last executing test programs:

9.732464916s ago: executing program 0 (id=2206):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x890c, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001ac0)={0x0, 0x0, 0x0}, 0x808)
close(r1)
sendmsg$inet(r2, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2}, {0x10000002, 0x10, 0x0, 0xc}]}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="190000960000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r4, &(0x7f00000004c0)="ac", &(0x7f0000000000)=""/10, 0x2}, 0x20)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x100084, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r6 = openat$cgroup_devices(r5, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[@ANYBLOB='c ', @ANYRESDEC], 0x1d)

5.917166576s ago: executing program 1 (id=2214):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x10, 0x4, 0x8, 0x2}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%+9llu \x00'}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xd, 0x4, 0x4, 0xc, 0x0, r0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.776648222s ago: executing program 0 (id=2217):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xc000000, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="1802000000000000000000000000000085100000010000009500000000000000180000000001000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002885000000c700000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0x98, &(0x7f00000001c0)=""/152, 0x0, 0xa}, 0x94)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081084e81f782db44b904021d080006067c09e8fe55a10a0015400800142603600e120800160000001001a8001600a400014003000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x6000}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100))
r1 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r1, 0x29, 0x32, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x1d, &(0x7f0000000580)=ANY=[@ANYBLOB="186200000400000000000000ffff00001800000004000000000000000300000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000950000000000000095000000000000008d074000040000008500000098000000185700000700000000000000000000003f88f0ff08000000b7080000000000007b8af8ff00000000b7080000d70000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7050021bf00"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0xa, 0x2, 0x0)
r4 = socket$kcm(0x21, 0x2, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f00000003c0)='syzkaller\x00'}, 0x51)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
unlink(0x0)
r6 = socket$kcm(0x2, 0x3, 0x106)
sendmsg$inet(r6, &(0x7f0000000340)={&(0x7f0000000380)={0x2, 0xfffd, @multicast2}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000340)}], 0x1}, 0x4000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r7, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r9=>0x0}}}, @cred={{0x1c}}, @rights={{0x14}}], 0xfffffffffffffc96}, 0x0)
r10 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x100084, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x2, 0x1000000000000002, 0x0)
r11 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a80)=ANY=[@ANYRES16=r9, @ANYRESHEX=0x0, @ANYRESHEX=r3, @ANYRES16=r4, @ANYRES64=r2, @ANYRESOCT=r5, @ANYRESOCT=r10, @ANYBLOB="1d402e0c0b18b428c43f3da03a57be1976159be7dea67e275f56df14f6b0f0f8b6de8bf54defa1eb83056bfd58df7fa6dde38e55889346fca0fdf2b9867126c1a651fa2d351a6f45053fd7a35b4549933ed7ce4f578d36bced7f79d2dc41f78bf862cf768f15c85199b1023db05cf67370ec6b24627fc6e98530106ff8dba306250a77bd3ed094b5680f6ebab1e20b8d813bca37e4e5c86083f66abe3782c6"], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r11, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r12, 0x81000000, 0x12, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee6888100", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.776224452s ago: executing program 1 (id=2218):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$kcm(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x400000000004, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7a, 0x2, @perf_bp={0x0, 0x4}, 0x19122, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffeffffffff}, 0xc001, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e281ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00123d000140063904000a0404009bbc7a46e3988285dcdf12f213e6f768fec601955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x300, &(0x7f0000000300)=[{&(0x7f0000000340)="d8000000210081044e81f782db44b9040200", 0x12}, {&(0x7f0000004200)="3d8c5ddb30a3718cef4f5210732f747226e8d7f41c83b136ac097b9a3c24c45639c2d70ee16c4b00790aca819a43b054bd01626eb0402783358806f064ef1fd963ab9b3f56cd18c60b0906d39e860184856b478f1ba6888cc780673762b0ee290d2b7dc0c21ff48175f779a7249c3f043c08a71a2f5abe07c7374fb92b8b3b61da1fa2d87a5263140bb672027b87cacc1b26a07901697eab4911135583935d28d3deb4720aad045d01d80f00db35ede34e1db4a9b9c9e4c8521575a0c0641a92ff7327130f1c", 0xc6}], 0x2}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000640)={r0, 0x58, &(0x7f00000005c0)}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={r4, &(0x7f0000000340), 0x0}, 0x20)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x69, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000d00)=""/242, 0xfffffd63}, {&(0x7f0000000240)=""/205, 0xcd}, {&(0x7f0000000380)=""/210, 0xd2}, {&(0x7f00000006c0)=""/188, 0xc9}, {&(0x7f0000000f40)=""/213, 0xd5}, {&(0x7f0000002100)=""/4077, 0xfed}, {&(0x7f00000007c0)=""/211, 0xd3}, {&(0x7f0000000b00)=""/231, 0xe7}, {&(0x7f0000000480)=""/176, 0xb0}, {&(0x7f0000000c00)=""/208, 0xd0}], 0xa}, 0x40012100)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x20)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)={@map, 0xffffffffffffffff, 0x1a, 0x5}, 0x20)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x501000, 0x0)
ioctl$TUNSETFILTEREBPF(r5, 0x800454e1, &(0x7f0000000180))
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0600000004000000990500000a"], 0x48)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, &(0x7f0000000900), 0x404, r6, 0x0, 0x1ba8847c99}, 0x38)
recvmsg$kcm(r3, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)

5.325228475s ago: executing program 3 (id=2221):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{0x1}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20)
r0 = socket$kcm(0x11, 0xa, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000480)={r0})
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000004900"/16], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffec, 0x0, &(0x7f00000008c0)="89", 0x0, 0xf, 0x0, 0x2}, 0x32)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r3, 0x29, 0x6, 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0xf, 0x3, 0x2)
socket$kcm(0x2, 0x1, 0x84)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
socket$kcm(0x10, 0x2, 0x4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r6, 0x10f, 0x32, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r4, 0x89e1, &(0x7f0000001a00)={r6})
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f0000000100)=r5, 0x4)

5.260695939s ago: executing program 1 (id=2222):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = socket$kcm(0x2, 0x2, 0x73)
sendmsg$inet(r4, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000340)}], 0x1}, 0x900000000000000)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r6 = openat$cgroup_type(r5, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r6, &(0x7f0000000280), 0x9)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x4, 0x0, 0x0, 0x480000000000000b, 0x4154b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x801ef7}, 0x111ffa, 0x4, 0x98, 0x8, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000100)="1400000037000b0fed5a806cb07163990cc47e28", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x200000c0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0xffffffcf, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r7, &(0x7f0000000140), 0x2, 0x0)
syz_clone(0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$cgroup_pid(r9, &(0x7f00000001c0), 0x12)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f0000000380)={0x1, 0x80, 0x81, 0x7f, 0x9, 0x5, 0x0, 0x5, 0xd9088, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xff2, 0x2, @perf_config_ext={0x1, 0x43}, 0x22000, 0x8, 0x8, 0x6, 0x5, 0x9, 0x401, 0x0, 0x3, 0x0, 0x8000})
socket$kcm(0x29, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="178d048604bf0bfb1945d7430008", 0x0, 0x501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

5.0330173s ago: executing program 3 (id=2223):
r0 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x5, &(0x7f0000000180), 0x43)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000880)={0x2, 0x4e1c, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000008000007", @ANYRES32=r0, @ANYBLOB="ac1417bb008000000000000038000000000000000000000007000000070e43aa5889c23ef593ae6bcd1844187c8073b5c9e00000000600000003000000080000000900001400000000000000000000000100000005000000000000001400000000000000000000000700000001000000000000001400000000000000000000000100000003000000000000001c000000000000000000000008"], 0xc0}, 0x240008c4)

4.967457663s ago: executing program 3 (id=2224):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
close(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000200000000000000000008"], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x1c, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8a00fe00000000bfa200000000000007020000f8ffffffb703000008000000b704000002ec0000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000008000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r5, 0x0, 0x12, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee68886dd", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4.778872732s ago: executing program 0 (id=2225):
r0 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r0, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000e00)="b5640aae1e407af01eecff9e22e152ad58b96c15ffd051d17c6c702f21a8abb26b561e7a006b164829c35642692c102092e1f43782559cb76acaa20f228a6bf6ad43b3e153c8df10b894d737c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f2d3ce9c43c9bec897b53fee3e5f94497031ff2e460d2c011dfd60030db5a2899ae09ac8326a85bc8791473d2828d1e28b5f20e286b061c4dade0000000000000000000000000000be71ac52d46dddc7d825a75925dfeac566bf2a025ee203903578e56318d4c98179feea8e82fced8a160891a514bfbe969a0878bdf58f72528b73666411fd35ab7e244b7f8188edeeee2e6caa38ad74f92317e1b3ea6ef023dccefeeda0ce2dff46e1555aa4b64b62bb7a29149e4b6cff7f88bee12648ad99d9939d94a63a2a4bcbdb678cc9e3f2413e839902dd5250ec691613b0d13250c147e42594ad036649ef11920765b67bc514e269e1fa760302b159477bf67ae6b53206b5696ba6f2dbfe4cd434163be9b94a81236a6dd5d1c26e77608f91586c615e70ed87058e97e7912fb4e36e8edb8d50f417628557556868476800c4f0a1c7ace28332569aaa", 0x1a9}, {&(0x7f00000003c0)="5c6817db84aafc4ba93b3b7b773c1f5c014e2a4405abce2e2192542afa9748dcd0a777a42e01e563f192537c527923b0f362103e5bbeda2dca0d9d2b5e5238329691753f1860286f1aaa075a70123a788ba8d0e1205af7751df76effba5cb644966e7b7566d2960bab4c5ba6", 0x6c}, {&(0x7f0000000b40)="9eb8a2c0e241fb0402ac8d04ecbc724648d79b443d283855fdba1e1dc628359101e57e31436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ae2ff2e4ad7a3db413358c266a43f743c155d8bcbab110f73f4f12d0728bada715bf5ab80002346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a14386c73e7017cf0fe0275d2d6f9531b1", 0xbb}, {&(0x7f00000007c0)="4f0461e980a3df614c952ba937542c3956c268ef9da7fc364c6d5c543c3bd84159a349884fb4df8936363169ce8541c090bb5871df329e56747592fa4d29a09dcb4c416503ec1113680af76cba6417576ac2c0d3570f91a9c661f10e9bdab3c038f68844db4a19a8a613d78adb2805e27a1dea217288306169ac437c2401514510725ff144e75b83b8c67735520151c1018c3542bdfa2cae78aeb5d03bf4018be0f581f55e82cc1e851b8585d48a881144bfd5e96b52b62e62abe7ace71093fe8779d41feea0eb401dc005f2e3fe47320e7f945fb04e06c713f062ca47794f9c0b7fa88ccfacc4a51a4e816e0cb8320000000000000000ff512190d1129892fd541a0fbc9a41d70cd0d4501fed5545cd04b7800814bcbf492339bbfe784baba895beda447447a447e088a8d7cb795b3543a8cd8d8efb830dabc88b5b6466cd1d903833fca0e1049480810da129e746e2c9726a846ce85003a6bb9949e5dd140ab97a001c91323d5cb6648d4f61d40d4951ae36a1a404ba3452ae9a969c16a0918b4afe0b7b6afe4d59d8abfed8da45e7b38ce7c6c4daf306d0136c353c109f0a63c26e763dc2fcd93b7c9b7143823cd8272533aa2eb47f873da2e1aeba66332990f5033c712108f71bc055f29317d8dd9b227b524d61381ed55fdb83ee0849699dae2e0bb675bf07392f4a0303f2498c892988420f1e144e73eb89146ccde129625478ae391d7ed1d6f5fc03c603c699250ff4801890eda63df41b0b9d619b2dad24798faf47863f79ee52ee40e8550c52c28a795377d934e9b3cb2f9f0ae973055288f5ebbb6a193e5cf89d3dfff60d4e545abda64b1c55d315931540117b96e72a5c99d165d19e12176acd226a9ec38d6889c913b8c98b3a1666ec9b378655838df06b8318691cded6314ce3bcdd3d1ac172c3ecd2f82879771034f5f1ebb3d6ee5b10c77f269954", 0x2a9}], 0x4, &(0x7f0000000d80)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x40080c0)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021"], 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x4421, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="b4000000000000007905000000000000636f35ff00000000950000000000000054aceb911a2e109498babd7bf4934b9757d8b226dbf6e8fcaf371808defb1bf644f5d00f76cba0ae828ef256004032ab67d9de011109cc6d86e144921fd95700b32ac40c1ad7f4d8c241ab5b227af22b8844a292acf44fef905d715f627a3621b39aae8002eea52b00cf29a02430c5622f1b0674b70389f44dc9b5ad19e3c0d27f001305ceef38fab334cc80beb8e4b43bb41079b72f5d2def3cdb451e57433f5771e3c672e3b02a775218f46939bf8794412a20d670fad4327e1ca5f4e038711a43d3f4d38fe7efa8e198374906dbb799c599fd3882930c780039a59fc4d200fd68796a75c55ca463479c0e225292f9fcf11176"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x21)
sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="96f5", 0x2}, {&(0x7f0000000040)="25b2b3cbea402b0903563ea5", 0xc}], 0x2, 0x0, 0x0, 0x900}, 0x0)

4.01740756s ago: executing program 2 (id=2227):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x2, 0x10, 0x0, 0x8, 0x820a4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, @perf_config_ext={0xfffffffffffffffd, 0x10000004000}, 0xc072, 0x200000000000c8, 0x806, 0x9, 0xfffffffffffffffb, 0x80000000, 0xfffb, 0x0, 0xfffffffc, 0x0, 0x100000000001000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1f, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000066090600000003e70400000006000000180100002020702500000000002020207b9af8ff00000000ac9100000000000037010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x56, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x24040014)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd631180fc020c2f00db5b686158bbcfe8875a0603000000230000000000f5ff0000000000ac1414aa3a"], 0xfdef)

3.948805253s ago: executing program 0 (id=2228):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x8404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x0, 0x2, 0x0, 0x0, 0x8000000, 0x1fffffff, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

3.897360116s ago: executing program 2 (id=2229):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r2, 0x4)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x1}, 0x66)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f00000000c0)=r3, 0x4)
r4 = socket$kcm(0x29, 0x7, 0x0)
sendmsg(r4, &(0x7f00000002c0)={&(0x7f0000000000)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000180)="06329551f716f798c9e223100e3ab93b87528d7c76a06575bc97d603f02c765418a21947d479dd4513c332a47ea8a416581b48a7f12a3bc98afcf716a5ba6cd9f19f35d05a3b8609cb554b610cd92ff0babbe6f8408a9d31235294a1e42f4bf66918c125976ec3f1996212775bbb3aa397e3116c1c98167bf45f4348d78a73363d1a7da89f4c6f1316d63c71674668d480030033e0d9e921f699d39bde9ac76e7b0f39907a3c50b15c2fdbef67e159a97e49e4ce1a77d467ce7dbc694100a5e25e2af5922180684d82539cf004a1138b81b001f381d63722aaad571240377f4ef8fe22373c", 0xe5}], 0x1, &(0x7f0000000440)=[{0xd8, 0x111, 0x3, "eeb232c2743f0e30740d7f8bfde8662a6a6efabb266840848d56af2cd5d972c84d50e4dffe344eafa2a19190b093069f79d3c0dbce3ed29bc32f000c18382afad657db516a289d02c78a08421ac5f406abf02520de52586150c8345dedc10b09f90fa3cb42dfa46b375b675b073d3ba9d80c1830f3282aa7ea6a495d7175a2badddea78cd8af8e57b2cbdaf336dc768e54bb4c7c3bdebae4597a0d358f1a3246dcafa264ed9ff59a551763427e4aa3521e4eb2a0332d25245168001d74f177cc0f19225a"}, {0xa0, 0x116, 0x9, "130fe1737019398a4868284d1773563021aaf523b6efd05f98a1ea0322175bce5200a20c00ccfc392075b8fc862525db7b6a49c58dccf6bf7b82185e66e82c44d5e5361b4f516b77edc08191dfab48cb4729344971aa3b064078ef568aa8798cf764e459e9e0a65aa42fe35648aac8bee277d45eaa5d07cfe282f1cdcf44abb39bfaca09dddc7cc9e73e28"}, {0x68, 0x115, 0x789, "9591e836cf67f23eb9210091d885ef52eede2473e3bae883b3dc0e4dc8b006f718571e3f83eb76b8491c9723f26bbe7c2d37fcc823f63cddcea0c91d45497451837551336bad6b5f746dcce67af8af4eabce"}, {0x18, 0x10d, 0x7ff, "34d511546f"}], 0x1f8}, 0x20008404)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1c8c00005f00071b189da80400008000000000af1f"], 0xfe33)

1.856930018s ago: executing program 1 (id=2230):
socket$kcm(0x11, 0xa, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffff97}, 0x48)

1.81833588s ago: executing program 2 (id=2231):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{0x1}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20)
r0 = socket$kcm(0x11, 0xa, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000480)={r0})
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000004900"/16], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffec, 0x0, &(0x7f00000008c0)="89", 0x0, 0xf, 0x0, 0x2}, 0x32)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r3, 0x29, 0x6, 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0xf, 0x3, 0x2)
socket$kcm(0x2, 0x1, 0x84)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
socket$kcm(0x10, 0x2, 0x4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r6, 0x10f, 0x32, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r4, 0x89e1, &(0x7f0000001a00)={r6})
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f0000000100)=r5, 0x4)

1.81787493s ago: executing program 0 (id=2232):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x0, 0xa, 0x0, 0x12)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x308)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xf, 0xc, 0x0, 0x0, 0x0, 0x8, 0x640b9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x80000001, 0x9}, 0x8000, 0x83, 0x43a1bd76, 0x7, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200c}, 0x0, 0xffffdfffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x11, 0x200000000000002, 0x300)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x5, 0x14, 0x0, &(0x7f0000000100)="259a53f271a76d2608fff74588a80a3888ca2f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$kcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000e00)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000010000ffffffff0604000000002eb800"], 0x0, 0x28, 0x0, 0x1}, 0x28)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000780)=""/174, 0xae}, {&(0x7f0000000500)=""/219, 0xdb}, {&(0x7f0000001b40)=""/4050, 0xfd2}, {&(0x7f0000000b00)=""/4117, 0x1015}, {&(0x7f0000000600)=""/212, 0xd4}], 0x5}, 0x20)
recvmsg$kcm(r4, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x80)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0xffff, 0x2, 0x10, {0x2, 0x4e21, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x10b8}, 0x20000000)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e}, 0x94)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r6, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)

1.81733708s ago: executing program 3 (id=2233):
r0 = socket$kcm(0x2, 0x2, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000880)={0x2, 0x4e1c, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=r0, @ANYBLOB="ac1417bb008000000000000038000000000000000003000007000000070e43aa5889c23ef593ae6bcd1844187c8073b5c9e00000000600000003000000080000000900001400000000000000000000000100000005000000000000001400000000000000000000000700000001000000000000001400000000000000000000000100000003000000000000001c000000000000000000000008"], 0xc0}, 0x240008c4)

1.686897926s ago: executing program 2 (id=2234):
socketpair(0x18, 0x5, 0x401, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x6753, 0x8}, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[{0x10, 0x84}], 0x10}, 0x41)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x8010)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d0301feff0000009500f000000000006926000000000000bf67000000000000560602000f020000d706000020000000620a04ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5275c00"/420], &(0x7f0000000100)='GPL\x00'}, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f00000014c0)={0x5, 0x80, 0x0, 0xfe, 0xff, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x1590, 0x0, 0x8, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000580), 0xc}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x24008814)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @loopback}, 0x10, 0x0}, 0x34004000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x7, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000240)="81814f1bfdeb006415f979d27444a8f21b8b3cdc", 0x14}, {0x0}, {0x0}, {&(0x7f0000000800)="3faf611636c6ec7a219a9f374474e0cf351f790575c8d2e9b7ea944f2e2bb55887da7ea8b373ceca8723234632b72e26a27786ca808ca9bf93b2795b", 0x3c}, {&(0x7f0000000280)}], 0x5}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, &(0x7f0000000140), 0x0}, 0x20)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r2, &(0x7f00000000c0)="89c6450a8e8e1bb539d4d44b74edba0ddc825e9a576faf8805f3bc98b649466188833df5529f19952dfc2a45bf7acf9bbed8e0fe98d0a71474a198ffa604b9e85ca276c76c419ae3b9eca3d2e48a901069c5aca8599e5361c6c0dcfbb7c7e1b70a4bb2f7066dbc80936955488793e592d005", &(0x7f0000000500)=""/241}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0x1}, 0x48)

892.608306ms ago: executing program 1 (id=2235):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000100)=r2, 0x4)
sendmsg$unix(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000008c0)="a6c261658951", 0x6}], 0x1, 0x0, 0x0, 0x40000}, 0x20004011)
recvmsg$unix(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7c, 0x4, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
socketpair(0x1e, 0x2, 0x2, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r5}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r3, 0x0, 0x3500000000000000)
r6 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x16, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000001"], 0x0, 0x100000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r6, 0x84, 0x7b, &(0x7f0000000000)=r9, 0x8)
sendmsg$inet(r6, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000340)="d1", 0xfffd}], 0x1}, 0xc54)
r10 = socket$kcm(0x10, 0x400000002, 0x0)
socketpair(0x15, 0x1, 0x80, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000380)=@generic={&(0x7f0000000300)='./file0\x00', 0x0, 0x18}, 0x18)
write$cgroup_subtree(r10, 0x0, 0xfe33)
sendmsg(0xffffffffffffffff, 0x0, 0x4058080)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x88, 0x67, &(0x7f00000002c0)=r11, 0x4)
socket$kcm(0xa, 0x3, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)

