last executing test programs:

10.482955866s ago: executing program 3 (id=4652):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x5, 0xfd, 0x0, 0x5d2e, 0xa582, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x0, 0x100400, 0x0, 0xfffffffffffffffe}, 0x0, 0x6, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="180000fedfffffffffffff00000007ea672881563ac5b8770589b8eb0916fd142f90b7861e03bd04df9a35386513b597c91333f5071b7c5107521eddb005131a17209bb74b34f524584c73eed9d641bf480cad22f7c53876e44435bd671831cd2d81bfb170dc4959469f95cc00"/128], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x2, 0x3, 0x106)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000140)={0xffffffffffffffff, r1})
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r2], 0x48)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r3)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r6 = socket$kcm(0xa, 0x1, 0x0)
r7 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r6, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
sendmsg(r6, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="a6", 0xffffff58}], 0x1}, 0x40001)
close(0x3)
close(0x4)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r9, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x4)

9.952322545s ago: executing program 3 (id=4655):
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x4111, 0x200000000000004, 0x0, 0x7, 0x8000000000000000, 0x0, 0x1}, 0x0, 0xf, 0xffffffffffffffff, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x800000, 0x4}, 0x48) (fail_nth: 13)

9.904994143s ago: executing program 3 (id=4657):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000680)=ANY=[@ANYBLOB="05000000000000000000000000000000850000006100000018110000e54566a0f7d3a517aa31eed2e030b203e0053d210243ad288ec166ab1ea1f4c79c83fd27ca5c834d2df666804e46fd6ef579e53f6d44e4df1f103549aede35e920", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095", @ANYRESHEX, @ANYRES32=r0], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x32, 0x0, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={&(0x7f0000000240), 0xd}, 0x380, 0xcdd, 0x1, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x2, 0x1, &(0x7f0000000580)=ANY=[@ANYBLOB="85fbc3f60e00800007000042"], &(0x7f00000001c0)='syzkaller\x00', 0x1200, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2a}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000000)='^+,!z,-\x00')
socket$kcm(0x2, 0x200000000000001, 0x106)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_lsm={0x1d, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x1a, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffff24}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba", 0x29}], 0x1, 0x0, 0x0, 0xc9e}, 0x80)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="e03f03002a000b27c105d25a806c8c6f94f90424fc6004", 0x17}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe35, 0x0, 0x0, 0x0}, 0xffffffffffffff88)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r3, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000240)}, 0x20044800)
socketpair(0xa, 0x3, 0xff, &(0x7f0000000000))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, &(0x7f0000000580)="7b8666ec39e7fedd46412a4c802e4807c5a3c5ead09ff29d413e8b0000000000000000000000000000676e88f14c72e9c070997334c2adf29cfe6a0d85677acab81eb6ab256258685e3ec00a16ad162c6dd107334ef9385288c7491d3a759341", 0x0}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x2}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x200400, 0x0)
perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2000000000000, 0x30084, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0xf6}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000a40), 0x0, 0x0)
close(r7)

6.512415431s ago: executing program 2 (id=4678):
socket$kcm(0x2, 0x200000000000001, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x2000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0xa, 0x2, 0x73)
close(0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000100081044e81f782db44b904021d08000b000000e8fe55a1180015000600142603600e1209000d00e803c9", 0x2f}], 0x1}, 0x40001)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfe33)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000003c0), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000001000850000002200000085"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001980)=ANY=[@ANYBLOB="b702000000000090bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af20fd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f01000000010000006e7dac1aba4b33dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b98d2de10c21d3ea02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d000000200008000000000000001abc11c800000000000000000000000928ee53595a779d243a48cea769470424d20a04c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e6d8e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb44b4f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e495f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e4a48dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde05c10809c9edfa6d77c652fd742e6dad13d2a397bebe3ea8bc087d3720e2202f36c7719ae34f042e19dc08a3323a3d94098a7ec171469352bab1662c3e4d4803c565cfcce32dad628fade43a4844abb230ce608726fd87e93c405a96cf638c41510f26e9da5f3167f1595ece2f4b79fcc59c32ec9eb70267848da14dc91f13fdcd07b61b7bd0450e7899efc3d99a1993f78cb650f1eaaee7647be7ec71a75d511b47e1d36ee74bafbb2a8fa8d13b5ba0b93f914f5d0d5d1fb60774816ec207ced0ddfbc784ac8aa06d58b7a05b1d81488c833a1d48e57121175b5290e7f"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000240)={0x0, 0x1}, 0x10}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d800001e140081044e81f782db44b9040220080207000000040000a118000200e000000100000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843c8802033d0803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="d8000000180081064e81f782db4cb904021d0800fd027c05e8fe55a10a000b000140020203600e41b0000900ac0006031100000016000500000000000004015c3b61c1d67f6f94007134cf6efb8000a007", 0x51}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xa8}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x7}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x144, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="5eaa000000000000611067000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000b000000000000000000000009020000000000"], 0x0, 0x3e}, 0x20)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r4)
socket$kcm(0x10, 0x2, 0x10)
ioctl$SIOCSIFHWADDR(r4, 0x8b05, &(0x7f0000000000)={'wlan1\x00', @broadcast})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000010c0)={r4, 0x20, &(0x7f00000003c0)={0x0, 0x5b, <r5=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=r5, 0x4)

6.132317404s ago: executing program 1 (id=4680):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="06006400f98900006911b90000000000851000000200000085000000ed004eb11061f692622f0e0000950000000051ad7c0000000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000007c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000800)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000400000004000e1ff95000000000000002ba76bb33123751c4e3409e62751ee00ba19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d046837d907b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca315f5b87e1ca6433a8acd715f5888b2007f0000000000000000010089937090c34410000000000000090000000000414027efc842b6d6f800005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdce57a79d6fce424c22001f6c3784a1975fa657d05003a32a4fd67ce446ac5430207db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bd2b5543ffc16695572361629d1022f722ec23812b70d72cd0010000007881bfa35b9fd6864e90ddb31f75f6324989cdc7044f563a1f74d4efe895fdbc463f747c08f40105869035000000000003000000000000000000000000000000000000080000003ddf4aa4b1c8b8a0ae6feb6737c275dc2740f742b5425f1d5819610608bbab35471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f15b8ee25a2a5ccf4a9b603c88e12ff25184d4e3c2f7f623559435b2c505fb7113400000f0bc440550ee91302f5a00000000000000000000000000000000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7a92a557ac2b44b8f7a49789906d922b3e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696abaa042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb328790700000021e041254f06bd7f000000000000000000000000000000282ffe000000000000000431e8e3204a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dfdb3d1179b4b9fccd0cd5b7578802c66f5dbf22ad0bd03cbe0fecd096bcf419d35988948d1cd4c51c406040000000090a3bc3cbc08255975f3cee08dab765d8a4ef870aaae3f81ed6364837171ce5564f3cf6feba1b6745409000000000000003459263499fae97e7dcb30e4cff009e0f4f78c155c4ab19b878fcb4cc14b8d2823643a17120418f42b42ed879cb23e6d4e0d11db988d0bc46de02702d29243b72215d5563bdae8c2ccda4498687cd50f3a9058f61d52d70aabccb18d41d75788faf60ce9be97c13e4252d9d112d9ac47368829f8a29eca17de807c840293dd387eee13fdecf3d5a334350f045a22b9adb0539d44d58a00fb9e83ebf4fea36b87e2afdf63f7abf5caf2b01317a5f65f22c8bcf36b390dece1e98541ae932ec3486f74c1eea673c1647568acb17efcef24a9c3504dfa7c7eefe3dcb8d570a730a0837839f54527ce334b8173e7bf73bcd8d80ef294fde6549a0f1a23b78b41f79ea543d2b38b80d3d28c6c93901b763fc8b88794aa74facc345e28f0ad79de4df5afd52e7dfc387e4d2ca4d5caca74754987dbbd4d64e233b4a1d81a9aeb981734ca5416cacf516ca8384d85310f24d393fd48c668465546117377547d11a61bd2bd9e35fa0da5118554a1d93147b103a51baf94aeb1b6292038300423344e6add2226ba5f6724a08567ef515898f0f7dfd3fc198092af3265c5df377a66bbde4fa4a049692e06ee5022c58290bdc37eeb16f4e099e33679044ba21898f76c982c8203663f1adb7bbb42ed8d9b0bb8bd9255e342959b822fa8b3d08b29f2201dfe3a3c5c8bf8bc82f249e7eb9f8571823d730fdc78c6b3122a3fd9209dcae70c10c7b17e83dd759a52fe5c362358dbb780a52f540000000000000000000011230e1d6f9fd3315ada8ecee55fc0ec6ec0ec950c0ad006a06a162035d5729795c4a58b59f9a252723480b08ae9bd52c176380a42b972a3400b5d28b273e60000007cac9d35a991c27e23ce5217fec9ce89ea2dea8ddb383e53cdd077e7c2d73404b7450664f70225897307d8a140ba97bfc2232dccdb1dd0496c219315c02f2ef46f30add1aa13e52d67116328c3a5ee3356eadea07abe8506767771d68e760f8c623fb64865a942acc4912dcd1fa5d729cb45c15577bbb8b08a705efeaf09dd6aadeb8d61501e4fd9c9b1ac845a2138cbde58a04589888c0e528a5134e1dfa8b3f6d8a76517df589cae1019a3bc280e99fb661271357dbbd7e9c42d3fe45efaaa00"/1810], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x35}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000240)=r2, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000001c0)="d8000000100081044e81f782db44b904021d080006000000e8fe55a1180015000600142603600e120a000d85c8af0401a80016000a003a40f8ff07000000000007b2984ec69559ffbcaa76e2631f77c05f0003003a00004dcf5c0461c1a1b36f94007134cf6ee08000a0e408e8d8e752a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025cc049e00360db70100000040fad95667e006dcdf6395", 0xc2}], 0x1}, 0x4000800)
write$cgroup_subtree(r1, &(0x7f0000000280)=ANY=[], 0x9)
r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x10000}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000040000000c"], 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$cgroup(r3, &(0x7f0000000240)='syz0\x00', 0x200002, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r9, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf37c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open$cgroup(&(0x7f0000000180)={0x4, 0x80, 0xb, 0x1, 0x5, 0x7, 0x0, 0x7fff, 0x8000, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x96, 0x80000000, 0x7891ca44, 0x6, 0x3, 0x0, 0x5, 0x0, 0x3bd8, 0x0, 0x10000}, r7, 0xb, r3, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89a2, &(0x7f0000000040)={'bridge0\x00', @random="1400"})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x60}, 0x94)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007"], 0x0, 0x5}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa0677"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r10, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000900))
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000001", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x2000000000000196, &(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, 0x0, r3}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r6}, 0xc)
r11 = socket$kcm(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r11, 0x29, 0x41, 0x0, 0x0)

2.440352162s ago: executing program 3 (id=4662):
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f00000010c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000480)='\\', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000180)="84", 0x1}], 0x1}, 0x8040)
close(r4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000040)=r6, 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000840)={@fallback=r6, r2, 0x0, 0x1, 0xffffffffffffffff, @void, @value=r5}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@map, r1, 0xa, 0x2028}, 0x20)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r5, 0x4008240b, &(0x7f00000001c0)={0x4, 0x80, 0xf9, 0x3, 0x0, 0x0, 0x0, 0x62af, 0x62f02, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x800, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x110, 0xfffffffffffffff0, 0x4b2, 0x5, 0x1000, 0x5, 0x88cc, 0x0, 0x0, 0x0, 0x8000000000000001})
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0, 0xc9e}, 0x8000)
setsockopt$sock_attach_bpf(r0, 0x84, 0x24, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0x1, <r8=>0xffffffffffffffff}, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r8, 0x58, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="030000000400000004000000b5"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r11, 0x0, 0xe, 0x0, &(0x7f0000000180)="c1dfb080cd21d308098ee68886dd", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
r13 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x6, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r13, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e50200"/32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_ext={0x1c, 0xe, &(0x7f0000000040)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffff8}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], &(0x7f00000000c0)='GPL\x00', 0x74fb, 0x0, 0x0, 0x41000, 0x4, '\x00', r9, 0x0, r12, 0x8, &(0x7f0000000200)={0x1, 0x3}, 0x8, 0x10, 0x0, 0x0, 0xa27e, r14, 0x5, 0x0, &(0x7f0000000240)=[{0x3, 0x3, 0x1, 0xb}, {0x3, 0x5, 0x10, 0x7}, {0x5, 0x5, 0x1}, {0x0, 0x3, 0x8, 0xa}, {0x0, 0x4, 0xf, 0x9}], 0x10, 0x9}, 0x94)

2.438818472s ago: executing program 0 (id=4688):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000420000000600000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0c00000004000000040000000180000000000000", @ANYRES32=r0], 0x50)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x33fe0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0x1b, 0x4, 0x0, 0x7, 0x18000, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x2}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x40000100)
r5 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/29], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003d000b08d25a80648c7494f90224fc60580002400c000400030082c137153e3719ac018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1, 0x100005, 0x5, 0x5, 0x1}, 0x50)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000040)={0x0, 0xfeff, &(0x7f0000000180)=[{&(0x7f0000000b40)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08021a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4803f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1}, 0x38)

2.437698212s ago: executing program 1 (id=4689):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xa7, 0x1, 0x0, 0x0, 0x0, 0x7, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbbb, 0x2, @perf_config_ext={0x5, 0xe7}, 0x0, 0x80000000000032, 0xfff, 0x3, 0xd, 0x3, 0x2, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x3d, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x11}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)

2.435300983s ago: executing program 2 (id=4690):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x1, 0x640a9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_config_ext={0x40, 0x3fff8000}, 0x200, 0x7, 0x43a1bd76, 0x0, 0x9, 0x5, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1007f}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x53, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f90724fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x8, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff274, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0xb, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x11, 0xa, 0x300)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f00000004c0)={0x0, 0xfffffffffffffee8, &(0x7f0000000100), 0x1}, 0x2142)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee0000"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f00000002c0), 0x4)
sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2663}, 0x0)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={r4, 0x20, &(0x7f0000000840)={&(0x7f0000000740)=""/75, 0x4b, <r9=>0x0, &(0x7f00000007c0)=""/127, 0x7f}}, 0x10)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x17, 0x6, 0x3000, 0x8, 0x1100, 0x1, 0xf78, '\x00', 0x0, r4, 0x0, 0x1, 0x2}, 0x50)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@bloom_filter={0x1e, 0x1, 0x80000000, 0x430, 0x800, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0xc}, 0x50)
r12 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x401, '\x00', 0x0, 0xffffffffffffffff, 0x6741ceea, 0x0, 0x5}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000ac0)=@bpf_lsm={0x1d, 0x14, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xff}, {}, {}, [@ringbuf_query, @generic={0xe, 0xd, 0x3, 0x5, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000400)='syzkaller\x00', 0xfffffff8, 0x50, &(0x7f0000000580)=""/80, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r4, 0x8, &(0x7f00000006c0)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000700)={0x4, 0xd, 0x9bb, 0x1}, 0x10, r9, 0x0, 0x2, &(0x7f0000000a40)=[0xffffffffffffffff, r10, r11, r12], &(0x7f0000000a80)=[{0x2, 0x2, 0xd, 0xa}, {0x3, 0x5, 0x1, 0xa}]}, 0x94)

1.470877604s ago: executing program 3 (id=4681):
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f00000010c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000480)='\\', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000180)="84", 0x1}], 0x1}, 0x8040)
close(r4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000040)=r6, 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000840)={@fallback=r6, r2, 0x0, 0x1, 0xffffffffffffffff, @void, @value=r5}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@map, r1, 0xa, 0x2028}, 0x20)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r5, 0x4008240b, &(0x7f00000001c0)={0x4, 0x80, 0xf9, 0x3, 0x0, 0x0, 0x0, 0x62af, 0x62f02, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x800, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x110, 0xfffffffffffffff0, 0x4b2, 0x5, 0x1000, 0x5, 0x88cc, 0x0, 0x0, 0x0, 0x8000000000000001})
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0, 0xc9e}, 0x8000)
setsockopt$sock_attach_bpf(r0, 0x84, 0x24, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0x1, <r8=>0xffffffffffffffff}, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r8, 0x58, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="030000000400000004000000b5"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r11, 0x0, 0xe, 0x0, &(0x7f0000000180)="c1dfb080cd21d308098ee68886dd", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
r13 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x6, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r13, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e50200"/32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_ext={0x1c, 0xe, &(0x7f0000000040)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffff8}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], &(0x7f00000000c0)='GPL\x00', 0x74fb, 0x0, 0x0, 0x41000, 0x4, '\x00', r9, 0x0, r12, 0x8, &(0x7f0000000200)={0x1, 0x3}, 0x8, 0x10, 0x0, 0x0, 0xa27e, r14, 0x5, 0x0, &(0x7f0000000240)=[{0x3, 0x3, 0x1, 0xb}, {0x3, 0x5, 0x10, 0x7}, {0x5, 0x5, 0x1}, {0x0, 0x3, 0x8, 0xa}, {0x0, 0x4, 0xf, 0x9}], 0x10, 0x9}, 0x94)

1.469903354s ago: executing program 0 (id=4692):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0xe, 0x4, 0x0, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
socket$kcm(0xa, 0x3, 0x3a)
r0 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000a, 0x954b, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_bp={0x0, 0xb}, 0xbafa, 0xff, 0x98, 0x0, 0x200, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x23}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x12100, 0xc8, 0x2, 0x8, 0x0, 0x10001, 0xa, 0x0, 0x800}, 0x0, 0x5, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033a00fe08000e40000200875a6596b75ee3a4ff0200000000000000000001ffaaaaaa"], 0xfdef)

1.469015194s ago: executing program 1 (id=4682):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0xcb72, 0x10, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85a, 0x0, @perf_config_ext={0x8a15, 0x5}, 0x411, 0x1, 0xb, 0x5, 0xe4c2, 0x1, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x6)
r0 = socket$kcm(0x2, 0x5, 0x84)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000017000b63d25a80648c2594", 0xf}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x2000000000000216, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0xb, &(0x7f0000000000), 0xe)
sendmsg$inet(r0, &(0x7f0000000ac0)={&(0x7f00000001c0)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000000940)=[{&(0x7f0000001880)="04", 0x1}], 0x1}, 0x8054) (fail_nth: 40)

1.467921755s ago: executing program 2 (id=4683):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7a, 0x7a, 0x7, [@union={0x1, 0x5, 0x0, 0x5, 0x0, 0xfffff514, [{0x10, 0x0, 0x10001}, {0xa, 0x3, 0x7}, {0xf, 0x1, 0x47af}, {0xf, 0x5, 0x4a4}, {0xe, 0x1, 0x2}]}, @volatile={0xf, 0x0, 0x0, 0x9, 0x1}, @datasec={0x8, 0x0, 0x0, 0xf, 0x2, [], "4bbc"}, @enum={0x3}, @float={0x7, 0x0, 0x0, 0x10, 0x4}]}, {0x0, [0x30, 0x5f, 0x2e, 0x5f, 0x2e]}}, &(0x7f00000000c0)=""/173, 0x9b, 0xad, 0x0, 0xf98f}, 0x28)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000280)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x5, 0x6, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xf2, &(0x7f0000000340)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0xd5, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000600)=@generic={&(0x7f00000005c0)='./file0\x00', 0x0, 0x10}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xf, 0x8, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf84, 0x0, 0x0, 0x0, 0x9}, [@cb_func={0x18, 0xa, 0x4, 0x0, 0x1}, @exit, @map_idx={0x18, 0x3, 0x5, 0x0, 0xe}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x29, &(0x7f0000000240)=""/41, 0x41100, 0x4, '\x00', r1, @fallback=0x2a, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000580)={0x5, 0x10, 0x3, 0x8}, 0x10, 0xffffffffffffffff, r2, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)=r3}, 0x20)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000800)=@o_path={&(0x7f00000007c0)='./file0\x00', 0x0, 0x2fa4e8dc16b07ed6, r0}, 0x18)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0x58, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a40)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x401, '\x00', r1, r0, 0x5, 0x4, 0x4}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b40)={{0xffffffffffffffff, <r8=>0xffffffffffffffff}, &(0x7f0000000ac0), &(0x7f0000000b00)=r3}, 0x20)
r9 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000bc0)=@generic={&(0x7f0000000b80)='./file0\x00', 0x0, 0x10}, 0x18)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c00)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', r1, 0xffffffffffffffff, 0x1, 0x1}, 0x50)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c80)={0x1b, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x3, 0x3, 0x1}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{0x1, <r12=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000dc0)={0x1b, 0x0, 0x0, 0x3, 0x0, r3, 0x3, '\x00', r1, r0, 0x1, 0x0, 0x4}, 0x50)
r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e40)={0x1b, 0x0, 0x0, 0x1, 0x0, 0x1, 0xd6, '\x00', r1, 0xffffffffffffffff, 0x5, 0x3, 0x1}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f40)={0x18, 0x19, &(0x7f0000000840)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6}, {}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x3}, @map_fd={0x18, 0x5, 0x1, 0x0, r5}, @generic={0x9, 0x1, 0x4, 0x8c, 0xb88}, @jmp={0x5, 0x1, 0x6, 0x3, 0x4, 0x50, 0x10}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000940)='GPL\x00', 0x8001, 0x0, 0x0, 0x41100, 0x31, '\x00', r6, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000ec0)=[r7, r8, r9, 0x1, r10, r11, r12, r13, r14], &(0x7f0000000f00)=[{0x2, 0x3, 0x6, 0xb}, {0x4, 0x4, 0x6, 0x4}, {0x2, 0x3, 0x10, 0x5}], 0x10, 0x1}, 0x94)
r15 = bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@base={0x8, 0x9, 0x5, 0x2, 0x1000, 0x1, 0x7fffffff, '\x00', r1, r0, 0x3, 0x1, 0x5}, 0x50)
r16 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001280)={0xffffffffffffffff, 0x2}, 0xc)
r17 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x1c, 0x6, &(0x7f0000001000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1000}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}]}, &(0x7f0000001040)='syzkaller\x00', 0x57, 0xdc, &(0x7f0000001080)=""/220, 0x40f00, 0x0, '\x00', r1, @fallback=0x26, r0, 0x8, &(0x7f0000001180)={0x0, 0x4}, 0x8, 0x10, &(0x7f00000011c0)={0x0, 0x2, 0xb, 0xffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000012c0)=[r4, r15, r8, r16], 0x0, 0x10, 0xc7a}, 0x94)
r18 = bpf$ITER_CREATE(0x21, &(0x7f00000013c0), 0x8)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000001400)={'ip6gretap0\x00', 0xe00})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001440)={0x1b, 0x0, 0x0, 0xffff, 0x0, r10, 0x0, '\x00', r1, r13, 0x3, 0x4, 0x1}, 0x50)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r18, 0x4008240b, &(0x7f0000001500)={0x1, 0x80, 0x8b, 0x0, 0xe, 0x8, 0x0, 0xff, 0x400c0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f00000014c0), 0xd}, 0x80, 0xfffffffffffffffc, 0x200, 0x4, 0x6, 0x40, 0x3, 0x0, 0x746, 0x0, 0x3})
socket$kcm(0x29, 0x4, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001740)={r16, 0x58, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r19=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000018c0)={0x9, 0x1e, &(0x7f0000001580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x566, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@btf_id={0x18, 0x6, 0x3, 0x0, 0x4}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r18}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001680)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x5, '\x00', r19, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000001780)={0x9, 0x2}, 0x8, 0x10, &(0x7f00000017c0)={0x2, 0x6, 0x7, 0xfe}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000001800)=[r12, r8, r10, r13, r14, r4, r18, r17], &(0x7f0000001840)=[{0x1, 0x4, 0xb, 0x1}, {0x1, 0x2, 0x5, 0x5}, {0x4, 0x4, 0xc, 0x9}, {0x2, 0x2, 0xa, 0xb}, {0x0, 0x5, 0x5, 0x8}, {0x0, 0x9, 0x2, 0x8}], 0x10, 0x9}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c40)={{r5, <r20=>0xffffffffffffffff}, &(0x7f0000001bc0), &(0x7f0000001c00)=r3}, 0x20)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000001c80)={&(0x7f0000001980)="b0c77a31271170246b44314443641f4a5193a6ed0e0a4fe4464ce0b14d642f4414ba29093fd2877f0855d86d180567e4226de4823b3b259fb5525fac9475b3d5c6ee070ebae9e7802d84754ccb15f695cf76e92c177a65eb74218ec5c3a736366a83ae45c18f6982196253ca9125b16ade87556a195d1fde8a7653ff2301ced9616e3499455a908fe89eb3a5e5cae73d35c4415932caa22a0cb6455826264d2fa3d1283caa527a2506ad4cf6918123fb4d1f7a9c03e2606501ac3f371aa2696155d075c110cbe1bd2ba65577263abc2e3e78ab382adea3fc561b0473d3dd2ffdcb439cecd5ad5ab7f32dd2edf399ba0e765d15b2c198de", &(0x7f0000001a80)=""/116, &(0x7f0000001b00)="fc22b95c607a53313c744125451d182ee029f70dbe767354c4c519fca321d82f31a7e43b350c888edbb2ff5fff3a29742a556149767f3ab78bb60ecaafcf556e6d2857a4b3d77d49adecca5aad171e243ed9bf29bf63f9afb503c2bedbabd990ad4cace761b147400e2625ed45ebe1b57e6c0195d7e843d861dab836fd", &(0x7f0000001b80)="c11f7b068b29d23bff4d9b91afaa4731934e5bb431db83d55ee2c3147cd6589348c959bde06aa1309450a61963", 0x101, r20}, 0x38)
write$cgroup_subtree(r18, &(0x7f0000001cc0)={[{0x2d, 'net_prio'}, {0x0, 'cpu'}, {0x2d, 'perf_event'}, {0x2b, 'memory'}, {0x2d, 'net_prio'}, {0x2b, 'freezer'}, {0x2b, 'rlimit'}]}, 0x3e)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000002040)=@bpf_tracing={0x1a, 0x19, &(0x7f0000001d00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x8001}, {{0x18, 0x1, 0x1, 0x0, r18}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, @exit, @ldst={0x0, 0x1, 0x2, 0x4, 0x1, 0x1, 0x1}, @func, @alu={0x4, 0x0, 0xa, 0x5, 0x4, 0xfffffffffffffff4, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001e00)='syzkaller\x00', 0x7, 0x3f, &(0x7f0000001e40)=""/63, 0x41100, 0x4, '\x00', r1, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000001e80)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000001ec0)={0x2, 0xb, 0x0, 0x4}, 0x10, 0x20776, r3, 0x4, &(0x7f0000001fc0)=[r8, r9, r18, r11, r18, r7, 0xffffffffffffffff], &(0x7f0000002000)=[{0x1, 0x1, 0x9, 0xb}, {0x2, 0x2, 0x10, 0x3}, {0x1, 0x1, 0x10, 0x5}, {0x5, 0x4, 0xe, 0x9}], 0x10, 0x401}, 0x94)

