last executing test programs:

1m21.381291114s ago: executing program 2 (id=25):
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xa, 0x6, 0x3a0, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, &(0x7f0000000a40), &(0x7f00000001c0), 0x1800, r0}, 0x38)

1m6.677576317s ago: executing program 2 (id=25):
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xa, 0x6, 0x3a0, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, &(0x7f0000000a40), &(0x7f00000001c0), 0x1800, r0}, 0x38)

47.503572583s ago: executing program 2 (id=25):
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xa, 0x6, 0x3a0, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, &(0x7f0000000a40), &(0x7f00000001c0), 0x1800, r0}, 0x38)

34.222262181s ago: executing program 2 (id=25):
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xa, 0x6, 0x3a0, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, &(0x7f0000000a40), &(0x7f00000001c0), 0x1800, r0}, 0x38)

20.976716135s ago: executing program 2 (id=25):
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xa, 0x6, 0x3a0, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, &(0x7f0000000a40), &(0x7f00000001c0), 0x1800, r0}, 0x38)

9.150365035s ago: executing program 2 (id=25):
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xa, 0x6, 0x3a0, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, &(0x7f0000000a40), &(0x7f00000001c0), 0x1800, r0}, 0x38)

3.470285315s ago: executing program 0 (id=1659):
r0 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xff00000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)

3.330501277s ago: executing program 0 (id=1662):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000002000000000000020071102200000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x12}, 0x80)

3.220895787s ago: executing program 0 (id=1666):
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x74b, 0xffff}, 0x8400}, 0x0, 0xfffffdbfffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$kcm(0x2b, 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f00000004c0)={&(0x7f0000000140)={0x2, 0x0, @local}, 0x10, 0x0}, 0x4008804)
r2 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x0, 0x0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89fb, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x6, &(0x7f0000000000)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x4, 0xc3, &(0x7f0000000600)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x1e)
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x1, 0x7f, 0x5, 0xf7, 0x0, 0x6, 0x80, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7, 0x1, @perf_bp={&(0x7f0000000500), 0xa}, 0x8100, 0x9, 0x7, 0x8, 0x670000000000000, 0x4, 0x0, 0x0, 0x40, 0x0, 0x5aac}, 0x0, 0x2, r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400060000120800040043000000a8001f000a00014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
sendmsg$inet(r1, &(0x7f0000000a00)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)

2.868928648s ago: executing program 0 (id=1671):
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)={r0})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x4}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r1, &(0x7f0000000200), 0x20000000}, 0x20)
recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/92, 0x5c}], 0x1}, 0x40020000)

1.878403975s ago: executing program 0 (id=1675):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0}, 0x10)
r0 = perf_event_open$cgroup(&(0x7f0000000940)={0x1, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc35, 0xfffffffffffffffd}, 0x4082, 0x3, 0x7, 0x9, 0x0, 0x80200000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ID(r0, 0x4008240b, &(0x7f00000013c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x2c, &(0x7f0000000140), 0x4)
setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f0000000440), 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x81, 0x4, 0xffffffff, 0x16, 0xffffffffffffffff, 0xffffffff}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200", @ANYRES32=r3], 0x0, 0x10, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6c}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8000000, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r5 = syz_clone(0x8002000, &(0x7f0000000340)="a543e6dc680448d726252f25fb3237d0fb2b695703ac7d2c287ffa3c5434fd70cdccf0f811118afe044d6d3eacc56929911137c46600621d604568d79c203d88f0564f997d37dd48396e9512d908fa1763b94bd2ff6df9339b59b02cc18c7a822dedfeb65a82e8658a4195f139d2830fe588579c3243230ae3c53cb339a6a9a50a50ea43a997b1c03fc2e2f6894f", 0x8e, &(0x7f0000000400), &(0x7f0000000500), &(0x7f0000000680)="1b49ec5aaa085565688ce83e42f048e2adc304a8ea08063c26709fba9939297d5f43eedbb8b74038201650511b453ae209336569bff2e8c3ccf20a3c73e67c1c006bc31abac39b3d10048746ce76c42b8e72ee62d1f04a3d1bdcf7da4c06fa6eb872839cfc3413364f42c2079e26a1920518411582e5638ff42bbc8db498f03170a0af00aeb4823d81c5ad260e112b0a70988ac25d4c279a")
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

1.871898796s ago: executing program 3 (id=1676):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x8, &(0x7f0000004380)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000002000008500000051000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7235f1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a49bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x91}, 0x2b)

1.711687729s ago: executing program 3 (id=1677):
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={0xffffffffffffffff, &(0x7f0000000300), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x16, 0x0, &(0x7f0000000380)=""/22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x10, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000003f000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000011000000bf09000000000000550901000074f6967d00000000000000180100002020702500000000002020207baaf8ff00000000bda100000000000027010000f8ffffffb702000008000000b7030000000000002500000006000000be91000000000000b502ecffffff00008500000005000000b70000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.638878846s ago: executing program 4 (id=1678):
socket$kcm(0x1e, 0x4, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuset.effective_mems\x00', 0x26e1, 0x0)
close(r0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'wg2\x00', @random="b410848f00"})

1.59414493s ago: executing program 3 (id=1679):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x1200, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b001c000d000020ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)

1.498741048s ago: executing program 4 (id=1680):
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001ac0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169b740ac03d7c64cee49ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d54f45a24effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c7724e9e7e7babf61fe358ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261ed1d4515f46290d5c6579b63358fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe8799fe266e2ccac80fefe750151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa796ea7b156d19612297c63e774e940bfeb0de83f42fd565a299f741f9b00be4e8fcaf4ec85daceb16d9e8a438e3eb2556570e381b03d9e3c245728648ed9ff22dc963ed105c851c3481125b4c0c8a08a0c9930190902af109fc56b64cc952f298ebe73d7b18052e0147356228ca171b06274a871e2cf9609e0b4cdad36c3250bc8f56f95a6ed"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
write$cgroup_int(r2, &(0x7f0000000600), 0x12)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001080)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1.270542038s ago: executing program 3 (id=1681):
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xffc7}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000001000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

1.269795138s ago: executing program 4 (id=1682):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{}, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001f80)={{r0, <r3=>0xffffffffffffffff}, &(0x7f0000001f00), &(0x7f0000001f40)='%ps    \x00'}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000022c0)={0xffffffffffffffff, 0xe0, &(0x7f0000002300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000001fc0)=[0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x6, 0x4, &(0x7f0000002000), &(0x7f0000002000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xbf, &(0x7f0000002080)=[{}], 0xfffffd8a, 0x10, &(0x7f00000020c0), &(0x7f0000002100), 0x6b31c7850835401a, 0xe8, 0x8, 0x8, &(0x7f0000002140)}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x8, 0x92, 0x40, 0x600, r3, 0x2, '\x00', r4, 0xffffffffffffffff, 0x2, 0x0, 0x20000004, 0xd}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="000000000e00000000000000000040007b8af8ff00000000bf434b69af24f7afddc3b17f125fbf5ea200000000000006020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8922, &(0x7f0000000080))
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000f80)=@generic={&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000040)=@generic={&(0x7f0000000fc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r2}, 0x18)
r6 = socket$kcm(0xa, 0x2, 0x11)
sendmsg$kcm(r6, &(0x7f0000003840)={&(0x7f0000000040)=@in={0x2, 0x4e23, @empty}, 0x80, 0x0, 0x0, &(0x7f0000001ec0)=ANY=[@ANYBLOB="295bf1e8260707100000000a002900000033fdc400"], 0x10}, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r7 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r7, 0x84, 0xd, &(0x7f0000000000), 0x8)
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x3, 0x0)

1.202803014s ago: executing program 1 (id=1683):
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000000)=[{&(0x7f00000000c0)="80", 0x1}], 0x1, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000003f840000000000000008"], 0x18}, 0x41)

1.202512914s ago: executing program 3 (id=1684):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0, 0x0, 0x2663}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x541b, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b904021d080202000000fcfe02a1180015000600142603600e1208000f0000810401a80016040a00014003000000036010fab94dcf5c0460c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791823a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x6000, 0x7400}, 0x0)

1.109733212s ago: executing program 1 (id=1685):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000d40)}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x3, 0x3, 0x7}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00'})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)='%ps    \x00'}, 0x20)
r1 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000488c)
setsockopt$sock_attach_bpf(r1, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r1)

1.016281761s ago: executing program 1 (id=1686):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0)
write$cgroup_subtree(r0, 0x0, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001080)={0x6, 0x80, 0x5, 0x0, 0x0, 0x0, 0x7602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
write$cgroup_int(r1, &(0x7f0000000600), 0x12)
r2 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001080)={0x6, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x7602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xd}, 0xfff6}, r2, 0x0, 0xffffffffffffffff, 0x9)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff0000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

926.688488ms ago: executing program 3 (id=1687):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000e000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xda00)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00'}, 0x10)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_devices(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'sit0\x00', @local})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000400)}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'sit0\x00', @random="4f33e363a4b1"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708dfffffffffff7a8af8a90acde300bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000008f79056ee301000000ffffffff657856149ab2fc3a6375ca8f8bcacce7ccffe2c1409db416ab7e8622a30d3e04afb6c7800e8183ec2ba01c2d2745476010c394eed1de468d418e466c7881fc89a4f69b4e56c4c0619b53c3d882de4e8a21f7f6de7b1b15788e05000000000000004777cf2a9d79330b59bac06507cc85ac92f1da232d0d89aabc4bb45ddfa5a4ea95ebe13f96a74d0000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000280), 0x84, r0}, 0x38)

766.676123ms ago: executing program 4 (id=1688):
r0 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29000000, 0x2, 0x0, 0x0)

594.719687ms ago: executing program 1 (id=1689):
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1, 0x0, 0x440a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000980)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21ca0000cf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c98cda2948ef0f440d7cad29567e15a7d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf225571f2487fc86acc2bff7d5664abebd6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f94306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552d703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8498856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b262341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa086d2a39f13f60b51136a945f780687aad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f91b52fc0b241c2db99a187c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f9ac2f7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe8799fe266e2ccac80fefe750151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa796ea7b152d19612297c63bb20e1e0469f7615f67a9218cbace38f5236821314f76302b98afa93044b83989339ca10e6ae30e70e17a82f03e915b8425e8e7a91614306d2ae0bc3550d856f2d7293672b5673d264fc886b0c8bdf436a0fcd21bf9da7bdca98e34cd6e59b0a7ce4ba1b466561aaa35448dff47bb1d7df23d467689a66"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0x3, &(0x7f0000000180)=ANY=[@ANYRES8=r1], &(0x7f0000000000)='GPL\x00', 0x4, 0xcf, &(0x7f0000000340)=""/207, 0x0, 0x40, '\x00', 0x0, 0x5}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r3) (async, rerun: 32)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50028, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r4)
r5 = perf_event_open$cgroup(&(0x7f0000000440)={0x5, 0x80, 0x6, 0x2, 0x6, 0xab, 0x0, 0x7, 0x41000, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000200), 0x8}, 0x111010, 0x0, 0x100, 0x4, 0x3ff, 0x3, 0x3, 0x0, 0x1, 0x0, 0x5}, r4, 0x3, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f0000000240)='-\x00') (async, rerun: 32)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) (async, rerun: 32)
ioctl$SIOCSIFHWADDR(r4, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'}) (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200000000000004}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080b01000000e8fe55a1180015000600142603600e120800290000000401040016000a0001", 0x37}], 0x1}, 0x0) (async)
r6 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0xfe33) (async)
r7 = socket$kcm(0x2, 0x4, 0x0) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f0, &(0x7f0000000080)) (async)
ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f0000000000)={r8}) (async)
openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0), 0x480, 0x0)

538.792172ms ago: executing program 4 (id=1690):
r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={r0, 0x20, &(0x7f0000000400)={0xfffffffffffffffe, 0x0, 0x0, &(0x7f0000000780)=""/164, 0xa4}}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.net/syz1\x00', 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000800)=ANY=[@ANYBLOB="b702000023008000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d0000009700000001000100950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb4413c0bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdee75dca3772be2c9d2d29dbaadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e82800026f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7ec6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde713d2831210e00d2bfea3bf97ff8836d000000000000946bdb747e416b3064edb4f5aea06eba207ddab9f9baf98bc5192f23d95d33357fc55f92e5937e10995059f3348f69667b9260d504baa0446e1437af6fa875d9d32fdada251e6c74f192a23572ef582b7dd867c163c8cedaa2a2c5baceb37d4a40244c9bdca541cc7e65e20f5b5b735e2f33df9bd0614431d7dc5e47bb31c5b827d51733b64ddad4de1cdadce076d19d62e821b435619fb89fc07f81938200b4ebce83db57a6f5e9b1c2cf4b6ee90772d4865bf448d200e5c4e1e044d3587498128273b65670c02ff5c3c3ca633c41324fdc09e0b2621087db26bb0553612f2be27579ede2344a809e6b27d0044f2337895323357caddb54642dac82ae25deb08e111e0b9fa133c9da85dc50c3454ee0ff915331bd7f32f96fb55c7990334b1a1bc4d5d817b82f9fc278cc4868fbfa4d0f32a863c1ce050caddc5ca3b10c3e63daebba039e9f474aa8849dcc2501df3ffcb02d29d55a1a2cbe00e836db0e6b0a7ffd680dbcf7b982a956998df3dce0e9091a4d736db69038061e6b04c7c379e541afe1c5393e4e97c0146d7dc4915525c8bd6c044565badf8cc24727e70e619fa5a7c76a886946446162645e4ad8178185ba9aa929fb924eb2b3cc9ca3cf3a603683711a6f4aa84ffaec2c3b3ee0b13707916ec3cd5d000000000000000000005e717dbc2dfd109e05e37d975b3da80b38d9e021d75cc47a4df9804c36468f767cf23742d78f3d1f0d54ed01d0e282e8d73534e091e7582a53abec46e93d6908a1346180b59d64f70d7046faf247d17f96d9d1dff63704040ce49f2e66431a65155b71339237b591c482b5de7559f856fe20ac39adecdb5f64c003ac1f547bf1b151e84e8eb9ea69d3d752263d24c9d69b1762888ce75a91bdab16cd94d89b072d1bbeeba99cf52b45cdcfb12445b9b9d39bdb0fdfce46edc108aecd16d06f3c4a4e8bb71bdbfb6076d79321f7af34ab3e3b5b5747fda21c18546976e6df51f5cf3c372a550cca7f21d8cef069c0b5a4c3daeb11a0456c000f0fd1f039e1539ac31e037476fdfdc2da415ab02be45bc0f91369bd504e1b6e7403eee4bc957970c5b82259be461703e739f5802da2d036800fbe99198601e5639deb87f6e90a63a5c04993ea41a1ddd1d70548ee41b889705f99ea317f41dd59404d4f2941e4"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xd000000}, 0x0, 0x10, &(0x7f0000000100), 0x237}, 0x48)

331.461631ms ago: executing program 4 (id=1691):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.empty_time\x00', 0x26e1, 0x0)
close(r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x4, 0x4, 0x4}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x4}, 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000200)={r3, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0xa, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x2a}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x4000}}, {{0x6, 0x0, 0x6, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@llu, {0x5, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x4, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_pid(r1, 0x0, 0x0)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x1)
write$cgroup_subtree(r1, 0x0, 0x0)
r4 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r4, 0x0, 0x8080)
sendmsg$kcm(r4, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x40047451, 0x2000000a)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
ioctl$TUNSETOFFLOAD(r0, 0x40047451, 0x20000015)

328.075311ms ago: executing program 1 (id=1692):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1) (async)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, 'perf_event'}, {0x0, 'net'}]}, 0x11) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x18000000000002a0, 0x12, 0x0, &(0x7f0000001240)="b9ff03076804268c989e14f088a8657986dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, &(0x7f0000000680)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000140)=ANY=[@ANYBLOB='b 75:*\trmr'], 0xa)