892.090116ms ago: executing program 3 (id=2236):
r0 = socket$kcm(0x29, 0x7, 0x0)
sendmsg$kcm(r0, &(0x7f0000000280)={&(0x7f0000000080)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000100)="43ccdc17e543615b2bb0b5d60624a232603e35914a28de041ca3130d81815ffc", 0x20}, {&(0x7f0000000140)}, {&(0x7f0000000380)="887eceff97d60e909c67e7dfce24af403777b9f4dd82ea96af2c43921321703062ea39dbf0f17189d37bbbb6a2320815a7a783218bb961c1649f0db1de0d1fffa4199fa23b5bdc250a12caf46706e8a22caf8cdfc9d3fb5fa5e9ef55c91ee53a2caeb44e81131a92db67ae04bf03c8274c11007614d9ada740312c1ef7f91ef764e2d7d3133362ce989ccb5771b81205c4ced9f6c323ed", 0x97}, {&(0x7f0000000440)="0d36b3e06429b9ad59f816418aef2adf7da278cb5ff45710440e4c01300a1b6c9af2f88172ce60c4df22022e75d1c967cc2e2611807bc6363190c2fc8735a1f4788ab273b1872d9eb4b9f5a663ccc697b014e09bad47f89cc9c489", 0x5b}, {&(0x7f0000000180)="304f1ceaed1fbe3ca6c2fd33041d8debf113", 0x12}, {&(0x7f00000004c0)="77d5d9aacbfb5995cabd060e0bff5e495061cf334ff2f18624dfd12537bfb8feec7336ac22daaec667b04f2626f8b5925fe547ccb68158e72566a552ea8908fec15f7479b68c5097bdadb50839c6eef8cdb3273bcb1f1fa4c7cf6b63467f155355c91bb1fb65eaa1fd15018812fec43512763281e5333192b97b9b90cf5caced9ab0bdf5a0ae13c71ffe33d319ac15cbd270bebb13c2c8b82802b5c6134616cc8e2c84c88d63b3fd92b37004024824a2e3cf0a5fa3bc49a13f7e29fdcc06c8372df35bdf8284f6630f913ad300368c462052d0", 0xd3}, {&(0x7f0000000640)="24c513479dff72bad695f8e3ef9673cc7c2d7b55d4c47463a601bbcbcb7ab282f8334ad1ded0c6febff290c96ac266e5608bbc52d3a5325a21af4e8123aee3e38a48065e252cd5c9243d4689112f6dab791fff1a36f269039ccfe430d492d7d39084cd8b538186642d47dc88c44ce95a956568a7c5a2f00ed0f78059e8f348b62426a64e491cef199512a80deb9ef5bffda28e5e7f97a7d99337c4852c05ebd655db1387e97d43c9a0f63e281dd90406beebf47be03b9d803bb90d9a55d69543ea6fa34408469e0d141cb4749d6d48f28c9cb488a79fb5681034b2c859327cdce4c717248fd8b20708286a0b1c1b6019d0224fe7be5b2aebfec15625573eb6559729c6dd29d69e58a7455926169ec61ac348b22ecbf90ca96eb6fa229c9cf06ce2bdb86b7fb44116dc7161b023dcbfc1cef96354ed4a6bb9f641655e2a2fa189e78e008e1b3b7261813330ca475ae074a686d03bff1aa55f7c98efcdb7afe327a11f82cce0cda27de4387d2b28715b9c5d9449dfbca29e70524d05192e86491c5eb2f35398d96515e147cc5903b3eea14beee4ac5d551b4e63e57477413b91e64522826083b65760d880aafa314ee0999dbc8c63ad0f75f95b00dc85f4d45b5dede35199cecac4a67ffd1982130b63e5dba81d584d420c8c06e1d0dbb0688d6897536b1febed1fcabc65fecd795497677ee1dc19ada1d6773c1a9f9c8c014e92ab899eeb778eb7d7d99972131af8edc91cb628fab14383b32379b617e229618fd2eb4a68f5de402275fce37feb29ffa4697471286f81fd66b9bf416b10c69808620e788d52ba5133f02334c13dacb398ecf6203a611c71ffa7a18600b76b5a0439b9cd6d3b72d57bf5747bde642b7b60541c7457905431497e9f0448a6dbf353cfa76628b083a05e63e21770db956caaa71b04c7f9cb3387c530c8f007e79778e9524c09d9321e408ca96f85a7aee60a06453cb952edb9f42fbcb07f8c0822701e6a47dfe53374a3403789a1d1dd2ef0c2568a173bbed8949dff5601755bc2870c81f667743d5ca19faeefbb7aa6288a0b25b2eab793c6b20180ea2ad2652aed429168c696f16b776e7a43bd7691080c7da0057e26150ff291e733c7eaaf3bd739c0fb30404f5197d0d8ed53852b1ced2b8673f108aa47505727c43cb16806e46c819901012189058f24cb5d8671df682bb2f536e87da550f447488c00f4024ac1b2d44911ff74184401c89d9f7e861d4cece89867481b4332f097187a55985d1e0c87f30cd26b0ebbdf502725669cc24d33fc53731b3c979fc941419f7c1e5338a8a920026c2cb4baf5fb104ae75c3dfeb98e4c247e929bd87b7727348bd5872a89111c86f56a9e2cace8d9f0e8a57f046749038283a4c6f04651b7271bfa8da2b5aa23f0a1d4badc6a5959b563fd0d76f02e53bc908bbf87132630f60c8c6ead8d8635a10ef39e32ac7b1c79b2fec8a9cff516d50beac7784b003791d2eef6f0cf39d349ebbb8ef0aa6947d24e95177f561849734ddc5778a0b39ebc1293b34197a65fdf277504b555f43e9149cf84c5499a46a3d799c5202ec1575fd5038bf2c99d6dc5a0547fe9665b6384edbd1f01e9ac868d95b39891fa18abc7000d58099755dd77a76b9040156f82427afa01d29034f675093925cefd4b60eebd6ffed1c5c04e0dc54e2dbbd38b7fee53150a4a58e30a3d736bd45640f6b27ca4ec95f7cc27cabef9fa8710545adc52b0eb2aa39fe1a271b83fe93e30f58eb4e43c74276a8ffa8723e108a807b62c4c93c5a1a8a67da3ee242899eba55a60414cdbe760c3fa0886dbd11769f699cddfdd1693b3e946d9235b02235be32b08259b221c32f1aeda4a49af2bfe01ecd215c0c2b14c7be67592227f598e46acdfa394d5a19876be8d86d0ee7c06685b2e44e49c9ed9f3825df3a5da7784a07fc6a3bc3612152e0f30380e4f084063ec38e868e2812bf848c482d493e5671d2e4612c0c4f7dffd1aedd5de2c83707f4d9dd6e3ee38df7c885d88bef7c3b8045221ea485e66826b913618fe0ec849995bd2d2cd269ab1c6fca9cbb315437504608b73f09ed6bd1fa2f40ab18bafd51fde953002c23982df658e12da3c2c77a76cd432ea0e0a362a92ed74ddc7fac98e581af450a78aa823be0215c3ba81d1e94856a96ae7fe4a52c77f0f1bd9e38fe6b5a5479d8adaa1ee0f1e871876a993e11ece58b564411cc506cdce8df92fd043bc1cf0ca1b27847cf5315def0f9f7150b914ee0f4d6467f79ed71666dd5cc3e7a06242a0a24c91c7ca7a1e1290768f2c98523ad153492c5f29236be7440d2400bdf979a284e0e10a45e43c23d5c754409a7e0ad75ed25065cb92af3e628390d0640094a7d7444ef8468e3ab236a524241e0ab0699730d086dc6784fdc3ad18ad43e36ab9cc24af1db1340db2c42ef60af0baa7d55919644e33c24a2032ffaad067e5783110a0c069a5308abd4a1da9edcaa5963e5bcbd0d7bddc367e6b7c41e729ae4e2cece09a6b2008f6ae0295f714ef46d8634f78506871cbc764f176555c6936a9be7532572d5d04f27aef302485993149343381a6c8b8ce1781a086fdedbd707e44df08e0fe6878860e76375fc5d271012d3f429213767c543ff7b8a7287d05a7b4b1f60be49a8dfb3f00c9011d47e1ae1e87020f8ccf5055ef2af96d29fa782f5164073372384c7e6e0aa0f04f08e2949cbfb6d18fe58f2eeb4ed4c94112b03ecd88ab4e37da5eb42f97f0c93daf07956a4970ba0c85cd5e292e3c0d7f5362ef4c08702352e3cf0d5f75474d9874e69fa1cbe152be4eea435dba0491e343d92389568511ad13b696dd06991cd8167aa53d28f09edb567b0eb641bb9df78ba08885763b485935459b2d412381940813f6ad926f4b2ba1380704764b2e52e6c114fffe003f4d123d7fdda8667ab5e7dc2748953251fa2267b57e2ac44f021bc9340c6db5610b57cba854ad182e6ac2ef5b8c4e153373ebdd554d0840c6b8e0c7c1a9b7e76550168c400fc0c9a2ef7e26708fb2fc49d263aaa9d42290b0b7c28f7e39f829f11faa5669cc99bddb8bf7532d949281cc394007d9779ddbe4ad6cf9adafc34332c6c1437e3e8bc024825500bf8c32efa2ec0ff1c5918b5bd86a9ff2a738b6db378586a4dfee9fbe69a6d28d34429634d04d754fb7526c99480b91ed892382acec98a38a0d18240f452c614db1815ca7eadd3fc2f5f961966a80d9aa227d8277e8e469912e445c65e0bb013b0a1fb546c124c1b9435edb5ad0c47773cdc2d1428cfd60afebcb336d561f0d8e976e19624f730f5c5eb2dc5236e29a600d38e8569cf72bad24009bd3b21aa7b1078fd73d8d1ee88d4913d1efff5718111c486de880547ce18b57e20054b5ffb92a11220850d71cddf0318515250b2628e5e6c10a2aa6d656259805471549e80cc3b2ba9ff1a9eec2d7095297aa99fb76970c9c737f34b1c61550affda1b61e6e26edf15656a943158275f632e8a188fdb471833dd43d7a0a30c65b8d78204b4e102f3bc66707d5dc9309e80ce7631e02df9849caa70899f3bdc1f35de950ee268948da543cd127d1765becee5058dca01a392daadfc53bf3f18cea2bd31a886f156bed3d836eb2c8ba5c816ae4331ef0881290d899a5f4ce19b8a629f244ab171598a42401dae7a30ca5d0c5509af93018edf32a106229a63a644cf92b4d5d409e36288631f372396365bb38ca3eba30367ecb2096c26483bb8a375283076b0ebeaeb7b914228d83e601a311523b7714b92911625562159cbb999800cb0de84e707b1813054d0e8cd44f5d544930131d1931681baa49749716852180016d885703e622d0e66a1107131e9075b6827de018ded557a76c358324433f992167c8f88c676dcc1037e823df53560b443bafca8709582ce5125e3ea82cc7c397dfb74b96721a1603e710736b5b9dd70a564a9cd54d8b0d1afd15a60f011b1170a5599c2c4c29d097eeb601857de7c295720c2fa7cb4724c20a1291b6591bea10b7c152321f4760250ef4ab218551ee348432353b974591bca465f4bb31b515f2b1e7aab27495de084f251f9f9bfbb67a04f880bd20ad116b9b84a17ec0ca9cf4cb7ac550ecc58c45577ca7e296e40817fb7a38d18ff144b675d1784e1a6efa3060c90e82d28c61d565bf734e98eccfe3666ef68659d1b50a30fa328d70220f6ef1e21aadf06ff53a92d7beaae87420d8197ea59f70cfa324624c9c5ef51ee52ab53ba8f13be6252ec44a26b4aa5964a5488faede4d729773e78d0dbce49a6c542d48737c42a84ad6d4d43548fbc3725c93554e5833e5994ab5ad26c41a593e8d29c57089c7a4e2b65d13971c063304b3f9a20d0eb08afd0d12f9e7c7e10b60e2e1c11d5fe291ae2c98e6a69b9f66034e2fb9a0eb7be9ee69bf02b26d14e23b3f22aabc7d15eb8263e376db50a81f056dcf5202e4e01f74a3444317ac89c7ced102740decaa5d31801d643efdff2aafcf12bb02d8e0c55e313a26956088bfd74cc3128fd175b3f21f9e18dd1d1fdfbf942a91e1fc76fd9cc3ff0bf9d89a91171c41a60c2cafe003a87d6a5d9849a8ed4e29211999781105b89e169348e23af72743283c545629e4c5b1e6339e02077120a1caf5d1039d3c88436006bf4daa24728d970029f76178e48174625d1939e49d674a61a5e55e53944b6bebbb697cc5dfe5ea58357a03cc045cbcc044558f0fc00b0add4e5e1e4b4febe137db5b9f556b7cf12f757b7d9b35f636d93b1dec4f9c92ab4827b80f77c08ad68fd36262fde2057a50120592edd679326d0d0aeced9189be800a08230680788a85dd6cba90abc66c7e4f0db0b7625a45c994944b5c41de311bd833cf203b93af1b9818ea3a679164ee221f41eb6d26e6481bb277f45c7ff84d2716066f968493d40ed334d2717cd44356915406ebe81eaa94d3510b1c14c1642ddac04b9f2d1ee91e63e59cb9c8ef71055f05565d3545f8292dea52f2a27cf9cc459be0599729354d0dfd38d2eab04dc85d6472a147b7af9eab1c8e8ae1831d5afbad6ba9deb401d28029a8d57f82f75214db98e66b0916d32f8955df5d8a8ac9041e272f51f91bb6633abac4fcb3fc1835844d0f991196e235c0449efb2ad07de813f083c303f2bed589407ce405288acf03e54b95c01e8a97d4bf913754d383f79fdda3839ff6886649791756fa4848aeebd9649310a68b10706e894ed47a2fda0bbec95c420caa9ff42e3d02fb91fe6ae1fbb822394bbafe1c38692031506a0b0eaaaa6fd8535dfeedb716073b7663129969530c60e37d2ed9a2a1c37fb9237605f84a2effca335ca2230d9021ad0e8b0b4169036c1ce94813b5af75cac752cbbe379084cba581e905371505324d6f7f37ba7e727447542dcc916263ccacc3c6f92872ac40904a2fc239cf31edb0cd3aff55e9143c4d4a7a6d77d1f6991c7063199336fcfe52f80e27b198079adee1f2e9e3d91585971ebdd45b5c8ff184ffb6710c9170a0d0e38d5a32d135fb54c7de61f772f725610bf7ba26a8c746aa0ee8239730b6807b88075cb4a47b90894e87c4a4396044e44b18760984223449a667fa3ac545cbeb022b66dcea7b7e4af5ac7641b4ff357d2996ef91c0e94b23490ee2a2868eb10cad1dfbfe3de4714456fcf9e524dddce65e49ec7e41d587457f861919e2de923d4f38be84680d42cfc7d42d68538ff8945e7fb8e3013facfae0deab46d4191f0435d3837b461463ece793b62b5d76cde657f8dd61b60e52596476efce3e1146831a88ff3d0e37a6223d18cce5", 0x1000}, {&(0x7f0000001640)="d5639c3bdf4e90951b8a8e859f8308fd5ab130172740c1679f7c76b977c97cf52880e2601a54150167247cd3427a024ad2a51bf5a6450cdcbae164291254481f3e7c001be5135553554f744a0ad626f9f7e135a08fa62b", 0x57}, {&(0x7f00000016c0)="e98109033acc54ab125c3b122f05598e6caff3f6337bfb4786d23b05381e4d7f2bb40ad4d7dbad20c26f04d7154bfb33099df904b8f2f353b2d76b76c612d5f34df32d3746ad3ca382dc8d3691b8f43bf6d99c68c4d4654da7c303d53b1dd0f46a5f7eadf2841e4dc0a648d33d8771a9d293f7c4959ba23453adf6e6fdd0aa65c2da63680d64d902510bed9b7764cdf8f53e609a36ca2ae445b0f468f284b56cfde043db9ef5c4b2f32ba1018df0ca9943111614115b8a3105bf496f6f3ea4", 0xbf}, {&(0x7f0000001780)="efa2ef24e6a2c4e5c79c0a88b96a3aad4afc94227612851a761f866271e75b3651b5ef4a9f0071ad580a11b99f80db8c9bbf95d8696e3e39eb16010520904eca331e127444724fad72853f472ffcd97db705028cc562d2c4f543ac0ee64c775088097bcb99b81ce12fcaf7bc1e03f038457a74a8bf3a7bf54139d36913da94010ff02a19fdeb0ed97f33bc7120be16e524e4b8c2354300378108c71a067c009a13fcada8207dc3b148250985c437eea425c378de8649b39c91c351877d1d1f1448f7fa13c53824e56ee031201ab947", 0xcf}], 0xa, &(0x7f0000001940)=[{0xd0, 0x117, 0x2, "bacaf1da633e771c2974d0c4f1c9f038033b8516c2216ddb44fc717893ae435cb79fc6ac64a50ca5ba0aeae9c0881b6a1f8251dda308c1f359ba26402bdbfff76f4d20660ac0c97b7a6fefe7d08571e0c6e7d62a7563fb73642800afbb8fb034f7b84cc09e2c166b3c06aa1d877bab1c90ae16ee4e3b1c6d25748a76ed33eddec3a5b5504634fb2a0ca8c3ec180a441432631fbaca8b534e70b5aec3273ca6b19e822c038c8e9ab224bf566009978d29b888249fd736e921fb338b"}, {0x10, 0x115, 0x1ff}, {0x40, 0x1, 0x401, "f3914678a8efa650feb680445604efebf878fc9f26ff49b9b873a60e4cba86bb181800e9ee6778108f5b34"}, {0xa8, 0x3a, 0x87, "d28b86da8a01f7b0a38e432712dd6ad137d4992de7c02c6d9b04c3b4a68c2905a3b94bd035b4068a32be71fa41aeda0db8e1cfbe59c6cfe15db446b16d9bf6abc613dca33fcdf0658c8101418bf460bf1fe450c30a264cc4c71a051458c0255853a1b0497f7bce3ac962d4af87a19d42c5f38df7ba50c3267e05903d600210ea595112f7bba748fd53004ddb56713d92c23a0b9f6c"}, {0x60, 0x110, 0x2, "e26206cd39f546317a0fc7c22167042162f941760a9daeb9075258beeaab2e944ae0fd23bef222510987f725ebeb776e3f0c947ef6bef56d20c2b4fc0c1111610b887fc9ad3c625af5273172eca4"}, {0x38, 0x107, 0x7, "4e87cb09421ae7d975518fc317a614c52a4dd15a5469d599bdcc53944df5907ef84bb68af1cf32"}, {0xc8, 0x1f0, 0xfffffffd, "6b0e06e7fef227c101df747f1746bea760cb7f91f5fb0fe5e95ff997e23fefbf785eb468318310ad40fb0d62d2da8a3b73f09dbc96d0e64ff3a5361b94e72d08e15441ab872b867ba962d9d31404210e5231b9bc362a852c12ef2af569645ec11656d0e02c7993bf7c7f339dd1b80fd46b2e3a1b4f911d957e6eecfe7d3aadf3d88ca30acb8081bd22272d5dcff5a194da58d0a21ec0cd30109db5c8075acd2b2016f71f312b249fc30af0588cdb8d3f505a82c610"}, {0xc8, 0x113, 0x6, "c00d9fc81eb7da47937f70c7aa4bee5f02f364151a6513d03ab56dd61e054936300c60d61d39f91504a36e9e03a9ebdcfd0299bfd9aa2d38ff3efab79ae3138abd676291768f9615da8cea12398e3eb77b9e5a757ef78e4e5bb508f2dc2c8ce26547b68915648181ea70ea57aa3b708316d156c8859f051d3e9401277bfed69e3ee2001aa25f501cb785a8abc04d5258284a8f2f4f6469fb44d56f32ba30c94ad37bee2864824a06296bdfe08f81ea659f4c0bb6"}], 0x3f0}, 0x40000)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000010000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

859.680238ms ago: executing program 2 (id=2237):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x9, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000340)={0x8, 0x80, 0x0, 0x0, 0x0, 0xff, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0xffffff8c}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

724.021905ms ago: executing program 2 (id=2238):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
close(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000200000000000000000008"], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x1c, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8a00fe00000000bfa200000000000007020000f8ffffffb703000008000000b704000002ec0000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000008000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r5, 0x0, 0x12, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee68886dd", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

722.591395ms ago: executing program 3 (id=2239):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = socket$kcm(0x2, 0x2, 0x73)
sendmsg$inet(r4, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000340)}], 0x1}, 0x900000000000000)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r6 = openat$cgroup_type(r5, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r6, &(0x7f0000000280), 0x9)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x4, 0x0, 0x0, 0x480000000000000b, 0x4154b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x801ef7}, 0x111ffa, 0x4, 0x98, 0x8, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000100)="1400000037000b0fed5a806cb07163990cc47e28", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x200000c0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0xffffffcf, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r7, &(0x7f0000000140), 0x2, 0x0)
syz_clone(0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$cgroup_pid(r9, &(0x7f00000001c0), 0x12)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f0000000380)={0x1, 0x80, 0x81, 0x7f, 0x9, 0x5, 0x0, 0x5, 0xd9088, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xff2, 0x2, @perf_config_ext={0x1, 0x43}, 0x22000, 0x8, 0x8, 0x6, 0x5, 0x9, 0x401, 0x0, 0x3, 0x0, 0x8000})
socket$kcm(0x29, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="178d048604bf0bfb1945d7430008", 0x0, 0x501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

672.515497ms ago: executing program 0 (id=2240):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000150000000200000000000000000000000000000a0300000000000000000000100277734370e6b45845c626c3f3ac85fe0beb6ee47fac87c81955a581894cf9b827ab7bd20721b8da1b501fd785982688ed48de2bfacbeec0dea5538ddb9a0c"], 0x0, 0x56, 0x0, 0x4, 0xfffffffe}, 0x28)
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x8000)
r1 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x0, 0x22, 0x0, 0x4e)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r2, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @multicast1}}}], 0x20}, 0x0)
close(0x3)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x40009, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0xffffffffffffffff, 0x3fff8000}, 0x0, 0xff, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext={0x0, 0x1000000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, r3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000057700000000000000000000182ec0002020702500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb70200000800c309b703000024000000850000000600000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095000000"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0xc}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
r5 = perf_event_open(&(0x7f0000000540)={0x7, 0x80, 0xb, 0xc0, 0x7, 0x6, 0x0, 0x5, 0x100, 0x4, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x8, 0x1}, 0x8, 0x5, 0x6, 0x9, 0x7, 0x35b, 0x7, 0x0, 0x2, 0x0, 0x8}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x8)
ioctl$SIOCSIFHWADDR(r4, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000780)="d80000001a0081044e81f782db4cb904021d0800fe007c05e8fe55a115001c000200142603600e12080005007a010401a800160020001d400d000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000000dc0)={0x0, 0x80, 0x0, 0x5, 0x8, 0x6, 0x0, 0xd, 0x20002, 0xf, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfb, 0x4, @perf_config_ext={0x5, 0x8}, 0x2a0f, 0xc046, 0x3e, 0xa, 0x0, 0x7, 0x8, 0x0, 0x8, 0x0, 0x4}, r7, 0xc, r5, 0x0)
socket$kcm(0xa, 0x2, 0x3a)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8b06, &(0x7f0000000140)={'wlan1\x00', @random="0100000000eb"})
recvmsg$unix(r6, &(0x7f00000005c0)={&(0x7f00000006c0), 0x6e, &(0x7f0000000e40)=[{&(0x7f0000000f00)=""/121, 0x79}, {&(0x7f0000000900)=""/148, 0x94}, {&(0x7f00000009c0)=""/93, 0x5d}, {&(0x7f0000000cc0)=""/216, 0xd8}, {0x0}], 0x5, &(0x7f0000000f80)}, 0x3)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x24, 0x12506, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x7602}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)

