last executing test programs:

1m9.382570128s ago: executing program 0 (id=48):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x6, 0x3, &(0x7f0000000500)=@framed={{0x18, 0xa}}, &(0x7f00000006c0)='GPL\x00', 0x9, 0x32, &(0x7f0000000700)=""/50}, 0x90)

1m9.256864643s ago: executing program 0 (id=51):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x50, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0)

1m9.256519281s ago: executing program 0 (id=52):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xa}, 0x1108d5, 0x4, 0x0, 0x3, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$kcm(0x15, 0x5, 0x0)
recvmsg$kcm(r2, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x40)

1m9.042292007s ago: executing program 0 (id=55):
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x1, 0x50, &(0x7f0000000800), 0x4)

1m8.873980103s ago: executing program 0 (id=57):
r0 = perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xe, 0x66c}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001580)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000bf000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x3b, &(0x7f0000000000)='/proc/sys/net/ipv4\x00\x00s/sync_\x00le\xf44.\xab%\xf8\xff\xff\xff\xff\xff\xff\xff=\x11\xc8\xdd\x15\xcc\xd2\xf1d\'%\x11c\x91l,'}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000780)='./file0/../file0\x00', 0x0, 0xa06002, 0x0)

1m8.595422188s ago: executing program 0 (id=64):
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000000800000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r2)
close(r3)

53.635754575s ago: executing program 32 (id=64):
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000000800000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r2)
close(r3)

3.311757373s ago: executing program 3 (id=901):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x9, 0x0, 0x6, 0xfffffffc, 0x3ff}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x10001}, @TCA_SAMPLE_RATE={0x8}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x4}}}]}]}, 0x70}}, 0x40040)

3.153134702s ago: executing program 2 (id=903):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x48, 0x2, 0x6, 0x201, 0x0, 0x0, {0x1}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x48}}, 0x0)

3.086157176s ago: executing program 2 (id=904):
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0xfffffcd0, 0x0, 0x0, 0x300}, 0x2004488c)

3.085934847s ago: executing program 2 (id=905):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004"], 0x122}}, 0x4008090)

3.069111214s ago: executing program 2 (id=906):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x80047456, &(0x7f0000001200))

982.549826ms ago: executing program 3 (id=907):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000007910a800000000007d050000000000009500f10000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xa}, 0x11c105, 0xff, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
perf_event_open(&(0x7f0000000b40)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000001ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x9)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}], 0x50}, 0x2160)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000018000000070000007f"], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

906.816005ms ago: executing program 1 (id=909):
r0 = socket$kcm(0x10, 0x2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r1, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0x0, @dev, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000040)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010005080c00bdad01409bbc7a46e39a8285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1}, 0xff0f000020000080)

900.548331ms ago: executing program 3 (id=910):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f00000006c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b28, &(0x7f0000000000)={'wlan1\x00', @remote})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x100, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000840)="8e", 0x1}], 0x1}, 0x40)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0xa4, 0x11589, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x4, 0xd4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
setsockopt$sock_attach_bpf(r1, 0x84, 0x19, 0x0, 0x0)

843.937934ms ago: executing program 2 (id=911):
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x0, 0x61, 0x0, 0xa4d4)
socket$kcm(0x10, 0x3, 0x10)
close(0xffffffffffffffff)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x53, 0x1, 0x8, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x407fff, 0xae9}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x4, 0x7, 0x6, 0x0, 0x0, 0x0, 0x400a9e9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x106)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x21}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000640)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x5}, 0x50)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x4, 0xfffffff2, 0xffffff84, 0xffff8000, 0x509a4, r2, 0xfffffffb, '\x00', 0x0, r3, 0x0, 0x1}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0)
openat$cgroup_freezer_state(r5, &(0x7f0000000200), 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="1400000024000b94f01013e175b7bd7d7edd7504", 0x14}], 0x1}, 0x0)

842.567185ms ago: executing program 1 (id=912):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

760.914755ms ago: executing program 1 (id=913):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r0}, &(0x7f0000000840), &(0x7f0000000880), 0x4000000}, 0x20)

759.040234ms ago: executing program 3 (id=914):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b90402000000000300000000150010001800feffffff09000d2000000401a80018000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bbbad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d939acd92637429397f632838", 0xd8}], 0x1}, 0x0)

758.869549ms ago: executing program 1 (id=915):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x2, 0x5, &(0x7f00000000c0)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @exit]}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xc, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd81, 0x61e5cc96}, 0x22)

693.932486ms ago: executing program 3 (id=916):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8916, &(0x7f0000000140)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12t\x02\x006\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x01\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x04.\x9aL\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX\xf73\xa1\xa2\'\x00\x00\x00\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')

693.788258ms ago: executing program 1 (id=917):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000580)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000200)=ANY=[@ANYBLOB='b 122'], 0xa)

693.534474ms ago: executing program 3 (id=918):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x10, 0x1, 0x0, 0x1, @reject={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x78}}, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f00000006c0))
r1 = socket$kcm(0x2, 0x5, 0x84)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x6, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x40}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfe1b)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x3, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000006c0)=[{0x0}], 0x1}, 0x20000000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x54}, [@ldst={0x6}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)
mkdir(0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_int(r3, &(0x7f0000000400)='cgroup.max.depth\x00', 0x2, 0x0)
close(0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
close(r4)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(r4, 0x8b1b, &(0x7f0000000000)={'wlan1\x00'})
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000280)={0xffffffffffffffff, &(0x7f0000000180)="58d16bd7f613e2aed3bd84870ce58a248c22d719419c796a67ffc13905d090e76df6a8b903fb93fe9f9c6dff759278da2fe604402b887f48cdcfe470c41827fcf7b89bbad108dbdd4efa88c85038c1111db0f80138d8af0f9545ae0dfc172b648e56591aa70ca23cf932f419c54d7af1531ab51e608e74eff0a81b7c9edb0cc0042634381d7d698d588750dac2efe219ed72483974697a16110d9ef7f9b5a114efb293372072dec3273fecb71a39371aea9146bbc3ebdb7aee"}, 0x20)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x22, &(0x7f0000000000), 0x4)

