last executing test programs:

553.312119ms ago: executing program 2 (id=254):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xd, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0xa8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

491.201331ms ago: executing program 2 (id=256):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x3f, 0x40, 0x42}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100)="6183c2d282dd98576d79a19ad5552c2fa441cbd3dc0443c02586f3f0433a78df09c913ee8861052de5e4996be333f27fd5d531d7c552b7af20b2c828a31761d9c9b0", 0x1003, r0}, 0x38)

413.756925ms ago: executing program 2 (id=260):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x12043)

413.456484ms ago: executing program 1 (id=261):
r0 = socket$kcm(0x2, 0xa, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
ioctl$SIOCSIFHWADDR(r0, 0x8916, &(0x7f0000000000)={'wlan1\x00', @random="0200ff7fffff"})

360.692003ms ago: executing program 2 (id=262):
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0, 0xd}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_bp={&(0x7f00000003c0), 0x4}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='nmi_noise\x00', 0xffffffffffffffff, 0x0, 0x81}, 0x18)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8264, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x2018, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)}, 0x40)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000b"], 0x10b8}, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={0x0, r0, 0x0, 0x0, 0x0}, 0x30)
sendmsg$kcm(r4, &(0x7f0000000200)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x0, 0x38}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000180)="27050200d40f00000600002f88a8", 0xe}], 0x1}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r5 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r5, 0x84, 0x83, &(0x7f0000000000), 0x8)
write$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESHEX], 0x12)
r6 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r6, 0x84, 0x84, &(0x7f0000000000), 0x90)

358.154662ms ago: executing program 0 (id=263):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff0000000000000000850000004100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000004000002850000008600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

357.929798ms ago: executing program 1 (id=264):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x4, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, [@alu={0x4, 0x1, 0xd, 0x4, 0xa, 0x1, 0x10}]}, &(0x7f0000000d40)='syzkaller\x00'}, 0x94)

328.666932ms ago: executing program 0 (id=265):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003840)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000380)="fbe6bd8dfcdda5a210b8cfefbd66f459c7261b927d25d3cf74d2f7c97735eba47f606a290d184925922333211d168ab0f6e1081fdbd921ed4db0e67c9d5ab1452445a1e0da5ac68b13f4afe2712eeaad35ef06", 0x53}], 0x1}, 0x0)
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)='.', 0x1}], 0x1}, 0x84)

273.554186ms ago: executing program 1 (id=266):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="7a0af8ff7525757cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1ae9f2cfe401dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd853eb3f12225bfcca581f04f317c8301b43267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4800b3c26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692f01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f7e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c662003"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x600, 0x4000000}, 0x28)

224.709468ms ago: executing program 1 (id=267):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40402, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x2})
write$cgroup_devices(r0, &(0x7f0000002d80)=ANY=[], 0xffdd)

224.338561ms ago: executing program 0 (id=268):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000791238000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

154.20556ms ago: executing program 0 (id=269):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0x6, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r0}, &(0x7f0000000840), &(0x7f0000000880)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='workqueue_queue_work\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

139.501858ms ago: executing program 1 (id=270):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@printk, @call={0x85, 0x0, 0x0, 0x7}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='hrtimer_start\x00', r1}, 0x18)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

132.249587ms ago: executing program 2 (id=271):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x32, &(0x7f0000000040)=[{&(0x7f00000005c0)="3504000041000511d25a35400c0002000200002037153e370c04018006041000450000002a560000e7ff00400000", 0x2e}, {&(0x7f0000000600)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb1b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a7063b69c51b801500a5beee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c86a9710cc6415a6d3cc4556efd6a6d0f8d57f2267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf0a2c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc1161c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319120000853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f32a671fe6e291fb2eaa59b9636cb6a74d0deb46a18c77f37abf0894a7083e0e4d237ff7c24872668ac40e307569a975b2765af8d3268d11b473d5d7544edd1ed0e507c319e128daf7e75c349c9b3de603580d52a6c118acf924216130364bfab8d59969e4dbee0a9208adb7bfa855556be06a666334a0612e4ff3fc6f4ddb9a0c209301081f34824496480d688ae9bd0c3c28ea8ecfe01a2b86dcb3750686a89891d9abf0d584ca74b4bc6096293fbc8707312f424996361f39261ef3ba7cd2ddffb0e3c81e6b962d680e02f7a672dc2643cc24ad64d86fb4780827ca784a8af3376c2567bfde74dc50e16c81b71450af026459e2c37d94b8461b56ff944edc1a8cd93d0258fcc2f094615c152be66884103af11ff463100"/1013, 0x401}, {&(0x7f0000000a40)="47f72fedcd1d", 0x6}], 0x3}, 0x10049014)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x90)