68.555554ms ago: executing program 0 (id=1693):
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001ac0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169b740ac03d7c64cee49ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d54f45a24effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c7724e9e7e7babf61fe358ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261ed1d4515f46290d5c6579b63358fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe8799fe266e2ccac80fefe750151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa796ea7b156d19612297c63e774e940bfeb0de83f42fd565a299f741f9b00be4e8fcaf4ec85daceb16d9e8a438e3eb2556570e381b03d9e3c245728648ed9ff22dc963ed105c851c3481125b4c0c8a08a0c9930190902af109fc56b64cc952f298ebe73d7b18052e0147356228ca171b06274a871e2cf9609e0b4cdad36c3250bc8f56f95a6ed"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
write$cgroup_int(r2, &(0x7f0000000600), 0x12)
perf_event_open(&(0x7f0000001080)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001080)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=1694):
perf_event_open$cgroup(&(0x7f0000000300)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000140)={'lo\x00', @random="0200ff7fffff"})
socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0x1}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010110007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

kernel console output (not intermixed with test programs):

ysvec_apic_timer_interrupt+0x16/0x20
[  133.336521][ T6043]  should_fail+0x38a/0x4c0
[  133.340953][ T6043]  _copy_to_user+0x2d/0x130
[  133.345466][ T6043]  simple_read_from_buffer+0xc6/0x150
[  133.350854][ T6043]  proc_fail_nth_read+0x1a3/0x210
[  133.355889][ T6043]  ? proc_fault_inject_write+0x390/0x390
[  133.361531][ T6043]  ? fsnotify_perm+0x442/0x590
[  133.366300][ T6043]  ? proc_fault_inject_write+0x390/0x390
[  133.371939][ T6043]  vfs_read+0x2fc/0xe10
[  133.376108][ T6043]  ? kernel_read+0x1f0/0x1f0
[  133.380701][ T6043]  ? rcu_nmi_exit+0x70/0xf0
[  133.385217][ T6043]  ? __fget_files+0x413/0x480
[  133.389905][ T6043]  ? mutex_lock_nested+0x17/0x20
[  133.394845][ T6043]  ? __fdget_pos+0x2cb/0x380
[  133.399471][ T6043]  ? ksys_read+0x77/0x2c0
[  133.403805][ T6043]  ksys_read+0x1a2/0x2c0
[  133.408055][ T6043]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  133.414218][ T6043]  ? vfs_write+0xe50/0xe50
[  133.418636][ T6043]  ? syscall_enter_from_user_mode+0x37/0x240
[  133.424620][ T6043]  ? syscall_enter_from_user_mode+0x2e/0x240
[  133.430605][ T6043]  do_syscall_64+0x3b/0xb0
[  133.435024][ T6043]  ? clear_bhb_loop+0x15/0x70
[  133.439714][ T6043]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  133.445607][ T6043] RIP: 0033:0x7f2c7675893c
[  133.450018][ T6043] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  133.469622][ T6043] RSP: 002b:00007f2c74bd3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  133.478043][ T6043] RAX: ffffffffffffffda RBX: 00007f2c76912f80 RCX: 00007f2c7675893c
[  133.486191][ T6043] RDX: 000000000000000f RSI: 00007f2c74bd30a0 RDI: 0000000000000007
[  133.494161][ T6043] RBP: 00007f2c74bd3090 R08: 0000000000000000 R09: 0000000000000000
[  133.502137][ T6043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  133.510121][ T6043] R13: 0000000000000000 R14: 00007f2c76912f80 R15: 00007ffe3b43c108
[  133.518116][ T6043]  </TASK>
[  133.813893][ T6051] device sit0 left promiscuous mode
[  134.031991][ T3832] Bluetooth: hci0: command 0x040f tx timeout
[  134.589044][ T6052] device sit0 entered promiscuous mode
[  134.712642][ T5873] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  134.869005][ T5873] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  134.890517][ T5873] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  134.927821][ T5873] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  135.185012][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.242366][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  135.264022][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  135.282386][ T6101] validate_nla: 1 callbacks suppressed
[  135.282636][ T6101] netlink: 'syz.3.792': attribute type 9 has an invalid length.
[  135.305659][ T5873] 8021q: adding VLAN 0 to HW filter on device team0
[  135.320785][ T6102] netlink: 'syz.0.791': attribute type 21 has an invalid length.
[  135.325358][ T6103] netlink: 'syz.3.792': attribute type 9 has an invalid length.
[  135.349718][ T6102] netlink: 144 bytes leftover after parsing attributes in process `syz.0.791'.
[  135.371264][ T6103] netlink: 399 bytes leftover after parsing attributes in process `syz.3.792'.
[  135.380364][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  135.398061][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  135.401339][ T6101] netlink: 399 bytes leftover after parsing attributes in process `syz.3.792'.
[  135.412206][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.422113][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.441869][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  135.450738][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  135.461686][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  135.470353][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.477519][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.487749][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  135.530380][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  135.626873][ T6108] device sit0 left promiscuous mode
[  136.265040][   T25] Bluetooth: hci0: command 0x0419 tx timeout
[  138.135279][ T6111] device sit0 entered promiscuous mode
[  138.608000][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  138.675758][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  138.728714][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  138.926541][ T5873] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  138.967784][ T5873] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  139.037244][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  139.067205][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  139.143373][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  139.168156][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  139.190777][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  139.248633][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  139.481570][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  139.781817][ T6157] device syzkaller0 entered promiscuous mode
[  139.833675][ T6161] netlink: 40 bytes leftover after parsing attributes in process `syz.4.811'.
[  140.069006][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.175034][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  140.188421][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  140.198430][ T6173] netlink: 'syz.4.815': attribute type 16 has an invalid length.
[  140.210749][ T6173] netlink: 48 bytes leftover after parsing attributes in process `syz.4.815'.
[  140.274697][ T6177] netlink: 'syz.3.817': attribute type 11 has an invalid length.
[  140.308468][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  140.311944][ T6177] netlink: 'syz.3.817': attribute type 11 has an invalid length.
[  140.340548][ T6177] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.817'.
[  140.352550][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  140.408756][ T6184] FAULT_INJECTION: forcing a failure.
[  140.408756][ T6184] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.410401][ T5873] device veth0_vlan entered promiscuous mode
[  140.443947][ T6184] CPU: 1 PID: 6184 Comm: syz.0.820 Not tainted 5.15.166-syzkaller #0
[  140.452157][ T6184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  140.462212][ T6184] Call Trace:
[  140.465484][ T6184]  <TASK>
[  140.468403][ T6184]  dump_stack_lvl+0x1e3/0x2d0
[  140.473071][ T6184]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  140.478701][ T6184]  ? panic+0x860/0x860
[  140.482801][ T6184]  ? validate_chain+0x112/0x5930
[  140.487727][ T6184]  ? validate_chain+0x112/0x5930
[  140.492656][ T6184]  should_fail+0x38a/0x4c0
[  140.497065][ T6184]  _copy_from_user+0x2d/0x170
[  140.501727][ T6184]  __copy_msghdr_from_user+0xaf/0x7c0
[  140.507089][ T6184]  ? __ia32_sys_shutdown+0x60/0x60
[  140.512195][ T6184]  ___sys_sendmsg+0x166/0x2e0
[  140.516855][ T6184]  ? __sys_sendmsg+0x260/0x260
[  140.521624][ T6184]  ? __fdget+0x191/0x220
[  140.525852][ T6184]  __se_sys_sendmsg+0x19a/0x260
[  140.530686][ T6184]  ? __x64_sys_sendmsg+0x80/0x80
[  140.535621][ T6184]  ? syscall_enter_from_user_mode+0x2e/0x240
[  140.541588][ T6184]  ? lockdep_hardirqs_on+0x94/0x130
[  140.546782][ T6184]  ? syscall_enter_from_user_mode+0x2e/0x240
[  140.552760][ T6184]  do_syscall_64+0x3b/0xb0
[  140.557170][ T6184]  ? clear_bhb_loop+0x15/0x70
[  140.561832][ T6184]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  140.567709][ T6184] RIP: 0033:0x7f2c76759ef9
[  140.572109][ T6184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.591696][ T6184] RSP: 002b:00007f2c74bd3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  140.600092][ T6184] RAX: ffffffffffffffda RBX: 00007f2c76912f80 RCX: 00007f2c76759ef9
[  140.608042][ T6184] RDX: 0000000000000000 RSI: 0000000020001180 RDI: 0000000000000003
[  140.615992][ T6184] RBP: 00007f2c74bd3090 R08: 0000000000000000 R09: 0000000000000000
[  140.623943][ T6184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.631986][ T6184] R13: 0000000000000000 R14: 00007f2c76912f80 R15: 00007ffe3b43c108
[  140.639947][ T6184]  </TASK>
[  140.654677][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  140.675986][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  140.686080][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  140.694611][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  140.709090][ T5873] device veth1_vlan entered promiscuous mode
[  140.730530][ T6190] netlink: 210 bytes leftover after parsing attributes in process `syz.4.822'.
[  140.762687][ T6192] netlink: 'syz.0.823': attribute type 10 has an invalid length.
[  140.925082][ T5873] device veth0_macvtap entered promiscuous mode
[  140.963554][ T6196] netlink: 'syz.3.825': attribute type 33 has an invalid length.
[  140.972957][ T6196] netlink: 36 bytes leftover after parsing attributes in process `syz.3.825'.
[  140.982617][ T6196] device batadv0 entered promiscuous mode
[  140.990117][ T6196] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  141.016325][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  141.027258][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  141.043657][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  141.087324][ T5873] device veth1_macvtap entered promiscuous mode
[  141.162531][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.210093][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.267502][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.278602][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.288675][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.299122][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.309565][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.320570][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.341758][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0
[  141.349368][ T6210] netlink: 'syz.4.831': attribute type 12 has an invalid length.
[  141.360377][ T6210] netlink: 132 bytes leftover after parsing attributes in process `syz.4.831'.
[  141.419794][ T6212] device sit0 left promiscuous mode
[  142.033302][ T6219] device sit0 entered promiscuous mode
[  142.061824][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  142.070377][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  142.125132][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  142.152028][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.163657][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.179429][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.193069][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.207981][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.219779][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.234137][ T5873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.246959][ T5873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.265251][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1
[  142.280595][ T6230] netlink: 'syz.1.837': attribute type 13 has an invalid length.
[  142.302844][ T6230] macvtap0: refused to change device tx_queue_len
[  142.332179][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  142.402815][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  142.528020][ T5873] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  142.596583][ T5873] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  142.609668][ T5873] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.631518][ T5873] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.455078][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.486048][ T6269] netlink: 56 bytes leftover after parsing attributes in process `syz.1.852'.
[  143.526125][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.651552][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  143.743013][ T3642] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.804826][ T3642] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.890473][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  143.998919][ T6282] tun0: tun_chr_ioctl cmd 1074025680
[  144.020609][ T6282] netlink: 'syz.1.858': attribute type 10 has an invalid length.
[  144.091535][ T6282] device veth1_macvtap left promiscuous mode
[  144.225768][ T6282] bridge0: port 5(macsec0) entered blocking state
[  144.246049][ T6282] bridge0: port 5(macsec0) entered disabled state
[  144.303613][ T6282] device macsec0 entered promiscuous mode
[  144.482386][ T6304] device sit0 left promiscuous mode
[  144.570609][ T6302] device sit0 entered promiscuous mode
[  144.791752][ T3642] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.951136][ T3642] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.158570][ T3642] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.240082][ T6321] netlink: 168 bytes leftover after parsing attributes in process `syz.0.869'.
[  145.365209][ T6321] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  145.421488][ T3642] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.443440][ T6321] syz.0.869 (6321) used greatest stack depth: 17472 bytes left
[  146.067611][ T6331] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  146.299910][ T6345] netlink: 'syz.3.879': attribute type 11 has an invalid length.
[  146.307719][ T6345] netlink: 140 bytes leftover after parsing attributes in process `syz.3.879'.
[  146.457835][ T6340] chnl_net:caif_netlink_parms(): no params data found
[  146.641034][ T6351] netlink: 'syz.4.881': attribute type 28 has an invalid length.
[  146.660787][ T6351] netlink: 2 bytes leftover after parsing attributes in process `syz.4.881'.
[  146.748620][ T6356] netlink: 'syz.3.882': attribute type 13 has an invalid length.
[  146.809550][ T6355] device sit0 left promiscuous mode
[  147.479318][ T6364] device sit0 entered promiscuous mode
[  147.564238][ T6340] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.580171][ T6340] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.619702][ T6340] device bridge_slave_0 entered promiscuous mode
[  147.667179][ T6370] device sit0 left promiscuous mode
[  147.857037][ T6382] netlink: 'syz.3.887': attribute type 3 has an invalid length.
[  147.877414][ T6382] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.887'.
[  148.310783][ T1292] Bluetooth: hci0: command 0x0409 tx timeout
[  148.411268][ T6340] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.434118][ T6340] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.448473][ T6340] device bridge_slave_1 entered promiscuous mode
[  148.515547][ T6381] bridge0: port 4(team0) entered blocking state
[  148.523168][ T6381] bridge0: port 4(team0) entered disabled state
[  148.549327][ T6381] device team0 entered promiscuous mode
[  148.557716][ T6381] device team_slave_0 entered promiscuous mode
[  148.578061][ T6381] device team_slave_1 entered promiscuous mode
[  148.587105][ T6377] device sit0 entered promiscuous mode
[  148.715561][ T3642] device hsr_slave_0 left promiscuous mode
[  148.754462][ T3642] device hsr_slave_1 left promiscuous mode
[  148.781418][ T3642] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.799145][ T3642] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.817899][ T3642] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.841382][ T3642] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.862018][ T3642] device bridge_slave_1 left promiscuous mode
[  148.868635][ T3642] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.889566][ T3642] device bridge_slave_0 left promiscuous mode
[  148.906064][ T3642] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.922224][ T3642] device veth1_macvtap left promiscuous mode
[  148.928603][ T3642] device veth0_macvtap left promiscuous mode
[  148.935014][ T3642] device veth1_vlan left promiscuous mode
[  148.940983][ T3642] device veth0_vlan left promiscuous mode
[  149.185634][ T3642] team0 (unregistering): Port device team_slave_1 removed
[  149.198321][ T3642] team0 (unregistering): Port device team_slave_0 removed
[  149.209848][ T3642] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  149.228704][ T3642] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  149.291267][ T3642] bond0 (unregistering): Released all slaves
[  149.338325][ T6340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  149.350163][ T6340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  149.405436][ T6420] device sit0 left promiscuous mode
[  149.817815][ T6424] device sit0 entered promiscuous mode
[  150.036342][ T6340] team0: Port device team_slave_0 added
[  150.056444][ T6340] team0: Port device team_slave_1 added
[  150.431401][   T21] Bluetooth: hci0: command 0x041b tx timeout
[  150.770002][ T6340] batman_adv: batadv0: Adding interface: batadv_slave_0