693.268854ms ago: executing program 1 (id=919):
socket$kcm(0x2a, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200004000000000000000de63000085000000270000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808b80200000000000000334d83239d1d2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cefd07e002cab5ebfcaad34732181feb215139f15eadddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a580900000000000000b4f22cdf550ef091a78098534f0d973058594119d06d5ea9a8d085734000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca39059787790017b0689a1f3db9c24db65c1e00015c1d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86e0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8e34fc7eac9e8af3904ea0f3698cd9492794b82649b50d726bff873339c4cad4ead1348474250eda2c8067ab730c1d85969b95a2a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c02000000000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860a44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cddcb24ebb6eddb9e87c9ece87a42c0000abdf0100000001000000aea1b6eca5a883702b0bf3aeebb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3e0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5bf55b98d926d3c27e7945b2999600000000f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac23c3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa17bc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984aea1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a57094616020f72f1c55ee3d325c7496a7c2f10cfea516ae436751227378f00ca0f1f6c1dcf879700dd90b96a330f92bff736c83ca53e7f02b734d1a9292896f5d7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cdeac995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb7961c07b47521973cf0bb6f5530f6216b447b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d413e7b2a9e2f87f7b44949fe14c00000000000047030c09f62d444b4981db81799776eeb444000000009705fa8b56779bc876ad4f8d8c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dee145ff221159aed2768edc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982e3ddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bf4d30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c208f4032e93408000000000000e96db049b92fc32ee34fe7a3419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab84213bf50000000000000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba375dfa55a49b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be573f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bc850f8035040ad9e562be58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc0555d4bfcfd057980136d6e9000003b24fa300ef90bfe4ad364256937796f941c2faad94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808f109b5e36fc7fdd41def361427b6b9c118e5c9a0a1d5ca24886e33a7f81b2188ec75a5fc9302e3695bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124ba263e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3010975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df74d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf3010100007e206a758a3f02816b4e097cfa3d46e45e7949c5b10691d49b9693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000000000000000019a4e9a9c2cbc906f97fd6eb71b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea12023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6088630d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac6398c1b28bdd33b69b4b86d7c5f30cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a9f9355aea34fe55fd0d3011cb83ac03268dc66dd108a4e9944241e1d4ba69212ee0e7526e72c19346d08d3c3c82cb987f1bd2fd9ce2c88082ea23abbf23c6bd43fc9f9f8ea7656e25d3d73cd056b1f782de1fe349fc33546558366ed99940c0fda039272d277a3576d4e0469779d711e10b6bf040f7274fd9577c1c33326d2e60ee611ae226ef00e2944fb727832dc8dad36a6072aacfc4bcefb808ab7b3b95e0f60616320b2a9e1f8fac812daac9983639b35184803b7d192ce1f226e97fa23c37ff95d067a54a8b412644cad9ecc251fbe418a81aaf00cc8d15758ff0eb885a40630396ba76b8fadc09e62ef70c8a0121e7e8322cb8bc0f50ad33a17143a29c14eca0e214d1257e4dd1b6244e31b888d8f3fa03208d3e9a4826a98f31995509015ebdc89f2f3106e54d5898d3758b9bfc9e4924e9cedf7f8fd584e7185703cc5f23741ffb480b5a87cd7efcceb409d354bdab211ebd50affffffff000000003a59a0f952153c2efd10e72ec9ee5fa2a00f9637851ddb81d059f9a363c4ada68dd25f19ee9e4841ac047c1b35ad6f9d54cf4939ce78a55a04e655d7746a3989c6f33b02f8497aacb6bfca7456111900000000000000000048d35af24acb66fdd4d1fb150138f0ee6abfc7049c94346868ed76d3a5df7335184386a5c532d425f1a098ff93efd05e5dd8b765121fbdfe5ef44f6472b939c31883f45889142e82086c2448da60d7a40774d71c2da2e7f6d4fe5d36923213cc7b7d71a1c90006e8f8d84953f284b0eb4366beff5df5595827dcd736e8cfab28cfa416e83c06213ca7fd21af56e3de1d80e77060447e20a8b317a4c06e24e99239824d08abf670a685bc46c8168bee4cfc30cc6d0dc030a592925bad3e0f805f0d4b2b600dc3f0c4c6f75bb4e49982f4198ac90ab77c5572c956d415858bad5ee117b3e5f1507bbd0d7a30388865deb11106a932"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={r2, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f008004de7f9c764360000000200", 0x0, 0xe00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0xbc}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