64.118628ms ago: executing program 0 (id=272):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x6, [@enum={0x3, 0x1, 0x0, 0x6, 0x4, [{0x3, 0x7}]}]}, {0x0, [0x30, 0x30, 0x5f, 0x61]}}, 0x0, 0x32, 0x0, 0x1, 0x2}, 0x28)

410.028µs ago: executing program 0 (id=273):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020037b34f8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000e00000095"], &(0x7f0000000480)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

237.802µs ago: executing program 1 (id=274):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000000061104d000000000007000000000002009500094000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x210}, 0x48)

0s ago: executing program 2 (id=275):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000780)="d8000000100081044e81f782db44b904021d080005000000e8fe552603600e1209000d0000000401a80016000a00144006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e4dc3b90317008e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db7010000e006dcdf63951f215ce3bb9ad809d5e1cace140efdc0272ae6089ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701000000000000000000", 0xd8}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:8402' (ED25519) to the list of known hosts.
syzkaller login: [   55.879707][ T5816] cgroup: Unknown subsys name 'net'
[   55.971646][ T5816] cgroup: Unknown subsys name 'cpuset'
[   55.977522][ T5816] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   57.602061][ T5816] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   63.930681][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   63.935342][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   63.940059][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   63.944013][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   63.948173][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   63.997739][ T5219] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   64.001670][ T5219] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   64.005157][ T5219] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   64.009931][ T5219] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   64.014164][ T5219] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   64.090413][ T5219] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   64.093142][ T5219] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   64.095817][ T5219] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   64.100877][ T5219] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   64.104574][ T5219] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   64.197275][ T5834] chnl_net:caif_netlink_parms(): no params data found
[   64.305038][ T5838] chnl_net:caif_netlink_parms(): no params data found
[   64.351064][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.353430][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.355969][ T5834] bridge_slave_0: entered allmulticast mode
[   64.359496][ T5834] bridge_slave_0: entered promiscuous mode
[   64.363540][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.366092][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.369126][ T5834] bridge_slave_1: entered allmulticast mode
[   64.372147][ T5834] bridge_slave_1: entered promiscuous mode
[   64.422439][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.465592][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.483026][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.486258][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.490087][ T5838] bridge_slave_0: entered allmulticast mode
[   64.494125][ T5838] bridge_slave_0: entered promiscuous mode
[   64.527866][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.531052][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.534277][ T5838] bridge_slave_1: entered allmulticast mode
[   64.538571][ T5838] bridge_slave_1: entered promiscuous mode
[   64.557970][ T5834] team0: Port device team_slave_0 added
[   64.565622][ T5834] team0: Port device team_slave_1 added
[   64.583352][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.587398][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   64.595787][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.637900][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.640148][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.648968][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.656008][ T5838] team0: Port device team_slave_0 added
[   64.666462][ T5838] team0: Port device team_slave_1 added
