last executing test programs:

29.342018572s ago: executing program 2 (id=4859):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_freezer_state(r2, &(0x7f0000000240)='FROZEN\x00', 0x7)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20048001)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@generic={0x18, 0x1, 0x1}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a0010000000", 0x28}, {&(0x7f0000000000)="8649795504ab21b495633198a7049c31fd324503668f168108ee4c0c3243b0cc1582c3dfb78118e11d4b591b3e7fadf18d49ed2b85cc510fa9de5187a7714ac30abe3e15fb52319b5d75ebaf648e64312a", 0x51}], 0x2}, 0x0)
r4 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
r5 = bpf$ITER_CREATE(0xb, &(0x7f00000002c0)={r4}, 0x8)
write$cgroup_int(r5, &(0x7f00000001c0), 0xfffffdef)
write$cgroup_netprio_ifpriomap(r5, 0x0, 0x12)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x8}]}}, 0x0, 0x26}, 0x28)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00002a"], 0xfe33)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

29.19193673s ago: executing program 2 (id=4861):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x6, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000680)={r0, &(0x7f0000000580)="bddd778033fa9f5de7eff71808e5cfe5a72a394443a8ca8073340740d4659d248997fe1a8ec27bd070bbc39947e0e7643b5c5c55ac6701cdac1c617221ef6971c6915f82cb1311ffe0aa4eb5ca782a1a560c2c90a06af687ac2a4e831cea952483f7b3d25791aa24c236088175ae37eadfec1146add3cc70dd20593efb776542c4db60443d91f12abdcdfef860934935f26e3f7996ce485926445d", &(0x7f0000000640)=""/29}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000280), &(0x7f0000000240)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

29.038515448s ago: executing program 2 (id=4863):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000050000000000000080000000850000007500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000018000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
r4 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f00000001c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}})

28.886754466s ago: executing program 2 (id=4866):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x1, 0x800}, 0xc002, 0x10000, 0x9, 0x5, 0x8, 0x4, 0x0, 0x0, 0xfffffffe, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1000000, 0x2f, 0x0, 0xc)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000040)={r0})
r1 = socket$kcm(0x29, 0x2, 0x0)
recvmsg$kcm(r1, &(0x7f0000000840)={&(0x7f00000001c0)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, 0x0}, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

27.922422077s ago: executing program 2 (id=4870):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_freezer_state(r2, &(0x7f0000000240)='FROZEN\x00', 0x7)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20048001)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@generic={0x18, 0x1, 0x1}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a0010000000", 0x28}, {&(0x7f0000000000)="8649795504ab21b495633198a7049c31fd324503668f168108ee4c0c3243b0cc1582c3dfb78118e11d4b591b3e7fadf18d49ed2b85cc510fa9de5187a7714ac30abe3e15fb52319b5d75ebaf648e64312a", 0x51}], 0x2}, 0x0)
r4 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
r5 = bpf$ITER_CREATE(0xb, &(0x7f00000002c0)={r4}, 0x8)
write$cgroup_int(r5, &(0x7f00000001c0), 0xfffffdef)
write$cgroup_netprio_ifpriomap(r5, 0x0, 0x12)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x8}]}}, 0x0, 0x26}, 0x28)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00002a"], 0xfe33)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

26.986881975s ago: executing program 2 (id=4876):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x100904, 0x4c3f3482, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)}, 0x94)
socket$kcm(0x2, 0x1, 0x84)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)}], 0x1, 0x0, 0x0, 0x7400}, 0x800)
r1 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x6, 0xc, &(0x7f0000000500), 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000830000009f0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x50}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, &(0x7f0000000000), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
close(r4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="120000000d0000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r4}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r6}, &(0x7f0000000300), &(0x7f0000000400)=r4}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000002c0)={r6, &(0x7f0000000540)="2b9b68af17da1cc1dd03ca281fe67255d8c8ed4004290b692e61fe020273c7a57e08d6e87b8425f1448355706769a14ff2a555271dda29314636c1e2b7b16647b9f50a9363a4e245344689593689fe66951b7644", &(0x7f0000000800)=""/206}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fcffffff850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
syz_clone(0x240000, 0x0, 0x0, 0x0, 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f0000000400000004060000000100ea9ad7f617", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000f0cd000000000000044e690085000000a000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2420, 0x0, 0x0, 0x3, 0x3, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))

19.708060514s ago: executing program 3 (id=4910):
r0 = syz_clone(0x9040000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0xff, 0x92, 0x1, 0x9, 0x0, 0x80000001, 0x94020, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, 0x1, @perf_bp={0x0, 0xc}, 0x102000, 0x1, 0x209, 0x9, 0x3, 0xfd87, 0x9, 0x0, 0x6f, 0x0, 0x8000007}, 0x0, 0xffffffffffffffbf, 0xffffffffffffffff, 0xb)
r1 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r1, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x10, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000021bf0000000000000500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000040b7030000000000008500000083000000bf09000000000000550901000008000095000000000000007b00180000000000bf91000000000000b7020000000000008500000084000000b70000000000000095", @ANYRESDEC=r0, @ANYBLOB="a73993bfd7694ec82ec6663ff9fe1174015fbc8f2e197c572862fac648b6c9ea870679107ebfddb819c59e3068061fe20cf2c5a0dc48a7feab411f217f6c6c194d21d797ebb415827af7283b206f42b3a27e2f595323600afbb7eebe7972b210d9124d3bc94f7955973302df2bdb4c82af9ff241183e9d1a20bd9895d34688fb930e91d1d483c6a9154ab83e1ccb63251321035e6cdc557d97f4421e8c891394655a069041c1ab82e0d3b5cf4c9e335c4a550f304a4a090a0badc94d8966edee209de2e74ee24ad7e07bc7ac56c852c2e57c91e29ec06c1ef5bd0f460314b85b87cb43a7865b41a21cf352f1aa3048ac7657cc87366513927b"], &(0x7f0000000200)='syzkaller\x00', 0x1, 0xe1, &(0x7f0000000240)=""/225}, 0x94)
syz_open_procfs$namespace(r0, &(0x7f00000000c0)='ns/ipc\x00')
recvmsg$unix(r2, &(0x7f0000003040)={&(0x7f0000002d40), 0x6e, 0x0}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000800)
syz_clone(0x180000, &(0x7f0000000540), 0x0, 0x0, 0x0, 0x0)
r5 = openat$cgroup(r2, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000180)='cpuacct.usage_all\x00', 0x0, 0x0)

19.541643493s ago: executing program 1 (id=4911):
syz_clone(0x9040000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x180900, &(0x7f0000000540), 0x0, 0x0, 0x0, 0x0)

19.517811444s ago: executing program 0 (id=4912):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0x3, 0x9, &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0xed, &(0x7f00000002c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xe8, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073013600000000009500000000000000e4b832e8f8df6fca0d9ab59d23b6762ebdf7526eee00640a302de1d666f29d6f918b5daa7e3cc05ceb972cc473565fcf293dba54"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r1}, 0x94)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x3, [@ptr={0x9, 0x0, 0x0, 0x2, 0x4}, @var={0x5, 0x0, 0x0, 0xe, 0x1ff, 0x2}, @type_tag={0x4, 0x0, 0x0, 0x12, 0x5}]}, {0x0, [0x0]}}, &(0x7f0000000100)=""/160, 0x43, 0xa0, 0x0, 0x1ff, 0x10000, @value=r2}, 0x28)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, '\x00', r0, r2, 0x0, 0x4}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xb, 0x104, 0x1108, 0x9, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0xb, r6}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r6}, 0x38)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1, 0x4, 0x2, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000300), 0x105, r7}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000012c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x7, r7}, 0x38)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', r0, r3, 0x3, 0x5}, 0x50)
r9 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000900)=@generic={&(0x7f00000008c0)='./file0\x00'}, 0x18)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x80000001, '\x00', 0x0, r3, 0x1, 0x5}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000a40)={{0xffffffffffffffff, <r11=>0xffffffffffffffff}, &(0x7f00000009c0), &(0x7f0000000a00)='%pK    \x00'}, 0x20)
r12 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a80)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x5, '\x00', r0, r3, 0x2, 0x4, 0x5}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b80)=@bpf_tracing={0x1a, 0x31, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x8d7}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@exit, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7f}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fffffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x0, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x2e1ea, r2, 0x2, &(0x7f0000000b00)=[r7, r8, r9, r10, 0xffffffffffffffff, r11, r12], &(0x7f0000000b40)=[{0x2, 0x3, 0x2, 0x8}, {0x2, 0x4, 0xe, 0xb}], 0x10, 0xfffffff7}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xed, &(0x7f00000002c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xe8, 0x8, 0x8, &(0x7f0000000380)}}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073013600000000009500000000000000e4b832e8f8df6fca0d9ab59d23b6762ebdf7526eee00640a302de1d666f29d6f918b5daa7e3cc05ceb972cc473565fcf293dba54"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r1}, 0x94) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x3, [@ptr={0x9, 0x0, 0x0, 0x2, 0x4}, @var={0x5, 0x0, 0x0, 0xe, 0x1ff, 0x2}, @type_tag={0x4, 0x0, 0x0, 0x12, 0x5}]}, {0x0, [0x0]}}, &(0x7f0000000100)=""/160, 0x43, 0xa0, 0x0, 0x1ff, 0x10000, @value=r2}, 0x28) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, '\x00', r0, r2, 0x0, 0x4}, 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xb, 0x104, 0x1108, 0x9, 0x1}, 0x50) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0xb, r6}, 0x38) (async)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r6}, 0x38) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1, 0x4, 0x2, 0x2, 0x0, 0x1}, 0x48) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000300), 0x105, r7}, 0x38) (async)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000012c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x7, r7}, 0x38) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', r0, r3, 0x3, 0x5}, 0x50) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000900)=@generic={&(0x7f00000008c0)='./file0\x00'}, 0x18) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x80000001, '\x00', 0x0, r3, 0x1, 0x5}, 0x50) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000a40)={{}, &(0x7f00000009c0), &(0x7f0000000a00)='%pK    \x00'}, 0x20) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a80)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x5, '\x00', r0, r3, 0x2, 0x4, 0x5}, 0x50) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b80)=@bpf_tracing={0x1a, 0x31, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x8d7}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@exit, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7f}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fffffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x0, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x2e1ea, r2, 0x2, &(0x7f0000000b00)=[r7, r8, r9, r10, 0xffffffffffffffff, r11, r12], &(0x7f0000000b40)=[{0x2, 0x3, 0x2, 0x8}, {0x2, 0x4, 0xe, 0xb}], 0x10, 0xfffffff7}, 0x94) (async)

19.250754068s ago: executing program 0 (id=4913):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_freezer_state(r2, &(0x7f0000000240)='FROZEN\x00', 0x7)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20048001)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600), 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@generic={0x18, 0x1, 0x1}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a0010000000", 0x28}, {&(0x7f0000000000)="8649795504ab21b495633198a7049c31fd324503668f168108ee4c0c3243b0cc1582c3dfb78118e11d4b591b3e7fadf18d49ed2b85cc510fa9de5187a7714ac30abe3e15fb52319b5d75ebaf648e64312a", 0x51}], 0x2}, 0x0)
r4 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
r5 = bpf$ITER_CREATE(0xb, &(0x7f00000002c0)={r4}, 0x8)
write$cgroup_int(r5, &(0x7f00000001c0), 0xfffffdef)
write$cgroup_netprio_ifpriomap(r5, 0x0, 0x12)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x8}]}}, 0x0, 0x26}, 0x28)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00002a"], 0xfe33)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

19.153736933s ago: executing program 1 (id=4914):
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xe, 0x0, &(0x7f0000000180)="3d25ff005b19c4cbe601709b0800", 0x0, 0xda, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 2)

18.574316183s ago: executing program 0 (id=4915):
r0 = socket$kcm(0x23, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x541b, &(0x7f0000000640))

