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x5)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000a50000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000400)={&(0x7f0000000100)=""/9, 0x9, 0x0, &(0x7f0000000380)=""/113, 0x71}}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x5006)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
r3 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x9, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x3, 0x4, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000180)='cpu>=0||!')

908.654944ms ago: executing program 1 (id=2587):
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f00000004c0)=ANY=[@ANYBLOB="9110f8ff0000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
r1 = socket$kcm(0x2, 0x3, 0x84)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x108b84, 0x4, 0x0, 0x1, 0x0, 0x8001, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
sendmsg$inet(r1, &(0x7f0000000700)={&(0x7f0000000280)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="280000000000000000000000070000000717a87f000001ac141400e0000001ac1e0001ac1414bb011c000000000000000000000008000000", @ANYRES64=r1], 0x48}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x541b, &(0x7f0000000640))
setsockopt$sock_attach_bpf(r0, 0x29, 0x18, &(0x7f0000000100), 0x120)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d2f, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x8000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030025000b12d25a80648c2594f90224fc60100c034002bf0900053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x600300)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)=""/160, 0xa0}, {&(0x7f0000000940)=""/187, 0xbb}, {&(0x7f0000005980)=""/4118, 0x1016}, {&(0x7f0000000a00)=""/4054, 0xfffffffffffffe05}], 0x4}, 0x40012102)

900.195934ms ago: executing program 3 (id=2595):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xcfa4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x202200, 0x0)
close(r1)
socket$kcm(0x10, 0x100000000002, 0x4)
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

670.136623ms ago: executing program 1 (id=2588):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000180)={0x2, 0xa0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4022, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x5, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

669.870303ms ago: executing program 2 (id=2589):
r0 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r1=>0x0, <r2=>0x0})
close(r1)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={<r3=>0x0, <r4=>0x0})
close(r3)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f0000000180), 0x127)
r5 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r5, &(0x7f0000000100)={&(0x7f0000001540)=@tipc=@name={0x1e, 0x2, 0x3, {{0x40, 0x32}, 0x1}}, 0x80, 0x0}, 0x0)

598.136356ms ago: executing program 0 (id=2590):
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x0, 0xff, 0x5, 0x0, 0x10001, 0x4c0c, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x7, 0x8}, 0x0, 0xc8, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x80)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1}, 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000003c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100003020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$kcm(0xa, 0x2, 0x3a)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240048c1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

496.09002ms ago: executing program 2 (id=2591):
perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/166}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xbc, 0x0, 0x0, 0x38b7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400))
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080))

491.00391ms ago: executing program 3 (id=2600):
socket$kcm(0x21, 0x7, 0x2)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x5)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000a50000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000400)={&(0x7f0000000100)=""/9, 0x9, 0x0, &(0x7f0000000380)=""/113, 0x71}}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x5006)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
r3 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x9, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x3, 0x4, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000180)='cpu>=0||!')

227.520941ms ago: executing program 1 (id=2592):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x20000}, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1e, 0x2, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x53, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x7, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0], 0x0, 0x10000002, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="1c0000001d008103e00f80ecdb4cb9f207", 0x11}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000200)=ANY=[], 0xfe33)

0s ago: executing program 2 (id=2593):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
close(0x3)
socketpair$unix(0x1, 0x5, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.10.11' (ED25519) to the list of known hosts.
[   74.790494][ T5776] cgroup: Unknown subsys name 'net'
[   74.933997][ T5776] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   76.665326][ T5776] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   78.221301][ T5788] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   78.231617][ T5788] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   78.242925][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   78.250744][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   78.261324][ T5793] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   78.269679][ T5793] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   78.278350][ T5793] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   78.286483][ T5793] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   78.294067][ T5793] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   78.317120][ T5792] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   78.326289][ T5788] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   78.330296][ T5792] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   78.334325][ T5788] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   78.344514][ T5792] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   78.356382][ T5792] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   78.366548][ T5792] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   78.387362][ T5792] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   78.395284][ T5792] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   78.403358][ T5792] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   78.415894][ T5788] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   78.423990][ T5788] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   78.432634][ T5788] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   78.441203][ T5788] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   78.448983][ T5788] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   78.981312][ T5789] chnl_net:caif_netlink_parms(): no params data found
[   79.044796][ T5786] chnl_net:caif_netlink_parms(): no params data found
[   79.056890][ T5790] chnl_net:caif_netlink_parms(): no params data found
[   79.149802][ T5794] chnl_net:caif_netlink_parms(): no params data found
[   79.303794][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.312487][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.320404][ T5786] bridge_slave_0: entered allmulticast mode
[   79.328968][ T5786] bridge_slave_0: entered promiscuous mode
[   79.354854][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.362040][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.369541][ T5790] bridge_slave_0: entered allmulticast mode
[   79.376636][ T5790] bridge_slave_0: entered promiscuous mode
[   79.385079][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.392597][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.399982][ T5786] bridge_slave_1: entered allmulticast mode
[   79.407914][ T5786] bridge_slave_1: entered promiscuous mode
[   79.415454][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.422586][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.430095][ T5789] bridge_slave_0: entered allmulticast mode
[   79.437816][ T5789] bridge_slave_0: entered promiscuous mode
[   79.470299][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.477981][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.485283][ T5790] bridge_slave_1: entered allmulticast mode
[   79.492428][ T5790] bridge_slave_1: entered promiscuous mode
[   79.524902][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.532190][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.540102][ T5789] bridge_slave_1: entered allmulticast mode
[   79.547403][ T5789] bridge_slave_1: entered promiscuous mode
[   79.554656][ T5794] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.561891][ T5794] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.569227][ T5794] bridge_slave_0: entered allmulticast mode
[   79.576724][ T5794] bridge_slave_0: entered promiscuous mode
[   79.584658][ T5794] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.592254][ T5794] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.599564][ T5794] bridge_slave_1: entered allmulticast mode
[   79.606607][ T5794] bridge_slave_1: entered promiscuous mode
[   79.684513][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.698105][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.711471][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.724424][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.749664][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.773560][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.797185][ T5794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.809828][ T5794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.883560][ T5790] team0: Port device team_slave_0 added
[   79.893320][ T5790] team0: Port device team_slave_1 added
[   79.916169][ T5789] team0: Port device team_slave_0 added
[   79.926653][ T5794] team0: Port device team_slave_0 added
[   79.935937][ T5794] team0: Port device team_slave_1 added
[   79.965729][ T5786] team0: Port device team_slave_0 added
[   79.973710][ T5789] team0: Port device team_slave_1 added
[   80.032867][ T5786] team0: Port device team_slave_1 added
[   80.064150][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.071664][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.098933][ T5794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.113821][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.120978][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.152589][ T5794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.164678][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.171806][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.197747][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.210581][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.217658][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.244023][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.267624][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.274616][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.300927][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.327631][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.334802][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.360846][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.372816][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.380095][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.407231][   T51] Bluetooth: hci0: command tx timeout
[   80.413127][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.423910][   T51] Bluetooth: hci1: command tx timeout
[   80.465349][   T51] Bluetooth: hci3: command tx timeout
[   80.470591][ T5794] hsr_slave_0: entered promiscuous mode
[   80.477905][ T5794] hsr_slave_1: entered promiscuous mode
[   80.486075][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.493046][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.519426][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.545506][   T51] Bluetooth: hci2: command tx timeout
[   80.608499][ T5790] hsr_slave_0: entered promiscuous mode
[   80.614923][ T5790] hsr_slave_1: entered promiscuous mode
[   80.622248][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.630902][ T5790] Cannot create hsr debugfs directory
[   80.654852][ T5789] hsr_slave_0: entered promiscuous mode
[   80.661948][ T5789] hsr_slave_1: entered promiscuous mode
[   80.668881][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.676533][ T5789] Cannot create hsr debugfs directory
[   80.724509][ T5786] hsr_slave_0: entered promiscuous mode
[   80.731842][ T5786] hsr_slave_1: entered promiscuous mode
[   80.738666][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.746933][ T5786] Cannot create hsr debugfs directory
[   81.159601][ T5794] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   81.173318][ T5794] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   81.186520][ T5794] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   81.201460][ T5794] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   81.297558][ T5790] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.308278][ T5790] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.323733][ T5790] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.337363][ T5790] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.411808][ T5786] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   81.433952][ T5786] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   81.444324][ T5786] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   81.467284][ T5786] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   81.548317][ T5789] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   81.559291][ T5789] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   81.596542][ T5789] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   81.607023][ T5789] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   81.635609][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.708339][ T5794] 8021q: adding VLAN 0 to HW filter on device team0
[   81.731783][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.739287][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.787062][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.794228][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.858938][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.911895][ T5794] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   81.950295][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.972990][ T5790] 8021q: adding VLAN 0 to HW filter on device team0
[   81.988211][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.026336][ T3474] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.033667][ T3474] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.051693][ T3474] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.058932][ T3474] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.089744][ T5789] 8021q: adding VLAN 0 to HW filter on device team0
[   82.163707][ T3474] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.170960][ T3474] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.191655][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   82.249806][ T3474] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.257063][ T3474] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.271770][ T3474] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.278998][ T3474] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.289053][ T3474] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.296278][ T3474] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.465991][ T5788] Bluetooth: hci0: command tx timeout
[   82.471559][   T51] Bluetooth: hci1: command tx timeout
[   82.541763][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.550658][   T51] Bluetooth: hci3: command tx timeout
[   82.625662][   T51] Bluetooth: hci2: command tx timeout
[   82.768843][ T5794] veth0_vlan: entered promiscuous mode
[   82.841606][ T5794] veth1_vlan: entered promiscuous mode
[   82.961866][ T5794] veth0_macvtap: entered promiscuous mode
[   83.003075][ T5794] veth1_macvtap: entered promiscuous mode
[   83.071909][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.104386][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.138219][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.150376][ T5794] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.159720][ T5794] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.169298][ T5794] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.178923][ T5794] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.200484][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.270934][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.314123][ T5790] veth0_vlan: entered promiscuous mode
[   83.384966][ T5790] veth1_vlan: entered promiscuous mode
[   83.401995][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.411021][ T5786] veth0_vlan: entered promiscuous mode
[   83.423228][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.470920][ T3474] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.481819][ T3474] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.494580][ T5786] veth1_vlan: entered promiscuous mode
[   83.554296][ T5790] veth0_macvtap: entered promiscuous mode
[   83.574856][ T5789] veth0_vlan: entered promiscuous mode
[   83.603350][ T5790] veth1_macvtap: entered promiscuous mode
[   83.641032][ T5786] veth0_macvtap: entered promiscuous mode
[   83.651373][ T5789] veth1_vlan: entered promiscuous mode
[   83.678548][ T5786] veth1_macvtap: entered promiscuous mode
[   83.710867][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.724047][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.738295][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.791006][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.807325][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.824225][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.846371][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.857645][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.870633][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.881268][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.897000][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.921033][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.931933][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.942216][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.959595][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.984004][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.013241][ T5790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.025821][ T5790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.031859][ T5872] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   84.034573][ T5790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.063576][ T5790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.089665][ T5789] veth0_macvtap: entered promiscuous mode
[   84.095249][    C1] hrtimer: interrupt took 69910 ns
[   84.108599][ T5789] veth1_macvtap: entered promiscuous mode
[   84.122821][ T5872] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.5'.
[   84.131066][ T5786] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.143086][ T5786] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.152790][ T5786] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.161834][ T5786] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.185825][ T5872] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.5'.
[   84.302407][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.321460][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.332630][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.351137][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.375472][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.386804][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.401261][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.435090][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.451717][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.462963][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.474776][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.485688][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.497310][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.510475][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.548997][ T5789] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.555588][   T51] Bluetooth: hci1: command tx timeout
[   84.563328][   T51] Bluetooth: hci0: command tx timeout
[   84.572132][ T5789] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.583869][ T5789] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.592978][ T5789] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.625938][ T5788] Bluetooth: hci3: command tx timeout
[   84.627895][ T1330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.635826][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.647920][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.660109][ T1330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.705578][ T5788] Bluetooth: hci2: command tx timeout
[   85.059845][ T1072] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.075561][ T1072] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.127843][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.144605][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.213532][ T3474] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.234555][ T3474] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.391005][ T1000] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.439786][ T1000] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.625527][   T51] Bluetooth: hci1: command tx timeout
[   86.631096][ T5788] Bluetooth: hci0: command tx timeout
[   86.705743][ T5788] Bluetooth: hci3: command tx timeout
[   86.785461][ T5788] Bluetooth: hci2: command tx timeout
[   87.089263][ T5915] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.13'.
[   87.109132][ T5915] netlink: zone id is out of range
[   87.122397][ T5915] netlink: del zone limit has 8 unknown bytes
[   87.427155][ T5920] netlink: 'syz.1.15': attribute type 1 has an invalid length.
[   87.435045][ T5920] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.15'.
[   87.533596][ T5920] netlink: 9 bytes leftover after parsing attributes in process `syz.1.15'.
[   90.634719][ T5949] warning: `syz.1.27' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   90.980662][ T5953] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.28'.
[   91.007471][ T5953] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.28'.
[   91.007855][ T5956] netlink: 'syz.0.30': attribute type 1 has an invalid length.
[   91.066000][ T5956] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.30'.
[   91.092762][ T5956] netlink: 9 bytes leftover after parsing attributes in process `syz.0.30'.
[   92.177529][ T1186] cfg80211: failed to load regulatory.db
[   94.810419][ T6003] netlink: 'syz.2.41': attribute type 1 has an invalid length.
[   94.867592][ T6003] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.41'.
[   94.896713][ T6003] netlink: 9 bytes leftover after parsing attributes in process `syz.2.41'.
[   95.001361][ T6001] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.40'.
[   95.015760][ T6001] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.40'.
[   98.823667][ T6031] netlink: 'syz.2.55': attribute type 2 has an invalid length.
[   98.851694][ T6031] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.55'.
[   99.224118][ T6043] netlink: 'syz.3.58': attribute type 1 has an invalid length.
[   99.234701][ T6043] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.58'.
[   99.244516][ T6043] netlink: 9 bytes leftover after parsing attributes in process `syz.3.58'.
[   99.866634][ T6046] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.57'.
[  100.057291][ T6046] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.57'.
[  100.680632][ T5788] Bluetooth: hci3: unexpected event 0x03 length: 15 > 11
[  101.671783][ T6090] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.75'.
[  101.799624][ T6090] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.75'.
[  102.180988][ T6100] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.89'.
[  102.244372][ T6100] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.89'.
[  102.818665][ T6113] syz.1.84 (6113) used greatest stack depth: 20656 bytes left
[  103.439803][ T6129] syzkaller0: entered allmulticast mode
[  103.513610][ T6129] syzkaller0: entered promiscuous mode
[  103.571847][ T6129] syzkaller0: left allmulticast mode
[  103.594400][ T6135] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.95'.
[  104.750418][ T6153] __nla_validate_parse: 1 callbacks suppressed
[  104.750457][ T6153] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.109'.
[  104.987044][ T6153] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.109'.
[  105.298256][ T6162] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.115'.
[  105.309728][ T6162] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.115'.
[  105.493687][ T6168] syzkaller0: entered allmulticast mode
[  105.525972][ T6168] syzkaller0: entered promiscuous mode
[  105.531613][ T6168] syzkaller0: left allmulticast mode
[  106.815854][ T6186] netlink: 'syz.1.118': attribute type 2 has an invalid length.
[  106.835481][ T6186] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.118'.
[  107.575606][ T6195] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.121'.
[  107.614521][ T6195] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.121'.
[  108.326887][ T6206] syz.2.126 uses obsolete (PF_INET,SOCK_PACKET)
[  110.235866][ T6233] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.134'.
[  110.283589][ T6233] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.134'.
[  115.164500][ T6306] Zero length message leads to an empty skb
[  116.853559][ T6324] netlink: 'syz.2.173': attribute type 28 has an invalid length.
[  120.122425][ T6360] netlink: 'syz.1.186': attribute type 28 has an invalid length.
[  124.801128][ T6473] veth0_vlan: entered allmulticast mode
[  125.380562][ T5788] Bluetooth: hci0: unexpected subevent 0x0a length: 15 < 30
[  125.494820][ T6484] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.236'.
[  126.453227][ T6502] veth0_vlan: entered allmulticast mode
[  127.019311][ T6510] netlink: 'syz.3.248': attribute type 29 has an invalid length.
[  127.037166][ T6510] netlink: 'syz.3.248': attribute type 29 has an invalid length.
[  127.186331][ T5788] Bluetooth: hci3: unexpected subevent 0x0a length: 15 < 30
[  127.715827][ T6525] netlink: 'syz.2.261': attribute type 29 has an invalid length.
[  127.829255][ T6525] netlink: 'syz.2.261': attribute type 29 has an invalid length.