[   64.670345][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.672606][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.682672][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.755006][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.757671][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.766889][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.789566][ T5834] hsr_slave_0: entered promiscuous mode
[   64.792445][ T5834] hsr_slave_1: entered promiscuous mode
[   64.811774][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.814346][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.823910][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.906881][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.910104][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.913222][ T5842] bridge_slave_0: entered allmulticast mode
[   64.917023][ T5842] bridge_slave_0: entered promiscuous mode
[   64.946856][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.950769][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.953160][ T5842] bridge_slave_1: entered allmulticast mode
[   64.956568][ T5842] bridge_slave_1: entered promiscuous mode
[   64.996669][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.010325][ T5838] hsr_slave_0: entered promiscuous mode
[   65.013129][ T5838] hsr_slave_1: entered promiscuous mode
[   65.016090][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.019767][ T5838] Cannot create hsr debugfs directory
[   65.024227][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.100442][ T5842] team0: Port device team_slave_0 added
[   65.107526][ T5842] team0: Port device team_slave_1 added
[   65.152089][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.154917][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.167872][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.184525][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.187019][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.196390][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.303265][ T5842] hsr_slave_0: entered promiscuous mode
[   65.306469][ T5842] hsr_slave_1: entered promiscuous mode
[   65.309962][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.313249][ T5842] Cannot create hsr debugfs directory
[   65.370583][ T5834] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   65.382137][ T5834] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   65.388143][ T5834] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   65.409347][ T5834] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   65.471425][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   65.488076][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   65.504104][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   65.514641][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   65.635197][ T5842] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.648051][ T5842] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.654661][ T5842] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.676837][ T5842] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.692353][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.728978][ T5834] 8021q: adding VLAN 0 to HW filter on device team0
[   65.743411][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.768977][  T158] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.772102][  T158] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.778968][  T158] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.781957][  T158] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.840058][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   65.864716][  T158] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.867919][  T158] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.881809][  T158] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.884862][  T158] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.919730][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.972238][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   65.996623][  T158] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.999585][  T158] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.017923][   T54] Bluetooth: hci0: command tx timeout
[   66.023922][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.026792][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.082731][ T5842] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   66.085968][ T5842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   66.098018][   T54] Bluetooth: hci1: command tx timeout
[   66.142290][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.177347][   T54] Bluetooth: hci2: command tx timeout
[   66.195512][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.232424][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.240036][ T5834] veth0_vlan: entered promiscuous mode