18.458433689s ago: executing program 1 (id=4916):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x15, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180200001e00000000000000000000007a02500003ffffff950000000016001b049cb83bd81ee7a5588a00"], &(0x7f0000000080)='GPL\x00', 0x4, 0xb, &(0x7f00000001c0)=""/152, 0x40f00}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x41, 0x0, 0x11}, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000050000000000000001000004080000000000000003000000100000000000000000000002000000000300000000000004040000000000002e"], 0x0, 0x4d}, 0x28)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x0, 0x1}, 0x48)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x2, @perf_bp={0x0, 0xa}, 0x104105, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90324fc60100c034002a10100feff000037153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x64, &(0x7f0000000000)=r9, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r0, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], ""/16, <r10=>0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000007c0)=[0x0], 0x0, 0x0, 0x7b, &(0x7f0000000840)=[{}], 0x8, 0x10, &(0x7f0000000440), &(0x7f00000008c0), 0x8, 0xd4, 0x8, 0x8, &(0x7f0000000900)}}, 0x10)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b00)={0x0, 0x4b3, 0x10}, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x6, 0x24, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@map_fd={0x18, 0x7}, @map_val={0x18, 0xd, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x90}, @generic={0x8, 0x0, 0x8, 0x1, 0x6}, @map_fd={0x18, 0x5, 0x1, 0x0, r9}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r9}}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xac6}}, @generic={0xbb, 0x7, 0xe, 0x0, 0x81}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000680)='syzkaller\x00', 0xf, 0x9b, &(0x7f00000006c0)=""/155, 0x40f00, 0x31, '\x00', r10, 0x25, r9, 0x8, &(0x7f0000000a80)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000ac0)={0x4, 0x8, 0xd, 0x8}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000b40)=[r9, r9, r9, r11, r9], &(0x7f0000000b80)=[{0x0, 0x3, 0xd, 0x9}, {0x5, 0x3, 0x8, 0xb}], 0x10, 0x1ff}, 0x94)
sendmsg$inet(r1, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0x1a000}], 0x1}, 0x80d1)
close(r1)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
close(r12)
r13 = socket$kcm(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095001800000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff3d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba4580047a9dc88de358ce795731891a2031de4e09740c64e5506f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfadfe6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a97677400ef0bd697d135324ce480c2960344de346bd511dea4ff7a07400b2d12dd1a8c4c300aee5f948777085ca142b79dfc3aca5fadaa0532ab0572169f68584ff2ee063bc7e75ecd5cc8973464629ba236e3ff97f6033d0800000000000000cef54a60aff12590a50ef147e3e640193d00263003a4ef412420a070dd0327e47c8c7abb77b4b53874788d7e2e5d554de4713db957afb56d4673f1b904c5a317d3670003000000183fb7d36e173044f4ab34"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)
sendmsg$kcm(r13, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0xfffffffd, @empty}, 0x80, 0x0}, 0x20000001)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r14=>0xffffffffffffffff})
recvmsg$unix(r14, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r15=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r15, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea032c00fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x1a, &(0x7f0000000f40)=ANY=[@ANYBLOB="18000000060000000000000007000000b7080000000000007b8af8ff00000000b70800000c0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4813c9a00000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70500000800000085000000a500000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000068acffff8500000006000000185200000500000000000000000000009500000000000000"], &(0x7f0000000d80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x0, r15, 0x8, &(0x7f0000000dc0)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000e00)=[r5], &(0x7f0000000e40)=[{0x3, 0x1, 0x6, 0x4}, {0x5, 0x1, 0x3, 0x1}, {0x2, 0x2, 0x10}, {0x4, 0x1, 0xe, 0x6}], 0x10, 0x400}, 0x94)
write$cgroup_type(r12, &(0x7f0000000080), 0x11ffffce1)

18.457839609s ago: executing program 3 (id=4917):
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0xfb, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x200000000}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x7, 0x0, &(0x7f0000000100)="b9ff0307684426", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0xfd, 0x0, 0x0, 0x0, 0xe9, 0x40510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x100000, 0x10000, 0x9e4, 0x7, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xc, 0xffffffffffffffff, 0x8)
socket$kcm(0x2, 0x3, 0x106)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f00000000c0)={0x0, 0x80, 0x5, 0xb, 0x4, 0x8, 0x0, 0x6, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xd4, 0x4, @perf_config_ext={0x7, 0x4}, 0x80, 0x4, 0x7fff, 0x9, 0x4, 0x49780915, 0xd, 0x0, 0x3, 0x0, 0xfffffffffffffff9})
socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x48)
r6 = socket$kcm(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r5}, &(0x7f0000000080)=0x1000000, &(0x7f0000000180)=r6}, 0x20)
ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x541b, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_int(r0, 0x0, 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8927, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x13\xec\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
socket$kcm(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94)

18.369085834s ago: executing program 0 (id=4918):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000f8ffffff000000000000000085000000a0000020950000000000000002cfcdb969ed22c1886c1eafcb883259b0e7cb3732903178736a3bd9ef27ddc402548c18bd01ea0552ed86b3168a41db8b2e27b6d3b215b5fb7a52"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

17.975622584s ago: executing program 0 (id=4919):
r0 = socket$kcm(0x23, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x541b, &(0x7f0000000640)) (fail_nth: 1)

17.28675166s ago: executing program 0 (id=4920):
socket$kcm(0x23, 0x5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000480)=r1, 0x4)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="240000002e000d190a762d7f08", 0xd}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff", 0x17}], 0x2}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d004892e822a6abc02ad2602a5ad6f7007ea60864160af365935cfaea3f49d8df1931a0e64ffc4c78029ee517d34460bc06000000938037e70e457ae2bb24ef6697070000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000002e00)=""/4104, 0x1008}, {&(0x7f0000002d00)=""/197, 0xc5}, {&(0x7f0000001ac0)=""/4147, 0x1033}, {&(0x7f0000000040)=""/43, 0x2b}], 0x4}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x541b, &(0x7f0000000640)={r2})

17.210118364s ago: executing program 1 (id=4921):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x40009, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0xff, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000032000b07d25a806f8c6394f90824fc60", 0x14}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd, 0x590f}, 0x2920, 0x0, 0x6, 0x8, 0x80000000, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f00000003c0)='%pS    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000800)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b705000008000000850000007300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r4, 0x0, 0xe, 0x48000000, &(0x7f0000000300)="40f0538ef047b21fb60068305500", 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

17.08957929s ago: executing program 3 (id=4922):
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xe, 0x0, &(0x7f0000000180)="3d25ff005b19c4cbe601709b0800", 0x0, 0xda, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

16.678589492s ago: executing program 1 (id=4923):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_freezer_state(r2, &(0x7f0000000240)='FROZEN\x00', 0x7)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20048001)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@generic={0x18, 0x1, 0x1}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a0010000000", 0x28}, {&(0x7f0000000000)="8649795504ab21b495633198a7049c31fd324503668f168108ee4c0c3243b0cc1582c3dfb78118e11d4b591b3e7fadf18d49ed2b85cc510fa9de5187a7714ac30abe3e15fb52319b5d75ebaf648e64312a", 0x51}], 0x2}, 0x0)
r4 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
r5 = bpf$ITER_CREATE(0xb, &(0x7f00000002c0)={r4}, 0x8)
write$cgroup_int(r5, &(0x7f00000001c0), 0xfffffdef)
write$cgroup_netprio_ifpriomap(r5, 0x0, 0x12)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x8}]}}, 0x0, 0x26}, 0x28)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00002a"], 0xfe33)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

16.376461008s ago: executing program 3 (id=4924):
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0xcc}]}, &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, r3}, 0x38)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r2}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfff0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000028000100c21400002fbd6c193d970000", 0x14}], 0x1}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0xe, 0x0, &(0x7f0000000180)="3d25ff005b19c4cbe601709b0800", 0x0, 0xda, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

16.362969208s ago: executing program 1 (id=4925):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x89, 0x5, 0x7, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x4, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x1c, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
r1 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={@cgroup, 0xffffffffffffffff, 0x7}, 0x20)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="5c000000120007ab9a3fe3d86e17aa0a076b876c1d0048007ea6f063160af3650400010038001500", 0x28}, {&(0x7f0000000180)="83d2ff5f0000319fd2898a0cc6d6703b87eb29037b09bc7e64f918fa3be4664d327d90424d550300"/52, 0x34}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)

15.274755215s ago: executing program 3 (id=4926):
r0 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty, 0x4000}, 0x80, 0x0}, 0x4054080)
sendmsg$sock(r0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[@txtime={{0x18}}], 0x18}, 0x80)

15.158965371s ago: executing program 3 (id=4927):
r0 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r1 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r1, 0x0, 0x101d0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, &(0x7f0000000600), 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000006c0))
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x10006, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x4, 0x2, 0x0, 0x80, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(0x0, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x3)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000)=r4, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000007c0)=@bpf_tracing={0x1a, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x9, 0x1000, &(0x7f0000002440)=""/4096, 0x41100, 0x1, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x7, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0xa, 0x3, 0x1}, 0x10, 0x25a7e, r3, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
sendmsg$kcm(r1, &(0x7f00000001c0)={&(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x3, {{0x41, 0x1800}, 0x5}}, 0x80, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0x1458}, 0x48800)
r5 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x88000, 0x0)

2.1182933s ago: executing program 32 (id=4920):
socket$kcm(0x23, 0x5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000480)=r1, 0x4)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="240000002e000d190a762d7f08", 0xd}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff", 0x17}], 0x2}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d004892e822a6abc02ad2602a5ad6f7007ea60864160af365935cfaea3f49d8df1931a0e64ffc4c78029ee517d34460bc06000000938037e70e457ae2bb24ef6697070000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000002e00)=""/4104, 0x1008}, {&(0x7f0000002d00)=""/197, 0xc5}, {&(0x7f0000001ac0)=""/4147, 0x1033}, {&(0x7f0000000040)=""/43, 0x2b}], 0x4}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x541b, &(0x7f0000000640)={r2})

1.035712447s ago: executing program 33 (id=4925):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x89, 0x5, 0x7, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x4, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x1c, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
r1 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={@cgroup, 0xffffffffffffffff, 0x7}, 0x20)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="5c000000120007ab9a3fe3d86e17aa0a076b876c1d0048007ea6f063160af3650400010038001500", 0x28}, {&(0x7f0000000180)="83d2ff5f0000319fd2898a0cc6d6703b87eb29037b09bc7e64f918fa3be4664d327d90424d550300"/52, 0x34}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)

0s ago: executing program 34 (id=4927):
r0 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r1 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r1, 0x0, 0x101d0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, &(0x7f0000000600), 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000006c0))
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x10006, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x4, 0x2, 0x0, 0x80, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(0x0, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x3)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000)=r4, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000007c0)=@bpf_tracing={0x1a, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x9, 0x1000, &(0x7f0000002440)=""/4096, 0x41100, 0x1, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x7, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0xa, 0x3, 0x1}, 0x10, 0x25a7e, r3, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
sendmsg$kcm(r1, &(0x7f00000001c0)={&(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x3, {{0x41, 0x1800}, 0x5}}, 0x80, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0x1458}, 0x48800)
r5 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x88000, 0x0)

kernel console output (not intermixed with test programs):