0s ago: executing program 1 (id=2241):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000001800)=ANY=[@ANYBLOB="0a00000016000000b30000007f"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3, 0x0, 0x0, 0xfffffffe}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x25}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90724fc600d0003000a7401", 0x1b}], 0x1}, 0x0) (async)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014990580700036010bab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e800ef52a98516237ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92d54b43370e9701", 0xd8}], 0x1}, 0x0) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e00e020023200b02d25a80ef8c6394f93e24fc60049d0d", 0x17}], 0x1}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070ca00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000190091c8b14a0778a8123d181d"], 0xfe33) (rerun: 32)

kernel console output (not intermixed with test programs):

: adding VLAN 0 to HW filter on device batadv0
[   91.367681][ T5767] veth0_vlan: entered promiscuous mode
[   91.423167][ T5768] veth0_macvtap: entered promiscuous mode
[   91.436979][ T5767] veth1_vlan: entered promiscuous mode
[   91.497336][ T5768] veth1_macvtap: entered promiscuous mode
[   91.601947][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.612940][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.629289][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.663242][ T5769] veth0_vlan: entered promiscuous mode
[   91.670015][ T1133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.687492][ T1133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.723788][ T5767] veth0_macvtap: entered promiscuous mode
[   91.733681][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.748094][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.759839][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.786315][ T5769] veth1_vlan: entered promiscuous mode
[   91.804892][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.815503][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.826081][ T5768] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.840220][ T5768] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.849637][ T5768] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.858529][ T5768] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.874367][ T5767] veth1_macvtap: entered promiscuous mode
[   91.992736][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.007702][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.017980][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.029185][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.042676][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.054433][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.065775][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.076456][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.088021][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.099775][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.123743][ T1133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.152856][ T1133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.182136][ T5767] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.193625][ T5767] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.214748][ T5767] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.228015][ T5767] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.261014][ T5769] veth0_macvtap: entered promiscuous mode
[   92.284839][ T5769] veth1_macvtap: entered promiscuous mode
[   92.303644][  T968] cfg80211: failed to load regulatory.db
[   92.379743][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.401545][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.432417][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.461728][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.476787][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.489945][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.502395][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.515716][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.547842][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.548059][    C1] hrtimer: interrupt took 106237 ns
[   92.563021][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.585166][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.601711][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.612524][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.623759][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.634573][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.647394][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.678343][   T51] Bluetooth: hci1: command tx timeout
[   92.683924][   T51] Bluetooth: hci2: command tx timeout
[   92.690564][   T51] Bluetooth: hci3: command tx timeout
[   92.765685][   T51] Bluetooth: hci0: command tx timeout
[   92.794895][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.845028][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.859489][ T5769] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.874850][ T5769] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.904862][ T5769] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.922865][ T5769] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.041988][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.054970][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.094222][ T5838] warning: `syz.2.3' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   94.343412][ T1133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.370077][ T1133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.470385][ T5848] netlink: 'syz.2.6': attribute type 10 has an invalid length.
[   94.756263][ T5082] Bluetooth: hci1: command tx timeout
[   94.762042][ T5082] Bluetooth: hci2: command tx timeout
[   94.767945][   T51] Bluetooth: hci3: command tx timeout
[   94.851491][   T51] Bluetooth: hci0: command tx timeout
[   94.858345][ T5848] team0: Device ipvlan1 failed to register rx_handler
[   94.964916][ T5857] netlink: 'syz.1.5': attribute type 2 has an invalid length.
[   94.985280][ T5857] netlink: 'syz.1.5': attribute type 1 has an invalid length.
[   95.004514][ T5857] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5'.
[   97.354771][ T5848] syz.2.6 (5848) used greatest stack depth: 19240 bytes left
[   97.375468][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.383366][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.428751][ T5851] netlink: 'syz.1.5': attribute type 5 has an invalid length.
[   97.437014][ T5851] netlink: 176 bytes leftover after parsing attributes in process `syz.1.5'.
[   98.361532][ T5880] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   98.368371][ T5880] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   98.442968][ T5881] Zero length message leads to an empty skb
[   98.462866][ T5874] syzkaller0: entered promiscuous mode
[   98.470130][ T5874] syzkaller0: entered allmulticast mode
[   98.801583][ T5884] netlink: 60 bytes leftover after parsing attributes in process `syz.1.11'.
[  100.860217][ T5894] netlink: 'syz.1.15': attribute type 10 has an invalid length.
[  100.872257][ T5894] team0: Device ipvlan1 failed to register rx_handler
[  101.463710][ T5910] netlink: 'syz.3.17': attribute type 5 has an invalid length.
[  101.491697][ T5910] netlink: 176 bytes leftover after parsing attributes in process `syz.3.17'.
[  101.642856][ T5910] netlink: 'syz.3.17': attribute type 2 has an invalid length.
[  101.694565][ T5910] netlink: 'syz.3.17': attribute type 1 has an invalid length.
[  101.783895][ T5910] netlink: 152 bytes leftover after parsing attributes in process `syz.3.17'.
[  104.255638][ T5929] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  104.803434][ T5941] syzkaller0: entered promiscuous mode
[  104.815272][ T5941] syzkaller0: entered allmulticast mode
[  105.571733][ T5949] netlink: 'syz.0.28': attribute type 10 has an invalid length.
[  105.703880][ T5949] team0: Device ipvlan1 failed to register rx_handler
[  109.551586][ T5976] syzkaller0: entered promiscuous mode
[  109.561258][ T5976] syzkaller0: entered allmulticast mode
[  109.712898][ T5978] netlink: 'syz.2.35': attribute type 5 has an invalid length.
[  109.741071][ T5978] netlink: 176 bytes leftover after parsing attributes in process `syz.2.35'.
[  109.760175][ T5981] netlink: 'syz.2.35': attribute type 2 has an invalid length.
[  109.828857][ T5981] netlink: 'syz.2.35': attribute type 1 has an invalid length.
[  109.846755][ T5981] netlink: 152 bytes leftover after parsing attributes in process `syz.2.35'.
[  113.898181][ T6018] netlink: 207496 bytes leftover after parsing attributes in process `syz.3.48'.
[  114.988327][ T6005] netlink: 180 bytes leftover after parsing attributes in process `syz.2.42'.
[  115.006344][ T6009] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  115.013399][ T6009] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  116.272528][ T6045] syzkaller0: entered promiscuous mode
[  116.279750][ T6045] syzkaller0: entered allmulticast mode
[  116.741292][ T6059] syz.0.61 uses obsolete (PF_INET,SOCK_PACKET)
[  116.954397][ T6068] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.65'.
[  116.975730][ T6068] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  119.646394][ T6068] netlink: 'syz.0.65': attribute type 21 has an invalid length.
[  119.654349][ T6068] netlink: 164 bytes leftover after parsing attributes in process `syz.0.65'.
[  119.679222][ T6071] netlink: 'syz.0.65': attribute type 7 has an invalid length.
[  119.705824][ T6077] netlink: 'syz.2.68': attribute type 10 has an invalid length.
[  121.855973][ T6094] syzkaller0: entered promiscuous mode
[  121.880332][ T6094] syzkaller0: entered allmulticast mode
[  123.587428][ T6128] netlink: 'syz.0.93': attribute type 29 has an invalid length.
[  123.670709][ T6131] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.85'.
[  123.685248][ T6131] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  125.905594][ T6128] netlink: 'syz.0.93': attribute type 29 has an invalid length.
[  125.917780][ T6131] netlink: 'syz.1.85': attribute type 21 has an invalid length.
[  125.935540][ T6131] netlink: 164 bytes leftover after parsing attributes in process `syz.1.85'.
[  125.977158][ T6133] netlink: 'syz.1.85': attribute type 7 has an invalid length.
[  127.747425][ T6150] netlink: 'syz.3.91': attribute type 10 has an invalid length.
[  129.082638][ T6164] netlink: 'syz.3.97': attribute type 29 has an invalid length.
[  129.797291][ T6164] netlink: 'syz.3.97': attribute type 29 has an invalid length.
[  129.822503][ T6166] netlink: 'syz.3.97': attribute type 29 has an invalid length.
[  129.831584][ T6167] netlink: 'syz.3.97': attribute type 29 has an invalid length.
[  130.930008][ T6208] netlink: 'syz.1.116': attribute type 29 has an invalid length.
[  130.951052][ T6208] netlink: 'syz.1.116': attribute type 29 has an invalid length.
[  130.969530][ T6208] netlink: 'syz.1.116': attribute type 29 has an invalid length.
[  130.981108][ T6208] netlink: 'syz.1.116': attribute type 29 has an invalid length.
[  131.220074][ T6218] Driver unsupported XDP return value 0 on prog  (id 96) dev N/A, expect packet loss!
[  131.314780][ T6220] netlink: 'syz.2.122': attribute type 10 has an invalid length.
[  132.032395][ T6245] netlink: 'syz.1.132': attribute type 12 has an invalid length.
[  132.045992][ T6245] netlink: 132 bytes leftover after parsing attributes in process `syz.1.132'.
[  133.121041][ T6262] bond_slave_1: entered promiscuous mode
[  133.128706][ T6262] bond_slave_1: entered allmulticast mode
[  133.240056][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  133.248643][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  133.523485][ T6279] sit0: entered allmulticast mode
[  133.591536][ T6281] netlink: 'syz.3.146': attribute type 13 has an invalid length.
[  133.621569][ T6281] netlink: 164 bytes leftover after parsing attributes in process `syz.3.146'.
[  133.657154][ T6281] syz_tun: refused to change device tx_queue_len
[  133.715906][ T6274] delete_channel: no stack
[  137.153968][ T6327] syzkaller0: entered promiscuous mode
[  137.159752][ T6327] syzkaller0: entered allmulticast mode
[  137.734407][ T6340] lo: entered allmulticast mode
[  137.758728][ T6341] netlink: 132 bytes leftover after parsing attributes in process `syz.3.166'.
[  137.821100][ T6343] lo: entered promiscuous mode
[  137.837130][ T6343] lo: left allmulticast mode
[  139.648826][ T6357] netlink: 'syz.0.172': attribute type 10 has an invalid length.
[  139.658995][ T6357] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.667425][ T6357] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.830222][ T6367] netlink: 'syz.3.175': attribute type 10 has an invalid length.
[  140.667649][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.181'.
[  141.023096][ T6381] IPv6: Can't replace route, no match found
[  141.943930][ T6408] netlink: 44 bytes leftover after parsing attributes in process `syz.0.192'.
[  142.003439][ T6408] netlink: 'syz.0.192': attribute type 3 has an invalid length.
[  142.997052][ T6434] netlink: 'syz.0.200': attribute type 10 has an invalid length.
[  143.663783][ T6446] netlink: 'syz.0.205': attribute type 2 has an invalid length.
[  143.680952][ T6446] netlink: 'syz.0.205': attribute type 8 has an invalid length.
[  143.690235][ T6446] netlink: 132 bytes leftover after parsing attributes in process `syz.0.205'.
[  144.904100][ T6475] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.215'.
[  146.547900][ T6529] Ù: renamed from bond_slave_1 (while UP)
[  147.013159][ T6544] netlink: 'syz.1.242': attribute type 3 has an invalid length.
[  147.082471][ T6544] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.242'.
[  147.385595][ T6551] netlink: 14 bytes leftover after parsing attributes in process `syz.3.244'.
[  149.688594][ T6582] syzkaller0: entered promiscuous mode
[  149.694402][ T6582] syzkaller0: entered allmulticast mode
[  149.705244][ T6585] netlink: 'syz.3.258': attribute type 10 has an invalid length.
[  149.776059][ T6585] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.784005][ T6585] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.842429][ T6585] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.849791][ T6585] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.858590][ T6585] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.865888][ T6585] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.926280][ T6585] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  154.922481][ T6592] netlink: 'syz.3.260': attribute type 2 has an invalid length.
[  154.935134][ T6592] netlink: 'syz.3.260': attribute type 8 has an invalid length.
[  154.942832][ T6592] netlink: 132 bytes leftover after parsing attributes in process `syz.3.260'.
[  154.966630][ T6595] netlink: 'syz.3.260': attribute type 11 has an invalid length.
[  155.005258][ T6607] netlink: 'syz.1.264': attribute type 10 has an invalid length.
[  155.050965][ T6607] team0: Port device netdevsim0 added
[  158.873261][ T6698] netlink: 'syz.0.296': attribute type 10 has an invalid length.
[  158.928763][ T6698] team0: Port device netdevsim0 added
[  160.028694][ T6716] netlink: 'syz.2.302': attribute type 19 has an invalid length.
[  160.135195][ T6716] netlink: 55 bytes leftover after parsing attributes in process `syz.2.302'.
[  160.651444][ T6721] netlink: 'syz.3.304': attribute type 10 has an invalid length.
[  163.251743][ T6721] team0: Port device wlan1 added
[  163.799878][ T6733] netlink: 'syz.3.308': attribute type 10 has an invalid length.
[  163.951339][ T6733] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  164.193157][ T6733] syz.3.308 (6733) used greatest stack depth: 18728 bytes left
[  164.210530][ T6746] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.311'.
[  164.547390][ T6754] netlink: 'syz.1.314': attribute type 58 has an invalid length.
[  164.631592][ T6754] netlink: 152 bytes leftover after parsing attributes in process `syz.1.314'.
[  164.656152][ T6751] netlink: 'syz.3.313': attribute type 9 has an invalid length.
[  164.722136][ T6751] netlink: 399 bytes leftover after parsing attributes in process `syz.3.313'.
[  166.769816][ T6758] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  166.829684][ T6754] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  166.854488][ T6767] netlink: 'syz.0.318': attribute type 10 has an invalid length.
[  167.895959][ T6782] netlink: 'syz.2.323': attribute type 3 has an invalid length.
[  167.934623][ T6782] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.323'.
[  167.986234][ T6783] netlink: 'syz.2.323': attribute type 1 has an invalid length.
[  169.326515][  T655] wlan1: Trigger new scan to find an IBSS to join
[  170.122042][ T6767] team0: Port device wlan1 added
[  170.494113][ T6793] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[  170.700611][ T6801] netlink: 14 bytes leftover after parsing attributes in process `syz.3.332'.
[  170.954983][ T6806] IPv6: …: Disabled Multicast RS
[  171.371408][ T6815] netlink: 'syz.0.336': attribute type 10 has an invalid length.
[  172.321639][   T49] wlan1: Trigger new scan to find an IBSS to join
[  172.462939][   T51] Bluetooth: hci2: Malformed HCI Event
[  173.024730][ T6861] netlink: 'syz.2.355': attribute type 9 has an invalid length.
[  173.038750][ T6861] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.355'.
[  173.373119][ T6871] FAULT_INJECTION: forcing a failure.
[  173.373119][ T6871] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  173.393188][ T6871] CPU: 0 PID: 6871 Comm: syz.2.358 Not tainted syzkaller #0
[  173.400556][ T6871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  173.410769][ T6871] Call Trace:
[  173.414094][ T6871]  <TASK>
[  173.417072][ T6871]  dump_stack_lvl+0x18c/0x250
[  173.421904][ T6871]  ? show_regs_print_info+0x20/0x20
[  173.427198][ T6871]  ? load_image+0x400/0x400
[  173.431784][ T6871]  ? __lock_acquire+0x7d40/0x7d40
[  173.436867][ T6871]  ? snprintf+0xe9/0x140
[  173.441174][ T6871]  should_fail_ex+0x39d/0x4d0
[  173.445915][ T6871]  _copy_to_user+0x2f/0xa0
[  173.450392][ T6871]  simple_read_from_buffer+0xe7/0x150
[  173.455827][ T6871]  proc_fail_nth_read+0x1e8/0x260
[  173.460912][ T6871]  ? proc_fault_inject_write+0x360/0x360
[  173.466595][ T6871]  ? fsnotify_perm+0x271/0x5e0
[  173.471395][ T6871]  ? proc_fault_inject_write+0x360/0x360
[  173.477066][ T6871]  vfs_read+0x28b/0x970
[  173.481373][ T6871]  ? kernel_read+0x1e0/0x1e0
[  173.486004][ T6871]  ? __fget_files+0x28/0x4b0
[  173.490629][ T6871]  ? __fget_files+0x28/0x4b0
[  173.495637][ T6871]  ? __fget_files+0x43d/0x4b0
[  173.500366][ T6871]  ? __fdget_pos+0x2a3/0x330
[  173.505000][ T6871]  ? ksys_read+0x75/0x260
[  173.509407][ T6871]  ksys_read+0x150/0x260
[  173.513694][ T6871]  ? vfs_write+0x990/0x990
[  173.518142][ T6871]  ? lockdep_hardirqs_on+0x98/0x150
[  173.523472][ T6871]  do_syscall_64+0x55/0xa0
[  173.528106][ T6871]  ? clear_bhb_loop+0x40/0x90
[  173.532842][ T6871]  ? clear_bhb_loop+0x40/0x90
[  173.537550][ T6871]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  173.543468][ T6871] RIP: 0033:0x7fb95bf5cfce
[  173.547918][ T6871] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  173.567635][ T6871] RSP: 002b:00007fb95cec9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  173.576164][ T6871] RAX: ffffffffffffffda RBX: 00007fb95ceca6c0 RCX: 00007fb95bf5cfce
[  173.584270][ T6871] RDX: 000000000000000f RSI: 00007fb95ceca0a0 RDI: 0000000000000004
[  173.592295][ T6871] RBP: 00007fb95ceca090 R08: 0000000000000000 R09: 0000000000000000
[  173.600379][ T6871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.608653][ T6871] R13: 00007fb95c216038 R14: 00007fb95c215fa0 R15: 00007ffc3c56d268
[  173.616676][ T6871]  </TASK>
[  173.964870][ T6878] syzkaller0: entered promiscuous mode
[  173.982878][ T6878] syzkaller0: entered allmulticast mode
[  174.059731][ T6889] netlink: 'syz.3.363': attribute type 10 has an invalid length.
[  174.095865][ T6889] team0: Port device netdevsim0 added
[  176.281620][   T42] wlan1: Trigger new scan to find an IBSS to join
[  177.302923][  T655] wlan1: Creating new IBSS network, BSSID 5e:e5:57:09:84:6d
[  180.518135][ T6958] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.389'.
[  180.590370][ T6958] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  180.630783][ T6958] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  182.206310][ T7042] netlink: 'syz.1.408': attribute type 9 has an invalid length.
[  182.217926][ T7042] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.408'.
[  183.231461][ T7070] netlink: 14 bytes leftover after parsing attributes in process `syz.1.413'.
[  183.543476][ T7080] netlink: 'syz.3.418': attribute type 10 has an invalid length.
[  183.938592][ T7088] can: request_module (can-proto-0) failed.
[  184.257322][ T7080] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.264736][ T7080] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.292212][ T7080] bond0: (slave bridge0): Releasing backup interface
[  184.767703][ T7103] netlink: 'syz.2.424': attribute type 29 has an invalid length.
[  184.779232][ T7103] netlink: 'syz.2.424': attribute type 29 has an invalid length.
[  184.791199][ T7103] netlink: 'syz.2.424': attribute type 29 has an invalid length.