[   66.260871][ T5834] veth1_vlan: entered promiscuous mode
[   66.311118][ T5838] veth0_vlan: entered promiscuous mode
[   66.315539][ T5842] veth0_vlan: entered promiscuous mode
[   66.329614][ T5838] veth1_vlan: entered promiscuous mode
[   66.335269][ T5842] veth1_vlan: entered promiscuous mode
[   66.353797][ T5834] veth0_macvtap: entered promiscuous mode
[   66.369605][ T5834] veth1_macvtap: entered promiscuous mode
[   66.396075][ T5842] veth0_macvtap: entered promiscuous mode
[   66.406521][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.420751][ T5838] veth0_macvtap: entered promiscuous mode
[   66.424567][ T5842] veth1_macvtap: entered promiscuous mode
[   66.436049][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.448552][ T5838] veth1_macvtap: entered promiscuous mode
[   66.455181][ T5834] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.461073][ T5834] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.464544][ T5834] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.469701][ T5834] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.488864][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.502778][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.509816][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.526150][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.533065][ T5842] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.536626][ T5842] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.541427][ T5842] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.545115][ T5842] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.555038][ T5838] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.563322][ T5838] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.567006][ T5838] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.574127][ T5838] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.656335][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.664523][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.711214][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.716273][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.726849][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.733903][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.774641][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.788988][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.789978][ T5834] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   66.810476][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.813911][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.835085][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.848599][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.340106][    C1] hrtimer: interrupt took 32130 ns
[   67.389957][ T5931] netlink: 825 bytes leftover after parsing attributes in process `syz.0.17'.
[   67.395240][ T5931] netlink: 130144 bytes leftover after parsing attributes in process `syz.0.17'.
[   67.416307][   T54] Bluetooth: hci1: unexpected subevent 0x01 length: 150 > 18
[   68.024523][ T5957] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.29'.
[   68.163221][ T5219] Bluetooth: hci0: command tx timeout
[   68.177436][ T5219] Bluetooth: hci1: command tx timeout
[   68.257349][ T5219] Bluetooth: hci2: command tx timeout
[   68.472728][ T5972] warning: `syz.0.37' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   68.783176][ T5983] netlink: 'syz.1.40': attribute type 33 has an invalid length.
[   68.786432][ T5983] netlink: 152 bytes leftover after parsing attributes in process `syz.1.40'.
[   69.935984][ T6013] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.179903][ T5219] Bluetooth: hci0: command tx timeout
[   70.257404][ T5219] Bluetooth: hci1: command tx timeout
[   70.338292][ T5219] Bluetooth: hci2: command tx timeout
[   70.782983][ T6055] netlink: 1 bytes leftover after parsing attributes in process `syz.0.72'.
[   71.108926][ T6071] syzkaller0: entered promiscuous mode
[   71.110847][ T6071] syzkaller0: entered allmulticast mode
[   71.141094][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[   71.144192][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[   71.969755][ T6133] netlink: 'syz.1.107': attribute type 3 has an invalid length.
[   71.973533][ T6133] netlink: 'syz.1.107': attribute type 2 has an invalid length.
[   71.978024][ T6133] netlink: 198000 bytes leftover after parsing attributes in process `syz.1.107'.
[   72.228293][ T6133] netlink: 'syz.1.107': attribute type 29 has an invalid length.
[   72.281510][ T5219] Bluetooth: hci0: command tx timeout
[   72.407297][ T5219] Bluetooth: hci1: command tx timeout