944.556352ms ago: executing program 2 (id=4684):
r0 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000540)={&(0x7f00000000c0)=@nfc_llcp={0x27, 0x0, 0xffffffffffffffff, 0x4, 0x2d, 0x0, "f8b7d6cb4c75385ee39ccf8a8e6afd8671e0f7ba15e111308f08e5e55e6613e41a7a1dcf992ef5263921244ee64623ff101a4541a4d64442ed32af6c574d47", 0x34}, 0x80, &(0x7f0000000500)=[{&(0x7f00000001c0)="1b6195b6ed01f72813c8e64e0a49764f605df3e2e95e6e3dd2a8f72fcca681cd424521a6f158bd59032b41ad9c201c29df58136a396213c2ecddeb4974548a20b76d65df64a7b55e62dea0bec77c23c048292132459295539ccbfd7389ccddc400a1b8fea66b83cc90536a358aa477e6c00c05646049a75a19f5d6eb6880e7acf68768c81ab79a025ea013fc0ddb2f91514912bad431f5330c72ba5721c1ccde4c05b3a344e9aec5fb3e200d2098d519718d4dc2032c0df35343ee2da692c5e1ea2ec81dc86f5f7083e50212d38b106216be18d39ea86b17498edd79f65539da97f61a1fae04e7935bf3", 0xea}, {&(0x7f0000000380)="58c207fc70a8d588f12e2d2ffd6139b56c97e6c2cf647c533fb942703df9eac46ed79c4d9e2e6525b8a33fda1243091555888ee81eb300164ff6a2a557363a4cbd03d696c2de2ff3771b3592dc2eeed54fd16a28e0fe1337b54d5a9756aaf5dfc6ca384ca8c65265cd2e5d048c4a751c23db74f2619d2e22cfb7c49cde260db41af911b4c08bbbcacd0ee02a4f503449e09afdb8f4711e2bc773d7b1bccb7dbd68080d53a83e1bb195f9569557f1d337407c30cd0f33926c30db3a4e65f7a486baac", 0xc2}, {&(0x7f0000000480)="788e6ee6bd17b7d88639b73d4618615f6155f3d2095a780d356e2144acb0eed0a7fb12ac6b55698f3eeb68fac2e800a56312a9bb04de8f6a393d6cfc8bd0900f17ca8abd95926388", 0x48}], 0x3}, 0x4000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1980, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110c230007)
close(0x3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x41, &(0x7f00000006c0)=r1, 0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000080)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x8000}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@call={0x85, 0x0, 0x0, 0xf}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)

897.98449ms ago: executing program 0 (id=4685):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x84000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x8, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b0000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2100, 0x0, &(0x7f00000002c0), 0x0, 0x2000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

801.413616ms ago: executing program 1 (id=4686):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x7, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0xbafa, 0xff, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="6880a642beaf34317f0dd3122a90ad0d2b", 0x11}], 0x2d}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x4)
recvmsg$kcm(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb97}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000940)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007de0b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cd67b5b18065752a3ad500000000000000cb450063bc36005400000000000000ff7f00000001000000000000000000cb04fcbb0b5ba9918d37b056b9bbd11b6b9f260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb4845124ef2e487204000000aaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aadffcc75fe369258673b5d053bdec75dca377232a790bce5a6f087ae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db9af1b5d356d0f062137d866d11be4b1260b06cca9098a3f0151fdbbd4e97d62ecc6405003a60f1c6edc76683073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bdaeecc952a3fd2c46f3c1cde71a19d1a2982492abaa96765372831210e00d2bfea3b8df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f22542c133aadafdc96fdb49cc992dbdd5ac01ba51508951c7a7c5f5093bd6ca0916c3a12912715649c2b1c7193a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f000000000000000050572061dfb5248d3d4a1c37dcb92d9ef99e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19524cf30f810da3204f4c93f4f5d7321acfefc4d1c9139ca4b65b9990995000000000000000000000000000000c8a3988cca41217c950554bb043cf364d709c2bf3ec46b75f1bce43e726210b53d362072bc120c076b4647afc595d97c288f5017088ac2b02ed97fc883a102ae6000044542e3aa7ada6d13ff93ec634a0fa0b5f41ed317b48b8b8c03b243d6e14b7087e2c5d41f8a51408e27283b54d04212cbb0f5af76b70b1bdcec7c0abe6407e7fa204b9919490af8bffca6fbbd2174a84328af4acc9c7ec655729125fc15da558cb6edfcdd0c3fca7130863d13369f79f1d13ac166249e4bffa4a272a0116b591a63bfca11205d216b34000000000000000045b5ade570aeb7cf89e900004dc6c89355082bdcb0b08b810cf63fd19a17f4d440f1546e8e5f8addedb88c7f7990947505d2fcd8cb14"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000100), 0x237}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f2f, 0x18, 0x1e8, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x1e8, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000000), 0x0, 0xe8030000}, 0x23)

800.807056ms ago: executing program 2 (id=4687):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x5, 0xfd, 0x0, 0x5d2e, 0xa582, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x0, 0x100400, 0x0, 0xfffffffffffffffe}, 0x0, 0x6, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="180000fedfffffffffffff00000007ea672881563ac5b8770589b8eb0916fd142f90b7861e03bd04df9a35386513b597c91333f5071b7c5107521eddb005131a17209bb74b34f524584c73eed9d641bf480cad22f7c53876e44435bd671831cd2d81bfb170dc4959469f95cc00"/128], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x2, 0x3, 0x106)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000140)={0xffffffffffffffff, r1})
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r2], 0x48)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r3)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r6 = socket$kcm(0xa, 0x1, 0x0)
r7 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r6, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
sendmsg(r6, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="a6", 0xffffff58}], 0x1}, 0x40001)
close(0x3)
close(0x4)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r9, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x4)

385.984846ms ago: executing program 0 (id=4691):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x5}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x21, 0x2, 0x2)
setsockopt$sock_attach_bpf(r2, 0x110, 0x3, 0x0, 0x0)

283.378313ms ago: executing program 3 (id=4693):
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f00000010c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000480)='\\', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000180)="84", 0x1}], 0x1}, 0x8040)
close(r4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000040)=r6, 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000840)={@fallback=r6, r2, 0x0, 0x1, 0xffffffffffffffff, @void, @value=r5}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@map, r1, 0xa, 0x2028}, 0x20)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r5, 0x4008240b, &(0x7f00000001c0)={0x4, 0x80, 0xf9, 0x3, 0x0, 0x0, 0x0, 0x62af, 0x62f02, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x800, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x110, 0xfffffffffffffff0, 0x4b2, 0x5, 0x1000, 0x5, 0x88cc, 0x0, 0x0, 0x0, 0x8000000000000001})
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0, 0xc9e}, 0x8000)
setsockopt$sock_attach_bpf(r0, 0x84, 0x24, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0x1, <r8=>0xffffffffffffffff}, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r8, 0x58, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="030000000400000004000000b5"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r11, 0x0, 0xe, 0x0, &(0x7f0000000180)="c1dfb080cd21d308098ee68886dd", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
r13 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x6, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r13, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e50200"/32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_ext={0x1c, 0xe, &(0x7f0000000040)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffff8}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}], &(0x7f00000000c0)='GPL\x00', 0x74fb, 0x0, 0x0, 0x41000, 0x4, '\x00', r9, 0x0, r12, 0x8, &(0x7f0000000200)={0x1, 0x3}, 0x8, 0x10, 0x0, 0x0, 0xa27e, r14, 0x5, 0x0, &(0x7f0000000240)=[{0x3, 0x3, 0x1, 0xb}, {0x3, 0x5, 0x10, 0x7}, {0x5, 0x5, 0x1}, {0x0, 0x3, 0x8, 0xa}, {0x0, 0x4, 0xf, 0x9}], 0x10, 0x9}, 0x94)

228.610652ms ago: executing program 1 (id=4694):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400500142603600e1208000b0000000401a8001600a4000140027c0000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffec", 0xbd}, {&(0x7f00000006c0)="dd427d97b68f0726ed8a10148545240f9f00000000000000000000f9cd0e9ad345c751bc6e710a4c32438533ccd803b37fb64e1345e51bdff80c336fdca40c20b458ecee6abf5b69083c81c8b597d0e44bd02577a73f8823bb8e7b5d8ac9d594a4e2a91bd52118f19e20c31e1daeaaef77577dca30c307471e41da7f4dc26393b836aa60d9e5937976dc54967ea7ddf1b4ff9eeb6068ce003437ee92a382c076b874fa18fe104a00b7bbf13bcc77a97a472f713ca1b42ccc260f7a9dfe4e0314f3a86babb771a63bae3a229ee0f937eabe8a992e53c1caf29f8b4261a7bb5a6094d9222dada80cf495435d0867e9e8e9ccfdc16ec8604f4d9757811f1d1cd2e2e0868536adec97ef623e", 0x10a}], 0x2}, 0x410) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) (async, rerun: 32)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x3, 0x8, 0x2, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="62132a3a2a207277"], 0xa) (async)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x6a, 0x0, 0x0, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xd1, 0x8, 0x0, 0x0}}, 0x10) (async)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x110, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r3, 0x29, 0x23, 0x0, 0x0) (async)
r4 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r4, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) (async)
sendmsg$inet(0xffffffffffffffff, 0x0, 0xe900) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002d40)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) (async)
r5 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0xf, &(0x7f0000000080)=[{&(0x7f00000000c0)="0207070002000000e4a17c45c8d260c90ec56959a440278950ff8cdca342f51686908ea4fe07dee035abee82755979fbd7991b71517d20096811c5a663a947eaf378bf56aaccdde0d91d2fa08aba131d91a15f81bfd1e961e534a605e9196747aaf27c0ec3994018ec333b40070beae950827d3efce8a34af6c67c60ee83b76c1132f55a7ccf7843a9a1de5284a60a57f66fa52701bccb915def033b664bc63242c782ecc7", 0x10}], 0x1}, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x2, 0x7, 0x2, 0x7f, 0x0, 0x6af, 0x38300, 0x5, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x101, 0x4, @perf_config_ext={0xc, 0xfff8000000000000}, 0x2000, 0x4, 0x5, 0x5, 0x7be2, 0x8, 0x400, 0x0, 0x9, 0x0, 0x921}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0xa) (async, rerun: 32)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="9fedcb7968ddc36c8f263408008d"], 0xfdef) (async)
socket$kcm(0x10, 0x2, 0x0)

219.820754ms ago: executing program 0 (id=4695):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x8020)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x12, 0x0, @private0, 0x93, 0x3}, 0x80, 0x0}, 0x0)

44.430513ms ago: executing program 2 (id=4696):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r1)
r2 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r2, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
sendmsg$kcm(r2, &(0x7f0000003240)={&(0x7f00000002c0)=@qipcrtr={0x2a, 0x4, 0x4000}, 0x80, &(0x7f0000000bc0), 0x0, &(0x7f0000002100)=[{0x88, 0x1, 0x2, "9815f5041357ceede5e00b3cf48e9d770e619e489a90db881b18613e9d9660ce1830a2956a66dd4c9664ac4573155da43e310279e723c04f21b88f06b7ecc536a39dd04a39d55bfae026aca74e2121330ef578aa8415c6523c12d15196cb72e180792b3ec69e442376d1170f7f4110f6d3ce"}, {0x80, 0x28, 0xf68, "cd37d5351a04784623e312392ed2f036c05021399c930e85c08b59cf9c2ec3590ce7dcb262a4dea6ae69151ca3051b3fb1b53fb852d4239818ec60f96b0c612f52b7f3c0b4ed9a920f483bdc0f4b769d626045bdfa7441539c6720b36d27da37ca36dc0849c5c50330c6"}], 0x108}, 0x8011)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r3}, &(0x7f0000000000), &(0x7f00000000c0)=r1}, 0x20)
recvmsg$unix(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f00000003c0)=""/199, 0xc7}], 0x1}, 0x20)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f, 0x2, @perf_config_ext={0x40000000000000, 0x3fef8000}, 0x0, 0x701, 0x43a1bd76, 0x0, 0x5, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000006201b9000000000895"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

43.915523ms ago: executing program 0 (id=4697):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x8, 0x10000, 0x18, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000005000073030000000000a18d08000000030000000000001103000000000000000000000001000004040000000000000002000000000000000061612e00ec73758bf9401d7a23b69da18bcace29a551aa36d33e3c32d93d30089c7dc071e8573d9779656e0d8d24566e0900312e784cf2c17b395a9a1d20a74dafeb9785cabe20c440997200c55f83c7f6311a8ac333c99580299759de49bd317f4f8d9703f4d23bfabdaf90f47b1af6f9eb1d454d6b72f57ad4a814c56d386fa130b3c70f7a2bf543571a2772bb6703d272fcb936926be9beed768d5e070e48c0a0eeff89005da465ef38cb4ee233c9a4b779a465e914b756417b6134b5"], 0x0, 0x51}, 0x28)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x3, 0x8, 0x2, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x4}, 0x0, 0x0, 0x80000001, 0x5, 0xd, 0xfffffffc, 0x0, 0x0, 0x3, 0x0, 0x1000000000007}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a00000080000000064242"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x10c}, 0x48)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x0, @perf_config_ext={0x0, 0x3fff8000}, 0x12004, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x110, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x6, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040), 0xcf)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x6488, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe10000ba00638977fb080600017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0xc2ba, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)

0s ago: executing program 1 (id=4698):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x5}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x21, 0x2, 0x2)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x890c, 0x0)
setsockopt$sock_attach_bpf(r2, 0x110, 0x3, 0x0, 0x0)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000001e80)=ANY=[@ANYBLOB="9feb010018000000000000004000000040000000080000000400000001000084010000e004000000030000000000000400000000000000010500000020000000000000000000000300000000020000000200000000000000006100302e"], 0x0, 0x60, 0x0, 0x1}, 0x28)
r7 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xfe123, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_config_ext={0xd, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3, 0x1}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x2, @perf_bp={&(0x7f00000001c0), 0x3}, 0x40, 0x0, 0x0, 0x4, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r9, 0x40042408, r10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r11)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x66137, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x14, 0x0, &(0x7f0000000300)='GPL\x00', 0x31, 0xf6, &(0x7f00000005c0)=""/246, 0x41100, 0x41, '\x00', r12, 0x25, r6, 0x8, &(0x7f0000000340)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000380)={0x2, 0x6, 0x8, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000400)=[r5, r5], &(0x7f0000000500)=[{0x4, 0x2, 0xf, 0x5}], 0x10, 0x5}, 0x94)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(r13, &(0x7f0000000180), 0x13bb711e)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x1, 0x4, 0x0, 0x20000, r4, 0x9, '\x00', r12, r13, 0x4, 0x1, 0x4, 0x6}, 0x50)

kernel console output (not intermixed with test programs):