[  184.821492][ T7103] netlink: 'syz.2.424': attribute type 29 has an invalid length.
[  184.831013][ T7103] netlink: 'syz.2.424': attribute type 29 has an invalid length.
[  184.902414][ T7103] netlink: 'syz.2.424': attribute type 29 has an invalid length.
[  189.737114][ T7153] netlink: 'syz.3.441': attribute type 33 has an invalid length.
[  189.762425][ T7153] netlink: 152 bytes leftover after parsing attributes in process `syz.3.441'.
[  189.830696][ T7153] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.441'.
[  189.917897][ T7162] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.444'.
[  189.936501][ T7162] netlink: 21068 bytes leftover after parsing attributes in process `syz.0.444'.
[  189.953183][ T7162] tipc: Started in network mode
[  189.962152][ T7162] tipc: Node identity b, cluster identity 73
[  189.976013][ T7162] tipc: Node number set to 11
[  190.454961][ T7179] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.450'.
[  190.473147][ T7179] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  190.566169][ T7179] netlink: 'syz.0.450': attribute type 7 has an invalid length.
[  194.696438][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  194.703244][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  197.061566][ T7224] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.465'.
[  197.091259][ T7224] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  197.157157][ T7224] netlink: 'syz.3.465': attribute type 7 has an invalid length.
[  198.679438][ T7260] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.479'.
[  198.700907][ T7260] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  198.784930][ T7265] netlink: 'syz.1.481': attribute type 10 has an invalid length.
[  198.828485][ T7265] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.836672][ T7265] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.891866][ T7260] netlink: 'syz.2.479': attribute type 7 has an invalid length.
[  199.235755][ T1137] wlan1: Trigger new scan to find an IBSS to join
[  203.038247][ T7302] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.493'.
[  203.085623][ T7302] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  203.161507][ T7302] netlink: 'syz.3.493': attribute type 7 has an invalid length.
[  203.502526][ T7312] netlink: 209820 bytes leftover after parsing attributes in process `syz.0.497'.
[  204.259769][ T7318] bridge_slave_0 (unregistering): left allmulticast mode
[  204.273534][ T7318] bridge_slave_0 (unregistering): left promiscuous mode
[  204.283038][ T7318] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.735244][ T7330] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.237064][ T7350] wlan1: Trigger new scan to find an IBSS to join
[  205.423797][ T7362] syzkaller0: entered promiscuous mode
[  205.475741][ T7362] syzkaller0: entered allmulticast mode
[  205.957018][ T7381] netlink: 'syz.0.521': attribute type 1 has an invalid length.
[  205.964949][ T7381] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.521'.
[  206.214442][ T7011] wlan1: Creating new IBSS network, BSSID 00:00:00:00:7c:00
[  208.272347][ T7413] netlink: 'syz.3.533': attribute type 10 has an invalid length.
[  208.315343][ T7413] team0: Port device netdevsim0 removed
[  208.457580][ T7417] netlink: 'syz.2.535': attribute type 21 has an invalid length.
[  208.476125][ T7417] netlink: 132 bytes leftover after parsing attributes in process `syz.2.535'.
[  208.805797][ T7417] syzkaller0: entered promiscuous mode
[  208.811389][ T7417] syzkaller0: entered allmulticast mode
[  211.708815][ T7434] netlink: 'syz.1.539': attribute type 10 has an invalid length.
[  211.739843][ T7434] team0: Port device geneve1 added
[  212.121082][ T5777] Bluetooth: hci3: command 0x0406 tx timeout
[  212.128044][ T5781] Bluetooth: hci1: command 0x0406 tx timeout
[  212.134195][ T5781] Bluetooth: hci0: command 0x0406 tx timeout
[  212.141115][ T5778] Bluetooth: hci2: command 0x0406 tx timeout
[  215.717482][ T5772] Bluetooth: hci3: ISO packet too small
[  215.750969][ T7488] netlink: 'syz.3.560': attribute type 1 has an invalid length.
[  215.802021][ T7488] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.560'.
[  215.834627][ T7488] netlink: 'syz.3.560': attribute type 1 has an invalid length.
[  216.247819][ T7465] netlink: 'syz.0.551': attribute type 10 has an invalid length.
[  217.198584][ T7517] FAULT_INJECTION: forcing a failure.
[  217.198584][ T7517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.227819][ T7517] CPU: 0 PID: 7517 Comm: syz.2.572 Not tainted syzkaller #0
[  217.235193][ T7517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  217.245305][ T7517] Call Trace:
[  217.248638][ T7517]  <TASK>
[  217.251606][ T7517]  dump_stack_lvl+0x18c/0x250
[  217.256348][ T7517]  ? show_regs_print_info+0x20/0x20
[  217.261606][ T7517]  ? load_image+0x400/0x400
[  217.266159][ T7517]  ? __might_fault+0xaa/0x120
[  217.270884][ T7517]  ? __lock_acquire+0x7d40/0x7d40
[  217.275961][ T7517]  should_fail_ex+0x39d/0x4d0
[  217.280703][ T7517]  _copy_from_user+0x2f/0xe0
[  217.285438][ T7517]  __sys_bpf+0x23e/0x890
[  217.289827][ T7517]  ? bpf_link_show_fdinfo+0x390/0x390
[  217.295265][ T7517]  ? lock_chain_count+0x20/0x20
[  217.300164][ T7517]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  217.306206][ T7517]  __x64_sys_bpf+0x7c/0x90
[  217.310674][ T7517]  do_syscall_64+0x55/0xa0
[  217.315143][ T7517]  ? clear_bhb_loop+0x40/0x90
[  217.319875][ T7517]  ? clear_bhb_loop+0x40/0x90
[  217.324788][ T7517]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  217.330907][ T7517] RIP: 0033:0x7fb95bf9c799
[  217.335410][ T7517] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  217.355155][ T7517] RSP: 002b:00007fb95ceca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  217.363629][ T7517] RAX: ffffffffffffffda RBX: 00007fb95c215fa0 RCX: 00007fb95bf9c799
[  217.371654][ T7517] RDX: 0000000000000042 RSI: 00002000000006c0 RDI: 0000000000000005
[  217.379842][ T7517] RBP: 00007fb95ceca090 R08: 0000000000000000 R09: 0000000000000000
[  217.387856][ T7517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.395877][ T7517] R13: 00007fb95c216038 R14: 00007fb95c215fa0 R15: 00007ffc3c56d268
[  217.403910][ T7517]  </TASK>
[  218.591583][ T7542] netlink: 'syz.2.578': attribute type 10 has an invalid length.
[  218.630704][ T7542] netlink: 40 bytes leftover after parsing attributes in process `syz.2.578'.
[  218.663569][ T7542] vcan0: entered promiscuous mode
[  218.683959][ T7542] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check.
[  218.740207][ T7540] netlink: 9275 bytes leftover after parsing attributes in process `syz.2.578'.
[  219.025556][ T5772] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  219.039325][ T7549] netlink: 'syz.0.581': attribute type 2 has an invalid length.
[  219.057292][ T7549] netlink: 198112 bytes leftover after parsing attributes in process `syz.0.581'.
[  219.271417][ T7552] team0: Port device team_slave_0 removed
[  219.301328][ T7552] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  219.868909][ T7567] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.590'.
[  219.895253][ T7567] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  219.956158][ T7567] netlink: 'syz.1.590': attribute type 7 has an invalid length.
[  220.523435][ T7583] syzkaller0: entered promiscuous mode
[  220.539487][ T7583] syzkaller0: entered allmulticast mode
[  220.709659][ T7592] netlink: 'syz.1.600': attribute type 1 has an invalid length.
[  220.721426][ T7592] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.600'.
[  220.742883][ T7592] netlink: 1 bytes leftover after parsing attributes in process `syz.1.600'.
[  220.772083][ T7595] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.601'.
[  220.818198][ T7595] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  220.912315][ T7595] netlink: 'syz.3.601': attribute type 7 has an invalid length.
[  220.985436][ T7599] netlink: 'syz.0.602': attribute type 25 has an invalid length.
[  221.019819][ T7599] netlink: 'syz.0.602': attribute type 9 has an invalid length.
[  221.995156][ T7617] syzkaller0: entered promiscuous mode
[  222.000914][ T7617] syzkaller0: entered allmulticast mode
[  222.663409][ T7626] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.612'.
[  222.694256][ T7626] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  224.601945][ T7626] netlink: 'syz.2.612': attribute type 7 has an invalid length.
[  224.872852][ T7644] netlink: 'syz.3.619': attribute type 10 has an invalid length.
[  225.108141][ T7650] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.623'.
[  225.119215][ T7652] netlink: 14 bytes leftover after parsing attributes in process `syz.1.624'.
[  225.128563][ T7650] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  228.027648][ T7650] netlink: 'syz.2.623': attribute type 7 has an invalid length.
[  228.801039][ T7682] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.635'.
[  228.813898][ T7682] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  228.840642][ T7682] netlink: 'syz.1.635': attribute type 7 has an invalid length.
[  229.131151][ T5772] Bluetooth: hci1: Malformed HCI Event
[  231.758354][ T7688] netlink: 'syz.0.638': attribute type 10 has an invalid length.
[  232.140824][ T7699] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.644'.
[  232.161997][ T7699] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  232.198399][ T7699] netlink: 'syz.0.644': attribute type 7 has an invalid length.
[  232.480618][ T7717] netlink: 164 bytes leftover after parsing attributes in process `syz.1.649'.
[  232.922700][ T7735] netlink: 'syz.1.655': attribute type 7 has an invalid length.
[  233.514369][ T7759] netlink: 'syz.0.665': attribute type 7 has an invalid length.
[  233.601810][ T7761] syzkaller0: entered promiscuous mode
[  233.608045][ T7761] syzkaller0: entered allmulticast mode
[  235.697605][ T7781] netlink: 'syz.3.674': attribute type 10 has an invalid length.
[  235.712029][ T7784] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode
[  235.749892][ T7784] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  235.836530][ T7786] netlink: 'syz.0.677': attribute type 7 has an invalid length.
[  235.967352][ T7792] netlink: 14 bytes leftover after parsing attributes in process `syz.1.680'.
[  236.266120][ T7011] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  236.280260][ T7803] netlink: 'syz.3.685': attribute type 33 has an invalid length.
[  236.293464][ T7803] netlink: 152 bytes leftover after parsing attributes in process `syz.3.685'.
[  236.304736][ T7803] `: renamed from ip6tnl0 (while UP)
[  236.355908][ T7803] A link change request failed with some changes committed already. Interface ` may have been left with an inconsistent configuration, please check.
[  236.676900][ T7819] netlink: 'syz.1.692': attribute type 10 has an invalid length.
[  236.823468][ T7821] netlink: 'syz.2.694': attribute type 21 has an invalid length.
[  236.847294][ T7821] netlink: 16166 bytes leftover after parsing attributes in process `syz.2.694'.
[  240.135314][ T7834] tun0: tun_chr_ioctl cmd 2148553947
[  240.292240][ T7840] netlink: 14 bytes leftover after parsing attributes in process `syz.2.700'.
[  240.856883][ T7853] netlink: 'syz.0.706': attribute type 10 has an invalid length.
[  240.892957][ T7853] netlink: 40 bytes leftover after parsing attributes in process `syz.0.706'.
[  240.980546][ T7853] batman_adv: batadv0: Adding interface: veth0_vlan
[  241.033870][ T7853] batman_adv: batadv0: The MTU of interface veth0_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.167174][ T7853] batman_adv: batadv0: Interface activated: veth0_vlan
[  243.942298][ T7887] netlink: 'syz.3.717': attribute type 7 has an invalid length.
[  244.523471][ T5772] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  244.776171][ T7913] netlink: 'syz.1.726': attribute type 10 has an invalid length.
[  247.511553][ T7923] netlink: 'syz.3.729': attribute type 7 has an invalid length.
[  247.533666][ T7922] netlink: 'syz.2.730': attribute type 17 has an invalid length.
[  248.592257][ T7951] netlink: 'syz.3.742': attribute type 7 has an invalid length.
[  249.575800][ T7983] netlink: 'syz.3.753': attribute type 7 has an invalid length.
[  250.260151][ T8006] syzkaller0: entered promiscuous mode
[  250.270607][ T8006] syzkaller0: entered allmulticast mode
[  251.427244][ T8044] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.776'.
[  252.785246][ T8042] netlink: 'syz.2.775': attribute type 10 has an invalid length.
[  252.794705][ T8042] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.803513][ T8042] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.822840][ T8044] netlink: 8446 bytes leftover after parsing attributes in process `syz.1.776'.
[  252.967567][ T5772] Bluetooth: hci1: ISO packet too small
[  253.472669][ T8074] netlink: 14 bytes leftover after parsing attributes in process `syz.2.787'.
[  256.127737][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  256.134355][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  256.959521][ T8103] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.799'.
[  259.836179][ T8190] netlink: 'syz.0.830': attribute type 10 has an invalid length.
[  259.844742][ T8190] netlink: 40 bytes leftover after parsing attributes in process `syz.0.830'.
[  260.121150][ T8197] syzkaller0: entered promiscuous mode
[  260.146448][ T8197] syzkaller0: entered allmulticast mode
[  260.796594][ T8215] netlink: zone id is out of range
[  260.801825][ T8215] netlink: set zone limit has 8 unknown bytes
[  263.336436][ T8214] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.838'.
[  263.346230][ T8214] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.838'.
[  263.356472][ T8214] netlink: 2 bytes leftover after parsing attributes in process `syz.2.838'.
[  263.369711][ T8214] tc_dump_action: action bad kind
[  263.695455][ T8237] netlink: 'syz.1.847': attribute type 10 has an invalid length.
[  263.733761][ T8237] team0: Port device netdevsim0 removed
[  264.869831][ T8263] netlink: 'syz.2.857': attribute type 10 has an invalid length.
[  265.084724][ T8265] syzkaller0: entered promiscuous mode
[  265.113115][ T8265] syzkaller0: entered allmulticast mode
[  265.637383][ T8290] netlink: 60 bytes leftover after parsing attributes in process `syz.0.869'.
[  267.726197][ T8290] netlink: 60 bytes leftover after parsing attributes in process `syz.0.869'.
[  267.738889][ T8312] bridge_slave_1: left allmulticast mode
[  267.745872][ T8312] bridge_slave_1: left promiscuous mode
[  267.753544][ T8312] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.774308][ T8312] bridge_slave_0: left allmulticast mode
[  267.796087][ T8312] bridge_slave_0: left promiscuous mode
[  267.801928][ T8312] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.953800][ T8318] netlink: 14 bytes leftover after parsing attributes in process `syz.3.879'.
[  267.975313][ T8320] netlink: 830 bytes leftover after parsing attributes in process `syz.0.880'.
[  268.005409][ T8320] bond_slave_0: entered promiscuous mode
[  268.011502][ T8320] bond_slave_1: entered promiscuous mode
[  268.230418][ T8328] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  268.750487][ T8346] netlink: 'syz.0.891': attribute type 3 has an invalid length.
[  268.875871][ T8346] netlink: 'syz.0.891': attribute type 1 has an invalid length.
[  268.936947][ T8346] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.891'.
[  269.800257][ T7011] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  270.014066][ T8375] netlink: 14 bytes leftover after parsing attributes in process `syz.2.895'.
[  270.100149][ T8375] hsr_slave_0 (unregistering): left promiscuous mode
[  270.120598][ T5772] Bluetooth: hci2: Malformed HCI Event
[  270.193233][ T8360] delete_channel: no stack
[  271.278455][ T8413] netlink: 16222 bytes leftover after parsing attributes in process `syz.2.912'.
[  271.469713][ T8407] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  271.486011][ T8407] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  271.500082][ T8410] IPv6: Can't replace route, no match found
[  271.521784][ T8416] netlink: 14 bytes leftover after parsing attributes in process `syz.2.914'.
[  273.387847][ T8456] netlink: 'syz.0.927': attribute type 10 has an invalid length.
[  273.509569][ T8456] team0: Device wg1 is of different type
[  274.932948][ T8493] netlink: 'syz.1.941': attribute type 10 has an invalid length.
[  274.954674][ T8493] team0: Port device netdevsim0 added
[  275.307016][ T8516] netlink: 'syz.0.949': attribute type 10 has an invalid length.
[  275.620370][ T8521] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.950'.
[  276.048900][ T5772] Bluetooth: hci0: ISO packet too small
[  276.761922][ T8544] IPv6: Can't replace route, no match found
[  276.774480][ T8548] mac80211_hwsim hwsim7 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  276.848743][ T8552] FAULT_INJECTION: forcing a failure.
[  276.848743][ T8552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.878485][ T8552] CPU: 1 PID: 8552 Comm: syz.1.962 Not tainted syzkaller #0
[  276.885857][ T8552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  276.896022][ T8552] Call Trace:
[  276.899344][ T8552]  <TASK>
[  276.902317][ T8552]  dump_stack_lvl+0x18c/0x250
[  276.907057][ T8552]  ? show_regs_print_info+0x20/0x20
[  276.912319][ T8552]  ? load_image+0x400/0x400
[  276.916887][ T8552]  ? __lock_acquire+0x7d40/0x7d40
[  276.922059][ T8552]  ? snprintf+0xe9/0x140
[  276.926356][ T8552]  should_fail_ex+0x39d/0x4d0
[  276.931112][ T8552]  _copy_to_user+0x2f/0xa0
[  276.935579][ T8552]  simple_read_from_buffer+0xe7/0x150
[  276.941017][ T8552]  proc_fail_nth_read+0x1e8/0x260
[  276.946126][ T8552]  ? proc_fault_inject_write+0x360/0x360
[  276.951821][ T8552]  ? fsnotify_perm+0x271/0x5e0
[  276.956736][ T8552]  ? proc_fault_inject_write+0x360/0x360
[  276.962437][ T8552]  vfs_read+0x28b/0x970
[  276.966654][ T8552]  ? kernel_read+0x1e0/0x1e0
[  276.971302][ T8552]  ? __fget_files+0x28/0x4b0
[  276.975946][ T8552]  ? __fget_files+0x28/0x4b0
[  276.980580][ T8552]  ? __fget_files+0x43d/0x4b0
[  276.985324][ T8552]  ? __fdget_pos+0x2a3/0x330
[  276.990009][ T8552]  ? ksys_read+0x75/0x260
[  276.994398][ T8552]  ksys_read+0x150/0x260
[  276.998695][ T8552]  ? vfs_write+0x990/0x990
[  277.003177][ T8552]  ? lockdep_hardirqs_on+0x98/0x150
[  277.008427][ T8552]  do_syscall_64+0x55/0xa0
[  277.012910][ T8552]  ? clear_bhb_loop+0x40/0x90
[  277.017801][ T8552]  ? clear_bhb_loop+0x40/0x90
[  277.022623][ T8552]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  277.028575][ T8552] RIP: 0033:0x7fa1a275cfce
[  277.033029][ T8552] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  277.052861][ T8552] RSP: 002b:00007fa1a35bafe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  277.061333][ T8552] RAX: ffffffffffffffda RBX: 00007fa1a35bb6c0 RCX: 00007fa1a275cfce
[  277.069372][ T8552] RDX: 000000000000000f RSI: 00007fa1a35bb0a0 RDI: 0000000000000005
[  277.077395][ T8552] RBP: 00007fa1a35bb090 R08: 0000000000000000 R09: 0000000000000000
[  277.085605][ T8552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.093642][ T8552] R13: 00007fa1a2a16038 R14: 00007fa1a2a15fa0 R15: 00007ffd79ea44c8
[  277.101683][ T8552]  </TASK>
[  278.344152][ T8582] netlink: 132 bytes leftover after parsing attributes in process `syz.0.974'.
[  278.549008][ T8589] syzkaller0: entered promiscuous mode
[  278.554740][ T8589] syzkaller0: entered allmulticast mode
[  278.714875][ T8600] netlink: 'syz.0.978': attribute type 11 has an invalid length.
[  278.743643][ T8600] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.978'.
[  278.773547][ T8595] IPv6: Can't replace route, no match found
[  278.794044][ T8597] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.978'.
[  278.809004][ T8597] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.978'.
[  278.835697][ T8597] netlink: 2 bytes leftover after parsing attributes in process `syz.0.978'.
[  278.904049][ T8598] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  281.385446][ T8608] netlink: 'syz.3.981': attribute type 21 has an invalid length.
[  284.522494][ T8618] netlink: 64859 bytes leftover after parsing attributes in process `syz.0.986'.
[  284.536021][ T8618] netlink: 16211 bytes leftover after parsing attributes in process `syz.0.986'.
[  284.718334][ T8624] netlink: 'syz.3.989': attribute type 7 has an invalid length.
[  285.364629][ T8637] netlink: 14 bytes leftover after parsing attributes in process `syz.0.992'.
[  285.473535][ T8637] hsr_slave_0 (unregistering): left promiscuous mode
[  288.345177][ T8634] delete_channel: no stack
[  288.356971][ T8659] netlink: 'syz.2.1000': attribute type 7 has an invalid length.
[  288.564558][ T8664] netlink: 'syz.2.1002': attribute type 10 has an invalid length.
[  288.577647][ T8664] team0: Port device netdevsim0 added
[  288.811876][ T8676] netlink: 'syz.0.1007': attribute type 10 has an invalid length.
[  290.042154][ T8691] netlink: 'syz.1.1011': attribute type 7 has an invalid length.
[  292.552623][ T8717] netlink: 'syz.2.1020': attribute type 7 has an invalid length.
[  292.890918][ T8720] netlink: 'syz.0.1022': attribute type 10 has an invalid length.
[  292.958939][ T8723] netlink: 'syz.0.1022': attribute type 9 has an invalid length.