[  129.427250][ T5788] Bluetooth: hci1: unexpected subevent 0x0a length: 15 < 30
[  129.738725][ T6559] netlink: 'syz.0.266': attribute type 29 has an invalid length.
[  129.750896][ T6559] netlink: 'syz.0.266': attribute type 29 has an invalid length.
[  131.946180][ T5788] Bluetooth: hci2: unexpected subevent 0x0a length: 15 < 30
[  132.133901][ T6590] netlink: 'syz.1.280': attribute type 29 has an invalid length.
[  132.143848][ T6590] netlink: 'syz.1.280': attribute type 29 has an invalid length.
[  133.157943][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  133.164728][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  139.195777][ T6662] netlink: 132 bytes leftover after parsing attributes in process `syz.1.317'.
[  139.835859][ T6670] wg2: entered promiscuous mode
[  139.870067][ T6670] wg2: entered allmulticast mode
[  140.436361][ T6675] netlink: 'syz.1.315': attribute type 29 has an invalid length.
[  140.468107][ T6675] netlink: 'syz.1.315': attribute type 29 has an invalid length.
[  140.836983][ T6679] netlink: 'syz.2.326': attribute type 29 has an invalid length.
[  140.871609][ T6679] netlink: 'syz.2.326': attribute type 29 has an invalid length.
[  145.800069][ T6712] netlink: 'syz.2.330': attribute type 29 has an invalid length.
[  147.432559][ T6712] netlink: 'syz.2.330': attribute type 29 has an invalid length.
[  147.485446][ T6718] wg2: entered promiscuous mode
[  147.490398][ T6718] wg2: entered allmulticast mode
[  151.720899][ T6773] netlink: 'syz.2.355': attribute type 39 has an invalid length.
[  152.032302][ T6776] netlink: 830 bytes leftover after parsing attributes in process `syz.0.356'.
[  152.241766][ T6773] syz.2.355 (6773) used greatest stack depth: 20144 bytes left
[  152.393761][ T6780] netlink: 'syz.1.358': attribute type 8 has an invalid length.
[  152.431663][ T6780] netlink: 48 bytes leftover after parsing attributes in process `syz.1.358'.
[  153.125637][ T6793] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  153.136754][   T11] wlan1: Created IBSS using preconfigured BSSID 00:8d:8d:ff:00:00
[  153.146626][   T11] wlan1: Creating new IBSS network, BSSID 00:8d:8d:ff:00:00
[  155.740324][ T6810] netlink: 'syz.0.370': attribute type 8 has an invalid length.
[  155.750024][ T6810] netlink: 48 bytes leftover after parsing attributes in process `syz.0.370'.
[  156.664908][ T6817] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  156.975765][   T36] wlan1: Created IBSS using preconfigured BSSID 00:8d:8d:ff:00:00
[  157.087776][   T36] wlan1: Creating new IBSS network, BSSID 00:8d:8d:ff:00:00
[  158.767087][ T6837] netlink: 'syz.2.380': attribute type 8 has an invalid length.
[  158.776590][ T6837] netlink: 48 bytes leftover after parsing attributes in process `syz.2.380'.
[  160.553420][ T5788] Bluetooth: hci0: unexpected subevent 0x0a length: 150 > 30
[  160.561173][ T5788] Bluetooth: hci0: Invalid handle: 0x8000 > 0x0eff
[  160.897815][ T6875] netlink: 'syz.1.395': attribute type 39 has an invalid length.
[  161.638782][ T5788] Bluetooth: hci1: unexpected subevent 0x0a length: 150 > 30
[  161.647356][ T5788] Bluetooth: hci1: Invalid handle: 0x8000 > 0x0eff
[  161.770034][ T6898] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.405'.
[  162.523639][ T6909] netlink: 'syz.3.410': attribute type 39 has an invalid length.
[  164.561625][ T6933] netlink: 'syz.1.418': attribute type 1 has an invalid length.
[  164.585374][ T6933] netlink: 5 bytes leftover after parsing attributes in process `syz.1.418'.
[  164.605330][ T5788] Bluetooth: hci2: unexpected subevent 0x0a length: 150 > 30
[  164.613363][ T5788] Bluetooth: hci2: Invalid handle: 0x8000 > 0x0eff
[  166.101953][ T6958] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.432'.
[  166.778682][ T6969] netlink: 'syz.0.436': attribute type 39 has an invalid length.
[  167.435080][ T6979] netlink: 'syz.0.449': attribute type 39 has an invalid length.
[  167.887274][ T6989] netlink: 'syz.0.453': attribute type 39 has an invalid length.
[  168.050053][ T6991] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.444'.
[  169.589311][ T7016] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.457'.
[  175.402045][ T7097] netlink: 'syz.2.493': attribute type 3 has an invalid length.
[  175.499027][ T7097] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.493'.
[  180.617871][ T7172] netlink: 48 bytes leftover after parsing attributes in process `syz.3.524'.
[  185.903020][ T7222] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.539'.
[  189.528252][ T7238] netlink: 'syz.1.549': attribute type 33 has an invalid length.
[  189.552200][ T7239] netlink: 'syz.2.548': attribute type 29 has an invalid length.
[  189.584986][ T7238] netlink: 36 bytes leftover after parsing attributes in process `syz.1.549'.
[  189.622442][ T7239] netlink: 'syz.2.548': attribute type 29 has an invalid length.
[  190.769119][ T7246] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.559'.
[  191.001261][ T5788] Bluetooth: hci2: unexpected event 0x31 length: 15 > 6
[  191.742430][ T7265] Driver unsupported XDP return value 0 on prog  (id 469) dev N/A, expect packet loss!
[  194.374646][ T5788] Bluetooth: hci3: unexpected subevent 0x0a length: 150 > 30
[  194.553965][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  194.560520][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  194.789113][ T5788] Bluetooth: hci3: unexpected event 0x31 length: 15 > 6
[  194.906244][ T7281] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.567'.
[  195.185979][ T7285] netlink: 'syz.2.570': attribute type 33 has an invalid length.
[  195.222819][ T7285] netlink: 36 bytes leftover after parsing attributes in process `syz.2.570'.
[  195.700502][ T7296] netlink: 152 bytes leftover after parsing attributes in process `syz.1.574'.
[  196.465541][ T5788] Bluetooth: hci3: command tx timeout
[  199.134007][ T5788] Bluetooth: hci0: unexpected event 0x31 length: 15 > 6
[  199.275252][ T7319] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.583'.
[  199.903637][ T7327] netlink: 'syz.3.586': attribute type 33 has an invalid length.
[  199.995673][ T7327] netlink: 36 bytes leftover after parsing attributes in process `syz.3.586'.
[  201.747665][ T5104] Bluetooth: hci0: command 0x0406 tx timeout
[  201.754673][ T5797] Bluetooth: hci2: command 0x0406 tx timeout
[  201.755889][ T5795] Bluetooth: hci3: command 0x0406 tx timeout
[  201.760972][ T5104] Bluetooth: hci1: command 0x0406 tx timeout
[  201.838734][ T7353] netlink: 'syz.1.594': attribute type 3 has an invalid length.
[  201.847703][ T7353] netlink: 'syz.1.594': attribute type 1 has an invalid length.
[  201.860973][ T7353] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.594'.
[  204.361785][ T7358] netlink: 'syz.3.596': attribute type 3 has an invalid length.
[  204.416472][ T7358] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.596'.
[  207.930383][ T7374] netlink: 'syz.1.599': attribute type 29 has an invalid length.
[  207.954567][ T7374] netlink: 'syz.1.599': attribute type 29 has an invalid length.
[  207.965020][ T5793] Bluetooth: hci2: unexpected subevent 0x0a length: 150 > 30
[  208.046837][ T7379] netlink: 'syz.0.598': attribute type 33 has an invalid length.
[  208.115617][ T7379] netlink: 36 bytes leftover after parsing attributes in process `syz.0.598'.
[  208.681486][ T7396] netlink: 'syz.1.617': attribute type 33 has an invalid length.
[  208.693084][ T7396] netlink: 36 bytes leftover after parsing attributes in process `syz.1.617'.
[  209.986030][ T5792] Bluetooth: hci2: command 0x0406 tx timeout
[  211.934861][ T5792] Bluetooth: hci0: unexpected subevent 0x0a length: 150 > 30
[  212.296574][ T7422] pim6reg1: entered promiscuous mode
[  212.330446][ T7422] pim6reg1: entered allmulticast mode
[  212.458779][ T7426] netlink: 152 bytes leftover after parsing attributes in process `syz.2.619'.
[  212.708054][ T7431] netlink: 'syz.0.622': attribute type 15 has an invalid length.
[  212.726213][ T7431] netlink: 11254 bytes leftover after parsing attributes in process `syz.0.622'.
[  213.234154][ T7446] netlink: 'syz.2.627': attribute type 3 has an invalid length.
[  213.246119][ T7446] netlink: 'syz.2.627': attribute type 1 has an invalid length.
[  213.257455][ T7446] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.627'.
[  213.397008][ T5792] Bluetooth: hci1: unexpected subevent 0x0a length: 150 > 30
[  213.669545][ T7460] netlink: 152 bytes leftover after parsing attributes in process `syz.0.631'.
[  213.740635][ T5793] Bluetooth: hci0: unknown advertising packet type: 0x20
[  213.986977][ T5793] Bluetooth: hci0: command 0x0406 tx timeout
[  214.044143][ T7467] netlink: 'syz.1.635': attribute type 15 has an invalid length.
[  214.055107][ T7467] netlink: 11254 bytes leftover after parsing attributes in process `syz.1.635'.
[  214.227338][ T7469] netlink: 'syz.3.637': attribute type 29 has an invalid length.
[  214.247740][ T7469] netlink: 'syz.3.637': attribute type 29 has an invalid length.
[  214.313080][ T5793] Bluetooth: hci0: unexpected subevent 0x0a length: 150 > 30
[  214.321280][ T5793] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  214.331433][ T5793] CPU: 1 PID: 5793 Comm: kworker/u5:4 Not tainted syzkaller #0
[  214.339066][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  214.349176][ T5793] Workqueue: hci0 hci_rx_work
[  214.353946][ T5793] Call Trace:
[  214.357260][ T5793]  <TASK>
[  214.360220][ T5793]  dump_stack_lvl+0x16c/0x230
[  214.365122][ T5793]  ? show_regs_print_info+0x20/0x20
[  214.370353][ T5793]  ? load_image+0x3b0/0x3b0
[  214.374901][ T5793]  sysfs_create_dir_ns+0x256/0x280
[  214.380044][ T5793]  ? hci_rx_work+0x43a/0xd80
[  214.384657][ T5793]  ? sysfs_warn_dup+0xa0/0xa0
[  214.389389][ T5793]  ? do_raw_spin_unlock+0x121/0x230
[  214.394609][ T5793]  kobject_add_internal+0x6b8/0xc70
[  214.399834][ T5793]  kobject_add+0x156/0x220
[  214.404269][ T5793]  ? __rwlock_init+0x150/0x150
[  214.409082][ T5793]  ? kobject_init+0x1e0/0x1e0
[  214.413773][ T5793]  ? _raw_spin_unlock+0x28/0x40
[  214.418662][ T5793]  ? get_device_parent+0x366/0x390
[  214.423811][ T5793]  device_add+0x408/0xc20
[  214.428173][ T5793]  hci_conn_add_sysfs+0xd5/0x1e0
[  214.433127][ T5793]  le_conn_complete_evt+0xf36/0x1500
[  214.438448][ T5793]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  214.444718][ T5793]  ? bt_info+0x160/0x160
[  214.448980][ T5793]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  214.454633][ T5793]  ? skb_pull_data+0xfb/0x200
[  214.459418][ T5793]  hci_le_enh_conn_complete_evt+0x189/0x460
[  214.465343][ T5793]  ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0
[  214.471781][ T5793]  ? hci_remote_host_features_evt+0x160/0x160
[  214.477873][ T5793]  hci_event_packet+0x795/0x1210
[  214.482844][ T5793]  ? bis_list+0x290/0x290
[  214.487285][ T5793]  ? lockdep_hardirqs_on+0x98/0x150
[  214.492532][ T5793]  ? hci_send_to_monitor+0xd7/0x4f0
[  214.497764][ T5793]  hci_rx_work+0x43a/0xd80
[  214.502224][ T5793]  ? process_scheduled_works+0x957/0x15b0
[  214.507969][ T5793]  process_scheduled_works+0xa45/0x15b0
[  214.513566][ T5793]  ? assign_work+0x400/0x400
[  214.518184][ T5793]  ? assign_work+0x39e/0x400
[  214.522802][ T5793]  worker_thread+0xa55/0xfc0
[  214.527434][ T5793]  kthread+0x2fa/0x390
[  214.531520][ T5793]  ? pr_cont_work+0x560/0x560
[  214.536217][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  214.540831][ T5793]  ret_from_fork+0x48/0x80
[  214.545282][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  214.549889][ T5793]  ret_from_fork_asm+0x11/0x20
[  214.554689][ T5793]  </TASK>
[  214.559557][ T5793] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  214.573665][ T5793] Bluetooth: hci0: failed to register connection device
[  214.759312][ T7475] netlink: 'syz.0.640': attribute type 3 has an invalid length.
[  214.772165][ T7475] netlink: 'syz.0.640': attribute type 1 has an invalid length.
[  214.842034][ T7475] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.640'.
[  214.876680][ T7484] netlink: 'syz.1.643': attribute type 33 has an invalid length.
[  214.884821][ T7484] netlink: 36 bytes leftover after parsing attributes in process `syz.1.643'.
[  215.427505][ T5793] Bluetooth: hci1: command 0x0406 tx timeout
[  215.800460][ T7501] syz.0.650[7501] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  215.800615][ T7501] syz.0.650[7501] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  216.038471][ T7509] netlink: 'syz.0.651': attribute type 29 has an invalid length.
[  216.062751][ T7509] netlink: 'syz.0.651': attribute type 29 has an invalid length.
[  216.199806][ T7512] netlink: 36 bytes leftover after parsing attributes in process `syz.3.655'.
[  216.356828][ T7515] pim6reg1: entered promiscuous mode
[  216.362604][ T7515] pim6reg1: entered allmulticast mode
[  216.428175][ T7518] netlink: 36 bytes leftover after parsing attributes in process `syz.1.665'.
[  216.444386][ T7517] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.656'.
[  216.715930][ T7525] netlink: 36 bytes leftover after parsing attributes in process `syz.0.667'.
[  218.785585][ T7548] validate_nla: 5 callbacks suppressed
[  218.785623][ T7548] netlink: 'syz.0.669': attribute type 10 has an invalid length.
[  218.843069][ T5793] Bluetooth: hci3: unknown advertising packet type: 0x20
[  218.894806][ T7548] team0: Device veth1_macvtap failed to register rx_handler
[  219.040968][ T7546] pim6reg1: entered promiscuous mode
[  219.047808][ T7546] pim6reg1: entered allmulticast mode
[  219.164536][ T7548] syz.0.669 (7548) used greatest stack depth: 19056 bytes left
[  219.399015][ T7562] netlink: 'syz.0.675': attribute type 29 has an invalid length.
[  219.428463][ T7562] netlink: 'syz.0.675': attribute type 29 has an invalid length.
[  220.971993][ T5793] Bluetooth: hci2: unknown advertising packet type: 0x20
[  222.364471][ T7599] netlink: 'syz.3.688': attribute type 29 has an invalid length.
[  222.382361][ T7599] netlink: 'syz.3.688': attribute type 29 has an invalid length.
[  223.208139][ T7604] syzkaller0: entered promiscuous mode
[  223.219930][ T7604] syzkaller0: entered allmulticast mode
[  223.963396][ T7616] syz.1.702[7616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  223.963537][ T7616] syz.1.702[7616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  224.222107][ T7619] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[  225.828852][ T7626] netlink: 'syz.1.707': attribute type 10 has an invalid length.