a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  732.806859][T16957] RSP: 002b:00007f7f84fa1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  732.815720][T16957] RAX: ffffffffffffffda RBX: 00007f7f84fa26c0 RCX: 00007f7f8415d04e
[  732.823982][T16957] RDX: 000000000000000f RSI: 00007f7f84fa20a0 RDI: 0000000000000006
[  732.832256][T16957] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  732.840350][T16957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  732.848526][T16957] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  732.856545][T16957]  </TASK>
[  733.510568][T16977] pimreg0: tun_chr_ioctl cmd 1074812118
[  733.527352][T16970] pimreg0: tun_chr_ioctl cmd 35111
[  733.782468][T16986] netlink: 'syz.2.3669': attribute type 10 has an invalid length.
[  733.796748][T16983] netlink: 14463 bytes leftover after parsing attributes in process `syz.1.3668'.
[  733.810385][T16986] netlink: 55 bytes leftover after parsing attributes in process `syz.2.3669'.
[  733.830881][T16986] virt_wifi0: entered promiscuous mode
[  733.838927][T16986] virt_wifi0: entered allmulticast mode
[  733.846141][T16986] team0: Port device virt_wifi0 added
[  733.852930][T16983] netlink: 'syz.1.3668': attribute type 10 has an invalid length.
[  733.861857][T16983] netlink: 55 bytes leftover after parsing attributes in process `syz.1.3668'.
[  734.192713][T16996] netlink: 'syz.1.3672': attribute type 10 has an invalid length.
[  734.212059][T16996] hsr_slave_0: left promiscuous mode
[  734.229154][T16996] hsr_slave_1: left promiscuous mode
[  734.705823][T17005] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  734.822774][T17009] netlink: 64859 bytes leftover after parsing attributes in process `syz.1.3677'.
[  736.049394][T17039] netlink: 'syz.1.3683': attribute type 4 has an invalid length.
[  736.084585][T17039] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3683'.
[  736.124150][T17039] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  736.226896][T17041] FAULT_INJECTION: forcing a failure.
[  736.226896][T17041] name failslab, interval 1, probability 0, space 0, times 0
[  736.246453][T17041] CPU: 1 PID: 17041 Comm: syz.0.3688 Not tainted syzkaller #0
[  736.254168][T17041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  736.264450][T17041] Call Trace:
[  736.267926][T17041]  <TASK>
[  736.270875][T17041]  dump_stack_lvl+0x18c/0x250
[  736.275682][T17041]  ? show_regs_print_info+0x20/0x20
[  736.281163][T17041]  ? load_image+0x420/0x420
[  736.285692][T17041]  ? __might_sleep+0xe0/0xe0
[  736.290396][T17041]  ? __lock_acquire+0x7d40/0x7d40
[  736.295671][T17041]  should_fail_ex+0x39d/0x4d0
[  736.300462][T17041]  should_failslab+0x9/0x20
[  736.305071][T17041]  slab_pre_alloc_hook+0x59/0x310
[  736.310103][T17041]  ? tomoyo_encode+0x28b/0x540
[  736.314952][T17041]  ? tomoyo_encode+0x28b/0x540
[  736.319824][T17041]  __kmem_cache_alloc_node+0x53/0x250
[  736.325311][T17041]  ? tomoyo_encode+0x28b/0x540
[  736.330120][T17041]  __kmalloc+0xa4/0x230
[  736.334368][T17041]  tomoyo_encode+0x28b/0x540
[  736.339163][T17041]  tomoyo_realpath_from_path+0x592/0x5d0
[  736.344953][T17041]  tomoyo_path_number_perm+0x248/0x620
[  736.350573][T17041]  ? tomoyo_path_number_perm+0x217/0x620
[  736.356768][T17041]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  736.363052][T17041]  ? ktime_get+0x7f/0x280
[  736.367991][T17041]  ? __fget_files+0x28/0x4b0
[  736.372654][T17041]  ? __fget_files+0x28/0x4b0
[  736.377602][T17041]  security_file_ioctl+0x70/0xa0
[  736.382831][T17041]  __se_sys_ioctl+0x48/0x170
[  736.387539][T17041]  do_syscall_64+0x55/0xa0
[  736.392065][T17041]  ? clear_bhb_loop+0x40/0x90
[  736.396806][T17041]  ? clear_bhb_loop+0x40/0x90
[  736.401756][T17041]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  736.408652][T17041] RIP: 0033:0x7f7f8419c819
[  736.413197][T17041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  736.433274][T17041] RSP: 002b:00007f7f84fa2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  736.441815][T17041] RAX: ffffffffffffffda RBX: 00007f7f84415fa0 RCX: 00007f7f8419c819
[  736.449823][T17041] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000001f
[  736.458132][T17041] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  736.466642][T17041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  736.474722][T17041] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  736.483035][T17041]  </TASK>
[  736.494934][T17041] ERROR: Out of memory at tomoyo_realpath_from_path.
[  738.239011][T17084] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3699'.
[  738.808151][T17109] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3708'.
[  738.857348][T17110] netlink: 'syz.0.3703': attribute type 4 has an invalid length.
[  738.899223][T17110] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3703'.
[  738.929578][T17110] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  739.643873][T17133] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3715'.
[  741.104733][T17172] netlink: 'syz.1.3727': attribute type 1 has an invalid length.
[  741.112723][T17172] netlink: 'syz.1.3727': attribute type 2 has an invalid length.
[  741.121418][T17172] netlink: 'syz.1.3727': attribute type 2 has an invalid length.
[  741.129708][T17172] netlink: 'syz.1.3727': attribute type 3 has an invalid length.
[  741.141061][T17172] netlink: 'syz.1.3727': attribute type 4 has an invalid length.
[  741.159139][T17172] netlink: 'syz.1.3727': attribute type 5 has an invalid length.
[  741.184729][T17172] netlink: 'syz.1.3727': attribute type 6 has an invalid length.
[  741.204179][T17172] netlink: 'syz.1.3727': attribute type 7 has an invalid length.
[  741.214205][T17172] netlink: 'syz.1.3727': attribute type 9 has an invalid length.
[  741.244719][T17172] netlink: 'syz.1.3727': attribute type 10 has an invalid length.
[  741.270557][T17172] netlink: 126304 bytes leftover after parsing attributes in process `syz.1.3727'.
[  741.340984][T17177] netlink: 14463 bytes leftover after parsing attributes in process `syz.0.3730'.
[  741.500182][T17177] netlink: 55 bytes leftover after parsing attributes in process `syz.0.3730'.
[  741.516922][T17177] virt_wifi0: entered promiscuous mode
[  741.522905][T17177] virt_wifi0: entered allmulticast mode
[  741.531738][T17177] team0: Port device virt_wifi0 added
[  742.543052][T17203] FAULT_INJECTION: forcing a failure.
[  742.543052][T17203] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  742.602742][T17203] CPU: 0 PID: 17203 Comm: syz.0.3738 Not tainted syzkaller #0
[  742.610371][T17203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  742.620460][T17203] Call Trace:
[  742.623862][T17203]  <TASK>
[  742.626810][T17203]  dump_stack_lvl+0x18c/0x250
[  742.631612][T17203]  ? show_regs_print_info+0x20/0x20
[  742.637041][T17203]  ? load_image+0x420/0x420
[  742.641584][T17203]  ? __might_fault+0xaa/0x120
[  742.646331][T17203]  ? __lock_acquire+0x7d40/0x7d40
[  742.651408][T17203]  should_fail_ex+0x39d/0x4d0
[  742.656148][T17203]  _copy_from_iter+0x1d9/0x12e0
[  742.661140][T17203]  ? rep_movs_alternative+0x4a/0x90
[  742.666476][T17203]  ? _copy_from_iter+0x24e/0x12e0
[  742.671640][T17203]  ? __virt_addr_valid+0x18c/0x540
[  742.676797][T17203]  ? __lock_acquire+0x7d40/0x7d40
[  742.682030][T17203]  ? copyout_mc+0x70/0x70
[  742.686413][T17203]  ? copyout_mc+0x70/0x70
[  742.690958][T17203]  ? __virt_addr_valid+0x18c/0x540
[  742.696544][T17203]  ? page_copy_sane+0x16a/0x270
[  742.701529][T17203]  copy_page_from_iter+0x7b/0x100
[  742.706881][T17203]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  742.712743][T17203]  tun_get_user+0x15db/0x3ca0
[  742.717597][T17203]  ? aa_file_perm+0x11b/0xee0
[  742.722487][T17203]  ? rcu_read_unlock+0xa0/0xa0
[  742.727267][T17203]  ? tun_get+0x1c/0x2e0
[  742.731418][T17203]  ? __lock_acquire+0x7d40/0x7d40
[  742.736561][T17203]  ? tun_get+0x1c/0x2e0
[  742.741005][T17203]  tun_chr_write_iter+0x119/0x200
[  742.746064][T17203]  vfs_write+0x46c/0x990
[  742.750366][T17203]  ? file_end_write+0x250/0x250
[  742.755340][T17203]  ? __fget_files+0x43d/0x4b0
[  742.760077][T17203]  ? __fdget_pos+0x1d8/0x330
[  742.764968][T17203]  ? ksys_write+0x75/0x260
[  742.770564][T17203]  ksys_write+0x150/0x260
[  742.775027][T17203]  ? __ia32_sys_read+0x90/0x90
[  742.780006][T17203]  ? lockdep_hardirqs_on+0x98/0x150
[  742.785338][T17203]  do_syscall_64+0x55/0xa0
[  742.789899][T17203]  ? clear_bhb_loop+0x40/0x90
[  742.794857][T17203]  ? clear_bhb_loop+0x40/0x90
[  742.799761][T17203]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  742.805700][T17203] RIP: 0033:0x7f7f8419c819
[  742.810144][T17203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  742.830217][T17203] RSP: 002b:00007f7f84fa2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  742.839006][T17203] RAX: ffffffffffffffda RBX: 00007f7f84415fa0 RCX: 00007f7f8419c819
[  742.847005][T17203] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 00000000000000c8
[  742.855175][T17203] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  742.863263][T17203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  742.871541][T17203] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  742.879571][T17203]  </TASK>
[  743.057334][T17195] delete_channel: no stack
[  743.171490][T17213] netlink: 184 bytes leftover after parsing attributes in process `syz.1.3741'.
[  743.427186][T17224] netlink: 13951 bytes leftover after parsing attributes in process `syz.2.3743'.
[  743.489239][T17219] netlink: 55 bytes leftover after parsing attributes in process `syz.2.3743'.
[  743.674761][T17227] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3746'.
[  744.646016][T17266] netlink: 13951 bytes leftover after parsing attributes in process `syz.0.3758'.
[  746.159866][T17291] syz.3.3769[17291] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  746.185731][T17294] FAULT_INJECTION: forcing a failure.
[  746.185731][T17294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  746.218423][T17294] CPU: 1 PID: 17294 Comm: syz.1.3771 Not tainted syzkaller #0
[  746.226197][T17294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  746.236662][T17294] Call Trace:
[  746.239969][T17294]  <TASK>
[  746.243019][T17294]  dump_stack_lvl+0x18c/0x250
[  746.244045][T17296] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  746.247732][T17294]  ? show_regs_print_info+0x20/0x20
[  746.247768][T17294]  ? load_image+0x420/0x420
[  746.247790][T17294]  ? __might_fault+0xaa/0x120
[  746.247808][T17294]  ? __lock_acquire+0x7d40/0x7d40
[  746.247835][T17294]  should_fail_ex+0x39d/0x4d0
[  746.247866][T17294]  _copy_from_iter+0x1d9/0x12e0
[  746.247891][T17294]  ? __virt_addr_valid+0x18c/0x540
[  746.247915][T17294]  ? __lock_acquire+0x7d40/0x7d40
[  746.247935][T17294]  ? __asan_memcpy+0x40/0x70
[  746.247956][T17294]  ? copyout_mc+0x70/0x70
[  746.247973][T17294]  ? __virt_addr_valid+0x18c/0x540
[  746.255543][T17296] IPv6: NLM_F_CREATE should be set when creating new route
[  746.260802][T17294]  ? __virt_addr_valid+0x18c/0x540
[  746.260836][T17294]  ? __virt_addr_valid+0x469/0x540
[  746.260859][T17294]  ? __phys_addr_symbol+0x2f/0x70
[  746.260890][T17294]  ? __check_object_size+0x506/0xa20
[  746.265754][T17296] IPv6: NLM_F_CREATE should be set when creating new route
[  746.270142][T17294]  sctp_user_addto_chunk+0x8f/0x220
[  746.270183][T17294]  sctp_datamsg_from_user+0x741/0xee0
[  746.270227][T17294]  sctp_sendmsg_to_asoc+0x107f/0x1830
[  746.275559][T17296] IPv6: NLM_F_CREATE should be set when creating new route
[  746.279942][T17294]  ? __asan_memcpy+0x40/0x70
[  746.279987][T17294]  ? sctp_assoc_add_peer+0xcf3/0x1390
[  746.280026][T17294]  ? sctp_sendmsg_check_sflags+0x2d0/0x2d0
[  746.337484][T17291] validate_nla: 7 callbacks suppressed
[  746.337539][T17291] netlink: 'syz.3.3769': attribute type 2 has an invalid length.
[  746.338139][T17294]  ? __sctp_connect+0xd80/0xd80
[  746.338166][T17294]  ? __local_bh_enable_ip+0x13a/0x1c0
[  746.338186][T17294]  ? _local_bh_enable+0xa0/0xa0
[  746.338204][T17294]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  746.338225][T17294]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  746.347365][T17291] netlink: 'syz.3.3769': attribute type 8 has an invalid length.
[  746.350896][T17294]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  746.350928][T17294]  ? security_sctp_bind_connect+0x89/0xb0
[  746.350952][T17294]  sctp_sendmsg+0x1b83/0x28c0
[  746.350986][T17294]  ? sctp_getsockopt+0xb60/0xb60
[  746.351007][T17294]  ? aa_sk_perm+0x83c/0x970
[  746.351042][T17294]  ? aa_af_perm+0x330/0x330
[  746.351064][T17294]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  746.351088][T17294]  ? sock_rps_record_flow+0x19/0x3f0
[  746.351112][T17294]  ? inet_sendmsg+0x7c/0x2f0
[  746.358093][T17291] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3769'.
[  746.362023][T17294]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  746.362053][T17294]  ? security_socket_sendmsg+0x80/0xa0
[  746.362073][T17294]  ? inet_send_prepare+0x260/0x260
[  746.362100][T17294]  ____sys_sendmsg+0x5ba/0x960
[  746.362120][T17294]  ? __lock_acquire+0x7d40/0x7d40
[  746.362145][T17294]  ? __asan_memset+0x22/0x40
[  746.524029][T17294]  ? __sys_sendmsg_sock+0x30/0x30
[  746.529341][T17294]  ? __import_iovec+0x5f2/0x850
[  746.534314][T17294]  ? import_iovec+0x73/0xa0
[  746.538915][T17294]  ___sys_sendmsg+0x2a6/0x360
[  746.543680][T17294]  ? get_pid_task+0x20/0x1e0
[  746.548588][T17294]  ? __sys_sendmsg+0x2a0/0x2a0
[  746.553605][T17294]  ? __lock_acquire+0x7d40/0x7d40
[  746.558750][T17294]  __se_sys_sendmsg+0x1c2/0x2b0
[  746.563634][T17294]  ? __x64_sys_sendmsg+0x80/0x80
[  746.568867][T17294]  ? lockdep_hardirqs_on+0x98/0x150
[  746.574079][T17294]  do_syscall_64+0x55/0xa0
[  746.578580][T17294]  ? clear_bhb_loop+0x40/0x90
[  746.583523][T17294]  ? clear_bhb_loop+0x40/0x90
[  746.588285][T17294]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  746.594809][T17294] RIP: 0033:0x7f95f059c819
[  746.599250][T17294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  746.620185][T17294] RSP: 002b:00007f95f139c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  746.628708][T17294] RAX: ffffffffffffffda RBX: 00007f95f0815fa0 RCX: 00007f95f059c819
[  746.636879][T17294] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000004
[  746.645066][T17294] RBP: 00007f95f139c090 R08: 0000000000000000 R09: 0000000000000000
[  746.653201][T17294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  746.661469][T17294] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  746.669670][T17294]  </TASK>
[  746.746804][T17299] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.3773'.
[  747.109920][T17317] FAULT_INJECTION: forcing a failure.
[  747.109920][T17317] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  747.123367][T17317] CPU: 0 PID: 17317 Comm: syz.2.3779 Not tainted syzkaller #0
[  747.130974][T17317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  747.141570][T17317] Call Trace:
[  747.145143][T17317]  <TASK>
[  747.148181][T17317]  dump_stack_lvl+0x18c/0x250
[  747.153053][T17317]  ? show_regs_print_info+0x20/0x20
[  747.158734][T17317]  ? load_image+0x420/0x420
[  747.163446][T17317]  ? __might_fault+0xaa/0x120
[  747.168231][T17317]  should_fail_ex+0x39d/0x4d0
[  747.173164][T17317]  copyin+0x1a/0x90
[  747.177137][T17317]  _copy_from_iter+0x54f/0x12e0
[  747.182264][T17317]  ? slab_post_alloc_hook+0x8a/0x4b0
[  747.187580][T17317]  ? __virt_addr_valid+0x18c/0x540
[  747.192803][T17317]  ? copyout_mc+0x70/0x70
[  747.197141][T17317]  ? __virt_addr_valid+0x18c/0x540
[  747.202466][T17317]  ? __virt_addr_valid+0x18c/0x540
[  747.207981][T17317]  ? __virt_addr_valid+0x469/0x540
[  747.213405][T17317]  ? __check_object_size+0x506/0xa20
[  747.218717][T17317]  netlink_sendmsg+0x76b/0xbf0
[  747.223713][T17317]  ? netlink_getsockopt+0x590/0x590
[  747.229120][T17317]  ? aa_sock_msg_perm+0x94/0x150
[  747.234084][T17317]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  747.239467][T17317]  ? security_socket_sendmsg+0x80/0xa0
[  747.245121][T17317]  ? netlink_getsockopt+0x590/0x590
[  747.251036][T17317]  ____sys_sendmsg+0x5ba/0x960
[  747.255811][T17317]  ? __asan_memset+0x22/0x40
[  747.260522][T17317]  ? __sys_sendmsg_sock+0x30/0x30
[  747.265742][T17317]  ? __import_iovec+0x3fa/0x850
[  747.270609][T17317]  ? import_iovec+0x73/0xa0
[  747.275203][T17317]  ___sys_sendmsg+0x2a6/0x360
[  747.280150][T17317]  ? __sys_sendmsg+0x2a0/0x2a0
[  747.285308][T17317]  ? __lock_acquire+0x7d40/0x7d40
[  747.290389][T17317]  __se_sys_sendmsg+0x1c2/0x2b0
[  747.295524][T17317]  ? __x64_sys_sendmsg+0x80/0x80
[  747.300654][T17317]  ? lockdep_hardirqs_on+0x98/0x150
[  747.305863][T17317]  do_syscall_64+0x55/0xa0
[  747.310805][T17317]  ? clear_bhb_loop+0x40/0x90
[  747.315588][T17317]  ? clear_bhb_loop+0x40/0x90
[  747.320483][T17317]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  747.326492][T17317] RIP: 0033:0x7f6363b9c819
[  747.331041][T17317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  747.351015][T17317] RSP: 002b:00007f63649be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  747.359467][T17317] RAX: ffffffffffffffda RBX: 00007f6363e15fa0 RCX: 00007f6363b9c819
[  747.367786][T17317] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  747.376039][T17317] RBP: 00007f63649be090 R08: 0000000000000000 R09: 0000000000000000
[  747.384199][T17317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.392291][T17317] R13: 00007f6363e16038 R14: 00007f6363e15fa0 R15: 00007ffe4d8f30f8
[  747.400395][T17317]  </TASK>
[  747.900887][T17321] netlink: 'syz.2.3781': attribute type 10 has an invalid length.
[  747.985233][T17323] netlink: 'syz.0.3782': attribute type 10 has an invalid length.
[  748.031838][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  748.038738][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  748.142977][T17333] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.3785'.
[  749.263108][T17359] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.3795'.
[  750.111723][T17372] mac80211_hwsim hwsim37 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  750.231291][T17373] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3799'.
[  750.642444][T17377] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3800'.
[  750.674809][T17377] FAULT_INJECTION: forcing a failure.
[  750.674809][T17377] name failslab, interval 1, probability 0, space 0, times 0
[  750.734633][T17377] CPU: 0 PID: 17377 Comm: syz.3.3800 Not tainted syzkaller #0
[  750.742530][T17377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  750.752648][T17377] Call Trace:
[  750.756064][T17377]  <TASK>
[  750.759032][T17377]  dump_stack_lvl+0x18c/0x250
[  750.763874][T17377]  ? show_regs_print_info+0x20/0x20
[  750.769327][T17377]  ? load_image+0x420/0x420
[  750.774158][T17377]  ? verify_lock_unused+0x140/0x140
[  750.779427][T17377]  should_fail_ex+0x39d/0x4d0
[  750.784439][T17377]  should_failslab+0x9/0x20
[  750.789176][T17377]  slab_pre_alloc_hook+0x59/0x310
[  750.794369][T17377]  kmem_cache_alloc+0x5a/0x2d0
[  750.799521][T17377]  ? skb_clone+0x1eb/0x370
[  750.804001][T17377]  skb_clone+0x1eb/0x370
[  750.808458][T17377]  __netlink_deliver_tap+0x41c/0x830
[  750.814322][T17377]  ? netlink_deliver_tap+0x2e/0x1b0
[  750.819571][T17377]  netlink_deliver_tap+0x19c/0x1b0
[  750.824759][T17377]  netlink_sendskb+0x68/0x130
[  750.829496][T17377]  netlink_ack+0xce1/0x1180
[  750.834226][T17377]  ? __bpf_trace_bpf_trace_printk+0x100/0x100
[  750.840485][T17377]  ? netlink_dump+0xe50/0xe50
[  750.845409][T17377]  ? perf_trace_lock+0x304/0x3b0
[  750.850677][T17377]  netlink_rcv_skb+0x2c5/0x4d0
[  750.855493][T17377]  ? rtnetlink_bind+0x80/0x80
[  750.860213][T17377]  ? netlink_ack+0x1180/0x1180
[  750.865114][T17377]  ? __lock_acquire+0x7d40/0x7d40
[  750.870266][T17377]  ? netlink_deliver_tap+0x2e/0x1b0
[  750.875673][T17377]  netlink_unicast+0x751/0x8d0
[  750.881037][T17377]  netlink_sendmsg+0x8d0/0xbf0
[  750.885946][T17377]  ? perf_trace_lock+0x304/0x3b0
[  750.891631][T17377]  ? netlink_getsockopt+0x590/0x590
[  750.897532][T17377]  ? aa_sock_msg_perm+0x94/0x150
[  750.902680][T17377]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  750.908213][T17377]  ? security_socket_sendmsg+0x80/0xa0
[  750.914506][T17377]  ? netlink_getsockopt+0x590/0x590
[  750.920176][T17377]  ____sys_sendmsg+0x5ba/0x960
[  750.925141][T17377]  ? __asan_memset+0x22/0x40
[  750.929884][T17377]  ? __sys_sendmsg_sock+0x30/0x30
[  750.935245][T17377]  ? __import_iovec+0x5f2/0x850
[  750.940544][T17377]  ? import_iovec+0x73/0xa0
[  750.945110][T17377]  ___sys_sendmsg+0x2a6/0x360
[  750.950378][T17377]  ? __sys_sendmsg+0x2a0/0x2a0
[  750.955622][T17377]  ? __lock_acquire+0x7d40/0x7d40
[  750.961223][T17377]  __se_sys_sendmsg+0x1c2/0x2b0
[  750.966390][T17377]  ? __x64_sys_sendmsg+0x80/0x80
[  750.972053][T17377]  ? lockdep_hardirqs_on+0x98/0x150
[  750.978284][T17377]  do_syscall_64+0x55/0xa0
[  750.983053][T17377]  ? clear_bhb_loop+0x40/0x90
[  750.988676][T17377]  ? clear_bhb_loop+0x40/0x90
[  750.994365][T17377]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  751.000579][T17377] RIP: 0033:0x7fde2d59c819
[  751.005164][T17377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  751.032702][T17377] RSP: 002b:00007fde2e3a1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  751.043028][T17377] RAX: ffffffffffffffda RBX: 00007fde2d815fa0 RCX: 00007fde2d59c819
[  751.053079][T17377] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000000000000003
[  751.062813][T17377] RBP: 00007fde2e3a1090 R08: 0000000000000000 R09: 0000000000000000
[  751.071528][T17377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  751.079813][T17377] R13: 00007fde2d816038 R14: 00007fde2d815fa0 R15: 00007ffd7c8b71f8
[  751.088301][T17377]  </TASK>
[  751.515498][T17393] netlink: 1039 bytes leftover after parsing attributes in process `syz.3.3808'.
[  751.631613][T17399] FAULT_INJECTION: forcing a failure.
[  751.631613][T17399] name failslab, interval 1, probability 0, space 0, times 0
[  751.694720][T17399] CPU: 1 PID: 17399 Comm: syz.0.3810 Not tainted syzkaller #0
[  751.703307][T17399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  751.714251][T17399] Call Trace:
[  751.717659][T17399]  <TASK>
[  751.721089][T17399]  dump_stack_lvl+0x18c/0x250
[  751.725985][T17399]  ? show_regs_print_info+0x20/0x20
[  751.731494][T17399]  ? load_image+0x420/0x420
[  751.736410][T17399]  ? __might_sleep+0xe0/0xe0
[  751.741763][T17399]  ? __lock_acquire+0x7d40/0x7d40
[  751.747439][T17399]  ? __asan_memset+0x22/0x40
[  751.752263][T17399]  should_fail_ex+0x39d/0x4d0
[  751.757600][T17399]  should_failslab+0x9/0x20
[  751.762245][T17399]  slab_pre_alloc_hook+0x59/0x310
[  751.767331][T17399]  ? __kthread_create_on_node+0x116/0x3f0
[  751.773184][T17399]  __kmem_cache_alloc_node+0x53/0x250
[  751.778800][T17399]  ? __kthread_create_on_node+0x116/0x3f0
[  751.784832][T17399]  kmalloc_trace+0x2a/0xe0
[  751.789547][T17399]  ? rxrpc_direct_abort+0x330/0x330
[  751.794866][T17399]  __kthread_create_on_node+0x116/0x3f0
[  751.800431][T17399]  ? kthread_create_on_node+0x140/0x140
[  751.806009][T17399]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  751.812093][T17399]  ? rxrpc_direct_abort+0x330/0x330
[  751.817499][T17399]  ? rxrpc_direct_abort+0x330/0x330
[  751.822800][T17399]  kthread_create_on_node+0xec/0x140
[  751.828205][T17399]  ? __local_bh_enable_ip+0x13a/0x1c0
[  751.833586][T17399]  ? tsk_fork_get_node+0x70/0x70
[  751.838556][T17399]  ? __local_bh_enable_ip+0x13a/0x1c0
[  751.844697][T17399]  rxrpc_lookup_local+0xff3/0x1610
[  751.850524][T17399]  ? rxrpc_local_dont_fragment+0x70/0x70
[  751.856345][T17399]  ? none_clear+0x10/0x10
[  751.860790][T17399]  ? rxrpc_client_conn_reap_timeout+0xd0/0xd0
[  751.867042][T17399]  ? lockdep_hardirqs_on+0x98/0x150
[  751.872728][T17399]  ? _local_bh_enable+0xa0/0xa0
[  751.877600][T17399]  rxrpc_sendmsg+0x30a/0x5b0
[  751.882199][T17399]  ? rxrpc_getsockopt+0x150/0x150
[  751.887413][T17399]  ____sys_sendmsg+0x5ba/0x960
[  751.892434][T17399]  ? __lock_acquire+0x7d40/0x7d40
[  751.897580][T17399]  ? __sys_sendmsg_sock+0x30/0x30
[  751.902704][T17399]  ? __import_iovec+0x5f2/0x850
[  751.907776][T17399]  ? import_iovec+0x73/0xa0
[  751.912570][T17399]  ___sys_sendmsg+0x2a6/0x360
[  751.917368][T17399]  ? __sys_sendmsg+0x2a0/0x2a0
[  751.922199][T17399]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  751.929101][T17399]  __se_sys_sendmsg+0x1c2/0x2b0
[  751.934164][T17399]  ? __x64_sys_sendmsg+0x80/0x80
[  751.939320][T17399]  ? lockdep_hardirqs_on+0x98/0x150
[  751.944837][T17399]  do_syscall_64+0x55/0xa0
[  751.949278][T17399]  ? clear_bhb_loop+0x40/0x90
[  751.954188][T17399]  ? clear_bhb_loop+0x40/0x90
[  751.959162][T17399]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  751.965310][T17399] RIP: 0033:0x7f7f8419c819
[  751.969816][T17399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  751.990684][T17399] RSP: 002b:00007f7f84fa2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  751.999479][T17399] RAX: ffffffffffffffda RBX: 00007f7f84415fa0 RCX: 00007f7f8419c819
[  752.007478][T17399] RDX: 000000000000ff00 RSI: 0000200000000000 RDI: 0000000000000005
[  752.016427][T17399] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  752.025139][T17399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  752.033233][T17399] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  752.041411][T17399]  </TASK>
[  752.059381][T17403] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3811'.
[  752.069133][T17403] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3811'.
[  752.079455][T17403] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3811'.
[  752.108265][T17403] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3811'.
[  752.399588][T17418] FAULT_INJECTION: forcing a failure.
[  752.399588][T17418] name failslab, interval 1, probability 0, space 0, times 0
[  752.424580][T17418] CPU: 0 PID: 17418 Comm: syz.2.3814 Not tainted syzkaller #0
[  752.432204][T17418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  752.442383][T17418] Call Trace:
[  752.446049][T17418]  <TASK>
[  752.450747][T17418]  dump_stack_lvl+0x18c/0x250
[  752.456002][T17418]  ? show_regs_print_info+0x20/0x20
[  752.461266][T17418]  ? load_image+0x420/0x420
[  752.465907][T17418]  ? __might_sleep+0xe0/0xe0
[  752.470644][T17418]  ? __lock_acquire+0x7d40/0x7d40
[  752.475895][T17418]  should_fail_ex+0x39d/0x4d0
[  752.480791][T17418]  should_failslab+0x9/0x20
[  752.485432][T17418]  slab_pre_alloc_hook+0x59/0x310
[  752.490680][T17418]  kmem_cache_alloc+0x5a/0x2d0
[  752.495596][T17418]  ? rxrpc_alloc_call+0x272/0xc20
[  752.500754][T17418]  ? rxrpc_alloc_call+0x78/0xc20
[  752.505707][T17418]  rxrpc_alloc_call+0x272/0xc20
[  752.510635][T17418]  rxrpc_new_client_call+0xed/0x1410
[  752.516124][T17418]  rxrpc_do_sendmsg+0xc42/0x1280
[  752.521208][T17418]  ? rxrpc_propose_abort+0x200/0x200
[  752.526622][T17418]  ? rxrpc_sendmsg+0x391/0x5b0
[  752.531398][T17418]  ? rxrpc_getsockopt+0x150/0x150
[  752.536555][T17418]  ____sys_sendmsg+0x5ba/0x960
[  752.541935][T17418]  ? __lock_acquire+0x7d40/0x7d40
[  752.547533][T17418]  ? __sys_sendmsg_sock+0x30/0x30
[  752.553259][T17418]  ? __import_iovec+0x3fa/0x850
[  752.558310][T17418]  ? import_iovec+0x73/0xa0
[  752.563101][T17418]  ___sys_sendmsg+0x2a6/0x360
[  752.567823][T17418]  ? get_pid_task+0x20/0x1e0
[  752.573113][T17418]  ? __sys_sendmsg+0x2a0/0x2a0
[  752.578377][T17418]  ? __lock_acquire+0x7d40/0x7d40
[  752.583620][T17418]  __se_sys_sendmsg+0x1c2/0x2b0
[  752.589405][T17418]  ? __x64_sys_sendmsg+0x80/0x80
[  752.594733][T17418]  ? lockdep_hardirqs_on+0x98/0x150
[  752.600227][T17418]  do_syscall_64+0x55/0xa0
[  752.605016][T17418]  ? clear_bhb_loop+0x40/0x90
[  752.610594][T17418]  ? clear_bhb_loop+0x40/0x90
[  752.616450][T17418]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  752.622478][T17418] RIP: 0033:0x7f6363b9c819
[  752.627897][T17418] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  752.649009][T17418] RSP: 002b:00007f63649be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  752.657688][T17418] RAX: ffffffffffffffda RBX: 00007f6363e15fa0 RCX: 00007f6363b9c819
[  752.665921][T17418] RDX: 000000000000fc40 RSI: 0000200000000080 RDI: 0000000000000003
[  752.674439][T17418] RBP: 00007f63649be090 R08: 0000000000000000 R09: 0000000000000000
[  752.683086][T17418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  752.691251][T17418] R13: 00007f6363e16038 R14: 00007f6363e15fa0 R15: 00007ffe4d8f30f8
[  752.699778][T17418]  </TASK>
[  752.882080][T17421] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3815'.
[  753.610724][T17443] netlink: 'syz.1.3823': attribute type 2 has an invalid length.
[  753.639277][T17443] netlink: 'syz.1.3823': attribute type 8 has an invalid length.
[  753.659615][T17443] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3823'.
[  754.742627][T17461] netlink: 'syz.3.3828': attribute type 46 has an invalid length.
[  754.774850][T17461] netlink: 'syz.3.3828': attribute type 46 has an invalid length.
[  755.073947][T17466] netlink: 'syz.1.3829': attribute type 3 has an invalid length.
[  755.091387][T17466] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3829'.
[  755.705804][T17474] delete_channel: no stack
[  756.561636][T17495] netlink: 'syz.3.3837': attribute type 21 has an invalid length.
[  756.594609][T17495] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3837'.
[  757.103516][T17507] netlink: 13951 bytes leftover after parsing attributes in process `syz.3.3840'.
[  757.419165][T17510] mac80211_hwsim hwsim30 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  757.511418][T17510] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3841'.
[  758.002432][T17519] FAULT_INJECTION: forcing a failure.
[  758.002432][T17519] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  758.075390][T17519] CPU: 0 PID: 17519 Comm: syz.0.3844 Not tainted syzkaller #0
[  758.084482][T17519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  758.098430][T17519] Call Trace:
[  758.101890][T17519]  <TASK>
[  758.105400][T17519]  dump_stack_lvl+0x18c/0x250
[  758.110933][T17519]  ? show_regs_print_info+0x20/0x20
[  758.117430][T17519]  ? load_image+0x420/0x420
[  758.122710][T17519]  ? __lock_acquire+0x7d40/0x7d40
[  758.129977][T17519]  ? snprintf+0xe9/0x140
[  758.134810][T17519]  should_fail_ex+0x39d/0x4d0
[  758.141437][T17519]  _copy_to_user+0x2f/0xa0
[  758.147017][T17519]  simple_read_from_buffer+0xe7/0x150
[  758.153235][T17519]  proc_fail_nth_read+0x1e8/0x260
[  758.158531][T17519]  ? proc_fault_inject_write+0x360/0x360
[  758.165057][T17519]  ? fsnotify_perm+0x271/0x5e0
[  758.170450][T17519]  ? proc_fault_inject_write+0x360/0x360
[  758.176801][T17519]  vfs_read+0x28b/0x970
[  758.182194][T17519]  ? kernel_read+0x1e0/0x1e0
[  758.187552][T17519]  ? __fget_files+0x28/0x4b0
[  758.195651][T17519]  ? __fget_files+0x28/0x4b0
[  758.201907][T17519]  ? __fget_files+0x43d/0x4b0
[  758.207979][T17519]  ? __fdget_pos+0x2a3/0x330
[  758.214472][T17519]  ? ksys_read+0x75/0x260
[  758.219951][T17519]  ksys_read+0x150/0x260
[  758.225304][T17519]  ? vfs_write+0x990/0x990
[  758.230668][T17519]  ? lockdep_hardirqs_on+0x98/0x150
[  758.236899][T17519]  do_syscall_64+0x55/0xa0
[  758.242133][T17519]  ? clear_bhb_loop+0x40/0x90
[  758.247627][T17519]  ? clear_bhb_loop+0x40/0x90
[  758.253320][T17519]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  758.260403][T17519] RIP: 0033:0x7f7f8415d04e
[  758.265227][T17519] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  758.289646][T17519] RSP: 002b:00007f7f84fa1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  758.300622][T17519] RAX: ffffffffffffffda RBX: 00007f7f84fa26c0 RCX: 00007f7f8415d04e
[  758.312000][T17519] RDX: 000000000000000f RSI: 00007f7f84fa20a0 RDI: 0000000000000005
[  758.320715][T17519] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  758.329627][T17519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  758.338905][T17519] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  758.350573][T17519]  </TASK>
[  759.085541][T17532] netlink: 'syz.0.3847': attribute type 7 has an invalid length.
[  759.466322][T17541] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.3851'.
[  759.931862][T17542] �: port 1(vlan0) entered blocking state
[  759.964858][T17542] �: port 1(vlan0) entered disabled state
[  759.971547][T17542] vlan0: entered allmulticast mode
[  760.015640][T17542] veth0_vlan: entered allmulticast mode
[  760.080034][T17542] vlan0: entered promiscuous mode
[  761.032308][T17562] FAULT_INJECTION: forcing a failure.
[  761.032308][T17562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  761.093963][T17562] CPU: 0 PID: 17562 Comm: syz.0.3859 Not tainted syzkaller #0
[  761.102559][T17562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  761.114670][T17562] Call Trace:
[  761.119231][T17562]  <TASK>
[  761.122838][T17562]  dump_stack_lvl+0x18c/0x250
[  761.127597][T17562]  ? show_regs_print_info+0x20/0x20
[  761.133644][T17562]  ? load_image+0x420/0x420
[  761.138681][T17562]  ? __lock_acquire+0x7d40/0x7d40
[  761.144978][T17562]  ? snprintf+0xe9/0x140
[  761.150270][T17562]  should_fail_ex+0x39d/0x4d0
[  761.156182][T17562]  _copy_to_user+0x2f/0xa0
[  761.161748][T17562]  simple_read_from_buffer+0xe7/0x150
[  761.167880][T17562]  proc_fail_nth_read+0x1e8/0x260
[  761.174707][T17562]  ? proc_fault_inject_write+0x360/0x360
[  761.182571][T17562]  ? fsnotify_perm+0x271/0x5e0
[  761.188902][T17562]  ? proc_fault_inject_write+0x360/0x360
[  761.195073][T17562]  vfs_read+0x28b/0x970
[  761.199503][T17562]  ? kernel_read+0x1e0/0x1e0
[  761.204360][T17562]  ? __fget_files+0x28/0x4b0
[  761.209568][T17562]  ? __fget_files+0x28/0x4b0
[  761.214700][T17562]  ? __fget_files+0x43d/0x4b0
[  761.220367][T17562]  ? __fdget_pos+0x2a3/0x330
[  761.225466][T17562]  ? ksys_read+0x75/0x260
[  761.229970][T17562]  ksys_read+0x150/0x260
[  761.234991][T17562]  ? vfs_write+0x990/0x990
[  761.240166][T17562]  ? lockdep_hardirqs_on+0x98/0x150
[  761.245803][T17562]  do_syscall_64+0x55/0xa0
[  761.250983][T17562]  ? clear_bhb_loop+0x40/0x90
[  761.256518][T17562]  ? clear_bhb_loop+0x40/0x90
[  761.261537][T17562]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  761.268102][T17562] RIP: 0033:0x7f7f8415d04e
[  761.272562][T17562] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  761.294324][T17562] RSP: 002b:00007f7f84fa1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  761.303550][T17562] RAX: ffffffffffffffda RBX: 00007f7f84fa26c0 RCX: 00007f7f8415d04e
[  761.312105][T17562] RDX: 000000000000000f RSI: 00007f7f84fa20a0 RDI: 0000000000000004
[  761.320760][T17562] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  761.330713][T17562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  761.339233][T17562] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  761.350223][T17562]  </TASK>
[  763.698100][T17593] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.3866'.
[  763.765081][T17593] openvswitch: netlink: Tunnel attr 0 has unexpected len 1788 expected 8
[  765.886356][T17619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  770.916178][T17666] netlink: 'syz.1.3890': attribute type 21 has an invalid length.
[  770.935068][T17666] netlink: 'syz.1.3890': attribute type 1 has an invalid length.
[  770.951419][T17666] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3890'.
[  770.978328][T17667] netlink: 'syz.1.3890': attribute type 21 has an invalid length.
[  770.998394][T17667] netlink: 'syz.1.3890': attribute type 1 has an invalid length.
[  771.223408][T17670] netlink: 'syz.2.3889': attribute type 10 has an invalid length.
[  774.067697][T17719] FAULT_INJECTION: forcing a failure.
[  774.067697][T17719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  774.094862][T17719] CPU: 0 PID: 17719 Comm: syz.1.3906 Not tainted syzkaller #0
[  774.102600][T17719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  774.112974][T17719] Call Trace:
[  774.116318][T17719]  <TASK>
[  774.119304][T17719]  dump_stack_lvl+0x18c/0x250
[  774.124150][T17719]  ? show_regs_print_info+0x20/0x20
[  774.129600][T17719]  ? load_image+0x420/0x420
[  774.134207][T17719]  ? __lock_acquire+0x7d40/0x7d40
[  774.139468][T17719]  ? snprintf+0xe9/0x140
[  774.143877][T17719]  should_fail_ex+0x39d/0x4d0
[  774.148716][T17719]  _copy_to_user+0x2f/0xa0
[  774.153280][T17719]  simple_read_from_buffer+0xe7/0x150
[  774.158833][T17719]  proc_fail_nth_read+0x1e8/0x260
[  774.163912][T17719]  ? proc_fault_inject_write+0x360/0x360
[  774.169574][T17719]  ? fsnotify_perm+0x271/0x5e0
[  774.174436][T17719]  ? proc_fault_inject_write+0x360/0x360
[  774.180393][T17719]  vfs_read+0x28b/0x970
[  774.184687][T17719]  ? kernel_read+0x1e0/0x1e0
[  774.189606][T17719]  ? __fget_files+0x28/0x4b0
[  774.194379][T17719]  ? __fget_files+0x28/0x4b0
[  774.199344][T17719]  ? __fget_files+0x43d/0x4b0
[  774.204264][T17719]  ? __fdget_pos+0x2a3/0x330
[  774.208884][T17719]  ? ksys_read+0x75/0x260
[  774.213441][T17719]  ksys_read+0x150/0x260
[  774.217976][T17719]  ? vfs_write+0x990/0x990
[  774.222615][T17719]  ? lockdep_hardirqs_on+0x98/0x150
[  774.228015][T17719]  do_syscall_64+0x55/0xa0
[  774.232617][T17719]  ? clear_bhb_loop+0x40/0x90
[  774.237321][T17719]  ? clear_bhb_loop+0x40/0x90
[  774.242112][T17719]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  774.248051][T17719] RIP: 0033:0x7f95f055d04e
[  774.252603][T17719] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  774.272434][T17719] RSP: 002b:00007f95f139bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  774.281075][T17719] RAX: ffffffffffffffda RBX: 00007f95f139c6c0 RCX: 00007f95f055d04e
[  774.289504][T17719] RDX: 000000000000000f RSI: 00007f95f139c0a0 RDI: 0000000000000004
[  774.298428][T17719] RBP: 00007f95f139c090 R08: 0000000000000000 R09: 0000000000000000
[  774.307599][T17719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  774.315938][T17719] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  774.324239][T17719]  </TASK>
[  774.670379][T17728] netlink: 'syz.0.3908': attribute type 10 has an invalid length.
[  776.059709][T17753] netlink: 'syz.0.3917': attribute type 29 has an invalid length.
[  776.084013][T17753] netlink: 'syz.0.3917': attribute type 29 has an invalid length.
[  776.135528][T17755] netlink: 'syz.0.3917': attribute type 29 has an invalid length.
[  776.175018][T17756] netlink: 'syz.0.3917': attribute type 29 has an invalid length.
[  776.217424][T17753] netlink: 'syz.0.3917': attribute type 29 has an invalid length.
[  776.597314][T17765] netlink: 15998 bytes leftover after parsing attributes in process `syz.1.3921'.
[  776.704990][T17766] netlink: 13951 bytes leftover after parsing attributes in process `syz.3.3920'.
[  777.355872][T17778] netlink: 'syz.1.3923': attribute type 10 has an invalid length.
[  777.707160][T17781] FAULT_INJECTION: forcing a failure.
[  777.707160][T17781] name failslab, interval 1, probability 0, space 0, times 0
[  777.775351][T17781] CPU: 0 PID: 17781 Comm: syz.0.3927 Not tainted syzkaller #0
[  777.783178][T17781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  777.793643][T17781] Call Trace:
[  777.797167][T17781]  <TASK>
[  777.800249][T17781]  dump_stack_lvl+0x18c/0x250
[  777.805092][T17781]  ? sctp_sendmsg+0x1575/0x28c0
[  777.810003][T17781]  ? ___sys_sendmsg+0x2a6/0x360
[  777.815015][T17781]  ? show_regs_print_info+0x20/0x20
[  777.820379][T17781]  ? load_image+0x420/0x420
[  777.825100][T17781]  should_fail_ex+0x39d/0x4d0
[  777.830070][T17781]  should_failslab+0x9/0x20
[  777.835165][T17781]  slab_pre_alloc_hook+0x59/0x310
[  777.840267][T17781]  ? sctp_add_bind_addr+0x8c/0x360
[  777.845975][T17781]  __kmem_cache_alloc_node+0x53/0x250
[  777.851876][T17781]  ? sctp_add_bind_addr+0x8c/0x360
[  777.857225][T17781]  kmalloc_trace+0x2a/0xe0
[  777.861788][T17781]  sctp_add_bind_addr+0x8c/0x360
[  777.866784][T17781]  sctp_copy_local_addr_list+0x315/0x4f0
[  777.872512][T17781]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  777.878593][T17781]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  777.885242][T17781]  ? sctp_v4_is_any+0x35/0x60
[  777.890240][T17781]  ? sctp_copy_one_addr+0x8c/0x350
[  777.895918][T17781]  sctp_bind_addr_copy+0xb3/0x3c0
[  777.901091][T17781]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  777.907899][T17781]  sctp_connect_new_asoc+0x2f9/0x6a0
[  777.913361][T17781]  ? __sctp_connect+0xd80/0xd80
[  777.918731][T17781]  ? __local_bh_enable_ip+0x13a/0x1c0
[  777.924271][T17781]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  777.929969][T17781]  ? security_sctp_bind_connect+0x89/0xb0
[  777.936205][T17781]  sctp_sendmsg+0x1575/0x28c0
[  777.940990][T17781]  ? sctp_getsockopt+0xb60/0xb60
[  777.945988][T17781]  ? aa_sk_perm+0x83c/0x970
[  777.950647][T17781]  ? aa_af_perm+0x330/0x330
[  777.955204][T17781]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  777.961961][T17781]  ? sock_rps_record_flow+0x19/0x3f0
[  777.967661][T17781]  ? inet_sendmsg+0xe9/0x2f0
[  777.972311][T17781]  ? inet_send_prepare+0x260/0x260
[  777.977659][T17781]  ____sys_sendmsg+0x5ba/0x960
[  777.982661][T17781]  ? __lock_acquire+0x7d40/0x7d40
[  777.987905][T17781]  ? __asan_memset+0x22/0x40
[  777.992967][T17781]  ? __sys_sendmsg_sock+0x30/0x30
[  777.998291][T17781]  ? __import_iovec+0x5f2/0x850
[  778.003446][T17781]  ? import_iovec+0x73/0xa0
[  778.008188][T17781]  ___sys_sendmsg+0x2a6/0x360
[  778.012893][T17781]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  778.018760][T17781]  ? __sys_sendmsg+0x2a0/0x2a0
[  778.023853][T17781]  __se_sys_sendmsg+0x1c2/0x2b0
[  778.029149][T17781]  ? __x64_sys_sendmsg+0x80/0x80
[  778.035016][T17781]  ? lockdep_hardirqs_on+0x98/0x150
[  778.040734][T17781]  do_syscall_64+0x55/0xa0
[  778.045193][T17781]  ? clear_bhb_loop+0x40/0x90
[  778.050150][T17781]  ? clear_bhb_loop+0x40/0x90
[  778.054847][T17781]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  778.060762][T17781] RIP: 0033:0x7f7f8419c819
[  778.065292][T17781] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  778.085524][T17781] RSP: 002b:00007f7f84fa2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  778.094195][T17781] RAX: ffffffffffffffda RBX: 00007f7f84415fa0 RCX: 00007f7f8419c819
[  778.102569][T17781] RDX: 0000000000008054 RSI: 0000200000000ac0 RDI: 0000000000000004
[  778.110665][T17781] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  778.118768][T17781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  778.126949][T17781] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  778.135349][T17781]  </TASK>
[  779.238885][T17799] netlink: 13951 bytes leftover after parsing attributes in process `syz.2.3933'.
[  781.434797][T17823] netlink: 'syz.1.3937': attribute type 10 has an invalid length.
[  782.596674][T17834] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.3943'.
[  786.102268][T17849] FAULT_INJECTION: forcing a failure.
[  786.102268][T17849] name failslab, interval 1, probability 0, space 0, times 0
[  786.157161][T17849] CPU: 1 PID: 17849 Comm: syz.1.3948 Not tainted syzkaller #0
[  786.164923][T17849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  786.175561][T17849] Call Trace:
[  786.178888][T17849]  <TASK>
[  786.182536][T17849]  dump_stack_lvl+0x18c/0x250
[  786.187495][T17849]  ? show_regs_print_info+0x20/0x20
[  786.192864][T17849]  ? load_image+0x420/0x420
[  786.197628][T17849]  ? __might_sleep+0xe0/0xe0
[  786.202464][T17849]  ? __lock_acquire+0x7d40/0x7d40
[  786.208337][T17849]  ? trace_call_bpf+0x5e9/0x6c0
[  786.213273][T17849]  ? trace_call_bpf+0xc3/0x6c0
[  786.218975][T17849]  should_fail_ex+0x39d/0x4d0
[  786.223928][T17849]  should_failslab+0x9/0x20
[  786.228731][T17849]  slab_pre_alloc_hook+0x59/0x310
[  786.234121][T17849]  kmem_cache_alloc_node+0x60/0x320
[  786.240188][T17849]  ? __alloc_skb+0x103/0x2c0
[  786.244851][T17849]  __alloc_skb+0x103/0x2c0
[  786.249555][T17849]  __ip6_append_data+0x2abc/0x3c50
[  786.254839][T17849]  ? ip6_mtu+0x7d/0x3f0
[  786.259219][T17849]  ? rawv6_send_hdrinc+0x1640/0x1640
[  786.264760][T17849]  ? ip6_mtu+0x7d/0x3f0
[  786.269331][T17849]  ? ip6_setup_cork+0xfe0/0xfe0
[  786.274307][T17849]  ip6_append_data+0x1b0/0x350
[  786.279299][T17849]  ? rawv6_send_hdrinc+0x1640/0x1640
[  786.285049][T17849]  rawv6_sendmsg+0x1264/0x1770
[  786.290198][T17849]  ? compat_rawv6_ioctl+0x70/0x70
[  786.295306][T17849]  ? aa_sk_perm+0x83c/0x970
[  786.300102][T17849]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  786.306824][T17849]  ? inet_sendmsg+0x7c/0x2f0
[  786.311550][T17849]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  786.316911][T17849]  ? security_socket_sendmsg+0x80/0xa0
[  786.322530][T17849]  ? inet_send_prepare+0x260/0x260
[  786.327822][T17849]  ____sys_sendmsg+0x5ba/0x960
[  786.332758][T17849]  ? __lock_acquire+0x7d40/0x7d40
[  786.337883][T17849]  ? __asan_memset+0x22/0x40
[  786.342617][T17849]  ? __sys_sendmsg_sock+0x30/0x30
[  786.347686][T17849]  ? __import_iovec+0x3fa/0x850
[  786.352624][T17849]  ? import_iovec+0x73/0xa0
[  786.357247][T17849]  ___sys_sendmsg+0x2a6/0x360
[  786.362424][T17849]  ? __sys_sendmsg+0x2a0/0x2a0
[  786.367389][T17849]  ? __lock_acquire+0x7d40/0x7d40
[  786.372551][T17849]  __se_sys_sendmsg+0x1c2/0x2b0
[  786.377572][T17849]  ? __x64_sys_sendmsg+0x80/0x80
[  786.383002][T17849]  ? lockdep_hardirqs_on+0x98/0x150
[  786.388806][T17849]  do_syscall_64+0x55/0xa0
[  786.393437][T17849]  ? clear_bhb_loop+0x40/0x90
[  786.398294][T17849]  ? clear_bhb_loop+0x40/0x90
[  786.403225][T17849]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  786.409686][T17849] RIP: 0033:0x7f95f059c819
[  786.414424][T17849] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  786.435643][T17849] RSP: 002b:00007f95f139c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  786.444925][T17849] RAX: ffffffffffffffda RBX: 00007f95f0815fa0 RCX: 00007f95f059c819
[  786.453919][T17849] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  786.463434][T17849] RBP: 00007f95f139c090 R08: 0000000000000000 R09: 0000000000000000
[  786.472508][T17849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  786.480981][T17849] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  786.490039][T17849]  </TASK>
[  786.829961][T17859] netlink: 'syz.2.3947': attribute type 10 has an invalid length.
[  786.896689][T17858] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.3950'.
[  787.686583][T17876] netlink: 14207 bytes leftover after parsing attributes in process `syz.2.3955'.
[  788.007138][T17875] netlink: 'syz.0.3956': attribute type 29 has an invalid length.
[  788.055103][T17875] netlink: 'syz.0.3956': attribute type 29 has an invalid length.
[  788.086035][T17878] netlink: 'syz.0.3956': attribute type 29 has an invalid length.
[  788.096418][T17880] netlink: 'syz.0.3956': attribute type 29 has an invalid length.
[  788.131848][T17875] netlink: 'syz.0.3956': attribute type 29 has an invalid length.
[  790.246364][T17907] netlink: 209592 bytes leftover after parsing attributes in process `syz.1.3965'.
[  790.511405][T17910] netlink: 'syz.3.3963': attribute type 10 has an invalid length.
[  791.466587][T17921] netlink: 'syz.3.3969': attribute type 10 has an invalid length.
[  791.599531][T17921] netlink: 'syz.3.3969': attribute type 9 has an invalid length.
[  791.657906][T17921] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3969'.
[  792.067094][T17934] FAULT_INJECTION: forcing a failure.
[  792.067094][T17934] name failslab, interval 1, probability 0, space 0, times 0
[  792.131148][T17934] CPU: 0 PID: 17934 Comm: syz.1.3971 Not tainted syzkaller #0
[  792.139746][T17934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  792.150581][T17934] Call Trace:
[  792.154124][T17934]  <TASK>
[  792.157334][T17934]  dump_stack_lvl+0x18c/0x250
[  792.163074][T17934]  ? show_regs_print_info+0x20/0x20
[  792.168393][T17934]  ? load_image+0x420/0x420
[  792.173360][T17934]  ? __might_sleep+0xe0/0xe0
[  792.178216][T17934]  ? __lock_acquire+0x7d40/0x7d40
[  792.183689][T17934]  should_fail_ex+0x39d/0x4d0
[  792.188543][T17934]  should_failslab+0x9/0x20
[  792.193390][T17934]  slab_pre_alloc_hook+0x59/0x310
[  792.198835][T17934]  ? __lock_acquire+0x7d40/0x7d40
[  792.204207][T17934]  kmem_cache_alloc_node+0x60/0x320
[  792.209921][T17934]  ? __alloc_skb+0x103/0x2c0
[  792.215016][T17934]  __alloc_skb+0x103/0x2c0
[  792.220224][T17934]  netlink_sendmsg+0x66a/0xbf0
[  792.225149][T17934]  ? perf_trace_lock+0x304/0x3b0
[  792.230438][T17934]  ? netlink_getsockopt+0x590/0x590
[  792.236412][T17934]  ? aa_sock_msg_perm+0x94/0x150
[  792.242481][T17934]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  792.248150][T17934]  ? security_socket_sendmsg+0x80/0xa0
[  792.254027][T17934]  ? netlink_getsockopt+0x590/0x590
[  792.259313][T17934]  ____sys_sendmsg+0x5ba/0x960
[  792.264364][T17934]  ? __asan_memset+0x22/0x40
[  792.270051][T17934]  ? __sys_sendmsg_sock+0x30/0x30
[  792.275417][T17934]  ? __import_iovec+0x5f2/0x850
[  792.280336][T17934]  ? import_iovec+0x73/0xa0
[  792.284976][T17934]  ___sys_sendmsg+0x2a6/0x360
[  792.289869][T17934]  ? __sys_sendmsg+0x2a0/0x2a0
[  792.295005][T17934]  ? __lock_acquire+0x7d40/0x7d40
[  792.300134][T17934]  __se_sys_sendmsg+0x1c2/0x2b0
[  792.305406][T17934]  ? __x64_sys_sendmsg+0x80/0x80
[  792.310866][T17934]  ? lockdep_hardirqs_on+0x98/0x150
[  792.316224][T17934]  do_syscall_64+0x55/0xa0
[  792.320967][T17934]  ? clear_bhb_loop+0x40/0x90
[  792.325951][T17934]  ? clear_bhb_loop+0x40/0x90
[  792.330817][T17934]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  792.337623][T17934] RIP: 0033:0x7f95f059c819
[  792.342378][T17934] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  792.363163][T17934] RSP: 002b:00007f95f137b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  792.371693][T17934] RAX: ffffffffffffffda RBX: 00007f95f0816090 RCX: 00007f95f059c819
[  792.380774][T17934] RDX: 0000000020000890 RSI: 00002000000001c0 RDI: 0000000000000005
[  792.389242][T17934] RBP: 00007f95f137b090 R08: 0000000000000000 R09: 0000000000000000
[  792.398083][T17934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  792.407084][T17934] R13: 00007f95f0816128 R14: 00007f95f0816090 R15: 00007ffccd4ef968
[  792.415392][T17934]  </TASK>
[  792.502435][T17926] netlink: 'syz.3.3969': attribute type 9 has an invalid length.
[  792.521096][T17926] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3969'.
[  794.518742][T17957] netlink: 209592 bytes leftover after parsing attributes in process `syz.3.3978'.
[  794.648871][T17964] netlink: 'syz.0.3977': attribute type 10 has an invalid length.
[  796.635699][T17982] netlink: 'syz.1.3986': attribute type 1 has an invalid length.
[  796.659031][T17982] netlink: 'syz.1.3986': attribute type 3 has an invalid length.
[  796.681565][T17982] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3986'.
[  797.324174][T17999] netlink: 'syz.2.3991': attribute type 10 has an invalid length.
[  797.603651][T18007] netlink: 'syz.1.3997': attribute type 21 has an invalid length.
[  800.065274][T18030] netlink: 14975 bytes leftover after parsing attributes in process `syz.2.4003'.
[  800.922985][T18042] netlink: 'syz.3.4005': attribute type 27 has an invalid length.
[  800.956141][T18042] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4005'.
[  800.974044][T18043] netlink: 'syz.3.4005': attribute type 27 has an invalid length.
[  801.013029][T18043] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4005'.
[  803.462075][T18075] netlink: 14463 bytes leftover after parsing attributes in process `syz.1.4015'.
[  804.956703][T18093] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4020'.
[  804.992624][T18093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  805.004670][T18093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  805.017080][T18093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  805.029052][T18093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  805.040894][T18093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  805.068325][T18093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  805.158998][T18093] batadv_slave_1: entered promiscuous mode
[  806.140230][T18114] netlink: 14463 bytes leftover after parsing attributes in process `syz.2.4027'.
[  807.372119][T18130] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4034'.
[  807.429234][T18130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  807.484855][T18130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  807.505304][T18130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  807.606784][T18130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  807.644276][T18130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  807.661385][T18130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  808.743781][T18153] netlink: 14463 bytes leftover after parsing attributes in process `syz.2.4041'.
[  808.809654][T18154] netlink: 'syz.3.4042': attribute type 27 has an invalid length.
[  808.844272][T18154] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4042'.
[  809.471980][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  809.479033][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  810.327241][T18171] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4047'.
[  810.343544][T18171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.357588][T18171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.376596][T18171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.397249][T18171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.414515][T18171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.437733][T18171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.463211][T18171] batadv_slave_1: entered promiscuous mode
[  811.319680][T18184] netlink: 'syz.2.4051': attribute type 27 has an invalid length.
[  811.328186][T18184] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4051'.
[  812.408431][T18198] FAULT_INJECTION: forcing a failure.
[  812.408431][T18198] name failslab, interval 1, probability 0, space 0, times 0
[  812.494883][T18198] CPU: 0 PID: 18198 Comm: syz.0.4055 Not tainted syzkaller #0
[  812.502566][T18198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  812.512864][T18198] Call Trace:
[  812.516183][T18198]  <TASK>
[  812.519152][T18198]  dump_stack_lvl+0x18c/0x250
[  812.523882][T18198]  ? show_regs_print_info+0x20/0x20
[  812.529405][T18198]  ? load_image+0x420/0x420
[  812.534079][T18198]  ? __might_sleep+0xe0/0xe0
[  812.538956][T18198]  ? __lock_acquire+0x7d40/0x7d40
[  812.544468][T18198]  should_fail_ex+0x39d/0x4d0
[  812.549669][T18198]  should_failslab+0x9/0x20
[  812.554487][T18198]  slab_pre_alloc_hook+0x59/0x310
[  812.559785][T18198]  ? apparmor_sk_alloc_security+0x77/0x100
[  812.565736][T18198]  __kmem_cache_alloc_node+0x53/0x250
[  812.571340][T18198]  ? apparmor_sk_alloc_security+0x77/0x100
[  812.577257][T18198]  kmalloc_trace+0x2a/0xe0
[  812.581704][T18198]  apparmor_sk_alloc_security+0x77/0x100
[  812.587644][T18198]  security_sk_alloc+0x6e/0xa0
[  812.592553][T18198]  sk_prot_alloc+0x101/0x210
[  812.597595][T18198]  ? sk_alloc+0x24/0x360
[  812.602416][T18198]  sk_alloc+0x3a/0x360
[  812.606796][T18198]  ? bpf_ctx_init+0x163/0x1a0
[  812.611704][T18198]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  812.617577][T18198]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  812.623419][T18198]  ? lockdep_hardirqs_on+0x98/0x150
[  812.629252][T18198]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  812.636184][T18198]  ? cpu_online+0x60/0x60
[  812.640753][T18198]  bpf_prog_test_run+0x321/0x390
[  812.645897][T18198]  __sys_bpf+0x49d/0x890
[  812.650232][T18198]  ? bpf_link_show_fdinfo+0x390/0x390
[  812.655947][T18198]  ? lock_chain_count+0x20/0x20
[  812.660962][T18198]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  812.667082][T18198]  __x64_sys_bpf+0x7c/0x90
[  812.671560][T18198]  do_syscall_64+0x55/0xa0
[  812.676114][T18198]  ? clear_bhb_loop+0x40/0x90
[  812.680871][T18198]  ? clear_bhb_loop+0x40/0x90
[  812.685591][T18198]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  812.691544][T18198] RIP: 0033:0x7f7f8419c819
[  812.696088][T18198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  812.716428][T18198] RSP: 002b:00007f7f84fa2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  812.725053][T18198] RAX: ffffffffffffffda RBX: 00007f7f84415fa0 RCX: 00007f7f8419c819
[  812.734449][T18198] RDX: 0000000000000048 RSI: 00002000000002c0 RDI: 000000000000000a
[  812.742571][T18198] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  812.750593][T18198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  812.758789][T18198] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  812.766931][T18198]  </TASK>
[  814.608697][T18221] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4060'.
[  814.658730][T18221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.693212][T18221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.743334][T18221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.787852][T18221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.829339][T18221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.883642][T18221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.939710][T18221] batadv_slave_1: entered promiscuous mode
[  815.266084][T18235] netlink: 14975 bytes leftover after parsing attributes in process `syz.3.4066'.
[  818.647121][T18282] netlink: 14975 bytes leftover after parsing attributes in process `syz.0.4080'.
[  820.038770][T18292] syzkaller0: entered promiscuous mode
[  820.065886][T18292] syzkaller0: entered allmulticast mode
[  821.083824][T18308] FAULT_INJECTION: forcing a failure.
[  821.083824][T18308] name failslab, interval 1, probability 0, space 0, times 0
[  821.152790][T18308] CPU: 1 PID: 18308 Comm: syz.3.4087 Not tainted syzkaller #0
[  821.160354][T18308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  821.170746][T18308] Call Trace:
[  821.174258][T18308]  <TASK>
[  821.177252][T18308]  dump_stack_lvl+0x18c/0x250
[  821.182457][T18308]  ? show_regs_print_info+0x20/0x20
[  821.188049][T18308]  ? load_image+0x420/0x420
[  821.193060][T18308]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  821.199769][T18308]  ? __asan_memset+0x22/0x40
[  821.205133][T18308]  should_fail_ex+0x39d/0x4d0
[  821.210251][T18308]  should_failslab+0x9/0x20
[  821.215006][T18308]  slab_pre_alloc_hook+0x59/0x310
[  821.221014][T18308]  ? __debug_object_init+0xec/0x450
[  821.228731][T18308]  kmem_cache_alloc+0x5a/0x2d0
[  821.234080][T18308]  ? slab_build_skb+0x2b/0x3f0
[  821.239092][T18308]  slab_build_skb+0x2b/0x3f0
[  821.244461][T18308]  bpf_prog_test_run_skb+0x3c8/0x12b0
[  821.250490][T18308]  ? __fget_files+0x28/0x4b0
[  821.255203][T18308]  ? __fget_files+0x28/0x4b0
[  821.260398][T18308]  ? __fget_files+0x43d/0x4b0
[  821.265677][T18308]  ? cpu_online+0x60/0x60
[  821.270503][T18308]  bpf_prog_test_run+0x321/0x390
[  821.275842][T18308]  __sys_bpf+0x49d/0x890
[  821.280990][T18308]  ? bpf_link_show_fdinfo+0x390/0x390
[  821.286569][T18308]  ? lock_chain_count+0x20/0x20
[  821.291509][T18308]  __x64_sys_bpf+0x7c/0x90
[  821.296808][T18308]  do_syscall_64+0x55/0xa0
[  821.301290][T18308]  ? clear_bhb_loop+0x40/0x90
[  821.306272][T18308]  ? clear_bhb_loop+0x40/0x90
[  821.311112][T18308]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  821.317161][T18308] RIP: 0033:0x7fde2d59c819
[  821.321725][T18308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  821.341676][T18308] RSP: 002b:00007fde2e3a1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  821.350141][T18308] RAX: ffffffffffffffda RBX: 00007fde2d815fa0 RCX: 00007fde2d59c819
[  821.358427][T18308] RDX: 0000000000000048 RSI: 00002000000002c0 RDI: 000000000000000a
[  821.366634][T18308] RBP: 00007fde2e3a1090 R08: 0000000000000000 R09: 0000000000000000
[  821.374645][T18308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  821.382860][T18308] R13: 00007fde2d816038 R14: 00007fde2d815fa0 R15: 00007ffd7c8b71f8
[  821.390919][T18308]  </TASK>
[  821.764108][T18320] netlink: 14975 bytes leftover after parsing attributes in process `syz.2.4091'.
[  822.300465][T18312] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4088'.
[  824.466298][T18359] netlink: 14975 bytes leftover after parsing attributes in process `syz.1.4103'.
[  829.855230][T18412] netlink: 'syz.1.4119': attribute type 17 has an invalid length.
[  831.275208][T18426] netlink: 'syz.2.4120': attribute type 10 has an invalid length.
[  833.958824][T18438] netlink: 'syz.3.4123': attribute type 10 has an invalid length.
[  834.314307][T18447] FAULT_INJECTION: forcing a failure.
[  834.314307][T18447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  834.345812][T18448] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4122'.
[  834.357147][T18447] CPU: 1 PID: 18447 Comm: syz.1.4128 Not tainted syzkaller #0
[  834.364876][T18447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  834.375779][T18447] Call Trace:
[  834.379134][T18447]  <TASK>
[  834.382211][T18447]  dump_stack_lvl+0x18c/0x250
[  834.387148][T18447]  ? show_regs_print_info+0x20/0x20
[  834.392606][T18447]  ? load_image+0x420/0x420
[  834.397186][T18447]  ? __might_fault+0xaa/0x120
[  834.401915][T18447]  ? __lock_acquire+0x7d40/0x7d40
[  834.407027][T18447]  should_fail_ex+0x39d/0x4d0
[  834.411789][T18447]  _copy_from_user+0x2f/0xe0
[  834.416542][T18447]  sk_setsockopt+0x26b/0x2bc0
[  834.421343][T18447]  ? sockopt_capable+0x60/0x60
[  834.426230][T18447]  ? aa_sk_perm+0x83c/0x970
[  834.430817][T18447]  ? __fget_files+0x28/0x4b0
[  834.435580][T18447]  ? aa_af_perm+0x330/0x330
[  834.440148][T18447]  ? __fget_files+0x28/0x4b0
[  834.444795][T18447]  ? __fget_files+0x28/0x4b0
[  834.449544][T18447]  ? aa_sock_opt_perm+0x74/0x100
[  834.454651][T18447]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  834.460428][T18447]  ? security_socket_setsockopt+0x7e/0xa0
[  834.466218][T18447]  do_sock_setsockopt+0x11b/0x1a0
[  834.471423][T18447]  __x64_sys_setsockopt+0x182/0x200
[  834.476930][T18447]  do_syscall_64+0x55/0xa0
[  834.481409][T18447]  ? clear_bhb_loop+0x40/0x90
[  834.486424][T18447]  ? clear_bhb_loop+0x40/0x90
[  834.491148][T18447]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  834.497089][T18447] RIP: 0033:0x7f95f059c819
[  834.501570][T18447] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  834.521525][T18447] RSP: 002b:00007f95f139c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  834.530156][T18447] RAX: ffffffffffffffda RBX: 00007f95f0815fa0 RCX: 00007f95f059c819
[  834.538323][T18447] RDX: 0000000000000019 RSI: 0000000000000001 RDI: 0000000000000003
[  834.546531][T18447] RBP: 00007f95f139c090 R08: 0000000000000004 R09: 0000000000000000
[  834.554619][T18447] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  834.562644][T18447] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  834.570774][T18447]  </TASK>
[  834.587697][T18448] debugfs: Directory '!!�' with parent 'ieee80211' already present!
[  835.565942][T18461] FAULT_INJECTION: forcing a failure.
[  835.565942][T18461] name failslab, interval 1, probability 0, space 0, times 0
[  835.586427][T18461] CPU: 1 PID: 18461 Comm: syz.0.4131 Not tainted syzkaller #0
[  835.594153][T18461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  835.604621][T18461] Call Trace:
[  835.607953][T18461]  <TASK>
[  835.611041][T18461]  dump_stack_lvl+0x18c/0x250
[  835.615964][T18461]  ? show_regs_print_info+0x20/0x20
[  835.621480][T18461]  ? load_image+0x420/0x420
[  835.626175][T18461]  ? __might_sleep+0xe0/0xe0
[  835.631005][T18461]  ? __lock_acquire+0x7d40/0x7d40
[  835.636122][T18461]  should_fail_ex+0x39d/0x4d0
[  835.640920][T18461]  should_failslab+0x9/0x20
[  835.645597][T18461]  slab_pre_alloc_hook+0x59/0x310
[  835.650701][T18461]  ? kvmalloc_node+0x70/0x180
[  835.655621][T18461]  ? kvmalloc_node+0x70/0x180
[  835.660371][T18461]  __kmem_cache_alloc_node+0x53/0x250
[  835.665929][T18461]  ? kvmalloc_node+0x70/0x180
[  835.671022][T18461]  __kmalloc_node+0xa4/0x230
[  835.675894][T18461]  kvmalloc_node+0x70/0x180
[  835.680466][T18461]  page_pool_create+0x1eb/0x5c0
[  835.685390][T18461]  bpf_test_run_xdp_live+0x203/0x1b20
[  835.690990][T18461]  ? bpf_dispatcher_xdp+0x800/0x1000
[  835.696330][T18461]  ? bpf_dispatcher_xdp+0x800/0x1000
[  835.701699][T18461]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[  835.707920][T18461]  ? bpf_dispatcher_xdp+0x800/0x1000
[  835.713368][T18461]  ? xdp_convert_md_to_buff+0x330/0x330
[  835.719371][T18461]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  835.725845][T18461]  ? _copy_from_user+0xa5/0xe0
[  835.730667][T18461]  ? bpf_test_init+0x119/0x140
[  835.735588][T18461]  ? xdp_convert_md_to_buff+0x5b/0x330
[  835.741227][T18461]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[  835.747037][T18461]  ? dev_put+0x80/0x80
[  835.751557][T18461]  ? dev_put+0x80/0x80
[  835.755957][T18461]  bpf_prog_test_run+0x321/0x390
[  835.761109][T18461]  __sys_bpf+0x49d/0x890
[  835.765837][T18461]  ? bpf_link_show_fdinfo+0x390/0x390
[  835.771929][T18461]  ? lock_chain_count+0x20/0x20
[  835.777055][T18461]  __x64_sys_bpf+0x7c/0x90
[  835.782362][T18461]  do_syscall_64+0x55/0xa0
[  835.787982][T18461]  ? clear_bhb_loop+0x40/0x90
[  835.793314][T18461]  ? clear_bhb_loop+0x40/0x90
[  835.798597][T18461]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  835.804738][T18461] RIP: 0033:0x7f7f8419c819
[  835.809223][T18461] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  835.829930][T18461] RSP: 002b:00007f7f84f81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  835.838761][T18461] RAX: ffffffffffffffda RBX: 00007f7f84416090 RCX: 00007f7f8419c819
[  835.847299][T18461] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  835.855453][T18461] RBP: 00007f7f84f81090 R08: 0000000000000000 R09: 0000000000000000
[  835.863462][T18461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  835.871908][T18461] R13: 00007f7f84416128 R14: 00007f7f84416090 R15: 00007fff83083bb8
[  835.880128][T18461]  </TASK>
[  835.965125][T18461] page_pool_create() gave up with errno -12
[  836.793322][T18474] netlink: 14975 bytes leftover after parsing attributes in process `syz.0.4135'.
[  837.011995][T18479] netlink: 'syz.3.4136': attribute type 27 has an invalid length.
[  837.027086][T18479] netlink: 2418 bytes leftover after parsing attributes in process `syz.3.4136'.
[  837.063046][T18479] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4136'.
[  837.087129][T18478] netlink: 'syz.2.4133': attribute type 10 has an invalid length.
[  840.563315][T18515] FAULT_INJECTION: forcing a failure.
[  840.563315][T18515] name failslab, interval 1, probability 0, space 0, times 0
[  840.635367][T18515] CPU: 1 PID: 18515 Comm: syz.2.4146 Not tainted syzkaller #0
[  840.642949][T18515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  840.653504][T18515] Call Trace:
[  840.657118][T18515]  <TASK>
[  840.660097][T18515]  dump_stack_lvl+0x18c/0x250
[  840.665013][T18515]  ? __se_sys_sendmsg+0x1c2/0x2b0
[  840.670359][T18515]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  840.677397][T18515]  ? show_regs_print_info+0x20/0x20
[  840.683398][T18515]  ? load_image+0x420/0x420
[  840.688213][T18515]  should_fail_ex+0x39d/0x4d0
[  840.692979][T18515]  should_failslab+0x9/0x20
[  840.698071][T18515]  slab_pre_alloc_hook+0x59/0x310
[  840.703796][T18515]  ? nf_ct_ext_add+0x1ab/0x440
[  840.708749][T18515]  ? nf_ct_ext_add+0x1ab/0x440
[  840.714106][T18515]  __kmem_cache_alloc_node+0x53/0x250
[  840.720279][T18515]  ? nf_ct_ext_add+0x1ab/0x440
[  840.725830][T18515]  __kmalloc_node_track_caller+0xa2/0x230
[  840.732065][T18515]  krealloc+0x86/0x120
[  840.736558][T18515]  nf_ct_ext_add+0x1ab/0x440
[  840.741511][T18515]  init_conntrack+0x69c/0xf10
[  840.747537][T18515]  ? early_drop+0x7f0/0x7f0
[  840.752542][T18515]  ? nf_conntrack_find_get+0x650/0x650
[  840.758587][T18515]  ? __local_bh_enable_ip+0x13a/0x1c0
[  840.764589][T18515]  ? __siphash_unaligned+0x22e/0x3a0
[  840.770622][T18515]  nf_conntrack_in+0xc06/0x15c0
[  840.776067][T18515]  ? nf_ct_pernet+0x270/0x270
[  840.781432][T18515]  ? ipt_do_table+0x2c1/0x15e0
[  840.786406][T18515]  ? ipv4_conntrack_defrag+0x29d/0x5a0
[  840.792125][T18515]  ? ipv4_conntrack_local+0x123/0x200
[  840.798269][T18515]  ? ipv4_conntrack_in+0x20/0x20
[  840.803685][T18515]  nf_hook_slow+0xbd/0x200
[  840.808363][T18515]  ? nf_hook+0x390/0x390
[  840.812873][T18515]  nf_hook+0x228/0x390
[  840.818302][T18515]  ? nf_hook+0xa2/0x390
[  840.822790][T18515]  ? __ip_local_out+0x5f0/0x5f0
[  840.827715][T18515]  ? nf_hook+0x390/0x390
[  840.832032][T18515]  ? __lock_acquire+0x7d40/0x7d40
[  840.837254][T18515]  __ip_local_out+0x4db/0x5f0
[  840.842616][T18515]  ? nf_hook+0x390/0x390
[  840.847391][T18515]  ? __ip_queue_xmit+0x5d/0x1950
[  840.852501][T18515]  __ip_queue_xmit+0xf7c/0x1950
[  840.857728][T18515]  ? __ip_queue_xmit+0x5d/0x1950
[  840.862969][T18515]  __tcp_transmit_skb+0x1d6b/0x33f0
[  840.868738][T18515]  ? __tcp_send_ack+0x5a0/0x5a0
[  840.873723][T18515]  ? tcp_fastopen_cookie_check+0x26d/0x3c0
[  840.879747][T18515]  tcp_connect+0x327a/0x5190
[  840.884875][T18515]  ? tcp_options_write+0xc70/0xc70
[  840.890141][T18515]  ? get_random_u16+0x16e/0x970
[  840.895249][T18515]  ? get_random_u16+0x513/0x970
[  840.900281][T18515]  ? __asan_memset+0x22/0x40
[  840.905146][T18515]  ? tcp_fastopen_active_should_disable+0x240/0x240
[  840.911836][T18515]  ? sk_setup_caps+0x7dc/0xa10
[  840.916690][T18515]  ? dst_release+0x72/0x1a0
[  840.921437][T18515]  tcp_v4_connect+0xfee/0x18e0
[  840.926295][T18515]  ? __stack_depot_save+0x1f/0x630
[  840.931713][T18515]  ? tcp_twsk_unique+0x990/0x990
[  840.936841][T18515]  __inet_stream_connect+0x254/0xdc0
[  840.942496][T18515]  ? inet_dgram_connect+0x360/0x360
[  840.948014][T18515]  tcp_sendmsg_fastopen+0x3a7/0x5d0
[  840.953314][T18515]  tcp_sendmsg_locked+0x4621/0x4bd0
[  840.959198][T18515]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  840.965803][T18515]  ? perf_trace_lock+0x304/0x3b0
[  840.971090][T18515]  ? trace_event_raw_event_lock+0x250/0x250
[  840.977092][T18515]  ? mark_lock+0x94/0x320
[  840.982051][T18515]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  840.988192][T18515]  ? lock_chain_count+0x20/0x20
[  840.993580][T18515]  ? tcp_set_state+0x680/0x680
[  840.998788][T18515]  tcp_sendmsg+0x2f/0x50
[  841.003545][T18515]  ? inet_send_prepare+0x260/0x260
[  841.008829][T18515]  ____sys_sendmsg+0x5ba/0x960
[  841.013658][T18515]  ? __lock_acquire+0x7d40/0x7d40
[  841.019501][T18515]  ? __asan_memset+0x22/0x40
[  841.024963][T18515]  ? __sys_sendmsg_sock+0x30/0x30
[  841.030696][T18515]  ? __import_iovec+0x3fa/0x850
[  841.036240][T18515]  ? import_iovec+0x73/0xa0
[  841.041280][T18515]  ___sys_sendmsg+0x2a6/0x360
[  841.046392][T18515]  ? __sys_sendmsg+0x2a0/0x2a0
[  841.051646][T18515]  ? __lock_acquire+0x7d40/0x7d40
[  841.056934][T18515]  __se_sys_sendmsg+0x1c2/0x2b0
[  841.062035][T18515]  ? __x64_sys_sendmsg+0x80/0x80
[  841.067096][T18515]  ? lockdep_hardirqs_on+0x98/0x150
[  841.072390][T18515]  do_syscall_64+0x55/0xa0
[  841.077256][T18515]  ? clear_bhb_loop+0x40/0x90
[  841.082726][T18515]  ? clear_bhb_loop+0x40/0x90
[  841.087489][T18515]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  841.093474][T18515] RIP: 0033:0x7f6363b9c819
[  841.097963][T18515] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  841.117895][T18515] RSP: 002b:00007f636499d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  841.126553][T18515] RAX: ffffffffffffffda RBX: 00007f6363e16090 RCX: 00007f6363b9c819
[  841.134779][T18515] RDX: 0000000030004081 RSI: 0000200000000080 RDI: 0000000000000003
[  841.142907][T18515] RBP: 00007f636499d090 R08: 0000000000000000 R09: 0000000000000000
[  841.150932][T18515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  841.159205][T18515] R13: 00007f6363e16128 R14: 00007f6363e16090 R15: 00007ffe4d8f30f8
[  841.167410][T18515]  </TASK>
[  841.957471][T18525] netlink: 'syz.1.4155': attribute type 27 has an invalid length.
[  842.024999][T18525] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.4155'.
[  842.154882][T18525] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4155'.
[  845.073547][T18533] netlink: 'syz.2.4149': attribute type 10 has an invalid length.
[  847.613711][T18572] netlink: 'syz.2.4161': attribute type 27 has an invalid length.
[  847.685803][T18572] netlink: 2418 bytes leftover after parsing attributes in process `syz.2.4161'.
[  847.846972][T18575] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4161'.
[  848.917345][T18576] netlink: 'syz.1.4163': attribute type 4 has an invalid length.
[  848.944756][T18576] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4163'.
[  849.459921][T18585] Dead loop on virtual device ip6_vti0, fix it urgently!
[  849.641274][T18585] netlink: 149576 bytes leftover after parsing attributes in process `syz.1.4165'.
[  849.705284][T18585] openvswitch: netlink: Message has 20476 unknown bytes.
[  851.671551][T18604] netlink: 'syz.3.4170': attribute type 10 has an invalid length.
[  851.698824][T18604] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  851.732204][T18604] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  851.764959][T18604] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  851.847477][T18604] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  852.093748][T18604] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  852.157544][T18604] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  852.177225][T18604] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  852.299886][T18604] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  852.330558][T18604] team0: Port device geneve1 added
[  853.008472][T18596] netlink: 'syz.2.4167': attribute type 10 has an invalid length.
[  853.467160][T18634] netlink: 14975 bytes leftover after parsing attributes in process `syz.0.4177'.
[  853.570078][T18637] netlink: 209820 bytes leftover after parsing attributes in process `syz.2.4178'.
[  854.042149][T18646] netlink: 'syz.3.4183': attribute type 9 has an invalid length.
[  854.073954][T18646] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4183'.
[  854.223440][T18649] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4183'.
[  854.338043][T18649] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4183'.
[  854.412520][T18647] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4183'.
[  854.878556][T18649] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4183'.
[  855.990648][T18667] netlink: 64535 bytes leftover after parsing attributes in process `syz.2.4189'.
[  856.106379][T18665] netlink: 'syz.0.4188': attribute type 10 has an invalid length.
[  856.396353][T18665] team0: Device hsr_slave_0 failed to register rx_handler
[  856.666705][T18680] netlink: 14975 bytes leftover after parsing attributes in process `syz.2.4191'.
[  856.899207][T18681] netlink: 'syz.1.4186': attribute type 10 has an invalid length.
[  858.949281][T18710] netlink: 'syz.0.4199': attribute type 10 has an invalid length.
[  858.982060][T18710] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  859.005172][T18710] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  859.037830][T18710] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  859.058810][T18710] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  859.182517][T18710] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  859.207941][T18710] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  859.255217][T18710] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  859.275107][T18710] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  859.365910][T18715] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.4201'.
[  859.391777][T18710] geneve1: entered promiscuous mode
[  859.413750][T18710] geneve1: entered allmulticast mode
[  859.450498][T18710] team0: Port device geneve1 added
[  859.918334][T18718] netlink: 'syz.3.4203': attribute type 21 has an invalid length.
[  861.266332][T18723] netlink: 'syz.2.4206': attribute type 10 has an invalid length.
[  862.686741][T18751] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.4212'.
[  863.238635][T18761] netlink: 'syz.2.4214': attribute type 10 has an invalid length.
[  863.343733][T18761] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  863.415129][T18761] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  863.471046][T18769] netlink: 'syz.0.4217': attribute type 9 has an invalid length.
[  863.474315][T18761] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  863.504905][T18769] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4217'.
[  863.525277][T18761] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  863.627273][T18772] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4217'.
[  863.702191][T18761] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  863.725201][T18761] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  863.748146][T18761] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  863.774857][T18761] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  863.876092][T18761] geneve1: entered promiscuous mode
[  863.894824][T18761] geneve1: entered allmulticast mode
[  863.921756][T18761] team0: Port device geneve1 added
[  864.001300][T18772] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4217'.
[  864.154979][T18770] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4217'.
[  864.498126][T18769] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4217'.
[  864.534340][T18769] debugfs: Directory '�!�' with parent 'ieee80211' already present!
[  866.866166][T18812] netlink: 'syz.0.4222': attribute type 10 has an invalid length.
[  868.319495][T18829] netlink: 65055 bytes leftover after parsing attributes in process `syz.0.4231'.
[  868.894755][T18841] netlink: 15231 bytes leftover after parsing attributes in process `syz.2.4235'.
[  871.015811][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  871.023280][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  871.681672][T18869] netlink: 'syz.2.4240': attribute type 10 has an invalid length.
[  871.775032][T18872] netlink: 'syz.3.4243': attribute type 29 has an invalid length.
[  871.818338][T18872] netlink: 'syz.3.4243': attribute type 29 has an invalid length.
[  871.857420][T18871] netlink: 'syz.3.4243': attribute type 29 has an invalid length.
[  871.947634][T18873] netlink: 'syz.3.4243': attribute type 29 has an invalid length.
[  872.399259][T18885] FAULT_INJECTION: forcing a failure.
[  872.399259][T18885] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  872.416167][T18885] CPU: 1 PID: 18885 Comm: syz.1.4246 Not tainted syzkaller #0
[  872.424619][T18885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  872.435409][T18885] Call Trace:
[  872.439227][T18885]  <TASK>
[  872.442304][T18885]  dump_stack_lvl+0x18c/0x250
[  872.447262][T18885]  ? show_regs_print_info+0x20/0x20
[  872.452940][T18885]  ? load_image+0x420/0x420
[  872.457784][T18885]  ? __might_fault+0xaa/0x120
[  872.462863][T18885]  ? __lock_acquire+0x7d40/0x7d40
[  872.468572][T18885]  should_fail_ex+0x39d/0x4d0
[  872.473826][T18885]  _copy_from_iter+0x1d9/0x12e0
[  872.479132][T18885]  ? pipe_write+0x713/0x1b10
[  872.484162][T18885]  ? copyout_mc+0x70/0x70
[  872.488908][T18885]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  872.495422][T18885]  ? lock_chain_count+0x20/0x20
[  872.500693][T18885]  ? _raw_spin_lock_irq+0xbb/0xf0
[  872.506794][T18885]  ? _raw_spin_lock_irqsave+0x100/0x100
[  872.512770][T18885]  ? page_copy_sane+0x4e/0x270
[  872.517875][T18885]  copy_page_from_iter+0x7b/0x100
[  872.524096][T18885]  pipe_write+0x868/0x1b10
[  872.529482][T18885]  ? pipe_write+0xd21/0x1b10
[  872.535730][T18885]  ? pipe_read+0x1310/0x1310
[  872.540865][T18885]  ? wake_bit_function+0x200/0x200
[  872.546467][T18885]  ? common_file_perm+0x198/0x1f0
[  872.551773][T18885]  vfs_write+0x46c/0x990
[  872.556254][T18885]  ? file_end_write+0x250/0x250
[  872.561444][T18885]  ? __fget_files+0x43d/0x4b0
[  872.567268][T18885]  ? __fdget_pos+0x1d8/0x330
[  872.572044][T18885]  ? ksys_write+0x75/0x260
[  872.577092][T18885]  ksys_write+0x150/0x260
[  872.581768][T18885]  ? __ia32_sys_read+0x90/0x90
[  872.586696][T18885]  ? lockdep_hardirqs_on+0x98/0x150
[  872.591993][T18885]  do_syscall_64+0x55/0xa0
[  872.596720][T18885]  ? clear_bhb_loop+0x40/0x90
[  872.601606][T18885]  ? clear_bhb_loop+0x40/0x90
[  872.607456][T18885]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  872.615315][T18885] RIP: 0033:0x7f95f059c819
[  872.620707][T18885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  872.645411][T18885] RSP: 002b:00007f95f137b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  872.655277][T18885] RAX: ffffffffffffffda RBX: 00007f95f0816090 RCX: 00007f95f059c819
[  872.664112][T18885] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000000
[  872.672833][T18885] RBP: 00007f95f137b090 R08: 0000000000000000 R09: 0000000000000000
[  872.681472][T18885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  872.689753][T18885] R13: 00007f95f0816128 R14: 00007f95f0816090 R15: 00007ffccd4ef968
[  872.698250][T18885]  </TASK>
[  875.797305][T18916] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.4255'.
[  877.674842][T18938] netlink: 'syz.2.4257': attribute type 10 has an invalid length.
[  879.340100][T18973] netlink: 15487 bytes leftover after parsing attributes in process `syz.0.4276'.
[  879.377881][T18970] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.4268'.
[  881.629232][T19000] netlink: 'syz.1.4273': attribute type 10 has an invalid length.
[  882.413103][T19018] netlink: 209820 bytes leftover after parsing attributes in process `syz.3.4281'.
[  882.453513][T19021] netlink: 'syz.2.4280': attribute type 2 has an invalid length.
[  882.472321][T19021] netlink: 17267 bytes leftover after parsing attributes in process `syz.2.4280'.
[  883.002256][T19031] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4284'.
[  883.077871][T19031] debugfs: Directory '�!�' with parent 'ieee80211' already present!
[  883.380629][T19029] sock: sock_timestamping_bind_phc: sock not bind to device
[  884.699023][T19050] FAULT_INJECTION: forcing a failure.
[  884.699023][T19050] name failslab, interval 1, probability 0, space 0, times 0
[  884.768429][T19050] CPU: 1 PID: 19050 Comm: syz.3.4290 Not tainted syzkaller #0
[  884.776152][T19050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  884.786437][T19050] Call Trace:
[  884.790083][T19050]  <TASK>
[  884.793065][T19050]  dump_stack_lvl+0x18c/0x250
[  884.798182][T19050]  ? show_regs_print_info+0x20/0x20
[  884.803618][T19050]  ? load_image+0x420/0x420
[  884.808295][T19050]  ? __might_sleep+0xe0/0xe0
[  884.813011][T19050]  ? __lock_acquire+0x7d40/0x7d40
[  884.818115][T19050]  should_fail_ex+0x39d/0x4d0
[  884.822867][T19050]  should_failslab+0x9/0x20
[  884.827418][T19050]  slab_pre_alloc_hook+0x59/0x310
[  884.832757][T19050]  ? d_instantiate+0x6f/0x90
[  884.837581][T19050]  kmem_cache_alloc+0x5a/0x2d0
[  884.842389][T19050]  ? alloc_empty_file+0x9e/0x1d0
[  884.847397][T19050]  alloc_empty_file+0x9e/0x1d0
[  884.852308][T19050]  alloc_file+0x5c/0x600
[  884.856740][T19050]  alloc_file_pseudo+0x184/0x210
[  884.861869][T19050]  ? alloc_empty_backing_file+0xe0/0xe0
[  884.867990][T19050]  anon_inode_getfile+0xc5/0x1a0
[  884.873111][T19050]  __se_sys_perf_event_open+0xee7/0x1c50
[  884.878853][T19050]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  884.884586][T19050]  ? lock_chain_count+0x20/0x20
[  884.889514][T19050]  ? lockdep_hardirqs_on+0x98/0x150
[  884.894772][T19050]  ? __x64_sys_perf_event_open+0x20/0xc0
[  884.900724][T19050]  do_syscall_64+0x55/0xa0
[  884.905295][T19050]  ? clear_bhb_loop+0x40/0x90
[  884.910017][T19050]  ? clear_bhb_loop+0x40/0x90
[  884.914841][T19050]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  884.920927][T19050] RIP: 0033:0x7fde2d59c819
[  884.925535][T19050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  884.938257][T19052] netlink: 209820 bytes leftover after parsing attributes in process `syz.2.4291'.
[  884.945606][T19050] RSP: 002b:00007fde2e3a1028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  884.945675][T19050] RAX: ffffffffffffffda RBX: 00007fde2d815fa0 RCX: 00007fde2d59c819
[  884.945690][T19050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000500
[  884.945703][T19050] RBP: 00007fde2e3a1090 R08: 0000000000000000 R09: 0000000000000000
[  884.945717][T19050] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  884.945731][T19050] R13: 00007fde2d816038 R14: 00007fde2d815fa0 R15: 00007ffd7c8b71f8
[  884.945795][T19050]  </TASK>
[  885.088630][T19058] netlink: 'syz.1.4289': attribute type 10 has an invalid length.
[  889.129310][T19097] pim6reg1: entered promiscuous mode
[  889.189617][T19097] pim6reg1: entered allmulticast mode
[  890.376248][T19101] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4303'.
[  890.423497][T19093] team0: Port device C removed
[  890.435426][T19093] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  890.651515][T19101] debugfs: Directory '!!�' with parent 'ieee80211' already present!
[  892.092432][T19128] netlink: 'syz.2.4306': attribute type 10 has an invalid length.
[  893.070823][T19137] netlink: 'syz.3.4313': attribute type 5 has an invalid length.
[  893.824764][T19145] netlink: 'syz.1.4316': attribute type 16 has an invalid length.
[  893.833783][T19145] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4316'.
[  898.591128][T19194] netlink: 'syz.1.4330': attribute type 10 has an invalid length.
[  898.614923][T19194] netlink: 55 bytes leftover after parsing attributes in process `syz.1.4330'.
[  898.667041][T19192] netlink: 'syz.2.4322': attribute type 10 has an invalid length.
[  899.501441][T19210] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.4334'.
[  900.647879][T19222] netlink: 148 bytes leftover after parsing attributes in process `syz.0.4338'.
[  902.385908][T19244] FAULT_INJECTION: forcing a failure.
[  902.385908][T19244] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  902.486043][T19244] CPU: 0 PID: 19244 Comm: syz.3.4342 Not tainted syzkaller #0
[  902.493864][T19244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  902.504597][T19244] Call Trace:
[  902.507917][T19244]  <TASK>
[  902.511317][T19244]  dump_stack_lvl+0x18c/0x250
[  902.516608][T19244]  ? show_regs_print_info+0x20/0x20
[  902.522249][T19244]  ? load_image+0x420/0x420
[  902.527191][T19244]  ? __might_fault+0xaa/0x120
[  902.532496][T19244]  ? __lock_acquire+0x7d40/0x7d40
[  902.538037][T19244]  ? unix_ioctl+0x261/0x670
[  902.543436][T19244]  should_fail_ex+0x39d/0x4d0
[  902.548837][T19244]  _copy_from_user+0x2f/0xe0
[  902.554234][T19244]  sock_do_ioctl+0x190/0x310
[  902.559112][T19244]  ? sock_show_fdinfo+0xb0/0xb0
[  902.565597][T19244]  sock_ioctl+0x5ba/0x7e0
[  902.570471][T19244]  ? sock_poll+0x3e0/0x3e0
[  902.575267][T19244]  ? bpf_lsm_file_ioctl+0x9/0x10
[  902.580444][T19244]  ? security_file_ioctl+0x80/0xa0
[  902.587288][T19244]  ? sock_poll+0x3e0/0x3e0
[  902.591956][T19244]  __se_sys_ioctl+0xfd/0x170
[  902.597276][T19244]  do_syscall_64+0x55/0xa0
[  902.602147][T19244]  ? clear_bhb_loop+0x40/0x90
[  902.608007][T19244]  ? clear_bhb_loop+0x40/0x90
[  902.613850][T19244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  902.620507][T19244] RIP: 0033:0x7fde2d59c819
[  902.625740][T19244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  902.647453][T19244] RSP: 002b:00007fde2e380028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  902.658634][T19244] RAX: ffffffffffffffda RBX: 00007fde2d816090 RCX: 00007fde2d59c819
[  902.667693][T19244] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000001d
[  902.677992][T19244] RBP: 00007fde2e380090 R08: 0000000000000000 R09: 0000000000000000
[  902.689240][T19244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  902.700011][T19244] R13: 00007fde2d816128 R14: 00007fde2d816090 R15: 00007ffd7c8b71f8
[  902.710605][T19244]  </TASK>
[  904.146112][T19265] pim6reg1: entered promiscuous mode
[  904.151879][T19265] pim6reg1: entered allmulticast mode
[  905.371317][T19260] netlink: 'syz.1.4343': attribute type 10 has an invalid length.
[  908.215967][T19295] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4354'.
[  910.845501][T19317] netlink: 'syz.0.4360': attribute type 10 has an invalid length.
[  911.210011][T19319] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4363'.
[  911.496276][T19324] netlink: 148 bytes leftover after parsing attributes in process `syz.3.4365'.
[  912.049399][T19330] netlink: 15918 bytes leftover after parsing attributes in process `syz.2.4367'.
[  913.472379][T19351] netlink: 'syz.3.4373': attribute type 10 has an invalid length.
[  914.041823][T19356] netlink: 'syz.3.4375': attribute type 1 has an invalid length.
[  914.065167][T19356] netlink: 'syz.3.4375': attribute type 2 has an invalid length.
[  914.073023][T19356] netlink: 'syz.3.4375': attribute type 2 has an invalid length.
[  914.104782][T19356] netlink: 'syz.3.4375': attribute type 3 has an invalid length.
[  914.112703][T19356] netlink: 'syz.3.4375': attribute type 4 has an invalid length.
[  914.156022][T19356] netlink: 'syz.3.4375': attribute type 5 has an invalid length.
[  914.185045][T19356] netlink: 'syz.3.4375': attribute type 6 has an invalid length.
[  914.193021][T19356] netlink: 'syz.3.4375': attribute type 7 has an invalid length.
[  914.224757][T19356] netlink: 126304 bytes leftover after parsing attributes in process `syz.3.4375'.
[  915.081183][T19373] netlink: 184 bytes leftover after parsing attributes in process `syz.3.4381'.
[  915.185889][T19375] netlink: 156 bytes leftover after parsing attributes in process `syz.3.4381'.
[  915.329172][T19373] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4381'.
[  917.156359][T19395] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4387'.
[  919.798453][T19422] validate_nla: 6 callbacks suppressed
[  919.798472][T19422] netlink: 'syz.1.4391': attribute type 10 has an invalid length.
[  920.580322][T19432] netlink: 144 bytes leftover after parsing attributes in process `syz.0.4397'.
[  921.026854][T19442] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.4400'.
[  923.545419][T19473] netlink: 'syz.0.4407': attribute type 10 has an invalid length.
[  923.872473][T19479] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4411'.
[  925.188734][T19492] netdevsim netdevsim3: Direct firmware load for 
 failed with error -2
[  925.210525][T19492] netdevsim netdevsim3: Falling back to sysfs fallback for: 