[  293.006834][ T8723] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1022'.
[  295.757537][ T8726] netlink: 'syz.0.1022': attribute type 9 has an invalid length.
[  295.778746][ T8726] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1022'.
[  296.116802][ T8744] netlink: 'syz.2.1031': attribute type 7 has an invalid length.
[  299.782618][ T8778] netlink: 'syz.1.1043': attribute type 7 has an invalid length.
[  300.600999][ T8793] netlink: 'syz.3.1049': attribute type 10 has an invalid length.
[  300.613064][ T8793] team0: Port device netdevsim0 added
[  300.742143][ T8799] netlink: 'syz.2.1051': attribute type 10 has an invalid length.
[  301.070024][ T8808] netlink: 'syz.2.1055': attribute type 7 has an invalid length.
[  301.107661][ T8809] À: port 1(vlan0) entered blocking state
[  301.113681][ T8809] À: port 1(vlan0) entered disabled state
[  301.161819][ T8809] vlan0: entered allmulticast mode
[  301.206659][ T8809] veth0_vlan: entered allmulticast mode
[  301.260709][ T8809] vlan0: entered promiscuous mode
[  301.559584][   T63] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  302.328443][ T8834] netlink: 'syz.0.1065': attribute type 7 has an invalid length.
[  304.333628][ T8866] netlink: 'syz.0.1078': attribute type 7 has an invalid length.
[  304.574789][ T8875] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1079'.
[  304.614688][ T8875] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1079'.
[  304.655321][ T8876] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1079'.
[  305.960247][ T8908] netlink: 'syz.3.1088': attribute type 7 has an invalid length.
[  305.991669][ T8910] netlink: 'syz.1.1091': attribute type 13 has an invalid length.
[  306.521286][ T8928] netlink: 'syz.2.1099': attribute type 4 has an invalid length.
[  306.536509][ T8928] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1099'.
[  306.594648][ T8924] syzkaller0: entered promiscuous mode
[  306.606290][ T8924] syzkaller0: entered allmulticast mode
[  306.618683][ T8928] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1099'.
[  306.635462][ T8930] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1099'.
[  306.673243][ T8930] netlink: 'syz.2.1099': attribute type 4 has an invalid length.
[  306.695986][ T8929] sit0: entered allmulticast mode
[  306.789548][ T8935] FAULT_INJECTION: forcing a failure.
[  306.789548][ T8935] name failslab, interval 1, probability 0, space 0, times 1
[  306.810234][ T8935] CPU: 1 PID: 8935 Comm: syz.2.1100 Not tainted syzkaller #0
[  306.817862][ T8935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  306.827981][ T8935] Call Trace:
[  306.831297][ T8935]  <TASK>
[  306.834260][ T8935]  dump_stack_lvl+0x18c/0x250
[  306.839273][ T8935]  ? show_regs_print_info+0x20/0x20
[  306.844634][ T8935]  ? load_image+0x400/0x400
[  306.849486][ T8935]  ? __might_sleep+0xe0/0xe0
[  306.854131][ T8935]  ? __lock_acquire+0x7d40/0x7d40
[  306.859297][ T8935]  should_fail_ex+0x39d/0x4d0
[  306.864041][ T8935]  should_failslab+0x9/0x20
[  306.868595][ T8935]  slab_pre_alloc_hook+0x59/0x310
[  306.873678][ T8935]  kmem_cache_alloc+0x5a/0x2d0
[  306.878498][ T8935]  ? security_inode_alloc+0x34/0x110
[  306.883854][ T8935]  security_inode_alloc+0x34/0x110
[  306.889044][ T8935]  inode_init_always+0x8fc/0xc90
[  306.894032][ T8935]  new_inode_pseudo+0x95/0x1d0
[  306.898872][ T8935]  __sock_create+0x12d/0x940
[  306.903535][ T8935]  mptcp_subflow_create_socket+0x10b/0xac0
[  306.909421][ T8935]  ? __mptcp_subflow_connect+0x1450/0x1450
[  306.915283][ T8935]  ? mark_lock+0x94/0x320
[  306.919660][ T8935]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  306.925680][ T8935]  __mptcp_nmpc_sk+0x157/0x740
[  306.930486][ T8935]  ? __bpf_trace_subflow_check_data_avail+0x160/0x160
[  306.937276][ T8935]  ? __local_bh_enable_ip+0x13a/0x1c0
[  306.942673][ T8935]  ? lockdep_hardirqs_on+0x98/0x150
[  306.947898][ T8935]  ? __local_bh_enable_ip+0x13a/0x1c0
[  306.953292][ T8935]  mptcp_sendmsg_fastopen+0x7f/0x4d0
[  306.958610][ T8935]  mptcp_sendmsg+0x14b2/0x16d0
[  306.963414][ T8935]  ? aa_sk_perm+0x83c/0x970
[  306.967960][ T8935]  ? aa_af_perm+0x330/0x330
[  306.972492][ T8935]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  306.978936][ T8935]  ? mptcp_shutdown+0x80/0x80
[  306.983641][ T8935]  ? inet6_sendmsg+0x5f/0xd0
[  306.988254][ T8935]  ? inet6_compat_ioctl+0x3c0/0x3c0
[  306.993477][ T8935]  ____sys_sendmsg+0x5ba/0x960
[  306.998263][ T8935]  ? __lock_acquire+0x7d40/0x7d40
[  307.003318][ T8935]  ? __asan_memset+0x22/0x40
[  307.007952][ T8935]  ? __sys_sendmsg_sock+0x30/0x30
[  307.012995][ T8935]  ? __import_iovec+0x3fa/0x850
[  307.017885][ T8935]  ? import_iovec+0x73/0xa0
[  307.022445][ T8935]  ___sys_sendmsg+0x2a6/0x360
[  307.027148][ T8935]  ? get_pid_task+0x20/0x1e0
[  307.031767][ T8935]  ? __sys_sendmsg+0x2a0/0x2a0
[  307.036574][ T8935]  ? __lock_acquire+0x7d40/0x7d40
[  307.041652][ T8935]  __se_sys_sendmsg+0x1c2/0x2b0
[  307.046534][ T8935]  ? __x64_sys_sendmsg+0x80/0x80
[  307.051515][ T8935]  ? lockdep_hardirqs_on+0x98/0x150
[  307.056742][ T8935]  do_syscall_64+0x55/0xa0
[  307.061191][ T8935]  ? clear_bhb_loop+0x40/0x90
[  307.065891][ T8935]  ? clear_bhb_loop+0x40/0x90
[  307.070619][ T8935]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  307.076553][ T8935] RIP: 0033:0x7fb95bf9c799
[  307.081006][ T8935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  307.100989][ T8935] RSP: 002b:00007fb95ceca028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.109441][ T8935] RAX: ffffffffffffffda RBX: 00007fb95c215fa0 RCX: 00007fb95bf9c799
[  307.117443][ T8935] RDX: e07e872420dfefca RSI: 0000200000000780 RDI: 0000000000000003
[  307.125527][ T8935] RBP: 00007fb95ceca090 R08: 0000000000000000 R09: 0000000000000000
[  307.133545][ T8935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.141544][ T8935] R13: 00007fb95c216038 R14: 00007fb95c215fa0 R15: 00007ffc3c56d268
[  307.149552][ T8935]  </TASK>
[  307.158760][ T8935] socket: no more sockets
[  309.200911][ T8939] netlink: 'syz.0.1101': attribute type 7 has an invalid length.
[  309.327791][ T8944] netlink: 'syz.0.1111': attribute type 7 has an invalid length.
[  311.066521][ T8975] netlink: 'syz.0.1114': attribute type 7 has an invalid length.
[  311.748180][ T7011] tipc: Subscription rejected, illegal request
[  311.754481][ T8998] netlink: 65047 bytes leftover after parsing attributes in process `syz.1.1122'.
[  311.816059][ T9004] C: renamed from team_slave_0 (while UP)
[  311.831806][ T9004] netlink: 'syz.2.1125': attribute type 1 has an invalid length.
[  311.843383][ T9004] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1125'.
[  311.931155][ T9006] netlink: 'syz.0.1126': attribute type 7 has an invalid length.
[  312.142551][ T9010] netlink: 'syz.0.1135': attribute type 7 has an invalid length.
[  313.384953][ T9038] netlink: 'syz.3.1140': attribute type 7 has an invalid length.
[  313.594004][ T9044] netlink: 'syz.0.1141': attribute type 2 has an invalid length.
[  314.035595][ T9060] netlink: 'syz.2.1150': attribute type 10 has an invalid length.
[  314.137731][ T9064] netlink: 'syz.0.1151': attribute type 10 has an invalid length.
[  315.037760][ T9089] netlink: 'syz.1.1161': attribute type 27 has an invalid length.
[  315.060658][ T9089] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1161'.
[  316.661458][ T9155] sit0: left allmulticast mode
[  317.547342][ T9173] netlink: 'syz.1.1190': attribute type 29 has an invalid length.
[  317.559183][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  317.559290][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  317.675166][ T9173] netlink: 'syz.1.1190': attribute type 29 has an invalid length.
[  318.401176][ T9200] netlink: 'syz.3.1201': attribute type 29 has an invalid length.
[  318.415627][ T9200] netlink: 'syz.3.1201': attribute type 29 has an invalid length.
[  318.996241][ T9221] netlink: 'syz.3.1211': attribute type 10 has an invalid length.
[  319.104066][ T9221] team0: Port device netdevsim0 removed
[  327.193689][ T9284] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  327.215086][ T9284] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  327.224508][ T9284] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  327.245215][ T9284] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  327.559127][ T9296] FAULT_INJECTION: forcing a failure.
[  327.559127][ T9296] name failslab, interval 1, probability 0, space 0, times 0
[  327.589315][ T9296] CPU: 1 PID: 9296 Comm: syz.0.1237 Not tainted syzkaller #0
[  327.596909][ T9296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  327.607020][ T9296] Call Trace:
[  327.610344][ T9296]  <TASK>
[  327.613404][ T9296]  dump_stack_lvl+0x18c/0x250
[  327.618237][ T9296]  ? show_regs_print_info+0x20/0x20
[  327.623532][ T9296]  ? load_image+0x400/0x400
[  327.628093][ T9296]  ? __might_sleep+0xe0/0xe0
[  327.632740][ T9296]  ? __lock_acquire+0x7d40/0x7d40
[  327.637999][ T9296]  should_fail_ex+0x39d/0x4d0
[  327.642740][ T9296]  should_failslab+0x9/0x20
[  327.647339][ T9296]  slab_pre_alloc_hook+0x59/0x310
[  327.652517][ T9296]  kmem_cache_alloc+0x5a/0x2d0
[  327.657337][ T9296]  ? sk_prot_alloc+0x57/0x210
[  327.662257][ T9296]  sk_prot_alloc+0x57/0x210
[  327.666829][ T9296]  ? sk_alloc+0x24/0x360
[  327.671143][ T9296]  sk_alloc+0x3a/0x360
[  327.675309][ T9296]  inet6_create+0x7f0/0x11d0
[  327.679947][ T9296]  ? inet6_create+0x83/0x11d0
[  327.684685][ T9296]  __sock_create+0x4a6/0x940
[  327.689346][ T9296]  mptcp_subflow_create_socket+0x10b/0xac0
[  327.695204][ T9296]  ? verify_lock_unused+0x140/0x140
[  327.700543][ T9296]  ? __mptcp_subflow_connect+0x1450/0x1450
[  327.706478][ T9296]  ? mark_lock+0x94/0x320
[  327.710865][ T9296]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  327.716988][ T9296]  __mptcp_nmpc_sk+0x157/0x740
[  327.722074][ T9296]  ? __bpf_trace_subflow_check_data_avail+0x160/0x160
[  327.728988][ T9296]  ? __local_bh_enable_ip+0x13a/0x1c0
[  327.734508][ T9296]  ? lockdep_hardirqs_on+0x98/0x150
[  327.739781][ T9296]  ? __local_bh_enable_ip+0x13a/0x1c0
[  327.745216][ T9296]  mptcp_sendmsg_fastopen+0x7f/0x4d0
[  327.750563][ T9296]  mptcp_sendmsg+0x14b2/0x16d0
[  327.755394][ T9296]  ? __lock_acquire+0x1273/0x7d40
[  327.760653][ T9296]  ? verify_lock_unused+0x140/0x140
[  327.765974][ T9296]  ? aa_sk_perm+0x83c/0x970
[  327.770547][ T9296]  ? aa_af_perm+0x330/0x330
[  327.775151][ T9296]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  327.781617][ T9296]  ? mptcp_shutdown+0x80/0x80
[  327.786362][ T9296]  ? inet6_sendmsg+0x5f/0xd0
[  327.791034][ T9296]  ? inet6_compat_ioctl+0x3c0/0x3c0
[  327.796292][ T9296]  ____sys_sendmsg+0x5ba/0x960
[  327.801102][ T9296]  ? __lock_acquire+0x7d40/0x7d40
[  327.806196][ T9296]  ? __asan_memset+0x22/0x40
[  327.810848][ T9296]  ? __sys_sendmsg_sock+0x30/0x30
[  327.816177][ T9296]  ? __import_iovec+0x3fa/0x850
[  327.821091][ T9296]  ? import_iovec+0x73/0xa0
[  327.825815][ T9296]  ___sys_sendmsg+0x2a6/0x360
[  327.830607][ T9296]  ? get_pid_task+0x20/0x1e0
[  327.835257][ T9296]  ? __sys_sendmsg+0x2a0/0x2a0
[  327.840178][ T9296]  ? __lock_acquire+0x7d40/0x7d40
[  327.845283][ T9296]  __se_sys_sendmsg+0x1c2/0x2b0
[  327.850192][ T9296]  ? __x64_sys_sendmsg+0x80/0x80
[  327.855204][ T9296]  ? lockdep_hardirqs_on+0x98/0x150
[  327.860458][ T9296]  do_syscall_64+0x55/0xa0
[  327.864974][ T9296]  ? clear_bhb_loop+0x40/0x90
[  327.869703][ T9296]  ? clear_bhb_loop+0x40/0x90
[  327.874438][ T9296]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  327.880379][ T9296] RIP: 0033:0x7f2f1179c799
[  327.884881][ T9296] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  327.904714][ T9296] RSP: 002b:00007f2f12641028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  327.913198][ T9296] RAX: ffffffffffffffda RBX: 00007f2f11a15fa0 RCX: 00007f2f1179c799
[  327.921391][ T9296] RDX: e07e872420dfefca RSI: 0000200000000780 RDI: 0000000000000003
[  327.929410][ T9296] RBP: 00007f2f12641090 R08: 0000000000000000 R09: 0000000000000000
[  327.937433][ T9296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.945450][ T9296] R13: 00007f2f11a16038 R14: 00007f2f11a15fa0 R15: 00007fff82f5b478
[  327.953483][ T9296]  </TASK>
[  328.676566][ T9302] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.1241'.
[  328.734859][ T9302] netlink: 6324 bytes leftover after parsing attributes in process `syz.0.1241'.
[  328.751008][ T9302] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1241'.
[  332.061806][ T9335] syzkaller0: entered promiscuous mode
[  332.079587][ T9335] syzkaller0: entered allmulticast mode
[  333.559940][ T7011] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  341.052960][ T9411] netlink: 13435 bytes leftover after parsing attributes in process `syz.3.1281'.
[  341.271811][ T9413] netlink: 'syz.2.1284': attribute type 1 has an invalid length.
[  341.438732][ T9416] netlink: 'syz.1.1285': attribute type 10 has an invalid length.
[  341.449087][ T9416] bridge0: port 2(bridge_slave_1) entered blocking state
[  341.456829][ T9416] bridge0: port 2(bridge_slave_1) entered forwarding state
[  341.464841][ T9416] bridge0: port 1(bridge_slave_0) entered blocking state
[  341.472160][ T9416] bridge0: port 1(bridge_slave_0) entered forwarding state
[  341.499622][ T9416] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  344.763359][ T9436] netlink: 3787 bytes leftover after parsing attributes in process `syz.3.1293'.
[  345.202882][ T9451] netlink: 16135 bytes leftover after parsing attributes in process `syz.0.1296'.
[  348.323036][ T9462] netlink: 'syz.2.1306': attribute type 10 has an invalid length.
[  348.369418][ T7350] tipc: Subscription rejected, illegal request
[  348.390110][ T9466] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1304'.
[  348.410505][ T9466] tc_dump_action: action bad kind
[  348.629496][ T9472] netlink: 'syz.1.1309': attribute type 10 has an invalid length.
[  351.313594][ T9472] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.321024][ T9472] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.378288][ T9472] bond0: (slave bridge0): Releasing backup interface
[  351.421535][ T9484] bond_slave_1: entered promiscuous mode
[  351.435714][ T9484] bond_slave_1: entered allmulticast mode
[  354.748887][ T9509] ÿ: renamed from bond_slave_0 (while UP)
[  355.219700][ T9509] netlink: 195616 bytes leftover after parsing attributes in process `syz.0.1323'.
[  355.455059][ T9509] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  355.481494][ T9509] CPU: 0 PID: 9509 Comm: syz.0.1323 Not tainted syzkaller #0
[  355.488953][ T9509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  355.499065][ T9509] Call Trace:
[  355.502508][ T9509]  <TASK>
[  355.505510][ T9509]  dump_stack_lvl+0x18c/0x250
[  355.510267][ T9509]  ? show_regs_print_info+0x20/0x20
[  355.515536][ T9509]  ? load_image+0x400/0x400
[  355.520113][ T9509]  sysfs_warn_dup+0x8e/0xa0
[  355.524672][ T9509]  sysfs_do_create_link_sd+0xc0/0x110
[  355.530101][ T9509]  device_add_class_symlinks+0x1cf/0x240
[  355.535810][ T9509]  device_add+0x507/0xc20
[  355.540373][ T9509]  wiphy_register+0x1dad/0x2ae0
[  355.545405][ T9509]  ? cfg80211_event_work+0x40/0x40
[  355.550579][ T9509]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  355.557093][ T9509]  ieee80211_register_hw+0x3464/0x4250
[  355.562665][ T9509]  ? ieee80211_tasklet_handler+0x20/0x20
[  355.568403][ T9509]  ? __asan_memset+0x22/0x40
[  355.573070][ T9509]  ? __hrtimer_init+0x186/0x270
[  355.578003][ T9509]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  355.583840][ T9509]  ? mac80211_hwsim_free+0x220/0x220
[  355.589225][ T9509]  hwsim_new_radio_nl+0xdc9/0x1a90
[  355.594861][ T9509]  ? mark_lock+0x94/0x320
[  355.599362][ T9509]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  355.605777][ T9509]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  355.611995][ T9509]  ? lockdep_hardirqs_on+0x98/0x150
[  355.617261][ T9509]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  355.623666][ T9509]  genl_family_rcv_msg_doit+0x211/0x310
[  355.629275][ T9509]  ? end_current_label_crit_section+0x170/0x170
[  355.635757][ T9509]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  355.641897][ T9509]  ? bpf_lsm_capable+0x9/0x10
[  355.646727][ T9509]  ? security_capable+0x89/0xb0
[  355.651663][ T9509]  genl_rcv_msg+0x619/0x7a0
[  355.656493][ T9509]  ? genl_bind+0x360/0x360
[  355.660963][ T9509]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  355.667377][ T9509]  ? mark_lock+0x94/0x320
[  355.671778][ T9509]  netlink_rcv_skb+0x241/0x4d0
[  355.676608][ T9509]  ? genl_bind+0x360/0x360
[  355.681175][ T9509]  ? netlink_ack+0x1180/0x1180
[  355.686032][ T9509]  ? down_read+0x61/0x2e0
[  355.690509][ T9509]  ? down_read+0x1ac/0x2e0
[  355.695005][ T9509]  genl_rcv+0x28/0x40
[  355.699376][ T9509]  netlink_unicast+0x751/0x8d0
[  355.704351][ T9509]  netlink_sendmsg+0x8d0/0xbf0
[  355.709639][ T9509]  ? lockdep_hardirqs_on+0x98/0x150
[  355.714918][ T9509]  ? netlink_getsockopt+0x590/0x590
[  355.720243][ T9509]  ? netlink_getsockopt+0x590/0x590
[  355.725512][ T9509]  ____sys_sendmsg+0x5ba/0x960
[  355.730326][ T9509]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  355.736548][ T9509]  ? __asan_memset+0x22/0x40
[  355.741202][ T9509]  ? __sys_sendmsg_sock+0x30/0x30
[  355.746283][ T9509]  ? __import_iovec+0x5f2/0x850
[  355.751315][ T9509]  ? import_iovec+0x73/0xa0
[  355.755871][ T9509]  ___sys_sendmsg+0x2a6/0x360
[  355.760616][ T9509]  ? __sys_sendmsg+0x2a0/0x2a0
[  355.765495][ T9509]  __se_sys_sendmsg+0x1c2/0x2b0
[  355.770403][ T9509]  ? __x64_sys_sendmsg+0x80/0x80
[  355.775431][ T9509]  do_syscall_64+0x55/0xa0
[  355.779916][ T9509]  ? clear_bhb_loop+0x40/0x90
[  355.784662][ T9509]  ? clear_bhb_loop+0x40/0x90
[  355.789398][ T9509]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  355.795350][ T9509] RIP: 0033:0x7f2f1179c799
[  355.799908][ T9509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  355.819570][ T9509] RSP: 002b:00007f2f12641028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  355.828054][ T9509] RAX: ffffffffffffffda RBX: 00007f2f11a15fa0 RCX: 00007f2f1179c799
[  355.836103][ T9509] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[  355.844320][ T9509] RBP: 00007f2f11832c99 R08: 0000000000000000 R09: 0000000000000000
[  355.852376][ T9509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  355.860498][ T9509] R13: 00007f2f11a16038 R14: 00007f2f11a15fa0 R15: 00007fff82f5b478
[  355.868548][ T9509]  </TASK>
[  362.101843][ T5772] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  362.392908][ T5772] Bluetooth: hci2: ISO packet too small
[  362.883253][ T9606] hsr0: entered promiscuous mode
[  362.890920][ T9606] hsr0: entered allmulticast mode
[  362.909216][ T9606] hsr_slave_1: entered allmulticast mode
[  363.360931][ T9621] netlink: 'syz.0.1364': attribute type 10 has an invalid length.
[  365.566023][ T7344] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  365.830531][ T9621] dummy0: entered promiscuous mode
[  365.860172][ T9621] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  366.126770][ T9637] netlink: 'syz.2.1371': attribute type 4 has an invalid length.
[  366.134921][ T9637] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1371'.
[  366.153172][ T9639] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1370'.
[  366.176293][ T9637] netlink: 'syz.2.1371': attribute type 3 has an invalid length.
[  366.184091][ T9637] netlink: 'syz.2.1371': attribute type 1 has an invalid length.
[  366.213066][ T9637] netlink: 193404 bytes leftover after parsing attributes in process `syz.2.1371'.
[  366.524564][ T9649] netlink: 'syz.0.1376': attribute type 21 has an invalid length.
[  366.559440][ T9649] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1376'.
[  366.628497][ T9649] netlink: 'syz.0.1376': attribute type 4 has an invalid length.
[  366.725109][ T9649] netlink: 'syz.0.1376': attribute type 5 has an invalid length.
[  366.775409][ T9649] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1376'.
[  369.871321][ T9677] netlink: 'syz.3.1387': attribute type 10 has an invalid length.
[  370.033019][ T9667] netlink: 'syz.0.1382': attribute type 10 has an invalid length.
[  370.070070][ T9667] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1382'.
[  370.118764][ T9667] hsr0: entered promiscuous mode
[  370.167003][ T9667] bridge0: port 3(hsr0) entered blocking state
[  370.188110][ T9667] bridge0: port 3(hsr0) entered disabled state
[  370.237009][ T9667] hsr0: entered allmulticast mode
[  370.256799][ T9667] hsr_slave_1: entered allmulticast mode
[  373.512957][ T9694] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1394'.
[  374.145034][ T9703] netlink: 'syz.2.1398': attribute type 21 has an invalid length.
[  374.166632][ T9703] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1398'.
[  377.147992][ T9730] FAULT_INJECTION: forcing a failure.
[  377.147992][ T9730] name failslab, interval 1, probability 0, space 0, times 0
[  377.161175][ T9730] CPU: 0 PID: 9730 Comm: syz.1.1409 Not tainted syzkaller #0
[  377.168607][ T9730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  377.178696][ T9730] Call Trace:
[  377.182006][ T9730]  <TASK>
[  377.184960][ T9730]  dump_stack_lvl+0x18c/0x250
[  377.189683][ T9730]  ? show_regs_print_info+0x20/0x20