[  150.777441][ T6340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.805860][ T6340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  150.839503][ T6340] batman_adv: batadv0: Adding interface: batadv_slave_1
[  150.873808][ T6340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.908499][ T6340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  150.967645][ T6449] netlink: 'syz.3.912': attribute type 2 has an invalid length.
[  151.071594][ T6340] device hsr_slave_0 entered promiscuous mode
[  151.089832][ T6340] device hsr_slave_1 entered promiscuous mode
[  151.181714][ T6463] netlink: 'syz.0.920': attribute type 2 has an invalid length.
[  151.189377][ T6463] netlink: 132 bytes leftover after parsing attributes in process `syz.0.920'.
[  152.512679][ T6504] Bluetooth: hci0: command 0x040f tx timeout
[  152.770545][    C1] eth0: bad gso: type: 1, size: 1408
[  152.805097][ T6340] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  152.827671][ T6340] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  152.878897][ T6536] netlink: 'syz.0.943': attribute type 10 has an invalid length.
[  152.910860][ T6536] device veth1_macvtap left promiscuous mode
[  153.026084][ T6340] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  153.076665][ T6340] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  153.394210][ T6551] device syzkaller0 entered promiscuous mode
[  153.419969][ T6555] netlink: 'syz.3.953': attribute type 10 has an invalid length.
[  153.474636][ T6340] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.517852][ T6558] device sit0 left promiscuous mode
[  154.147923][ T6574] FAULT_INJECTION: forcing a failure.
[  154.147923][ T6574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.184274][ T6574] CPU: 0 PID: 6574 Comm: syz.3.958 Not tainted 5.15.166-syzkaller #0
[  154.192373][ T6574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  154.202429][ T6574] Call Trace:
[  154.205698][ T6574]  <TASK>
[  154.208620][ T6574]  dump_stack_lvl+0x1e3/0x2d0
[  154.213297][ T6574]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  154.218923][ T6574]  ? panic+0x860/0x860
[  154.222992][ T6574]  ? validate_chain+0x112/0x5930
[  154.227930][ T6574]  ? validate_chain+0x112/0x5930
[  154.232875][ T6574]  should_fail+0x38a/0x4c0
[  154.237294][ T6574]  _copy_from_user+0x2d/0x170
[  154.241967][ T6574]  iovec_from_user+0x13b/0x390
[  154.246732][ T6574]  __import_iovec+0x72/0x4b0
[  154.251322][ T6574]  ? __ia32_sys_shutdown+0x60/0x60
[  154.256437][ T6574]  import_iovec+0xe6/0x120
[  154.260852][ T6574]  ___sys_sendmsg+0x215/0x2e0
[  154.265529][ T6574]  ? __sys_sendmsg+0x260/0x260
[  154.270330][ T6574]  ? __fdget+0x191/0x220
[  154.274569][ T6574]  __se_sys_sendmsg+0x19a/0x260
[  154.279415][ T6574]  ? __x64_sys_sendmsg+0x80/0x80
[  154.284366][ T6574]  ? syscall_enter_from_user_mode+0x2e/0x240
[  154.290348][ T6574]  ? lockdep_hardirqs_on+0x94/0x130
[  154.295549][ T6574]  ? syscall_enter_from_user_mode+0x2e/0x240
[  154.301533][ T6574]  do_syscall_64+0x3b/0xb0
[  154.305948][ T6574]  ? clear_bhb_loop+0x15/0x70
[  154.310623][ T6574]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  154.316511][ T6574] RIP: 0033:0x7f0034b82ef9
[  154.320921][ T6574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.340518][ T6574] RSP: 002b:00007f0032ffc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  154.348926][ T6574] RAX: ffffffffffffffda RBX: 00007f0034d3bf80 RCX: 00007f0034b82ef9
[  154.356897][ T6574] RDX: 000000000a000000 RSI: 0000000020000600 RDI: 0000000000000003
[  154.364871][ T6574] RBP: 00007f0032ffc090 R08: 0000000000000000 R09: 0000000000000000
[  154.372975][ T6574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.381054][ T6574] R13: 0000000000000000 R14: 00007f0034d3bf80 R15: 00007ffe788b17b8
[  154.389052][ T6574]  </TASK>
[  154.546848][ T6340] 8021q: adding VLAN 0 to HW filter on device team0
[  154.593073][ T6509] Bluetooth: hci0: command 0x0419 tx timeout
[  154.633784][ T6562] netlink: 140 bytes leftover after parsing attributes in process `syz.4.955'.
[  154.658097][ T6562] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  154.695175][ T6564] device sit0 entered promiscuous mode
[  154.729820][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  154.739960][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  154.779238][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  154.810826][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  154.848638][ T3615] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.856050][ T3615] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.877811][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  154.889047][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  154.906398][ T3615] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.913535][ T3615] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.934884][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  154.959088][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  154.982389][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  155.056902][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  155.093836][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  155.117692][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  155.127834][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  155.138088][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  155.170728][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  155.186194][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  155.195899][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  155.205777][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  155.218551][ T6340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  155.492462][ T6615] netlink: 'syz.0.971': attribute type 10 has an invalid length.
[  155.509608][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  155.518300][    C1] eth0: bad gso: type: 1, size: 1408
[  155.519630][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  155.540954][ T6340] 8021q: adding VLAN 0 to HW filter on device batadv0
[  155.618879][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  155.637232][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  155.658308][ T6626] device sit0 left promiscuous mode
[  155.912410][ T6633] device sit0 entered promiscuous mode
[  156.456400][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  156.474752][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  156.556240][ T6340] device veth0_vlan entered promiscuous mode
[  156.579581][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  156.590724][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  156.609090][ T6648] netlink: 'syz.0.980': attribute type 10 has an invalid length.
[  156.639906][ T6340] device veth1_vlan entered promiscuous mode
[  156.683015][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  156.702432][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  156.718443][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  156.737938][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  156.754024][ T6340] device veth0_macvtap entered promiscuous mode
[  156.789895][ T6340] device veth1_macvtap entered promiscuous mode
[  156.838946][ T6340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.868419][ T6340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.883820][ T6340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.896347][ T6340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.906550][ T6340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.919791][ T6340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.938971][ T6340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.949593][ T6340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.963318][ T6340] batman_adv: batadv0: Interface activated: batadv_slave_0
[  156.987157][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  157.000661][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  157.030035][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  157.056337][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  157.091736][ T6340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.111290][ T6340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.136646][ T6340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.164545][ T6340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.191484][ T6340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.218641][ T6340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.244329][ T6340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.277886][ T6340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.318375][ T6340] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.339781][ T6665] netlink: 'syz.3.984': attribute type 10 has an invalid length.
[  157.390286][ T6665] device wlan1 entered promiscuous mode
[  157.408719][ T6665] team0: Port device wlan1 added
[  157.427918][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  157.443418][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  157.476325][ T6340] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.496496][ T6340] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.518596][ T6340] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.541319][ T6340] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.753260][ T3642] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.786723][ T3642] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.836994][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  157.842115][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.870181][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.899546][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  157.929845][ T6675] device sit0 left promiscuous mode
[  158.001827][ T6680] FAULT_INJECTION: forcing a failure.
[  158.001827][ T6680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.062002][ T6679] device sit0 entered promiscuous mode
[  158.145223][ T6680] CPU: 1 PID: 6680 Comm: syz.1.992 Not tainted 5.15.166-syzkaller #0
[  158.153585][ T6680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  158.163649][ T6680] Call Trace:
[  158.166936][ T6680]  <TASK>
[  158.169872][ T6680]  dump_stack_lvl+0x1e3/0x2d0
[  158.174562][ T6680]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  158.180203][ T6680]  ? panic+0x860/0x860
[  158.184301][ T6680]  should_fail+0x38a/0x4c0
[  158.188731][ T6680]  _copy_from_user+0x2d/0x170
[  158.193516][ T6680]  __copy_msghdr_from_user+0xaf/0x7c0
[  158.198899][ T6680]  ? perf_trace_run_bpf_submit+0xf7/0x1d0
[  158.204638][ T6680]  ? __ia32_sys_shutdown+0x60/0x60
[  158.209795][ T6680]  ___sys_sendmsg+0x166/0x2e0
[  158.214487][ T6680]  ? __sys_sendmsg+0x260/0x260
[  158.219390][ T6680]  ? __fdget+0x191/0x220
[  158.223647][ T6680]  __se_sys_sendmsg+0x19a/0x260
[  158.228512][ T6680]  ? __x64_sys_sendmsg+0x80/0x80
[  158.233472][ T6680]  ? syscall_enter_from_user_mode+0x2e/0x240
[  158.239542][ T6680]  ? lockdep_hardirqs_on+0x94/0x130
[  158.244747][ T6680]  ? syscall_enter_from_user_mode+0x2e/0x240
[  158.250737][ T6680]  do_syscall_64+0x3b/0xb0
[  158.255155][ T6680]  ? clear_bhb_loop+0x15/0x70
[  158.259838][ T6680]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  158.265734][ T6680] RIP: 0033:0x7fdfc5232ef9
[  158.270152][ T6680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.289760][ T6680] RSP: 002b:00007fdfc36ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.298189][ T6680] RAX: ffffffffffffffda RBX: 00007fdfc53ebf80 RCX: 00007fdfc5232ef9
[  158.306173][ T6680] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  158.314148][ T6680] RBP: 00007fdfc36ac090 R08: 0000000000000000 R09: 0000000000000000
[  158.322125][ T6680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.330101][ T6680] R13: 0000000000000000 R14: 00007fdfc53ebf80 R15: 00007ffee49b7bd8
[  158.338207][ T6680]  </TASK>
[  158.537883][ T6687] netlink: 'syz.1.995': attribute type 3 has an invalid length.
[  158.545662][ T6687] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.995'.
[  158.773798][ T6683] netlink: 'syz.0.994': attribute type 12 has an invalid length.
[  158.782437][ T6683] netlink: 'syz.0.994': attribute type 1 has an invalid length.
[  158.790158][ T6683] netlink: 40 bytes leftover after parsing attributes in process `syz.0.994'.
[  158.801457][ T6683] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.815349][ T6684] netlink: 14 bytes leftover after parsing attributes in process `syz.4.993'.
[  159.106839][ T6714] netlink: 'syz.1.1005': attribute type 10 has an invalid length.
[  159.124213][ T6714] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1005'.
[  159.419882][ T6718] device sit0 left promiscuous mode
[  159.497104][ T3642] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.576535][ T6720] device sit0 entered promiscuous mode
[  159.956720][ T3642] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.216637][ T3642] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.288480][ T3642] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.819582][ T6765] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1023'.
[  160.865618][ T6759] device sit0 left promiscuous mode
[  161.575369][ T6761] device sit0 entered promiscuous mode
[  161.633005][ T6776] netlink: 'syz.1.1028': attribute type 10 has an invalid length.
[  161.700680][ T6781] FAULT_INJECTION: forcing a failure.
[  161.700680][ T6781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.744190][ T6781] CPU: 1 PID: 6781 Comm: syz.4.1029 Not tainted 5.15.166-syzkaller #0
[  161.752368][ T6781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  161.762431][ T6781] Call Trace:
[  161.765711][ T6781]  <TASK>
[  161.768639][ T6781]  dump_stack_lvl+0x1e3/0x2d0
[  161.773327][ T6781]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  161.778967][ T6781]  ? panic+0x860/0x860
[  161.783126][ T6781]  ? validate_chain+0x112/0x5930
[  161.788084][ T6781]  ? validate_chain+0x112/0x5930
[  161.793032][ T6781]  should_fail+0x38a/0x4c0
[  161.797455][ T6781]  _copy_from_user+0x2d/0x170
[  161.802133][ T6781]  __copy_msghdr_from_user+0x587/0x7c0
[  161.807603][ T6781]  ? __ia32_sys_shutdown+0x60/0x60
[  161.812738][ T6781]  ___sys_sendmsg+0x166/0x2e0
[  161.817422][ T6781]  ? __sys_sendmsg+0x260/0x260
[  161.822223][ T6781]  ? __fdget+0x191/0x220
[  161.826473][ T6781]  __se_sys_sendmsg+0x19a/0x260
[  161.831326][ T6781]  ? __x64_sys_sendmsg+0x80/0x80
[  161.836270][ T6781]  ? syscall_enter_from_user_mode+0x2e/0x240
[  161.842251][ T6781]  ? lockdep_hardirqs_on+0x94/0x130
[  161.847448][ T6781]  ? syscall_enter_from_user_mode+0x2e/0x240
[  161.853519][ T6781]  do_syscall_64+0x3b/0xb0
[  161.857932][ T6781]  ? clear_bhb_loop+0x15/0x70
[  161.862606][ T6781]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  161.868500][ T6781] RIP: 0033:0x7f1afbeabef9
[  161.872919][ T6781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.892524][ T6781] RSP: 002b:00007f1afa325038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  161.900940][ T6781] RAX: ffffffffffffffda RBX: 00007f1afc064f80 RCX: 00007f1afbeabef9
[  161.908910][ T6781] RDX: 0000000000000000 RSI: 0000000020001180 RDI: 0000000000000003
[  161.917069][ T6781] RBP: 00007f1afa325090 R08: 0000000000000000 R09: 0000000000000000
[  161.925145][ T6781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.933124][ T6781] R13: 0000000000000000 R14: 00007f1afc064f80 R15: 00007fff648e2508
[  161.939339][ T6786] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  161.941109][ T6781]  </TASK>
[  162.059643][ T6760] chnl_net:caif_netlink_parms(): no params data found
[  162.080556][ T6794] netlink: 'syz.3.1034': attribute type 10 has an invalid length.
[  162.319408][ T6760] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.326871][ T6760] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.335336][ T6760] device bridge_slave_0 entered promiscuous mode
[  162.344608][ T6760] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.352577][ T6760] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.361460][ T6760] device bridge_slave_1 entered promiscuous mode
[  162.393268][ T6808] device sit0 left promiscuous mode
[  162.911454][ T6494] Bluetooth: hci0: command 0x0409 tx timeout
[  163.131333][ T6814] device sit0 entered promiscuous mode
[  163.414658][ T6760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.497002][ T3642] device hsr_slave_0 left promiscuous mode
[  163.517266][ T3642] device hsr_slave_1 left promiscuous mode
[  163.532147][ T6847] netlink: 'syz.3.1050': attribute type 4 has an invalid length.
[  163.544414][ T3642] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.569165][ T6847] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1050'.
[  163.579197][ T3642] batman_adv: batadv0: Removing interface: batadv_slave_0
[  163.587774][ T3642] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  163.596030][ T3642] batman_adv: batadv0: Removing interface: batadv_slave_1
[  163.604365][ T3642] device bridge_slave_1 left promiscuous mode
[  163.610608][ T3642] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.630891][ T3642] device bridge_slave_0 left promiscuous mode
[  163.638558][ T3642] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.664777][ T3642] device veth1_macvtap left promiscuous mode
[  163.678272][ T3642] device veth0_macvtap left promiscuous mode
[  163.693324][ T3642] device veth1_vlan left promiscuous mode
[  163.706192][ T3642] device veth0_vlan left promiscuous mode
[  164.150526][ T3642] team0 (unregistering): Port device team_slave_1 removed
[  164.176414][ T3642] team0 (unregistering): Port device team_slave_0 removed
[  164.198090][ T3642] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.233625][ T3642] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.441553][ T3642] bond0 (unregistering): Released all slaves
[  164.521038][ T6840] netlink: 'syz.3.1050': attribute type 17 has an invalid length.
[  164.529548][ T6840] netlink: 'syz.3.1050': attribute type 16 has an invalid length.
[  164.538251][ T6840] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1050'.
[  164.560958][ T6760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.969752][ T6760] team0: Port device team_slave_0 added