0s ago: executing program 2 (id=920):
r0 = socket$kcm(0x2, 0x5, 0x84)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x8c42, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0xf}, 0x1000, 0x2, 0xa9eb, 0x8, 0x0, 0x0, 0x806}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x3, 0x0, 0x10000}, {0x10000002, 0x0, 0x0, 0x9}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
setsockopt$sock_attach_bpf(r0, 0x84, 0x6e, &(0x7f0000000000)=r5, 0x10)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:38617' (ED25519) to the list of known hosts.
syzkaller login: [   48.072952][ T5776] cgroup: Unknown subsys name 'net'
[   48.191808][ T5776] cgroup: Unknown subsys name 'cpuset'
[   48.208213][ T5776] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   49.604019][ T5776] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   59.895123][ T5867] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   61.285547][ T5883] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   61.288675][ T5883] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   61.293940][ T5883] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   61.297601][ T5883] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   61.300709][ T5883] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   61.307261][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   61.314414][ T5883] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   61.317511][ T5883] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   61.321137][ T5883] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   61.323745][ T5883] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   61.387815][ T5235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   61.392186][ T5235] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   61.395142][ T5235] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   61.398388][ T5235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   61.401890][ T5235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   61.643495][ T5884] chnl_net:caif_netlink_parms(): no params data found
[   61.759262][ T5881] chnl_net:caif_netlink_parms(): no params data found
[   61.820405][ T5884] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.823211][ T5884] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.825884][ T5884] bridge_slave_0: entered allmulticast mode
[   61.828639][ T5884] bridge_slave_0: entered promiscuous mode
[   61.834077][ T5884] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.836736][ T5884] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.839857][ T5884] bridge_slave_1: entered allmulticast mode
[   61.843684][ T5884] bridge_slave_1: entered promiscuous mode
[   61.883549][ T5884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.894118][ T5887] chnl_net:caif_netlink_parms(): no params data found
[   61.904134][ T5884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.954257][ T5881] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.957138][ T5881] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.960905][ T5881] bridge_slave_0: entered allmulticast mode
[   61.964446][ T5881] bridge_slave_0: entered promiscuous mode
[   61.976819][ T5884] team0: Port device team_slave_0 added
[   61.980762][ T5881] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.983489][ T5881] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.986296][ T5881] bridge_slave_1: entered allmulticast mode
[   61.991337][ T5881] bridge_slave_1: entered promiscuous mode
[   62.018243][ T5884] team0: Port device team_slave_1 added
[   62.045485][ T5881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.070590][ T5881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.084355][ T5884] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.087167][ T5884] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.097938][ T5884] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.136974][ T5884] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.140717][ T5884] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.151973][ T5884] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.158129][ T5881] team0: Port device team_slave_0 added
[   62.185237][ T5881] team0: Port device team_slave_1 added
[   62.187355][ T5887] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.191840][ T5887] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.194565][ T5887] bridge_slave_0: entered allmulticast mode
[   62.198196][ T5887] bridge_slave_0: entered promiscuous mode
[   62.214223][ T5884] hsr_slave_0: entered promiscuous mode
[   62.217392][ T5884] hsr_slave_1: entered promiscuous mode
[   62.231895][ T5887] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.234395][ T5887] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.236847][ T5887] bridge_slave_1: entered allmulticast mode
[   62.240580][ T5887] bridge_slave_1: entered promiscuous mode
[   62.259987][ T5881] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.262654][ T5881] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.272276][ T5881] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.309848][ T5881] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.312586][ T5881] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.322725][ T5881] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.334128][ T5887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.353574][ T5887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.412692][ T5887] team0: Port device team_slave_0 added
[   62.425386][ T5881] hsr_slave_0: entered promiscuous mode
[   62.428564][ T5881] hsr_slave_1: entered promiscuous mode
[   62.431885][ T5881] debugfs: 'hsr0' already exists in 'hsr'
[   62.434195][ T5881] Cannot create hsr debugfs directory
[   62.441269][ T5887] team0: Port device team_slave_1 added
[   62.512457][ T5887] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.515220][ T5887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.525947][ T5887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.551460][ T5887] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.554056][ T5887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.563224][ T5887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.625865][ T5887] hsr_slave_0: entered promiscuous mode
[   62.628635][ T5887] hsr_slave_1: entered promiscuous mode
[   62.632408][ T5887] debugfs: 'hsr0' already exists in 'hsr'
[   62.634415][ T5887] Cannot create hsr debugfs directory
[   62.731315][ T5884] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   62.747126][ T5884] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   62.761222][ T5884] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   62.779883][ T5884] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   62.838787][ T5881] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   62.854204][ T5881] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   62.866150][ T5881] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   62.871745][ T5881] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   62.923523][ T5887] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   62.934511][ T5887] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   62.946531][ T5887] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   62.954247][ T5887] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.013192][ T5884] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.042189][ T5881] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.055627][ T5884] 8021q: adding VLAN 0 to HW filter on device team0
[   63.070348][ T5881] 8021q: adding VLAN 0 to HW filter on device team0
[   63.074970][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.077997][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.092588][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.095601][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.108552][   T73] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.111600][   T73] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.117633][   T73] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.120795][   T73] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.141814][ T5887] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.194645][ T5887] 8021q: adding VLAN 0 to HW filter on device team0
[   63.222342][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.224994][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.243534][ T5881] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   63.246880][ T5881] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   63.252478][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.255411][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.353875][ T5884] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.361408][ T5235] Bluetooth: hci1: command tx timeout
[   63.361830][ T5883] Bluetooth: hci0: command tx timeout
[   63.441094][ T5883] Bluetooth: hci2: command tx timeout
[   63.442907][ T5881] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.456496][ T5884] veth0_vlan: entered promiscuous mode
[   63.474962][ T5884] veth1_vlan: entered promiscuous mode
[   63.508229][ T5881] veth0_vlan: entered promiscuous mode
[   63.518723][ T5887] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.533723][ T5881] veth1_vlan: entered promiscuous mode
[   63.545637][ T5884] veth0_macvtap: entered promiscuous mode
[   63.558131][ T5884] veth1_macvtap: entered promiscuous mode
[   63.588681][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.605535][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.612614][ T5887] veth0_vlan: entered promiscuous mode