[   72.417834][ T5219] Bluetooth: hci2: command tx timeout
[   72.583978][ T6152] netlink: 60 bytes leftover after parsing attributes in process `syz.1.115'.
[   73.320438][ T6164] syz.2.121 uses obsolete (PF_INET,SOCK_PACKET)
[   73.373832][ T6171] netlink: 10 bytes leftover after parsing attributes in process `syz.2.123'.
[   73.683051][ T5219] Bluetooth: hci1: Malformed LE Event: 0x0d
[   74.324559][ T6195] netlink: 'syz.2.135': attribute type 5 has an invalid length.
[   74.417745][ T5219] Bluetooth: hci1: command tx timeout
[   74.536899][ T6206] netlink: 'syz.1.138': attribute type 10 has an invalid length.
[   74.553634][ T6206] netlink: 55 bytes leftover after parsing attributes in process `syz.1.138'.
[   74.663631][ T6213] netlink: 144 bytes leftover after parsing attributes in process `syz.2.143'.
[   77.259700][ T6264] can: request_module (can-proto-4) failed.
[   77.362113][ T6269] netlink: 809 bytes leftover after parsing attributes in process `syz.2.165'.
[   77.374415][ T6269] netlink: 130160 bytes leftover after parsing attributes in process `syz.2.165'.
[   77.543719][ T6282] netlink: 'syz.0.168': attribute type 11 has an invalid length.
[   77.548251][ T6282] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.168'.
[   77.623746][ T6282] netlink: 'syz.0.168': attribute type 21 has an invalid length.
[   77.626459][ T6282] netlink: 'syz.0.168': attribute type 11 has an invalid length.
[   77.639786][ T6277] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   78.353220][ T6296] netlink: 'syz.1.176': attribute type 29 has an invalid length.
[   78.356687][ T6296] netlink: 'syz.1.176': attribute type 3 has an invalid length.
[   78.365703][ T6296] netlink: 132 bytes leftover after parsing attributes in process `syz.1.176'.
[   78.468871][ T6300] netlink: 132 bytes leftover after parsing attributes in process `syz.1.177'.
[   79.191790][ T6328] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.189'.
[   79.341719][ T6330] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.190'.
[   79.708953][ T6354] netlink: 60 bytes leftover after parsing attributes in process `syz.2.199'.
[   79.718314][ T6350] netlink: 60 bytes leftover after parsing attributes in process `syz.2.199'.
[   79.725546][ T6356] netlink: 'syz.1.203': attribute type 21 has an invalid length.
[   79.729174][ T6354] netlink: 60 bytes leftover after parsing attributes in process `syz.2.199'.
[   79.734105][ T6356] netlink: 128 bytes leftover after parsing attributes in process `syz.1.203'.
[   79.734910][ T6358] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.202'.
[   79.743773][ T6356] netlink: 'syz.1.203': attribute type 4 has an invalid length.
[   79.746860][ T6356] netlink: 'syz.1.203': attribute type 3 has an invalid length.
[   79.775930][ T6356] netlink: 3 bytes leftover after parsing attributes in process `syz.1.203'.
[   80.636893][    C0] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 1059678793 wd_nsec: 1059678830
[   81.028742][ T6393] netlink: 'syz.2.219': attribute type 21 has an invalid length.
[   81.032223][ T6393] netlink: 'syz.2.219': attribute type 11 has an invalid length.
[   81.353930][ T6405] netlink: 'syz.1.224': attribute type 21 has an invalid length.
[   81.403718][ T6407] Zero length message leads to an empty skb
[   82.039465][ T6430] netlink: 'syz.2.236': attribute type 6 has an invalid length.
[   82.043000][ T6430] netlink: 'syz.2.236': attribute type 7 has an invalid length.
[   82.046317][ T6430] netlink: 'syz.2.236': attribute type 7 has an invalid length.
[   82.149365][ T6438] netlink: 'syz.2.240': attribute type 29 has an invalid length.
[   82.940429][ T6503] netlink: zone id is out of range
[   82.942685][ T6503] netlink: zone id is out of range
[   82.944926][ T6503] netlink: zone id is out of range
[   82.948107][ T6503] netlink: zone id is out of range
[   82.951546][ T6503] netlink: zone id is out of range
[   82.954133][ T6503] netlink: zone id is out of range
[   82.957078][ T6503] netlink: zone id is out of range
[   82.961133][ T6503] netlink: zone id is out of range
[   83.017216][ T6503] netlink: zone id is out of range
[   83.019541][ T6503] netlink: zone id is out of range
[   83.050334][ T6510] ------------[ cut here ]------------
[   83.052072][ T6510] verifier bug: error during ctx access conversion(1)
[   83.054657][ T6510] WARNING: CPU: 0 PID: 6510 at kernel/bpf/verifier.c:21409 bpf_check+0x1b6ec/0x1d2e0
[   83.058690][ T6510] Modules linked in:
[   83.061156][ T6510] CPU: 0 UID: 0 PID: 6510 Comm: syz.1.274 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   83.066759][ T6510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   83.071222][ T6510] RIP: 0010:bpf_check+0x1b6ec/0x1d2e0