52921][T19471]  ? netlink_getsockopt+0x590/0x590
[ 1115.958149][T19471]  ? aa_sock_msg_perm+0x94/0x150
[ 1115.963109][T19471]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1115.968608][T19471]  ? security_socket_sendmsg+0x80/0xa0
[ 1115.974089][T19471]  ? netlink_getsockopt+0x590/0x590
[ 1115.979313][T19471]  ____sys_sendmsg+0x5ba/0x960
[ 1115.984105][T19471]  ? __asan_memset+0x22/0x40
[ 1115.988718][T19471]  ? __sys_sendmsg_sock+0x30/0x30
[ 1115.993756][T19471]  ? __import_iovec+0x5f2/0x850
[ 1115.998749][T19471]  ? import_iovec+0x73/0xa0
[ 1116.003272][T19471]  ___sys_sendmsg+0x2a6/0x360
[ 1116.007969][T19471]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1116.012791][T19471]  ? trace_call_bpf+0xc3/0x6c0
[ 1116.017761][T19471]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1116.022815][T19471]  ? __x64_sys_sendmsg+0x80/0x80
[ 1116.027790][T19471]  ? lockdep_hardirqs_on+0x98/0x150
[ 1116.033107][T19471]  do_syscall_64+0x55/0xa0
[ 1116.037650][T19471]  ? clear_bhb_loop+0x40/0x90
[ 1116.042442][T19471]  ? clear_bhb_loop+0x40/0x90
[ 1116.047140][T19471]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1116.053146][T19471] RIP: 0033:0x7fd43799c819
[ 1116.057963][T19471] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1116.077860][T19471] RSP: 002b:00007fd4387df028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1116.086391][T19471] RAX: ffffffffffffffda RBX: 00007fd437c15fa0 RCX: 00007fd43799c819
[ 1116.094388][T19471] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000006
[ 1116.102653][T19471] RBP: 00007fd4387df090 R08: 0000000000000000 R09: 0000000000000000
[ 1116.110904][T19471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1116.118916][T19471] R13: 00007fd437c16038 R14: 00007fd437c15fa0 R15: 00007ffccb805868
[ 1116.127008][T19471]  </TASK>
[ 1116.384978][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.402089][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.759484][T19487] validate_nla: 2 callbacks suppressed
[ 1116.759518][T19487] netlink: 'syz.3.4446': attribute type 1 has an invalid length.
[ 1116.782355][T19487] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.4446'.
[ 1117.994444][T19502] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4451'.
[ 1118.003907][T19498] netlink: 'syz.3.4450': attribute type 15 has an invalid length.
[ 1118.030116][T19498] netlink: 'syz.3.4450': attribute type 7 has an invalid length.
[ 1118.861818][T19525] netlink: 'syz.3.4456': attribute type 39 has an invalid length.
[ 1118.886749][T19524] netlink: 'syz.2.4458': attribute type 1 has an invalid length.
[ 1118.895046][T19524] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.4458'.
[ 1119.892444][T19536] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4461'.
[ 1120.404274][T19538] netlink: 'syz.0.4463': attribute type 15 has an invalid length.
[ 1120.412643][T19538] netlink: 'syz.0.4463': attribute type 7 has an invalid length.
[ 1120.581477][T19546] netlink: 208064 bytes leftover after parsing attributes in process `syz.3.4465'.
[ 1121.456796][T19563] netlink: 'syz.2.4471': attribute type 1 has an invalid length.
[ 1121.524740][T19563] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.4471'.
[ 1122.135023][T19578] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4473'.
[ 1122.336748][T19582] FAULT_INJECTION: forcing a failure.
[ 1122.336748][T19582] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.357322][T19582] CPU: 0 PID: 19582 Comm: syz.1.4475 Not tainted syzkaller #0
[ 1122.364949][T19582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1122.375137][T19582] Call Trace:
[ 1122.378446][T19582]  <TASK>
[ 1122.381387][T19582]  dump_stack_lvl+0x18c/0x250
[ 1122.386102][T19582]  ? show_regs_print_info+0x20/0x20
[ 1122.391368][T19582]  ? load_image+0x420/0x420
[ 1122.395929][T19582]  ? __might_sleep+0xe0/0xe0
[ 1122.400660][T19582]  ? __lock_acquire+0x7d40/0x7d40
[ 1122.405751][T19582]  should_fail_ex+0x39d/0x4d0
[ 1122.410490][T19582]  should_failslab+0x9/0x20
[ 1122.415044][T19582]  slab_pre_alloc_hook+0x59/0x310
[ 1122.420130][T19582]  kmem_cache_alloc_node+0x60/0x320
[ 1122.425463][T19582]  ? __alloc_skb+0x103/0x2c0
[ 1122.430100][T19582]  __alloc_skb+0x103/0x2c0
[ 1122.434739][T19582]  alloc_skb_with_frags+0xca/0x7b0
[ 1122.439986][T19582]  ? __lock_acquire+0x1347/0x7d40
[ 1122.445069][T19582]  sock_alloc_send_pskb+0x883/0x9a0
[ 1122.450344][T19582]  ? sock_kzfree_s+0x50/0x50
[ 1122.455171][T19582]  ? perf_trace_lock+0xfc/0x3b0
[ 1122.460079][T19582]  ? trace_event_raw_event_lock+0x250/0x250
[ 1122.466032][T19582]  ? perf_trace_preemptirq_template+0xac/0x330
[ 1122.472242][T19582]  __ip_append_data+0x2ac1/0x3d40
[ 1122.477313][T19582]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[ 1122.482206][T19582]  ? ip_setup_cork+0x860/0x860
[ 1122.486987][T19582]  ? ip_setup_cork+0x530/0x860
[ 1122.491771][T19582]  ip_make_skb+0x22b/0x440
[ 1122.496209][T19582]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[ 1122.501084][T19582]  ? ip_flush_pending_frames+0x250/0x250
[ 1122.506755][T19582]  udp_sendmsg+0x1ade/0x23b0
[ 1122.511381][T19582]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[ 1122.516339][T19582]  ? udp_cmsg_send+0x350/0x350
[ 1122.521229][T19582]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1122.527316][T19582]  ? lock_chain_count+0x20/0x20
[ 1122.532181][T19582]  ? inet_sendmsg+0x14b/0x2f0
[ 1122.536884][T19582]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1122.542271][T19582]  ? _local_bh_enable+0xa0/0xa0
[ 1122.547165][T19582]  ? inet_sendmsg+0x14b/0x2f0
[ 1122.551949][T19582]  ? inet_sendmsg+0x14b/0x2f0
[ 1122.556731][T19582]  ? inet_send_prepare+0x260/0x260
[ 1122.561883][T19582]  ____sys_sendmsg+0x5ba/0x960
[ 1122.566753][T19582]  ? __lock_acquire+0x7d40/0x7d40
[ 1122.571796][T19582]  ? __sys_sendmsg_sock+0x30/0x30
[ 1122.576856][T19582]  ? __import_iovec+0x3fa/0x850
[ 1122.581818][T19582]  ? import_iovec+0x73/0xa0
[ 1122.586430][T19582]  ___sys_sendmsg+0x2a6/0x360
[ 1122.591128][T19582]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1122.595923][T19582]  ? __lock_acquire+0x7d40/0x7d40
[ 1122.600987][T19582]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1122.605875][T19582]  ? __x64_sys_sendmsg+0x80/0x80
[ 1122.610844][T19582]  ? lockdep_hardirqs_on+0x98/0x150
[ 1122.616069][T19582]  do_syscall_64+0x55/0xa0
[ 1122.620499][T19582]  ? clear_bhb_loop+0x40/0x90
[ 1122.625197][T19582]  ? clear_bhb_loop+0x40/0x90
[ 1122.629986][T19582]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1122.635903][T19582] RIP: 0033:0x7fa8fcd9c819
[ 1122.640340][T19582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1122.660324][T19582] RSP: 002b:00007fa8fdc1d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1122.668761][T19582] RAX: ffffffffffffffda RBX: 00007fa8fd015fa0 RCX: 00007fa8fcd9c819
[ 1122.676832][T19582] RDX: 0000000000004840 RSI: 0000200000000380 RDI: 0000000000000003
[ 1122.684822][T19582] RBP: 00007fa8fdc1d090 R08: 0000000000000000 R09: 0000000000000000
[ 1122.692828][T19582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1122.701000][T19582] R13: 00007fa8fd016038 R14: 00007fa8fd015fa0 R15: 00007ffdaec02828
[ 1122.709003][T19582]  </TASK>
[ 1123.426065][T19603] netlink: 'syz.2.4481': attribute type 15 has an invalid length.
[ 1123.459284][T19603] netlink: 'syz.2.4481': attribute type 7 has an invalid length.
[ 1124.499159][T19617] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4487'.
[ 1124.878518][T19620] netlink: 'syz.2.4488': attribute type 21 has an invalid length.
[ 1124.903930][T19620] netlink: 14542 bytes leftover after parsing attributes in process `syz.2.4488'.
[ 1125.006404][T19620] netlink: 'syz.2.4488': attribute type 10 has an invalid length.
[ 1126.266340][T19635] FAULT_INJECTION: forcing a failure.
[ 1126.266340][T19635] name failslab, interval 1, probability 0, space 0, times 0
[ 1126.295777][T19635] CPU: 1 PID: 19635 Comm: syz.0.4495 Not tainted syzkaller #0
[ 1126.303434][T19635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1126.313655][T19635] Call Trace:
[ 1126.317083][T19635]  <TASK>
[ 1126.320246][T19635]  dump_stack_lvl+0x18c/0x250
[ 1126.325014][T19635]  ? show_regs_print_info+0x20/0x20
[ 1126.330287][T19635]  ? load_image+0x420/0x420
[ 1126.334858][T19635]  ? verify_lock_unused+0x140/0x140
[ 1126.340122][T19635]  ? perf_trace_lock+0x304/0x3b0
[ 1126.345149][T19635]  should_fail_ex+0x39d/0x4d0
[ 1126.349922][T19635]  should_failslab+0x9/0x20
[ 1126.354576][T19635]  slab_pre_alloc_hook+0x59/0x310
[ 1126.359725][T19635]  kmem_cache_alloc+0x5a/0x2d0
[ 1126.364652][T19635]  ? skb_clone+0x1eb/0x370
[ 1126.369121][T19635]  skb_clone+0x1eb/0x370
[ 1126.373497][T19635]  __netlink_deliver_tap+0x41c/0x830
[ 1126.378885][T19635]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1126.384258][T19635]  netlink_deliver_tap+0x19c/0x1b0
[ 1126.389460][T19635]  netlink_unicast+0x72c/0x8d0
[ 1126.394341][T19635]  netlink_sendmsg+0x8d0/0xbf0
[ 1126.399200][T19635]  ? perf_trace_lock+0x304/0x3b0
[ 1126.404338][T19635]  ? netlink_getsockopt+0x590/0x590
[ 1126.409728][T19635]  ? aa_sock_msg_perm+0x94/0x150
[ 1126.414753][T19635]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1126.420086][T19635]  ? security_socket_sendmsg+0x80/0xa0
[ 1126.425588][T19635]  ? netlink_getsockopt+0x590/0x590
[ 1126.430873][T19635]  ____sys_sendmsg+0x5ba/0x960
[ 1126.435738][T19635]  ? __asan_memset+0x22/0x40
[ 1126.440455][T19635]  ? __sys_sendmsg_sock+0x30/0x30
[ 1126.445542][T19635]  ? __import_iovec+0x5f2/0x850
[ 1126.450497][T19635]  ? import_iovec+0x73/0xa0
[ 1126.455086][T19635]  ___sys_sendmsg+0x2a6/0x360
[ 1126.459855][T19635]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1126.464792][T19635]  ? __lock_acquire+0x7d40/0x7d40
[ 1126.470163][T19635]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1126.475099][T19635]  ? __x64_sys_sendmsg+0x80/0x80
[ 1126.480253][T19635]  ? lockdep_hardirqs_on+0x98/0x150
[ 1126.485557][T19635]  do_syscall_64+0x55/0xa0
[ 1126.490049][T19635]  ? clear_bhb_loop+0x40/0x90
[ 1126.494894][T19635]  ? clear_bhb_loop+0x40/0x90
[ 1126.499810][T19635]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1126.505759][T19635] RIP: 0033:0x7f2c9b59c819
[ 1126.510241][T19635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1126.529989][T19635] RSP: 002b:00007f2c9c4fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1126.538675][T19635] RAX: ffffffffffffffda RBX: 00007f2c9b815fa0 RCX: 00007f2c9b59c819
[ 1126.546709][T19635] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1126.554744][T19635] RBP: 00007f2c9c4fc090 R08: 0000000000000000 R09: 0000000000000000
[ 1126.562803][T19635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1126.570918][T19635] R13: 00007f2c9b816038 R14: 00007f2c9b815fa0 R15: 00007ffe6d93bdc8