[   63.621782][ T5881] veth0_macvtap: entered promiscuous mode
[   63.633023][ T5887] veth1_vlan: entered promiscuous mode
[   63.637035][ T5868] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.643394][ T5868] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.646706][ T5868] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.653391][ T5881] veth1_macvtap: entered promiscuous mode
[   63.677567][ T5868] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.705839][ T5881] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.715485][ T5887] veth0_macvtap: entered promiscuous mode
[   63.726114][ T5881] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.733572][ T5887] veth1_macvtap: entered promiscuous mode
[   63.747615][ T5941] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.754079][ T5941] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.770725][ T5941] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.777646][ T5941] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.793254][ T5887] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.797762][   T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.808471][   T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.847463][ T5887] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.864861][   T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.869413][   T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.888137][ T5941] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.895400][ T5941] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.899791][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.903650][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.911314][ T3561] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.916550][ T3561] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.965573][ T3561] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.968346][ T3561] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.067145][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.073903][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.089720][    C1] hrtimer: interrupt took 304948 ns
[   64.107364][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.114250][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.274291][ T5955] syzkaller1: tun_chr_ioctl cmd 2148553947
[   64.373330][ T5962] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.24'.
[   64.456882][ T5969] syz.1.28 uses obsolete (PF_INET,SOCK_PACKET)
[   65.408180][ T5973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.29'.
[   65.439469][ T5883] Bluetooth: hci0: command tx timeout
[   65.511796][ T5883] Bluetooth: hci1: command tx timeout
[   65.519670][ T5883] Bluetooth: hci2: command tx timeout
[   65.795106][ T5996] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.41'.
[   65.983799][ T6008] netlink: 92 bytes leftover after parsing attributes in process `syz.2.47'.
[   66.128574][ T6013] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   66.131681][ T6013] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   66.496962][ T6034] =======================================================
[   66.496962][ T6034] WARNING: The mand mount option has been deprecated and
[   66.496962][ T6034]          and is ignored by this kernel. Remove the mand
[   66.496962][ T6034]          option from the mount to silence this warning.
[   66.496962][ T6034] =======================================================
[   66.586788][ T5883] Bluetooth: hci0: unexpected event 0x30 length: 15 > 3
[   66.783058][ T6049] netlink: 'syz.1.63': attribute type 13 has an invalid length.
[   66.972180][ T6051] netlink: 'syz.1.65': attribute type 16 has an invalid length.
[   66.986081][ T6051] netlink: 156 bytes leftover after parsing attributes in process `syz.1.65'.
[   67.519753][ T5235] Bluetooth: hci1: command tx timeout
[   67.522079][ T5235] Bluetooth: hci0: command tx timeout
[   67.599317][ T5886] Bluetooth: hci2: command tx timeout
[   67.792866][ T6091] netlink: 28 bytes leftover after parsing attributes in process `syz.1.84'.
[   67.975625][ T5886] Bluetooth: hci1: unexpected event 0x0f length: 15 > 4
[   68.322643][ T6112] syzkaller0: entered promiscuous mode
[   68.338632][ T6112] syzkaller0: entered allmulticast mode
[   69.600095][ T5883] Bluetooth: hci0: command 0x0419 tx timeout
[   69.679661][ T5883] Bluetooth: hci2: command tx timeout
[   69.813293][ T6136] netlink: 'syz.1.103': attribute type 29 has an invalid length.
[   69.820704][ T6136] netlink: 'syz.1.103': attribute type 29 has an invalid length.
[   69.825592][ T6136] netlink: 500 bytes leftover after parsing attributes in process `syz.1.103'.
[   69.835980][ T6136] unsupported nla_type 58
[   70.011608][ T6146] netlink: 12 bytes leftover after parsing attributes in process `syz.2.108'.
[   70.105159][ T6149] netlink: 1010 bytes leftover after parsing attributes in process `syz.2.109'.
[   70.108247][ T6149] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   70.412160][ T6161] netlink: 20 bytes leftover after parsing attributes in process `syz.1.114'.
[   71.191976][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   71.196188][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   71.679262][ T5883] Bluetooth: hci0: command 0x0419 tx timeout
[   73.334784][ T6205] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   73.857683][ T6221] netlink: 48 bytes leftover after parsing attributes in process `syz.2.141'.
[   73.901724][ T6222] netlink: 'syz.1.139': attribute type 39 has an invalid length.
[   74.337520][ T6234] netlink: 61211 bytes leftover after parsing attributes in process `syz.2.146'.
[   74.618472][ T6243] netlink: 52 bytes leftover after parsing attributes in process `syz.2.150'.
[   75.262721][ T5883] Bluetooth: hci1: unexpected event 0x33 length: 15 > 10
[   75.865004][ T6291] openvswitch: netlink: IP tunnel dst address not specified
[   76.234084][ T6297] lo speed is unknown, defaulting to 1000
[   76.236879][ T6297] lo speed is unknown, defaulting to 1000
[   76.263409][ T6297] lo speed is unknown, defaulting to 1000
[   76.296454][ T6297] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   76.314083][ T6297] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   76.413860][ T6297] lo speed is unknown, defaulting to 1000
[   76.417287][ T6297] lo speed is unknown, defaulting to 1000
[   76.433874][ T6297] lo speed is unknown, defaulting to 1000
[   78.194104][ T6349] netlink: 14 bytes leftover after parsing attributes in process `syz.1.197'.
[   78.506072][ T6349] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.197'.
[   78.597510][ T6358] lo speed is unknown, defaulting to 1000
[   79.096416][ T6375] Zero length message leads to an empty skb
[   80.913223][ T6397] Driver unsupported XDP return value 0 on prog  (id 69) dev N/A, expect packet loss!
[   81.367605][  T976] cfg80211: failed to load regulatory.db
[   82.108146][ T5886] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   82.114351][ T5886] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   82.120811][ T5886] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   82.137290][ T5886] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   82.147072][ T5886] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   82.205302][ T6415] lo speed is unknown, defaulting to 1000
[   82.434467][ T5941] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.591088][ T6415] chnl_net:caif_netlink_parms(): no params data found
[   82.622054][ T5941] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.686429][ T5941] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.797284][ T5941] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.846509][ T6415] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.853052][ T6415] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.857151][ T6415] bridge_slave_0: entered allmulticast mode
[   82.864697][ T6415] bridge_slave_0: entered promiscuous mode
[   82.870791][ T6415] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.874215][ T6415] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.877282][ T6415] bridge_slave_1: entered allmulticast mode
[   82.881601][ T6415] bridge_slave_1: entered promiscuous mode
[   82.920423][ T6415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.927465][ T6415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.986230][ T6415] team0: Port device team_slave_0 added
[   82.991035][ T6415] team0: Port device team_slave_1 added
[   83.025684][ T6415] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.028102][ T6415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.037314][ T6415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.043929][ T6415] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.046350][ T6415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.056058][ T6415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.077247][ T5941] bridge_slave_1: left allmulticast mode
[   83.079814][ T5941] bridge_slave_1: left promiscuous mode
[   83.083125][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.088295][ T5941] bridge_slave_0: left allmulticast mode
[   83.091158][ T5941] bridge_slave_0: left promiscuous mode
[   83.093752][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.449354][ T5941] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   83.462013][ T5941] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   83.480838][ T5941] bond0 (unregistering): Released all slaves