[  925.556065][T19504] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4419'.
[  925.600005][T19504] FAULT_INJECTION: forcing a failure.
[  925.600005][T19504] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  925.647161][T19504] CPU: 1 PID: 19504 Comm: syz.0.4419 Not tainted syzkaller #0
[  925.654971][T19504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  925.665364][T19504] Call Trace:
[  925.668688][T19504]  <TASK>
[  925.671809][T19504]  dump_stack_lvl+0x18c/0x250
[  925.676601][T19504]  ? show_regs_print_info+0x20/0x20
[  925.681948][T19504]  ? load_image+0x420/0x420
[  925.686533][T19504]  ? __lock_acquire+0x7d40/0x7d40
[  925.691818][T19504]  ? snprintf+0xe9/0x140
[  925.696200][T19504]  should_fail_ex+0x39d/0x4d0
[  925.701114][T19504]  _copy_to_user+0x2f/0xa0
[  925.705604][T19504]  simple_read_from_buffer+0xe7/0x150
[  925.711102][T19504]  proc_fail_nth_read+0x1e8/0x260
[  925.716290][T19504]  ? proc_fault_inject_write+0x360/0x360
[  925.722050][T19504]  ? fsnotify_perm+0x271/0x5e0
[  925.727018][T19504]  ? proc_fault_inject_write+0x360/0x360
[  925.732950][T19504]  vfs_read+0x28b/0x970
[  925.737167][T19504]  ? kernel_read+0x1e0/0x1e0
[  925.741961][T19504]  ? __fget_files+0x28/0x4b0
[  925.747181][T19504]  ? __fget_files+0x28/0x4b0
[  925.751896][T19504]  ? __fget_files+0x43d/0x4b0
[  925.756637][T19504]  ? __fdget_pos+0x2a3/0x330
[  925.761272][T19504]  ? ksys_read+0x75/0x260
[  925.765652][T19504]  ksys_read+0x150/0x260
[  925.769925][T19504]  ? vfs_write+0x990/0x990
[  925.774587][T19504]  ? lockdep_hardirqs_on+0x98/0x150
[  925.780011][T19504]  do_syscall_64+0x55/0xa0
[  925.784722][T19504]  ? clear_bhb_loop+0x40/0x90
[  925.789543][T19504]  ? clear_bhb_loop+0x40/0x90
[  925.794444][T19504]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  925.800604][T19504] RIP: 0033:0x7f7f8415d04e
[  925.805131][T19504] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  925.825312][T19504] RSP: 002b:00007f7f84fa1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  925.833934][T19504] RAX: ffffffffffffffda RBX: 00007f7f84fa26c0 RCX: 00007f7f8415d04e
[  925.841923][T19504] RDX: 000000000000000f RSI: 00007f7f84fa20a0 RDI: 0000000000000005
[  925.850084][T19504] RBP: 00007f7f84fa2090 R08: 0000000000000000 R09: 0000000000000000
[  925.858180][T19504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  925.866280][T19504] R13: 00007f7f84416038 R14: 00007f7f84415fa0 R15: 00007fff83083bb8
[  925.874509][T19504]  </TASK>
[  926.311724][T19511] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.4422'.
[  927.886452][T19525] netlink: 'syz.3.4421': attribute type 10 has an invalid length.
[  928.426166][T19537] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4429'.
[  928.846969][T19540] netdevsim netdevsim1: Direct firmware load for 
 failed with error -2
[  928.867376][T19540] netdevsim netdevsim1: Falling back to sysfs fallback for: 