[  225.926371][ T5793] Bluetooth: hci1: unexpected subevent 0x0a length: 150 > 30
[  225.934377][ T5793] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[  225.943921][ T5793] CPU: 1 PID: 5793 Comm: kworker/u5:4 Not tainted syzkaller #0
[  225.951521][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  225.961625][ T5793] Workqueue: hci1 hci_rx_work
[  225.966356][ T5793] Call Trace:
[  225.969711][ T5793]  <TASK>
[  225.972664][ T5793]  dump_stack_lvl+0x16c/0x230
[  225.977397][ T5793]  ? show_regs_print_info+0x20/0x20
[  225.982651][ T5793]  ? load_image+0x3b0/0x3b0
[  225.987216][ T5793]  sysfs_create_dir_ns+0x256/0x280
[  225.992368][ T5793]  ? hci_rx_work+0x43a/0xd80
[  225.997004][ T5793]  ? sysfs_warn_dup+0xa0/0xa0
[  226.001740][ T5793]  ? do_raw_spin_unlock+0x121/0x230
[  226.006993][ T5793]  kobject_add_internal+0x6b8/0xc70
[  226.012235][ T5793]  kobject_add+0x156/0x220
[  226.016703][ T5793]  ? __rwlock_init+0x150/0x150
[  226.021519][ T5793]  ? kobject_init+0x1e0/0x1e0
[  226.026218][ T5793]  ? _raw_spin_unlock+0x28/0x40
[  226.031089][ T5793]  ? get_device_parent+0x366/0x390
[  226.036310][ T5793]  device_add+0x408/0xc20
[  226.040694][ T5793]  hci_conn_add_sysfs+0xd5/0x1e0
[  226.045677][ T5793]  le_conn_complete_evt+0xf36/0x1500
[  226.051019][ T5793]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  226.057291][ T5793]  ? bt_info+0x160/0x160
[  226.061558][ T5793]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  226.067223][ T5793]  ? skb_pull_data+0xfb/0x200
[  226.071963][ T5793]  hci_le_enh_conn_complete_evt+0x189/0x460
[  226.077899][ T5793]  ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0
[  226.084346][ T5793]  ? hci_remote_host_features_evt+0x160/0x160
[  226.090430][ T5793]  hci_event_packet+0x795/0x1210
[  226.095397][ T5793]  ? bis_list+0x290/0x290
[  226.099758][ T5793]  ? lockdep_hardirqs_on+0x98/0x150
[  226.104997][ T5793]  ? hci_send_to_monitor+0xd7/0x4f0
[  226.110219][ T5793]  hci_rx_work+0x43a/0xd80
[  226.114673][ T5793]  ? process_scheduled_works+0x957/0x15b0
[  226.120503][ T5793]  process_scheduled_works+0xa45/0x15b0
[  226.126100][ T5793]  ? assign_work+0x400/0x400
[  226.130717][ T5793]  ? assign_work+0x39e/0x400
[  226.135336][ T5793]  worker_thread+0xa55/0xfc0
[  226.139987][ T5793]  kthread+0x2fa/0x390
[  226.144080][ T5793]  ? pr_cont_work+0x560/0x560
[  226.148777][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  226.153386][ T5793]  ret_from_fork+0x48/0x80
[  226.157847][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  226.162475][ T5793]  ret_from_fork_asm+0x11/0x20
[  226.167282][ T5793]  </TASK>
[  226.193140][ T5793] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  226.212795][ T5793] Bluetooth: hci1: failed to register connection device
[  226.650908][ T7626] team0: Device veth1_macvtap failed to register rx_handler
[  226.704110][ T5792] Bluetooth: hci1: unexpected subevent 0x0c length: 150 > 5
[  226.722167][ T7633] wg2: entered promiscuous mode
[  226.729672][ T7633] wg2: entered allmulticast mode
[  226.744450][ T7626] syz.1.707 (7626) used greatest stack depth: 18536 bytes left
[  227.563558][ T7641] netlink: 'syz.3.714': attribute type 10 has an invalid length.
[  227.571786][ T7643] syz.0.705 (7643) used obsolete PPPIOCDETACH ioctl
[  227.921771][ T7641] team0: Device veth1_macvtap failed to register rx_handler
[  228.719433][ T7668] netlink: 'syz.2.716': attribute type 29 has an invalid length.
[  228.748458][ T7668] netlink: 'syz.2.716': attribute type 29 has an invalid length.
[  228.774521][ T7669] netlink: 'syz.2.716': attribute type 29 has an invalid length.
[  228.842501][ T7668] macsec0: entered promiscuous mode
[  228.867589][ T7668] macsec0: entered allmulticast mode
[  228.899462][ T7668] veth1_macvtap: entered allmulticast mode
[  230.802815][ T5792] Bluetooth: hci2: unexpected subevent 0x0c length: 150 > 5
[  233.163565][ T5792] Bluetooth: hci0: unexpected subevent 0x0c length: 150 > 5
[  233.611241][ T7802] ��
: port 1(syz_tun) entered blocking state
[  233.618449][ T7802] ��
: port 1(syz_tun) entered disabled state
[  233.624864][ T7802] syz_tun: entered allmulticast mode
[  233.633064][ T7802] syz_tun: entered promiscuous mode
[  233.848094][ T7807] syzkaller0: entered promiscuous mode
[  233.861695][ T7807] syzkaller0: entered allmulticast mode
[  236.171420][ T7817] netlink: 'syz.2.750': attribute type 10 has an invalid length.
[  236.462686][ T7817] team0: Device veth1_macvtap failed to register rx_handler
[  237.054826][ T7836] netlink: 'syz.2.767': attribute type 10 has an invalid length.
[  237.087170][ T7836] team0: Device veth1_macvtap failed to register rx_handler
[  237.409855][ T7847] netlink: 'syz.1.772': attribute type 10 has an invalid length.
[  237.560042][ T7847] team0: Device veth1_macvtap failed to register rx_handler
[  239.586601][ T7905] netlink: 'syz.2.775': attribute type 10 has an invalid length.
[  239.658011][ T7905] team0: Device veth1_macvtap failed to register rx_handler
[  241.807928][ T7942] ��
: port 1(syz_tun) entered blocking state
[  241.817630][ T7942] ��
: port 1(syz_tun) entered disabled state
[  241.824138][ T7942] syz_tun: entered allmulticast mode
[  241.904841][ T7942] syz_tun: entered promiscuous mode
[  244.890787][ T7975] netlink: 'syz.2.798': attribute type 10 has an invalid length.
[  244.927504][ T7975] macvlan0: entered promiscuous mode
[  244.934387][ T7975] macvlan0: entered allmulticast mode
[  244.985695][ T7975] veth1_vlan: entered allmulticast mode
[  245.024734][ T7975] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  245.359798][ T7987] ��
: port 1(syz_tun) entered blocking state
[  245.370356][ T7987] ��
: port 1(syz_tun) entered disabled state
[  245.376792][ T7987] syz_tun: entered allmulticast mode
[  245.396968][ T7987] syz_tun: entered promiscuous mode
[  246.456769][ T7994] netlink: 'syz.0.816': attribute type 10 has an invalid length.
[  246.474983][ T7994] team0: Device veth1_macvtap failed to register rx_handler
[  247.728618][ T8035] netlink: 'syz.3.824': attribute type 10 has an invalid length.
[  247.793149][ T8035] team0: Device veth1_macvtap failed to register rx_handler
[  249.844441][ T8076] netlink: 'syz.2.836': attribute type 10 has an invalid length.
[  249.963624][ T8076] team0: Device veth1_macvtap failed to register rx_handler
[  250.390823][ T8083] netlink: 'syz.1.848': attribute type 10 has an invalid length.
[  250.441447][ T8083] team0: Device veth1_macvtap failed to register rx_handler
[  252.101533][ T8118] netlink: 'syz.1.854': attribute type 10 has an invalid length.
[  252.281810][ T8118] team0: Device veth1_macvtap failed to register rx_handler
[  253.988938][ T8148] netlink: 'syz.0.864': attribute type 10 has an invalid length.
[  254.090536][ T8148] macvlan0: entered promiscuous mode
[  254.096606][ T8148] macvlan0: entered allmulticast mode
[  254.142140][ T8148] veth1_vlan: entered allmulticast mode
[  254.168854][ T8148] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  254.323346][ T8155] netlink: 'syz.2.868': attribute type 10 has an invalid length.
[  254.379508][ T8155] team0: Device veth1_macvtap failed to register rx_handler
[  254.569708][ T8159] netlink: 'syz.0.870': attribute type 10 has an invalid length.
[  254.631717][ T8159] team0: Device ipvlan1 failed to register rx_handler
[  256.027099][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  256.033507][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  256.828781][ T8177] netlink: 'syz.1.877': attribute type 10 has an invalid length.
[  256.911938][ T8177] macvlan0: entered promiscuous mode
[  256.935291][ T8177] macvlan0: entered allmulticast mode
[  256.985664][ T8177] veth1_vlan: entered allmulticast mode
[  257.066713][ T8177] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  257.537042][ T8189] netlink: 'syz.1.880': attribute type 10 has an invalid length.
[  257.581159][ T8189] team0: Device veth1_macvtap failed to register rx_handler
[  260.103365][ T8228] netlink: 'syz.3.894': attribute type 10 has an invalid length.
[  260.189933][ T8228] team0: Device veth1_macvtap failed to register rx_handler
[  260.685787][ T8238] sctp: [Deprecated]: syz.0.896 (pid 8238) Use of struct sctp_assoc_value in delayed_ack socket option.
[  260.685787][ T8238] Use struct sctp_sack_info instead
[  260.935276][ T8240] netlink: 'syz.1.907': attribute type 10 has an invalid length.
[  260.982951][ T8240] team0: Device veth1_macvtap failed to register rx_handler
[  263.549343][ T8281] sctp: [Deprecated]: syz.3.912 (pid 8281) Use of struct sctp_assoc_value in delayed_ack socket option.
[  263.549343][ T8281] Use struct sctp_sack_info instead
[  268.232993][ T8295] netlink: 'syz.3.920': attribute type 10 has an invalid length.
[  268.270383][ T8295] team0: Device ipvlan1 failed to register rx_handler
[  274.329694][ T8337] netlink: 188 bytes leftover after parsing attributes in process `syz.3.935'.
[  281.478877][ T8388] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.958'.
[  281.503319][ T8388] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.958'.
[  281.560433][ T8388] netlink: 2 bytes leftover after parsing attributes in process `syz.3.958'.
[  283.053717][ T5792] Bluetooth: hci1: unexpected event 0x0b length: 15 > 11
[  286.644019][ T5792] Bluetooth: hci2: unexpected event 0x0b length: 15 > 11
[  288.793527][ T5792] Bluetooth: hci3: unexpected subevent 0x01 length: 150 > 18
[  290.145759][ T5792] Bluetooth: hci3: unexpected event 0x0b length: 15 > 11
[  290.875532][ T5792] Bluetooth: hci3: command 0x0406 tx timeout
[  293.850584][ T8532] netlink: 'syz.0.1020': attribute type 10 has an invalid length.
[  293.866316][ T8532] vlan0: entered allmulticast mode
[  293.871530][ T8532] veth0_vlan: entered allmulticast mode
[  293.922231][ T8532] team0: Port device vlan0 added
[  299.534403][ T8543] netlink: 'syz.2.1025': attribute type 1 has an invalid length.
[  299.543357][ T8563] netlink: 'syz.1.1033': attribute type 10 has an invalid length.
[  299.556004][ T8563] vlan0: entered allmulticast mode
[  299.561204][ T8563] veth0_vlan: entered allmulticast mode
[  299.597227][ T8563] team0: Port device vlan0 added
[  299.604244][ T8568] netlink: 'syz.0.1041': attribute type 10 has an invalid length.
[  299.631133][ T8568] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.654057][ T8568] bridge_slave_1: left allmulticast mode
[  299.661574][ T8568] bridge_slave_1: left promiscuous mode
[  299.674727][ T8568] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.719103][ T8568] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  301.134519][ T8594] sock: sock_set_timeout: `syz.0.1044' (pid 8594) tries to set negative timeout
[  301.250814][ T8596] netlink: 209820 bytes leftover after parsing attributes in process `syz.3.1045'.
[  302.464738][ T8605] netlink: 'syz.2.1049': attribute type 10 has an invalid length.
[  302.507695][ T8605] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.563478][ T8605] bridge_slave_1: left allmulticast mode
[  302.579783][ T8605] bridge_slave_1: left promiscuous mode
[  302.586634][ T8605] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.612456][ T8605] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  302.628338][ T8602] netlink: 'syz.0.1050': attribute type 12 has an invalid length.
[  302.637280][ T8602] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1050'.
[  302.906912][ T8618] sock: sock_set_timeout: `syz.2.1056' (pid 8618) tries to set negative timeout
[  303.393158][ T8631] netlink: 209820 bytes leftover after parsing attributes in process `syz.2.1060'.
[  303.665046][ T8639] netlink: 'syz.3.1065': attribute type 10 has an invalid length.
[  303.721186][ T8639] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.773615][ T8639] bridge_slave_1: left allmulticast mode
[  303.800049][ T8639] bridge_slave_1: left promiscuous mode
[  303.830809][ T8639] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.861640][ T8639] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  303.907894][ T8637] netlink: 'syz.1.1064': attribute type 12 has an invalid length.
[  303.925503][ T8637] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1064'.
[  304.189906][ T8645] sock: sock_set_timeout: `syz.3.1067' (pid 8645) tries to set negative timeout
[  304.944210][ T8662] netlink: 209820 bytes leftover after parsing attributes in process `syz.0.1074'.
[  307.790954][ T8675] netlink: 'syz.1.1078': attribute type 1 has an invalid length.
[  307.825690][ T8675] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.1078'.
[  307.845758][ T8675] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1078'.
[  307.908207][ T8678] netlink: 'syz.0.1085': attribute type 33 has an invalid length.
[  307.934346][ T8678] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1085'.
[  307.960026][ T8671] netlink: 'syz.3.1077': attribute type 12 has an invalid length.
[  307.969118][ T8671] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1077'.
[  309.084023][ T8695] netlink: 'syz.3.1086': attribute type 10 has an invalid length.
[  309.092655][ T8695] vlan0: entered allmulticast mode
[  315.677333][ T8732] netlink: 'syz.2.1094': attribute type 33 has an invalid length.
[  315.685461][ T8732] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1094'.
[  316.176972][ T8755] netlink: 'syz.0.1105': attribute type 1 has an invalid length.
[  317.461606][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  317.468131][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  318.674700][ T8773] netlink: 'syz.1.1110': attribute type 33 has an invalid length.
[  318.700783][ T8773] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1110'.
[  318.974292][ T8785] netlink: 'syz.2.1115': attribute type 10 has an invalid length.
[  319.031580][ T8785] hsr_slave_0: left promiscuous mode
[  319.136645][ T8785] hsr_slave_1: left promiscuous mode
[  319.306178][ T8787] netlink: 'syz.3.1116': attribute type 1 has an invalid length.
[  321.109007][ T8817] netlink: 'syz.3.1123': attribute type 33 has an invalid length.
[  321.133616][ T8817] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1123'.
[  323.421259][ T8832] netlink: 'syz.1.1127': attribute type 1 has an invalid length.
[  323.571412][ T8841] netlink: 'syz.1.1135': attribute type 10 has an invalid length.
[  323.579865][ T8841] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1135'.
[  325.107530][ T8858] netlink: 'syz.3.1142': attribute type 10 has an invalid length.
[  325.133624][ T8858] hsr_slave_0: left promiscuous mode
[  325.156918][ T8858] hsr_slave_1: left promiscuous mode
[  326.575476][ T8874] netlink: 'syz.2.1149': attribute type 10 has an invalid length.
[  326.595319][ T8874] netlink: 55 bytes leftover after parsing attributes in process `syz.2.1149'.
[  326.872563][ T5792] Bluetooth: hci2: unexpected event 0x3c length: 15 > 7
[  327.068512][ T8889] syzkaller0: entered promiscuous mode
[  327.088857][ T8889] syzkaller0: entered allmulticast mode
[  332.706933][ T8918] netlink: 'syz.0.1165': attribute type 10 has an invalid length.
[  332.718102][ T8918] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1165'.
[  333.184817][ T8922] netlink: 'syz.2.1166': attribute type 29 has an invalid length.
[  333.213997][ T8922] netlink: 'syz.2.1166': attribute type 29 has an invalid length.
[  333.232275][ T8924] delete_channel: no stack
[  333.692248][ T8933] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1172'.
[  334.400290][ T8948] netlink: 'syz.3.1178': attribute type 10 has an invalid length.
[  334.424767][ T8948] netlink: 55 bytes leftover after parsing attributes in process `syz.3.1178'.
[  334.477205][ T8951] netlink: 'syz.0.1179': attribute type 29 has an invalid length.
[  334.497114][ T8951] netlink: 'syz.0.1179': attribute type 29 has an invalid length.
[  334.759247][ T8961] netlink: 'syz.0.1181': attribute type 33 has an invalid length.
[  334.785978][ T8961] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1181'.
[  334.801454][ T8957] delete_channel: no stack
[  334.848555][ T8965] netlink: 9275 bytes leftover after parsing attributes in process `syz.2.1185'.
[  335.593399][ T8979] netlink: 'syz.1.1190': attribute type 29 has an invalid length.
[  335.627667][ T8979] netlink: 'syz.1.1190': attribute type 29 has an invalid length.
[  335.712055][ T8983] netlink: 'syz.0.1192': attribute type 10 has an invalid length.