[  164.991711][ T6627] Bluetooth: hci0: command 0x041b tx timeout
[  165.061999][ T6760] team0: Port device team_slave_1 added
[  165.204133][ T6760] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.211797][ T6760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.258267][ T6760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  165.314400][ T6760] batman_adv: batadv0: Adding interface: batadv_slave_1
[  165.354390][ T6760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.423398][ T6760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  165.488949][ T6884] device sit0 left promiscuous mode
[  166.140495][ T6892] device sit0 entered promiscuous mode
[  166.189908][ T6898] netlink: 'syz.0.1072': attribute type 10 has an invalid length.
[  166.294330][ T6907] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1075'.
[  166.434689][ T6760] device hsr_slave_0 entered promiscuous mode
[  166.506761][ T6760] device hsr_slave_1 entered promiscuous mode
[  166.983540][ T6934] device sit0 left promiscuous mode
[  167.115937][ T6494] Bluetooth: hci0: command 0x040f tx timeout
[  168.745441][ T6937] device sit0 entered promiscuous mode
[  169.151527][ T6627] Bluetooth: hci0: command 0x0419 tx timeout
[  169.374867][ T6941] A link change request failed with some changes committed already. Interface Y�4��`Ҙ may have been left with an inconsistent configuration, please check.
[  169.404263][ T6946] netlink: 'syz.0.1089': attribute type 28 has an invalid length.
[  169.417470][ T6946] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1089'.
[  169.765246][ T6760] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  169.963508][ T6760] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  170.283180][ T6760] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  170.455523][ T6760] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  170.591313][ T6627] Bluetooth: hci4: command 0x0406 tx timeout
[  170.756433][ T6760] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.815896][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  170.853869][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  170.885227][ T6760] 8021q: adding VLAN 0 to HW filter on device team0
[  170.942090][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  170.957864][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  170.983568][  T454] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.990759][  T454] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.000560][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  171.039874][ T7008] device sit0 left promiscuous mode
[  171.314327][ T7014] device sit0 entered promiscuous mode
[  171.511510][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  171.520282][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  171.540727][ T3808] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.547890][ T3808] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.692511][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  171.751831][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  171.769677][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  171.782848][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  171.806431][ T3808] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  171.856532][ T7036] netlink: 'syz.3.1120': attribute type 2 has an invalid length.
[  171.901534][ T7043] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1122'.
[  172.031360][ T7049] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1122'.
[  172.146814][ T6760] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  172.211622][ T6760] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  172.261252][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  172.282532][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  172.293280][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  172.307031][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  172.360962][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  172.374224][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  172.416834][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  173.582475][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  173.589981][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  173.704497][ T6760] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.860132][ T7124] device sit0 left promiscuous mode
[  174.413894][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  174.444174][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  174.497348][ T7127] device sit0 entered promiscuous mode
[  174.900029][ T7146] netlink: 'syz.0.1140': attribute type 29 has an invalid length.
[  175.166800][ T7154] syz.3.1143[7154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  175.166896][ T7154] syz.3.1143[7154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  175.725592][ T6760] device veth0_vlan entered promiscuous mode
[  175.779482][ T7146] netlink: 'syz.0.1140': attribute type 29 has an invalid length.
[  175.788206][ T7162] netlink: 'syz.3.1147': attribute type 9 has an invalid length.
[  175.805499][ T7162] netlink: 61951 bytes leftover after parsing attributes in process `syz.3.1147'.
[  175.853680][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  175.888616][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  175.932388][ T7165] netlink: 'syz.4.1148': attribute type 10 has an invalid length.
[  175.947275][ T6760] device veth1_vlan entered promiscuous mode
[  175.964363][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  175.975551][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  176.036970][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  176.066702][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  176.124053][ T6760] device veth0_macvtap entered promiscuous mode
[  176.143729][ T7171] netlink: 'syz.3.1150': attribute type 10 has an invalid length.
[  176.164466][ T7171] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1150'.
[  176.225283][ T7171] device ipvlan1 entered promiscuous mode
[  176.348384][ T7171] bridge0: port 5(ipvlan1) entered blocking state
[  176.358903][ T7171] bridge0: port 5(ipvlan1) entered disabled state
[  176.380996][ T7171] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  176.423096][ T6760] device veth1_macvtap entered promiscuous mode
[  176.450327][ T7181] netlink: 'syz.4.1155': attribute type 10 has an invalid length.
[  176.577320][ T6760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.589741][ T7196] FAULT_INJECTION: forcing a failure.
[  176.589741][ T7196] name failslab, interval 1, probability 0, space 0, times 0
[  176.625652][ T6760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.631193][ T7196] CPU: 0 PID: 7196 Comm: syz.0.1160 Not tainted 5.15.166-syzkaller #0
[  176.643601][ T7196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  176.653664][ T7196] Call Trace:
[  176.656938][ T7196]  <TASK>
[  176.659866][ T7196]  dump_stack_lvl+0x1e3/0x2d0
[  176.664554][ T7196]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  176.667331][ T6760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.670187][ T7196]  ? panic+0x860/0x860
[  176.684621][ T7196]  ? __might_sleep+0xc0/0xc0
[  176.689215][ T7196]  ? netlink_insert+0xcac/0x1280
[  176.694160][ T7196]  should_fail+0x38a/0x4c0
[  176.698581][ T7196]  should_failslab+0x5/0x20
[  176.703079][ T7196]  slab_pre_alloc_hook+0x53/0xc0
[  176.708034][ T7196]  kmem_cache_alloc_node+0x49/0x2c0
[  176.712829][ T6760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.713225][ T7196]  ? __alloc_skb+0xdd/0x590
[  176.727484][ T7196]  __alloc_skb+0xdd/0x590
[  176.728362][ T6760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.731811][ T7196]  netlink_sendmsg+0x6f8/0xd60
[  176.731843][ T7196]  ? netlink_getsockopt+0x5b0/0x5b0
[  176.731863][ T7196]  ? aa_sock_msg_perm+0x91/0x150
[  176.731883][ T7196]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  176.731899][ T7196]  ? security_socket_sendmsg+0x7d/0xa0
[  176.731915][ T7196]  ? netlink_getsockopt+0x5b0/0x5b0
[  176.731935][ T7196]  ____sys_sendmsg+0x59e/0x8f0
[  176.760618][ T6760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.762386][ T7196]  ? iovec_from_user+0x300/0x390
[  176.762417][ T7196]  ? __sys_sendmsg_sock+0x30/0x30
[  176.762449][ T7196]  ___sys_sendmsg+0x252/0x2e0
[  176.762471][ T7196]  ? __sys_sendmsg+0x260/0x260
[  176.762524][ T7196]  ? __fdget+0x191/0x220
[  176.762546][ T7196]  __se_sys_sendmsg+0x19a/0x260
[  176.762565][ T7196]  ? __x64_sys_sendmsg+0x80/0x80
[  176.762590][ T7196]  ? syscall_enter_from_user_mode+0x2e/0x240
[  176.773883][ T6760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.777914][ T7196]  ? lockdep_hardirqs_on+0x94/0x130
[  176.790333][ T6760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.792593][ T7196]  ? syscall_enter_from_user_mode+0x2e/0x240
[  176.792620][ T7196]  do_syscall_64+0x3b/0xb0
[  176.792636][ T7196]  ? clear_bhb_loop+0x15/0x70
[  176.792652][ T7196]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  176.792672][ T7196] RIP: 0033:0x7f2c76759ef9
[  176.792688][ T7196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.792702][ T7196] RSP: 002b:00007f2c74bd3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  176.792721][ T7196] RAX: ffffffffffffffda RBX: 00007f2c76912f80 RCX: 00007f2c76759ef9
[  176.805227][ T6760] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.807112][ T7196] RDX: 000000000a000000 RSI: 0000000020000600 RDI: 0000000000000003
[  176.829835][ T6760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  176.837385][ T7196] RBP: 00007f2c74bd3090 R08: 0000000000000000 R09: 0000000000000000
[  176.837401][ T7196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.837411][ T7196] R13: 0000000000000000 R14: 00007f2c76912f80 R15: 00007ffe3b43c108
[  176.837436][ T7196]  </TASK>
[  176.969576][ T6760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.987131][ T6760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.001560][ T6760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.018363][ T6760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.048526][ T6760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.064601][ T6760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.076719][ T6760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.103913][ T6760] batman_adv: batadv0: Interface activated: batadv_slave_1
[  177.158956][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  177.188103][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  177.213464][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  177.277753][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  177.392322][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  177.402716][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  177.483456][ T6760] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.547252][ T6760] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.567892][ T6760] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.584577][ T6760] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.754511][ T7242] netlink: 'syz.0.1174': attribute type 10 has an invalid length.
[  177.849699][ T4291] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.876486][ T4291] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.900448][ T3642] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.903818][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  177.931911][ T3642] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.958452][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  178.037997][ T7248] netlink: 'syz.4.1180': attribute type 10 has an invalid length.
[  178.669498][ T3642] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.819246][ T3642] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.099586][ T3642] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.166849][ T3642] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.903145][ T7278] netlink: 1038 bytes leftover after parsing attributes in process `syz.4.1191'.
[  179.922409][ T7282] FAULT_INJECTION: forcing a failure.
[  179.922409][ T7282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.964671][ T7286] netlink: 'syz.3.1189': attribute type 10 has an invalid length.
[  179.974861][ T7278] netlink: 'syz.4.1191': attribute type 29 has an invalid length.
[  179.997249][ T7282] CPU: 1 PID: 7282 Comm: syz.1.1193 Not tainted 5.15.166-syzkaller #0
[  180.005436][ T7282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  180.015484][ T7282] Call Trace:
[  180.018746][ T7282]  <TASK>
[  180.021665][ T7282]  dump_stack_lvl+0x1e3/0x2d0
[  180.026334][ T7282]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  180.031950][ T7282]  ? panic+0x860/0x860
[  180.036021][ T7282]  should_fail+0x38a/0x4c0
[  180.040431][ T7282]  _copy_from_user+0x2d/0x170
[  180.045106][ T7282]  iovec_from_user+0x13b/0x390
[  180.049864][ T7282]  __import_iovec+0x72/0x4b0
[  180.054442][ T7282]  ? __ia32_sys_shutdown+0x60/0x60
[  180.059558][ T7282]  import_iovec+0xe6/0x120
[  180.063971][ T7282]  ___sys_sendmsg+0x215/0x2e0
[  180.068642][ T7282]  ? __sys_sendmsg+0x260/0x260
[  180.073448][ T7282]  ? __fdget+0x191/0x220
[  180.077682][ T7282]  __se_sys_sendmsg+0x19a/0x260
[  180.082873][ T7282]  ? __x64_sys_sendmsg+0x80/0x80
[  180.087807][ T7282]  ? syscall_enter_from_user_mode+0x2e/0x240
[  180.093773][ T7282]  ? lockdep_hardirqs_on+0x94/0x130
[  180.098955][ T7282]  ? syscall_enter_from_user_mode+0x2e/0x240
[  180.104922][ T7282]  do_syscall_64+0x3b/0xb0
[  180.109322][ T7282]  ? clear_bhb_loop+0x15/0x70
[  180.113981][ T7282]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  180.119858][ T7282] RIP: 0033:0x7fdfc5232ef9
[  180.124262][ T7282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.144025][ T7282] RSP: 002b:00007fdfc36ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  180.152424][ T7282] RAX: ffffffffffffffda RBX: 00007fdfc53ebf80 RCX: 00007fdfc5232ef9
[  180.160381][ T7282] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  180.168334][ T7282] RBP: 00007fdfc36ac090 R08: 0000000000000000 R09: 0000000000000000
[  180.176288][ T7282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.184247][ T7282] R13: 0000000000000000 R14: 00007fdfc53ebf80 R15: 00007ffee49b7bd8
[  180.192226][ T7282]  </TASK>
[  180.212787][ T7278] netlink: 'syz.4.1191': attribute type 29 has an invalid length.
[  180.240693][ T7287] netlink: 'syz.4.1191': attribute type 29 has an invalid length.
[  180.249205][ T7288] netlink: 'syz.4.1191': attribute type 29 has an invalid length.
[  180.298391][ T3642] device hsr_slave_0 left promiscuous mode
[  180.313384][ T3642] device hsr_slave_1 left promiscuous mode
[  180.322061][ T3642] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  180.353452][ T3642] batman_adv: batadv0: Removing interface: batadv_slave_0
[  180.368060][ T3642] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  180.376524][ T3642] batman_adv: batadv0: Removing interface: batadv_slave_1
[  180.384516][ T3642] device bridge_slave_1 left promiscuous mode
[  180.390744][ T3642] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.399562][ T3642] device bridge_slave_0 left promiscuous mode
[  180.406092][ T3642] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.426306][ T3642] device veth1_macvtap left promiscuous mode
[  180.432530][ T3642] device veth0_macvtap left promiscuous mode
[  180.438656][ T3642] device veth1_vlan left promiscuous mode
[  180.444787][ T3642] device veth0_vlan left promiscuous mode
[  180.662332][ T3642] team0 (unregistering): Port device team_slave_1 removed
[  180.711123][ T3642] team0 (unregistering): Port device team_slave_0 removed
[  180.750613][ T3642] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  180.776668][ T3642] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  180.860139][ T3642] bond0 (unregistering): Released all slaves
[  180.907255][ T7278] netlink: 'syz.4.1191': attribute type 29 has an invalid length.
[  180.920196][ T7292] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1195'.
[  180.934248][ T7300] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1198'.
[  181.165359][ T7284] chnl_net:caif_netlink_parms(): no params data found
[  181.397994][ T7323] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.1206'.
[  181.457589][ T7284] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.468852][ T7284] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.501960][ T7284] device bridge_slave_0 entered promiscuous mode
[  181.532641][ T7284] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.539864][ T7284] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.574125][ T7284] device bridge_slave_1 entered promiscuous mode
[  181.715485][ T7284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  181.764028][ T7284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  181.902331][ T7284] team0: Port device team_slave_0 added
[  181.946752][ T7284] team0: Port device team_slave_1 added
[  182.031580][ T6390] Bluetooth: hci0: command 0x0409 tx timeout
[  182.050675][ T7356] device sit0 left promiscuous mode
[  182.721434][ T7363] device sit0 entered promiscuous mode
[  182.860213][ T7370] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1225'.
[  182.899054][ T7375] netlink: 'syz.3.1227': attribute type 21 has an invalid length.
[  182.925051][ T7284] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.951580][ T7284] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.030726][ T7284] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  183.079511][ T7284] batman_adv: batadv0: Adding interface: batadv_slave_1
[  183.091723][ T7393] FAULT_INJECTION: forcing a failure.
[  183.091723][ T7393] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.101543][ T7284] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.125341][ T7393] CPU: 1 PID: 7393 Comm: syz.1.1233 Not tainted 5.15.166-syzkaller #0
[  183.138839][ T7393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  183.144391][ T7284] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  183.148894][ T7393] Call Trace:
[  183.148913][ T7393]  <TASK>