[  929.007278][T19547] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.4432'.
[  930.027181][T19554] netlink: 'syz.2.4434': attribute type 10 has an invalid length.
[  930.064621][T19554] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4434'.
[  930.104483][T19554] batadv0: entered allmulticast mode
[  930.145574][T19554] bond0: (slave batadv0): Releasing backup interface
[  930.187199][T19554] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  931.592375][T19584] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.4441'.
[  931.716052][T19585] netlink: 'syz.3.4437': attribute type 10 has an invalid length.
[  931.794300][T19591] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4443'.
[  931.824714][T19591] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4443'.
[  931.854852][T19591] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4443'.
[  932.388356][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  932.402831][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  932.771981][T19614] FAULT_INJECTION: forcing a failure.
[  932.771981][T19614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  932.814523][T19614] CPU: 1 PID: 19614 Comm: syz.1.4451 Not tainted syzkaller #0
[  932.822558][T19614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  932.832735][T19614] Call Trace:
[  932.836176][T19614]  <TASK>
[  932.839249][T19614]  dump_stack_lvl+0x18c/0x250
[  932.844121][T19614]  ? show_regs_print_info+0x20/0x20
[  932.849578][T19614]  ? load_image+0x420/0x420
[  932.854260][T19614]  ? __might_fault+0xaa/0x120
[  932.859099][T19614]  ? __lock_acquire+0x7d40/0x7d40
[  932.864305][T19614]  should_fail_ex+0x39d/0x4d0
[  932.869230][T19614]  _copy_from_user+0x2f/0xe0
[  932.873947][T19614]  ___sys_recvmsg+0x176/0x590
[  932.879024][T19614]  ? __sys_recvmsg+0x2a0/0x2a0
[  932.883841][T19614]  ? ksys_write+0x1c4/0x260
[  932.888702][T19614]  ? __fget_files+0x43d/0x4b0
[  932.893664][T19614]  __x64_sys_recvmsg+0x20c/0x2e0
[  932.898752][T19614]  ? ___sys_recvmsg+0x590/0x590
[  932.903807][T19614]  ? lockdep_hardirqs_on+0x98/0x150
[  932.909487][T19614]  do_syscall_64+0x55/0xa0
[  932.914069][T19614]  ? clear_bhb_loop+0x40/0x90
[  932.918795][T19614]  ? clear_bhb_loop+0x40/0x90
[  932.923558][T19614]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  932.929687][T19614] RIP: 0033:0x7f95f059c819
[  932.934157][T19614] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  932.954608][T19614] RSP: 002b:00007f95f139c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  932.963701][T19614] RAX: ffffffffffffffda RBX: 00007f95f0815fa0 RCX: 00007f95f059c819
[  932.972389][T19614] RDX: 0000000000000022 RSI: 00002000000004c0 RDI: 0000000000000003
[  932.980509][T19614] RBP: 00007f95f139c090 R08: 0000000000000000 R09: 0000000000000000
[  932.988722][T19614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  932.997083][T19614] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  933.005229][T19614]  </TASK>
[  933.488331][T19623] FAULT_INJECTION: forcing a failure.
[  933.488331][T19623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  933.597448][T19623] CPU: 1 PID: 19623 Comm: syz.1.4453 Not tainted syzkaller #0
[  933.605509][T19623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  933.616315][T19623] Call Trace:
[  933.619829][T19623]  <TASK>
[  933.622917][T19623]  dump_stack_lvl+0x18c/0x250
[  933.627856][T19623]  ? show_regs_print_info+0x20/0x20
[  933.633503][T19623]  ? load_image+0x420/0x420
[  933.638257][T19623]  ? __might_fault+0xaa/0x120
[  933.643081][T19623]  ? __lock_acquire+0x7d40/0x7d40
[  933.648302][T19623]  should_fail_ex+0x39d/0x4d0
[  933.653114][T19623]  _copy_from_user+0x2f/0xe0
[  933.657742][T19623]  __sys_bpf+0x23e/0x890
[  933.662092][T19623]  ? bpf_link_show_fdinfo+0x390/0x390
[  933.667878][T19623]  ? lock_chain_count+0x20/0x20
[  933.672789][T19623]  __x64_sys_bpf+0x7c/0x90
[  933.677353][T19623]  do_syscall_64+0x55/0xa0
[  933.682038][T19623]  ? clear_bhb_loop+0x40/0x90
[  933.686987][T19623]  ? clear_bhb_loop+0x40/0x90
[  933.692213][T19623]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  933.699040][T19623] RIP: 0033:0x7f95f059c819
[  933.705222][T19623] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  933.725770][T19623] RSP: 002b:00007f95f139c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  933.734313][T19623] RAX: ffffffffffffffda RBX: 00007f95f0815fa0 RCX: 00007f95f059c819
[  933.743006][T19623] RDX: 0000000000000010 RSI: 0000200000000300 RDI: 000000000000000f
[  933.751908][T19623] RBP: 00007f95f139c090 R08: 0000000000000000 R09: 0000000000000000
[  933.760795][T19623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  933.769269][T19623] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  933.777590][T19623]  </TASK>
[  934.427157][T19635] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.4457'.
[  934.476812][T19633] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4458'.
[  934.498711][T19633] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4458'.
[  934.528084][T19633] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4458'.
[  935.399126][T19650] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4461'.
[  935.469791][T19648] netlink: 'syz.1.4456': attribute type 10 has an invalid length.
[  936.470386][T19665] netdevsim netdevsim0: Direct firmware load for 
 failed with error -2
[  936.485075][T19665] netdevsim netdevsim0: Falling back to sysfs fallback for: 