[  335.723239][ T8983] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1192'.
[  336.043315][ T8988] delete_channel: no stack
[  337.529708][ T9022] delete_channel: no stack
[  337.809013][ T9027] validate_nla: 3 callbacks suppressed
[  337.809050][ T9027] netlink: 'syz.3.1221': attribute type 29 has an invalid length.
[  337.857845][ T9027] netlink: 'syz.3.1221': attribute type 29 has an invalid length.
[  338.523959][ T9045] netlink: 'syz.2.1227': attribute type 29 has an invalid length.
[  338.549343][ T9045] netlink: 'syz.2.1227': attribute type 29 has an invalid length.
[  339.574748][ T9062] syzkaller0: entered promiscuous mode
[  339.583253][ T9062] syzkaller0: entered allmulticast mode
[  339.778085][ T9072] netlink: 'syz.2.1232': attribute type 29 has an invalid length.
[  339.914141][ T9072] netlink: 'syz.2.1232': attribute type 29 has an invalid length.
[  341.921457][ T9082] syzkaller0: entered promiscuous mode
[  341.933579][ T9082] syzkaller0: entered allmulticast mode
[  342.032970][ T9087] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1237'.
[  343.982634][ T9087] debugfs: Directory '!!�!' with parent 'ieee80211' already present!
[  345.683254][ T9130] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1253'.
[  345.786278][ T9130] debugfs: Directory '!!�!' with parent 'ieee80211' already present!
[  347.385979][ T9164] netlink: 'syz.0.1266': attribute type 39 has an invalid length.
[  348.514962][ T9183] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1268'.
[  348.947656][ T5792] Bluetooth: hci1: unexpected subevent 0x01 length: 150 > 18
[  348.955778][ T5792] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[  348.965660][ T5792] CPU: 1 PID: 5792 Comm: kworker/u5:3 Not tainted syzkaller #0
[  348.973296][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  348.983438][ T5792] Workqueue: hci1 hci_rx_work
[  348.988233][ T5792] Call Trace:
[  348.991580][ T5792]  <TASK>
[  348.994581][ T5792]  dump_stack_lvl+0x16c/0x230
[  348.999352][ T5792]  ? show_regs_print_info+0x20/0x20
[  349.004604][ T5792]  ? load_image+0x3b0/0x3b0
[  349.009212][ T5792]  sysfs_create_dir_ns+0x256/0x280
[  349.014681][ T5792]  ? hci_rx_work+0x43a/0xd80
[  349.019334][ T5792]  ? sysfs_warn_dup+0xa0/0xa0
[  349.024071][ T5792]  ? do_raw_spin_unlock+0x121/0x230
[  349.029338][ T5792]  kobject_add_internal+0x6b8/0xc70
[  349.034627][ T5792]  kobject_add+0x156/0x220
[  349.039087][ T5792]  ? __rwlock_init+0x150/0x150
[  349.043910][ T5792]  ? kobject_init+0x1e0/0x1e0
[  349.048653][ T5792]  ? _raw_spin_unlock+0x28/0x40
[  349.053562][ T5792]  ? get_device_parent+0x366/0x390
[  349.058790][ T5792]  device_add+0x408/0xc20
[  349.063189][ T5792]  hci_conn_add_sysfs+0xd5/0x1e0
[  349.068176][ T5792]  le_conn_complete_evt+0xf36/0x1500
[  349.073543][ T5792]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  349.079841][ T5792]  ? bt_info+0x160/0x160
[  349.084133][ T5792]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  349.089831][ T5792]  ? skb_pull_data+0xfb/0x200
[  349.094568][ T5792]  hci_le_conn_complete_evt+0x187/0x440
[  349.100267][ T5792]  ? hci_remote_host_features_evt+0x160/0x160
[  349.106416][ T5792]  hci_event_packet+0x795/0x1210
[  349.111426][ T5792]  ? bis_list+0x290/0x290
[  349.116002][ T5792]  ? lockdep_hardirqs_on+0x98/0x150
[  349.121249][ T5792]  ? hci_send_to_monitor+0xd7/0x4f0
[  349.126600][ T5792]  hci_rx_work+0x43a/0xd80
[  349.131114][ T5792]  ? process_scheduled_works+0x957/0x15b0
[  349.136880][ T5792]  process_scheduled_works+0xa45/0x15b0
[  349.142592][ T5792]  ? assign_work+0x400/0x400
[  349.147250][ T5792]  ? assign_work+0x39e/0x400
[  349.151898][ T5792]  worker_thread+0xa55/0xfc0
[  349.156713][ T5792]  kthread+0x2fa/0x390
[  349.160816][ T5792]  ? pr_cont_work+0x560/0x560
[  349.165620][ T5792]  ? kthread_blkcg+0xd0/0xd0
[  349.170249][ T5792]  ret_from_fork+0x48/0x80
[  349.174718][ T5792]  ? kthread_blkcg+0xd0/0xd0
[  349.179361][ T5792]  ret_from_fork_asm+0x11/0x20
[  349.184215][ T5792]  </TASK>
[  349.189569][ T5792] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  349.203626][ T5792] Bluetooth: hci1: failed to register connection device
[  349.208759][ T9183] debugfs: Directory '!!�!' with parent 'ieee80211' already present!
[  349.533684][ T9197] netlink: 'syz.2.1277': attribute type 10 has an invalid length.
[  349.586048][ T9197] team0: Port device hsr_slave_0 added
[  349.754605][ T9200] netlink: 'syz.2.1279': attribute type 39 has an invalid length.
[  350.356727][ T9209] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.420422][ T9209] bridge0: entered allmulticast mode
[  350.536500][ T9211] bridge_slave_0: left allmulticast mode
[  350.593617][ T9211] bridge_slave_0: left promiscuous mode
[  350.619840][ T9211] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.865357][ T9242] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.1295'.
[  352.921805][ T9245] netlink: 'syz.3.1296': attribute type 39 has an invalid length.
[  357.943948][ T9272] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1313'.
[  357.983660][ T9272] sysfs: cannot create duplicate filename '/class/ieee80211/!!�!'
[  358.000677][ T9272] CPU: 0 PID: 9272 Comm: syz.0.1313 Not tainted syzkaller #0
[  358.008142][ T9272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  358.018275][ T9272] Call Trace:
[  358.021601][ T9272]  <TASK>
[  358.024591][ T9272]  dump_stack_lvl+0x16c/0x230
[  358.029335][ T9272]  ? show_regs_print_info+0x20/0x20
[  358.034588][ T9272]  ? load_image+0x3b0/0x3b0
[  358.039157][ T9272]  sysfs_warn_dup+0x8e/0xa0
[  358.043720][ T9272]  sysfs_do_create_link_sd+0xc0/0x110
[  358.049167][ T9272]  device_add_class_symlinks+0x1cf/0x240
[  358.055043][ T9272]  device_add+0x507/0xc20
[  358.059430][ T9272]  wiphy_register+0x1e74/0x2c00
[  358.064327][ T9272]  ? cfg80211_event_work+0x40/0x40
[  358.069489][ T9272]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  358.075683][ T9272]  ieee80211_register_hw+0x2de8/0x3b10
[  358.081202][ T9272]  ? ieee80211_register_hw+0xed1/0x3b10
[  358.086791][ T9272]  ? ieee80211_tasklet_handler+0x20/0x20
[  358.092453][ T9272]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  358.098455][ T9272]  ? __debug_object_init+0xe8/0x430
[  358.103685][ T9272]  ? __asan_memset+0x22/0x40
[  358.108324][ T9272]  ? __hrtimer_init+0x186/0x270
[  358.113196][ T9272]  mac80211_hwsim_new_radio+0x2a00/0x4cf0
[  358.118957][ T9272]  ? mac80211_hwsim_free+0x220/0x220
[  358.124257][ T9272]  ? rcu_is_watching+0x15/0xb0
[  358.129044][ T9272]  ? kstrndup+0xbd/0x140
[  358.133346][ T9272]  hwsim_new_radio_nl+0xd78/0x19d0
[  358.138490][ T9272]  ? mark_lock+0x94/0x320
[  358.142856][ T9272]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  358.149214][ T9272]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  358.155824][ T9272]  ? lockdep_hardirqs_on+0x98/0x150
[  358.161042][ T9272]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  358.167235][ T9272]  genl_family_rcv_msg_doit+0x209/0x2f0
[  358.172814][ T9272]  ? genl_family_rcv_msg_dumpit+0x2c0/0x2c0
[  358.178745][ T9272]  ? bpf_lsm_capable+0x9/0x10
[  358.183474][ T9272]  ? security_capable+0x89/0xb0
[  358.188356][ T9272]  genl_rcv_msg+0x60b/0x790
[  358.192896][ T9272]  ? genl_bind+0x360/0x360
[  358.197858][ T9272]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  358.204221][ T9272]  netlink_rcv_skb+0x216/0x480
[  358.209015][ T9272]  ? genl_bind+0x360/0x360
[  358.213462][ T9272]  ? netlink_ack+0x1110/0x1110
[  358.218346][ T9272]  ? __lock_acquire+0x7c80/0x7c80
[  358.223398][ T9272]  ? down_read+0x1ac/0x2e0
[  358.228011][ T9272]  genl_rcv+0x28/0x40
[  358.232023][ T9272]  netlink_unicast+0x751/0x8d0
[  358.236821][ T9272]  netlink_sendmsg+0x8c1/0xbe0
[  358.241717][ T9272]  ? netlink_getsockopt+0x580/0x580
[  358.247064][ T9272]  ? aa_sock_msg_perm+0x94/0x150
[  358.252042][ T9272]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  358.257793][ T9272]  ? security_socket_sendmsg+0x80/0xa0
[  358.263308][ T9272]  ? netlink_getsockopt+0x580/0x580
[  358.268532][ T9272]  ____sys_sendmsg+0x5bf/0x950
[  358.273369][ T9272]  ? __asan_memset+0x22/0x40
[  358.277999][ T9272]  ? __sys_sendmsg_sock+0x30/0x30
[  358.283059][ T9272]  ? __import_iovec+0x5f2/0x860
[  358.288021][ T9272]  ? import_iovec+0x73/0xa0
[  358.292573][ T9272]  ___sys_sendmsg+0x220/0x290
[  358.297277][ T9272]  ? __sys_sendmsg+0x270/0x270
[  358.302083][ T9272]  ? seqcount_lockdep_reader_access+0x160/0x1c0
[  358.308385][ T9272]  __se_sys_sendmsg+0x1a5/0x270
[  358.313360][ T9272]  ? __x64_sys_sendmsg+0x80/0x80
[  358.318359][ T9272]  ? lockdep_hardirqs_on+0x98/0x150
[  358.323576][ T9272]  do_syscall_64+0x55/0xb0
[  358.328040][ T9272]  ? clear_bhb_loop+0x40/0x90
[  358.332732][ T9272]  ? clear_bhb_loop+0x40/0x90
[  358.337434][ T9272]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  358.343361][ T9272] RIP: 0033:0x7f2609d8f749
[  358.347812][ T9272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.367543][ T9272] RSP: 002b:00007f260acb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  358.376007][ T9272] RAX: ffffffffffffffda RBX: 00007f2609fe5fa0 RCX: 00007f2609d8f749
[  358.384009][ T9272] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  358.392003][ T9272] RBP: 00007f2609e13f91 R08: 0000000000000000 R09: 0000000000000000
[  358.400050][ T9272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  358.408062][ T9272] R13: 00007f2609fe6038 R14: 00007f2609fe5fa0 R15: 00007fffbb709478
[  358.416094][ T9272]  </TASK>
[  359.224461][ T9296] netlink: 'syz.2.1312': attribute type 10 has an invalid length.
[  359.987281][ T9291] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  361.650003][ T9296] team0: Port device wlan1 added
[  361.852100][ T9303] netlink: 'syz.3.1316': attribute type 10 has an invalid length.
[  361.906898][ T9303] team0: Port device hsr_slave_0 added
[  363.487755][ T5793] Bluetooth: hci1: Malformed LE Event: 0x0d
[  363.541101][ T9336] netlink: 'syz.3.1327': attribute type 33 has an invalid length.
[  363.590349][ T9336] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1327'.
[  363.621361][ T9335] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.637772][ T9335] bridge0: entered allmulticast mode
[  363.725922][ T9339] bridge_slave_0: left allmulticast mode
[  363.731652][ T9339] bridge_slave_0: left promiscuous mode
[  363.764726][ T9339] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.898977][ T9343] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1332'.
[  363.973025][ T9343] sysfs: cannot create duplicate filename '/class/ieee80211/!!�!'
[  363.987397][ T9343] CPU: 1 PID: 9343 Comm: syz.0.1332 Not tainted syzkaller #0
[  363.994850][ T9343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  364.004951][ T9343] Call Trace:
[  364.008297][ T9343]  <TASK>
[  364.011284][ T9343]  dump_stack_lvl+0x16c/0x230
[  364.016029][ T9343]  ? show_regs_print_info+0x20/0x20
[  364.021310][ T9343]  ? load_image+0x3b0/0x3b0
[  364.025888][ T9343]  sysfs_warn_dup+0x8e/0xa0
[  364.030462][ T9343]  sysfs_do_create_link_sd+0xc0/0x110
[  364.035898][ T9343]  device_add_class_symlinks+0x1cf/0x240
[  364.041590][ T9343]  device_add+0x507/0xc20
[  364.046076][ T9343]  wiphy_register+0x1e74/0x2c00
[  364.051007][ T9343]  ? cfg80211_event_work+0x40/0x40
[  364.056177][ T9343]  ? minstrel_ht_alloc+0x88a/0x990
[  364.061357][ T9343]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  364.067494][ T9343]  ieee80211_register_hw+0x2de8/0x3b10
[  364.073130][ T9343]  ? ieee80211_register_hw+0xed1/0x3b10
[  364.078793][ T9343]  ? ieee80211_tasklet_handler+0x20/0x20
[  364.084501][ T9343]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  364.090468][ T9343]  ? __debug_object_init+0xe8/0x430
[  364.095741][ T9343]  ? __asan_memset+0x22/0x40
[  364.100447][ T9343]  ? __hrtimer_init+0x186/0x270
[  364.105363][ T9343]  mac80211_hwsim_new_radio+0x2a00/0x4cf0
[  364.111165][ T9343]  ? mac80211_hwsim_free+0x220/0x220
[  364.116529][ T9343]  ? rcu_is_watching+0x15/0xb0
[  364.121372][ T9343]  ? kstrndup+0xbd/0x140
[  364.125665][ T9343]  hwsim_new_radio_nl+0xd78/0x19d0
[  364.130800][ T9343]  ? __nla_validate+0x50/0x50
[  364.135517][ T9343]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  364.141979][ T9343]  ? __nla_parse+0x40/0x50
[  364.146424][ T9343]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  364.152791][ T9343]  genl_family_rcv_msg_doit+0x209/0x2f0
[  364.158370][ T9343]  ? genl_family_rcv_msg_dumpit+0x2c0/0x2c0
[  364.164286][ T9343]  ? lockdep_hardirqs_on+0x98/0x150
[  364.169544][ T9343]  ? genl_rcv_msg+0x5e8/0x790
[  364.174251][ T9343]  genl_rcv_msg+0x60b/0x790
[  364.178785][ T9343]  ? genl_bind+0x360/0x360
[  364.183227][ T9343]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  364.189227][ T9343]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  364.195712][ T9343]  ? ref_tracker_free+0x634/0x7d0
[  364.200769][ T9343]  netlink_rcv_skb+0x216/0x480
[  364.205556][ T9343]  ? genl_bind+0x360/0x360
[  364.210006][ T9343]  ? netlink_ack+0x1110/0x1110
[  364.214803][ T9343]  ? __lock_acquire+0x7c80/0x7c80
[  364.219945][ T9343]  ? down_read+0x1ac/0x2e0
[  364.224581][ T9343]  genl_rcv+0x28/0x40
[  364.228624][ T9343]  netlink_unicast+0x751/0x8d0
[  364.233420][ T9343]  netlink_sendmsg+0x8c1/0xbe0
[  364.238232][ T9343]  ? netlink_getsockopt+0x580/0x580
[  364.243545][ T9343]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  364.249560][ T9343]  ? aa_sock_msg_perm+0x94/0x150
[  364.254526][ T9343]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  364.259829][ T9343]  ? security_socket_sendmsg+0x80/0xa0
[  364.265316][ T9343]  ? netlink_getsockopt+0x580/0x580
[  364.270539][ T9343]  ____sys_sendmsg+0x5bf/0x950
[  364.275402][ T9343]  ? __asan_memset+0x22/0x40
[  364.280056][ T9343]  ? __sys_sendmsg_sock+0x30/0x30
[  364.285107][ T9343]  ? __import_iovec+0x5f2/0x860
[  364.289995][ T9343]  ? import_iovec+0x73/0xa0
[  364.294532][ T9343]  ___sys_sendmsg+0x220/0x290
[  364.299241][ T9343]  ? __sys_sendmsg+0x270/0x270
[  364.304287][ T9343]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  364.310498][ T9343]  __se_sys_sendmsg+0x1a5/0x270
[  364.315382][ T9343]  ? __x64_sys_sendmsg+0x80/0x80
[  364.320369][ T9343]  ? lockdep_hardirqs_on+0x98/0x150
[  364.325763][ T9343]  do_syscall_64+0x55/0xb0
[  364.330200][ T9343]  ? clear_bhb_loop+0x40/0x90
[  364.334898][ T9343]  ? clear_bhb_loop+0x40/0x90
[  364.339605][ T9343]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  364.345531][ T9343] RIP: 0033:0x7f2609d8f749
[  364.349967][ T9343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.369586][ T9343] RSP: 002b:00007f260acb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  364.378018][ T9343] RAX: ffffffffffffffda RBX: 00007f2609fe5fa0 RCX: 00007f2609d8f749
[  364.386013][ T9343] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  364.394176][ T9343] RBP: 00007f2609e13f91 R08: 0000000000000000 R09: 0000000000000000
[  364.402167][ T9343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  364.410160][ T9343] R13: 00007f2609fe6038 R14: 00007f2609fe5fa0 R15: 00007fffbb709478
[  364.418170][ T9343]  </TASK>
[  365.468158][ T5793] Bluetooth: hci0: Malformed LE Event: 0x0d
[  365.662046][ T9378] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.676772][ T9378] bridge0: entered allmulticast mode
[  365.729510][ T9374] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1345'.