[ 1126.579021][T19635]  </TASK>
[ 1127.196575][T19645] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4498'.
[ 1127.385145][T19648] netlink: 'syz.1.4499': attribute type 21 has an invalid length.
[ 1127.393152][T19648] netlink: 13070 bytes leftover after parsing attributes in process `syz.1.4499'.
[ 1127.408449][T19648] netlink: 'syz.1.4499': attribute type 10 has an invalid length.
[ 1127.834219][T19654] netlink: 'syz.3.4500': attribute type 10 has an invalid length.
[ 1127.854894][T19654] netlink: 55 bytes leftover after parsing attributes in process `syz.3.4500'.
[ 1128.176615][T19657] netlink: 208064 bytes leftover after parsing attributes in process `syz.0.4503'.
[ 1128.860446][T19672] netlink: 'syz.0.4508': attribute type 21 has an invalid length.
[ 1128.868579][T19672] netlink: 176 bytes leftover after parsing attributes in process `syz.0.4508'.
[ 1128.883056][T19674] netlink: 'syz.2.4509': attribute type 21 has an invalid length.
[ 1128.904153][T19674] netlink: 13070 bytes leftover after parsing attributes in process `syz.2.4509'.
[ 1128.924078][T19675] netlink: 'syz.2.4509': attribute type 10 has an invalid length.
[ 1129.057312][T19679] netlink: 'syz.0.4512': attribute type 27 has an invalid length.
[ 1129.057531][T19681] netlink: 'syz.3.4510': attribute type 1 has an invalid length.
[ 1129.067884][T19679] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4512'.
[ 1129.086179][T19681] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.4510'.
[ 1129.915537][T19690] netlink: 'syz.1.4513': attribute type 1 has an invalid length.
[ 1129.923399][T19690] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4513'.
[ 1130.274458][T19697] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1130.637514][T19702] netlink: 'syz.3.4519': attribute type 21 has an invalid length.
[ 1130.684158][T19702] netlink: 13070 bytes leftover after parsing attributes in process `syz.3.4519'.
[ 1130.735982][T19702] netlink: 'syz.3.4519': attribute type 10 has an invalid length.
[ 1130.806609][T19707] netlink: 'syz.1.4520': attribute type 10 has an invalid length.
[ 1131.843002][T19703] bridge_slave_1: default FDB implementation only supports local addresses
[ 1132.106904][T19723] netlink: 'syz.1.4524': attribute type 1 has an invalid length.
[ 1133.577490][T19751] __nla_validate_parse: 3 callbacks suppressed
[ 1133.577514][T19751] netlink: 55 bytes leftover after parsing attributes in process `syz.0.4534'.
[ 1134.535439][T19763] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4537'.
[ 1134.724632][T19767] validate_nla: 1 callbacks suppressed
[ 1134.724656][T19767] netlink: 'syz.2.4538': attribute type 10 has an invalid length.
[ 1134.913254][T19775] FAULT_INJECTION: forcing a failure.
[ 1134.913254][T19775] name failslab, interval 1, probability 0, space 0, times 0
[ 1134.927702][T19775] CPU: 1 PID: 19775 Comm: syz.3.4542 Not tainted syzkaller #0
[ 1134.935501][T19775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1134.945591][T19775] Call Trace:
[ 1134.948991][T19775]  <TASK>
[ 1134.951936][T19775]  dump_stack_lvl+0x18c/0x250
[ 1134.956644][T19775]  ? lock_chain_count+0x20/0x20
[ 1134.961537][T19775]  ? show_regs_print_info+0x20/0x20
[ 1134.966851][T19775]  ? load_image+0x420/0x420
[ 1134.971474][T19775]  should_fail_ex+0x39d/0x4d0
[ 1134.976368][T19775]  should_failslab+0x9/0x20
[ 1134.980897][T19775]  slab_pre_alloc_hook+0x59/0x310
[ 1134.985949][T19775]  kmem_cache_alloc+0x5a/0x2d0
[ 1134.990736][T19775]  ? __inet_hash_connect+0x836/0x1870
[ 1134.996134][T19775]  __inet_hash_connect+0x836/0x1870
[ 1135.001353][T19775]  ? inet_hash_connect+0x130/0x130
[ 1135.006586][T19775]  ? inet_bhash2_reset_saddr+0x80/0x80
[ 1135.012135][T19775]  tcp_v4_connect+0xcac/0x18e0
[ 1135.016918][T19775]  ? __stack_depot_save+0x1f/0x630
[ 1135.022069][T19775]  ? tcp_twsk_unique+0x990/0x990
[ 1135.027226][T19775]  __inet_stream_connect+0x254/0xdc0
[ 1135.032648][T19775]  ? inet_dgram_connect+0x360/0x360
[ 1135.038164][T19775]  tcp_sendmsg_fastopen+0x3a7/0x5d0
[ 1135.043396][T19775]  tcp_sendmsg_locked+0x4621/0x4bd0
[ 1135.048701][T19775]  ? verify_lock_unused+0x140/0x140
[ 1135.054021][T19775]  ? __bpf_trace_bpf_trace_printk+0x100/0x100
[ 1135.060245][T19775]  ? perf_trace_lock+0xfc/0x3b0
[ 1135.065214][T19775]  ? mark_lock+0x94/0x320
[ 1135.069572][T19775]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1135.075663][T19775]  ? lock_chain_count+0x20/0x20
[ 1135.080545][T19775]  ? tcp_set_state+0x680/0x680
[ 1135.085437][T19775]  tcp_sendmsg+0x2f/0x50
[ 1135.089746][T19775]  ? inet_send_prepare+0x260/0x260
[ 1135.095141][T19775]  ____sys_sendmsg+0x5ba/0x960
[ 1135.100009][T19775]  ? __lock_acquire+0x7d40/0x7d40
[ 1135.105150][T19775]  ? __asan_memset+0x22/0x40
[ 1135.110319][T19775]  ? __sys_sendmsg_sock+0x30/0x30
[ 1135.115531][T19775]  ? __import_iovec+0x3fa/0x850
[ 1135.120493][T19775]  ? import_iovec+0x73/0xa0
[ 1135.125019][T19775]  ___sys_sendmsg+0x2a6/0x360
[ 1135.130021][T19775]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1135.135024][T19775]  ? trace_call_bpf+0xc3/0x6c0
[ 1135.139943][T19775]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1135.145002][T19775]  ? __x64_sys_sendmsg+0x80/0x80
[ 1135.149978][T19775]  ? lockdep_hardirqs_on+0x98/0x150
[ 1135.155209][T19775]  do_syscall_64+0x55/0xa0
[ 1135.159649][T19775]  ? clear_bhb_loop+0x40/0x90
[ 1135.164436][T19775]  ? clear_bhb_loop+0x40/0x90
[ 1135.169141][T19775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1135.175056][T19775] RIP: 0033:0x7fd43799c819
[ 1135.179577][T19775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1135.199575][T19775] RSP: 002b:00007fd4387df028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1135.208491][T19775] RAX: ffffffffffffffda RBX: 00007fd437c15fa0 RCX: 00007fd43799c819
[ 1135.216679][T19775] RDX: 00000000240008d0 RSI: 0000200000000080 RDI: 0000000000000003
[ 1135.224849][T19775] RBP: 00007fd4387df090 R08: 0000000000000000 R09: 0000000000000000
[ 1135.232928][T19775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1135.241006][T19775] R13: 00007fd437c16038 R14: 00007fd437c15fa0 R15: 00007ffccb805868
[ 1135.249363][T19775]  </TASK>
[ 1135.729313][T19783] netlink: 'syz.0.4545': attribute type 1 has an invalid length.
[ 1135.754299][T19783] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4545'.
[ 1136.689068][T19794] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4547'.
[ 1137.255257][T19802] netlink: 'syz.2.4549': attribute type 10 has an invalid length.
[ 1137.288282][T19802] netlink: 55 bytes leftover after parsing attributes in process `syz.2.4549'.
[ 1138.386033][T19810] netlink: 'syz.3.4551': attribute type 10 has an invalid length.
[ 1139.551510][T19832] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4559'.
[ 1141.601527][T19850] netlink: 'syz.1.4563': attribute type 10 has an invalid length.
[ 1141.620681][T19852] FAULT_INJECTION: forcing a failure.
[ 1141.620681][T19852] name failslab, interval 1, probability 0, space 0, times 0
[ 1141.669837][T19852] CPU: 0 PID: 19852 Comm: syz.2.4564 Not tainted syzkaller #0
[ 1141.677848][T19852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1141.684045][T19850] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4563'.
[ 1141.687929][T19852] Call Trace:
[ 1141.687947][T19852]  <TASK>
[ 1141.687956][T19852]  dump_stack_lvl+0x18c/0x250
[ 1141.687999][T19852]  ? show_regs_print_info+0x20/0x20
[ 1141.713524][T19852]  ? load_image+0x420/0x420
[ 1141.718101][T19852]  ? __might_sleep+0xe0/0xe0
[ 1141.722946][T19852]  ? __lock_acquire+0x7d40/0x7d40
[ 1141.728341][T19852]  ? iov_iter_get_pages_alloc2+0xc0/0xc0
[ 1141.734324][T19852]  should_fail_ex+0x39d/0x4d0
[ 1141.739404][T19852]  should_failslab+0x9/0x20
[ 1141.744060][T19852]  slab_pre_alloc_hook+0x59/0x310
[ 1141.749162][T19852]  kmem_cache_alloc_node+0x60/0x320
[ 1141.754693][T19852]  ? __alloc_skb+0x103/0x2c0
[ 1141.759539][T19852]  __alloc_skb+0x103/0x2c0
[ 1141.764120][T19852]  __ip_append_data+0x2b73/0x3d40
[ 1141.769245][T19852]  ? raw_send_hdrinc+0x1170/0x1170
[ 1141.774504][T19852]  ? mark_lock+0x94/0x320
[ 1141.778906][T19852]  ? ip_setup_cork+0x860/0x860
[ 1141.783816][T19852]  ? ip_setup_cork+0x530/0x860
[ 1141.788134][T19850] netlink: 'syz.1.4563': attribute type 10 has an invalid length.
[ 1141.789658][T19852]  ip_append_data+0x10d/0x180
[ 1141.789693][T19852]  ? raw_send_hdrinc+0x1170/0x1170
[ 1141.807457][T19852]  raw_sendmsg+0x15c1/0x1c00
[ 1141.812130][T19852]  ? compat_raw_ioctl+0x70/0x70
[ 1141.817052][T19852]  ? __lock_acquire+0x1273/0x7d40
[ 1141.822166][T19852]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[ 1141.828681][T19852]  ? sock_rps_record_flow+0x19/0x3f0
[ 1141.834124][T19852]  ? inet_sendmsg+0x7c/0x2f0
[ 1141.838869][T19852]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1141.844215][T19852]  ? security_socket_sendmsg+0x80/0xa0
[ 1141.849908][T19852]  ? inet_send_prepare+0x260/0x260
[ 1141.855080][T19852]  ____sys_sendmsg+0x5ba/0x960
[ 1141.859895][T19852]  ? __lock_acquire+0x7d40/0x7d40
[ 1141.865159][T19852]  ? __asan_memset+0x22/0x40
[ 1141.869805][T19852]  ? __sys_sendmsg_sock+0x30/0x30
[ 1141.875050][T19852]  ? __import_iovec+0x5f2/0x850
[ 1141.880040][T19852]  ? import_iovec+0x73/0xa0
[ 1141.884592][T19852]  ___sys_sendmsg+0x2a6/0x360
[ 1141.889494][T19852]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1141.894596][T19852]  ? __lock_acquire+0x7d40/0x7d40
[ 1141.899794][T19852]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1141.904794][T19852]  ? __x64_sys_sendmsg+0x80/0x80
[ 1141.909832][T19852]  ? lockdep_hardirqs_on+0x98/0x150
[ 1141.915078][T19852]  do_syscall_64+0x55/0xa0
[ 1141.919537][T19852]  ? clear_bhb_loop+0x40/0x90
[ 1141.924667][T19852]  ? clear_bhb_loop+0x40/0x90
[ 1141.929419][T19852]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1141.935462][T19852] RIP: 0033:0x7f5eda19c819
[ 1141.940017][T19852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1141.960119][T19852] RSP: 002b:00007f5edb137028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1141.968754][T19852] RAX: ffffffffffffffda RBX: 00007f5eda415fa0 RCX: 00007f5eda19c819
[ 1141.976785][T19852] RDX: 0000000020040000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1141.984803][T19852] RBP: 00007f5edb137090 R08: 0000000000000000 R09: 0000000000000000
[ 1141.992913][T19852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1142.001182][T19852] R13: 00007f5eda416038 R14: 00007f5eda415fa0 R15: 00007ffd3fd8fcd8
[ 1142.009241][T19852]  </TASK>
[ 1142.397616][T19866] netlink: 'syz.2.4568': attribute type 10 has an invalid length.