[  936.967597][T19683] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.4470'.
[  938.946685][T19710] netlink: 'syz.2.4475': attribute type 10 has an invalid length.
[  939.226136][T19716] FAULT_INJECTION: forcing a failure.
[  939.226136][T19716] name failslab, interval 1, probability 0, space 0, times 0
[  939.254561][T19716] CPU: 1 PID: 19716 Comm: syz.3.4482 Not tainted syzkaller #0
[  939.262415][T19716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  939.272803][T19716] Call Trace:
[  939.276246][T19716]  <TASK>
[  939.279318][T19716]  dump_stack_lvl+0x18c/0x250
[  939.284197][T19716]  ? show_regs_print_info+0x20/0x20
[  939.289834][T19716]  ? load_image+0x420/0x420
[  939.294406][T19716]  ? __might_sleep+0xe0/0xe0
[  939.299062][T19716]  ? __lock_acquire+0x7d40/0x7d40
[  939.304325][T19716]  ? trace_event_raw_event_lock+0x250/0x250
[  939.310459][T19716]  should_fail_ex+0x39d/0x4d0
[  939.315462][T19716]  should_failslab+0x9/0x20
[  939.320102][T19716]  slab_pre_alloc_hook+0x59/0x310
[  939.325373][T19716]  ? rxrpc_alloc_bundle+0x78/0x580
[  939.330640][T19716]  __kmem_cache_alloc_node+0x53/0x250
[  939.336160][T19716]  ? do_raw_spin_lock+0x11f/0x2c0
[  939.341320][T19716]  ? rxrpc_alloc_bundle+0x78/0x580
[  939.346477][T19716]  kmalloc_trace+0x2a/0xe0
[  939.350938][T19716]  rxrpc_alloc_bundle+0x78/0x580
[  939.355929][T19716]  rxrpc_look_up_bundle+0x395/0x930
[  939.361346][T19716]  ? _raw_spin_unlock+0x28/0x40
[  939.366232][T19716]  rxrpc_new_client_call+0xbcd/0x1410
[  939.372201][T19716]  rxrpc_do_sendmsg+0xc42/0x1280
[  939.377235][T19716]  ? rxrpc_propose_abort+0x200/0x200
[  939.382582][T19716]  ? rxrpc_sendmsg+0x391/0x5b0
[  939.387381][T19716]  ? rxrpc_getsockopt+0x150/0x150
[  939.392581][T19716]  ____sys_sendmsg+0x5ba/0x960
[  939.397585][T19716]  ? __lock_acquire+0x7d40/0x7d40
[  939.402751][T19716]  ? __sys_sendmsg_sock+0x30/0x30
[  939.407880][T19716]  ? __import_iovec+0x3fa/0x850
[  939.412886][T19716]  ? import_iovec+0x73/0xa0
[  939.417712][T19716]  ___sys_sendmsg+0x2a6/0x360
[  939.422746][T19716]  ? __sys_sendmsg+0x2a0/0x2a0
[  939.427815][T19716]  ? __lock_acquire+0x7d40/0x7d40
[  939.433043][T19716]  __se_sys_sendmsg+0x1c2/0x2b0
[  939.438140][T19716]  ? __x64_sys_sendmsg+0x80/0x80
[  939.443333][T19716]  ? lockdep_hardirqs_on+0x98/0x150
[  939.448816][T19716]  do_syscall_64+0x55/0xa0
[  939.453532][T19716]  ? clear_bhb_loop+0x40/0x90
[  939.458333][T19716]  ? clear_bhb_loop+0x40/0x90
[  939.463095][T19716]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  939.469204][T19716] RIP: 0033:0x7fde2d59c819
[  939.473646][T19716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  939.493554][T19716] RSP: 002b:00007fde2e3a1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  939.502150][T19716] RAX: ffffffffffffffda RBX: 00007fde2d815fa0 RCX: 00007fde2d59c819
[  939.510174][T19716] RDX: 000000000000fc00 RSI: 0000200000000080 RDI: 0000000000000003
[  939.518193][T19716] RBP: 00007fde2e3a1090 R08: 0000000000000000 R09: 0000000000000000
[  939.526198][T19716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  939.534368][T19716] R13: 00007fde2d816038 R14: 00007fde2d815fa0 R15: 00007ffd7c8b71f8
[  939.542517][T19716]  </TASK>
[  939.638907][T19721] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.4481'.
[  939.788174][T19720] netdevsim netdevsim1: Direct firmware load for 
 failed with error -2
[  939.814639][T19720] netdevsim netdevsim1: Falling back to sysfs fallback for: 