[  365.841951][ T9379] bridge_slave_0: left allmulticast mode
[  365.902362][ T9379] bridge_slave_0: left promiscuous mode
[  365.918833][ T9379] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.073948][ T9419] netlink: 17279 bytes leftover after parsing attributes in process `syz.0.1362'.
[  371.978865][ T5793] Bluetooth: hci1: unexpected subevent 0x0c length: 150 > 5
[  372.188887][ T9446] netlink: 17279 bytes leftover after parsing attributes in process `syz.3.1374'.
[  372.503852][ T9450] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1377'.
[  372.844690][ T5793] Bluetooth: hci1: unexpected event 0x0b length: 151 > 11
[  374.267666][ T9467] netlink: 'syz.0.1384': attribute type 10 has an invalid length.
[  374.378810][ T9467] team0: Port device wlan1 added
[  374.417477][ T9465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  374.576788][ T9467] syz.0.1384 (9467) used greatest stack depth: 18216 bytes left
[  374.856139][ T5793] Bluetooth: hci0: unexpected event 0x0b length: 151 > 11
[  375.123719][ T9488] netlink: 17279 bytes leftover after parsing attributes in process `syz.1.1392'.
[  376.365629][ T9498] netlink: 'syz.3.1397': attribute type 10 has an invalid length.
[  376.501932][ T9498] team0: Port device wlan1 added
[  376.573040][ T9497] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  376.769345][ T9498] syz.3.1397 (9498) used greatest stack depth: 17832 bytes left
[  376.868355][ T5793] Bluetooth: hci0: command 0x0406 tx timeout
[  377.562486][ T5792] Bluetooth: hci2: unexpected event 0x0b length: 151 > 11
[  378.308740][ T9509] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  378.875841][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  378.882304][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  378.958063][ T5792] Bluetooth: hci0: command 0x0406 tx timeout
[  379.409506][ T9529] netlink: 17279 bytes leftover after parsing attributes in process `syz.2.1408'.
[  381.385953][ T9511] netlink: 'syz.1.1411': attribute type 10 has an invalid length.
[  381.406081][ T9511] team0: Port device wlan1 added
[  381.964725][ T9548] netlink: 17279 bytes leftover after parsing attributes in process `syz.0.1427'.
[  384.840498][ T9563] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1425'.
[  385.012981][ T9566] syzkaller0: entered promiscuous mode
[  385.025150][ T9566] syzkaller0: entered allmulticast mode
[  388.540231][ T9586] syz.3.1442[9586] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  388.540380][ T9586] syz.3.1442[9586] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  389.128409][ T5793] Bluetooth: hci3: unexpected subevent 0x0a length: 150 > 30
[  389.147892][ T5793] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0'
[  389.157553][ T5793] CPU: 0 PID: 5793 Comm: kworker/u5:4 Not tainted syzkaller #0
[  389.165133][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  389.175219][ T5793] Workqueue: hci3 hci_rx_work
[  389.180204][ T5793] Call Trace:
[  389.183508][ T5793]  <TASK>
[  389.186469][ T5793]  dump_stack_lvl+0x16c/0x230
[  389.191197][ T5793]  ? show_regs_print_info+0x20/0x20
[  389.196518][ T5793]  ? load_image+0x3b0/0x3b0
[  389.201071][ T5793]  sysfs_create_dir_ns+0x256/0x280
[  389.206227][ T5793]  ? hci_rx_work+0x43a/0xd80
[  389.210854][ T5793]  ? sysfs_warn_dup+0xa0/0xa0
[  389.215578][ T5793]  ? do_raw_spin_unlock+0x121/0x230
[  389.220825][ T5793]  kobject_add_internal+0x6b8/0xc70
[  389.226087][ T5793]  kobject_add+0x156/0x220
[  389.230558][ T5793]  ? __rwlock_init+0x150/0x150
[  389.235378][ T5793]  ? kobject_init+0x1e0/0x1e0
[  389.240079][ T5793]  ? _raw_spin_unlock+0x28/0x40
[  389.244949][ T5793]  ? get_device_parent+0x366/0x390
[  389.250087][ T5793]  device_add+0x408/0xc20
[  389.254440][ T5793]  hci_conn_add_sysfs+0xd5/0x1e0
[  389.259396][ T5793]  le_conn_complete_evt+0xf36/0x1500
[  389.264714][ T5793]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  389.270981][ T5793]  ? bt_info+0x160/0x160
[  389.275253][ T5793]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  389.280921][ T5793]  ? skb_pull_data+0xfb/0x200
[  389.285651][ T5793]  hci_le_enh_conn_complete_evt+0x189/0x460
[  389.291570][ T5793]  ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0
[  389.298010][ T5793]  ? hci_remote_host_features_evt+0x160/0x160
[  389.304109][ T5793]  hci_event_packet+0x795/0x1210
[  389.309164][ T5793]  ? bis_list+0x290/0x290
[  389.313511][ T5793]  ? lockdep_hardirqs_on+0x98/0x150
[  389.318729][ T5793]  ? hci_send_to_monitor+0xd7/0x4f0
[  389.323951][ T5793]  hci_rx_work+0x43a/0xd80
[  389.328495][ T5793]  ? process_scheduled_works+0x957/0x15b0
[  389.334252][ T5793]  process_scheduled_works+0xa45/0x15b0
[  389.339837][ T5793]  ? assign_work+0x400/0x400
[  389.344545][ T5793]  ? assign_work+0x39e/0x400
[  389.349161][ T5793]  worker_thread+0xa55/0xfc0
[  389.353883][ T5793]  kthread+0x2fa/0x390
[  389.357968][ T5793]  ? pr_cont_work+0x560/0x560
[  389.362662][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  389.367274][ T5793]  ret_from_fork+0x48/0x80
[  389.371711][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  389.376578][ T5793]  ret_from_fork_asm+0x11/0x20
[  389.381376][ T5793]  </TASK>
[  389.391430][ T5793] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  389.405380][ T5793] Bluetooth: hci3: failed to register connection device
[  389.437307][ T9604] netlink: 'syz.1.1438': attribute type 10 has an invalid length.
[  389.496681][ T9604] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.517091][ T9604] team0: Port device bond0 added
[  389.825598][ T9613] netlink: 'syz.2.1443': attribute type 39 has an invalid length.
[  390.191380][ T9615] netlink: 'syz.1.1444': attribute type 10 has an invalid length.
[  390.229997][ T9615] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  390.581757][ T9615] batman_adv: batadv0: Removing interface: batadv_slave_0
[  390.613196][ T9615] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  391.157013][ T9627] netlink: 'syz.0.1457': attribute type 10 has an invalid length.
[  391.560038][ T9627] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.748921][ T9627] team0: Port device bond0 added
[  392.533287][ T5792] Bluetooth: hci2: unexpected subevent 0x0a length: 150 > 30
[  392.541194][ T5792] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0'
[  392.552255][ T5792] CPU: 0 PID: 5792 Comm: kworker/u5:3 Not tainted syzkaller #0
[  392.559873][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  392.569975][ T5792] Workqueue: hci2 hci_rx_work
[  392.574693][ T5792] Call Trace:
[  392.577997][ T5792]  <TASK>
[  392.580967][ T5792]  dump_stack_lvl+0x16c/0x230
[  392.585702][ T5792]  ? show_regs_print_info+0x20/0x20
[  392.590936][ T5792]  ? load_image+0x3b0/0x3b0
[  392.595480][ T5792]  sysfs_create_dir_ns+0x256/0x280
[  392.600622][ T5792]  ? hci_rx_work+0x43a/0xd80
[  392.605259][ T5792]  ? sysfs_warn_dup+0xa0/0xa0
[  392.610094][ T5792]  ? do_raw_spin_unlock+0x121/0x230
[  392.615328][ T5792]  kobject_add_internal+0x6b8/0xc70
[  392.620688][ T5792]  kobject_add+0x156/0x220
[  392.625147][ T5792]  ? __rwlock_init+0x150/0x150
[  392.629950][ T5792]  ? kobject_init+0x1e0/0x1e0
[  392.634683][ T5792]  ? _raw_spin_unlock+0x28/0x40
[  392.639561][ T5792]  ? get_device_parent+0x366/0x390
[  392.644706][ T5792]  device_add+0x408/0xc20
[  392.649100][ T5792]  hci_conn_add_sysfs+0xd5/0x1e0
[  392.654099][ T5792]  le_conn_complete_evt+0xf36/0x1500
[  392.659433][ T5792]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  392.665708][ T5792]  ? bt_info+0x160/0x160
[  392.669977][ T5792]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  392.675642][ T5792]  ? skb_pull_data+0xfb/0x200
[  392.680345][ T5792]  hci_le_enh_conn_complete_evt+0x189/0x460
[  392.686271][ T5792]  ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0
[  392.692716][ T5792]  ? hci_remote_host_features_evt+0x160/0x160
[  392.698808][ T5792]  hci_event_packet+0x795/0x1210
[  392.703777][ T5792]  ? bis_list+0x290/0x290
[  392.708136][ T5792]  ? lockdep_hardirqs_on+0x98/0x150
[  392.713353][ T5792]  ? hci_send_to_monitor+0xd7/0x4f0
[  392.718580][ T5792]  hci_rx_work+0x43a/0xd80
[  392.723030][ T5792]  ? process_scheduled_works+0x957/0x15b0
[  392.728780][ T5792]  process_scheduled_works+0xa45/0x15b0
[  392.734372][ T5792]  ? assign_work+0x400/0x400
[  392.738998][ T5792]  ? assign_work+0x39e/0x400
[  392.743620][ T5792]  worker_thread+0xa55/0xfc0
[  392.748275][ T5792]  kthread+0x2fa/0x390
[  392.752357][ T5792]  ? pr_cont_work+0x560/0x560
[  392.757064][ T5792]  ? kthread_blkcg+0xd0/0xd0
[  392.761674][ T5792]  ret_from_fork+0x48/0x80
[  392.766115][ T5792]  ? kthread_blkcg+0xd0/0xd0
[  392.770736][ T5792]  ret_from_fork_asm+0x11/0x20
[  392.775693][ T5792]  </TASK>
[  392.780039][ T5792] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  392.794056][ T5792] Bluetooth: hci2: failed to register connection device
[  392.815870][ T9648] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1455'.
[  393.477253][ T9652] netlink: 'syz.3.1461': attribute type 10 has an invalid length.
[  393.511943][ T9652] 8021q: adding VLAN 0 to HW filter on device bond0
[  393.526313][ T9652] team0: Port device bond0 added
[  393.528752][ T9654] syz.0.1459[9654] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  393.541391][ T9654] syz.0.1459[9654] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  396.615739][ T5792] Bluetooth: hci1: unexpected subevent 0x0a length: 150 > 30
[  396.637390][ T5792] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  396.730264][ T9690] syz.1.1472[9690] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  396.730411][ T9690] syz.1.1472[9690] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  398.128466][ T9699] delete_channel: no stack
[  398.387428][ T9704] netlink: 'syz.3.1478': attribute type 39 has an invalid length.
[  398.563442][ T9704] syz_tun (unregistering): left allmulticast mode
[  398.574151][ T9704] syz_tun (unregistering): left promiscuous mode
[  398.582642][ T9704] ��
: port 1(syz_tun) entered disabled state
[  398.811422][ T5792] Bluetooth: hci0: unexpected subevent 0x0a length: 150 > 30
[  398.825566][ T5792] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  400.359013][ T9732] delete_channel: no stack
[  400.730979][ T9746] netlink: 'syz.1.1496': attribute type 39 has an invalid length.
[  400.871400][ T9746] syz_tun (unregistering): left allmulticast mode
[  400.887759][ T9746] syz_tun (unregistering): left promiscuous mode
[  400.894301][ T9746] ��
: port 1(syz_tun) entered disabled state
[  402.240085][ T9761] netlink: 'syz.0.1511': attribute type 10 has an invalid length.
[  402.310988][ T9761] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  402.729959][ T9761] batman_adv: batadv0: Removing interface: batadv_slave_0
[  402.909279][ T9761] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  403.122671][ T9762] delete_channel: no stack
[  403.714152][ T9777] syzkaller0: entered promiscuous mode
[  403.785209][ T9777] syzkaller0: entered allmulticast mode
[  406.691508][ T9792] netlink: 'syz.3.1516': attribute type 10 has an invalid length.
[  406.699579][ T9792] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  406.710779][ T9792] batman_adv: batadv0: Removing interface: batadv_slave_0
[  406.730167][ T9792] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  407.122136][ T9799] delete_channel: no stack
[  407.721897][ T9813] netlink: 'syz.2.1525': attribute type 10 has an invalid length.
[  407.733293][ T9813] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  407.846064][ T9813] batman_adv: batadv0: Removing interface: batadv_slave_0
[  408.017053][ T9813] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  409.423892][ T9830] delete_channel: no stack
[  410.561925][ T9847] netlink: 'syz.0.1538': attribute type 10 has an invalid length.
[  411.997518][ T9857] delete_channel: no stack
[  412.177148][ T5793] Bluetooth: hci2: unexpected event 0x01 length: 151 > 1
[  412.621868][ T9869] delete_channel: no stack
[  413.473179][ T9880] netlink: 'syz.3.1552': attribute type 10 has an invalid length.
[  414.197412][ T9886] netlink: 'syz.3.1564': attribute type 10 has an invalid length.
[  415.539787][ T9912] syz.2.1563[9912] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  415.540140][ T9912] syz.2.1563[9912] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  415.572222][ T9913] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1562'.
[  415.690252][ T9910] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1562'.
[  416.426999][ T9924] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1576'.
[  416.737611][ T5793] Bluetooth: hci3: unexpected subevent 0x0c length: 150 > 5
[  419.092208][ T9965] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1583'.
[  419.401879][ T9971] lo: entered allmulticast mode
[  419.545664][ T9971] lo: entered promiscuous mode
[  419.550529][ T9971] lo: left allmulticast mode
[  419.799819][ T9977] netlink: 'syz.2.1587': attribute type 10 has an invalid length.
[  420.316579][ T9990] syz.3.1601[9990] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  420.316755][ T9990] syz.3.1601[9990] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  421.559558][T10001] syzkaller0: entered promiscuous mode
[  421.576761][T10001] syzkaller0: entered allmulticast mode
[  421.814152][T10014] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1600'.
[  423.659137][ T5793] Bluetooth: hci3: unexpected event 0x01 length: 151 > 1
[  424.133758][T10032] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1605'.
[  424.355384][T10029] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1605'.
[  424.494574][T10033] delete_channel: no stack
[  425.888224][ T5793] Bluetooth: hci2: unexpected subevent 0x0c length: 150 > 5
[  426.458943][T10064] netlink: 'syz.3.1617': attribute type 6 has an invalid length.
[  426.501335][T10064] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1617'.
[  426.660893][T10067] netlink: 'syz.1.1618': attribute type 10 has an invalid length.
[  426.696872][T10067] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1618'.
[  427.224862][T10080] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1621'.
[  427.264234][T10078] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1621'.