[  377.194919][ T9730]  ? load_image+0x400/0x400
[  377.199455][ T9730]  ? __lock_acquire+0x7d40/0x7d40
[  377.204516][ T9730]  should_fail_ex+0x39d/0x4d0
[  377.209238][ T9730]  should_failslab+0x9/0x20
[  377.213776][ T9730]  slab_pre_alloc_hook+0x59/0x310
[  377.218833][ T9730]  ? apparmor_sk_alloc_security+0x77/0x100
[  377.224668][ T9730]  __kmem_cache_alloc_node+0x53/0x250
[  377.230078][ T9730]  ? apparmor_sk_alloc_security+0x77/0x100
[  377.235911][ T9730]  kmalloc_trace+0x2a/0xe0
[  377.240740][ T9730]  apparmor_sk_alloc_security+0x77/0x100
[  377.246406][ T9730]  security_sk_alloc+0x6e/0xa0
[  377.251198][ T9730]  sk_prot_alloc+0x101/0x210
[  377.255867][ T9730]  sk_alloc+0x3a/0x360
[  377.259973][ T9730]  inet6_create+0x7f0/0x11d0
[  377.264673][ T9730]  ? inet6_create+0x83/0x11d0
[  377.269379][ T9730]  __sock_create+0x4a6/0x940
[  377.274007][ T9730]  mptcp_subflow_create_socket+0x10b/0xac0
[  377.279849][ T9730]  ? __mptcp_subflow_connect+0x1450/0x1450
[  377.285696][ T9730]  ? mark_lock+0x94/0x320
[  377.290056][ T9730]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  377.296062][ T9730]  __mptcp_nmpc_sk+0x157/0x740
[  377.300861][ T9730]  ? __bpf_trace_subflow_check_data_avail+0x160/0x160
[  377.307656][ T9730]  ? __local_bh_enable_ip+0x13a/0x1c0
[  377.313048][ T9730]  ? lockdep_hardirqs_on+0x98/0x150
[  377.318274][ T9730]  ? __local_bh_enable_ip+0x13a/0x1c0
[  377.323678][ T9730]  mptcp_sendmsg_fastopen+0x7f/0x4d0
[  377.329002][ T9730]  mptcp_sendmsg+0x14b2/0x16d0
[  377.333898][ T9730]  ? aa_sk_perm+0x83c/0x970
[  377.338446][ T9730]  ? aa_af_perm+0x330/0x330
[  377.342977][ T9730]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  377.349422][ T9730]  ? mptcp_shutdown+0x80/0x80
[  377.354219][ T9730]  ? inet6_sendmsg+0x5f/0xd0
[  377.358837][ T9730]  ? inet6_compat_ioctl+0x3c0/0x3c0
[  377.364072][ T9730]  ____sys_sendmsg+0x5ba/0x960
[  377.368864][ T9730]  ? __lock_acquire+0x7d40/0x7d40
[  377.373918][ T9730]  ? __asan_memset+0x22/0x40
[  377.378534][ T9730]  ? __sys_sendmsg_sock+0x30/0x30
[  377.383596][ T9730]  ? __import_iovec+0x3fa/0x850
[  377.388609][ T9730]  ? import_iovec+0x73/0xa0
[  377.393151][ T9730]  ___sys_sendmsg+0x2a6/0x360
[  377.398047][ T9730]  ? get_pid_task+0x20/0x1e0
[  377.402682][ T9730]  ? __sys_sendmsg+0x2a0/0x2a0
[  377.407498][ T9730]  ? __lock_acquire+0x7d40/0x7d40
[  377.412578][ T9730]  __se_sys_sendmsg+0x1c2/0x2b0
[  377.417547][ T9730]  ? __x64_sys_sendmsg+0x80/0x80
[  377.422540][ T9730]  ? lockdep_hardirqs_on+0x98/0x150
[  377.427781][ T9730]  do_syscall_64+0x55/0xa0
[  377.432320][ T9730]  ? clear_bhb_loop+0x40/0x90
[  377.437110][ T9730]  ? clear_bhb_loop+0x40/0x90
[  377.441853][ T9730]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.447772][ T9730] RIP: 0033:0x7fa1a279c799
[  377.452209][ T9730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  377.472236][ T9730] RSP: 002b:00007fa1a35bb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.481298][ T9730] RAX: ffffffffffffffda RBX: 00007fa1a2a15fa0 RCX: 00007fa1a279c799
[  377.489650][ T9730] RDX: e07e872420dfefca RSI: 0000200000000780 RDI: 0000000000000003
[  377.497999][ T9730] RBP: 00007fa1a35bb090 R08: 0000000000000000 R09: 0000000000000000
[  377.506174][ T9730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.514341][ T9730] R13: 00007fa1a2a16038 R14: 00007fa1a2a15fa0 R15: 00007ffd79ea44c8
[  377.523603][ T9730]  </TASK>
[  377.772667][ T9736] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  377.783162][ T9736] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  377.811414][ T9741] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1412'.
[  377.828696][ T9736] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  377.851651][ T9736] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  379.008379][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  379.023116][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  380.955174][ T9759] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1419'.
[  382.145640][ T9795] syzkaller0: entered promiscuous mode
[  382.168064][ T9795] syzkaller0: entered allmulticast mode
[  390.853047][ T9804] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.1434'.
[  390.865101][ T9830] netlink: 'syz.1.1444': attribute type 10 has an invalid length.
[  390.875651][ T5772] Bluetooth: hci0: ISO packet too small
[  390.888354][ T9830] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  394.705659][ T9867] netlink: 'syz.3.1462': attribute type 10 has an invalid length.
[  394.726607][ T9867] team0: Port device netdevsim0 added
[  394.745781][ T9869] sock: sock_set_timeout: `syz.0.1461' (pid 9869) tries to set negative timeout
[  398.179348][ T9891] netlink: 'syz.1.1470': attribute type 10 has an invalid length.
[  398.746889][ T9910] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1478'.
[  399.480809][   T49] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  400.515943][ T5842] page_pool_release_retry() stalled pool shutdown 1 inflight 60 sec
[  402.412886][ T9938] syzkaller0: entered promiscuous mode
[  402.418670][ T9938] syzkaller0: entered allmulticast mode
[  404.767876][ T9964] netlink: 'syz.1.1499': attribute type 10 has an invalid length.
[  404.778127][ T9964] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.786786][ T9964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  404.795824][ T9964] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.803183][ T9964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  404.820092][ T9964] team0: Port device bridge0 added
[  407.892029][ T9977] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.1504'.
[  407.903050][ T9977] bridge_slave_1: default FDB implementation only supports local addresses
[  407.948874][ T5772] Bluetooth: hci0: Malformed HCI Event
[  408.017913][ T9972] delete_channel: no stack
[  412.450214][T10034] FAULT_INJECTION: forcing a failure.
[  412.450214][T10034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.491118][T10034] CPU: 1 PID: 10034 Comm: syz.2.1523 Not tainted syzkaller #0
[  412.498836][T10034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  412.508934][T10034] Call Trace:
[  412.512261][T10034]  <TASK>
[  412.515235][T10034]  dump_stack_lvl+0x18c/0x250
[  412.519980][T10034]  ? show_regs_print_info+0x20/0x20
[  412.525676][T10034]  ? load_image+0x400/0x400
[  412.530329][T10034]  ? __might_fault+0xaa/0x120
[  412.535494][T10034]  ? __lock_acquire+0x7d40/0x7d40
[  412.540935][T10034]  should_fail_ex+0x39d/0x4d0
[  412.545686][T10034]  _copy_from_user+0x2f/0xe0
[  412.550346][T10034]  do_ipv6_setsockopt+0x3a2/0x3e20
[  412.555542][T10034]  ? sk_dst_reset+0xa0/0xa0
[  412.560124][T10034]  ? verify_lock_unused+0x140/0x140
[  412.565386][T10034]  ? mark_lock+0x94/0x320
[  412.569770][T10034]  ? __lock_acquire+0x1273/0x7d40
[  412.574954][T10034]  ? aa_label_sk_perm+0x463/0x5c0
[  412.580123][T10034]  ? aa_sk_perm+0x970/0x970
[  412.584680][T10034]  ? __might_sleep+0xe0/0xe0
[  412.589310][T10034]  ? ksys_write+0x1c4/0x260
[  412.593859][T10034]  ? aa_sk_perm+0x83c/0x970
[  412.598399][T10034]  ? __fget_files+0x28/0x4b0
[  412.603022][T10034]  ? aa_af_perm+0x330/0x330
[  412.607561][T10034]  ? __fget_files+0x28/0x4b0
[  412.612271][T10034]  ? __fget_files+0x28/0x4b0
[  412.616979][T10034]  ? aa_sock_opt_perm+0x74/0x100
[  412.621945][T10034]  ipv6_setsockopt+0x59/0x190
[  412.626644][T10034]  ? sock_common_recvmsg+0x190/0x190
[  412.631966][T10034]  do_sock_setsockopt+0x175/0x1a0
[  412.637015][T10034]  ? __fdget+0x180/0x210
[  412.641290][T10034]  __x64_sys_setsockopt+0x182/0x200
[  412.646512][T10034]  do_syscall_64+0x55/0xa0
[  412.650957][T10034]  ? clear_bhb_loop+0x40/0x90
[  412.655656][T10034]  ? clear_bhb_loop+0x40/0x90
[  412.660362][T10034]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  412.666280][T10034] RIP: 0033:0x7fb95bf9c799
[  412.670717][T10034] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  412.690342][T10034] RSP: 002b:00007fb95ceca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  412.698793][T10034] RAX: ffffffffffffffda RBX: 00007fb95c215fa0 RCX: 00007fb95bf9c799
[  412.706787][T10034] RDX: 000000000000000b RSI: 0000000000000029 RDI: 0000000000000003
[  412.714791][T10034] RBP: 00007fb95ceca090 R08: 00000000000000b9 R09: 0000000000000000
[  412.722882][T10034] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  412.731055][T10034] R13: 00007fb95c216038 R14: 00007fb95c215fa0 R15: 00007ffc3c56d268
[  412.739251][T10034]  </TASK>
[  416.311254][T10068] netlink: 'syz.3.1538': attribute type 10 has an invalid length.
[  416.452916][T10068] team0: Port device netdevsim0 removed
[  419.873890][T10098] netlink: 'syz.3.1550': attribute type 29 has an invalid length.
[  419.892495][T10098] netlink: 'syz.3.1550': attribute type 29 has an invalid length.
[  420.519372][T10128] FAULT_INJECTION: forcing a failure.
[  420.519372][T10128] name failslab, interval 1, probability 0, space 0, times 0
[  420.533254][T10128] CPU: 0 PID: 10128 Comm: syz.2.1562 Not tainted syzkaller #0
[  420.540785][T10128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  420.550888][T10128] Call Trace:
[  420.554238][T10128]  <TASK>
[  420.557313][T10128]  dump_stack_lvl+0x18c/0x250
[  420.562064][T10128]  ? show_regs_print_info+0x20/0x20
[  420.567318][T10128]  ? load_image+0x400/0x400
[  420.571883][T10128]  ? __might_sleep+0xe0/0xe0
[  420.576531][T10128]  ? __lock_acquire+0x7d40/0x7d40
[  420.581622][T10128]  should_fail_ex+0x39d/0x4d0
[  420.586366][T10128]  should_failslab+0x9/0x20
[  420.590921][T10128]  slab_pre_alloc_hook+0x59/0x310
[  420.596001][T10128]  ? subflow_ulp_init+0x95/0x530
[  420.600993][T10128]  __kmem_cache_alloc_node+0x53/0x250
[  420.606427][T10128]  ? tcp_set_ulp+0xb1/0x5f0
[  420.611068][T10128]  ? subflow_ulp_init+0x95/0x530
[  420.616047][T10128]  kmalloc_trace+0x2a/0xe0
[  420.620520][T10128]  subflow_ulp_init+0x95/0x530
[  420.625345][T10128]  ? tcp_set_ulp+0xb1/0x5f0
[  420.629891][T10128]  tcp_set_ulp+0x536/0x5f0
[  420.634359][T10128]  mptcp_subflow_create_socket+0x60e/0xac0
[  420.640312][T10128]  ? __mptcp_subflow_connect+0x1450/0x1450
[  420.646164][T10128]  ? mark_lock+0x94/0x320
[  420.650560][T10128]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  420.656601][T10128]  __mptcp_nmpc_sk+0x157/0x740
[  420.661431][T10128]  ? __bpf_trace_subflow_check_data_avail+0x160/0x160
[  420.668247][T10128]  ? __local_bh_enable_ip+0x13a/0x1c0
[  420.673658][T10128]  ? lockdep_hardirqs_on+0x98/0x150
[  420.678940][T10128]  ? __local_bh_enable_ip+0x13a/0x1c0
[  420.684358][T10128]  mptcp_sendmsg_fastopen+0x7f/0x4d0
[  420.689698][T10128]  mptcp_sendmsg+0x14b2/0x16d0
[  420.694506][T10128]  ? __lock_acquire+0x1273/0x7d40
[  420.699580][T10128]  ? verify_lock_unused+0x140/0x140
[  420.704833][T10128]  ? aa_sk_perm+0x83c/0x970
[  420.709404][T10128]  ? aa_af_perm+0x330/0x330
[  420.713951][T10128]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  420.720431][T10128]  ? mptcp_shutdown+0x80/0x80
[  420.725160][T10128]  ? inet6_sendmsg+0x5f/0xd0
[  420.729790][T10128]  ? inet6_compat_ioctl+0x3c0/0x3c0
[  420.735030][T10128]  ____sys_sendmsg+0x5ba/0x960
[  420.739836][T10128]  ? __lock_acquire+0x7d40/0x7d40
[  420.744912][T10128]  ? __asan_memset+0x22/0x40
[  420.749557][T10128]  ? __sys_sendmsg_sock+0x30/0x30
[  420.754621][T10128]  ? __import_iovec+0x3fa/0x850
[  420.759562][T10128]  ? import_iovec+0x73/0xa0
[  420.764111][T10128]  ___sys_sendmsg+0x2a6/0x360
[  420.768839][T10128]  ? __sys_sendmsg+0x2a0/0x2a0
[  420.773672][T10128]  ? trace_call_bpf+0xc3/0x6c0
[  420.778602][T10128]  __se_sys_sendmsg+0x1c2/0x2b0
[  420.783500][T10128]  ? __x64_sys_sendmsg+0x80/0x80
[  420.788502][T10128]  ? lockdep_hardirqs_on+0x98/0x150
[  420.793751][T10128]  do_syscall_64+0x55/0xa0
[  420.798219][T10128]  ? clear_bhb_loop+0x40/0x90
[  420.803027][T10128]  ? clear_bhb_loop+0x40/0x90
[  420.807756][T10128]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  420.813779][T10128] RIP: 0033:0x7fb95bf9c799
[  420.818237][T10128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  420.838148][T10128] RSP: 002b:00007fb95ceca028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  420.846870][T10128] RAX: ffffffffffffffda RBX: 00007fb95c215fa0 RCX: 00007fb95bf9c799
[  420.854882][T10128] RDX: e07e872420dfefca RSI: 0000200000000780 RDI: 0000000000000003
[  420.862890][T10128] RBP: 00007fb95ceca090 R08: 0000000000000000 R09: 0000000000000000
[  420.870901][T10128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  420.878912][T10128] R13: 00007fb95c216038 R14: 00007fb95c215fa0 R15: 00007ffc3c56d268
[  420.886950][T10128]  </TASK>
[  421.173361][T10131] netlink: 16135 bytes leftover after parsing attributes in process `syz.1.1560'.
[  423.830728][T10143] netlink: 'syz.1.1566': attribute type 29 has an invalid length.
[  423.842812][T10143] netlink: 'syz.1.1566': attribute type 29 has an invalid length.
[  423.857709][T10143] netlink: 'syz.1.1566': attribute type 29 has an invalid length.
[  423.927052][ T5772] Bluetooth: hci3: ISO packet too small
[  424.630844][T10174] netlink: 16135 bytes leftover after parsing attributes in process `syz.2.1575'.
[  428.401643][T10193] netlink: 65051 bytes leftover after parsing attributes in process `syz.2.1585'.
[  428.652613][T10200] netlink: 'syz.2.1585': attribute type 21 has an invalid length.
[  428.675105][T10200] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1585'.
[  432.756670][   T49] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  433.060138][T10224] syzkaller0: entered promiscuous mode
[  433.079185][T10224] syzkaller0: entered allmulticast mode
[  438.880174][T10241] netlink: 16135 bytes leftover after parsing attributes in process `syz.3.1591'.
[  439.069216][T10259] netlink: 'syz.1.1604': attribute type 10 has an invalid length.
[  440.438106][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  440.445080][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  442.581869][T10279] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1610'.
[  443.488727][T10310] netlink: 'syz.0.1623': attribute type 10 has an invalid length.
[  443.510163][T10310] bridge0: port 3(hsr0) entered blocking state
[  443.516865][T10310] bridge0: port 3(hsr0) entered forwarding state
[  443.524489][T10310] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.531834][T10310] bridge0: port 2(bridge_slave_1) entered forwarding state
[  443.539637][T10310] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.547907][T10310] bridge0: port 1(bridge_slave_0) entered forwarding state
[  443.561890][T10310] team0: Port device bridge0 added
[  445.018826][T10335] syzkaller0: entered promiscuous mode
[  445.024562][T10335] syzkaller0: entered allmulticast mode
[  445.038582][T10337] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1638'.
[  445.051334][T10337] bridge_slave_1: default FDB implementation only supports local addresses
[  447.224075][ T5772] Bluetooth: hci2: unexpected event 0x0f length: 15 > 4
[  450.341119][T10368] netlink: 'syz.3.1641': attribute type 21 has an invalid length.
[  451.236900][ T5772] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  451.248042][ T5772] Bluetooth: hci2: Injecting HCI hardware error event
[  451.262075][ T5772] Bluetooth: hci2: hardware error 0x00
[  453.974009][ T5082] Bluetooth: hci1: ISO packet too small
[  454.030208][T10401] netlink: 64535 bytes leftover after parsing attributes in process `syz.1.1654'.
[  454.662224][T10420] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1660'.
[  455.395663][ T5772] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  458.327210][T10447] netlink: 64535 bytes leftover after parsing attributes in process `syz.0.1666'.
[  459.078744][T10473] netlink: 'syz.3.1676': attribute type 10 has an invalid length.
[  459.574579][ T5772] Bluetooth: hci3: unexpected event 0x0f length: 15 > 4
[  460.351463][T10495] netlink: 'syz.2.1684': attribute type 30 has an invalid length.
[  460.479767][T10500] FAULT_INJECTION: forcing a failure.
[  460.479767][T10500] name failslab, interval 1, probability 0, space 0, times 0
[  460.493969][T10500] CPU: 1 PID: 10500 Comm: syz.3.1685 Not tainted syzkaller #0
[  460.501476][T10500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  460.511557][T10500] Call Trace:
[  460.514876][T10500]  <TASK>
[  460.517929][T10500]  dump_stack_lvl+0x18c/0x250
[  460.522658][T10500]  ? show_regs_print_info+0x20/0x20
[  460.527918][T10500]  ? load_image+0x400/0x400
[  460.532553][T10500]  ? __might_sleep+0xe0/0xe0
[  460.537264][T10500]  ? __lock_acquire+0x7d40/0x7d40
[  460.542335][T10500]  should_fail_ex+0x39d/0x4d0
[  460.547053][T10500]  should_failslab+0x9/0x20
[  460.551595][T10500]  slab_pre_alloc_hook+0x59/0x310
[  460.556687][T10500]  ? __lock_acquire+0x7d40/0x7d40
[  460.561837][T10500]  kmem_cache_alloc_node+0x60/0x320
[  460.567071][T10500]  ? __alloc_skb+0x103/0x2c0
[  460.571713][T10500]  __alloc_skb+0x103/0x2c0
[  460.576193][T10500]  netlink_sendmsg+0x66a/0xbf0
[  460.581011][T10500]  ? netlink_getsockopt+0x590/0x590
[  460.586259][T10500]  ? aa_sock_msg_perm+0x94/0x150
[  460.591280][T10500]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  460.596615][T10500]  ? security_socket_sendmsg+0x80/0xa0
[  460.602118][T10500]  ? netlink_getsockopt+0x590/0x590
[  460.607372][T10500]  ____sys_sendmsg+0x5ba/0x960
[  460.612184][T10500]  ? __asan_memset+0x22/0x40
[  460.616818][T10500]  ? __sys_sendmsg_sock+0x30/0x30
[  460.621958][T10500]  ? __import_iovec+0x5f2/0x850
[  460.626924][T10500]  ? import_iovec+0x73/0xa0
[  460.631672][T10500]  ___sys_sendmsg+0x2a6/0x360
[  460.636383][T10500]  ? get_pid_task+0x20/0x1e0
[  460.641116][T10500]  ? __sys_sendmsg+0x2a0/0x2a0
[  460.646040][T10500]  ? __lock_acquire+0x7d40/0x7d40
[  460.651124][T10500]  __se_sys_sendmsg+0x1c2/0x2b0
[  460.656016][T10500]  ? __x64_sys_sendmsg+0x80/0x80
[  460.661104][T10500]  ? lockdep_hardirqs_on+0x98/0x150
[  460.666351][T10500]  do_syscall_64+0x55/0xa0
[  460.670808][T10500]  ? clear_bhb_loop+0x40/0x90
[  460.675514][T10500]  ? clear_bhb_loop+0x40/0x90
[  460.680258][T10500]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  460.686203][T10500] RIP: 0033:0x7fef79d9c799
[  460.690668][T10500] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  460.710405][T10500] RSP: 002b:00007fef7ac49028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  460.718874][T10500] RAX: ffffffffffffffda RBX: 00007fef7a016090 RCX: 00007fef79d9c799
[  460.726891][T10500] RDX: 0000000000040000 RSI: 0000200000000c40 RDI: 0000000000000005
[  460.734892][T10500] RBP: 00007fef7ac49090 R08: 0000000000000000 R09: 0000000000000000
[  460.742894][T10500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.750896][T10500] R13: 00007fef7a016128 R14: 00007fef7a016090 R15: 00007ffe131a1a88
[  460.759031][T10500]  </TASK>
[  461.400430][T10506] syz.1.1688: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  461.457809][T10506] CPU: 0 PID: 10506 Comm: syz.1.1688 Not tainted syzkaller #0
[  461.465373][T10506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  461.475571][T10506] Call Trace:
[  461.478901][T10506]  <TASK>
[  461.481882][T10506]  dump_stack_lvl+0x18c/0x250
[  461.486623][T10506]  ? show_regs_print_info+0x20/0x20
[  461.491920][T10506]  ? load_image+0x400/0x400
[  461.496491][T10506]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  461.502964][T10506]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  461.509531][T10506]  warn_alloc+0x246/0x340
[  461.513947][T10506]  ? stack_trace_save+0xaa/0x100
[  461.518946][T10506]  ? zone_watermark_ok_safe+0x230/0x230
[  461.524565][T10506]  ? kasan_set_track+0x5f/0x70
[  461.529473][T10506]  ? kasan_set_track+0x4e/0x70
[  461.534376][T10506]  ? __kasan_kmalloc+0x8f/0xa0
[  461.539208][T10506]  ? xsk_init_queue+0xad/0x100
[  461.544134][T10506]  ? xsk_setsockopt+0x4e5/0x760
[  461.549152][T10506]  ? do_sock_setsockopt+0x175/0x1a0
[  461.554412][T10506]  ? __x64_sys_setsockopt+0x182/0x200
[  461.559842][T10506]  __vmalloc_node_range+0x126/0x1330
[  461.565218][T10506]  ? free_vm_area+0x50/0x50
[  461.569796][T10506]  vmalloc_user+0x74/0x80
[  461.574189][T10506]  ? xskq_create+0xbf/0x170
[  461.578835][T10506]  xskq_create+0xbf/0x170
[  461.583226][T10506]  xsk_init_queue+0xad/0x100
[  461.587879][T10506]  xsk_setsockopt+0x4e5/0x760
[  461.592613][T10506]  ? xsk_poll+0x680/0x680
[  461.597090][T10506]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  461.603309][T10506]  ? xsk_poll+0x680/0x680
[  461.607691][T10506]  ? do_sock_setsockopt+0x15e/0x1a0
[  461.612946][T10506]  ? xsk_poll+0x680/0x680
[  461.617339][T10506]  do_sock_setsockopt+0x175/0x1a0
[  461.622418][T10506]  __x64_sys_setsockopt+0x182/0x200
[  461.627672][T10506]  do_syscall_64+0x55/0xa0
[  461.632161][T10506]  ? clear_bhb_loop+0x40/0x90
[  461.636893][T10506]  ? clear_bhb_loop+0x40/0x90
[  461.641629][T10506]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  461.647570][T10506] RIP: 0033:0x7fa1a279c799
[  461.652037][T10506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  461.671789][T10506] RSP: 002b:00007fa1a35bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  461.680264][T10506] RAX: ffffffffffffffda RBX: 00007fa1a2a15fa0 RCX: 00007fa1a279c799
[  461.688384][T10506] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000007
[  461.696412][T10506] RBP: 00007fa1a2832c99 R08: 0000000000000004 R09: 0000000000000000