[   83.566075][ T6415] hsr_slave_0: entered promiscuous mode
[   83.572988][ T6415] hsr_slave_1: entered promiscuous mode
[   83.575663][ T6415] debugfs: 'hsr0' already exists in 'hsr'
[   83.577987][ T6415] Cannot create hsr debugfs directory
[   83.916071][ T5941] hsr_slave_0: left promiscuous mode
[   83.950740][ T5941] hsr_slave_1: left promiscuous mode
[   83.952963][ T5941] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   83.959832][ T5941] batman_adv: batadv0: Removing interface: batadv_slave_0
[   83.971446][ T5941] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   83.978458][ T5941] batman_adv: batadv0: Removing interface: batadv_slave_1
[   84.006807][ T5941] veth1_macvtap: left promiscuous mode
[   84.011806][ T5941] veth0_macvtap: left promiscuous mode
[   84.013838][ T5941] veth1_vlan: left promiscuous mode
[   84.025907][ T5941] veth0_vlan: left promiscuous mode
[   84.161829][ T5886] Bluetooth: hci3: command tx timeout
[   84.534357][ T5941] team0 (unregistering): Port device team_slave_1 removed
[   84.610096][ T5941] team0 (unregistering): Port device team_slave_0 removed
[   85.373316][ T6477] netlink: 56 bytes leftover after parsing attributes in process `syz.1.240'.
[   85.382567][ T6415] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   85.401552][ T6415] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   85.420028][ T6415] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   85.428857][ T6481] netlink: 'syz.1.242': attribute type 1 has an invalid length.
[   85.438839][ T6415] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   85.443256][ T6481] netlink: 5 bytes leftover after parsing attributes in process `syz.1.242'.
[   85.710576][ T6415] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.742839][ T6415] 8021q: adding VLAN 0 to HW filter on device team0
[   85.759299][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.761807][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.869887][ T6415] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   85.873289][ T6415] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   85.900381][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.902867][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.942870][ T6501] warning: `syz.1.245' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   86.158909][ T6415] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.234828][ T6415] veth0_vlan: entered promiscuous mode
[   86.243400][ T5886] Bluetooth: hci3: command tx timeout
[   86.269352][ T6415] veth1_vlan: entered promiscuous mode
[   86.387076][ T6524] netlink: 'syz.2.252': attribute type 12 has an invalid length.
[   86.391271][ T6524] netlink: 132 bytes leftover after parsing attributes in process `syz.2.252'.
[   86.404457][ T6415] veth0_macvtap: entered promiscuous mode
[   86.428329][ T6415] veth1_macvtap: entered promiscuous mode
[   86.470436][ T6415] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.481140][ T6415] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.554076][ T5868] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.560621][ T5868] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.564403][ T5868] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.567671][ T5868] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.677756][ T6536] netlink: 8 bytes leftover after parsing attributes in process `syz.2.256'.
[   86.749963][ T3621] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.753330][ T3621] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.838637][ T3621] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.844414][ T3621] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.978328][ T6548] netlink: 'syz.2.258': attribute type 4 has an invalid length.
[   86.994508][ T6548] netlink: 152 bytes leftover after parsing attributes in process `syz.2.258'.
[   87.013692][ T6548] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[   87.204217][ T6560] netlink: 'syz.2.262': attribute type 21 has an invalid length.
[   87.933911][ T6591] netlink: 164 bytes leftover after parsing attributes in process `syz.3.270'.
[   88.323091][ T5886] Bluetooth: hci3: command tx timeout
[   90.368767][ T6415] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   90.384382][ T6415] CPU: 1 UID: 0 PID: 6415 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   90.384402][ T6415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   90.384410][ T6415] Call Trace:
[   90.384415][ T6415]  <TASK>
[   90.384421][ T6415]  dump_stack_lvl+0x189/0x250
[   90.384447][ T6415]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.384462][ T6415]  ? __pfx__printk+0x10/0x10
[   90.384490][ T6415]  dump_header+0xd3/0x480
[   90.384539][ T6415]  oom_kill_process+0x387/0x920
[   90.384558][ T6415]  out_of_memory+0xf09/0x12a0
[   90.384580][ T6415]  ? __pfx_out_of_memory+0x10/0x10
[   90.384601][ T6415]  mem_cgroup_out_of_memory+0x145/0x240
[   90.384616][ T6415]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   90.384636][ T6415]  ? _raw_spin_unlock+0x28/0x50
[   90.384652][ T6415]  ? memcg1_oom_prepare+0x37f/0x450
[   90.384671][ T6415]  try_charge_memcg+0xdff/0x1290
[   90.384700][ T6415]  ? __pfx_try_charge_memcg+0x10/0x10
[   90.384731][ T6415]  charge_memcg+0x9f/0x180
[   90.384748][ T6415]  ? mem_cgroup_swapin_charge_folio+0x33/0x390
[   90.384763][ T6415]  mem_cgroup_swapin_charge_folio+0x262/0x390
[   90.384783][ T6415]  __read_swap_cache_async+0x28c/0x510
[   90.384807][ T6415]  swap_cluster_readahead+0x305/0x5f0
[   90.384825][ T6415]  ? __pfx_swap_cluster_readahead+0x10/0x10
[   90.384848][ T6415]  ? get_vma_policy+0x27c/0x3c0
[   90.384867][ T6415]  swapin_readahead+0x17d/0xb50
[   90.384881][ T6415]  ? __pfx_filemap_get_entry+0x10/0x10
[   90.384902][ T6415]  ? __pfx_swapin_readahead+0x10/0x10
[   90.384918][ T6415]  ? __filemap_get_folio+0x9a6/0xaf0
[   90.384936][ T6415]  ? swap_cache_get_folio+0xae/0x3b0
[   90.384952][ T6415]  do_swap_page+0x525/0x5ac0
[   90.384972][ T6415]  ? __lock_acquire+0xab9/0xd20
[   90.384999][ T6415]  ? do_swap_page+0x184/0x5ac0
[   90.385013][ T6415]  ? __pfx_do_swap_page+0x10/0x10
[   90.385026][ T6415]  ? __lock_acquire+0xab9/0xd20
[   90.385044][ T6415]  ? __pfx_default_wake_function+0x10/0x10
[   90.385063][ T6415]  ? ___pte_offset_map+0x1cf/0x250
[   90.385082][ T6415]  ? pte_offset_map_rw_nolock+0xea/0x160
[   90.385100][ T6415]  __handle_mm_fault+0xe55/0x5440
[   90.385115][ T6415]  ? __lock_acquire+0xab9/0xd20
[   90.385143][ T6415]  ? __pfx___handle_mm_fault+0x10/0x10
[   90.385176][ T6415]  ? lock_vma_under_rcu+0xdf/0x3d0
[   90.385194][ T6415]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[   90.385217][ T6415]  handle_mm_fault+0x40a/0x8e0
[   90.385240][ T6415]  do_user_addr_fault+0xa81/0x1390
[   90.385267][ T6415]  ? rcu_is_watching+0x15/0xb0
[   90.385281][ T6415]  ? trace_page_fault_user+0x84/0x1e0
[   90.385300][ T6415]  exc_page_fault+0x76/0xf0
[   90.385319][ T6415]  asm_exc_page_fault+0x26/0x30
[   90.385332][ T6415] RIP: 0033:0x7f816d3c14a8
[   90.385345][ T6415] Code: 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f
[   90.385355][ T6415] RSP: 002b:00007ffde60b5b70 EFLAGS: 00010293
[   90.385367][ T6415] RAX: 0000000000000000 RBX: 000000000000000b RCX: 00007f816d3c14a5
[   90.385375][ T6415] RDX: 00007ffde60b5bb0 RSI: 0000000000000000 RDI: 0000000000000000
[   90.385382][ T6415] RBP: 00007ffde60b5c1c R08: 0000000000000000 R09: 0000000000000000
[   90.385390][ T6415] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388
[   90.385397][ T6415] R13: 00000000000927c0 R14: 0000000000015a35 R15: 00007ffde60b5c70
[   90.385417][ T6415]  </TASK>
[   90.385424][ T6415] memory: usage 307200kB, limit 307200kB, failcnt 133
[   90.419157][ T5886] Bluetooth: hci3: command tx timeout
[   90.497371][ T6415] memory+swap: usage 307376kB, limit 9007199254740988kB, failcnt 0
[   90.681340][ T6415] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[   90.684554][ T6415] Memory cgroup stats for /syz3:
[   90.684858][ T6415] cache 0
[   90.688236][ T6415] rss 0
[   90.722355][ T6415] rss_huge 0
[   90.723841][ T6415] shmem 0
[   90.725121][ T6415] mapped_file 0
[   90.741089][ T6415] dirty 0
[   90.742367][ T6415] writeback 0
[   90.743770][ T6415] workingset_refault_anon 0
[   90.745667][ T6415] workingset_refault_file 0
[   90.747575][ T6415] swap 180224
[   90.781301][ T6415] swapcached 16384
[   90.782927][ T6415] pgpgin 190
[   90.784365][ T6415] pgpgout 186
[   90.785841][ T6415] pgfault 507
[   90.787298][ T6415] pgmajfault 0
[   90.788811][ T6415] inactive_anon 16384
[   90.829216][ T6415] active_anon 0
[   90.830578][ T6415] inactive_file 0
[   90.836165][ T6415] active_file 0
[   90.837532][ T6415] unevictable 0
[   90.838646][ T6415] hierarchical_memory_limit 314572800
[   90.864948][ T6415] hierarchical_memsw_limit 9223372036854771712
[   90.867678][ T6415] total_cache 0
[   90.883070][ T6415] total_rss 0
[   90.884573][ T6415] total_rss_huge 0
[   90.886203][ T6415] total_shmem 0
[   90.887706][ T6415] total_mapped_file 0
[   90.915711][ T6415] total_dirty 0
[   90.917272][ T6415] total_writeback 0
[   90.918932][ T6415] total_workingset_refault_anon 0
[   90.949264][ T6415] total_workingset_refault_file 0
[   90.962032][ T6415] total_swap 180224
[   90.967256][ T6415] total_swapcached 16384
[   91.039852][ T6415] total_pgpgin 190
[   91.041461][ T6415] total_pgpgout 186
[   91.043084][ T6415] total_pgfault 507
[   91.044744][ T6415] total_pgmajfault 0