[  939.847171][T19723] netlink: 129384 bytes leftover after parsing attributes in process `syz.2.4484'.
[  941.505963][T19753] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.4494'.
[  942.300710][T19760] netlink: 'syz.3.4492': attribute type 10 has an invalid length.
[  943.465021][T19782] netlink: 144 bytes leftover after parsing attributes in process `syz.3.4503'.
[  943.504792][T19782] Q�6��\b��Y�4��: renamed from lo (while UP)
[  945.730416][T19797] netlink: 'syz.3.4507': attribute type 10 has an invalid length.
[  946.949554][T19832] netdevsim netdevsim2: Direct firmware load for 
 failed with error -2
[  946.991006][T19832] netdevsim netdevsim2: Falling back to sysfs fallback for: 

[  947.207040][T19840] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.4517'.
[  947.319258][T19843] netlink: 'syz.0.4518': attribute type 1 has an invalid length.
[  947.363438][T19843] netlink: 'syz.0.4518': attribute type 4 has an invalid length.
[  947.462920][T19843] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.4518'.
[  948.156481][T19857] netlink: 'syz.3.4522': attribute type 39 has an invalid length.
[  949.385923][T19878] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4527'.
[  949.747536][T19881] netlink: 'syz.0.4524': attribute type 10 has an invalid length.
[  950.003134][T19884] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4528'.
[  950.265010][T19882] delete_channel: no stack
[  950.735230][T19889] netdevsim netdevsim0: Direct firmware load for 
 failed with error -2
[  950.764999][T19889] netdevsim netdevsim0: Falling back to sysfs fallback for: 

[  951.596698][T19911] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.4536'.
[  953.775043][T19938] netlink: 'syz.3.4539': attribute type 10 has an invalid length.
[  956.018341][T19952] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.4548'.
[  956.355534][T19958] netdevsim netdevsim3: Direct firmware load for 
 failed with error -2
[  956.368682][T19958] netdevsim netdevsim3: Falling back to sysfs fallback for: 