[ 1142.405626][T19866] netlink: 'syz.2.4568': attribute type 10 has an invalid length.
[ 1142.434120][T19866] netlink: 209216 bytes leftover after parsing attributes in process `syz.2.4568'.
[ 1142.480309][T19866] openvswitch: netlink: Message has 4 unknown bytes.
[ 1143.318492][T19872] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4571'.
[ 1143.641815][T19876] netlink: 'syz.2.4572': attribute type 46 has an invalid length.
[ 1143.664303][T19876] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4572'.
[ 1143.905272][T19887] netlink: 'syz.2.4577': attribute type 10 has an invalid length.
[ 1143.913370][T19887] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4577'.
[ 1143.976497][T19887] netlink: 'syz.2.4577': attribute type 10 has an invalid length.
[ 1144.225565][T19890] FAULT_INJECTION: forcing a failure.
[ 1144.225565][T19890] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1144.317887][T19890] CPU: 0 PID: 19890 Comm: syz.3.4578 Not tainted syzkaller #0
[ 1144.325649][T19890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1144.336017][T19890] Call Trace:
[ 1144.339450][T19890]  <TASK>
[ 1144.342407][T19890]  dump_stack_lvl+0x18c/0x250
[ 1144.347138][T19890]  ? show_regs_print_info+0x20/0x20
[ 1144.352400][T19890]  ? load_image+0x420/0x420
[ 1144.357056][T19890]  ? __might_fault+0xaa/0x120
[ 1144.361786][T19890]  ? __lock_acquire+0x7d40/0x7d40
[ 1144.366883][T19890]  should_fail_ex+0x39d/0x4d0
[ 1144.371966][T19890]  _copy_from_iter+0x1d9/0x12e0
[ 1144.376948][T19890]  ? slab_post_alloc_hook+0x8a/0x4b0
[ 1144.382285][T19890]  ? __virt_addr_valid+0x18c/0x540
[ 1144.387532][T19890]  ? __lock_acquire+0x7d40/0x7d40
[ 1144.392601][T19890]  ? rcu_is_watching+0x15/0xb0
[ 1144.397431][T19890]  ? copyout_mc+0x70/0x70
[ 1144.401815][T19890]  ? __virt_addr_valid+0x18c/0x540
[ 1144.406975][T19890]  ? __virt_addr_valid+0x18c/0x540
[ 1144.412135][T19890]  ? __virt_addr_valid+0x469/0x540
[ 1144.417294][T19890]  ? __check_object_size+0x506/0xa20
[ 1144.422638][T19890]  netlink_sendmsg+0x76b/0xbf0
[ 1144.427597][T19890]  ? netlink_getsockopt+0x590/0x590
[ 1144.432942][T19890]  ? aa_sock_msg_perm+0x94/0x150
[ 1144.438012][T19890]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1144.443337][T19890]  ? security_socket_sendmsg+0x80/0xa0
[ 1144.449102][T19890]  ? netlink_getsockopt+0x590/0x590
[ 1144.454366][T19890]  ____sys_sendmsg+0x5ba/0x960
[ 1144.459186][T19890]  ? __asan_memset+0x22/0x40
[ 1144.463824][T19890]  ? __sys_sendmsg_sock+0x30/0x30
[ 1144.468883][T19890]  ? __import_iovec+0x5f2/0x850
[ 1144.473892][T19890]  ? import_iovec+0x73/0xa0
[ 1144.479175][T19890]  ___sys_sendmsg+0x2a6/0x360
[ 1144.484010][T19890]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1144.488854][T19890]  ? trace_call_bpf+0xc3/0x6c0
[ 1144.493767][T19890]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1144.499106][T19890]  ? __x64_sys_sendmsg+0x80/0x80
[ 1144.504108][T19890]  ? lockdep_hardirqs_on+0x98/0x150
[ 1144.509369][T19890]  do_syscall_64+0x55/0xa0
[ 1144.513993][T19890]  ? clear_bhb_loop+0x40/0x90
[ 1144.518731][T19890]  ? clear_bhb_loop+0x40/0x90
[ 1144.523656][T19890]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1144.529704][T19890] RIP: 0033:0x7fd43799c819
[ 1144.534172][T19890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1144.554361][T19890] RSP: 002b:00007fd4387df028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1144.562993][T19890] RAX: ffffffffffffffda RBX: 00007fd437c15fa0 RCX: 00007fd43799c819
[ 1144.571018][T19890] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1144.579218][T19890] RBP: 00007fd4387df090 R08: 0000000000000000 R09: 0000000000000000
[ 1144.587334][T19890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1144.595626][T19890] R13: 00007fd437c16038 R14: 00007fd437c15fa0 R15: 00007ffccb805868
[ 1144.603835][T19890]  </TASK>
[ 1144.725408][ T5782] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1144.738055][ T5782] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1144.751550][ T5782] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1144.769982][ T5782] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1144.782526][ T5782] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1144.790753][ T5782] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1146.062207][   T64] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.232564][   T64] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.280367][T19907] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4581'.
[ 1146.450580][   T64] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.607586][   T64] batman_adv: batadv0: Removing interface: netdevsim0
[ 1146.642312][   T64] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.900564][T19921] FAULT_INJECTION: forcing a failure.
[ 1146.900564][T19921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1146.924425][ T5782] Bluetooth: hci3: command tx timeout
[ 1146.954211][T19921] CPU: 0 PID: 19921 Comm: syz.3.4585 Not tainted syzkaller #0
[ 1146.961758][T19921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1146.971869][T19921] Call Trace:
[ 1146.975198][T19921]  <TASK>
[ 1146.978171][T19921]  dump_stack_lvl+0x18c/0x250
[ 1146.983099][T19921]  ? show_regs_print_info+0x20/0x20
[ 1146.988457][T19921]  ? load_image+0x420/0x420
[ 1146.993031][T19921]  ? __might_fault+0xaa/0x120
[ 1146.997797][T19921]  ? __lock_acquire+0x7d40/0x7d40
[ 1147.003086][T19921]  should_fail_ex+0x39d/0x4d0
[ 1147.007928][T19921]  _copy_from_user+0x2f/0xe0
[ 1147.012577][T19921]  __sys_bpf+0x23e/0x890
[ 1147.017146][T19921]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1147.022774][T19921]  ? lock_chain_count+0x20/0x20
[ 1147.028162][T19921]  __x64_sys_bpf+0x7c/0x90
[ 1147.032732][T19921]  do_syscall_64+0x55/0xa0
[ 1147.037203][T19921]  ? clear_bhb_loop+0x40/0x90
[ 1147.042019][T19921]  ? clear_bhb_loop+0x40/0x90
[ 1147.046838][T19921]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1147.052898][T19921] RIP: 0033:0x7fd43799c819
[ 1147.057365][T19921] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1147.077098][T19921] RSP: 002b:00007fd4387df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1147.085541][T19921] RAX: ffffffffffffffda RBX: 00007fd437c15fa0 RCX: 00007fd43799c819
[ 1147.093526][T19921] RDX: 0000000000000038 RSI: 0000200000000900 RDI: 000000000000001a
[ 1147.101535][T19921] RBP: 00007fd4387df090 R08: 0000000000000000 R09: 0000000000000000
[ 1147.109722][T19921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1147.117978][T19921] R13: 00007fd437c16038 R14: 00007fd437c15fa0 R15: 00007ffccb805868
[ 1147.126244][T19921]  </TASK>
[ 1147.184324][T19927] netlink: 'syz.2.4586': attribute type 10 has an invalid length.
[ 1147.214095][T19927] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4586'.
[ 1147.230343][T19929] netlink: 'syz.0.4587': attribute type 1 has an invalid length.
[ 1147.257816][T19927] netlink: 'syz.2.4586': attribute type 10 has an invalid length.
[ 1147.259219][T19929] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4587'.
[ 1147.554055][T19895] chnl_net:caif_netlink_parms(): no params data found
[ 1148.184916][T19951] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4591'.
[ 1148.472886][T19895] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1148.518612][T19895] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1148.634421][T19895] bridge_slave_0: entered allmulticast mode
[ 1148.642034][T19895] bridge_slave_0: entered promiscuous mode
[ 1148.994143][ T5782] Bluetooth: hci3: command tx timeout
[ 1149.146832][T19971] FAULT_INJECTION: forcing a failure.
[ 1149.146832][T19971] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1149.174043][T19971] CPU: 1 PID: 19971 Comm: syz.3.4594 Not tainted syzkaller #0
[ 1149.181712][T19971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1149.191815][T19971] Call Trace:
[ 1149.195131][T19971]  <TASK>
[ 1149.198095][T19971]  dump_stack_lvl+0x18c/0x250
[ 1149.202831][T19971]  ? show_regs_print_info+0x20/0x20
[ 1149.208081][T19971]  ? load_image+0x420/0x420
[ 1149.212916][T19971]  ? __might_fault+0xaa/0x120
[ 1149.217741][T19971]  ? __lock_acquire+0x7d40/0x7d40
[ 1149.222836][T19971]  should_fail_ex+0x39d/0x4d0
[ 1149.227658][T19971]  _copy_to_user+0x2f/0xa0
[ 1149.232129][T19971]  bpf_test_finish+0x19f/0x650
[ 1149.237125][T19971]  ? convert___skb_to_skb+0x590/0x590
[ 1149.242639][T19971]  ? convert_skb_to___skb+0x420/0x420
[ 1149.248249][T19971]  ? slab_build_skb+0x25f/0x3f0
[ 1149.253161][T19971]  bpf_prog_test_run_skb+0xcc3/0x12b0
[ 1149.258756][T19971]  ? cpu_online+0x60/0x60
[ 1149.263105][T19971]  bpf_prog_test_run+0x321/0x390
[ 1149.268065][T19971]  __sys_bpf+0x49d/0x890
[ 1149.272351][T19971]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1149.277795][T19971]  ? lock_chain_count+0x20/0x20
[ 1149.282678][T19971]  __x64_sys_bpf+0x7c/0x90
[ 1149.287208][T19971]  do_syscall_64+0x55/0xa0
[ 1149.291729][T19971]  ? clear_bhb_loop+0x40/0x90
[ 1149.296427][T19971]  ? clear_bhb_loop+0x40/0x90
[ 1149.301129][T19971]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1149.307136][T19971] RIP: 0033:0x7fd43799c819
[ 1149.311671][T19971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1149.331488][T19971] RSP: 002b:00007fd4387be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1149.340026][T19971] RAX: ffffffffffffffda RBX: 00007fd437c16090 RCX: 00007fd43799c819
[ 1149.348017][T19971] RDX: 0000000000000028 RSI: 0000200000000180 RDI: 000000000000000a
[ 1149.356366][T19971] RBP: 00007fd4387be090 R08: 0000000000000000 R09: 0000000000000000
[ 1149.364358][T19971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1149.372450][T19971] R13: 00007fd437c16128 R14: 00007fd437c16090 R15: 00007ffccb805868
[ 1149.380539][T19971]  </TASK>
[ 1149.599631][T19895] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1149.606991][T19895] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1149.617722][T19895] bridge_slave_1: entered allmulticast mode
[ 1149.628438][T19895] bridge_slave_1: entered promiscuous mode
[ 1149.803477][T19895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1150.227278][T19895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1150.374511][T19895] team0: Port device team_slave_0 added
[ 1150.384463][T19895] team0: Port device team_slave_1 added
[ 1150.444842][T19984] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[ 1150.540515][T19895] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1150.573626][T19895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1150.629061][T19989] netlink: 'syz.0.4599': attribute type 1 has an invalid length.
[ 1150.634180][T19895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1150.657578][T19989] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4599'.