[   91.046385][ T6415] total_inactive_anon 16384
[   91.048268][ T6415] total_active_anon 0
[   91.102696][ T6415] total_inactive_file 0
[   91.104235][ T6415] total_active_file 0
[   91.105874][ T6415] total_unevictable 0
[   91.107559][ T6415] anon_cost 0
[   91.108858][ T6415] file_cost 0
[   91.138719][ T6415] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.270,pid=6588,uid=0
[   91.170601][ T6415] Memory cgroup out of memory: Killed process 6589 (syz.3.270) total-vm:104000kB, anon-rss:1012kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   91.251780][ T6627] netlink: 60 bytes leftover after parsing attributes in process `syz.2.275'.
[   91.329791][ T6630] netlink: 60 bytes leftover after parsing attributes in process `syz.2.275'.
[   91.404888][ T6629] TCP: TCP_TX_DELAY enabled
[   91.926773][ T6643] netlink: 8 bytes leftover after parsing attributes in process `syz.1.279'.
[   91.940639][ T6643] netlink: 6 bytes leftover after parsing attributes in process `syz.1.279'.
[   93.261166][ T6668] netlink: 48 bytes leftover after parsing attributes in process `syz.3.289'.
[   93.408239][ T6679] lo speed is unknown, defaulting to 1000
[   93.428817][ T6681] netlink: 'syz.3.292': attribute type 19 has an invalid length.
[   93.434828][ T6681] netlink: 40 bytes leftover after parsing attributes in process `syz.3.292'.
[   93.679138][    C1] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[   93.759378][ T6696] netlink: 'syz.1.298': attribute type 1 has an invalid length.
[   94.443278][ T6715] netlink: 8 bytes leftover after parsing attributes in process `syz.3.306'.
[   94.446384][ T6715] netlink: 16 bytes leftover after parsing attributes in process `syz.3.306'.
[   94.819744][ T6721] netlink: 'syz.3.309': attribute type 7 has an invalid length.
[   95.415287][ T6742] sit0: entered allmulticast mode
[   95.604565][ T6746] netlink: 'syz.3.318': attribute type 2 has an invalid length.
[   95.922368][ T6684] syz.2.291 (6684) used greatest stack depth: 19520 bytes left
[   96.518090][ T6766] netlink: 830 bytes leftover after parsing attributes in process `syz.2.325'.
[   96.530464][ T6766] bond_slave_0: entered promiscuous mode
[   96.532972][ T6766] bond_slave_1: entered promiscuous mode
[   96.653228][ T6781] netlink: 'syz.2.332': attribute type 4 has an invalid length.
[   96.656563][ T6781] netlink: 140 bytes leftover after parsing attributes in process `syz.2.332'.
[   96.696171][ T6783] netlink: 'syz.3.333': attribute type 3 has an invalid length.
[   96.711340][ T6783] netlink: 'syz.3.333': attribute type 2 has an invalid length.
[   96.715671][ T6783] netlink: 198112 bytes leftover after parsing attributes in process `syz.3.333'.
[   97.104139][ T6802] netlink: 4 bytes leftover after parsing attributes in process `syz.2.340'.
[   97.221693][ T6804] netlink: 'syz.3.341': attribute type 10 has an invalid length.
[   97.236724][ T6806] netlink: 'syz.2.342': attribute type 4 has an invalid length.
[   97.242689][ T6806] netlink: 'syz.2.342': attribute type 3 has an invalid length.
[   97.258202][ T6806] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.342'.
[   97.961971][ T6833] netlink: 28 bytes leftover after parsing attributes in process `syz.1.353'.
[   97.967782][ T6833] netlink: 28 bytes leftover after parsing attributes in process `syz.1.353'.
[   98.217519][ T6848] netlink: 1041 bytes leftover after parsing attributes in process `syz.1.357'.
[   98.267456][ T6853] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.361'.
[   99.328249][ T6914] validate_nla: 1 callbacks suppressed
[   99.328260][ T6914] netlink: 'syz.1.387': attribute type 3 has an invalid length.
[   99.333210][ T6914] netlink: 13435 bytes leftover after parsing attributes in process `syz.1.387'.
[   99.418734][ T6916] netlink: 'syz.1.388': attribute type 2 has an invalid length.
[   99.423287][ T6916] netlink: 'syz.1.388': attribute type 8 has an invalid length.
[   99.702196][ T6934] netlink: 'syz.1.394': attribute type 1 has an invalid length.
[  100.285505][ T6910] lo speed is unknown, defaulting to 1000
[  100.671529][ T6972] netlink: 'syz.2.405': attribute type 237 has an invalid length.
[  101.043362][ T7000] raw_sendmsg: syz.1.413 forgot to set AF_INET. Fix it!
[  101.108206][ T7002] netlink: 'syz.1.414': attribute type 1 has an invalid length.
[  101.186493][ T5886] Bluetooth: hci0: unexpected event 0x05 length: 15 > 4
[  101.327013][ T7020] netlink: 'syz.2.419': attribute type 10 has an invalid length.
[  101.756958][ T7055] sctp: [Deprecated]: syz.2.436 (pid 7055) Use of int in max_burst socket option deprecated.
[  101.756958][ T7055] Use struct sctp_assoc_value instead
[  102.331672][ T7105] __nla_validate_parse: 2 callbacks suppressed
[  102.331690][ T7105] netlink: 24 bytes leftover after parsing attributes in process `syz.3.454'.
[  104.074696][ T7153] netlink: 132 bytes leftover after parsing attributes in process `syz.2.473'.
[  104.167830][ T7168] netlink: 14 bytes leftover after parsing attributes in process `syz.1.478'.
[  104.314057][ T7180] netlink: 24 bytes leftover after parsing attributes in process `syz.3.476'.
[  104.337493][ T7180] netlink: 24 bytes leftover after parsing attributes in process `syz.3.476'.
[  104.576840][ T7197] netlink: 'syz.2.485': attribute type 2 has an invalid length.
[  104.581779][ T7197] netlink: 'syz.2.485': attribute type 1 has an invalid length.
[  104.585515][ T7197] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.485'.
[  104.610256][ T7197] nbd: couldn't find device at index 65542
[  104.611482][ T7200] netlink: 'syz.1.487': attribute type 27 has an invalid length.
[  104.616416][ T7200] netlink: 164 bytes leftover after parsing attributes in process `syz.1.487'.
[  104.678985][ T7208] netlink: 60 bytes leftover after parsing attributes in process `syz.3.486'.
[  104.685204][ T7208] netlink: 60 bytes leftover after parsing attributes in process `syz.3.486'.
[  104.689040][ T7201] netlink: 60 bytes leftover after parsing attributes in process `syz.3.486'.
[  104.762173][ T7216] netlink: 'syz.2.494': attribute type 41 has an invalid length.
[  107.146134][ T7261] netlink: 'syz.2.512': attribute type 21 has an invalid length.
[  108.355997][ T7280] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  108.649031][ T7296] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.942041][ T7310] __nla_validate_parse: 6 callbacks suppressed
[  108.942053][ T7310] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.534'.
[  109.051238][ T7318] netlink: 872 bytes leftover after parsing attributes in process `syz.1.538'.
[  109.080280][ T7318] netlink: 872 bytes leftover after parsing attributes in process `syz.1.538'.
[  109.274268][ T7326] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.542'.
[  109.378378][ T7333] netlink: 12 bytes leftover after parsing attributes in process `syz.3.545'.
[  109.382690][ T7334] sctp: [Deprecated]: syz.2.546 (pid 7334) Use of struct sctp_assoc_value in delayed_ack socket option.
[  109.382690][ T7334] Use struct sctp_sack_info instead
[  109.623842][ T7345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.550'.
[  109.627647][ T7345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.550'.
[  109.656864][ T7348] netlink: 60 bytes leftover after parsing attributes in process `syz.2.552'.
[  109.717445][ T7354] netlink: 'syz.1.554': attribute type 3 has an invalid length.
[  109.918686][ T7376] netlink: 14 bytes leftover after parsing attributes in process `syz.2.565'.
[  109.926874][ T7376] bond_slave_0: left promiscuous mode
[  109.929558][ T7376] bond_slave_1: left promiscuous mode
[  110.056253][ T7376] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.080094][ T7376] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  110.088129][ T7376] bond0 (unregistering): Released all slaves
[  110.128555][ T7391] netlink: 8 bytes leftover after parsing attributes in process `syz.3.572'.
[  110.162991][ T7395] netlink: 'syz.3.574': attribute type 9 has an invalid length.
[  110.486000][ T7429] openvswitch: netlink: nsh attr 0 has unexpected len 86 expected 0
[  110.491285][ T7429] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  110.573420][ T5886] Bluetooth: hci1: adv larger than maximum supported
[  110.603665][ T7438] netlink: 'syz.3.595': attribute type 1 has an invalid length.
[  110.794640][ T7455] netlink: 'syz.3.602': attribute type 9 has an invalid length.
[  111.966601][ T7473] infiniband syz1: set active
[  111.971871][ T7473] infiniband syz1: added team_slave_0
[  111.976020][ T7473] syz1: rxe_create_cq: returned err = -12
[  111.978412][ T7473] infiniband syz1: Couldn't create ib_mad CQ
[  111.980919][ T7473] infiniband syz1: Couldn't open port 1
[  112.003687][ T7473] RDS/IB: syz1: added
[  112.005649][ T7473] smc: adding ib device syz1 with port count 1
[  112.020517][ T7473] smc:    ib device syz1 port 1 has pnetid 
[  113.258792][ T7558] x_tables: ip_tables: SNAT target: only valid in nat table, not syz0
[  113.785395][ T7584] netlink: 'syz.1.660': attribute type 10 has an invalid length.
[  113.802303][ T7584] batman_adv: batadv0: Adding interface: team0
[  113.805471][ T7584] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.817193][ T7584] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  114.122413][ T7607] __nla_validate_parse: 10 callbacks suppressed
[  114.122423][ T7607] netlink: 60 bytes leftover after parsing attributes in process `syz.1.666'.
[  114.128374][ T7607] netlink: 60 bytes leftover after parsing attributes in process `syz.1.666'.