[  183.148921][ T7393]  dump_stack_lvl+0x1e3/0x2d0
[  183.170242][ T7393]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  183.175885][ T7393]  ? panic+0x860/0x860
[  183.179972][ T7393]  ? validate_chain+0x112/0x5930
[  183.184917][ T7393]  ? validate_chain+0x112/0x5930
[  183.189872][ T7393]  should_fail+0x38a/0x4c0
[  183.194300][ T7393]  _copy_from_user+0x2d/0x170
[  183.198983][ T7393]  iovec_from_user+0x13b/0x390
[  183.203757][ T7393]  __import_iovec+0x72/0x4b0
[  183.208433][ T7393]  ? __ia32_sys_shutdown+0x60/0x60
[  183.213547][ T7393]  import_iovec+0xe6/0x120
[  183.217997][ T7393]  ___sys_sendmsg+0x215/0x2e0
[  183.222677][ T7393]  ? __sys_sendmsg+0x260/0x260
[  183.227481][ T7393]  ? __fdget+0x191/0x220
[  183.231821][ T7393]  __se_sys_sendmsg+0x19a/0x260
[  183.236762][ T7393]  ? __x64_sys_sendmsg+0x80/0x80
[  183.241706][ T7393]  ? syscall_enter_from_user_mode+0x2e/0x240
[  183.247685][ T7393]  ? lockdep_hardirqs_on+0x94/0x130
[  183.252919][ T7393]  ? syscall_enter_from_user_mode+0x2e/0x240
[  183.258921][ T7393]  do_syscall_64+0x3b/0xb0
[  183.263332][ T7393]  ? clear_bhb_loop+0x15/0x70
[  183.268008][ T7393]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  183.273900][ T7393] RIP: 0033:0x7fdfc5232ef9
[  183.278317][ T7393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.297926][ T7393] RSP: 002b:00007fdfc36ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.306345][ T7393] RAX: ffffffffffffffda RBX: 00007fdfc53ebf80 RCX: 00007fdfc5232ef9
[  183.314312][ T7393] RDX: 0000000000000000 RSI: 0000000020001180 RDI: 0000000000000003
[  183.322279][ T7393] RBP: 00007fdfc36ac090 R08: 0000000000000000 R09: 0000000000000000
[  183.330243][ T7393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.338212][ T7393] R13: 0000000000000000 R14: 00007fdfc53ebf80 R15: 00007ffee49b7bd8
[  183.346200][ T7393]  </TASK>
[  183.450111][ T7284] device hsr_slave_0 entered promiscuous mode
[  183.488355][ T7284] device hsr_slave_1 entered promiscuous mode
[  183.530383][ T7397] netlink: 'syz.1.1236': attribute type 10 has an invalid length.
[  183.589901][ T7401] device sit0 left promiscuous mode
[  184.059055][ T7406] device sit0 entered promiscuous mode
[  184.111347][ T6390] Bluetooth: hci0: command 0x041b tx timeout
[  184.713153][ T7419] device sit0 left promiscuous mode
[  184.978183][ T7427] device sit0 entered promiscuous mode
[  185.312235][ T7284] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  185.358835][ T7284] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  185.391603][ T7284] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  185.466968][ T7451] netlink: 'syz.1.1257': attribute type 21 has an invalid length.
[  185.479337][ T7451] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1257'.
[  185.506523][ T7284] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  185.792501][ T7284] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.873227][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  185.913368][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  185.954903][ T7284] 8021q: adding VLAN 0 to HW filter on device team0
[  186.072509][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  186.089899][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  186.145097][ T4291] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.152248][ T4291] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.173456][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  186.185451][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  186.193826][ T6630] Bluetooth: hci0: command 0x040f tx timeout
[  186.213957][ T4291] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.221035][ T4291] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.245896][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  186.282069][ T7484] netlink: 'syz.0.1269': attribute type 21 has an invalid length.
[  186.290117][ T7484] IPv6: NLM_F_CREATE should be specified when creating new route
[  186.305726][ T7484] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  186.313404][ T7484] IPv6: NLM_F_CREATE should be set when creating new route
[  186.320715][ T7484] IPv6: NLM_F_CREATE should be set when creating new route
[  186.327999][ T7484] IPv6: NLM_F_CREATE should be set when creating new route
[  186.351413][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  186.379575][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  186.429420][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  186.464755][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  186.502778][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  186.536098][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  186.550593][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  186.559735][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  186.570059][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  186.587044][ T7284] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  186.608853][ T7284] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  186.618702][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  186.645653][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  186.692547][ T7506] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1278'.
[  186.995919][ T7532] device sit0 left promiscuous mode
[  187.214963][ T7533] device sit0 entered promiscuous mode
[  187.379002][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  187.386835][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  187.400376][ T7284] 8021q: adding VLAN 0 to HW filter on device batadv0
[  187.465778][ T7073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  187.497516][ T7073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  187.578940][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  187.604476][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  187.627932][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  187.655139][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  187.685849][ T7284] device veth0_vlan entered promiscuous mode
[  187.746450][ T7284] device veth1_vlan entered promiscuous mode
[  187.786573][ T7555] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  187.902781][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  187.934438][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  187.953263][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  187.975167][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  188.009045][ T7559] netlink: 'syz.0.1296': attribute type 28 has an invalid length.
[  188.020673][ T7559] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1296'.
[  188.035408][ T7284] device veth0_macvtap entered promiscuous mode
[  188.120940][ T7565] device sit0 left promiscuous mode
[  188.271433][ T6630] Bluetooth: hci0: command 0x0419 tx timeout
[  188.811613][ T7569] device sit0 entered promiscuous mode
[  188.868089][ T7570] netlink: 'syz.1.1298': attribute type 39 has an invalid length.
[  188.883608][ T7570] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  188.915502][ T7579] netlink: 'syz.4.1303': attribute type 21 has an invalid length.
[  188.938385][ T7579] netlink: 'syz.4.1303': attribute type 1 has an invalid length.
[  188.947222][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  188.963057][ T7284] device veth1_macvtap entered promiscuous mode
[  189.047199][ T7284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.080034][ T7284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.135056][ T7284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.152310][ T7608] syz.4.1309[7608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.152395][ T7608] syz.4.1309[7608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.168517][ T7284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.185686][ T7608] syz.4.1309[7608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.213857][ T7608] syz.4.1309[7608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.230471][ T7284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.267741][ T7284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.278353][ T7284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.289019][ T7284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.300496][ T7284] batman_adv: batadv0: Interface activated: batadv_slave_0
[  189.313746][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  189.342093][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  189.361785][ T7284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.389624][ T7284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.410188][ T7284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.420933][ T7284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.431038][ T7284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.441742][ T7284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.451923][ T7284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.462569][ T7284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.475282][ T7284] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.493091][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  189.507488][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  189.526083][ T7284] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.536390][ T7284] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.545357][ T7284] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.560355][ T7284] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.647786][ T7617] device sit0 left promiscuous mode
[  190.204053][ T7630] netlink: 'syz.4.1321': attribute type 4 has an invalid length.
[  190.220830][ T7630] netlink: 'syz.4.1321': attribute type 16 has an invalid length.
[  190.229329][ T7630] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1321'.
[  190.453751][ T7620] device sit0 entered promiscuous mode
[  190.537806][ T7623] netlink: 'syz.0.1319': attribute type 2 has an invalid length.
[  190.726294][    C1] eth0: bad gso: type: 1, size: 1408
[  190.823102][ T7073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.891455][ T7073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.930516][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  190.978678][ T7073] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.999240][ T7073] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.054570][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  191.072541][ T6390] Bluetooth: hci5: command 0x0406 tx timeout
[  191.461362][ T7649] device veth1_macvtap entered promiscuous mode
[  191.944599][ T7073] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.326243][ T7073] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.407155][ T7073] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.467236][ T7073] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.191050][ T7073] device hsr_slave_0 left promiscuous mode
[  193.213164][ T7073] device hsr_slave_1 left promiscuous mode
[  193.227007][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.246637][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.270181][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.299116][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.319381][ T7073] device bridge_slave_1 left promiscuous mode
[  193.333037][ T7073] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.349282][ T7073] device bridge_slave_0 left promiscuous mode
[  193.405553][ T7073] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.421490][    C1] eth0: bad gso: type: 1, size: 1408
[  193.445105][    C1] eth0: bad gso: type: 1, size: 1408
[  193.466575][ T7073] device veth1_macvtap left promiscuous mode
[  193.496824][ T7073] device veth0_macvtap left promiscuous mode
[  193.504641][ T7073] device veth1_vlan left promiscuous mode
[  193.510560][ T7073] device veth0_vlan left promiscuous mode
[  193.709165][ T7073] team0 (unregistering): Port device team_slave_1 removed
[  193.726575][ T7073] team0 (unregistering): Port device team_slave_0 removed
[  193.746234][ T7073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.768544][ T7073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.829244][ T7073] bond0 (unregistering): Released all slaves
[  193.876338][ T7679] netlink: 'syz.1.1341': attribute type 16 has an invalid length.
[  193.884781][ T7679] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1341'.
[  193.898321][ T7691] device pim6reg1 entered promiscuous mode
[  193.906102][ T7699] netlink: 'syz.4.1346': attribute type 10 has an invalid length.
[  194.120836][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  194.129998][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  194.324855][ T7723] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1356'.
[  194.387018][ T7712] device syzkaller0 entered promiscuous mode
[  194.398056][ T7682] chnl_net:caif_netlink_parms(): no params data found
[  194.684392][ T7743] FAULT_INJECTION: forcing a failure.
[  194.684392][ T7743] name failslab, interval 1, probability 0, space 0, times 0
[  194.744246][ T7745] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1362'.
[  194.746538][ T7743] CPU: 0 PID: 7743 Comm: syz.3.1361 Not tainted 5.15.166-syzkaller #0
[  194.761435][ T7743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  194.771489][ T7743] Call Trace:
[  194.774772][ T7743]  <TASK>
[  194.777702][ T7743]  dump_stack_lvl+0x1e3/0x2d0
[  194.778972][ T7745] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  194.782384][ T7743]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  194.782408][ T7743]  ? panic+0x860/0x860
[  194.782428][ T7743]  ? __might_sleep+0xc0/0xc0
[  194.812770][ T7743]  should_fail+0x38a/0x4c0
[  194.817174][ T7743]  should_failslab+0x5/0x20
[  194.821660][ T7743]  slab_pre_alloc_hook+0x53/0xc0
[  194.826609][ T7743]  __kmalloc_node_track_caller+0x6b/0x390
[  194.832332][ T7743]  ? netlink_sendmsg+0x6f8/0xd60
[  194.837257][ T7743]  ? kmem_cache_alloc_node+0x154/0x2c0
[  194.842698][ T7743]  ? __alloc_skb+0xdd/0x590
[  194.847185][ T7743]  ? netlink_sendmsg+0x6f8/0xd60
[  194.852104][ T7743]  __alloc_skb+0x12c/0x590
[  194.856506][ T7743]  netlink_sendmsg+0x6f8/0xd60
[  194.861343][ T7743]  ? netlink_getsockopt+0x5b0/0x5b0
[  194.866526][ T7743]  ? aa_sock_msg_perm+0x91/0x150
[  194.871443][ T7743]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  194.876705][ T7743]  ? security_socket_sendmsg+0x7d/0xa0
[  194.882147][ T7743]  ? netlink_getsockopt+0x5b0/0x5b0
[  194.887329][ T7743]  ____sys_sendmsg+0x59e/0x8f0
[  194.892086][ T7743]  ? iovec_from_user+0x300/0x390
[  194.897010][ T7743]  ? __sys_sendmsg_sock+0x30/0x30
[  194.902122][ T7743]  ___sys_sendmsg+0x252/0x2e0
[  194.906790][ T7743]  ? __sys_sendmsg+0x260/0x260
[  194.911560][ T7743]  ? __fdget+0x191/0x220
[  194.915879][ T7743]  __se_sys_sendmsg+0x19a/0x260
[  194.920709][ T7743]  ? __x64_sys_sendmsg+0x80/0x80
[  194.925629][ T7743]  ? syscall_enter_from_user_mode+0x2e/0x240
[  194.931695][ T7743]  ? lockdep_hardirqs_on+0x94/0x130
[  194.936879][ T7743]  ? syscall_enter_from_user_mode+0x2e/0x240
[  194.942841][ T7743]  do_syscall_64+0x3b/0xb0
[  194.947236][ T7743]  ? clear_bhb_loop+0x15/0x70
[  194.951887][ T7743]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  194.957767][ T7743] RIP: 0033:0x7f0034b82ef9
[  194.962160][ T7743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.981745][ T7743] RSP: 002b:00007f0032ffc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.990136][ T7743] RAX: ffffffffffffffda RBX: 00007f0034d3bf80 RCX: 00007f0034b82ef9
[  194.998087][ T7743] RDX: 000000000a000000 RSI: 0000000020000600 RDI: 0000000000000003
[  195.006036][ T7743] RBP: 00007f0032ffc090 R08: 0000000000000000 R09: 0000000000000000
[  195.013986][ T7743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.021934][ T7743] R13: 0000000000000000 R14: 00007f0034d3bf80 R15: 00007ffe788b17b8
[  195.029895][ T7743]  </TASK>
[  195.127573][ T7682] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.139500][ T7682] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.159757][ T7682] device bridge_slave_0 entered promiscuous mode
[  195.211392][ T7682] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.241267][ T7682] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.249256][ T7682] device bridge_slave_1 entered promiscuous mode
[  195.366948][ T7682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  195.388118][ T7682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.398026][ T6390] Bluetooth: hci0: command 0x0409 tx timeout
[  195.665217][ T7764] device sit0 left promiscuous mode
[  196.221253][ T6390] Bluetooth: hci2: command 0x0406 tx timeout
[  196.231682][ T6390] Bluetooth: hci1: command 0x0406 tx timeout
[  196.253635][ T7765] device sit0 entered promiscuous mode
[  196.320645][ T7682] team0: Port device team_slave_0 added
[  196.425319][ T7682] team0: Port device team_slave_1 added
[  196.440196][ T7791] netlink: 'syz.1.1376': attribute type 10 has an invalid length.
[  196.597679][ T7682] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.626184][ T7682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.667860][ T7682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.714341][ T7804] netlink: 'syz.4.1380': attribute type 10 has an invalid length.
[  196.796474][ T7803] device syzkaller0 entered promiscuous mode
[  196.840167][ T7682] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.857659][ T7682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.900104][ T7682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.959896][ T7682] device hsr_slave_0 entered promiscuous mode
[  196.976894][ T7682] device hsr_slave_1 entered promiscuous mode
[  197.382739][ T7817] device sit0 left promiscuous mode
[  197.471444][ T6494] Bluetooth: hci0: command 0x041b tx timeout
[  197.853322][ T7826] FAULT_INJECTION: forcing a failure.
[  197.853322][ T7826] name failslab, interval 1, probability 0, space 0, times 0
[  197.890984][ T7826] CPU: 1 PID: 7826 Comm: syz.1.1389 Not tainted 5.15.166-syzkaller #0
[  197.899166][ T7826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  197.909218][ T7826] Call Trace:
[  197.912494][ T7826]  <TASK>
[  197.915428][ T7826]  dump_stack_lvl+0x1e3/0x2d0