[   83.073694][ T6510] Code: 8b e8 88 9b af ff 90 0f 0b 90 90 e9 6b 60 ff ff e8 29 ae eb ff c6 05 c0 52 b7 0d 01 90 48 c7 c7 20 01 92 8b e8 65 9b af ff 90 <0f> 0b 90 90 e9 b5 bd ff ff e8 06 ae eb ff c6 05 a2 52 b7 0d 01 90
[   83.081905][ T6510] RSP: 0018:ffffc90007aff600 EFLAGS: 00010246
[   83.084709][ T6510] RAX: 75414d7ba79fb500 RBX: 0000000000000000 RCX: 0000000000080000
[   83.088840][ T6510] RDX: ffffc90006001000 RSI: 00000000000024fe RDI: 00000000000024ff
[   83.092600][ T6510] RBP: ffffc90007affb50 R08: ffff88804b024293 R09: 1ffff11009604852
[   83.096051][ T6510] R10: dffffc0000000000 R11: ffffed1009604853 R12: ffffc900080a3052
[   83.099661][ T6510] R13: dffffc0000000000 R14: ffff88802b0c8000 R15: 0000000000000004
[   83.103579][ T6510] FS:  00007f3b7d21f6c0(0000) GS:ffff8880b861f000(0000) knlGS:0000000000000000
[   83.107620][ T6510] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   83.110371][ T6510] CR2: 000020000000cf3d CR3: 0000000033c86000 CR4: 00000000000006f0
[   83.113727][ T6510] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   83.117452][ T6510] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   83.121360][ T6510] Call Trace:
[   83.122908][ T6510]  <TASK>
[   83.124215][ T6510]  ? is_bpf_text_address+0x26/0x2b0
[   83.126463][ T6510]  ? __pfx_flow_dissector_convert_ctx_access+0x10/0x10
[   83.129580][ T6510]  ? __pfx_bpf_check+0x10/0x10
[   83.131722][ T6510]  ? ktime_get_with_offset+0x8c/0x2a0
[   83.134385][ T6510]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[   83.137475][ T6510]  ? ktime_get_with_offset+0x8c/0x2a0
[   83.139989][ T6510]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   83.142824][ T6510]  ? __asan_memset+0x22/0x50
[   83.144839][ T6510]  ? bpf_obj_name_cpy+0x194/0x1e0
[   83.147007][ T6510]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[   83.149834][ T6510]  ? security_bpf_prog_load+0x7f/0x310
[   83.152756][ T6510]  bpf_prog_load+0x1318/0x1930
[   83.154828][ T6510]  ? __pfx_bpf_prog_load+0x10/0x10
[   83.156923][ T6510]  ? bpf_lsm_bpf+0x9/0x20
[   83.158876][ T6510]  ? security_bpf+0x7e/0x300
[   83.160901][ T6510]  __sys_bpf+0x528/0x870
[   83.162762][ T6510]  ? __pfx___sys_bpf+0x10/0x10
[   83.164916][ T6510]  ? exc_page_fault+0x76/0xf0
[   83.167310][ T6510]  __x64_sys_bpf+0x7c/0x90
[   83.169399][ T6510]  do_syscall_64+0xfa/0x3b0
[   83.171485][ T6510]  ? lockdep_hardirqs_on+0x9c/0x150
[   83.173715][ T6510]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.176344][ T6510]  ? exc_page_fault+0x9f/0xf0
[   83.178607][ T6510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.181391][ T6510] RIP: 0033:0x7f3b7c38e9a9
[   83.183468][ T6510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.192372][ T6510] RSP: 002b:00007f3b7d21f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   83.195938][ T6510] RAX: ffffffffffffffda RBX: 00007f3b7c5b5fa0 RCX: 00007f3b7c38e9a9
[   83.199198][ T6510] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005
[   83.202714][ T6510] RBP: 00007f3b7c410d69 R08: 0000000000000000 R09: 0000000000000000
[   83.206427][ T6510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.209927][ T6510] R13: 0000000000000001 R14: 00007f3b7c5b5fa0 R15: 00007ffc0d944978
[   83.213294][ T6510]  </TASK>
[   83.214688][ T6510] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   83.218049][ T6510] CPU: 0 UID: 0 PID: 6510 Comm: syz.1.274 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   83.223210][ T6510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   83.227414][ T6510] Call Trace:
[   83.228862][ T6510]  <TASK>
[   83.230222][ T6510]  dump_stack_lvl+0x99/0x250
[   83.232312][ T6510]  ? __asan_memcpy+0x40/0x70
[   83.234344][ T6510]  ? __pfx_dump_stack_lvl+0x10/0x10
[   83.236537][ T6510]  ? __pfx__printk+0x10/0x10
[   83.238278][ T6510]  panic+0x2db/0x790
[   83.239721][ T6510]  ? __pfx_panic+0x10/0x10
[   83.241301][ T6510]  ? show_trace_log_lvl+0x4fb/0x550
[   83.243359][ T6510]  __warn+0x31b/0x4b0
[   83.244981][ T6510]  ? bpf_check+0x1b6ec/0x1d2e0
[   83.247047][ T6510]  ? bpf_check+0x1b6ec/0x1d2e0
[   83.249113][ T6510]  report_bug+0x2be/0x4f0
[   83.251050][ T6510]  ? bpf_check+0x1b6ec/0x1d2e0
[   83.253210][ T6510]  ? bpf_check+0x1b6ec/0x1d2e0
[   83.255332][ T6510]  ? bpf_check+0x1b6ee/0x1d2e0
[   83.257402][ T6510]  handle_bug+0x84/0x160
[   83.259216][ T6510]  exc_invalid_op+0x1a/0x50
[   83.261179][ T6510]  asm_exc_invalid_op+0x1a/0x20
[   83.263386][ T6510] RIP: 0010:bpf_check+0x1b6ec/0x1d2e0
[   83.265921][ T6510] Code: 8b e8 88 9b af ff 90 0f 0b 90 90 e9 6b 60 ff ff e8 29 ae eb ff c6 05 c0 52 b7 0d 01 90 48 c7 c7 20 01 92 8b e8 65 9b af ff 90 <0f> 0b 90 90 e9 b5 bd ff ff e8 06 ae eb ff c6 05 a2 52 b7 0d 01 90