[  114.134022][ T7607] netlink: 60 bytes leftover after parsing attributes in process `syz.1.666'.
[  114.626280][ T7628] netlink: 182 bytes leftover after parsing attributes in process `syz.3.676'.
[  114.776325][ T7635] netlink: 'syz.2.679': attribute type 7 has an invalid length.
[  114.782383][ T7635] netlink: 64 bytes leftover after parsing attributes in process `syz.2.679'.
[  114.946370][ T7649] netlink: 'syz.2.685': attribute type 2 has an invalid length.
[  114.968346][ T7649] netlink: 'syz.2.685': attribute type 1 has an invalid length.
[  114.972642][ T7649] netlink: 132 bytes leftover after parsing attributes in process `syz.2.685'.
[  114.983268][ T7649] netlink: 60 bytes leftover after parsing attributes in process `syz.2.685'.
[  114.987020][ T7649] netlink: 60 bytes leftover after parsing attributes in process `syz.2.685'.
[  114.994712][ T7649] netlink: 60 bytes leftover after parsing attributes in process `syz.2.685'.
[  115.144091][ T7652] netlink: 703 bytes leftover after parsing attributes in process `syz.2.686'.
[  115.547111][ T7670] netlink: 'syz.1.694': attribute type 11 has an invalid length.
[  115.602309][ T7666] wg0 speed is unknown, defaulting to 1000
[  115.606770][ T7666] wg0 speed is unknown, defaulting to 1000
[  115.695632][ T7666] wg0 speed is unknown, defaulting to 1000
[  115.813730][ T7666] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  116.050531][ T7666] wg0 speed is unknown, defaulting to 1000
[  116.088867][ T7666] wg0 speed is unknown, defaulting to 1000
[  116.103510][ T7690] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  116.136701][ T7666] wg0 speed is unknown, defaulting to 1000
[  119.205652][ T7719] __nla_validate_parse: 2 callbacks suppressed
[  119.205663][ T7719] netlink: 56 bytes leftover after parsing attributes in process `syz.2.716'.
[  119.936377][ T7725] netlink: 'syz.1.718': attribute type 29 has an invalid length.
[  119.959634][ T7725] netlink: 'syz.1.718': attribute type 29 has an invalid length.
[  119.963456][ T7725] netlink: 'syz.1.718': attribute type 29 has an invalid length.
[  119.969826][ T7727] netlink: 188 bytes leftover after parsing attributes in process `syz.3.719'.
[  120.050844][ T7735] netlink: 8 bytes leftover after parsing attributes in process `syz.3.723'.
[  120.095484][ T7735] netlink: 'syz.3.723': attribute type 1 has an invalid length.
[  120.098867][ T7735] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.723'.
[  120.635521][ T7744] netlink: 'syz.1.727': attribute type 12 has an invalid length.
[  120.639041][ T7744] netlink: 132 bytes leftover after parsing attributes in process `syz.1.727'.
[  120.672728][ T7744] C: renamed from team_slave_0 (while UP)
[  120.687564][ T7744] netlink: 'syz.1.727': attribute type 1 has an invalid length.
[  120.692742][ T7744] netlink: 152 bytes leftover after parsing attributes in process `syz.1.727'.
[  120.696964][ T7744] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  120.708910][ T7748] netlink: 10 bytes leftover after parsing attributes in process `syz.3.729'.
[  121.229899][ T7771] netlink: ct family unspecified
[  121.232273][ T7771] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  121.384327][ T7773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.739'.
[  121.387355][ T7773] openvswitch: netlink: nsh attribute has 5276 unknown bytes.
[  121.390448][ T7773] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  121.552258][ T7785] netlink: 'syz.3.745': attribute type 21 has an invalid length.
[  121.555535][ T7785] netlink: 128 bytes leftover after parsing attributes in process `syz.3.745'.
[  121.563575][ T7785] netlink: 'syz.3.745': attribute type 5 has an invalid length.
[  121.567463][ T7785] netlink: 'syz.3.745': attribute type 6 has an invalid length.
[  121.571362][ T7785] netlink: 3 bytes leftover after parsing attributes in process `syz.3.745'.
[  122.138580][ T7832] openvswitch: netlink: Missing key (keys=40, expected=100)
[  122.179151][ T7836] netlink: 'syz.1.765': attribute type 29 has an invalid length.
[  122.217105][ T7841] IPv6: NLM_F_CREATE should be specified when creating new route
[  122.741061][ T7889] syzkaller0: entered promiscuous mode
[  122.743229][ T7889] syzkaller0: entered allmulticast mode
[  123.754380][ T7900] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  123.757629][ T7900] batman_adv: batadv0: Removing interface: batadv_slave_0
[  123.762235][ T7900] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.765425][ T7900] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.796453][ T7908] syz.3.790 (7908) used obsolete PPPIOCDETACH ioctl
[  124.054755][ T7924] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  124.445496][ T5886] Bluetooth: hci3: unexpected event 0x1c length: 15 > 5
[  124.525238][ T7951] __nla_validate_parse: 4 callbacks suppressed
[  124.525255][ T7951] netlink: 4 bytes leftover after parsing attributes in process `syz.2.808'.
[  125.777654][ T7997] netlink: 5844 bytes leftover after parsing attributes in process `syz.2.829'.
[  125.929931][ T8009] netlink: 11562 bytes leftover after parsing attributes in process `syz.2.835'.
[  125.983497][ T8014] delete_channel: no stack
[  126.387209][ T8025] netlink: 32 bytes leftover after parsing attributes in process `syz.2.842'.
[  126.393084][ T8025] netlink: 32 bytes leftover after parsing attributes in process `syz.2.842'.
[  127.756056][ T8044] netlink: 8 bytes leftover after parsing attributes in process `syz.2.851'.
[  127.759722][ T8044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.851'.
[  127.764078][ T8044] netlink: 33 bytes leftover after parsing attributes in process `syz.2.851'.
[  127.767302][ T8044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.851'.
[  127.770598][ T8044] netlink: 33 bytes leftover after parsing attributes in process `syz.2.851'.
[  127.949758][ T8055] validate_nla: 3 callbacks suppressed
[  127.949768][ T8055] netlink: 'syz.1.856': attribute type 21 has an invalid length.
[  127.954682][ T8055] netlink: 'syz.1.856': attribute type 4 has an invalid length.
[  127.957519][ T8055] netlink: 'syz.1.856': attribute type 5 has an invalid length.
[  128.107633][ T8061] netlink: 'syz.3.858': attribute type 10 has an invalid length.
[  128.125858][ T8061] team0: entered promiscuous mode
[  128.158055][ T8061] team_slave_0: entered promiscuous mode
[  128.171198][ T8061] team_slave_1: entered promiscuous mode
[  128.174051][ T8061] team0: entered allmulticast mode
[  128.176133][ T8061] team_slave_0: entered allmulticast mode
[  128.178660][ T8061] team_slave_1: entered allmulticast mode
[  128.193274][ T8061] bridge0: port 3(team0) entered blocking state
[  128.196795][ T8061] bridge0: port 3(team0) entered disabled state
[  128.228347][ T8061] bridge0: port 3(team0) entered blocking state
[  128.231108][ T8061] bridge0: port 3(team0) entered forwarding state
[  128.517517][ T8083] netlink: 'syz.3.869': attribute type 16 has an invalid length.
[  129.659198][ T8116] __nla_validate_parse: 8 callbacks suppressed
[  129.659213][ T8116] netlink: 7 bytes leftover after parsing attributes in process `syz.3.882'.
[  129.666613][ T8116] netlink: 24 bytes leftover after parsing attributes in process `syz.3.882'.
[  129.728357][ T8118] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.883'.
[  130.028039][ T8106] syzkaller0: tun_chr_ioctl cmd 1074025677
[  130.031522][ T8106] syzkaller0: linktype set to 768
[  130.343324][ T8135] netlink: 'syz.1.890': attribute type 21 has an invalid length.
[  130.346861][ T8135] netlink: 168 bytes leftover after parsing attributes in process `syz.1.890'.
[  130.769594][ T8147] netlink: 'syz.3.894': attribute type 12 has an invalid length.
[  130.772490][ T8147] netlink: 14585 bytes leftover after parsing attributes in process `syz.3.894'.
[  130.869694][ T8141] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode
[  130.876202][ T8141] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  131.146550][ T8155] netlink: 28 bytes leftover after parsing attributes in process `syz.3.898'.
[  131.308562][ T8159] siw: device registration error -23
[  132.687854][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  132.690250][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  133.540644][ T8150] syzkaller0: entered promiscuous mode
[  133.548798][ T8150] syzkaller0: entered allmulticast mode
[  134.568550][ T8189] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  134.573807][ T8189] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  134.609554][ T8193] netlink: 4 bytes leftover after parsing attributes in process `syz.3.914'.
[  135.849779][ T5868] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.893553][ T5868] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.982493][ T5868] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.093232][ T5868] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.233680][ T5868] bridge0: port 3(team0) entered disabled state
[  136.238315][ T5868] bridge_slave_1: left allmulticast mode
[  136.250881][ T5868] bridge_slave_1: left promiscuous mode
[  136.252951][ T5868] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.258643][ T5868] bridge_slave_0: left allmulticast mode
[  136.262160][ T5868] bridge_slave_0: left promiscuous mode
[  136.264628][ T5868] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.551901][ T5868] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.556277][ T5868] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.561967][ T5868] bond0 (unregistering): Released all slaves