[  197.920118][ T7826]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  197.925750][ T7826]  ? panic+0x860/0x860
[  197.929826][ T7826]  ? __might_sleep+0xc0/0xc0
[  197.934415][ T7826]  ? netlink_insert+0xcac/0x1280
[  197.939363][ T7826]  should_fail+0x38a/0x4c0
[  197.943818][ T7826]  should_failslab+0x5/0x20
[  197.948320][ T7826]  slab_pre_alloc_hook+0x53/0xc0
[  197.953268][ T7826]  kmem_cache_alloc_node+0x49/0x2c0
[  197.958479][ T7826]  ? __alloc_skb+0xdd/0x590
[  197.963004][ T7826]  __alloc_skb+0xdd/0x590
[  197.967353][ T7826]  netlink_sendmsg+0x6f8/0xd60
[  197.972271][ T7826]  ? netlink_getsockopt+0x5b0/0x5b0
[  197.977482][ T7826]  ? aa_sock_msg_perm+0x91/0x150
[  197.982428][ T7826]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  197.987715][ T7826]  ? security_socket_sendmsg+0x7d/0xa0
[  197.993169][ T7826]  ? netlink_getsockopt+0x5b0/0x5b0
[  197.998393][ T7826]  ____sys_sendmsg+0x59e/0x8f0
[  198.003160][ T7826]  ? iovec_from_user+0x300/0x390
[  198.008110][ T7826]  ? __sys_sendmsg_sock+0x30/0x30
[  198.013163][ T7826]  ___sys_sendmsg+0x252/0x2e0
[  198.017865][ T7826]  ? __sys_sendmsg+0x260/0x260
[  198.022707][ T7826]  ? __fdget+0x191/0x220
[  198.026956][ T7826]  __se_sys_sendmsg+0x19a/0x260
[  198.031811][ T7826]  ? __x64_sys_sendmsg+0x80/0x80
[  198.036768][ T7826]  ? syscall_enter_from_user_mode+0x2e/0x240
[  198.042746][ T7826]  ? lockdep_hardirqs_on+0x94/0x130
[  198.047946][ T7826]  ? syscall_enter_from_user_mode+0x2e/0x240
[  198.053932][ T7826]  do_syscall_64+0x3b/0xb0
[  198.058345][ T7826]  ? clear_bhb_loop+0x15/0x70
[  198.063030][ T7826]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  198.068922][ T7826] RIP: 0033:0x7fdfc5232ef9
[  198.073340][ T7826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.092943][ T7826] RSP: 002b:00007fdfc36ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.101356][ T7826] RAX: ffffffffffffffda RBX: 00007fdfc53ebf80 RCX: 00007fdfc5232ef9
[  198.109334][ T7826] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  198.117389][ T7826] RBP: 00007fdfc36ac090 R08: 0000000000000000 R09: 0000000000000000
[  198.125360][ T7826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.133344][ T7826] R13: 0000000000000000 R14: 00007fdfc53ebf80 R15: 00007ffee49b7bd8
[  198.141353][ T7826]  </TASK>
[  198.258440][ T7819] device sit0 entered promiscuous mode
[  198.439452][ T7845] netlink: 'syz.0.1392': attribute type 10 has an invalid length.
[  198.491433][ T7846] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1396'.
[  198.535538][ T7682] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  198.569258][ T7682] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  198.584064][ T7848] netlink: 'syz.3.1397': attribute type 10 has an invalid length.
[  198.606053][ T7682] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  198.625770][ T7682] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  198.636502][ T7850] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1398'.
[  198.913752][ T7682] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.064427][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  199.101875][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  199.183482][ T7682] 8021q: adding VLAN 0 to HW filter on device team0
[  199.268176][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  199.280494][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  199.301867][ T7063] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.308958][ T7063] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.359167][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  199.387227][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  199.397180][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  199.407669][ T7063] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.414783][ T7063] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.425396][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  199.438224][ T7063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  199.482615][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  199.517971][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  199.552106][ T6627] Bluetooth: hci0: command 0x040f tx timeout
[  199.554930][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  199.587576][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  199.635925][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  199.677777][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  199.748573][ T7682] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  199.881815][ T7682] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  200.012464][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  200.020487][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  200.055484][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  200.154352][ T7907] device sit0 left promiscuous mode
[  200.692007][ T7913] device sit0 entered promiscuous mode
[  200.771245][ T7918] netlink: 'syz.3.1425': attribute type 46 has an invalid length.
[  200.806056][ T7918] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1425'.
[  200.998388][ T7930] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1428'.
[  201.327715][ T7944] FAULT_INJECTION: forcing a failure.
[  201.327715][ T7944] name failslab, interval 1, probability 0, space 0, times 0
[  201.369511][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  201.385484][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  201.399285][ T7944] CPU: 1 PID: 7944 Comm: syz.0.1432 Not tainted 5.15.166-syzkaller #0
[  201.407455][ T7944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  201.417505][ T7944] Call Trace:
[  201.420777][ T7944]  <TASK>
[  201.423704][ T7944]  dump_stack_lvl+0x1e3/0x2d0
[  201.428388][ T7944]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  201.434016][ T7944]  ? panic+0x860/0x860
[  201.438089][ T7944]  ? __might_sleep+0xc0/0xc0
[  201.442681][ T7944]  should_fail+0x38a/0x4c0
[  201.447107][ T7944]  should_failslab+0x5/0x20
[  201.451609][ T7944]  slab_pre_alloc_hook+0x53/0xc0
[  201.456543][ T7944]  __kmalloc+0x6e/0x300
[  201.460689][ T7944]  ? sock_kmalloc+0x93/0xf0
[  201.465194][ T7944]  sock_kmalloc+0x93/0xf0
[  201.469519][ T7944]  ____sys_sendmsg+0x219/0x8f0
[  201.474280][ T7944]  ? iovec_from_user+0x300/0x390
[  201.479224][ T7944]  ? __sys_sendmsg_sock+0x30/0x30
[  201.484262][ T7944]  ___sys_sendmsg+0x252/0x2e0
[  201.488941][ T7944]  ? __sys_sendmsg+0x260/0x260
[  201.493753][ T7944]  ? __fdget+0x191/0x220
[  201.497998][ T7944]  __se_sys_sendmsg+0x19a/0x260
[  201.502856][ T7944]  ? __x64_sys_sendmsg+0x80/0x80
[  201.507800][ T7944]  ? syscall_enter_from_user_mode+0x2e/0x240
[  201.513775][ T7944]  ? lockdep_hardirqs_on+0x94/0x130
[  201.519143][ T7944]  ? syscall_enter_from_user_mode+0x2e/0x240
[  201.525122][ T7944]  do_syscall_64+0x3b/0xb0
[  201.529637][ T7944]  ? clear_bhb_loop+0x15/0x70
[  201.534310][ T7944]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  201.540202][ T7944] RIP: 0033:0x7f2c76759ef9
[  201.544611][ T7944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.564212][ T7944] RSP: 002b:00007f2c74bd3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  201.572623][ T7944] RAX: ffffffffffffffda RBX: 00007f2c76912f80 RCX: 00007f2c76759ef9
[  201.580673][ T7944] RDX: 0000000000000000 RSI: 0000000020001180 RDI: 0000000000000003
[  201.588637][ T7944] RBP: 00007f2c74bd3090 R08: 0000000000000000 R09: 0000000000000000
[  201.596600][ T7944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.604573][ T7944] R13: 0000000000000000 R14: 00007f2c76912f80 R15: 00007ffe3b43c108
[  201.612555][ T7944]  </TASK>
[  201.641872][ T6618] Bluetooth: hci0: command 0x0419 tx timeout
[  201.657003][ T7682] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.730278][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  201.748346][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  201.808670][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  201.824442][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  201.863521][ T7682] device veth0_vlan entered promiscuous mode
[  201.874820][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  201.918680][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  201.974355][ T7682] device veth1_vlan entered promiscuous mode
[  202.026607][ T7954] netlink: 'syz.0.1438': attribute type 10 has an invalid length.
[  202.086175][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  202.104040][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  202.127854][ T7682] device veth0_macvtap entered promiscuous mode
[  202.221645][ T7958] device sit0 left promiscuous mode
[  202.234632][ T7965] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.1441'.
[  202.527932][ T7962] device sit0 entered promiscuous mode
[  202.712473][ T7682] device veth1_macvtap entered promiscuous mode
[  202.767082][ T7682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.811738][ T7682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.829205][ T7682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.840451][ T7682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.864239][ T7682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.883429][ T7682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.941524][ T7682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.963493][ T7682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.997948][ T7682] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.013418][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  203.024839][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  203.033634][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  203.046604][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  203.094852][ T7682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.121314][ T7682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.141195][ T7682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.168018][ T7682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.180534][ T7682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.199167][ T7682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.210474][ T7682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.222871][ T7682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.238475][ T7682] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.404801][ T8012] device sit0 left promiscuous mode
[  203.660603][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  203.682507][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  203.704770][ T7682] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.716314][ T7682] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.744721][ T7682] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.766465][ T7682] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.795867][ T8017] device sit0 entered promiscuous mode
[  203.983594][ T8036] netlink: 'syz.0.1470': attribute type 10 has an invalid length.
[  204.230337][ T7063] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.251845][ T7063] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.323686][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  204.357207][ T4291] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.412588][ T4291] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.461740][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  204.515295][ T8051] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1476'.
[  204.668429][ T8061] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1481'.
[  204.802739][    C1] eth0: bad gso: type: 1, size: 1408
[  205.179592][ T8083] A link change request failed with some changes committed already. Interface Y�4��`Ҙ may have been left with an inconsistent configuration, please check.
[  205.338439][ T4291] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.531634][ T4291] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.638509][ T4291] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.702549][ T4291] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.440061][ T8093] netlink: 'syz.1.1490': attribute type 28 has an invalid length.
[  206.470700][ T8093] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1490'.
[  206.805552][ T4291] device hsr_slave_0 left promiscuous mode
[  206.828724][ T4291] device hsr_slave_1 left promiscuous mode
[  206.847064][ T4291] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  206.858963][ T4291] batman_adv: batadv0: Removing interface: batadv_slave_0
[  206.877358][ T4291] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  206.887703][ T4291] batman_adv: batadv0: Removing interface: batadv_slave_1
[  206.898457][ T4291] device bridge_slave_1 left promiscuous mode
[  206.904981][ T4291] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.916421][ T4291] device bridge_slave_0 left promiscuous mode
[  206.924330][ T4291] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.955957][ T4291] device veth1_macvtap left promiscuous mode
[  206.987853][ T4291] device veth0_macvtap left promiscuous mode
[  206.994793][ T4291] device veth1_vlan left promiscuous mode
[  207.000675][ T4291] device veth0_vlan left promiscuous mode
[  207.029036][ T8128] netlink: 'syz.3.1502': attribute type 1 has an invalid length.
[  207.065505][ T8128] netlink: 105120 bytes leftover after parsing attributes in process `syz.3.1502'.
[  207.378261][ T4291] team0 (unregistering): Port device team_slave_1 removed
[  207.406494][ T4291] team0 (unregistering): Port device team_slave_0 removed
[  207.426300][ T4291] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.450180][ T4291] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.580888][ T4291] bond0 (unregistering): Released all slaves
[  207.642082][ T8117] device sit0 left promiscuous mode
[  207.721681][ T8123] device sit0 entered promiscuous mode
[  208.014029][ T8105] chnl_net:caif_netlink_parms(): no params data found
[  208.150861][ T8105] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.158286][ T8105] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.166573][ T8105] device bridge_slave_0 entered promiscuous mode
[  208.175003][ T8163] netlink: 'syz.4.1513': attribute type 2 has an invalid length.
[  208.187673][ T8105] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.215845][ T8105] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.228970][ T8105] device bridge_slave_1 entered promiscuous mode
[  208.365926][ T8105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  208.407655][ T8105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.477216][ T8105] team0: Port device team_slave_0 added
[  208.495872][ T8105] team0: Port device team_slave_1 added
[  208.549468][ T8105] batman_adv: batadv0: Adding interface: batadv_slave_0
[  208.571123][ T8105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.618422][ T6618] Bluetooth: hci0: command 0x0409 tx timeout
[  208.649460][ T8105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  208.704085][ T8105] batman_adv: batadv0: Adding interface: batadv_slave_1
[  208.711211][ T8105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.737638][ T8105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.803327][ T8178] device sit0 left promiscuous mode
[  209.809412][ T8105] device hsr_slave_0 entered promiscuous mode
[  209.857625][ T8105] device hsr_slave_1 entered promiscuous mode
[  209.902486][ T8218] netlink: 'syz.4.1534': attribute type 10 has an invalid length.
[  210.485171][ T8255] FAULT_INJECTION: forcing a failure.
[  210.485171][ T8255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.498978][ T8255] CPU: 1 PID: 8255 Comm: syz.3.1547 Not tainted 5.15.166-syzkaller #0
[  210.507142][ T8255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  210.517199][ T8255] Call Trace:
[  210.520479][ T8255]  <TASK>
[  210.523409][ T8255]  dump_stack_lvl+0x1e3/0x2d0
[  210.528090][ T8255]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  210.533722][ T8255]  ? panic+0x860/0x860
[  210.537792][ T8255]  ? __lock_acquire+0x1ff0/0x1ff0
[  210.542812][ T8255]  should_fail+0x38a/0x4c0
[  210.547224][ T8255]  _copy_from_iter+0x243/0xe90
[  210.552065][ T8255]  ? copy_mc_pipe_to_iter+0x760/0x760
[  210.557440][ T8255]  ? __virt_addr_valid+0x3bb/0x460
[  210.562549][ T8255]  ? 0xffffffff81000000
[  210.566693][ T8255]  ? __check_object_size+0x300/0x410
[  210.571970][ T8255]  netlink_sendmsg+0x800/0xd60
[  210.576736][ T8255]  ? netlink_getsockopt+0x5b0/0x5b0
[  210.581925][ T8255]  ? aa_sock_msg_perm+0x91/0x150
[  210.586852][ T8255]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  210.592118][ T8255]  ? security_socket_sendmsg+0x7d/0xa0
[  210.597558][ T8255]  ? netlink_getsockopt+0x5b0/0x5b0
[  210.602738][ T8255]  ____sys_sendmsg+0x59e/0x8f0
[  210.607484][ T8255]  ? iovec_from_user+0x300/0x390
[  210.612433][ T8255]  ? __sys_sendmsg_sock+0x30/0x30
[  210.617451][ T8255]  ___sys_sendmsg+0x252/0x2e0
[  210.622198][ T8255]  ? __sys_sendmsg+0x260/0x260
[  210.626971][ T8255]  ? __fdget+0x191/0x220
[  210.631196][ T8255]  __se_sys_sendmsg+0x19a/0x260
[  210.636031][ T8255]  ? __x64_sys_sendmsg+0x80/0x80
[  210.640960][ T8255]  ? syscall_enter_from_user_mode+0x2e/0x240
[  210.646922][ T8255]  ? lockdep_hardirqs_on+0x94/0x130
[  210.652109][ T8255]  ? syscall_enter_from_user_mode+0x2e/0x240
[  210.658119][ T8255]  do_syscall_64+0x3b/0xb0
[  210.662513][ T8255]  ? clear_bhb_loop+0x15/0x70
[  210.667168][ T8255]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  210.673040][ T8255] RIP: 0033:0x7f0034b82ef9
[  210.677438][ T8255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.697142][ T8255] RSP: 002b:00007f0032ffc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.705551][ T8255] RAX: ffffffffffffffda RBX: 00007f0034d3bf80 RCX: 00007f0034b82ef9
[  210.713502][ T8255] RDX: 000000000a000000 RSI: 0000000020000600 RDI: 0000000000000003
[  210.721458][ T8255] RBP: 00007f0032ffc090 R08: 0000000000000000 R09: 0000000000000000
[  210.729407][ T8255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.737359][ T8255] R13: 0000000000000000 R14: 00007f0034d3bf80 R15: 00007ffe788b17b8
[  210.745328][ T8255]  </TASK>
[  210.761591][ T6495] Bluetooth: hci0: command 0x041b tx timeout