[   83.272998][ T6510] RSP: 0018:ffffc90007aff600 EFLAGS: 00010246
[   83.274986][ T6510] RAX: 75414d7ba79fb500 RBX: 0000000000000000 RCX: 0000000000080000
[   83.277530][ T6510] RDX: ffffc90006001000 RSI: 00000000000024fe RDI: 00000000000024ff
[   83.280190][ T6510] RBP: ffffc90007affb50 R08: ffff88804b024293 R09: 1ffff11009604852
[   83.283127][ T6510] R10: dffffc0000000000 R11: ffffed1009604853 R12: ffffc900080a3052
[   83.286569][ T6510] R13: dffffc0000000000 R14: ffff88802b0c8000 R15: 0000000000000004
[   83.289903][ T6510]  ? is_bpf_text_address+0x26/0x2b0
[   83.292091][ T6510]  ? __pfx_flow_dissector_convert_ctx_access+0x10/0x10
[   83.295037][ T6510]  ? __pfx_bpf_check+0x10/0x10
[   83.297208][ T6510]  ? ktime_get_with_offset+0x8c/0x2a0
[   83.299663][ T6510]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[   83.302215][ T6510]  ? ktime_get_with_offset+0x8c/0x2a0
[   83.304316][ T6510]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   83.307057][ T6510]  ? __asan_memset+0x22/0x50
[   83.309131][ T6510]  ? bpf_obj_name_cpy+0x194/0x1e0
[   83.311454][ T6510]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[   83.313606][ T6510]  ? security_bpf_prog_load+0x7f/0x310
[   83.315889][ T6510]  bpf_prog_load+0x1318/0x1930
[   83.317939][ T6510]  ? __pfx_bpf_prog_load+0x10/0x10
[   83.320203][ T6510]  ? bpf_lsm_bpf+0x9/0x20
[   83.322237][ T6510]  ? security_bpf+0x7e/0x300
[   83.324636][ T6510]  __sys_bpf+0x528/0x870
[   83.326611][ T6510]  ? __pfx___sys_bpf+0x10/0x10
[   83.328672][ T6510]  ? exc_page_fault+0x76/0xf0
[   83.330705][ T6510]  __x64_sys_bpf+0x7c/0x90
[   83.332596][ T6510]  do_syscall_64+0xfa/0x3b0
[   83.334518][ T6510]  ? lockdep_hardirqs_on+0x9c/0x150
[   83.336714][ T6510]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.339426][ T6510]  ? exc_page_fault+0x9f/0xf0
[   83.341653][ T6510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.344312][ T6510] RIP: 0033:0x7f3b7c38e9a9
[   83.346171][ T6510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.354212][ T6510] RSP: 002b:00007f3b7d21f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   83.358328][ T6510] RAX: ffffffffffffffda RBX: 00007f3b7c5b5fa0 RCX: 00007f3b7c38e9a9
[   83.362148][ T6510] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005
[   83.365500][ T6510] RBP: 00007f3b7c410d69 R08: 0000000000000000 R09: 0000000000000000
[   83.368879][ T6510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.372216][ T6510] R13: 0000000000000001 R14: 00007f3b7c5b5fa0 R15: 00007ffc0d944978
[   83.375803][ T6510]  </TASK>
[   83.378093][ T6510] Kernel Offset: disabled
[   83.380116][ T6510] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:56:21  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff81a25aeb RBX=fffffffffffe9578 RCX=ffff88802483b980 RDX=0000000000000002
RSI=fffffffffffe9578 RDI=0000000000000001 RBP=ffffc90007afed20 RSP=ffffc90007afeb98
R8 =ffff88802483b980 R9 =0000000000000003 R10=00000000ffffffff R11=0000000000000002
R12=dffffc0000000000 R13=ffffffff8e0570e0 R14=0000000000000002 R15=ffffc90007afed30
RIP=ffffffff81c02901 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3b7d21f6c0 ffffffff 00c00000
GS =0000 ffff8880b861f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000020000000cf3d CR3=0000000033c86000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f3b7c586478 00007f3b7c586450 XMM03=00007f3b7c586488 00007f3b7c586480
XMM04=00007f3b7d0ed100 00007f3b7c586440 XMM05=00007f3b7c586458 00007f3b7c5864a0
XMM06=00007f3b7c586498 00007f3b7c586490 XMM07=00007f3b7c586488 00007f3b7c586480
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f3b7c411ec1
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=c6ee13027eb55f00 RBX=ffffffff822b4b56 RCX=c6ee13027eb55f00 RDX=0000000000000000
RSI=ffffffff8db8655b RDI=ffffffff8be29f40 RBP=0000000000000188 RSP=ffffc90007c9f6a0
R8 =0000000000000000 R9 =ffffffff822b4b56 R10=dffffc0000000000 R11=ffffed1022c7cf71
R12=dffffc0000000000 R13=ffff88813663b540 R14=ffff88813663b570 R15=1ffff11026cc76ae
RIP=ffffffff822b4b71 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f1be365b6c0 ffffffff 00c00000
GS =0000 ffff8881a3c1f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f82ac9802d8 CR3=000000000df38000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000000 0000000000000000
XMM02=00005555730f6de3 00005555730f6d10 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00005555730ed4a0 XMM05=00005555730f3e19 00005555730f3c80
XMM06=0000000000000000 0000000000000000 XMM07=ffffffff0422c003 02100022b00303b0
XMM08=1000049003000000 0000000000000197 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