[  461.704434][T10506] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  461.712462][T10506] R13: 00007fa1a2a16038 R14: 00007fa1a2a15fa0 R15: 00007ffd79ea44c8
[  461.720504][T10506]  </TASK>
[  461.793106][ T5772] Bluetooth: hci3: unexpected event 0x0f length: 15 > 4
[  461.805991][T10506] Mem-Info:
[  461.832355][T10506] active_anon:8686 inactive_anon:0 isolated_anon:0
[  461.832355][T10506]  active_file:18624 inactive_file:40068 isolated_file:0
[  461.832355][T10506]  unevictable:768 dirty:108 writeback:0
[  461.832355][T10506]  slab_reclaimable:10026 slab_unreclaimable:91766
[  461.832355][T10506]  mapped:24219 shmem:1361 pagetables:549
[  461.832355][T10506]  sec_pagetables:0 bounce:0
[  461.832355][T10506]  kernel_misc_reclaimable:0
[  461.832355][T10506]  free:1349058 free_pcp:7072 free_cma:0
[  461.933063][T10506] Node 0 active_anon:34744kB inactive_anon:0kB active_file:74496kB inactive_file:160076kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96876kB dirty:432kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11040kB pagetables:2196kB sec_pagetables:0kB all_unreclaimable? no
[  462.079053][T10506] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  462.366252][T10506] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  462.592053][T10506] lowmem_reserve[]: 0 2521 2522 2522 2522
[  462.640309][T10506] Node 0 DMA32 free:1481328kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:34796kB inactive_anon:0kB active_file:74496kB inactive_file:159244kB unevictable:1536kB writepending:436kB present:3129332kB managed:2586964kB mlocked:0kB bounce:0kB free_pcp:9580kB local_pcp:5660kB free_cma:0kB
[  462.756306][T10506] lowmem_reserve[]: 0 0 0 0 0
[  462.796048][T10506] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  462.925062][T10506] lowmem_reserve[]: 0 0 0 0 0
[  462.947048][T10506] Node 1 Normal free:3899040kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18336kB local_pcp:12480kB free_cma:0kB
[  462.988546][T10506] lowmem_reserve[]: 0 0 0 0 0
[  463.060901][T10506] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  463.098915][T10506] Node 0 DMA32: 1902*4kB (UM) 1739*8kB (UM) 1042*16kB (UME) 810*32kB (UME) 608*64kB (UME) 128*128kB (UME) 22*256kB (UME) 15*512kB (UM) 13*1024kB (UM) 14*2048kB (UME) 319*4096kB (UM) = 1481328kB
[  463.178695][T10506] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  463.227792][T10506] Node 1 Normal: 218*4kB (UE) 49*8kB (UE) 41*16kB (UE) 125*32kB (UE) 30*64kB (UME) 8*128kB (UME) 0*256kB 2*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 948*4096kB (M) = 3899040kB
[  463.387785][T10506] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  463.412757][T10506] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  463.433020][T10506] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  463.578379][T10506] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  463.634115][T10506] 60053 total pagecache pages
[  463.648537][ T5772] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  463.656652][T10506] 0 pages in swap cache
[  463.657352][ T5772] Bluetooth: hci3: Injecting HCI hardware error event
[  463.660887][ T5082] Bluetooth: hci3: hardware error 0x00
[  463.662328][T10506] Free swap  = 124996kB
[  463.796177][T10506] Total swap = 124996kB
[  463.828951][T10506] 2097051 pages RAM
[  463.844509][T10506] 0 pages HighMem/MovableOnly
[  463.875500][T10506] 416924 pages reserved
[  463.886777][T10506] 0 pages cma reserved
[  464.756913][ T7344] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  466.040444][ T5772] Bluetooth: hci1: unexpected event 0x0f length: 15 > 4
[  466.275457][ T5082] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  469.355440][T10567] netlink: 'syz.0.1710': attribute type 10 has an invalid length.
[  469.503556][T10567] bridge0: port 3(hsr0) entered disabled state
[  469.510393][T10567] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.518130][T10567] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.115284][ T5082] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  470.125467][ T5082] Bluetooth: hci1: Injecting HCI hardware error event
[  470.133862][ T5082] Bluetooth: hci1: hardware error 0x00
[  470.471488][T10582] netlink: 'syz.3.1714': attribute type 7 has an invalid length.
[  471.610622][T10587] netlink: 'syz.2.1716': attribute type 10 has an invalid length.
[  472.436744][ T5082] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  473.320326][T10587] hsr_slave_1: left promiscuous mode
[  473.516007][T10592] netlink: 'syz.3.1718': attribute type 32 has an invalid length.
[  477.219124][T10624] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1731'.
[  477.245462][T10624] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1731'.
[  477.266263][T10624] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1731'.
[  477.295427][T10627] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1731'.
[  481.531413][T10658] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1744'.
[  481.965781][T10665] netlink: 'syz.2.1747': attribute type 10 has an invalid length.
[  482.865863][T10687] netlink: 'syz.0.1755': attribute type 10 has an invalid length.
[  485.842584][T10691] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1756'.
[  485.919749][T10693] syzkaller0: entered promiscuous mode
[  485.930389][T10693] syzkaller0: entered allmulticast mode
[  492.475400][T10737] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1770'.
[  492.725731][T10757] FAULT_INJECTION: forcing a failure.
[  492.725731][T10757] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  492.755939][T10757] CPU: 0 PID: 10757 Comm: syz.0.1777 Not tainted syzkaller #0
[  492.763493][T10757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  492.773603][T10757] Call Trace:
[  492.776933][T10757]  <TASK>
[  492.780001][T10757]  dump_stack_lvl+0x18c/0x250
[  492.785027][T10757]  ? show_regs_print_info+0x20/0x20
[  492.790320][T10757]  ? load_image+0x400/0x400
[  492.794888][T10757]  ? __might_fault+0xaa/0x120
[  492.799635][T10757]  ? __lock_acquire+0x7d40/0x7d40
[  492.804726][T10757]  should_fail_ex+0x39d/0x4d0
[  492.809491][T10757]  _copy_from_iter+0x1d9/0x12e0
[  492.814579][T10757]  ? slab_post_alloc_hook+0x8a/0x4b0
[  492.819914][T10757]  ? __virt_addr_valid+0x18c/0x540
[  492.825111][T10757]  ? __lock_acquire+0x7d40/0x7d40
[  492.830202][T10757]  ? rcu_is_watching+0x15/0xb0
[  492.835044][T10757]  ? copyout_mc+0x70/0x70
[  492.839478][T10757]  ? __virt_addr_valid+0x18c/0x540
[  492.844644][T10757]  ? __virt_addr_valid+0x18c/0x540
[  492.849807][T10757]  ? __virt_addr_valid+0x469/0x540
[  492.854986][T10757]  ? __check_object_size+0x506/0xa20
[  492.860355][T10757]  netlink_sendmsg+0x76b/0xbf0
[  492.865213][T10757]  ? netlink_getsockopt+0x590/0x590
[  492.870482][T10757]  ? aa_sock_msg_perm+0x94/0x150
[  492.875495][T10757]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  492.880921][T10757]  ? security_socket_sendmsg+0x80/0xa0
[  492.886433][T10757]  ? netlink_getsockopt+0x590/0x590
[  492.891695][T10757]  ____sys_sendmsg+0x5ba/0x960
[  492.896523][T10757]  ? __asan_memset+0x22/0x40
[  492.901180][T10757]  ? __sys_sendmsg_sock+0x30/0x30
[  492.906257][T10757]  ? __import_iovec+0x5f2/0x850
[  492.911285][T10757]  ? import_iovec+0x73/0xa0
[  492.915859][T10757]  ___sys_sendmsg+0x2a6/0x360
[  492.920589][T10757]  ? get_pid_task+0x20/0x1e0
[  492.925274][T10757]  ? __sys_sendmsg+0x2a0/0x2a0
[  492.930148][T10757]  ? __lock_acquire+0x7d40/0x7d40
[  492.935299][T10757]  __se_sys_sendmsg+0x1c2/0x2b0
[  492.940210][T10757]  ? __x64_sys_sendmsg+0x80/0x80
[  492.945242][T10757]  ? lockdep_hardirqs_on+0x98/0x150
[  492.950506][T10757]  do_syscall_64+0x55/0xa0
[  492.954998][T10757]  ? clear_bhb_loop+0x40/0x90
[  492.959757][T10757]  ? clear_bhb_loop+0x40/0x90
[  492.964519][T10757]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  492.970482][T10757] RIP: 0033:0x7f2f1179c799
[  492.974961][T10757] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  492.994631][T10757] RSP: 002b:00007f2f12641028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  493.003116][T10757] RAX: ffffffffffffffda RBX: 00007f2f11a15fa0 RCX: 00007f2f1179c799
[  493.011159][T10757] RDX: 0000000000040000 RSI: 0000200000000c40 RDI: 0000000000000005
[  493.019269][T10757] RBP: 00007f2f12641090 R08: 0000000000000000 R09: 0000000000000000
[  493.027294][T10757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.035326][T10757] R13: 00007f2f11a16038 R14: 00007f2f11a15fa0 R15: 00007fff82f5b478
[  493.043412][T10757]  </TASK>
[  493.336553][T10765] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1780'.
[  496.759770][ T1133] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  497.068639][T10792] netlink: 'syz.0.1791': attribute type 10 has an invalid length.
[  497.087720][T10792] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1791'.
[  497.115271][T10792] batadv_slave_1: entered promiscuous mode
[  497.125252][T10792] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  497.153440][T10792] batman_adv: batadv0: Removing interface: batadv_slave_1
[  497.189583][T10792] bridge0: port 4(batadv_slave_1) entered blocking state
[  497.211638][T10792] bridge0: port 4(batadv_slave_1) entered disabled state
[  497.225160][T10792] batadv_slave_1: entered allmulticast mode
[  497.623513][T10813] netlink: 'syz.0.1799': attribute type 10 has an invalid length.
[  497.779779][T10817] netlink: 'syz.2.1800': attribute type 10 has an invalid length.
[  498.143058][T10835] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1807'.
[  499.425586][T10871] netlink: 'syz.0.1819': attribute type 10 has an invalid length.
[  499.498743][T10871] team0: Port device netdevsim0 removed
[  499.560099][T10873] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1821'.
[  499.612963][T10873] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1821'.
[  500.723632][T10897] netlink: 'syz.3.1831': attribute type 33 has an invalid length.
[  500.744205][T10897] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1831'.
[  501.235532][T10912] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1834'.
[  501.501744][T10912] netlink: 'syz.0.1834': attribute type 10 has an invalid length.
[  501.557170][T10919] raw_sendmsg: syz.1.1838 forgot to set AF_INET. Fix it!
[  501.582673][T10912] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1834'.
[  501.906533][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  501.912916][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  501.984845][T10933] netlink: 'syz.1.1841': attribute type 3 has an invalid length.
[  502.015697][T10933] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1841'.
[  502.178897][T10925] syzkaller0: entered promiscuous mode
[  502.205104][T10925] syzkaller0: entered allmulticast mode
[  504.287358][T10971] FAULT_INJECTION: forcing a failure.
[  504.287358][T10971] name failslab, interval 1, probability 0, space 0, times 0
[  504.325946][T10971] CPU: 1 PID: 10971 Comm: syz.1.1852 Not tainted syzkaller #0
[  504.333856][T10971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  504.343975][T10971] Call Trace:
[  504.347318][T10971]  <TASK>
[  504.350318][T10971]  dump_stack_lvl+0x18c/0x250
[  504.355094][T10971]  ? show_regs_print_info+0x20/0x20
[  504.360377][T10971]  ? load_image+0x400/0x400
[  504.364971][T10971]  ? verify_lock_unused+0x140/0x140
[  504.370255][T10971]  ? perf_trace_lock_acquire+0x34f/0x410
[  504.376079][T10971]  should_fail_ex+0x39d/0x4d0
[  504.380860][T10971]  should_failslab+0x9/0x20
[  504.385439][T10971]  slab_pre_alloc_hook+0x59/0x310
[  504.390574][T10971]  kmem_cache_alloc+0x5a/0x2d0
[  504.395497][T10971]  ? skb_clone+0x1eb/0x370
[  504.400012][T10971]  skb_clone+0x1eb/0x370
[  504.404347][T10971]  __netlink_deliver_tap+0x41c/0x830
[  504.409751][T10971]  ? netlink_deliver_tap+0x2e/0x1b0
[  504.415035][T10971]  netlink_deliver_tap+0x19c/0x1b0
[  504.420402][T10971]  netlink_unicast+0x72c/0x8d0
[  504.425295][T10971]  netlink_sendmsg+0x8d0/0xbf0
[  504.430229][T10971]  ? netlink_getsockopt+0x590/0x590
[  504.435523][T10971]  ? aa_sock_msg_perm+0x94/0x150
[  504.440554][T10971]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  504.445917][T10971]  ? security_socket_sendmsg+0x80/0xa0
[  504.451539][T10971]  ? netlink_getsockopt+0x590/0x590
[  504.456823][T10971]  ____sys_sendmsg+0x5ba/0x960
[  504.461692][T10971]  ? __asan_memset+0x22/0x40
[  504.466362][T10971]  ? __sys_sendmsg_sock+0x30/0x30
[  504.471447][T10971]  ? __import_iovec+0x5f2/0x850
[  504.476430][T10971]  ? import_iovec+0x73/0xa0
[  504.481019][T10971]  ___sys_sendmsg+0x2a6/0x360
[  504.485768][T10971]  ? get_pid_task+0x20/0x1e0
[  504.490473][T10971]  ? __sys_sendmsg+0x2a0/0x2a0
[  504.495394][T10971]  ? __lock_acquire+0x7d40/0x7d40
[  504.500578][T10971]  __se_sys_sendmsg+0x1c2/0x2b0
[  504.505513][T10971]  ? __x64_sys_sendmsg+0x80/0x80
[  504.510593][T10971]  ? lockdep_hardirqs_on+0x98/0x150
[  504.515973][T10971]  do_syscall_64+0x55/0xa0
[  504.520556][T10971]  ? clear_bhb_loop+0x40/0x90
[  504.525399][T10971]  ? clear_bhb_loop+0x40/0x90
[  504.530190][T10971]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  504.536161][T10971] RIP: 0033:0x7fa1a279c799
[  504.540653][T10971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  504.560519][T10971] RSP: 002b:00007fa1a35bb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.569373][T10971] RAX: ffffffffffffffda RBX: 00007fa1a2a15fa0 RCX: 00007fa1a279c799
[  504.577506][T10971] RDX: 0000000000040000 RSI: 0000200000000c40 RDI: 0000000000000005
[  504.585736][T10971] RBP: 00007fa1a35bb090 R08: 0000000000000000 R09: 0000000000000000
[  504.594523][T10971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.602694][T10971] R13: 00007fa1a2a16038 R14: 00007fa1a2a15fa0 R15: 00007ffd79ea44c8
[  504.610982][T10971]  </TASK>
[  505.562297][T10976] netlink: 'syz.0.1854': attribute type 3 has an invalid length.
[  505.573007][T10976] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1854'.
[  506.377190][T10971] netlink: 'syz.1.1852': attribute type 7 has an invalid length.
[  506.639999][T10987] netlink: 'syz.3.1857': attribute type 41 has an invalid length.
[  506.641764][T10992] netlink: 'syz.2.1859': attribute type 64 has an invalid length.
[  506.680459][T10987] netlink: 'syz.3.1857': attribute type 41 has an invalid length.
[  507.304330][T11011] netlink: 'syz.3.1865': attribute type 3 has an invalid length.
[  507.354392][T11011] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1865'.
[  507.842409][T11024] netlink: 'syz.2.1871': attribute type 16 has an invalid length.
[  507.852861][T11024] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1871'.
[  507.868976][T11024] bridge_slave_0: entered allmulticast mode
[  508.554107][T11050] netlink: 'syz.3.1880': attribute type 10 has an invalid length.
[  508.575728][T11050] team0: Port device netdevsim0 added
[  508.720046][T11064] netlink: 'syz.0.1882': attribute type 10 has an invalid length.
[  508.752578][T11064] team0: Port device bridge0 removed
[  512.560208][T11106] netlink: 'syz.3.1896': attribute type 2 has an invalid length.
[  512.585592][T11106] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1896'.
[  512.829615][T11109] netlink: 3787 bytes leftover after parsing attributes in process `syz.0.1897'.
[  515.305601][ T5082] Bluetooth: hci0: unexpected event 0x0f length: 15 > 4
[  517.117491][T11144] netlink: 3787 bytes leftover after parsing attributes in process `syz.2.1907'.
[  517.226752][T11149] netlink: 'syz.1.1905': attribute type 2 has an invalid length.
[  517.385321][T11149] netlink: 17267 bytes leftover after parsing attributes in process `syz.1.1905'.
[  519.315534][ T5082] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  519.325597][ T5082] Bluetooth: hci0: Injecting HCI hardware error event
[  519.334721][ T5082] Bluetooth: hci0: hardware error 0x00
[  523.077833][ T5082] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  523.497512][T11181] netlink: 'syz.2.1919': attribute type 33 has an invalid length.
[  523.530251][T11181] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1919'.
[  523.593589][T11181] `: renamed from team0 (while UP)
[  523.654280][T11185] netlink: 'syz.2.1919': attribute type 21 has an invalid length.
[  523.723092][T11181] netlink: 'syz.2.1919': attribute type 27 has an invalid length.
[  523.773956][T11181] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1919'.
[  523.927858][T11186] netlink: 3787 bytes leftover after parsing attributes in process `syz.3.1918'.
[  524.485770][T11193] netlink: 'syz.2.1922': attribute type 10 has an invalid length.
[  526.838879][T11231] netlink: 3787 bytes leftover after parsing attributes in process `syz.1.1933'.
[  526.848849][T11228] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1942'.
[  527.038483][T11228] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1942'.
[  527.999823][T11239] netlink: 'syz.2.1936': attribute type 10 has an invalid length.
[  528.041438][T11239] `: Port device netdevsim0 removed
[  528.758628][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  529.766306][T11269] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1951'.
[  529.903063][T11269] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1951'.
[  530.149790][T11275] netlink: 'syz.1.1953': attribute type 1 has an invalid length.
[  530.188599][T11275] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1953'.
[  530.758641][T11287] netlink: 'syz.2.1957': attribute type 46 has an invalid length.
[  530.874246][T11290] netlink: 'syz.0.1959': attribute type 10 has an invalid length.
[  530.899404][T11290] bridge0: port 4(batadv_slave_1) entered blocking state
[  530.906745][T11290] bridge0: port 4(batadv_slave_1) entered forwarding state
[  530.914475][T11290] bridge0: port 3(hsr0) entered blocking state
[  530.920951][T11290] bridge0: port 3(hsr0) entered forwarding state
[  530.927797][T11290] bridge0: port 2(bridge_slave_1) entered blocking state
[  530.935156][T11290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  530.942863][T11290] bridge0: port 1(bridge_slave_0) entered blocking state
[  530.950265][T11290] bridge0: port 1(bridge_slave_0) entered forwarding state
[  530.989249][T11290] team0: Port device bridge0 added
[  531.172689][T11300] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1964'.
[  531.195303][T11300] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1964'.
[  531.222241][T11300] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1964'.
[  531.243626][T11300] netlink: 'syz.0.1964': attribute type 1 has an invalid length.
[  531.263211][T11300] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.1964'.
[  531.388533][T11302] syzkaller0: entered promiscuous mode
[  531.394105][T11302] syzkaller0: entered allmulticast mode
[  531.413562][T11306] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1964'.
[  531.450687][T11300] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1964'.
[  534.452941][T11317] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1966'.
[  535.309846][T11330] netlink: 'syz.3.1971': attribute type 10 has an invalid length.
[  535.448296][T11330] team0: Port device dummy0 added
[  536.328198][T11352] __nla_validate_parse: 2 callbacks suppressed
[  536.328236][T11352] netlink: 123072 bytes leftover after parsing attributes in process `syz.3.1981'.
[  537.212073][T11360] netlink: 'syz.2.1984': attribute type 10 has an invalid length.
[  537.247560][T11360] `: Port device netdevsim0 added
[  537.277339][T11362] netlink: set zone limit has 8 unknown bytes
[  537.381543][T11363] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1982'.
[  537.520624][T11363] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1982'.
[  537.794066][T11377] delete_channel: no stack
[  537.826754][T11377] delete_channel: no stack
[  537.844055][T11377] delete_channel: no stack
[  537.873511][T11377] delete_channel: no stack
[  537.911511][T11377] delete_channel: no stack
[  537.928212][T11377] delete_channel: no stack
[  537.933322][T11377] delete_channel: no stack
[  537.941497][T11377] delete_channel: no stack
[  537.967328][T11377] delete_channel: no stack
[  537.990559][T11377] delete_channel: no stack
[  538.012178][T11368] netlink: 'syz.1.1985': attribute type 11 has an invalid length.
[  538.041545][T11377] delete_channel: no stack
[  538.046886][T11377] delete_channel: no stack
[  538.051577][T11377] delete_channel: no stack
[  538.075345][T11377] delete_channel: no stack
[  538.080028][T11377] delete_channel: no stack
[  538.084674][T11377] delete_channel: no stack
[  538.093069][T11377] delete_channel: no stack
[  538.098290][T11377] delete_channel: no stack
[  538.103477][T11377] delete_channel: no stack
[  538.108986][T11377] delete_channel: no stack
[  538.113640][T11377] delete_channel: no stack
[  538.118962][T11377] delete_channel: no stack
[  538.135282][T11383] netlink: 'syz.2.1992': attribute type 10 has an invalid length.
[  538.143541][T11377] delete_channel: no stack
[  538.149057][T11377] delete_channel: no stack
[  538.154050][T11377] delete_channel: no stack
[  538.185582][T11377] delete_channel: no stack
[  538.190416][T11377] delete_channel: no stack
[  538.201189][T11377] delete_channel: no stack
[  538.214076][T11377] delete_channel: no stack
[  538.225367][T11377] delete_channel: no stack
[  538.236536][T11377] delete_channel: no stack
[  538.245475][T11377] delete_channel: no stack