[  210.829434][ T8257] device macvlan1 entered promiscuous mode
[  210.970274][ T8105] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  211.014597][ T8105] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  211.030970][ T8105] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  211.056399][ T8105] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  211.081012][ T8259] netlink: 140 bytes leftover after parsing attributes in process `syz.3.1550'.
[  211.100725][ T8259] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  211.278723][ T8105] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.299948][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  211.310351][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  211.411503][ T8105] 8021q: adding VLAN 0 to HW filter on device team0
[  211.438148][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  211.448965][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  211.457557][ T3642] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.464637][ T3642] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.539160][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  211.555879][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  211.592632][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  211.618919][ T3642] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.626061][ T3642] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.680963][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  211.707648][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  211.770939][ T8286] netlink: 'syz.3.1557': attribute type 2 has an invalid length.
[  211.775974][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  211.790602][ T8286] netlink: 17267 bytes leftover after parsing attributes in process `syz.3.1557'.
[  211.827068][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  211.828840][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  211.829600][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  211.836730][ T8105] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  211.876564][ T8105] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  211.902521][ T8286] netlink: 'syz.3.1557': attribute type 10 has an invalid length.
[  211.919258][ T8286] device macvlan0 entered promiscuous mode
[  211.953201][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  211.962289][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  211.971091][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  211.980560][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  211.989381][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  212.000482][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  212.018467][ T8294] netlink: 'syz.0.1561': attribute type 10 has an invalid length.
[  212.263258][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  212.320417][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  212.430233][ T8105] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.447069][ T8313] device sit0 left promiscuous mode
[  212.831535][ T6495] Bluetooth: hci0: command 0x040f tx timeout
[  213.168362][ T8317] device sit0 entered promiscuous mode
[  213.234019][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  213.245987][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  213.277893][ T8105] device veth0_vlan entered promiscuous mode
[  213.299246][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  213.319058][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  213.365446][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  213.393780][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  213.405052][ T8105] device veth1_vlan entered promiscuous mode
[  213.414704][ T8328] FAULT_INJECTION: forcing a failure.
[  213.414704][ T8328] name failslab, interval 1, probability 0, space 0, times 0
[  213.429975][ T8328] CPU: 0 PID: 8328 Comm: syz.0.1573 Not tainted 5.15.166-syzkaller #0
[  213.438152][ T8328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  213.448209][ T8328] Call Trace:
[  213.451490][ T8328]  <TASK>
[  213.454410][ T8328]  dump_stack_lvl+0x1e3/0x2d0
[  213.459081][ T8328]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  213.464702][ T8328]  ? panic+0x860/0x860
[  213.468765][ T8328]  ? __might_sleep+0xc0/0xc0
[  213.473358][ T8328]  should_fail+0x38a/0x4c0
[  213.477773][ T8328]  should_failslab+0x5/0x20
[  213.482270][ T8328]  slab_pre_alloc_hook+0x53/0xc0
[  213.487204][ T8328]  __kmalloc_node_track_caller+0x6b/0x390
[  213.492909][ T8328]  ? netlink_sendmsg+0x6f8/0xd60
[  213.497833][ T8328]  ? kmem_cache_alloc_node+0x154/0x2c0
[  213.503281][ T8328]  ? __alloc_skb+0xdd/0x590
[  213.507776][ T8328]  ? netlink_sendmsg+0x6f8/0xd60
[  213.512789][ T8328]  __alloc_skb+0x12c/0x590
[  213.517196][ T8328]  netlink_sendmsg+0x6f8/0xd60
[  213.521964][ T8328]  ? netlink_getsockopt+0x5b0/0x5b0
[  213.527151][ T8328]  ? aa_sock_msg_perm+0x91/0x150
[  213.532105][ T8328]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  213.537373][ T8328]  ? security_socket_sendmsg+0x7d/0xa0
[  213.542820][ T8328]  ? netlink_getsockopt+0x5b0/0x5b0
[  213.548012][ T8328]  ____sys_sendmsg+0x59e/0x8f0
[  213.552766][ T8328]  ? iovec_from_user+0x300/0x390
[  213.557705][ T8328]  ? __sys_sendmsg_sock+0x30/0x30
[  213.562825][ T8328]  ___sys_sendmsg+0x252/0x2e0
[  213.567857][ T8328]  ? __sys_sendmsg+0x260/0x260
[  213.572698][ T8328]  ? __fdget+0x191/0x220
[  213.576955][ T8328]  __se_sys_sendmsg+0x19a/0x260
[  213.581813][ T8328]  ? __x64_sys_sendmsg+0x80/0x80
[  213.586757][ T8328]  ? syscall_enter_from_user_mode+0x2e/0x240
[  213.592730][ T8328]  ? lockdep_hardirqs_on+0x94/0x130
[  213.597927][ T8328]  ? syscall_enter_from_user_mode+0x2e/0x240
[  213.603906][ T8328]  do_syscall_64+0x3b/0xb0
[  213.608313][ T8328]  ? clear_bhb_loop+0x15/0x70
[  213.612978][ T8328]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  213.618862][ T8328] RIP: 0033:0x7f2c76759ef9
[  213.623268][ T8328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.642861][ T8328] RSP: 002b:00007f2c74bd3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.651261][ T8328] RAX: ffffffffffffffda RBX: 00007f2c76912f80 RCX: 00007f2c76759ef9
[  213.659218][ T8328] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  213.667174][ T8328] RBP: 00007f2c74bd3090 R08: 0000000000000000 R09: 0000000000000000
[  213.675128][ T8328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.683083][ T8328] R13: 0000000000000000 R14: 00007f2c76912f80 R15: 00007ffe3b43c108
[  213.691066][ T8328]  </TASK>
[  213.730218][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  213.738726][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  213.757364][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  213.766252][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  213.777557][ T8105] device veth0_macvtap entered promiscuous mode
[  213.811633][ T8105] device veth1_macvtap entered promiscuous mode
[  213.851067][ T8105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  213.862300][ T8105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.872531][ T8105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  213.882999][ T8105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.892847][ T8105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  213.903555][ T8105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.914783][ T8105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  213.925265][ T8105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.936704][ T8105] batman_adv: batadv0: Interface activated: batadv_slave_0
[  213.944951][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  213.965467][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  213.988902][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  213.999228][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  214.010169][ T8105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  214.028130][ T8105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.039274][ T8105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  214.049763][ T8105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.060778][ T8105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  214.071393][ T8105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.081795][ T8105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  214.092351][ T8105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.103719][ T8105] batman_adv: batadv0: Interface activated: batadv_slave_1
[  214.112893][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  214.128609][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  214.167487][ T8105] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.187540][ T8105] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.197399][ T8105] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.210357][ T8105] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.237634][ T8341] device lo entered promiscuous mode
[  214.248673][ T8341] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  214.398027][ T4291] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  214.445011][ T4291] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  214.510122][ T8344] device sit0 left promiscuous mode
[  214.931688][ T6630] Bluetooth: hci0: command 0x0419 tx timeout
[  215.160293][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  215.179001][ T8345] device sit0 entered promiscuous mode
[  215.230501][ T8356] netlink: 'syz.0.1585': attribute type 21 has an invalid length.
[  215.248574][ T8356] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1585'.
[  215.273627][ T8356] netlink: 'syz.0.1585': attribute type 4 has an invalid length.
[  215.296426][ T8356] netlink: 'syz.0.1585': attribute type 5 has an invalid length.
[  215.318823][ T8356] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1585'.
[  215.357791][ T8368] netlink: 'syz.1.1587': attribute type 10 has an invalid length.
[  215.371834][ T7073] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.380446][ T7073] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.409849][ T8374] FAULT_INJECTION: forcing a failure.
[  215.409849][ T8374] name failslab, interval 1, probability 0, space 0, times 0
[  215.421629][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  215.438330][ T8374] CPU: 1 PID: 8374 Comm: syz.3.1591 Not tainted 5.15.166-syzkaller #0
[  215.446506][ T8374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  215.456561][ T8374] Call Trace:
[  215.459840][ T8374]  <TASK>
[  215.462771][ T8374]  dump_stack_lvl+0x1e3/0x2d0
[  215.467459][ T8374]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  215.473093][ T8374]  ? panic+0x860/0x860
[  215.477161][ T8374]  ? __might_sleep+0xc0/0xc0
[  215.481736][ T8374]  ? bpf_trace_run2+0x222/0x340
[  215.486584][ T8374]  should_fail+0x38a/0x4c0
[  215.491000][ T8374]  should_failslab+0x5/0x20
[  215.495495][ T8374]  slab_pre_alloc_hook+0x53/0xc0
[  215.500429][ T8374]  __kmalloc+0x6e/0x300
[  215.504573][ T8374]  ? tomoyo_realpath_from_path+0xd8/0x5e0
[  215.510290][ T8374]  tomoyo_realpath_from_path+0xd8/0x5e0
[  215.515837][ T8374]  tomoyo_path_number_perm+0x225/0x810
[  215.521295][ T8374]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  215.526774][ T8374]  ? __fget_files+0x413/0x480
[  215.531461][ T8374]  security_file_ioctl+0x6d/0xa0
[  215.536402][ T8374]  __se_sys_ioctl+0x47/0x160
[  215.541076][ T8374]  do_syscall_64+0x3b/0xb0
[  215.545490][ T8374]  ? clear_bhb_loop+0x15/0x70
[  215.550288][ T8374]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  215.556185][ T8374] RIP: 0033:0x7f0034b82ef9
[  215.560596][ T8374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.580200][ T8374] RSP: 002b:00007f0032ffc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  215.588613][ T8374] RAX: ffffffffffffffda RBX: 00007f0034d3bf80 RCX: 00007f0034b82ef9
[  215.596669][ T8374] RDX: 0000000020000080 RSI: 00000000000089f3 RDI: 0000000000000007
[  215.604630][ T8374] RBP: 00007f0032ffc090 R08: 0000000000000000 R09: 0000000000000000
[  215.612590][ T8374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.620556][ T8374] R13: 0000000000000000 R14: 00007f0034d3bf80 R15: 00007ffe788b17b8
[  215.628530][ T8374]  </TASK>
[  215.650443][ T8374] ERROR: Out of memory at tomoyo_realpath_from_path.
[  215.777425][ T8382] netlink: 'syz.3.1595': attribute type 3 has an invalid length.
[  215.786124][ T8382] netlink: 16114 bytes leftover after parsing attributes in process `syz.3.1595'.
[  216.069098][ T8389] device sit0 left promiscuous mode
[  216.366598][ T8392] device sit0 entered promiscuous mode
[  217.013041][ T7067] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.469437][ T7067] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.528151][ T7067] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.575383][ T7067] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.266942][ T7067] device hsr_slave_0 left promiscuous mode
[  218.274424][ T7067] device hsr_slave_1 left promiscuous mode
[  218.280767][ T7067] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.288347][ T7067] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.296334][ T7067] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.303934][ T7067] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.312618][ T7067] device bridge_slave_1 left promiscuous mode
[  218.319711][ T7067] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.379224][ T7067] device bridge_slave_0 left promiscuous mode
[  218.422391][ T7067] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.474922][ T7067] device veth1_macvtap left promiscuous mode
[  218.482552][ T7067] device veth0_macvtap left promiscuous mode
[  218.492612][ T7067] device veth1_vlan left promiscuous mode
[  218.498471][ T7067] device veth0_vlan left promiscuous mode
[  218.542143][ T8437] netlink: 'syz.4.1616': attribute type 1 has an invalid length.
[  218.549891][ T8437] netlink: 191416 bytes leftover after parsing attributes in process `syz.4.1616'.
[  218.923395][ T7067] team0 (unregistering): Port device team_slave_1 removed
[  218.938955][ T7067] team0 (unregistering): Port device team_slave_0 removed
[  218.951280][ T7067] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.964708][ T7067] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  219.031860][ T7067] bond0 (unregistering): Released all slaves
[  219.090888][ T8431] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1613'.
[  219.102832][ T8434] netlink: 'syz.4.1616': attribute type 25 has an invalid length.
[  219.110658][ T8434] netlink: 'syz.4.1616': attribute type 7 has an invalid length.
[  219.157914][ T8441] device sit0 entered promiscuous mode
[  219.265311][ T8445] FAULT_INJECTION: forcing a failure.
[  219.265311][ T8445] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.284933][ T8445] CPU: 0 PID: 8445 Comm: syz.4.1618 Not tainted 5.15.166-syzkaller #0
[  219.293113][ T8445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  219.303163][ T8445] Call Trace:
[  219.306580][ T8445]  <TASK>
[  219.309550][ T8445]  dump_stack_lvl+0x1e3/0x2d0
[  219.314245][ T8445]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  219.319887][ T8445]  ? panic+0x860/0x860
[  219.323976][ T8445]  should_fail+0x38a/0x4c0
[  219.328395][ T8445]  _copy_from_user+0x2d/0x170
[  219.333070][ T8445]  ____sys_sendmsg+0x2f9/0x8f0
[  219.337833][ T8445]  ? iovec_from_user+0x300/0x390
[  219.342770][ T8445]  ? __sys_sendmsg_sock+0x30/0x30
[  219.347804][ T8445]  ___sys_sendmsg+0x252/0x2e0
[  219.352479][ T8445]  ? __sys_sendmsg+0x260/0x260
[  219.357274][ T8445]  ? __fdget+0x191/0x220
[  219.361509][ T8445]  __se_sys_sendmsg+0x19a/0x260
[  219.366356][ T8445]  ? __x64_sys_sendmsg+0x80/0x80
[  219.371294][ T8445]  ? syscall_enter_from_user_mode+0x2e/0x240
[  219.377270][ T8445]  ? lockdep_hardirqs_on+0x94/0x130
[  219.382470][ T8445]  ? syscall_enter_from_user_mode+0x2e/0x240
[  219.388451][ T8445]  do_syscall_64+0x3b/0xb0
[  219.392875][ T8445]  ? clear_bhb_loop+0x15/0x70
[  219.397644][ T8445]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  219.403624][ T8445] RIP: 0033:0x7f1afbeabef9
[  219.408142][ T8445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.427949][ T8445] RSP: 002b:00007f1afa325038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.436546][ T8445] RAX: ffffffffffffffda RBX: 00007f1afc064f80 RCX: 00007f1afbeabef9
[  219.444517][ T8445] RDX: 0000000000000000 RSI: 0000000020001180 RDI: 0000000000000003
[  219.452482][ T8445] RBP: 00007f1afa325090 R08: 0000000000000000 R09: 0000000000000000
[  219.460454][ T8445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.468418][ T8445] R13: 0000000000000000 R14: 00007f1afc064f80 R15: 00007fff648e2508
[  219.476416][ T8445]  </TASK>
[  219.747450][ T8454] netlink: 'syz.0.1623': attribute type 2 has an invalid length.
[  219.857406][ T8463] netlink: 'syz.1.1624': attribute type 10 has an invalid length.
[  219.966359][ T8468] netlink: 'syz.1.1626': attribute type 1 has an invalid length.
[  220.013524][ T8438] chnl_net:caif_netlink_parms(): no params data found
[  220.039189][ T8468] netlink: 112865 bytes leftover after parsing attributes in process `syz.1.1626'.
[  220.265014][ T8438] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.273563][ T8438] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.283834][ T8438] device bridge_slave_0 entered promiscuous mode
[  220.322695][ T8476] netlink: 7423 bytes leftover after parsing attributes in process `syz.4.1630'.
[  220.411525][ T8438] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.464680][ T8438] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.492054][ T8438] device bridge_slave_1 entered promiscuous mode
[  220.563393][ T8484] device sit0 left promiscuous mode
[  220.675616][ T6625] Bluetooth: hci0: command 0x0409 tx timeout
[  220.813487][ T8500] netlink: 'syz.0.1637': attribute type 29 has an invalid length.
[  221.234935][ T8493] device sit0 entered promiscuous mode
[  221.317161][ T8500] netlink: 'syz.0.1637': attribute type 29 has an invalid length.