[  428.417904][T10093] lo: entered allmulticast mode
[  428.658782][T10096] lo: entered promiscuous mode
[  428.683170][T10096] lo: left allmulticast mode
[  429.274755][T10105] delete_channel: no stack
[  430.668057][T10123] lo: entered allmulticast mode
[  430.729850][T10122] netlink: 'syz.2.1646': attribute type 10 has an invalid length.
[  430.754714][T10122] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1646'.
[  430.789000][T10123] lo: entered promiscuous mode
[  430.798924][T10123] lo: left allmulticast mode
[  430.835243][T10126] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1635'.
[  430.866857][T10124] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1635'.
[  431.000323][T10128] netlink: 'syz.1.1640': attribute type 10 has an invalid length.
[  431.610929][T10146] IPv6: NLM_F_REPLACE set, but no existing node found!
[  431.703566][T10148] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1655'.
[  431.737268][T10147] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1655'.
[  432.586807][T10159] netlink: 'syz.0.1652': attribute type 10 has an invalid length.
[  432.617391][T10159] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1652'.
[  433.224283][T10165] delete_channel: no stack
[  434.062183][T10196] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1664'.
[  434.086041][T10189] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1664'.
[  434.213516][T10193] netlink: 'syz.3.1665': attribute type 10 has an invalid length.
[  434.224750][T10193] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1665'.
[  435.006208][T10204] syzkaller0: entered promiscuous mode
[  435.055773][T10204] syzkaller0: entered allmulticast mode
[  437.676290][T10231] netlink: 'syz.2.1677': attribute type 10 has an invalid length.
[  437.684425][T10231] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1677'.
[  437.702268][T10235] netlink: 'syz.3.1679': attribute type 30 has an invalid length.
[  437.898069][T10238] netlink: 'syz.0.1680': attribute type 10 has an invalid length.
[  438.046232][T10244] netlink: 'syz.1.1683': attribute type 6 has an invalid length.
[  438.070118][T10244] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1683'.
[  438.159557][T10250] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1682'.
[  438.178872][T10249] IPv6: NLM_F_REPLACE set, but no existing node found!
[  438.207884][T10246] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1682'.
[  438.736078][T10262] delete_channel: no stack
[  439.453757][T10271] netlink: 'syz.3.1693': attribute type 10 has an invalid length.
[  439.468173][T10278] netlink: 'syz.2.1695': attribute type 6 has an invalid length.
[  439.477653][T10278] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1695'.
[  439.699704][T10285] IPv6: NLM_F_REPLACE set, but no existing node found!
[  439.955889][T10289] delete_channel: no stack
[  440.190625][T10296] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1701'.
[  440.266239][T10293] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1701'.
[  440.311098][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  440.318066][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  440.533374][T10305] netlink: 'syz.3.1706': attribute type 10 has an invalid length.
[  441.212983][T10325] delete_channel: no stack
[  441.217878][T10327] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1718'.
[  441.252682][T10324] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1718'.
[  441.382156][T10332] IPv6: NLM_F_REPLACE set, but no existing node found!
[  442.499139][T10344] syzkaller0: entered promiscuous mode
[  442.523356][T10344] syzkaller0: entered allmulticast mode
[  445.128820][T10361] IPv6: NLM_F_REPLACE set, but no existing node found!
[  445.136977][T10369] netlink: 'syz.0.1730': attribute type 30 has an invalid length.
[  445.384107][T10384] netlink: 'syz.2.1742': attribute type 30 has an invalid length.
[  445.662418][T10391] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  445.670310][T10391] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  446.136653][T10410] netlink: 'syz.2.1744': attribute type 39 has an invalid length.
[  446.472873][T10414] netlink: 'syz.1.1748': attribute type 30 has an invalid length.
[  447.780436][T10435] netlink: 'syz.3.1757': attribute type 10 has an invalid length.
[  454.829684][T10510] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  454.837155][T10510] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  456.550939][T10512] netlink: 'syz.0.1795': attribute type 21 has an invalid length.
[  456.559138][T10512] IPv6: NLM_F_CREATE should be specified when creating new route
[  456.568718][T10512] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  456.576025][T10512] IPv6: NLM_F_CREATE should be set when creating new route
[  456.583323][T10512] IPv6: NLM_F_CREATE should be set when creating new route
[  456.590736][T10512] IPv6: NLM_F_CREATE should be set when creating new route
[  456.598922][T10517] netlink: 'syz.1.1788': attribute type 21 has an invalid length.
[  456.765876][T10521] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  467.238682][T10631] netlink: 'syz.2.1833': attribute type 21 has an invalid length.
[  467.549135][ T5793] Bluetooth: hci3: unexpected subevent 0x01 length: 150 > 18
[  467.558149][ T5793] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0'
[  467.567831][ T5793] CPU: 0 PID: 5793 Comm: kworker/u5:4 Not tainted syzkaller #0
[  467.575435][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  467.585531][ T5793] Workqueue: hci3 hci_rx_work
[  467.590273][ T5793] Call Trace:
[  467.593589][ T5793]  <TASK>
[  467.596553][ T5793]  dump_stack_lvl+0x16c/0x230
[  467.601283][ T5793]  ? show_regs_print_info+0x20/0x20
[  467.606639][ T5793]  ? load_image+0x3b0/0x3b0
[  467.611228][ T5793]  sysfs_create_dir_ns+0x256/0x280
[  467.616399][ T5793]  ? hci_rx_work+0x43a/0xd80
[  467.621037][ T5793]  ? sysfs_warn_dup+0xa0/0xa0
[  467.625762][ T5793]  ? do_raw_spin_unlock+0x121/0x230
[  467.631007][ T5793]  kobject_add_internal+0x6b8/0xc70
[  467.636255][ T5793]  kobject_add+0x156/0x220
[  467.640802][ T5793]  ? __rwlock_init+0x150/0x150
[  467.645610][ T5793]  ? kobject_init+0x1e0/0x1e0
[  467.650321][ T5793]  ? _raw_spin_unlock+0x28/0x40
[  467.655309][ T5793]  ? get_device_parent+0x366/0x390
[  467.660478][ T5793]  device_add+0x408/0xc20
[  467.664859][ T5793]  hci_conn_add_sysfs+0xd5/0x1e0
[  467.669845][ T5793]  le_conn_complete_evt+0xf36/0x1500
[  467.675193][ T5793]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  467.681492][ T5793]  ? bt_info+0x160/0x160
[  467.685781][ T5793]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  467.691472][ T5793]  ? skb_pull_data+0xfb/0x200
[  467.696199][ T5793]  hci_le_conn_complete_evt+0x187/0x440
[  467.701793][ T5793]  ? hci_remote_host_features_evt+0x160/0x160
[  467.707900][ T5793]  hci_event_packet+0x795/0x1210
[  467.712971][ T5793]  ? bis_list+0x290/0x290
[  467.717342][ T5793]  ? lockdep_hardirqs_on+0x98/0x150
[  467.722580][ T5793]  ? hci_send_to_monitor+0xd7/0x4f0
[  467.727829][ T5793]  hci_rx_work+0x43a/0xd80
[  467.732307][ T5793]  ? process_scheduled_works+0x957/0x15b0
[  467.738157][ T5793]  process_scheduled_works+0xa45/0x15b0
[  467.743779][ T5793]  ? assign_work+0x400/0x400
[  467.748417][ T5793]  ? assign_work+0x39e/0x400
[  467.753136][ T5793]  worker_thread+0xa55/0xfc0
[  467.757789][ T5793]  kthread+0x2fa/0x390
[  467.761895][ T5793]  ? pr_cont_work+0x560/0x560
[  467.766611][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  467.771328][ T5793]  ret_from_fork+0x48/0x80
[  467.775917][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  467.780542][ T5793]  ret_from_fork_asm+0x11/0x20
[  467.785363][ T5793]  </TASK>
[  467.794963][ T5793] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  467.809245][ T5793] Bluetooth: hci3: failed to register connection device
[  468.047773][ T5793] Bluetooth: hci1: unknown advertising packet type: 0x65
[  468.636116][T10657] netlink: 'syz.0.1843': attribute type 21 has an invalid length.
[  468.677788][T10655] netlink: 'syz.2.1842': attribute type 10 has an invalid length.
[  468.798122][T10655] team0: Port device geneve1 added
[  469.618953][ T5793] Bluetooth: hci2: unexpected subevent 0x01 length: 150 > 18
[  469.626980][ T5793] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0'
[  469.636481][ T5793] CPU: 0 PID: 5793 Comm: kworker/u5:4 Not tainted syzkaller #0
[  469.644090][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  469.654399][ T5793] Workqueue: hci2 hci_rx_work
[  469.659147][ T5793] Call Trace:
[  469.662459][ T5793]  <TASK>
[  469.665444][ T5793]  dump_stack_lvl+0x16c/0x230
[  469.670267][ T5793]  ? show_regs_print_info+0x20/0x20
[  469.675548][ T5793]  ? load_image+0x3b0/0x3b0
[  469.680157][ T5793]  sysfs_create_dir_ns+0x256/0x280
[  469.685442][ T5793]  ? hci_rx_work+0x43a/0xd80
[  469.690094][ T5793]  ? sysfs_warn_dup+0xa0/0xa0
[  469.694889][ T5793]  ? do_raw_spin_unlock+0x121/0x230
[  469.700133][ T5793]  kobject_add_internal+0x6b8/0xc70
[  469.705457][ T5793]  kobject_add+0x156/0x220
[  469.709897][ T5793]  ? __rwlock_init+0x150/0x150
[  469.714773][ T5793]  ? kobject_init+0x1e0/0x1e0
[  469.719479][ T5793]  ? _raw_spin_unlock+0x28/0x40
[  469.724359][ T5793]  ? get_device_parent+0x366/0x390
[  469.729589][ T5793]  device_add+0x408/0xc20
[  469.733948][ T5793]  hci_conn_add_sysfs+0xd5/0x1e0
[  469.738934][ T5793]  le_conn_complete_evt+0xf36/0x1500
[  469.744259][ T5793]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  469.750537][ T5793]  ? bt_info+0x160/0x160
[  469.754813][ T5793]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  469.760486][ T5793]  ? skb_pull_data+0xfb/0x200
[  469.765198][ T5793]  hci_le_conn_complete_evt+0x187/0x440
[  469.770782][ T5793]  ? hci_remote_host_features_evt+0x160/0x160
[  469.777050][ T5793]  hci_event_packet+0x795/0x1210
[  469.782054][ T5793]  ? bis_list+0x290/0x290
[  469.786433][ T5793]  ? lockdep_hardirqs_on+0x98/0x150
[  469.791710][ T5793]  ? hci_send_to_monitor+0xd7/0x4f0
[  469.796955][ T5793]  hci_rx_work+0x43a/0xd80
[  469.801428][ T5793]  ? process_scheduled_works+0x957/0x15b0
[  469.807380][ T5793]  process_scheduled_works+0xa45/0x15b0
[  469.812992][ T5793]  ? assign_work+0x400/0x400
[  469.817622][ T5793]  ? assign_work+0x39e/0x400
[  469.822513][ T5793]  worker_thread+0xa55/0xfc0
[  469.827205][ T5793]  kthread+0x2fa/0x390
[  469.831304][ T5793]  ? pr_cont_work+0x560/0x560
[  469.836099][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  469.840730][ T5793]  ret_from_fork+0x48/0x80
[  469.845180][ T5793]  ? kthread_blkcg+0xd0/0xd0
[  469.849796][ T5793]  ret_from_fork_asm+0x11/0x20
[  469.854603][ T5793]  </TASK>
[  469.858490][ T5793] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  469.872717][ T5793] Bluetooth: hci2: failed to register connection device
[  471.470960][ T5793] Bluetooth: hci0: unexpected subevent 0x01 length: 150 > 18
[  474.381628][ T5792] Bluetooth: hci2: Malformed LE Event: 0x0b
[  475.667066][T10741] netlink: 'syz.1.1872': attribute type 10 has an invalid length.
[  476.335712][T10757] netlink: 'syz.0.1879': attribute type 39 has an invalid length.
[  478.310157][T10767] netlink: 'syz.3.1882': attribute type 10 has an invalid length.
[  478.361718][ T5792] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  478.371009][T10767] team0: Port device geneve1 added
[  479.706871][T10802] netlink: 'syz.0.1893': attribute type 10 has an invalid length.
[  480.106675][T10802] team0: Port device geneve1 added
[  481.486249][T10827] netlink: 'syz.2.1905': attribute type 10 has an invalid length.
[  481.559942][ T5792] Bluetooth: hci1: Malformed LE Event: 0x0b
[  482.036316][T10840] netlink: 'syz.3.1909': attribute type 29 has an invalid length.
[  482.055763][T10840] netlink: 'syz.3.1909': attribute type 29 has an invalid length.
[  484.799856][ T5792] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  485.227115][T10851] netlink: 'syz.1.1910': attribute type 10 has an invalid length.
[  485.288710][T10851] team0: Port device geneve1 added
[  485.975517][T10867] netlink: 'syz.3.1917': attribute type 10 has an invalid length.
[  486.126626][T10866] netlink: 'syz.1.1927': attribute type 10 has an invalid length.
[  486.351657][ T5792] Bluetooth: hci3: unexpected event 0x09 length: 15 > 3
[  489.505759][T10908] netlink: 'syz.0.1930': attribute type 10 has an invalid length.
[  489.554843][T10905] netlink: 'syz.1.1931': attribute type 10 has an invalid length.
[  489.767462][ T5792] Bluetooth: hci1: unexpected event 0x08 length: 15 > 4
[  490.431735][T10929] bridge0: port 3(veth1_to_team) entered blocking state
[  490.516323][T10929] bridge0: port 3(veth1_to_team) entered disabled state
[  490.608769][T10929] veth1_to_team: entered allmulticast mode
[  490.827375][T10929] veth1_to_team: entered promiscuous mode
[  490.972650][T10929] bridge0: port 3(veth1_to_team) entered blocking state
[  490.981759][T10929] bridge0: port 3(veth1_to_team) entered forwarding state
[  491.432677][T10941] netlink: 'syz.1.1944': attribute type 10 has an invalid length.
[  493.620685][T10950] netlink: 'syz.2.1946': attribute type 10 has an invalid length.
[  493.822652][T10959] netlink: 'syz.2.1950': attribute type 10 has an invalid length.
[  494.206585][T10959] team0: Port device hsr_slave_0 removed
[  494.333361][T10962] netlink: 'syz.0.1951': attribute type 29 has an invalid length.
[  494.342667][T10962] netlink: 'syz.0.1951': attribute type 29 has an invalid length.
[  494.592586][T10972] netlink: 'syz.3.1954': attribute type 10 has an invalid length.
[  494.764400][T10972] 8021q: adding VLAN 0 to HW filter on device team0
[  495.299101][T10980] netlink: 'syz.2.1958': attribute type 39 has an invalid length.
[  495.492764][ T5792] Bluetooth: hci0: unexpected event 0x09 length: 15 > 3
[  495.533320][T10989] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  495.548330][T10989] IPv6: NLM_F_CREATE should be set when creating new route
[  495.556050][T10989] IPv6: NLM_F_CREATE should be set when creating new route
[  495.563696][T10989] IPv6: NLM_F_CREATE should be set when creating new route
[  495.791188][T10995] netlink: 'syz.2.1964': attribute type 29 has an invalid length.
[  496.157199][T10995] netlink: 'syz.2.1964': attribute type 29 has an invalid length.
[  496.384803][T11009] netlink: 'syz.1.1977': attribute type 29 has an invalid length.
[  498.444017][T11009] netlink: 'syz.1.1977': attribute type 29 has an invalid length.
[  499.016520][T11040] netlink: 'syz.3.1982': attribute type 10 has an invalid length.
[  499.216589][T11040] team0: Port device hsr_slave_0 removed
[  499.955341][ T5792] Bluetooth: hci3: adv larger than maximum supported
[  500.104919][T11056] netlink: 'syz.3.1990': attribute type 39 has an invalid length.
[  501.757294][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  501.763683][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  503.414033][T11097] netlink: 'syz.0.2002': attribute type 39 has an invalid length.
[  503.873427][T11111] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  503.881144][T11111] IPv6: NLM_F_CREATE should be set when creating new route
[  503.888910][T11111] IPv6: NLM_F_CREATE should be set when creating new route
[  503.896586][T11111] IPv6: NLM_F_CREATE should be set when creating new route
[  504.840389][T11125] netlink: 'syz.1.2015': attribute type 39 has an invalid length.
[  507.636343][T11134] netlink: 'syz.2.2018': attribute type 10 has an invalid length.