[  958.107368][T19988] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4560'.
[  958.934112][T19999] netlink: 'syz.0.4558': attribute type 10 has an invalid length.
[  960.500009][T20024] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4570'.
[  960.651484][T20028] netlink: 830 bytes leftover after parsing attributes in process `syz.1.4571'.
[  961.172156][T20046] netlink: 'syz.0.4573': attribute type 10 has an invalid length.
[  961.358786][T20054] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4580'.
[  961.721073][T20051] netlink: 'syz.2.4579': attribute type 10 has an invalid length.
[  962.374940][T20094] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.4591'.
[  962.447499][T20096] netlink: 207496 bytes leftover after parsing attributes in process `syz.2.4592'.
[  962.474074][T20097] netlink: 'syz.3.4589': attribute type 10 has an invalid length.
[  963.397838][T20124] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.4602'.
[  963.456980][T20107] netlink: 'syz.0.4597': attribute type 10 has an invalid length.
[  963.969463][T20141] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  964.025456][T20142] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  964.081577][T20129] netlink: 'syz.1.4604': attribute type 10 has an invalid length.
[  964.296541][T20156] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.4612'.
[  966.106246][T20185] netlink: 'syz.1.4617': attribute type 10 has an invalid length.
[  966.311462][T20197] netlink: 16255 bytes leftover after parsing attributes in process `syz.0.4623'.
[  966.366282][T20200] netlink: 'syz.2.4621': attribute type 10 has an invalid length.
[  966.679477][T20209] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.4627'.
[  966.707736][T20207] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.4627'.
[  967.106200][T20208] netlink: 'syz.3.4628': attribute type 1 has an invalid length.
[  967.136825][T20208] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.4628'.
[  967.256014][T20208] netlink: 'syz.3.4628': attribute type 4 has an invalid length.
[  967.417038][T20208] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4628'.
[  967.578412][T20208] .`: renamed from bond0 (while UP)
[  968.192146][T20233] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4634'.
[  969.552359][T20252] netlink: 'syz.0.4642': attribute type 10 has an invalid length.
[  969.962921][T20267] netlink: 'syz.2.4646': attribute type 3 has an invalid length.
[  969.977172][T20267] netlink: 'syz.2.4646': attribute type 1 has an invalid length.
[  969.990901][T20267] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.4646'.
[  971.249414][T20304] netlink: 40227 bytes leftover after parsing attributes in process `syz.3.4657'.
[  972.324040][T20331] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  972.340548][T20331] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  972.358513][T20331] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  972.383313][T20331] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  972.406247][T20331] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  972.418417][T20331] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  972.815364][ T1139] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  973.048740][T20329] chnl_net:caif_netlink_parms(): no params data found
[  973.139187][T20329] bridge0: port 1(bridge_slave_0) entered blocking state
[  973.147109][T20329] bridge0: port 1(bridge_slave_0) entered disabled state
[  973.155086][T20329] bridge_slave_0: entered allmulticast mode
[  973.162700][T20329] bridge_slave_0: entered promiscuous mode
[  973.171923][T20329] bridge0: port 2(bridge_slave_1) entered blocking state
[  973.179745][T20329] bridge0: port 2(bridge_slave_1) entered disabled state
[  973.187261][T20329] bridge_slave_1: entered allmulticast mode
[  973.194732][T20329] bridge_slave_1: entered promiscuous mode
[  973.228792][T20329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  973.244867][T20329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  973.316424][T20329] team0: Port device team_slave_0 added
[  973.331891][T20329] team0: Port device team_slave_1 added
[  973.384218][T20329] batman_adv: batadv0: Adding interface: batadv_slave_0
[  973.398652][T20329] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  973.431881][T20329] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  973.453040][T20329] batman_adv: batadv0: Adding interface: batadv_slave_1
[  973.462922][T20329] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  973.499101][T20329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  973.608365][ T1139] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  973.661676][T20357] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.4672'.
[  973.677977][T20329] hsr_slave_0: entered promiscuous mode
[  973.693578][T20329] hsr_slave_1: entered promiscuous mode
[  973.791713][ T1139] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  973.837754][T20357] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.4672'.
[  973.848609][T20360] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4673'.
[  973.887296][T20358] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.4672'.
[  974.041293][ T1139] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  974.087257][T20367] netlink: 'syz.2.4675': attribute type 29 has an invalid length.
[  974.108911][T20367] netlink: 'syz.2.4675': attribute type 29 has an invalid length.
[  974.149609][T20367] netlink: 'syz.2.4675': attribute type 29 has an invalid length.
[  974.504890][T20331] Bluetooth: hci2: command tx timeout
[  975.539849][T20329] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  975.551051][T20329] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  975.560910][T20329] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  975.572336][T20329] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  975.701194][T20329] 8021q: adding VLAN 0 to HW filter on device bond0
[  975.760810][T20329] 8021q: adding VLAN 0 to HW filter on device team0
[  975.773999][ T6828] bridge0: port 1(bridge_slave_0) entered blocking state
[  975.781561][ T6828] bridge0: port 1(bridge_slave_0) entered forwarding state
[  975.802832][T18306] bridge0: port 2(bridge_slave_1) entered blocking state
[  975.810498][T18306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  976.253860][T20329] 8021q: adding VLAN 0 to HW filter on device batadv0
[  976.383225][T20329] veth0_vlan: entered promiscuous mode
[  976.422289][T20329] veth1_vlan: entered promiscuous mode
[  976.496682][T20329] veth0_macvtap: entered promiscuous mode
[  976.508587][T20329] veth1_macvtap: entered promiscuous mode
[  976.528101][T20329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  976.540771][T20329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.553019][T20329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  976.568777][T20329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.580693][T20329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  976.592775][T20331] Bluetooth: hci2: command tx timeout
[  976.598593][T20329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.609785][T20329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  976.622399][T20329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.637069][T20329] batman_adv: batadv0: Interface activated: batadv_slave_0
[  976.673476][T20329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  976.685917][T20329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.700073][T20329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  976.712109][T20329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.723150][T20329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  976.735943][T20329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.747374][T20329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  976.759897][T20329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.772035][T20329] batman_adv: batadv0: Interface activated: batadv_slave_1
[  976.786553][T20329] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  976.797660][T20329] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  976.807154][T20329] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  976.819107][T20329] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  976.832840][ T1139] vlan0: left allmulticast mode
[  976.841004][ T1139] veth0_vlan: left allmulticast mode
[  976.847139][ T1139] vlan0: left promiscuous mode
[  976.853047][ T1139] �: port 1(vlan0) entered disabled state
[  976.867833][ T1139] hsr_slave_0: left promiscuous mode
[  976.877891][ T1139] hsr_slave_1: left promiscuous mode
[  976.884696][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  976.894209][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_0
[  976.914423][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  976.923083][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_1
[  976.932477][ T1139] batman_adv: batadv0: Interface deactivated: veth1_virt_wifi
[  976.940699][ T1139] batman_adv: batadv0: Removing interface: veth1_virt_wifi
[  976.962432][ T1139] veth1_macvtap: left promiscuous mode
[  977.097818][ T1139] team0 (unregistering): Port device geneve1 removed
[  977.278652][ T1139] team0 (unregistering): Port device macvlan0 removed
[  977.679201][ T1139] team0 (unregistering): Port device team_slave_1 removed
[  977.744171][ T1139] team0 (unregistering): Port device team_slave_0 removed
[  977.811727][ T1139] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  977.869325][ T1139] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  978.180971][ T1139] .` (unregistering): (slave dummy0): Releasing backup interface
[  978.249974][ T1139] .` (unregistering): Released all slaves
[  978.446878][ T6828] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  978.473863][ T6828] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  978.513020][ T6837] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  978.529296][ T6837] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  978.680435][T20418] netlink: 'syz.2.4690': attribute type 3 has an invalid length.
[  978.692641][T20331] Bluetooth: hci2: command tx timeout
[  978.714784][T20418] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.4690'.
[  979.290200][T20423] netlink: 'syz.0.4688': attribute type 1 has an invalid length.
[  979.300214][T20423] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.4688'.
[  979.372593][T20423] netlink: 'syz.0.4688': attribute type 4 has an invalid length.
[  979.389062][T20423] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4688'.
[  979.653546][T20437] FAULT_INJECTION: forcing a failure.
[  979.653546][T20437] name failslab, interval 1, probability 0, space 0, times 0
[  979.667953][T20437] CPU: 1 PID: 20437 Comm: syz.1.4682 Not tainted syzkaller #0
[  979.675793][T20437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  979.686244][T20437] Call Trace:
[  979.689740][T20437]  <TASK>
[  979.692734][T20437]  dump_stack_lvl+0x18c/0x250
[  979.697639][T20437]  ? sctp_sendmsg+0x1575/0x28c0
[  979.702817][T20437]  ? ___sys_sendmsg+0x2a6/0x360
[  979.707720][T20437]  ? show_regs_print_info+0x20/0x20
[  979.713141][T20437]  ? load_image+0x420/0x420
[  979.717916][T20437]  should_fail_ex+0x39d/0x4d0
[  979.722703][T20437]  should_failslab+0x9/0x20
[  979.727943][T20437]  slab_pre_alloc_hook+0x59/0x310
[  979.733384][T20437]  ? sctp_add_bind_addr+0x8c/0x360
[  979.739386][T20437]  __kmem_cache_alloc_node+0x53/0x250
[  979.745533][T20437]  ? sctp_add_bind_addr+0x8c/0x360
[  979.750904][T20437]  kmalloc_trace+0x2a/0xe0
[  979.755904][T20437]  sctp_add_bind_addr+0x8c/0x360
[  979.760978][T20437]  sctp_copy_local_addr_list+0x315/0x4f0
[  979.766720][T20437]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  979.772682][T20437]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  979.779270][T20437]  ? sctp_v4_is_any+0x35/0x60
[  979.784688][T20437]  ? sctp_copy_one_addr+0x8c/0x350
[  979.790042][T20437]  sctp_bind_addr_copy+0xb3/0x3c0
[  979.795267][T20437]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  979.802285][T20437]  sctp_connect_new_asoc+0x2f9/0x6a0
[  979.807717][T20437]  ? __sctp_connect+0xd80/0xd80
[  979.812789][T20437]  ? __local_bh_enable_ip+0x13a/0x1c0
[  979.818394][T20437]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  979.823973][T20437]  ? security_sctp_bind_connect+0x89/0xb0
[  979.829919][T20437]  sctp_sendmsg+0x1575/0x28c0
[  979.834637][T20437]  ? sctp_getsockopt+0xb60/0xb60
[  979.839580][T20437]  ? aa_sk_perm+0x83c/0x970
[  979.844107][T20437]  ? aa_af_perm+0x330/0x330
[  979.848634][T20437]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  979.855086][T20437]  ? sock_rps_record_flow+0x19/0x3f0
[  979.860872][T20437]  ? inet_sendmsg+0xe9/0x2f0
[  979.865594][T20437]  ? inet_send_prepare+0x260/0x260
[  979.870929][T20437]  ____sys_sendmsg+0x5ba/0x960
[  979.875718][T20437]  ? __lock_acquire+0x7d40/0x7d40
[  979.880765][T20437]  ? __asan_memset+0x22/0x40
[  979.885466][T20437]  ? __sys_sendmsg_sock+0x30/0x30
[  979.890604][T20437]  ? __import_iovec+0x5f2/0x850
[  979.895479][T20437]  ? import_iovec+0x73/0xa0
[  979.900392][T20437]  ___sys_sendmsg+0x2a6/0x360
[  979.905205][T20437]  ? __sys_sendmsg+0x2a0/0x2a0
[  979.910210][T20437]  ? __lock_acquire+0x7d40/0x7d40
[  979.915379][T20437]  __se_sys_sendmsg+0x1c2/0x2b0
[  979.920465][T20437]  ? __x64_sys_sendmsg+0x80/0x80
[  979.925555][T20437]  ? lockdep_hardirqs_on+0x98/0x150
[  979.930867][T20437]  do_syscall_64+0x55/0xa0
[  979.935464][T20437]  ? clear_bhb_loop+0x40/0x90
[  979.940267][T20437]  ? clear_bhb_loop+0x40/0x90
[  979.945177][T20437]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  979.951539][T20437] RIP: 0033:0x7f95f059c819
[  979.956539][T20437] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  979.977596][T20437] RSP: 002b:00007f95f139c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  979.986660][T20437] RAX: ffffffffffffffda RBX: 00007f95f0815fa0 RCX: 00007f95f059c819
[  979.995360][T20437] RDX: 0000000000008054 RSI: 0000200000000ac0 RDI: 0000000000000004
[  980.003793][T20437] RBP: 00007f95f139c090 R08: 0000000000000000 R09: 0000000000000000
[  980.013934][T20437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  980.022570][T20437] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  980.031336][T20437]  </TASK>
[  980.754491][ T5769] Bluetooth: hci2: command tx timeout
[  980.945149][T20464] netlink: 'syz.1.4694': attribute type 21 has an invalid length.
[  981.084852][T20475] ==================================================================
[  981.093853][T20475] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6bf/0x900
[  981.102261][T20475] Write of size 72 at addr ffff88805f7f5f10 by task syz.1.4698/20475
[  981.110387][T20475] 
[  981.112725][T20475] CPU: 1 PID: 20475 Comm: syz.1.4698 Not tainted syzkaller #0
[  981.120379][T20475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  981.130653][T20475] Call Trace:
[  981.134047][T20475]  <TASK>
[  981.136991][T20475]  dump_stack_lvl+0x18c/0x250
[  981.141700][T20475]  ? __lock_acquire+0x7d40/0x7d40
[  981.146812][T20475]  ? show_regs_print_info+0x20/0x20
[  981.152016][T20475]  ? load_image+0x420/0x420
[  981.156634][T20475]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  981.162274][T20475]  ? __virt_addr_valid+0x18c/0x540
[  981.167480][T20475]  ? __virt_addr_valid+0x469/0x540
[  981.172616][T20475]  print_report+0xa8/0x210
[  981.177049][T20475]  ? __bpf_get_stackid+0x6bf/0x900
[  981.182259][T20475]  kasan_report+0x117/0x150
[  981.187167][T20475]  ? __bpf_get_stackid+0x6bf/0x900
[  981.192458][T20475]  kasan_check_range+0x241/0x290
[  981.197439][T20475]  ? __bpf_get_stackid+0x6bf/0x900
[  981.202606][T20475]  __asan_memcpy+0x40/0x70
[  981.207155][T20475]  __bpf_get_stackid+0x6bf/0x900
[  981.212134][T20475]  bpf_get_stackid_pe+0x343/0x410
[  981.217276][T20475]  bpf_prog_a448e89f4c9ad9d1+0x30/0x4a
[  981.223037][T20475]  bpf_overflow_handler+0x1fc/0x510
[  981.228618][T20475]  ? perf_prepare_header+0x1e0/0x1e0
[  981.234436][T20475]  ? bpf_overflow_handler+0xde/0x510
[  981.239919][T20475]  ? tp_perf_event_destroy+0x20/0x20
[  981.245469][T20475]  ? perf_trace_preemptirq_template+0xac/0x330
[  981.251719][T20475]  ? __perf_event_account_interrupt+0x187/0x280
[  981.258051][T20475]  __perf_event_overflow+0x447/0x630
[  981.263353][T20475]  perf_swevent_event+0x319/0x570
[  981.268394][T20475]  ? perf_tp_event+0x1520/0x1520
[  981.273763][T20475]  ___perf_sw_event+0x4a7/0x730
[  981.278634][T20475]  ? ___perf_sw_event+0x199/0x730
[  981.284109][T20475]  ? perf_swevent_put_recursion_context+0xb0/0xb0
[  981.290938][T20475]  ? __lock_acquire+0x1347/0x7d40
[  981.295980][T20475]  ? rep_movs_alternative+0x4a/0x90
[  981.301554][T20475]  ? verify_lock_unused+0x140/0x140
[  981.306779][T20475]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  981.312770][T20475]  ? lock_chain_count+0x20/0x20
[  981.317627][T20475]  __perf_sw_event+0x139/0x270
[  981.322392][T20475]  do_user_addr_fault+0x123e/0x12c0
[  981.327677][T20475]  ? rcu_is_watching+0x15/0xb0
[  981.332554][T20475]  exc_page_fault+0x64/0x100
[  981.337698][T20475]  asm_exc_page_fault+0x26/0x30
[  981.342558][T20475] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  981.348736][T20475] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  981.369089][T20475] RSP: 0018:ffffc90003a37b48 EFLAGS: 00050206
[  981.375334][T20475] RAX: ffffffff842a2101 RBX: 00000000000000a0 RCX: 00000000000000a0
[  981.383310][T20475] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90003a09048
[  981.391366][T20475] RBP: 0000000000000000 R08: ffffc90003a090e7 R09: 1ffff9200074121c
[  981.399386][T20475] R10: dffffc0000000000 R11: fffff5200074121d R12: 00000000000000a0
[  981.407364][T20475] R13: 0000000000000000 R14: ffffc90003a09048 R15: 0000000000000000
[  981.415351][T20475]  ? _copy_from_user+0x31/0xe0
[  981.420131][T20475]  _copy_from_user+0x8b/0xe0
[  981.424906][T20475]  copy_from_bpfptr+0x67/0x80
[  981.429587][T20475]  bpf_prog_load+0xa80/0x1670
[  981.434481][T20475]  ? map_freeze+0x420/0x420
[  981.439154][T20475]  ? __might_fault+0xaa/0x120
[  981.443827][T20475]  ? __might_fault+0xc6/0x120
[  981.448678][T20475]  ? __might_fault+0xaa/0x120
[  981.453537][T20475]  ? bpf_lsm_bpf+0x9/0x10
[  981.458152][T20475]  ? security_bpf+0x7e/0xa0
[  981.462930][T20475]  __sys_bpf+0x5ba/0x890
[  981.467188][T20475]  ? bpf_link_show_fdinfo+0x390/0x390
[  981.472782][T20475]  ? lock_chain_count+0x20/0x20
[  981.477657][T20475]  __x64_sys_bpf+0x7c/0x90
[  981.482077][T20475]  do_syscall_64+0x55/0xa0
[  981.486688][T20475]  ? clear_bhb_loop+0x40/0x90
[  981.491460][T20475]  ? clear_bhb_loop+0x40/0x90
[  981.496247][T20475]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  981.502150][T20475] RIP: 0033:0x7f95f059c819
[  981.506560][T20475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  981.526395][T20475] RSP: 002b:00007f95f139c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  981.534982][T20475] RAX: ffffffffffffffda RBX: 00007f95f0815fa0 RCX: 00007f95f059c819
[  981.543040][T20475] RDX: 0000000000000094 RSI: 00002000000006c0 RDI: 0000000000000005
[  981.551007][T20475] RBP: 00007f95f0632c91 R08: 0000000000000000 R09: 0000000000000000
[  981.559067][T20475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  981.567117][T20475] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  981.575194][T20475]  </TASK>
[  981.578357][T20475] 
[  981.580679][T20475] Allocated by task 20475:
[  981.585274][T20475]  kasan_set_track+0x4e/0x70
[  981.589896][T20475]  __kasan_kmalloc+0x8f/0xa0
[  981.594594][T20475]  __kmalloc_node+0xb4/0x230
[  981.599285][T20475]  bpf_map_area_alloc+0x5e/0x110
[  981.604242][T20475]  prealloc_elems_and_freelist+0x86/0x1c0
[  981.610147][T20475]  stack_map_alloc+0x33a/0x4c0
[  981.614951][T20475]  map_create+0x877/0x12f0
[  981.619372][T20475]  __sys_bpf+0x651/0x890
[  981.623696][T20475]  __x64_sys_bpf+0x7c/0x90
[  981.628106][T20475]  do_syscall_64+0x55/0xa0
[  981.632521][T20475]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  981.638580][T20475] 
[  981.640934][T20475] Last potentially related work creation:
[  981.646651][T20475]  kasan_save_stack+0x3e/0x60
[  981.651457][T20475]  __kasan_record_aux_stack+0xaf/0xc0
[  981.657188][T20475]  call_rcu+0x153/0x950
[  981.661576][T20475]  nf_nat_unregister_fn+0x1f4/0x380
[  981.666888][T20475]  ip6table_nat_net_pre_exit+0x60/0x90
[  981.672635][T20475]  cleanup_net+0x595/0xbb0
[  981.677375][T20475]  process_scheduled_works+0xa5d/0x15d0
[  981.683435][T20475]  worker_thread+0xa55/0xfc0
[  981.688232][T20475]  kthread+0x2fa/0x390
[  981.692476][T20475]  ret_from_fork+0x48/0x80
[  981.697272][T20475]  ret_from_fork_asm+0x11/0x20
[  981.702219][T20475] 
[  981.704553][T20475] The buggy address belongs to the object at ffff88805f7f5f00
[  981.704553][T20475]  which belongs to the cache kmalloc-cg-64 of size 64
[  981.719333][T20475] The buggy address is located 16 bytes inside of
[  981.719333][T20475]  allocated 40-byte region [ffff88805f7f5f00, ffff88805f7f5f28)
[  981.733981][T20475] 
[  981.736489][T20475] The buggy address belongs to the physical page:
[  981.743070][T20475] page:ffffea00017dfd40 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88805f7f5080 pfn:0x5f7f5
[  981.755592][T20475] memcg:ffff88807874f401
[  981.759941][T20475] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[  981.767748][T20475] page_type: 0xffffffff()
[  981.772432][T20475] raw: 00fff00000000800 ffff888017c4da00 ffffea0000c511c0 dead000000000004
[  981.781377][T20475] raw: ffff88805f7f5080 000000008020001f 00000001ffffffff ffff88807874f401
[  981.790071][T20475] page dumped because: kasan: bad access detected
[  981.796931][T20475] page_owner tracks the page as allocated
[  981.802917][T20475] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 5778, tgid 5778 (syz-executor), ts 72038011661, free_ts 26111981729
[  981.821436][T20475]  post_alloc_hook+0x1c1/0x200
[  981.826648][T20475]  get_page_from_freelist+0x1951/0x19e0
[  981.832374][T20475]  __alloc_pages+0x1f0/0x460
[  981.837069][T20475]  alloc_slab_page+0x5d/0x160
[  981.841760][T20475]  new_slab+0x87/0x2d0
[  981.845823][T20475]  ___slab_alloc+0xc5d/0x12f0
[  981.850501][T20475]  __kmem_cache_alloc_node+0x19e/0x250
[  981.856151][T20475]  __kmalloc_node+0xa4/0x230
[  981.861029][T20475]  kvmalloc_node+0x70/0x180
[  981.865541][T20475]  nf_hook_entries_grow+0x27d/0x6d0
[  981.870847][T20475]  __nf_register_net_hook+0x2c9/0x910
[  981.876410][T20475]  nf_register_net_hook+0xb2/0x190
[  981.881705][T20475]  nf_register_net_hooks+0x44/0x1b0
[  981.886920][T20475]  brnf_device_event+0x132/0x1d0
[  981.891860][T20475]  notifier_call_chain+0x197/0x380
[  981.896992][T20475]  register_netdevice+0x16a5/0x1bb0
[  981.902302][T20475] page last free stack trace:
[  981.906994][T20475]  free_unref_page_prepare+0x7b2/0x8c0
[  981.912689][T20475]  free_unref_page+0x32/0x2e0
[  981.917628][T20475]  free_contig_range+0xa1/0x150
[  981.922689][T20475]  destroy_args+0x80/0x850
[  981.927202][T20475]  debug_vm_pgtable+0x411/0x440
[  981.932313][T20475]  do_one_initcall+0x242/0x790
[  981.937173][T20475]  do_initcall_level+0x137/0x1f0
[  981.942220][T20475]  do_initcalls+0x69/0xd0
[  981.946834][T20475]  kernel_init_freeable+0x3ed/0x580
[  981.952057][T20475]  kernel_init+0x1d/0x1c0
[  981.956409][T20475]  ret_from_fork+0x48/0x80
[  981.961025][T20475]  ret_from_fork_asm+0x11/0x20
[  981.966264][T20475] 
[  981.968612][T20475] Memory state around the buggy address:
[  981.974337][T20475]  ffff88805f7f5e00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  981.982899][T20475]  ffff88805f7f5e80: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[  981.991229][T20475] >ffff88805f7f5f00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[  981.999404][T20475]                                   ^
[  982.004904][T20475]  ffff88805f7f5f80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  982.013229][T20475]  ffff88805f7f6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  982.021720][T20475] ==================================================================
[  982.029851][T20475] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  982.037125][T20475] CPU: 1 PID: 20475 Comm: syz.1.4698 Not tainted syzkaller #0
[  982.044576][T20475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  982.054931][T20475] Call Trace:
[  982.058301][T20475]  <TASK>
[  982.061226][T20475]  dump_stack_lvl+0x18c/0x250
[  982.066098][T20475]  ? show_regs_print_info+0x20/0x20
[  982.071382][T20475]  ? load_image+0x420/0x420
[  982.075887][T20475]  panic+0x2dc/0x730
[  982.079955][T20475]  ? __lock_acquire+0x7d40/0x7d40
[  982.084983][T20475]  ? bpf_jit_dump+0xd0/0xd0
[  982.089480][T20475]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  982.095578][T20475]  ? _raw_spin_unlock+0x40/0x40
[  982.100575][T20475]  ? __bpf_get_stackid+0x6bf/0x900
[  982.105944][T20475]  check_panic_on_warn+0x84/0xa0
[  982.110896][T20475]  ? __bpf_get_stackid+0x6bf/0x900
[  982.116217][T20475]  end_report+0x6f/0x130
[  982.120848][T20475]  kasan_report+0x128/0x150
[  982.125459][T20475]  ? __bpf_get_stackid+0x6bf/0x900
[  982.130687][T20475]  kasan_check_range+0x241/0x290
[  982.135993][T20475]  ? __bpf_get_stackid+0x6bf/0x900
[  982.141196][T20475]  __asan_memcpy+0x40/0x70
[  982.145791][T20475]  __bpf_get_stackid+0x6bf/0x900
[  982.150723][T20475]  bpf_get_stackid_pe+0x343/0x410
[  982.155753][T20475]  bpf_prog_a448e89f4c9ad9d1+0x30/0x4a
[  982.161374][T20475]  bpf_overflow_handler+0x1fc/0x510
[  982.166565][T20475]  ? perf_prepare_header+0x1e0/0x1e0
[  982.171870][T20475]  ? bpf_overflow_handler+0xde/0x510
[  982.177151][T20475]  ? tp_perf_event_destroy+0x20/0x20
[  982.183045][T20475]  ? perf_trace_preemptirq_template+0xac/0x330
[  982.189202][T20475]  ? __perf_event_account_interrupt+0x187/0x280
[  982.195784][T20475]  __perf_event_overflow+0x447/0x630
[  982.201079][T20475]  perf_swevent_event+0x319/0x570
[  982.206358][T20475]  ? perf_tp_event+0x1520/0x1520
[  982.211376][T20475]  ___perf_sw_event+0x4a7/0x730
[  982.216314][T20475]  ? ___perf_sw_event+0x199/0x730
[  982.221682][T20475]  ? perf_swevent_put_recursion_context+0xb0/0xb0
[  982.228461][T20475]  ? __lock_acquire+0x1347/0x7d40
[  982.233499][T20475]  ? rep_movs_alternative+0x4a/0x90
[  982.238916][T20475]  ? verify_lock_unused+0x140/0x140
[  982.244131][T20475]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  982.250216][T20475]  ? lock_chain_count+0x20/0x20
[  982.255161][T20475]  __perf_sw_event+0x139/0x270
[  982.260173][T20475]  do_user_addr_fault+0x123e/0x12c0
[  982.265485][T20475]  ? rcu_is_watching+0x15/0xb0
[  982.270288][T20475]  exc_page_fault+0x64/0x100
[  982.275239][T20475]  asm_exc_page_fault+0x26/0x30
[  982.280106][T20475] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  982.286369][T20475] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  982.305985][T20475] RSP: 0018:ffffc90003a37b48 EFLAGS: 00050206
[  982.312136][T20475] RAX: ffffffff842a2101 RBX: 00000000000000a0 RCX: 00000000000000a0
[  982.320099][T20475] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90003a09048
[  982.328093][T20475] RBP: 0000000000000000 R08: ffffc90003a090e7 R09: 1ffff9200074121c
[  982.336241][T20475] R10: dffffc0000000000 R11: fffff5200074121d R12: 00000000000000a0
[  982.344309][T20475] R13: 0000000000000000 R14: ffffc90003a09048 R15: 0000000000000000
[  982.352366][T20475]  ? _copy_from_user+0x31/0xe0
[  982.357262][T20475]  _copy_from_user+0x8b/0xe0
[  982.362139][T20475]  copy_from_bpfptr+0x67/0x80
[  982.366839][T20475]  bpf_prog_load+0xa80/0x1670
[  982.371636][T20475]  ? map_freeze+0x420/0x420
[  982.376239][T20475]  ? __might_fault+0xaa/0x120
[  982.380962][T20475]  ? __might_fault+0xc6/0x120
[  982.385633][T20475]  ? __might_fault+0xaa/0x120
[  982.390391][T20475]  ? bpf_lsm_bpf+0x9/0x10
[  982.394716][T20475]  ? security_bpf+0x7e/0xa0
[  982.399209][T20475]  __sys_bpf+0x5ba/0x890
[  982.403567][T20475]  ? bpf_link_show_fdinfo+0x390/0x390
[  982.409020][T20475]  ? lock_chain_count+0x20/0x20
[  982.413872][T20475]  __x64_sys_bpf+0x7c/0x90
[  982.418541][T20475]  do_syscall_64+0x55/0xa0
[  982.423122][T20475]  ? clear_bhb_loop+0x40/0x90
[  982.427803][T20475]  ? clear_bhb_loop+0x40/0x90
[  982.432857][T20475]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  982.438770][T20475] RIP: 0033:0x7f95f059c819
[  982.443211][T20475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  982.463186][T20475] RSP: 002b:00007f95f139c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  982.471864][T20475] RAX: ffffffffffffffda RBX: 00007f95f0815fa0 RCX: 00007f95f059c819
[  982.479875][T20475] RDX: 0000000000000094 RSI: 00002000000006c0 RDI: 0000000000000005
[  982.487874][T20475] RBP: 00007f95f0632c91 R08: 0000000000000000 R09: 0000000000000000
[  982.496419][T20475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  982.504408][T20475] R13: 00007f95f0816038 R14: 00007f95f0815fa0 R15: 00007ffccd4ef968
[  982.512405][T20475]  </TASK>
[  982.515965][T20475] Kernel Offset: disabled
[  982.520527][T20475] Rebooting in 86400 seconds..