[  538.250134][T11377] delete_channel: no stack
[  538.263638][T11377] delete_channel: no stack
[  538.268580][T11377] delete_channel: no stack
[  538.273280][T11377] delete_channel: no stack
[  538.295259][T11377] delete_channel: no stack
[  538.299954][T11377] delete_channel: no stack
[  538.304612][T11377] delete_channel: no stack
[  538.323046][T11377] delete_channel: no stack
[  538.328296][T11377] delete_channel: no stack
[  538.333230][T11377] delete_channel: no stack
[  538.338679][T11377] delete_channel: no stack
[  538.343418][T11377] delete_channel: no stack
[  538.352412][T11377] delete_channel: no stack
[  538.368230][T11377] delete_channel: no stack
[  538.383238][T11377] delete_channel: no stack
[  538.393476][T11377] delete_channel: no stack
[  538.408869][T11377] delete_channel: no stack
[  538.425129][T11377] delete_channel: no stack
[  538.429815][T11377] delete_channel: no stack
[  538.438704][T11377] delete_channel: no stack
[  538.443367][T11377] delete_channel: no stack
[  538.448606][T11377] delete_channel: no stack
[  538.453246][T11377] delete_channel: no stack
[  538.458436][T11377] delete_channel: no stack
[  538.463076][T11377] delete_channel: no stack
[  538.470893][T11377] delete_channel: no stack
[  538.477585][T11377] delete_channel: no stack
[  538.482372][T11377] delete_channel: no stack
[  538.515278][T11377] delete_channel: no stack
[  538.520054][T11377] delete_channel: no stack
[  538.524687][T11377] delete_channel: no stack
[  538.545241][T11377] delete_channel: no stack
[  538.549919][T11377] delete_channel: no stack
[  539.021333][T11398] netlink: 'syz.2.1997': attribute type 3 has an invalid length.
[  539.096506][T11410] FAULT_INJECTION: forcing a failure.
[  539.096506][T11410] name failslab, interval 1, probability 0, space 0, times 0
[  539.111106][T11410] CPU: 1 PID: 11410 Comm: syz.0.2001 Not tainted syzkaller #0
[  539.116266][T11398] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  539.118611][T11410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  539.118652][T11410] Call Trace:
[  539.118661][T11410]  <TASK>
[  539.118672][T11410]  dump_stack_lvl+0x18c/0x250
[  539.118715][T11410]  ? show_regs_print_info+0x20/0x20
[  539.118746][T11410]  ? load_image+0x400/0x400
[  539.118778][T11410]  ? __might_sleep+0xe0/0xe0
[  539.118806][T11410]  ? __lock_acquire+0x7d40/0x7d40
[  539.118837][T11410]  should_fail_ex+0x39d/0x4d0
[  539.118875][T11410]  should_failslab+0x9/0x20
[  539.118904][T11410]  slab_pre_alloc_hook+0x59/0x310
[  539.118938][T11410]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  539.118962][T11410]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  539.118984][T11410]  __kmem_cache_alloc_node+0x53/0x250
[  539.119021][T11410]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  539.119044][T11410]  __kmalloc+0xa4/0x230
[  539.119077][T11410]  tomoyo_realpath_from_path+0xe3/0x5d0
[  539.119115][T11410]  tomoyo_path_number_perm+0x248/0x620
[  539.119149][T11410]  ? tomoyo_path_number_perm+0x217/0x620
[  539.119182][T11410]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  539.119218][T11410]  ? ksys_write+0x1c4/0x260
[  539.119284][T11410]  ? __fget_files+0x28/0x4b0
[  539.119318][T11410]  ? __fget_files+0x28/0x4b0
[  539.119360][T11410]  security_file_ioctl+0x70/0xa0
[  539.119397][T11410]  __se_sys_ioctl+0x48/0x170
[  539.119428][T11410]  do_syscall_64+0x55/0xa0
[  539.119456][T11410]  ? clear_bhb_loop+0x40/0x90
[  539.119481][T11410]  ? clear_bhb_loop+0x40/0x90
[  539.119508][T11410]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  539.119533][T11410] RIP: 0033:0x7f2f1179c799
[  539.119553][T11410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  539.119571][T11410] RSP: 002b:00007f2f12641028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  539.119595][T11410] RAX: ffffffffffffffda RBX: 00007f2f11a15fa0 RCX: 00007f2f1179c799
[  539.119611][T11410] RDX: 0000200000001a00 RSI: 00000000000089e1 RDI: 000000000000000a
[  539.119625][T11410] RBP: 00007f2f12641090 R08: 0000000000000000 R09: 0000000000000000
[  539.119638][T11410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  539.119650][T11410] R13: 00007f2f11a16038 R14: 00007f2f11a15fa0 R15: 00007fff82f5b478
[  539.119683][T11410]  </TASK>
[  539.121408][T11410] ERROR: Out of memory at tomoyo_realpath_from_path.
[  539.998513][T11434] netlink: 'syz.2.2009': attribute type 10 has an invalid length.
[  540.039058][T11434] `: Port device netdevsim0 removed
[  540.863081][T11464] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2023'.
[  540.872568][T11461] netlink: 'syz.0.2019': attribute type 3 has an invalid length.
[  540.872681][T11461] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2019'.
[  540.919082][T11465] netlink: 'syz.2.2022': attribute type 3 has an invalid length.
[  540.951583][T11464] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2023'.
[  540.958278][T11465] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2022'.
[  541.311764][T11475] delete_channel: no stack
[  541.518678][T11489] netlink: 'syz.1.2031': attribute type 1 has an invalid length.
[  541.536952][T11489] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.2031'.
[  542.053806][T11481] delete_channel: no stack
[  542.356232][T11497] netlink: 'syz.0.2034': attribute type 7 has an invalid length.
[  542.397328][T11502] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2035'.
[  542.930337][T11515] netlink: 'syz.1.2040': attribute type 41 has an invalid length.
[  542.942428][T11515] netlink: 'syz.1.2040': attribute type 41 has an invalid length.
[  546.167754][T11543] netlink: 'syz.2.2052': attribute type 10 has an invalid length.
[  546.184566][T11543] `: Port device netdevsim0 added
[  550.477234][T11578] À: port 1(vlan0) entered blocking state
[  550.499621][T11578] À: port 1(vlan0) entered disabled state
[  550.519879][T11578] vlan0: entered allmulticast mode
[  550.535108][T11578] veth0_vlan: entered allmulticast mode
[  550.561419][T11578] vlan0: entered promiscuous mode
[  550.623406][T11577] ref_ctr_offset mismatch. inode: 0x5e offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xfe
[  554.095262][T11612] netlink: 'syz.0.2077': attribute type 21 has an invalid length.
[  554.263844][T11623] À: port 1(vlan0) entered blocking state
[  554.285732][T11623] À: port 1(vlan0) entered disabled state
[  554.305353][T11623] vlan0: entered allmulticast mode
[  554.319730][T11623] veth0_vlan: entered allmulticast mode
[  554.341816][T11623] vlan0: entered promiscuous mode
[  555.980160][T11656] netlink: 'syz.1.2093': attribute type 153 has an invalid length.
[  556.001712][T11656] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.2093'.
[  558.479114][T11671] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2098'.
[  559.089877][T11684] netlink: 'syz.3.2104': attribute type 21 has an invalid length.
[  559.103478][T11684] IPv6: NLM_F_CREATE should be specified when creating new route
[  559.172980][T11688] netlink: 'syz.0.2105': attribute type 10 has an invalid length.
[  559.187092][T11688] bridge0: port 4(batadv_slave_1) entered disabled state
[  559.194557][T11688] bridge0: port 3(hsr0) entered disabled state
[  559.201110][T11688] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.208492][T11688] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.620907][T11705] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2110'.
[  559.921308][T11716] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2112'.
[  559.943606][T11716] netlink: 'syz.3.2112': attribute type 7 has an invalid length.
[  560.755284][ T7344] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  562.650495][T11731] netlink: 'syz.1.2118': attribute type 21 has an invalid length.
[  562.675261][T11731] IPv6: NLM_F_CREATE should be specified when creating new route
[  563.368892][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  563.375537][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  566.828465][T11762] syzkaller0: entered promiscuous mode
[  566.834122][T11762] syzkaller0: entered allmulticast mode
[  566.866361][T11762] netlink: 168 bytes leftover after parsing attributes in process `syz.3.2130'.
[  572.433626][T11786] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  572.459565][T11786] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  572.485083][T11786] bond0 (unregistering): Released all slaves
[  572.701596][T11802] netlink: 'syz.0.2144': attribute type 10 has an invalid length.
[  572.721182][T11802] team0: Port device bridge0 removed
[  572.878836][T11811] netlink: 'syz.3.2147': attribute type 10 has an invalid length.
[  572.902362][T11811] team0: Port device netdevsim0 removed
[  573.708020][T11820] netlink: 18187 bytes leftover after parsing attributes in process `syz.2.2151'.
[  573.751543][T11823] netlink: 18187 bytes leftover after parsing attributes in process `syz.2.2151'.
[  574.247239][T11829] FAULT_INJECTION: forcing a failure.
[  574.247239][T11829] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  574.269912][T11829] CPU: 0 PID: 11829 Comm: syz.2.2153 Not tainted syzkaller #0
[  574.277447][T11829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  574.287545][T11829] Call Trace:
[  574.290863][T11829]  <TASK>
[  574.293828][T11829]  dump_stack_lvl+0x18c/0x250
[  574.298565][T11829]  ? show_regs_print_info+0x20/0x20
[  574.303958][T11829]  ? load_image+0x400/0x400
[  574.308518][T11829]  ? __might_fault+0xaa/0x120
[  574.313241][T11829]  ? __lock_acquire+0x7d40/0x7d40
[  574.318408][T11829]  should_fail_ex+0x39d/0x4d0
[  574.323165][T11829]  _copy_from_user+0x2f/0xe0
[  574.327811][T11829]  sk_ioctl+0x291/0x6b0
[  574.332047][T11829]  ? sock_ioctl_inout+0x140/0x140
[  574.337134][T11829]  ? do_vfs_ioctl+0x1573/0x1cc0
[  574.342049][T11829]  ? __ia32_compat_sys_ioctl+0x8a0/0x8a0
[  574.347749][T11829]  ? __lock_acquire+0x7d40/0x7d40
[  574.352824][T11829]  ? slab_free_freelist_hook+0x130/0x1a0
[  574.358515][T11829]  inet6_ioctl+0x232/0x2d0
[  574.362980][T11829]  ? inet6_getname+0x650/0x650
[  574.367799][T11829]  ? tomoyo_path_number_perm+0x5b4/0x620
[  574.373486][T11829]  ? tomoyo_path_number_perm+0x217/0x620
[  574.379175][T11829]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  574.384701][T11829]  sock_do_ioctl+0xfc/0x310
[  574.389250][T11829]  ? sock_show_fdinfo+0xb0/0xb0
[  574.394165][T11829]  sock_ioctl+0x5ba/0x7e0
[  574.398546][T11829]  ? sock_poll+0x3e0/0x3e0
[  574.403023][T11829]  ? bpf_lsm_file_ioctl+0x9/0x10
[  574.408035][T11829]  ? security_file_ioctl+0x80/0xa0
[  574.413205][T11829]  ? sock_poll+0x3e0/0x3e0
[  574.417666][T11829]  __se_sys_ioctl+0xfd/0x170
[  574.422309][T11829]  do_syscall_64+0x55/0xa0
[  574.426777][T11829]  ? clear_bhb_loop+0x40/0x90
[  574.431582][T11829]  ? clear_bhb_loop+0x40/0x90
[  574.436309][T11829]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  574.442244][T11829] RIP: 0033:0x7fb95bf9c799
[  574.446701][T11829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  574.466623][T11829] RSP: 002b:00007fb95cea9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  574.475089][T11829] RAX: ffffffffffffffda RBX: 00007fb95c216090 RCX: 00007fb95bf9c799
[  574.483109][T11829] RDX: 0000200000001a00 RSI: 00000000000089e1 RDI: 0000000000000009
[  574.491128][T11829] RBP: 00007fb95cea9090 R08: 0000000000000000 R09: 0000000000000000
[  574.499158][T11829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  574.507184][T11829] R13: 00007fb95c216128 R14: 00007fb95c216090 R15: 00007ffc3c56d268
[  574.515223][T11829]  </TASK>
[  580.948721][T11881] netlink: 63503 bytes leftover after parsing attributes in process `syz.0.2173'.
[  584.658187][T11905] netlink: 'syz.3.2183': attribute type 1 has an invalid length.
[  584.691221][T11905] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.2183'.
[  584.714689][T11905] netlink: 'syz.3.2183': attribute type 1 has an invalid length.
[  584.749201][T11909] netlink: 'syz.0.2185': attribute type 7 has an invalid length.
[  589.205526][T11942] netlink: 6 bytes leftover after parsing attributes in process `syz.2.2196'.
[  589.233610][T11942] openvswitch: netlink: Flow key attr not present in new flow.
[  592.538608][T11957] netlink: 'syz.2.2202': attribute type 7 has an invalid length.
[  592.652128][T11960] netlink: 'syz.0.2206': attribute type 39 has an invalid length.
[  593.180160][T11972] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  593.230282][T11972] bond0 (unregistering): (slave 
cÙ): Releasing backup interface
[  593.261143][T11972] bond0 (unregistering): Released all slaves
[  594.085637][T11976] netlink: 'syz.1.2210': attribute type 7 has an invalid length.
[  596.595752][T11989] netlink: 'syz.0.2217': attribute type 21 has an invalid length.
[  596.657359][T11991] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2218'.
[  596.878654][T11991] netlink: 'syz.1.2218': attribute type 29 has an invalid length.
[  596.897728][T11991] netlink: 'syz.1.2218': attribute type 29 has an invalid length.
[  596.911449][T11995] netlink: 'syz.1.2218': attribute type 29 has an invalid length.
[  596.922655][T11998] netlink: 'syz.1.2218': attribute type 29 has an invalid length.
[  596.950780][T11991] netlink: 'syz.1.2218': attribute type 29 has an invalid length.
[  598.526335][T12027] netlink: 35840 bytes leftover after parsing attributes in process `syz.2.2229'.
[  600.663620][T12036] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2232'.
[  600.679374][T12036] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2232'.
[  600.697150][T12036] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2232'.
[  600.713852][T12036] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2232'.
[  601.881589][T12055] netlink: 'syz.0.2240': attribute type 28 has an invalid length.
[  601.940480][T12055] netlink: 'syz.0.2240': attribute type 29 has an invalid length.
[  602.022005][T12055] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2240'.
[  604.764167][T12061] ------------[ cut here ]------------
[  604.770106][T12061] WARNING: CPU: 1 PID: 12061 at kernel/events/core.c:6806 perf_pending_task+0x35c/0x470
[  604.780264][T12061] Modules linked in:
[  604.784304][T12061] CPU: 1 PID: 12061 Comm: syz.0.2240 Not tainted syzkaller #0
[  604.792593][T12061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  604.803114][T12061] RIP: 0010:perf_pending_task+0x35c/0x470
[  604.809331][T12061] Code: ff 84 db 75 14 e8 74 e0 d5 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 60 e0 d5 ff e8 7b 61 4f ff eb e5 e8 54 e0 d5 ff <0f> 0b e9 f3 fe ff ff e8 48 e0 d5 ff 48 c7 c7 70 f3 1c 8d 4c 89 f6
[  604.829501][T12061] RSP: 0018:ffffc900038079c0 EFLAGS: 00010293
[  604.836257][T12061] RAX: ffffffff81b13c0c RBX: ffff88807ee816b0 RCX: ffff88801eef1e00
[  604.844376][T12061] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  604.852752][T12061] RBP: 0000000000000001 R08: ffffffff8e8aeeef R09: 1ffffffff1d15ddd
[  604.861019][T12061] R10: dffffc0000000000 R11: fffffbfff1d15dde R12: ffff88801eef1e00
[  604.869306][T12061] R13: ffff888018f4a930 R14: ffff88807ee81470 R15: 1ffff1100fdd028e
[  604.877394][T12061] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  604.886554][T12061] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  604.893188][T12061] CR2: 000055557816a7e0 CR3: 0000000030f7e000 CR4: 00000000003506e0
[  604.901262][T12061] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  604.909392][T12061] DR3: 0000200000000300 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  604.917544][T12061] Call Trace:
[  604.920877][T12061]  <TASK>
[  604.923852][T12061]  task_work_run+0x1d4/0x260
[  604.928598][T12061]  ? task_work_cancel+0x220/0x220
[  604.933699][T12061]  do_exit+0x95a/0x2460
[  604.937972][T12061]  ? get_signal+0x1068/0x13f0
[  604.942709][T12061]  ? put_task_struct+0xc0/0xc0
[  604.947664][T12061]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  604.953722][T12061]  ? lock_chain_count+0x20/0x20
[  604.958852][T12061]  ? _raw_spin_lock_irq+0xbb/0xf0
[  604.963936][T12061]  do_group_exit+0x21b/0x2d0
[  604.968652][T12061]  ? lockdep_hardirqs_on+0x98/0x150
[  604.973912][T12061]  get_signal+0x12fc/0x13f0
[  604.978612][T12061]  arch_do_signal_or_restart+0xc2/0x800
[  604.984266][T12061]  ? get_sigframe_size+0x20/0x20
[  604.989459][T12061]  ? perf_trace_preemptirq_template+0xac/0x330
[  604.996008][T12061]  ? exit_to_user_mode_loop+0x3b/0x110
[  605.001627][T12061]  exit_to_user_mode_loop+0x70/0x110
[  605.007114][T12061]  exit_to_user_mode_prepare+0xee/0x180
[  605.012726][T12061]  syscall_exit_to_user_mode+0x1a/0x50
[  605.018297][T12061]  do_syscall_64+0x61/0xa0
[  605.022790][T12061]  ? clear_bhb_loop+0x40/0x90
[  605.027590][T12061]  ? clear_bhb_loop+0x40/0x90
[  605.032351][T12061]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  605.038508][T12061] RIP: 0033:0x7f2f1179c799
[  605.042977][T12061] Code: Unable to access opcode bytes at 0x7f2f1179c76f.
[  605.050145][T12061] RSP: 002b:00007f2f125ff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  605.058849][T12061] RAX: fffffffffffffe00 RBX: 00007f2f11a16188 RCX: 00007f2f1179c799
[  605.066946][T12061] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2f11a16188
[  605.075035][T12061] RBP: 00007f2f11a16180 R08: 0000000000000000 R09: 0000000000000000
[  605.083140][T12061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  605.091239][T12061] R13: 00007f2f11a16218 R14: 00007fff82f5b390 R15: 00007fff82f5b478
[  605.099326][T12061]  </TASK>
[  605.102392][T12061] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  605.109701][T12061] CPU: 1 PID: 12061 Comm: syz.0.2240 Not tainted syzkaller #0
[  605.117200][T12061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  605.127325][T12061] Call Trace:
[  605.130635][T12061]  <TASK>
[  605.133635][T12061]  dump_stack_lvl+0x18c/0x250
[  605.138403][T12061]  ? show_regs_print_info+0x20/0x20
[  605.143746][T12061]  ? load_image+0x400/0x400
[  605.148320][T12061]  panic+0x2dc/0x730
[  605.152275][T12061]  ? bpf_jit_dump+0xd0/0xd0
[  605.156844][T12061]  __warn+0x2e0/0x470
[  605.160873][T12061]  ? perf_pending_task+0x35c/0x470
[  605.166043][T12061]  ? perf_pending_task+0x35c/0x470
[  605.171207][T12061]  report_bug+0x2be/0x4f0
[  605.175572][T12061]  ? perf_pending_task+0x35c/0x470
[  605.180822][T12061]  ? perf_pending_task+0x35c/0x470
[  605.186071][T12061]  ? perf_pending_task+0x35e/0x470
[  605.191333][T12061]  handle_bug+0xcf/0x120
[  605.195667][T12061]  exc_invalid_op+0x1a/0x50
[  605.200223][T12061]  asm_exc_invalid_op+0x1a/0x20
[  605.205126][T12061] RIP: 0010:perf_pending_task+0x35c/0x470
[  605.210906][T12061] Code: ff 84 db 75 14 e8 74 e0 d5 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 60 e0 d5 ff e8 7b 61 4f ff eb e5 e8 54 e0 d5 ff <0f> 0b e9 f3 fe ff ff e8 48 e0 d5 ff 48 c7 c7 70 f3 1c 8d 4c 89 f6
[  605.230991][T12061] RSP: 0018:ffffc900038079c0 EFLAGS: 00010293
[  605.237084][T12061] RAX: ffffffff81b13c0c RBX: ffff88807ee816b0 RCX: ffff88801eef1e00
[  605.245172][T12061] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  605.253177][T12061] RBP: 0000000000000001 R08: ffffffff8e8aeeef R09: 1ffffffff1d15ddd
[  605.261185][T12061] R10: dffffc0000000000 R11: fffffbfff1d15dde R12: ffff88801eef1e00
[  605.269189][T12061] R13: ffff888018f4a930 R14: ffff88807ee81470 R15: 1ffff1100fdd028e
[  605.277191][T12061]  ? perf_pending_task+0x35c/0x470
[  605.282349][T12061]  task_work_run+0x1d4/0x260
[  605.287009][T12061]  ? task_work_cancel+0x220/0x220
[  605.292065][T12061]  do_exit+0x95a/0x2460
[  605.296255][T12061]  ? get_signal+0x1068/0x13f0
[  605.300957][T12061]  ? put_task_struct+0xc0/0xc0
[  605.305844][T12061]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  605.311852][T12061]  ? lock_chain_count+0x20/0x20
[  605.316726][T12061]  ? _raw_spin_lock_irq+0xbb/0xf0
[  605.321769][T12061]  do_group_exit+0x21b/0x2d0
[  605.326393][T12061]  ? lockdep_hardirqs_on+0x98/0x150
[  605.331610][T12061]  get_signal+0x12fc/0x13f0
[  605.336149][T12061]  arch_do_signal_or_restart+0xc2/0x800
[  605.341925][T12061]  ? get_sigframe_size+0x20/0x20
[  605.347161][T12061]  ? perf_trace_preemptirq_template+0xac/0x330
[  605.353368][T12061]  ? exit_to_user_mode_loop+0x3b/0x110
[  605.358861][T12061]  exit_to_user_mode_loop+0x70/0x110
[  605.364176][T12061]  exit_to_user_mode_prepare+0xee/0x180
[  605.369786][T12061]  syscall_exit_to_user_mode+0x1a/0x50
[  605.375297][T12061]  do_syscall_64+0x61/0xa0
[  605.379750][T12061]  ? clear_bhb_loop+0x40/0x90
[  605.384639][T12061]  ? clear_bhb_loop+0x40/0x90
[  605.389342][T12061]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  605.395270][T12061] RIP: 0033:0x7f2f1179c799
[  605.399708][T12061] Code: Unable to access opcode bytes at 0x7f2f1179c76f.
[  605.406830][T12061] RSP: 002b:00007f2f125ff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  605.415276][T12061] RAX: fffffffffffffe00 RBX: 00007f2f11a16188 RCX: 00007f2f1179c799
[  605.423287][T12061] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2f11a16188
[  605.431360][T12061] RBP: 00007f2f11a16180 R08: 0000000000000000 R09: 0000000000000000
[  605.439347][T12061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  605.447332][T12061] R13: 00007f2f11a16218 R14: 00007fff82f5b390 R15: 00007fff82f5b478
[  605.455339][T12061]  </TASK>
[  605.458953][T12061] Kernel Offset: disabled
[  605.463324][T12061] Rebooting in 86400 seconds..