[  137.077759][ T5868] hsr_slave_0: left promiscuous mode
[  137.085818][ T5868] hsr_slave_1: left promiscuous mode
[  137.088445][ T5868] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  137.100611][ T5868] batman_adv: batadv0: Removing interface: batadv_slave_0
[  137.104696][ T5868] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  137.108047][ T5868] batman_adv: batadv0: Removing interface: batadv_slave_1
[  137.125603][ T5868] veth1_macvtap: left promiscuous mode
[  137.128128][ T5868] veth0_macvtap: left promiscuous mode
[  137.132473][ T5868] veth1_vlan: left promiscuous mode
[  137.134822][ T5868] veth0_vlan: left promiscuous mode
[  137.453020][ T5868] team_slave_1 (unregistering): left promiscuous mode
[  137.455379][ T5868] team_slave_1 (unregistering): left allmulticast mode
[  137.458234][ T5868] team0 (unregistering): Port device team_slave_1 removed
[  137.476558][ T5868] team_slave_0 (unregistering): left promiscuous mode
[  137.478982][ T5868] team_slave_0 (unregistering): left allmulticast mode
[  137.484093][ T5868] team0 (unregistering): Port device team_slave_0 removed
[  137.487713][   T32] smc: removing ib device syz1
[  138.040210][ T5868] ------------[ cut here ]------------
[  138.042111][ T5868] WARNING: CPU: 0 PID: 5868 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x270/0x2f0
[  138.045136][ T5868] Modules linked in:
[  138.046448][ T5868] CPU: 0 UID: 0 PID: 5868 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  138.050335][ T5868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  138.053682][ T5868] Workqueue: netns cleanup_net
[  138.055188][ T5868] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[  138.057098][ T5868] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 c8 3d 01 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 a6 fa e1 f7 e8 e1 a0 9d f7 90 <0f> 0b 90 e9 fd fd ff ff e8 d3 a0 9d f7 90 0f 0b 90 e9 60 fe ff ff
[  138.065435][ T5868] RSP: 0018:ffffc90003c7f898 EFLAGS: 00010293
[  138.067816][ T5868] RAX: ffffffff8a221ccf RBX: ffff88811f704880 RCX: ffff88802213b980
[  138.071253][ T5868] RDX: 0000000000000000 RSI: ffffffff8dba631f RDI: ffff88802213b980
[  138.074313][ T5868] RBP: ffffc90003c7f9b0 R08: ffffffff8fa38237 R09: 1ffffffff1f47046
[  138.077386][ T5868] R10: dffffc0000000000 R11: fffffbfff1f47047 R12: ffffffff8f630ea0
[  138.080562][ T5868] R13: 1ffff9200078ff40 R14: ffff88811f705d00 R15: dffffc0000000000
[  138.083547][ T5868] FS:  0000000000000000(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[  138.086775][ T5868] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  138.088957][ T5868] CR2: 00007ff883af0ba8 CR3: 0000000108748000 CR4: 00000000000006f0
[  138.091977][ T5868] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  138.094584][ T5868] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  138.097200][ T5868] Call Trace:
[  138.098327][ T5868]  <TASK>
[  138.099572][ T5868]  xfrm_net_exit+0x2d/0x70
[  138.101083][ T5868]  ops_undo_list+0x49a/0x990
[  138.102676][ T5868]  ? __pfx_ops_undo_list+0x10/0x10
[  138.104380][ T5868]  ? do_raw_spin_unlock+0x4d/0x240
[  138.106281][ T5868]  cleanup_net+0x4c5/0x800
[  138.107732][ T5868]  ? __pfx_cleanup_net+0x10/0x10
[  138.109537][ T5868]  ? _raw_spin_unlock_irq+0x23/0x50
[  138.111284][ T5868]  ? process_scheduled_works+0x9ef/0x17b0
[  138.113195][ T5868]  ? process_scheduled_works+0x9ef/0x17b0
[  138.115156][ T5868]  process_scheduled_works+0xae1/0x17b0
[  138.116995][ T5868]  ? __pfx_process_scheduled_works+0x10/0x10
[  138.119018][ T5868]  worker_thread+0x8a0/0xda0
[  138.120809][ T5868]  kthread+0x711/0x8a0
[  138.122186][ T5868]  ? __pfx_worker_thread+0x10/0x10
[  138.123856][ T5868]  ? __pfx_kthread+0x10/0x10
[  138.125348][ T5868]  ? _raw_spin_unlock_irq+0x23/0x50
[  138.127053][ T5868]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.128779][ T5868]  ? __pfx_kthread+0x10/0x10
[  138.130535][ T5868]  ret_from_fork+0x3fc/0x770
[  138.132438][ T5868]  ? __pfx_ret_from_fork+0x10/0x10
[  138.134507][ T5868]  ? __switch_to_asm+0x39/0x70
[  138.136318][ T5868]  ? __switch_to_asm+0x33/0x70
[  138.137963][ T5868]  ? __pfx_kthread+0x10/0x10
[  138.139721][ T5868]  ret_from_fork_asm+0x1a/0x30
[  138.141474][ T5868]  </TASK>
[  138.142691][ T5868] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  138.145078][ T5868] CPU: 0 UID: 0 PID: 5868 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  138.148165][ T5868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  138.151472][ T5868] Workqueue: netns cleanup_net
[  138.153080][ T5868] Call Trace:
[  138.154234][ T5868]  <TASK>
[  138.155320][ T5868]  dump_stack_lvl+0x99/0x250
[  138.156868][ T5868]  ? __asan_memcpy+0x40/0x70
[  138.158401][ T5868]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.160141][ T5868]  ? __pfx__printk+0x10/0x10
[  138.161711][ T5868]  vpanic+0x281/0x750
[  138.163048][ T5868]  ? __pfx__printk+0x10/0x10
[  138.164601][ T5868]  ? __pfx_vpanic+0x10/0x10
[  138.166144][ T5868]  ? is_bpf_text_address+0x292/0x2b0
[  138.167920][ T5868]  panic+0xb9/0xc0
[  138.169301][ T5868]  ? __pfx_panic+0x10/0x10
[  138.170811][ T5868]  __warn+0x31b/0x4b0
[  138.172149][ T5868]  ? xfrm_state_fini+0x270/0x2f0
[  138.174109][ T5868]  ? xfrm_state_fini+0x270/0x2f0
[  138.176181][ T5868]  report_bug+0x2be/0x4f0
[  138.177990][ T5868]  ? xfrm_state_fini+0x270/0x2f0
[  138.179780][ T5868]  ? xfrm_state_fini+0x270/0x2f0
[  138.181436][ T5868]  ? xfrm_state_fini+0x272/0x2f0
[  138.183236][ T5868]  handle_bug+0x84/0x160
[  138.184953][ T5868]  exc_invalid_op+0x1a/0x50
[  138.186738][ T5868]  asm_exc_invalid_op+0x1a/0x20
[  138.188536][ T5868] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[  138.190522][ T5868] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 c8 3d 01 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 a6 fa e1 f7 e8 e1 a0 9d f7 90 <0f> 0b 90 e9 fd fd ff ff e8 d3 a0 9d f7 90 0f 0b 90 e9 60 fe ff ff
[  138.197086][ T5868] RSP: 0018:ffffc90003c7f898 EFLAGS: 00010293
[  138.199103][ T5868] RAX: ffffffff8a221ccf RBX: ffff88811f704880 RCX: ffff88802213b980
[  138.201720][ T5868] RDX: 0000000000000000 RSI: ffffffff8dba631f RDI: ffff88802213b980
[  138.204309][ T5868] RBP: ffffc90003c7f9b0 R08: ffffffff8fa38237 R09: 1ffffffff1f47046
[  138.206873][ T5868] R10: dffffc0000000000 R11: fffffbfff1f47047 R12: ffffffff8f630ea0
[  138.209333][ T5868] R13: 1ffff9200078ff40 R14: ffff88811f705d00 R15: dffffc0000000000
[  138.211811][ T5868]  ? xfrm_state_fini+0x26f/0x2f0
[  138.213395][ T5868]  ? xfrm_state_fini+0x26f/0x2f0
[  138.214975][ T5868]  xfrm_net_exit+0x2d/0x70
[  138.216578][ T5868]  ops_undo_list+0x49a/0x990
[  138.218429][ T5868]  ? __pfx_ops_undo_list+0x10/0x10
[  138.220222][ T5868]  ? do_raw_spin_unlock+0x4d/0x240
[  138.221994][ T5868]  cleanup_net+0x4c5/0x800
[  138.223439][ T5868]  ? __pfx_cleanup_net+0x10/0x10
[  138.225044][ T5868]  ? _raw_spin_unlock_irq+0x23/0x50
[  138.226726][ T5868]  ? process_scheduled_works+0x9ef/0x17b0
[  138.228550][ T5868]  ? process_scheduled_works+0x9ef/0x17b0
[  138.230420][ T5868]  process_scheduled_works+0xae1/0x17b0
[  138.232513][ T5868]  ? __pfx_process_scheduled_works+0x10/0x10
[  138.234764][ T5868]  worker_thread+0x8a0/0xda0
[  138.236343][ T5868]  kthread+0x711/0x8a0
[  138.237783][ T5868]  ? __pfx_worker_thread+0x10/0x10
[  138.239413][ T5868]  ? __pfx_kthread+0x10/0x10
[  138.240934][ T5868]  ? _raw_spin_unlock_irq+0x23/0x50
[  138.242639][ T5868]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.244313][ T5868]  ? __pfx_kthread+0x10/0x10
[  138.245846][ T5868]  ret_from_fork+0x3fc/0x770
[  138.247361][ T5868]  ? __pfx_ret_from_fork+0x10/0x10
[  138.249014][ T5868]  ? __switch_to_asm+0x39/0x70
[  138.250539][ T5868]  ? __switch_to_asm+0x33/0x70
[  138.252096][ T5868]  ? __pfx_kthread+0x10/0x10
[  138.253586][ T5868]  ret_from_fork_asm+0x1a/0x30
[  138.255149][ T5868]  </TASK>
[  138.256824][ T5868] Kernel Offset: disabled
[  138.258220][ T5868] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:49:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90003c7f030
R8 =ffff888107648237 R9 =1ffff11020ec9046 R10=dffffc0000000000 R11=ffffffff854f33b0
R12=dffffc0000000000 R13=ffffffff99afa925 R14=ffffffff99def3e0 R15=0000000000000000
RIP=ffffffff854f342c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff883af0ba8 CR3=0000000108748000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffff00ffffff00 ffffffffffffffff
XMM02=73616c632f737973 2f002f74656e2f73 XMM03=0000000000000000 0000000000000073
XMM04=7373616c632f7379 732f002f74656e2f XMM05=0031313230382f65 65692f316968702f
XMM06=0000000000000000 0000000000000000 XMM07=000000000000ff00 0000ff00000000ff
XMM08=ff00000000000000 0000000000000000 XMM09=3435313230386565 65692f6d69737768
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=0000000000000000 RCX=0000000000000002 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff8e13a020 RBP=ffffffff825d760c RSP=ffffc9000065f770
R8 =0000000000000000 R9 =0000000000000000 R10=dffffc0000000000 R11=ffffed102295314b
R12=0000000000000002 R13=ffffffff8e13a020 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8b799120 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f397f642ff8 CR3=000000010a3a4000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00ff000000000000 ff00000000000000 XMM05=0000000000000221 0000000000313130
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffff0000 ffffffffff000000 XMM09=6c696b66722f3031 7968702f31313230
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