[ 1150.672486][T19895] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1150.690271][T19895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1150.748668][T19895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1150.880530][T19991] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4600'.
[ 1151.064662][ T5782] Bluetooth: hci3: command tx timeout
[ 1151.217753][T19895] hsr_slave_0: entered promiscuous mode
[ 1151.238175][T19895] hsr_slave_1: entered promiscuous mode
[ 1151.249276][T19895] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1151.263350][T19895] Cannot create hsr debugfs directory
[ 1152.131385][T20015] netlink: 'syz.0.4605': attribute type 10 has an invalid length.
[ 1152.171642][T20015] netlink: 'syz.0.4605': attribute type 10 has an invalid length.
[ 1152.223117][T20015] netlink: 209216 bytes leftover after parsing attributes in process `syz.0.4605'.
[ 1152.295562][T20015] openvswitch: netlink: Message has 4 unknown bytes.
[ 1152.472819][T20017] FAULT_INJECTION: forcing a failure.
[ 1152.472819][T20017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1152.503602][T20017] CPU: 1 PID: 20017 Comm: syz.2.4606 Not tainted syzkaller #0
[ 1152.511146][T20017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1152.521251][T20017] Call Trace:
[ 1152.524653][T20017]  <TASK>
[ 1152.527627][T20017]  dump_stack_lvl+0x18c/0x250
[ 1152.532372][T20017]  ? show_regs_print_info+0x20/0x20
[ 1152.537642][T20017]  ? load_image+0x420/0x420
[ 1152.542308][T20017]  ? __lock_acquire+0x7d40/0x7d40
[ 1152.547383][T20017]  ? snprintf+0xe9/0x140
[ 1152.551776][T20017]  should_fail_ex+0x39d/0x4d0
[ 1152.556512][T20017]  _copy_to_user+0x2f/0xa0
[ 1152.560977][T20017]  simple_read_from_buffer+0xe7/0x150
[ 1152.566500][T20017]  proc_fail_nth_read+0x1e8/0x260
[ 1152.571759][T20017]  ? proc_fault_inject_write+0x360/0x360
[ 1152.577520][T20017]  ? fsnotify_perm+0x271/0x5e0
[ 1152.582333][T20017]  ? proc_fault_inject_write+0x360/0x360
[ 1152.588029][T20017]  vfs_read+0x28b/0x970
[ 1152.592263][T20017]  ? kernel_read+0x1e0/0x1e0
[ 1152.597086][T20017]  ? __fget_files+0x28/0x4b0
[ 1152.601731][T20017]  ? __fget_files+0x28/0x4b0
[ 1152.606638][T20017]  ? __fget_files+0x43d/0x4b0
[ 1152.611550][T20017]  ? __fdget_pos+0x2a3/0x330
[ 1152.616190][T20017]  ? ksys_read+0x75/0x260
[ 1152.620581][T20017]  ksys_read+0x150/0x260
[ 1152.624890][T20017]  ? vfs_write+0x990/0x990
[ 1152.629467][T20017]  ? lockdep_hardirqs_on+0x98/0x150
[ 1152.634724][T20017]  do_syscall_64+0x55/0xa0
[ 1152.639452][T20017]  ? clear_bhb_loop+0x40/0x90
[ 1152.644180][T20017]  ? clear_bhb_loop+0x40/0x90
[ 1152.648906][T20017]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1152.654932][T20017] RIP: 0033:0x7f5eda15d04e
[ 1152.659383][T20017] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1152.679120][T20017] RSP: 002b:00007f5edb136fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1152.687579][T20017] RAX: ffffffffffffffda RBX: 00007f5edb1376c0 RCX: 00007f5eda15d04e
[ 1152.695678][T20017] RDX: 000000000000000f RSI: 00007f5edb1370a0 RDI: 0000000000000031
[ 1152.703781][T20017] RBP: 00007f5edb137090 R08: 0000000000000000 R09: 0000000000000000
[ 1152.712180][T20017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1152.720373][T20017] R13: 00007f5eda416038 R14: 00007f5eda415fa0 R15: 00007ffd3fd8fcd8
[ 1152.728437][T20017]  </TASK>
[ 1153.145541][ T5782] Bluetooth: hci3: command tx timeout
[ 1153.330806][T20043] FAULT_INJECTION: forcing a failure.
[ 1153.330806][T20043] name failslab, interval 1, probability 0, space 0, times 0
[ 1153.339593][T20038] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4610'.
[ 1153.484179][T20043] CPU: 1 PID: 20043 Comm: syz.3.4611 Not tainted syzkaller #0
[ 1153.491821][T20043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1153.501997][T20043] Call Trace:
[ 1153.505314][T20043]  <TASK>
[ 1153.508431][T20043]  dump_stack_lvl+0x18c/0x250
[ 1153.513186][T20043]  ? trace_event_raw_event_lock+0x250/0x250
[ 1153.519334][T20043]  ? show_regs_print_info+0x20/0x20
[ 1153.524612][T20043]  ? load_image+0x420/0x420
[ 1153.529186][T20043]  should_fail_ex+0x39d/0x4d0
[ 1153.534009][T20043]  should_failslab+0x9/0x20
[ 1153.538572][T20043]  slab_pre_alloc_hook+0x59/0x310
[ 1153.544192][T20043]  kmem_cache_alloc+0x5a/0x2d0
[ 1153.549040][T20043]  ? __nf_conntrack_alloc+0x99/0x380
[ 1153.554485][T20043]  __nf_conntrack_alloc+0x99/0x380
[ 1153.559922][T20043]  init_conntrack+0x177/0xf10
[ 1153.564659][T20043]  ? early_drop+0x7f0/0x7f0
[ 1153.569334][T20043]  ? nf_conntrack_find_get+0x650/0x650
[ 1153.575124][T20043]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1153.580670][T20043]  ? __siphash_unaligned+0x22e/0x3a0
[ 1153.586020][T20043]  nf_conntrack_in+0xc06/0x15c0
[ 1153.590961][T20043]  ? nf_ct_pernet+0x270/0x270
[ 1153.595707][T20043]  ? ipt_do_table+0x2c1/0x15e0
[ 1153.600607][T20043]  ? ipv4_conntrack_defrag+0x29d/0x5a0
[ 1153.606318][T20043]  ? ip_select_ttl+0xb1/0x330
[ 1153.611050][T20043]  ? ipv4_conntrack_local+0x123/0x200
[ 1153.616656][T20043]  ? ipv4_conntrack_in+0x20/0x20
[ 1153.621648][T20043]  nf_hook_slow+0xbd/0x200
[ 1153.626129][T20043]  ? nf_hook+0x390/0x390
[ 1153.630661][T20043]  nf_hook+0x228/0x390
[ 1153.634828][T20043]  ? nf_hook+0xa2/0x390
[ 1153.639088][T20043]  ? __ip_local_out+0x5f0/0x5f0
[ 1153.643968][T20043]  ? nf_hook+0x390/0x390
[ 1153.648266][T20043]  ? ip_fast_csum+0x1ee/0x2b0
[ 1153.653084][T20043]  __ip_local_out+0x4db/0x5f0
[ 1153.657924][T20043]  ? nf_hook+0x390/0x390
[ 1153.662655][T20043]  ip_send_skb+0x4c/0x1d0
[ 1153.667033][T20043]  raw_sendmsg+0x163e/0x1c00
[ 1153.671864][T20043]  ? compat_raw_ioctl+0x70/0x70
[ 1153.676900][T20043]  ? __lock_acquire+0x1273/0x7d40
[ 1153.682404][T20043]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[ 1153.688945][T20043]  ? sock_rps_record_flow+0x19/0x3f0
[ 1153.694530][T20043]  ? inet_sendmsg+0x7c/0x2f0
[ 1153.699252][T20043]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1153.704657][T20043]  ? security_socket_sendmsg+0x80/0xa0
[ 1153.710353][T20043]  ? inet_send_prepare+0x260/0x260
[ 1153.715580][T20043]  ____sys_sendmsg+0x5ba/0x960
[ 1153.720824][T20043]  ? __lock_acquire+0x7d40/0x7d40
[ 1153.725889][T20043]  ? __asan_memset+0x22/0x40
[ 1153.730693][T20043]  ? __sys_sendmsg_sock+0x30/0x30
[ 1153.736002][T20043]  ? __import_iovec+0x5f2/0x850
[ 1153.741040][T20043]  ? import_iovec+0x73/0xa0
[ 1153.745747][T20043]  ___sys_sendmsg+0x2a6/0x360
[ 1153.750634][T20043]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1153.755424][T20043]  ? trace_call_bpf+0xc3/0x6c0
[ 1153.760565][T20043]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1153.765526][T20043]  ? __x64_sys_sendmsg+0x80/0x80
[ 1153.770526][T20043]  ? lockdep_hardirqs_on+0x98/0x150
[ 1153.775836][T20043]  do_syscall_64+0x55/0xa0
[ 1153.780344][T20043]  ? clear_bhb_loop+0x40/0x90
[ 1153.785128][T20043]  ? clear_bhb_loop+0x40/0x90
[ 1153.789849][T20043]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1153.796040][T20043] RIP: 0033:0x7fd43799c819
[ 1153.800485][T20043] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1153.820721][T20043] RSP: 002b:00007fd4387df028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1153.829234][T20043] RAX: ffffffffffffffda RBX: 00007fd437c15fa0 RCX: 00007fd43799c819
[ 1153.837489][T20043] RDX: 0000000020040000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1153.845570][T20043] RBP: 00007fd4387df090 R08: 0000000000000000 R09: 0000000000000000
[ 1153.853657][T20043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1153.861916][T20043] R13: 00007fd437c16038 R14: 00007fd437c15fa0 R15: 00007ffccb805868
[ 1153.870291][T20043]  </TASK>
[ 1154.007771][   T64] hsr_slave_0: left promiscuous mode
[ 1154.026697][   T64] hsr_slave_1: left promiscuous mode
[ 1154.041951][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1154.058666][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1154.082209][T20048] netlink: 'syz.0.4613': attribute type 1 has an invalid length.
[ 1154.095668][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1154.125841][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1154.152024][T20048] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4613'.
[ 1154.194457][   T64] batman_adv: batadv0: Interface deactivated: veth1_virt_wifi
[ 1154.202348][   T64] batman_adv: batadv0: Removing interface: veth1_virt_wifi
[ 1154.422493][   T64] veth1_macvtap: left promiscuous mode
[ 1155.409084][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1155.471647][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1155.851870][   T64] bond0 (unregistering): Released all slaves
[ 1156.053603][T20063] netlink: 'syz.0.4624': attribute type 1 has an invalid length.
[ 1156.108662][T20063] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4624'.
[ 1156.610873][T20073] netlink: 'syz.3.4617': attribute type 10 has an invalid length.
[ 1156.714380][T20073] netlink: 'syz.3.4617': attribute type 10 has an invalid length.
[ 1156.824354][T20073] netlink: 209216 bytes leftover after parsing attributes in process `syz.3.4617'.
[ 1156.836846][T20073] openvswitch: netlink: Message has 4 unknown bytes.
[ 1158.807739][T20092] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4623'.
[ 1158.896252][T19895] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1158.968755][T19895] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1159.017826][T19895] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1159.065934][T19895] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1159.311682][T20103] netlink: 'syz.3.4627': attribute type 1 has an invalid length.
[ 1159.345339][T20103] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.4627'.
[ 1159.418041][T19895] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1159.565865][T19895] 8021q: adding VLAN 0 to HW filter on device team0
[ 1159.596976][ T4319] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1159.604542][ T4319] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1159.705266][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1159.712738][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1160.536959][T19895] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1160.662636][T19895] veth0_vlan: entered promiscuous mode
[ 1160.698508][T19895] veth1_vlan: entered promiscuous mode
[ 1160.783800][T19895] veth0_macvtap: entered promiscuous mode
[ 1160.800460][T19895] veth1_macvtap: entered promiscuous mode