[  507.667110][T11134] 8021q: adding VLAN 0 to HW filter on device team0
[  507.677967][T11134] bond0: (slave team0): Enslaving as an active interface with an up link
[  507.791143][T11153] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  507.798756][T11153] IPv6: NLM_F_CREATE should be set when creating new route
[  507.806456][T11153] IPv6: NLM_F_CREATE should be set when creating new route
[  507.814012][T11153] IPv6: NLM_F_CREATE should be set when creating new route
[  508.985724][T11178] netlink: 'syz.1.2033': attribute type 10 has an invalid length.
[  509.135493][T11178] 8021q: adding VLAN 0 to HW filter on device team0
[  522.106814][T11330] syzkaller0: entered promiscuous mode
[  522.146586][T11330] syzkaller0: entered allmulticast mode
[  528.012157][T11374] netlink: 'syz.1.2113': attribute type 1 has an invalid length.
[  528.021672][T11378] netlink: 'syz.2.2114': attribute type 10 has an invalid length.
[  528.194243][T11378] veth1_macvtap (unregistering): left allmulticast mode
[  528.894191][T11394] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2120'.
[  528.939984][T11394] bond_slave_0: entered promiscuous mode
[  528.946136][T11394] bond_slave_1: entered promiscuous mode
[  528.952042][T11394] bridge_slave_1: entered promiscuous mode
[  530.682177][T11442] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2135'.
[  530.691880][T11442] bond_slave_0: entered promiscuous mode
[  530.697952][T11442] bond_slave_1: entered promiscuous mode
[  530.703911][T11442] bridge_slave_1: entered promiscuous mode
[  533.904345][T11492] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2152'.
[  533.989479][T11492] bond_slave_0: entered promiscuous mode
[  533.995355][T11492] bond_slave_1: entered promiscuous mode
[  534.001208][T11492] bridge_slave_1: entered promiscuous mode
[  534.007341][T11492] team_slave_0: entered promiscuous mode
[  534.013338][T11492] team_slave_1: entered promiscuous mode
[  534.019151][T11492] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  534.874500][T11506] syzkaller0: entered promiscuous mode
[  534.914900][T11506] syzkaller0: entered allmulticast mode
[  537.434921][T11524] Q�6��\b��Y�4��: renamed from lo (while UP)
[  537.736176][T11539] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2171'.
[  537.786289][T11539] bond_slave_0: entered promiscuous mode
[  537.792073][T11539] bond_slave_1: entered promiscuous mode
[  539.249260][ T5792] Bluetooth: hci0: unexpected event 0x32 length: 15 > 9
[  539.779176][T11577] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2186'.
[  540.271702][T11587] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2197'.
[  543.927815][T11658] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2218'.
[  543.967370][T11658] netlink: 'syz.2.2218': attribute type 29 has an invalid length.
[  543.979140][T11658] netlink: 'syz.2.2218': attribute type 29 has an invalid length.
[  543.990774][T11658] netlink: 'syz.2.2218': attribute type 29 has an invalid length.
[  544.007775][T11658] netlink: 'syz.2.2218': attribute type 29 has an invalid length.
[  544.313134][T11665] netlink: 'syz.2.2221': attribute type 10 has an invalid length.
[  544.352283][T11665] team_slave_0: left promiscuous mode
[  544.361819][T11665] team_slave_1: left promiscuous mode
[  544.375386][T11665] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  550.773231][ T5792] Bluetooth: hci1: unexpected event 0x32 length: 15 > 9
[  551.157077][T11744] netlink: 'syz.1.2250': attribute type 9 has an invalid length.
[  551.211648][T11744] netlink: 49779 bytes leftover after parsing attributes in process `syz.1.2250'.
[  552.056908][T11754] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2255'.
[  552.152717][T11754] netlink: 'syz.3.2255': attribute type 29 has an invalid length.
[  552.173823][T11758] syzkaller0: entered promiscuous mode
[  552.186869][T11758] syzkaller0: entered allmulticast mode
[  552.195437][T11754] netlink: 'syz.3.2255': attribute type 29 has an invalid length.
[  552.210946][T11760] netlink: 'syz.3.2255': attribute type 29 has an invalid length.
[  552.233166][T11754] netlink: 'syz.3.2255': attribute type 29 has an invalid length.
[  554.571227][T11774] syzkaller0: entered promiscuous mode
[  554.577128][T11774] syzkaller0: entered allmulticast mode
[  557.930159][T11792] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2269'.
[  558.080127][T11792] netlink: 'syz.0.2269': attribute type 29 has an invalid length.
[  560.133484][T11792] netlink: 'syz.0.2269': attribute type 29 has an invalid length.
[  560.250151][T11803] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2272'.
[  561.096861][T11816] syzkaller0: entered promiscuous mode
[  561.131209][T11816] syzkaller0: entered allmulticast mode
[  562.541106][T11832] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2282'.
[  562.579452][T11832] netlink: 'syz.1.2282': attribute type 29 has an invalid length.
[  563.207188][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  563.213605][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  563.951663][T11850] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2287'.
[  566.523954][T11832] netlink: 'syz.1.2282': attribute type 29 has an invalid length.
[  566.951611][T11898] netlink: 'syz.2.2303': attribute type 10 has an invalid length.
[  567.015414][T11901] netlink: 'syz.1.2304': attribute type 10 has an invalid length.
[  567.073842][T11901] 8021q: adding VLAN 0 to HW filter on device team0
[  568.383624][T11916] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2309'.
[  568.460301][T11916] netlink: 'syz.1.2309': attribute type 29 has an invalid length.
[  568.477247][T11916] netlink: 'syz.1.2309': attribute type 29 has an invalid length.
[  568.492746][T11917] netlink: 'syz.1.2309': attribute type 29 has an invalid length.
[  568.508710][T11916] netlink: 'syz.1.2309': attribute type 29 has an invalid length.
[  568.940142][T11923] syzkaller0: entered promiscuous mode
[  568.966228][T11923] syzkaller0: entered allmulticast mode
[  569.826074][ T5792] Bluetooth: hci3: unexpected event 0x08 length: 15 > 4
[  571.627009][T11952] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2326'.
[  571.905991][T11948] Bluetooth: hci3: command 0x0406 tx timeout
[  572.434146][ T5792] Bluetooth: hci0: unexpected event 0x0b length: 15 > 11
[  572.921087][T11979] netlink: 'syz.3.2328': attribute type 10 has an invalid length.
[  573.923899][T11984] syzkaller0: entered promiscuous mode
[  573.934376][T11984] syzkaller0: entered allmulticast mode
[  574.494840][T11988] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2331'.
[  574.590868][T11988] netlink: 'syz.2.2331': attribute type 29 has an invalid length.
[  576.747300][T11988] netlink: 'syz.2.2331': attribute type 29 has an invalid length.
[  576.873618][T12001] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2344'.
[  576.987855][T12001] netlink: 'syz.3.2344': attribute type 29 has an invalid length.
[  577.003534][T12001] netlink: 'syz.3.2344': attribute type 29 has an invalid length.
[  577.054149][T12007] netlink: 'syz.3.2344': attribute type 29 has an invalid length.
[  577.092522][T12001] netlink: 'syz.3.2344': attribute type 29 has an invalid length.
[  578.178905][T12019] netlink: 'syz.1.2340': attribute type 10 has an invalid length.
[  579.056703][ T5792] Bluetooth: hci3: unexpected event 0x0b length: 15 > 11
[  579.870134][ T5792] Bluetooth: hci1: unexpected event 0x08 length: 15 > 4
[  580.141114][T12057] netlink: 'syz.0.2356': attribute type 10 has an invalid length.
[  581.917768][T11948] Bluetooth: hci1: command 0x0406 tx timeout
[  583.944452][T12118] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2388'.
[  584.010019][T12118] netlink: 'syz.0.2388': attribute type 29 has an invalid length.
[  584.020871][T12118] netlink: 'syz.0.2388': attribute type 29 has an invalid length.
[  584.038895][T12118] netlink: 'syz.0.2388': attribute type 29 has an invalid length.
[  584.056437][T12118] netlink: 'syz.0.2388': attribute type 29 has an invalid length.
[  585.210434][T12148] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2393'.
[  585.292728][T12148] netlink: 'syz.1.2393': attribute type 29 has an invalid length.
[  585.318578][T12148] netlink: 'syz.1.2393': attribute type 29 has an invalid length.
[  585.333710][T12151] netlink: 'syz.3.2394': attribute type 1 has an invalid length.
[  585.347568][T12152] netlink: 'syz.1.2393': attribute type 29 has an invalid length.
[  585.376613][T12151] netlink: 'syz.3.2394': attribute type 17 has an invalid length.
[  585.393704][T12151] netlink: 'syz.3.2394': attribute type 16 has an invalid length.
[  585.406911][T12151] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2394'.
[  585.722051][T12157] syzkaller0: entered promiscuous mode
[  585.728223][T12157] syzkaller0: entered allmulticast mode
[  585.735486][T12159] syzkaller0: tun_chr_ioctl cmd 2147767520
[  585.742976][ T7726] syzkaller0: tun_net_xmit 48
[  585.779581][T12157] syzkaller0: tun_net_xmit 1280
[  594.213406][T12220] syzkaller0: entered promiscuous mode
[  594.219130][T12220] syzkaller0: entered allmulticast mode
[  594.251245][T12221] syzkaller0: left promiscuous mode
[  596.643414][T12240] validate_nla: 1 callbacks suppressed
[  596.643430][T12240] netlink: 'syz.1.2426': attribute type 21 has an invalid length.
[  596.752416][T12257] netlink: 'syz.2.2431': attribute type 1 has an invalid length.
[  596.810799][T12257] netlink: 'syz.2.2431': attribute type 17 has an invalid length.
[  596.839908][T12257] netlink: 'syz.2.2431': attribute type 16 has an invalid length.
[  596.858715][T12257] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2431'.
[  598.065297][T12284] netlink: 'syz.1.2442': attribute type 10 has an invalid length.
[  598.097451][T12284] bridge0: port 2(bridge_slave_1) entered disabled state
[  598.116659][T12284] bridge_slave_1: left allmulticast mode
[  598.122444][T12284] bridge_slave_1: left promiscuous mode
[  598.133866][T12284] bridge0: port 2(bridge_slave_1) entered disabled state
[  598.148012][T12284] bridge_slave_1: entered promiscuous mode
[  598.157237][T12284] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  598.281494][T12289] syzkaller0: entered promiscuous mode
[  598.289364][T12289] syzkaller0: entered allmulticast mode
[  605.155122][T12298] syzkaller0: entered promiscuous mode
[  605.160654][T12298] syzkaller0: entered allmulticast mode
[  607.100732][T12321] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2454'.
[  607.114817][T12321] veth1_vlan: left allmulticast mode
[  607.160695][T12321] bond0: (slave macvlan0): Releasing backup interface
[  607.382622][T12329] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  607.416656][T12329] batman_adv: batadv0: Removing interface: batadv_slave_1
[  607.754724][T12334] netlink: 'syz.3.2459': attribute type 21 has an invalid length.
[  611.380062][T12355] syzkaller0: entered promiscuous mode
[  611.392567][T12355] syzkaller0: entered allmulticast mode
[  613.581162][T12365] netlink: 'syz.2.2470': attribute type 21 has an invalid length.
[  613.900395][T12378] syzkaller0: entered promiscuous mode
[  613.910331][T12378] syzkaller0: entered allmulticast mode
[  616.110470][T12391] lo: left promiscuous mode
[  616.123448][T12391] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  616.378687][T12398] syzkaller0: entered promiscuous mode
[  616.384388][T12398] syzkaller0: entered allmulticast mode
[  616.488805][T12407] netlink: 'syz.0.2483': attribute type 21 has an invalid length.
[  622.570033][T12443] netlink: 'syz.3.2498': attribute type 21 has an invalid length.
[  623.474557][ T5792] Bluetooth: hci3: unexpected event 0x0f length: 15 > 4
[  624.632811][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  624.646645][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  626.856249][T12477] netlink: 'syz.3.2512': attribute type 21 has an invalid length.
[  627.008738][T12482] netlink: 'syz.0.2513': attribute type 10 has an invalid length.
[  627.035519][ T5792] Bluetooth: hci2: unexpected event 0x0f length: 15 > 4
[  629.308581][ T5792] Bluetooth: hci0: unexpected event 0x0f length: 15 > 4
[  630.742190][T12504] netlink: 'syz.3.2523': attribute type 21 has an invalid length.
[  636.665310][ T5792] Bluetooth: hci1: unexpected event 0x0f length: 15 > 4
[  636.907729][T12553] netlink: 'syz.1.2538': attribute type 21 has an invalid length.
[  638.990459][T12564] netlink: 'syz.2.2544': attribute type 10 has an invalid length.
[  639.127797][ T5792] Bluetooth: hci0: unexpected subevent 0x0a length: 150 > 30
[  639.140162][ T5792] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  639.151686][ T5792] CPU: 0 PID: 5792 Comm: kworker/u5:3 Not tainted syzkaller #0
[  639.159328][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  639.169458][ T5792] Workqueue: hci0 hci_rx_work
[  639.174246][ T5792] Call Trace:
[  639.177579][ T5792]  <TASK>
[  639.180556][ T5792]  dump_stack_lvl+0x16c/0x230
[  639.185300][ T5792]  ? show_regs_print_info+0x20/0x20
[  639.190548][ T5792]  ? load_image+0x3b0/0x3b0
[  639.195135][ T5792]  sysfs_create_dir_ns+0x256/0x280
[  639.200308][ T5792]  ? hci_rx_work+0x43a/0xd80
[  639.204951][ T5792]  ? sysfs_warn_dup+0xa0/0xa0
[  639.209700][ T5792]  ? do_raw_spin_unlock+0x121/0x230
[  639.214964][ T5792]  kobject_add_internal+0x6b8/0xc70
[  639.220241][ T5792]  kobject_add+0x156/0x220
[  639.224710][ T5792]  ? __rwlock_init+0x150/0x150
[  639.229632][ T5792]  ? kobject_init+0x1e0/0x1e0
[  639.234362][ T5792]  ? _raw_spin_unlock+0x28/0x40
[  639.239282][ T5792]  ? get_device_parent+0x366/0x390
[  639.244460][ T5792]  device_add+0x408/0xc20
[  639.248858][ T5792]  hci_conn_add_sysfs+0xd5/0x1e0
[  639.253949][ T5792]  le_conn_complete_evt+0xf36/0x1500
[  639.259329][ T5792]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  639.265653][ T5792]  ? bt_info+0x160/0x160
[  639.269945][ T5792]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  639.275678][ T5792]  ? skb_pull_data+0xfb/0x200
[  639.280419][ T5792]  hci_le_enh_conn_complete_evt+0x189/0x460
[  639.286374][ T5792]  ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0
[  639.292839][ T5792]  ? hci_remote_host_features_evt+0x160/0x160
[  639.298960][ T5792]  hci_event_packet+0x795/0x1210
[  639.303978][ T5792]  ? bis_list+0x290/0x290
[  639.308387][ T5792]  ? lockdep_hardirqs_on+0x98/0x150
[  639.313661][ T5792]  ? hci_send_to_monitor+0xd7/0x4f0
[  639.318927][ T5792]  hci_rx_work+0x43a/0xd80
[  639.323446][ T5792]  ? process_scheduled_works+0x957/0x15b0
[  639.329240][ T5792]  process_scheduled_works+0xa45/0x15b0
[  639.335075][ T5792]  ? assign_work+0x400/0x400
[  639.339774][ T5792]  ? assign_work+0x39e/0x400
[  639.344437][ T5792]  worker_thread+0xa55/0xfc0
[  639.349177][ T5792]  kthread+0x2fa/0x390
[  639.353308][ T5792]  ? pr_cont_work+0x560/0x560
[  639.358042][ T5792]  ? kthread_blkcg+0xd0/0xd0
[  639.362677][ T5792]  ret_from_fork+0x48/0x80
[  639.367271][ T5792]  ? kthread_blkcg+0xd0/0xd0
[  639.371957][ T5792]  ret_from_fork_asm+0x11/0x20
[  639.376818][ T5792]  </TASK>
[  639.383059][ T5792] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  639.397341][ T5792] Bluetooth: hci0: failed to register connection device
[  640.282413][T12584] netlink: 'syz.0.2552': attribute type 21 has an invalid length.
[  641.324732][T12604] netlink: 'syz.0.2557': attribute type 10 has an invalid length.