[  221.376659][ T8438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  221.417882][ T8438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  221.643557][ T8438] team0: Port device team_slave_0 added
[  221.684289][ T8438] team0: Port device team_slave_1 added
[  221.771923][ T8438] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.801335][ T8438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.906285][ T8438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.984561][ T8547] device sit0 left promiscuous mode
[  222.621548][ T8552] device sit0 entered promiscuous mode
[  222.659077][ T8555] netlink: 'syz.4.1657': attribute type 10 has an invalid length.
[  222.682063][ T8438] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.689286][ T8438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.727916][ T8438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.751324][ T6625] Bluetooth: hci0: command 0x041b tx timeout
[  222.848487][ T8438] device hsr_slave_0 entered promiscuous mode
[  222.866632][ T8438] device hsr_slave_1 entered promiscuous mode
[  223.055434][ T8583] netlink: 'syz.0.1666': attribute type 31 has an invalid length.
[  223.102872][ T8583] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  223.149993][ T8589] netlink: 26 bytes leftover after parsing attributes in process `syz.1.1668'.
[  223.187419][ T8590] netlink: 26 bytes leftover after parsing attributes in process `syz.1.1668'.
[  223.386702][ T8594] device sit0 left promiscuous mode
[  224.100779][ T8599] netlink: 15487 bytes leftover after parsing attributes in process `syz.4.1672'.
[  224.202485][ T8600] device sit0 entered promiscuous mode
[  224.316206][ T8610] A link change request failed with some changes committed already. Interface Y�4��`Ҙ may have been left with an inconsistent configuration, please check.
[  224.662721][ T8623] netlink: 'syz.3.1679': attribute type 28 has an invalid length.
[  224.741861][ T8623] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1679'.
[  224.778788][ T8438] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  224.831954][ T6630] Bluetooth: hci0: command 0x040f tx timeout
[  224.849828][ T8438] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  224.904229][ T8438] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  224.962654][ T8438] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  225.500747][ T8438] 8021q: adding VLAN 0 to HW filter on device bond0
[  225.571648][ T8642] device sit0 left promiscuous mode
[  226.111568][   T27] INFO: task syz.1.63:3818 blocked for more than 143 seconds.
[  226.119281][ T8648] device sit0 entered promiscuous mode
[  226.131464][   T27]       Not tainted 5.15.166-syzkaller #0
[  226.151687][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  226.181130][   T27] task:syz.1.63        state:D stack:24672 pid: 3818 ppid:  3574 flags:0x00004002
[  226.190781][   T27] Call Trace:
[  226.217923][   T27]  <TASK>
[  226.220913][   T27]  __schedule+0x12c4/0x45b0
[  226.242054][   T27]  ? perf_event_release_kernel+0x5f4/0x900
[  226.247917][   T27]  ? __lock_acquire+0x1ff0/0x1ff0
[  226.275362][   T27]  ? release_firmware_map_entry+0x190/0x190
[  226.312411][   T27]  ? __mutex_unlock_slowpath+0x218/0x750
[  226.318109][   T27]  schedule+0x11b/0x1f0
[  226.351808][   T27]  perf_pending_task_sync+0x13c/0x1c0
[  226.357268][   T27]  _free_event+0x34/0xe60
[  226.371467][   T27]  perf_event_release_kernel+0x873/0x900
[  226.377202][   T27]  ? __might_sleep+0xc0/0xc0
[  226.382885][   T27]  ? calc_timer_values+0x420/0x420
[  226.388047][   T27]  ? ima_file_free+0xeb/0x3c0
[  226.401287][   T27]  perf_release+0x37/0x40
[  226.405659][   T27]  ? perf_mmap+0x1310/0x1310
[  226.410262][   T27]  __fput+0x3fe/0x8e0
[  226.421287][   T27]  task_work_run+0x129/0x1a0
[  226.425937][   T27]  do_exit+0x6a3/0x2480
[  226.430127][   T27]  ? put_task_struct+0x80/0x80
[  226.451592][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  226.457666][   T27]  do_group_exit+0x144/0x310
[  226.471424][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  226.476683][   T27]  get_signal+0xc66/0x14e0
[  226.491764][   T27]  arch_do_signal_or_restart+0xc3/0x1890
[  226.497465][   T27]  ? futex_exit_release+0x1e0/0x1e0
[  226.511270][   T27]  ? read_lock_is_recursive+0x10/0x10
[  226.516813][   T27]  ? get_sigframe_size+0x10/0x10
[  226.531417][   T27]  ? __lock_acquire+0x1ff0/0x1ff0
[  226.536483][   T27]  ? __sys_bpf+0x343/0x670
[  226.540977][   T27]  ? exit_to_user_mode_loop+0x39/0x130
[  226.561706][   T27]  exit_to_user_mode_loop+0x97/0x130
[  226.567050][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  226.581378][   T27]  syscall_exit_to_user_mode+0x5d/0x240
[  226.586982][   T27]  do_syscall_64+0x47/0xb0
[  226.601339][   T27]  ? clear_bhb_loop+0x15/0x70
[  226.606156][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  226.621211][   T27] RIP: 0033:0x7f7178a04ef9
[  226.625676][   T27] RSP: 002b:00007f7176e3c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  226.651380][   T27] RAX: 0000000000000001 RBX: 00007f7178bbe138 RCX: 00007f7178a04ef9
[  226.674785][   T27] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7178bbe13c
[  226.694827][   T27] RBP: 00007f7178bbe130 R08: 0000000000000010 R09: 0000000000000000
[  226.714575][   T27] R10: 0000000000000009 R11: 0000000000000246 R12: 00007f7178bbe13c
[  226.735229][   T27] R13: 0000000000000000 R14: 00007ffcc5a6a260 R15: 00007ffcc5a6a348
[  226.759318][   T27]  </TASK>
[  226.767847][   T27] 
[  226.767847][   T27] Showing all locks held in the system:
[  226.791533][   T27] 1 lock held by khungtaskd/27:
[  226.805547][   T27]  #0: ffffffff8c91fbe0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  226.815747][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  226.830590][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  226.833081][   T27] 3 locks held by kworker/u4:2/154:
[  226.857693][ T8438] 8021q: adding VLAN 0 to HW filter on device team0
[  226.862548][   T27] 2 locks held by getty/3320:
[  226.878478][   T27]  #0: ffff88802a7c2098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  226.886974][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  226.903238][   T27]  #1: ffffc9000209b2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0
[  226.907712][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  226.914409][ T6630] Bluetooth: hci0: command 0x0419 tx timeout
[  226.940745][   T27] 3 locks held by kworker/0:8/3638:
[  226.944185][ T3642] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.953120][   T27]  #0: ffff888017070938
[  226.953140][ T3642] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.973494][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  226.978960][   T27]  ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  226.992697][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  227.006519][   T27]  #1: ffffc900030f7d20 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  227.022389][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  227.031068][ T3642] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.034127][   T27]  #2: 
[  227.038283][ T3642] bridge0: port 2(bridge_slave_1) entered forwarding state
[  227.040475][   T27] ffff8880219ca240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2cd/0x4120
[  227.065496][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  227.083138][   T27] 3 locks held by kworker/u4:6/3642:
[  227.095687][   T27] 3 locks held by kworker/0:13/5085:
[  227.095874][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  227.108717][   T27]  #0: ffff888017070938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  227.134088][   T27]  #1: ffffc900031c7d20 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  227.145029][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  227.159854][   T27]  #2: ffffffff8c9240b0 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x9c/0x4e0
[  227.174471][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  227.183238][   T27] 2 locks held by kworker/1:21/6625:
[  227.192219][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  227.195595][   T27]  #0: ffff888017072138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  227.211953][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  227.230286][   T27]  #1: ffffc90003107d20 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  227.254067][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  227.259810][   T27] 3 locks held by kworker/1:24/6630:
[  227.262560][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  227.275312][   T27]  #0: ffff888017070938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  227.294599][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  227.298860][   T27]  #1: ffffc900032f7d20 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  227.312749][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  227.336379][   T27]  #2: ffff88806539e240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2cd/0x4120
[  227.348099][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  227.359748][   T27] 4 locks held by kworker/u4:11/7067:
[  227.369626][ T8438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  227.373693][   T27]  #0: ffff8880171d5938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  227.404886][   T27]  #1: ffffc900039e7d20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  227.428279][   T27]  #2: ffffffff8da25a50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60
[  227.451504][   T27]  #3: ffffffff8c9240b0 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x9c/0x4e0
[  227.491328][   T27] 3 locks held by syz.0.1675/8616:
[  227.496483][   T27] 2 locks held by syz.0.1693/8665:
[  227.524392][   T27]  #0: ffffffff8c96d428 (event_mutex){+.+.}-{3:3}, at: perf_uprobe_destroy+0x2a/0x160
[  227.542308][   T27]  #1: ffffffff8c9241a8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x280/0x740
[  227.572840][   T27] 2 locks held by syz.1.1694/8668:
[  227.577989][   T27]  #0: ffffffff968b8b18 (&pmus_srcu){....}-{0:0}, at: rcu_lock_acquire+0x9/0x30
[  227.607180][   T27]  #1: ffffffff8c96d428 (event_mutex){+.+.}-{3:3}, at: perf_trace_init+0x4f/0x2d0
[  227.632204][   T27] 1 lock held by modprobe/8672:
[  227.648082][   T27] 
[  227.650438][   T27] =============================================
[  227.650438][   T27] 
[  227.682355][   T27] NMI backtrace for cpu 1
[  227.686703][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.166-syzkaller #0
[  227.694769][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  227.705003][   T27] Call Trace:
[  227.708277][   T27]  <TASK>
[  227.709815][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  227.711204][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  227.711232][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  227.711251][   T27]  ? panic+0x860/0x860
[  227.722136][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  227.723159][   T27]  ? nmi_cpu_backtrace+0x23b/0x4a0
[  227.723188][   T27]  nmi_cpu_backtrace+0x46a/0x4a0
[  227.740827][ T8438] 8021q: adding VLAN 0 to HW filter on device batadv0
[  227.745182][   T27]  ? __wake_up_klogd+0xd5/0x100
[  227.745209][   T27]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  227.745229][   T27]  ? _printk+0xd1/0x120
[  227.745247][   T27]  ? panic+0x860/0x860
[  227.745264][   T27]  ? __wake_up_klogd+0xcc/0x100
[  227.745280][   T27]  ? panic+0x860/0x860
[  227.745299][   T27]  ? __rcu_read_unlock+0x92/0x100
[  227.745317][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  227.745342][   T27]  nmi_trigger_cpumask_backtrace+0x181/0x2a0
[  227.745363][   T27]  watchdog+0xe72/0xeb0
[  227.745390][   T27]  kthread+0x3f6/0x4f0
[  227.745406][   T27]  ? hungtask_pm_notify+0x50/0x50
[  227.745421][   T27]  ? kthread_blkcg+0xd0/0xd0
[  227.745438][   T27]  ret_from_fork+0x1f/0x30
[  227.745468][   T27]  </TASK>
[  227.745732][   T27] Sending NMI from CPU 1 to CPUs 0:
[  227.796831][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  227.797047][    C0] NMI backtrace for cpu 0
[  227.797058][    C0] CPU: 0 PID: 3642 Comm: kworker/u4:6 Not tainted 5.15.166-syzkaller #0
[  227.797073][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  227.797082][    C0] Workqueue: events_unbound linkwatch_event
[  227.797104][    C0] RIP: 0010:io_serial_in+0x72/0xb0
[  227.797122][    C0] Code: 84 c1 04 fd 89 e9 41 d3 e6 48 83 c3 40 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 45 8a 4e fd 44 03 33 44 89 f2 ec <0f> b6 c0 5b 41 5e 41 5f 5d c3 89 e9 80 e1 07 38 c1 7c ad 48 89 ef
[  227.797135][    C0] RSP: 0018:ffffc900030c7390 EFLAGS: 00000002
[  227.797146][    C0] RAX: 1ffffffff2d71c00 RBX: ffffffff96b8e080 RCX: 0000000000000000
[  227.797157][    C0] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000020
[  227.797166][    C0] RBP: 0000000000000000 R08: ffffffff847b9872 R09: 0000000000000003
[  227.797175][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffffffff2d71c5d
[  227.797186][    C0] R13: ffffffff96b8e040 R14: 00000000000003fd R15: dffffc0000000000
[  227.797196][    C0] FS:  0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  227.797212][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  227.797222][    C0] CR2: 00007ff535e92440 CR3: 0000000065eaf000 CR4: 00000000003506f0
[  227.797235][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  227.797243][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  227.797252][    C0] Call Trace:
[  227.797257][    C0]  <NMI>
[  227.797262][    C0]  ? nmi_cpu_backtrace+0x39f/0x4a0
[  227.797279][    C0]  ? read_lock_is_recursive+0x10/0x10
[  227.797296][    C0]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  227.797311][    C0]  ? unknown_nmi_error+0xd0/0xd0
[  227.797340][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  227.797354][    C0]  ? nmi_handle+0xf7/0x370
[  227.797370][    C0]  ? io_serial_in+0x72/0xb0
[  227.797385][    C0]  ? default_do_nmi+0x62/0x150
[  227.797401][    C0]  ? exc_nmi+0xa8/0x100
[  227.797414][    C0]  ? end_repeat_nmi+0x16/0x31
[  227.797430][    C0]  ? io_serial_in+0x42/0xb0
[  227.797447][    C0]  ? io_serial_in+0x72/0xb0
[  227.797463][    C0]  ? io_serial_in+0x72/0xb0
[  227.797479][    C0]  ? io_serial_in+0x72/0xb0
[  227.797494][    C0]  </NMI>
[  227.797498][    C0]  <TASK>
[  227.797504][    C0]  wait_for_xmitr+0xec/0x260
[  227.797522][    C0]  serial8250_console_putchar+0x19/0x50
[  227.797538][    C0]  uart_console_write+0xa9/0x100
[  227.797552][    C0]  ? serial8250_console_write+0x1180/0x1180
[  227.797571][    C0]  serial8250_console_write+0xc8e/0x1180
[  227.797594][    C0]  ? serial8250_set_defaults+0x5f0/0x5f0
[  227.797611][    C0]  ? __lock_acquire+0x1ff0/0x1ff0
[  227.797624][    C0]  ? do_raw_spin_lock+0x14a/0x370
[  227.797647][    C0]  console_unlock+0xced/0x12b0
[  227.797667][    C0]  ? console_trylock_spinning+0x3f0/0x3f0
[  227.797684][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  227.797700][    C0]  ? print_irqtrace_events+0x210/0x210
[  227.797714][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  227.797734][    C0]  ? vprintk_emit+0x150/0x150
[  227.797751][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  227.797768][    C0]  vprintk_emit+0xbf/0x150
[  227.797783][    C0]  _printk+0xd1/0x120
[  227.797797][    C0]  ? __local_bh_enable_ip+0x164/0x1f0
[  227.797811][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  227.797827][    C0]  ? addrconf_notify+0x752/0xf30
[  227.797840][    C0]  ? addrconf_link_ready+0x49/0x1b0
[  227.797853][    C0]  ? panic+0x860/0x860
[  227.797867][    C0]  ? clusterip_netdev_event+0x425/0x440
[  227.797888][    C0]  ? addrconf_link_ready+0xdd/0x1b0
[  227.797903][    C0]  addrconf_notify+0xa80/0xf30
[  227.797919][    C0]  raw_notifier_call_chain+0xd0/0x170
[  227.797937][    C0]  netdev_state_change+0x1a3/0x250
[  227.797953][    C0]  ? netdev_features_change+0x1b0/0x1b0
[  227.797968][    C0]  ? dev_activate+0xafb/0x12c0
[  227.797985][    C0]  ? __netdev_watchdog_up+0x9a/0x210
[  227.798000][    C0]  linkwatch_do_dev+0x10c/0x160
[  227.798017][    C0]  __linkwatch_run_queue+0x4ca/0x7f0
[  227.798035][    C0]  ? linkwatch_run_queue+0x10/0x10
[  227.798055][    C0]  linkwatch_event+0x48/0x50
[  227.798070][    C0]  process_one_work+0x8a1/0x10c0
[  227.798093][    C0]  ? worker_detach_from_pool+0x260/0x260
[  227.798110][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  227.798126][    C0]  ? kthread_data+0x4e/0xc0
[  227.798140][    C0]  ? wq_worker_running+0x97/0x170
[  227.798155][    C0]  worker_thread+0xaca/0x1280
[  227.798170][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  227.798197][    C0]  kthread+0x3f6/0x4f0
[  227.798209][    C0]  ? rcu_lock_release+0x20/0x20
[  227.798223][    C0]  ? kthread_blkcg+0xd0/0xd0
[  227.798238][    C0]  ret_from_fork+0x1f/0x30
[  227.798260][    C0]  </TASK>
[  227.814416][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  227.834723][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  227.834886][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.166-syzkaller #0
[  228.314706][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  228.324742][   T27] Call Trace:
[  228.328005][   T27]  <TASK>
[  228.330916][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  228.335574][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  228.341187][   T27]  ? panic+0x860/0x860
[  228.345272][   T27]  panic+0x318/0x860
[  228.349147][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  228.354776][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  228.360912][   T27]  ? fb_is_primary_device+0xd0/0xd0
[  228.366092][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  228.372168][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  228.378300][   T27]  ? nmi_trigger_cpumask_backtrace+0x281/0x2a0
[  228.384433][   T27]  ? nmi_trigger_cpumask_backtrace+0x286/0x2a0
[  228.390749][   T27]  watchdog+0xeb0/0xeb0
[  228.394904][   T27]  kthread+0x3f6/0x4f0
[  228.398949][   T27]  ? hungtask_pm_notify+0x50/0x50
[  228.403959][   T27]  ? kthread_blkcg+0xd0/0xd0
[  228.408535][   T27]  ret_from_fork+0x1f/0x30
[  228.412964][   T27]  </TASK>
[  228.416193][   T27] Kernel Offset: disabled
[  228.420511][   T27] Rebooting in 86400 seconds..