[  641.460543][ T5792] Bluetooth: hci0: command 0x0406 tx timeout
[  643.665683][ T5792] Bluetooth: hci1: unexpected subevent 0x0a length: 150 > 30
[  643.673678][ T5792] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[  643.689810][ T5792] CPU: 1 PID: 5792 Comm: kworker/u5:3 Not tainted syzkaller #0
[  643.697576][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  643.707708][ T5792] Workqueue: hci1 hci_rx_work
[  643.712485][ T5792] Call Trace:
[  643.715838][ T5792]  <TASK>
[  643.718852][ T5792]  dump_stack_lvl+0x16c/0x230
[  643.723643][ T5792]  ? show_regs_print_info+0x20/0x20
[  643.728942][ T5792]  ? load_image+0x3b0/0x3b0
[  643.733597][ T5792]  sysfs_create_dir_ns+0x256/0x280
[  643.738808][ T5792]  ? hci_rx_work+0x43a/0xd80
[  643.743499][ T5792]  ? sysfs_warn_dup+0xa0/0xa0
[  643.748282][ T5792]  ? do_raw_spin_unlock+0x121/0x230
[  643.753591][ T5792]  kobject_add_internal+0x6b8/0xc70
[  643.758918][ T5792]  kobject_add+0x156/0x220
[  643.763414][ T5792]  ? __rwlock_init+0x150/0x150
[  643.768273][ T5792]  ? kobject_init+0x1e0/0x1e0
[  643.773042][ T5792]  ? _raw_spin_unlock+0x28/0x40
[  643.777997][ T5792]  ? get_device_parent+0x366/0x390
[  643.783271][ T5792]  device_add+0x408/0xc20
[  643.787698][ T5792]  hci_conn_add_sysfs+0xd5/0x1e0
[  643.792707][ T5792]  le_conn_complete_evt+0xf36/0x1500
[  643.798098][ T5792]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  643.804493][ T5792]  ? bt_info+0x160/0x160
[  643.808809][ T5792]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  643.814598][ T5792]  ? skb_pull_data+0xfb/0x200
[  643.819416][ T5792]  hci_le_enh_conn_complete_evt+0x189/0x460
[  643.825374][ T5792]  ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0
[  643.831858][ T5792]  ? hci_remote_host_features_evt+0x160/0x160
[  643.837996][ T5792]  hci_event_packet+0x795/0x1210
[  643.843015][ T5792]  ? bis_list+0x290/0x290
[  643.847407][ T5792]  ? lockdep_hardirqs_on+0x98/0x150
[  643.852661][ T5792]  ? hci_send_to_monitor+0xd7/0x4f0
[  643.857929][ T5792]  hci_rx_work+0x43a/0xd80
[  643.862426][ T5792]  ? process_scheduled_works+0x957/0x15b0
[  643.868198][ T5792]  process_scheduled_works+0xa45/0x15b0
[  643.873880][ T5792]  ? assign_work+0x400/0x400
[  643.878538][ T5792]  ? assign_work+0x39e/0x400
[  643.883207][ T5792]  worker_thread+0xa55/0xfc0
[  643.887931][ T5792]  kthread+0x2fa/0x390
[  643.892036][ T5792]  ? pr_cont_work+0x560/0x560
[  643.896764][ T5792]  ? kthread_blkcg+0xd0/0xd0
[  643.901393][ T5792]  ret_from_fork+0x48/0x80
[  643.905852][ T5792]  ? kthread_blkcg+0xd0/0xd0
[  643.910526][ T5792]  ret_from_fork_asm+0x11/0x20
[  643.915399][ T5792]  </TASK>
[  643.923405][ T5792] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  643.937567][ T5792] Bluetooth: hci1: failed to register connection device
[  645.986317][T11948] Bluetooth: hci1: command 0x0406 tx timeout
[  647.128924][T12641] netlink: 'syz.3.2566': attribute type 21 has an invalid length.
[  650.103824][T12650] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  650.819279][T11948] Bluetooth: hci0: unexpected event for opcode 0x000c
Connection to 10.128.10.11 closed by remote host.
[  654.589972][ T5790] syz_tun (unregistering): left allmulticast mode
[  654.597745][ T5790] syz_tun (unregistering): left promiscuous mode
[  654.604454][ T5790] ��
: port 1(syz_tun) entered disabled state
[  654.764160][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  654.909765][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  655.011245][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  655.071687][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  656.080534][   T12] 
[  656.082941][   T12] ======================================================
[  656.090137][   T12] WARNING: possible circular locking dependency detected
[  656.097166][   T12] syzkaller #0 Not tainted
[  656.101629][   T12] ------------------------------------------------------
[  656.108643][   T12] kworker/u4:1/12 is trying to acquire lock:
[  656.114616][   T12] ffff88802fd80d00 (team->team_lock_key#2){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  656.124204][   T12] 
[  656.124204][   T12] but task is already holding lock:
[  656.131567][   T12] ffff88807bd90768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  656.141947][   T12] 
[  656.141947][   T12] which lock already depends on the new lock.
[  656.141947][   T12] 
[  656.152354][   T12] 
[  656.152354][   T12] the existing dependency chain (in reverse order) is:
[  656.161454][   T12] 
[  656.161454][   T12] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  656.169277][   T12]        __mutex_lock+0x129/0xcc0
[  656.174311][   T12]        ieee80211_open+0x144/0x200
[  656.179516][   T12]        __dev_open+0x2bc/0x430
[  656.184361][   T12]        dev_open+0xab/0x170
[  656.188954][   T12]        team_add_slave+0xae7/0x2660
[  656.194252][   T12]        do_setlink+0xe14/0x3fb0
[  656.199185][   T12]        rtnl_newlink+0x175b/0x2020
[  656.204396][   T12]        rtnetlink_rcv_msg+0x7c7/0xf10
[  656.209938][   T12]        netlink_rcv_skb+0x216/0x480
[  656.215226][   T12]        netlink_unicast+0x751/0x8d0
[  656.220516][   T12]        netlink_sendmsg+0x8c1/0xbe0
[  656.225804][   T12]        ____sys_sendmsg+0x5bf/0x950
[  656.231119][   T12]        ___sys_sendmsg+0x220/0x290
[  656.236332][   T12]        __se_sys_sendmsg+0x1a5/0x270
[  656.241737][   T12]        do_syscall_64+0x55/0xb0
[  656.246743][   T12]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  656.253233][   T12] 
[  656.253233][   T12] -> #0 (team->team_lock_key#2){+.+.}-{3:3}:
[  656.261418][   T12]        __lock_acquire+0x2ddb/0x7c80
[  656.266804][   T12]        lock_acquire+0x197/0x410
[  656.271849][   T12]        __mutex_lock+0x129/0xcc0
[  656.276983][   T12]        team_del_slave+0x32/0x1c0
[  656.282104][   T12]        team_device_event+0x28d/0xa20
[  656.287570][   T12]        notifier_call_chain+0x197/0x390
[  656.293215][   T12]        unregister_netdevice_many_notify+0xf36/0x1810
[  656.300182][   T12]        unregister_netdevice_queue+0x324/0x360
[  656.306436][   T12]        _cfg80211_unregister_wdev+0x16b/0x580
[  656.313212][   T12]        ieee80211_remove_interfaces+0x496/0x680
[  656.319636][   T12]        ieee80211_unregister_hw+0x5d/0x2a0
[  656.325540][   T12]        mac80211_hwsim_del_radio+0x274/0x450
[  656.331611][   T12]        hwsim_exit_net+0x585/0x640
[  656.336837][   T12]        cleanup_net+0x6f4/0xb90
[  656.341805][   T12]        process_scheduled_works+0xa45/0x15b0
[  656.347883][   T12]        worker_thread+0xa55/0xfc0
[  656.352999][   T12]        kthread+0x2fa/0x390
[  656.358023][   T12]        ret_from_fork+0x48/0x80
[  656.362967][   T12]        ret_from_fork_asm+0x11/0x20
[  656.368257][   T12] 
[  656.368257][   T12] other info that might help us debug this:
[  656.368257][   T12] 
[  656.378483][   T12]  Possible unsafe locking scenario:
[  656.378483][   T12] 
[  656.386114][   T12]        CPU0                    CPU1
[  656.391488][   T12]        ----                    ----
[  656.396849][   T12]   lock(&rdev->wiphy.mtx);
[  656.401355][   T12]                                lock(team->team_lock_key#2);
[  656.408823][   T12]                                lock(&rdev->wiphy.mtx);
[  656.415845][   T12]   lock(team->team_lock_key#2);
[  656.420789][   T12] 
[  656.420789][   T12]  *** DEADLOCK ***
[  656.420789][   T12] 
[  656.428933][   T12] 5 locks held by kworker/u4:1/12:
[  656.434035][   T12]  #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  656.444930][   T12]  #1: ffffc90000117d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  656.455507][   T12]  #2: ffffffff8dfaf8d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90
[  656.464919][   T12]  #3: ffffffff8dfbc708 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[  656.474779][   T12]  #4: ffff88807bd90768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  656.485588][   T12] 
[  656.485588][   T12] stack backtrace:
[  656.491495][   T12] CPU: 0 PID: 12 Comm: kworker/u4:1 Not tainted syzkaller #0
[  656.498866][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  656.508923][   T12] Workqueue: netns cleanup_net
[  656.513698][   T12] Call Trace:
[  656.516977][   T12]  <TASK>
[  656.519949][   T12]  dump_stack_lvl+0x16c/0x230
[  656.524633][   T12]  ? load_image+0x3b0/0x3b0
[  656.529144][   T12]  ? show_regs_print_info+0x20/0x20
[  656.534347][   T12]  ? print_circular_bug+0x12b/0x1a0
[  656.539554][   T12]  check_noncircular+0x2bd/0x3c0
[  656.544504][   T12]  ? print_deadlock_bug+0x5d0/0x5d0
[  656.549706][   T12]  ? lockdep_lock+0xe0/0x220
[  656.554294][   T12]  ? __lock_acquire+0x1334/0x7c80
[  656.559332][   T12]  ? _find_first_zero_bit+0xd3/0x100
[  656.564717][   T12]  __lock_acquire+0x2ddb/0x7c80
[  656.569592][   T12]  ? verify_lock_unused+0x140/0x140
[  656.574803][   T12]  ? verify_lock_unused+0x140/0x140
[  656.580007][   T12]  lock_acquire+0x197/0x410
[  656.584507][   T12]  ? team_del_slave+0x32/0x1c0
[  656.589310][   T12]  ? __might_sleep+0xe0/0xe0
[  656.594014][   T12]  ? read_lock_is_recursive+0x20/0x20
[  656.599493][   T12]  __mutex_lock+0x129/0xcc0
[  656.604019][   T12]  ? team_del_slave+0x32/0x1c0
[  656.608794][   T12]  ? __lock_acquire+0x7c80/0x7c80
[  656.613818][   T12]  ? rcu_is_watching+0x15/0xb0
[  656.618588][   T12]  ? trace_contention_end+0x39/0xe0
[  656.623981][   T12]  ? __mutex_lock+0x304/0xcc0
[  656.628682][   T12]  ? team_del_slave+0x32/0x1c0
[  656.633548][   T12]  ? mutex_lock_nested+0x20/0x20
[  656.638504][   T12]  ? bond_netdev_event+0xe1/0xef0
[  656.643571][   T12]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  656.649228][   T12]  ? bond_ipsec_offload_ok+0x410/0x410
[  656.654713][   T12]  team_del_slave+0x32/0x1c0
[  656.659323][   T12]  team_device_event+0x28d/0xa20
[  656.664272][   T12]  notifier_call_chain+0x197/0x390
[  656.669399][   T12]  unregister_netdevice_many_notify+0xf36/0x1810
[  656.675750][   T12]  ? lock_chain_count+0x20/0x20
[  656.680613][   T12]  ? unregister_netdevice_many+0x20/0x20
[  656.686270][   T12]  ? kernfs_remove_by_name_ns+0x117/0x150
[  656.692014][   T12]  ? __lock_acquire+0x7c80/0x7c80
[  656.697054][   T12]  unregister_netdevice_queue+0x324/0x360
[  656.702791][   T12]  ? list_netdevice+0x730/0x730
[  656.707701][   T12]  ? kernfs_remove_by_name_ns+0x117/0x150
[  656.713493][   T12]  _cfg80211_unregister_wdev+0x16b/0x580
[  656.719168][   T12]  ieee80211_remove_interfaces+0x496/0x680
[  656.725015][   T12]  ? ieee80211_do_stop+0x1db0/0x1db0
[  656.730321][   T12]  ? rcu_is_watching+0x15/0xb0
[  656.735103][   T12]  ieee80211_unregister_hw+0x5d/0x2a0
[  656.740500][   T12]  mac80211_hwsim_del_radio+0x274/0x450
[  656.746148][   T12]  ? rhashtable_remove_fast+0xbf0/0xbf0
[  656.751702][   T12]  hwsim_exit_net+0x585/0x640
[  656.756471][   T12]  ? hwsim_init_net+0x90/0x90
[  656.761167][   T12]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[  656.767098][   T12]  cleanup_net+0x6f4/0xb90
[  656.771525][   T12]  ? ops_free_list+0x3b0/0x3b0
[  656.776310][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  656.781542][   T12]  ? process_scheduled_works+0x957/0x15b0
[  656.787289][   T12]  ? process_scheduled_works+0x957/0x15b0
[  656.793051][   T12]  process_scheduled_works+0xa45/0x15b0
[  656.798651][   T12]  ? assign_work+0x400/0x400
[  656.803267][   T12]  ? assign_work+0x39e/0x400
[  656.807892][   T12]  worker_thread+0xa55/0xfc0
[  656.812496][   T12]  kthread+0x2fa/0x390
[  656.816566][   T12]  ? pr_cont_work+0x560/0x560
[  656.821260][   T12]  ? kthread_blkcg+0xd0/0xd0
[  656.825848][   T12]  ret_from_fork+0x48/0x80
[  656.830265][   T12]  ? kthread_blkcg+0xd0/0xd0
[  656.834853][   T12]  ret_from_fork_asm+0x11/0x20
[  656.839642][   T12]  </TASK>
[  656.848622][   T12] team0: Port device wlan1 removed
[  656.983817][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  656.991408][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  657.001608][   T12] veth0_macvtap: left promiscuous mode
[  657.007346][   T12] veth1_vlan: left promiscuous mode
[  657.088814][   T12] team0 (unregistering): Port device geneve1 removed
[  657.294793][   T12] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  657.326141][   T12] team0 (unregistering): Port device team_slave_1 removed
[  657.354494][   T12] team0 (unregistering): Port device team_slave_0 removed
[  657.387405][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  657.418252][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  657.449090][   T12] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  657.620512][   T12] team0 (unregistering): Port device bond0 removed
[  657.740549][   T12] bond0 (unregistering): Released all slaves
[  658.063070][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.110553][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.161489][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.211777][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  659.010763][   T12] team0: Port device wlan1 removed
[  659.101137][   T12] hsr_slave_0: left promiscuous mode
[  659.107494][   T12] hsr_slave_1: left promiscuous mode
[  659.113301][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  659.121017][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  659.129073][   T12] veth1_to_team: left allmulticast mode
[  659.134648][   T12] veth1_to_team: left promiscuous mode
[  659.140766][   T12] bridge0: port 3(veth1_to_team) entered disabled state
[  659.148863][   T12] bridge_slave_0: left allmulticast mode
[  659.154509][   T12] bridge_slave_0: left promiscuous mode
[  659.161293][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  659.171490][   T12] veth0_macvtap: left promiscuous mode
[  659.177130][   T12] veth1_vlan: left allmulticast mode
[  659.182584][   T12] veth1_vlan: left promiscuous mode
[  659.187957][   T12] veth0_vlan: left promiscuous mode
[  659.283699][   T12] team0 (unregistering): Port device geneve1 removed
[  659.367291][   T12] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  659.392175][   T12] team0 (unregistering): Port device vlan0 removed
[  659.481475][   T12] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  659.512080][   T12] team0 (unregistering): Port device team_slave_1 removed
[  659.524720][   T12] team0 (unregistering): Port device team_slave_0 removed
[  659.552500][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  659.585242][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  659.615688][   T12] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  659.771846][   T12] team0 (unregistering): Port device bond0 removed
[  659.890362][   T12] bond0 (unregistering): Released all slaves
[  660.474551][ T7739] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.542866][ T7739] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.581706][ T7739] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.620890][ T7739] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  661.410918][ T7739] team0: Port device wlan1 removed
[  661.533229][ T7739] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  661.540884][ T7739] batman_adv: batadv0: Removing interface: batadv_slave_1
[  661.549797][ T7739] veth1_vlan: left promiscuous mode
[  661.601275][ T7739] team0 (unregistering): Port device geneve1 removed
[  661.726225][ T7739] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  661.774718][ T7739] team0 (unregistering): Port device team_slave_1 removed
[  661.800752][ T7739] team0 (unregistering): Port device team_slave_0 removed
[  661.829946][ T7739] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  661.858535][ T7739] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  661.887829][ T7739] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  662.031554][ T7739] bond0 (unregistering): (slave team0): Releasing backup interface
[  662.055481][ T7739] bond0 (unregistering): Released all slaves