[ 1160.848117][T19895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1160.874252][T19895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1160.897658][T19895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1160.909224][T19895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1160.932692][T19895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1160.954469][T19895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1160.976477][T19895] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1161.003712][T19895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1161.035158][T19895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.050328][T19895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1161.064619][T19895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.099685][T19895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1161.124014][T19895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.155773][T19895] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1161.201555][T19895] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1161.234122][T19895] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1161.243172][T19895] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1161.281025][T19895] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1161.454651][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1161.462521][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1161.545923][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1161.567619][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1161.903616][T20150] netlink: 'syz.0.4637': attribute type 1 has an invalid length.
[ 1161.934321][T20150] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4637'.
[ 1162.840615][T20162] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4633'.
[ 1163.446737][T20166] netlink: 'syz.1.4630': attribute type 10 has an invalid length.
[ 1163.485453][T20166] netlink: 'syz.1.4630': attribute type 10 has an invalid length.
[ 1163.493470][T20166] netlink: 209216 bytes leftover after parsing attributes in process `syz.1.4630'.
[ 1163.534495][T20166] openvswitch: netlink: Message has 4 unknown bytes.
[ 1164.060584][T20169] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1164.602570][T20187] FAULT_INJECTION: forcing a failure.
[ 1164.602570][T20187] name failslab, interval 1, probability 0, space 0, times 0
[ 1164.624285][T20187] CPU: 1 PID: 20187 Comm: syz.1.4642 Not tainted syzkaller #0
[ 1164.632014][T20187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1164.642113][T20187] Call Trace:
[ 1164.645472][T20187]  <TASK>
[ 1164.648443][T20187]  dump_stack_lvl+0x18c/0x250
[ 1164.653172][T20187]  ? trace_event_raw_event_lock+0x250/0x250
[ 1164.659207][T20187]  ? show_regs_print_info+0x20/0x20
[ 1164.664487][T20187]  ? load_image+0x420/0x420
[ 1164.669410][T20187]  should_fail_ex+0x39d/0x4d0
[ 1164.674334][T20187]  should_failslab+0x9/0x20
[ 1164.679233][T20187]  slab_pre_alloc_hook+0x59/0x310
[ 1164.684328][T20187]  kmem_cache_alloc+0x5a/0x2d0
[ 1164.689235][T20187]  ? __nf_conntrack_alloc+0x99/0x380
[ 1164.694608][T20187]  __nf_conntrack_alloc+0x99/0x380
[ 1164.699968][T20187]  init_conntrack+0x177/0xf10
[ 1164.705436][T20187]  ? early_drop+0x7f0/0x7f0
[ 1164.710009][T20187]  ? nf_conntrack_find_get+0x650/0x650
[ 1164.715607][T20187]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1164.722300][T20187]  ? __siphash_unaligned+0x22e/0x3a0
[ 1164.727834][T20187]  nf_conntrack_in+0xc06/0x15c0
[ 1164.732767][T20187]  ? nf_ct_pernet+0x270/0x270
[ 1164.737495][T20187]  ? ipt_do_table+0x2c1/0x15e0
[ 1164.742315][T20187]  ? ipv4_conntrack_defrag+0x29d/0x5a0
[ 1164.747821][T20187]  ? ip_select_ttl+0xb1/0x330
[ 1164.752533][T20187]  ? ipv4_conntrack_local+0x123/0x200
[ 1164.757955][T20187]  ? ipv4_conntrack_in+0x20/0x20
[ 1164.763029][T20187]  nf_hook_slow+0xbd/0x200
[ 1164.767923][T20187]  ? nf_hook+0x390/0x390
[ 1164.772210][T20187]  nf_hook+0x228/0x390
[ 1164.776503][T20187]  ? nf_hook+0xa2/0x390
[ 1164.780703][T20187]  ? __ip_local_out+0x5f0/0x5f0
[ 1164.785685][T20187]  ? nf_hook+0x390/0x390
[ 1164.789992][T20187]  ? ip_fast_csum+0x1ee/0x2b0
[ 1164.794810][T20187]  __ip_local_out+0x4db/0x5f0
[ 1164.799553][T20187]  ? nf_hook+0x390/0x390
[ 1164.803836][T20187]  ip_send_skb+0x4c/0x1d0
[ 1164.808306][T20187]  raw_sendmsg+0x163e/0x1c00
[ 1164.813269][T20187]  ? compat_raw_ioctl+0x70/0x70
[ 1164.818182][T20187]  ? __lock_acquire+0x1273/0x7d40
[ 1164.823284][T20187]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[ 1164.829833][T20187]  ? sock_rps_record_flow+0x19/0x3f0
[ 1164.835524][T20187]  ? inet_sendmsg+0x7c/0x2f0
[ 1164.840327][T20187]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1164.845755][T20187]  ? security_socket_sendmsg+0x80/0xa0
[ 1164.851431][T20187]  ? inet_send_prepare+0x260/0x260
[ 1164.856676][T20187]  ____sys_sendmsg+0x5ba/0x960
[ 1164.861621][T20187]  ? __lock_acquire+0x7d40/0x7d40
[ 1164.867139][T20187]  ? __asan_memset+0x22/0x40
[ 1164.871915][T20187]  ? __sys_sendmsg_sock+0x30/0x30
[ 1164.876992][T20187]  ? __import_iovec+0x5f2/0x850
[ 1164.881904][T20187]  ? import_iovec+0x73/0xa0
[ 1164.886461][T20187]  ___sys_sendmsg+0x2a6/0x360
[ 1164.891192][T20187]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1164.896036][T20187]  ? trace_call_bpf+0xc3/0x6c0
[ 1164.900886][T20187]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1164.905781][T20187]  ? __x64_sys_sendmsg+0x80/0x80
[ 1164.910817][T20187]  ? lockdep_hardirqs_on+0x98/0x150
[ 1164.916091][T20187]  do_syscall_64+0x55/0xa0
[ 1164.920545][T20187]  ? clear_bhb_loop+0x40/0x90
[ 1164.925266][T20187]  ? clear_bhb_loop+0x40/0x90
[ 1164.929994][T20187]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1164.936021][T20187] RIP: 0033:0x7f426279c819
[ 1164.940479][T20187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1164.960318][T20187] RSP: 002b:00007f426370d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1164.969185][T20187] RAX: ffffffffffffffda RBX: 00007f4262a15fa0 RCX: 00007f426279c819
[ 1164.977393][T20187] RDX: 0000000020040000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1164.985772][T20187] RBP: 00007f426370d090 R08: 0000000000000000 R09: 0000000000000000
[ 1164.993923][T20187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1165.002129][T20187] R13: 00007f4262a16038 R14: 00007f4262a15fa0 R15: 00007ffe3769e948
[ 1165.010206][T20187]  </TASK>
[ 1165.285622][T20193] netlink: 'syz.0.4644': attribute type 1 has an invalid length.
[ 1165.323029][T20193] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4644'.
[ 1165.485069][T20196] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4645'.
[ 1166.098848][T20207] netlink: 180 bytes leftover after parsing attributes in process `syz.3.4649'.
[ 1166.287836][T20203] mac80211_hwsim hwsim20 wlan0: entered promiscuous mode
[ 1166.303118][T20203] mac80211_hwsim hwsim20 wlan0: entered allmulticast mode
[ 1166.346150][T20212] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4653'.
[ 1166.376459][T20212] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4653'.
[ 1167.482148][T20230] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4659'.
[ 1168.027275][T20242] netlink: 'syz.1.4663': attribute type 1 has an invalid length.
[ 1168.048033][T20242] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4663'.
[ 1168.089905][T20239] netlink: 'syz.2.4662': attribute type 17 has an invalid length.
[ 1168.124110][T20239] netlink: 'syz.2.4662': attribute type 16 has an invalid length.
[ 1168.132203][T20239] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4662'.
[ 1172.288612][T20272] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4673'.
[ 1172.692833][T20280] FAULT_INJECTION: forcing a failure.
[ 1172.692833][T20280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1172.759312][T20280] CPU: 1 PID: 20280 Comm: syz.3.4674 Not tainted syzkaller #0
[ 1172.766902][T20280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1172.777124][T20280] Call Trace:
[ 1172.780471][T20280]  <TASK>
[ 1172.783487][T20280]  dump_stack_lvl+0x18c/0x250
[ 1172.788475][T20280]  ? show_regs_print_info+0x20/0x20
[ 1172.793885][T20280]  ? load_image+0x420/0x420
[ 1172.798613][T20280]  ? __might_fault+0xaa/0x120
[ 1172.803782][T20280]  ? __lock_acquire+0x7d40/0x7d40
[ 1172.809193][T20280]  should_fail_ex+0x39d/0x4d0
[ 1172.814125][T20280]  _copy_from_user+0x2f/0xe0
[ 1172.818816][T20280]  ip_tunnel_siocdevprivate+0xc2/0x1f0
[ 1172.824346][T20280]  ? dev_ioctl+0x83c/0x1140
[ 1172.828955][T20280]  ? ip_tunnel_update+0xb10/0xb10
[ 1172.834188][T20280]  ? dev_ifsioc+0x958/0xc40
[ 1172.838981][T20280]  dev_ioctl+0x84c/0x1140
[ 1172.843419][T20280]  sock_ioctl+0x74c/0x7e0
[ 1172.847839][T20280]  ? sock_poll+0x3e0/0x3e0
[ 1172.852385][T20280]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1172.857396][T20280]  ? security_file_ioctl+0x80/0xa0
[ 1172.862668][T20280]  ? sock_poll+0x3e0/0x3e0
[ 1172.867143][T20280]  __se_sys_ioctl+0xfd/0x170
[ 1172.871958][T20280]  do_syscall_64+0x55/0xa0
[ 1172.876406][T20280]  ? clear_bhb_loop+0x40/0x90
[ 1172.881119][T20280]  ? clear_bhb_loop+0x40/0x90
[ 1172.885928][T20280]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1172.891947][T20280] RIP: 0033:0x7fd43799c819
[ 1172.896404][T20280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1172.916136][T20280] RSP: 002b:00007fd4387df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1172.924771][T20280] RAX: ffffffffffffffda RBX: 00007fd437c15fa0 RCX: 00007fd43799c819
[ 1172.932867][T20280] RDX: 0000200000000900 RSI: 00000000000089f0 RDI: 0000000000000006
[ 1172.941141][T20280] RBP: 00007fd4387df090 R08: 0000000000000000 R09: 0000000000000000
[ 1172.949233][T20280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1172.957355][T20280] R13: 00007fd437c16038 R14: 00007fd437c15fa0 R15: 00007ffccb805868
[ 1172.965512][T20280]  </TASK>
[ 1173.267378][T20283] netlink: 'syz.2.4675': attribute type 17 has an invalid length.
[ 1173.291713][T20287] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4676'.
[ 1173.304091][T20283] netlink: 'syz.2.4675': attribute type 16 has an invalid length.
[ 1173.333042][T20283] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4675'.
[ 1173.840047][T20291] netlink: 'syz.1.4678': attribute type 1 has an invalid length.
[ 1173.863938][T20289] netlink: 'syz.0.4677': attribute type 10 has an invalid length.
[ 1173.874214][T20291] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4678'.
[ 1173.954364][T20289] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4677'.
[ 1175.159829][T20306] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4683'.
[ 1175.913699][T20314] FAULT_INJECTION: forcing a failure.
[ 1175.913699][T20314] name failslab, interval 1, probability 0, space 0, times 0
[ 1175.972876][T20314] CPU: 0 PID: 20314 Comm: syz.2.4687 Not tainted syzkaller #0
[ 1175.980455][T20314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1175.990553][T20314] Call Trace:
[ 1175.993975][T20314]  <TASK>
[ 1175.996957][T20314]  dump_stack_lvl+0x18c/0x250
[ 1176.001706][T20314]  ? show_regs_print_info+0x20/0x20
[ 1176.006949][T20314]  ? load_image+0x420/0x420
[ 1176.011589][T20314]  ? __might_sleep+0xe0/0xe0
[ 1176.016222][T20314]  ? __lock_acquire+0x7d40/0x7d40
[ 1176.021303][T20314]  should_fail_ex+0x39d/0x4d0
[ 1176.026130][T20314]  should_failslab+0x9/0x20
[ 1176.030675][T20314]  slab_pre_alloc_hook+0x59/0x310
[ 1176.035919][T20314]  ? kvmalloc_node+0x70/0x180
[ 1176.040727][T20314]  ? kvmalloc_node+0x70/0x180
[ 1176.045553][T20314]  __kmem_cache_alloc_node+0x53/0x250
[ 1176.051427][T20314]  ? kvmalloc_node+0x70/0x180
[ 1176.056180][T20314]  __kmalloc_node+0xa4/0x230
[ 1176.060833][T20314]  kvmalloc_node+0x70/0x180
[ 1176.065399][T20314]  page_pool_create+0x1eb/0x5c0
[ 1176.070312][T20314]  __veth_napi_enable_range+0x195/0x700
[ 1176.075932][T20314]  ? __skb_frag_ref+0x1c0/0x1c0
[ 1176.080849][T20314]  ? netif_napi_add_weight+0xa22/0xdf0
[ 1176.086370][T20314]  veth_napi_enable_range+0xd0/0x150
[ 1176.091745][T20314]  veth_set_features+0x1c8/0x2a0
[ 1176.096765][T20314]  __netdev_update_features+0x9cb/0x18e0
[ 1176.102565][T20314]  ? perf_trace_lock+0x304/0x3b0
[ 1176.107763][T20314]  ? dev_xdp_attach+0x1030/0x1030
[ 1176.112971][T20314]  ? __might_fault+0xaa/0x120
[ 1176.117866][T20314]  ? __lock_acquire+0x7d40/0x7d40
[ 1176.123119][T20314]  ? aa_get_newest_label+0xfd/0x5c0
[ 1176.128448][T20314]  ? __might_fault+0xaa/0x120
[ 1176.133160][T20314]  ? __might_fault+0xc6/0x120
[ 1176.137951][T20314]  ? __might_fault+0xaa/0x120
[ 1176.142686][T20314]  ethtool_set_one_feature+0x2a8/0x2f0
[ 1176.148274][T20314]  ? apparmor_capable+0x137/0x1a0
[ 1176.153459][T20314]  ? ethtool_get_one_feature+0x280/0x280
[ 1176.159169][T20314]  ? security_capable+0x89/0xb0
[ 1176.164190][T20314]  dev_ethtool+0xfd7/0x18d0
[ 1176.168772][T20314]  ? ethtool_get_module_eeprom_call+0x170/0x170
[ 1176.175146][T20314]  ? __lock_acquire+0x7d40/0x7d40
[ 1176.180222][T20314]  ? __might_fault+0xaa/0x120
[ 1176.184936][T20314]  ? full_name_hash+0x92/0xe0
[ 1176.189673][T20314]  ? dev_load+0x21/0x1f0
[ 1176.193993][T20314]  dev_ioctl+0x392/0x1140
[ 1176.198664][T20314]  sock_do_ioctl+0x239/0x310
[ 1176.203401][T20314]  ? sock_show_fdinfo+0xb0/0xb0
[ 1176.208685][T20314]  sock_ioctl+0x5ba/0x7e0
[ 1176.213061][T20314]  ? sock_poll+0x3e0/0x3e0
[ 1176.217545][T20314]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1176.222641][T20314]  ? security_file_ioctl+0x80/0xa0
[ 1176.227833][T20314]  ? sock_poll+0x3e0/0x3e0
[ 1176.232405][T20314]  __se_sys_ioctl+0xfd/0x170
[ 1176.237143][T20314]  do_syscall_64+0x55/0xa0
[ 1176.241777][T20314]  ? clear_bhb_loop+0x40/0x90
[ 1176.246496][T20314]  ? clear_bhb_loop+0x40/0x90
[ 1176.251310][T20314]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1176.257349][T20314] RIP: 0033:0x7f5eda19c819
[ 1176.261807][T20314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1176.281538][T20314] RSP: 002b:00007f5edb137028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1176.290113][T20314] RAX: ffffffffffffffda RBX: 00007f5eda415fa0 RCX: 00007f5eda19c819
[ 1176.298216][T20314] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000002f
[ 1176.306226][T20314] RBP: 00007f5edb137090 R08: 0000000000000000 R09: 0000000000000000
[ 1176.314322][T20314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1176.322326][T20314] R13: 00007f5eda416038 R14: 00007f5eda415fa0 R15: 00007ffd3fd8fcd8
[ 1176.330470][T20314]  </TASK>
[ 1176.397738][T20314] page_pool_create() gave up with errno -12
[ 1176.438301][T20314] veth1_virt_wifi: set_features() failed (-12); wanted 0x000061164fdd59e9, left 0x000061164fdd19e9
[ 1177.665375][T20332] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4695'.
[ 1177.715685][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.744280][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.915687][T20334] netlink: 'syz.0.4693': attribute type 1 has an invalid length.
[ 1177.994295][T20334] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4693'.
[ 1179.072669][T20349] FAULT_INJECTION: forcing a failure.
[ 1179.072669][T20349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1179.114145][T20349] CPU: 1 PID: 20349 Comm: syz.1.4699 Not tainted syzkaller #0
[ 1179.122010][T20349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1179.132231][T20349] Call Trace:
[ 1179.135577][T20349]  <TASK>
[ 1179.138578][T20349]  dump_stack_lvl+0x18c/0x250
[ 1179.143352][T20349]  ? show_regs_print_info+0x20/0x20
[ 1179.148638][T20349]  ? load_image+0x420/0x420
[ 1179.153198][T20349]  ? __lock_acquire+0x7d40/0x7d40
[ 1179.158355][T20349]  ? snprintf+0xe9/0x140
[ 1179.163095][T20349]  should_fail_ex+0x39d/0x4d0
[ 1179.168141][T20349]  _copy_to_user+0x2f/0xa0
[ 1179.172735][T20349]  simple_read_from_buffer+0xe7/0x150
[ 1179.178364][T20349]  proc_fail_nth_read+0x1e8/0x260
[ 1179.183574][T20349]  ? proc_fault_inject_write+0x360/0x360
[ 1179.189695][T20349]  ? fsnotify_perm+0x271/0x5e0
[ 1179.194684][T20349]  ? proc_fault_inject_write+0x360/0x360
[ 1179.200453][T20349]  vfs_read+0x28b/0x970
[ 1179.204788][T20349]  ? kernel_read+0x1e0/0x1e0
[ 1179.209515][T20349]  ? __fget_files+0x28/0x4b0
[ 1179.214232][T20349]  ? __fget_files+0x28/0x4b0
[ 1179.218866][T20349]  ? __fget_files+0x43d/0x4b0
[ 1179.223784][T20349]  ? __fdget_pos+0x2a3/0x330
[ 1179.228541][T20349]  ? ksys_read+0x75/0x260
[ 1179.232953][T20349]  ksys_read+0x150/0x260
[ 1179.237264][T20349]  ? vfs_write+0x990/0x990
[ 1179.241741][T20349]  ? lockdep_hardirqs_on+0x98/0x150
[ 1179.246994][T20349]  do_syscall_64+0x55/0xa0
[ 1179.251439][T20349]  ? clear_bhb_loop+0x40/0x90
[ 1179.256518][T20349]  ? clear_bhb_loop+0x40/0x90
[ 1179.261237][T20349]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1179.267340][T20349] RIP: 0033:0x7f426275d04e
[ 1179.271810][T20349] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1179.291478][T20349] RSP: 002b:00007f426370cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1179.299940][T20349] RAX: ffffffffffffffda RBX: 00007f426370d6c0 RCX: 00007f426275d04e
[ 1179.308062][T20349] RDX: 000000000000000f RSI: 00007f426370d0a0 RDI: 0000000000000008
[ 1179.316088][T20349] RBP: 00007f426370d090 R08: 0000000000000000 R09: 0000000000000000
[ 1179.324208][T20349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1179.332331][T20349] R13: 00007f4262a16038 R14: 00007f4262a15fa0 R15: 00007ffe3769e948
[ 1179.341034][T20349]  </TASK>
[ 1179.557050][T20352] FAULT_INJECTION: forcing a failure.
[ 1179.557050][T20352] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1179.644741][T20352] CPU: 0 PID: 20352 Comm: syz.0.4701 Not tainted syzkaller #0
[ 1179.652536][T20352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1179.662719][T20352] Call Trace:
[ 1179.666153][T20352]  <TASK>
[ 1179.669145][T20352]  dump_stack_lvl+0x18c/0x250
[ 1179.673973][T20352]  ? show_regs_print_info+0x20/0x20
[ 1179.679253][T20352]  ? load_image+0x420/0x420
[ 1179.683946][T20352]  ? __might_fault+0xaa/0x120
[ 1179.688791][T20352]  ? __lock_acquire+0x7d40/0x7d40
[ 1179.694183][T20352]  should_fail_ex+0x39d/0x4d0
[ 1179.699058][T20352]  _copy_from_iter+0x1d9/0x12e0
[ 1179.704069][T20352]  ? slab_post_alloc_hook+0x8a/0x4b0
[ 1179.710044][T20352]  ? __virt_addr_valid+0x18c/0x540
[ 1179.715630][T20352]  ? __lock_acquire+0x7d40/0x7d40
[ 1179.720802][T20352]  ? rcu_is_watching+0x15/0xb0
[ 1179.725765][T20352]  ? copyout_mc+0x70/0x70
[ 1179.730189][T20352]  ? __virt_addr_valid+0x18c/0x540
[ 1179.735555][T20352]  ? __virt_addr_valid+0x18c/0x540
[ 1179.740752][T20352]  ? __virt_addr_valid+0x469/0x540
[ 1179.745945][T20352]  ? __check_object_size+0x506/0xa20
[ 1179.751320][T20352]  netlink_sendmsg+0x76b/0xbf0
[ 1179.756175][T20352]  ? perf_trace_lock+0x304/0x3b0
[ 1179.761298][T20352]  ? netlink_getsockopt+0x590/0x590
[ 1179.766587][T20352]  ? aa_sock_msg_perm+0x94/0x150
[ 1179.771614][T20352]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1179.776968][T20352]  ? security_socket_sendmsg+0x80/0xa0
[ 1179.782497][T20352]  ? netlink_getsockopt+0x590/0x590
[ 1179.787969][T20352]  ____sys_sendmsg+0x5ba/0x960
[ 1179.793089][T20352]  ? __asan_memset+0x22/0x40
[ 1179.797754][T20352]  ? __sys_sendmsg_sock+0x30/0x30
[ 1179.802837][T20352]  ? __import_iovec+0x5f2/0x850
[ 1179.807878][T20352]  ? import_iovec+0x73/0xa0
[ 1179.812482][T20352]  ___sys_sendmsg+0x2a6/0x360
[ 1179.817357][T20352]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1179.822919][T20352]  ? trace_call_bpf+0xc3/0x6c0
[ 1179.828037][T20352]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1179.833409][T20352]  ? __x64_sys_sendmsg+0x80/0x80
[ 1179.838574][T20352]  ? lockdep_hardirqs_on+0x98/0x150
[ 1179.843861][T20352]  do_syscall_64+0x55/0xa0
[ 1179.848453][T20352]  ? clear_bhb_loop+0x40/0x90
[ 1179.853198][T20352]  ? clear_bhb_loop+0x40/0x90
[ 1179.857957][T20352]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1179.864011][T20352] RIP: 0033:0x7f2c9b59c819
[ 1179.868495][T20352] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1179.888452][T20352] RSP: 002b:00007f2c9c4fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1179.897048][T20352] RAX: ffffffffffffffda RBX: 00007f2c9b815fa0 RCX: 00007f2c9b59c819
[ 1179.905180][T20352] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1179.913393][T20352] RBP: 00007f2c9c4fc090 R08: 0000000000000000 R09: 0000000000000000
[ 1179.921433][T20352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1179.929481][T20352] R13: 00007f2c9b816038 R14: 00007f2c9b815fa0 R15: 00007ffe6d93bdc8
[ 1179.937630][T20352]  </TASK>
[ 1180.178407][T20355] FAULT_INJECTION: forcing a failure.
[ 1180.178407][T20355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1180.238563][T20355] CPU: 0 PID: 20355 Comm: syz.1.4703 Not tainted syzkaller #0
[ 1180.246229][T20355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1180.256432][T20355] Call Trace:
[ 1180.259835][T20355]  <TASK>
[ 1180.262817][T20355]  dump_stack_lvl+0x18c/0x250
[ 1180.267647][T20355]  ? show_regs_print_info+0x20/0x20
[ 1180.272900][T20355]  ? load_image+0x420/0x420
[ 1180.277469][T20355]  ? __lock_acquire+0x7d40/0x7d40
[ 1180.282648][T20355]  ? snprintf+0xe9/0x140
[ 1180.286953][T20355]  should_fail_ex+0x39d/0x4d0
[ 1180.290992][T20360] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4705'.
[ 1180.291673][T20355]  _copy_to_user+0x2f/0xa0
[ 1180.291709][T20355]  simple_read_from_buffer+0xe7/0x150
[ 1180.310604][T20355]  proc_fail_nth_read+0x1e8/0x260
[ 1180.315700][T20355]  ? proc_fault_inject_write+0x360/0x360
[ 1180.321404][T20355]  ? fsnotify_perm+0x271/0x5e0
[ 1180.326224][T20355]  ? proc_fault_inject_write+0x360/0x360
[ 1180.331906][T20355]  vfs_read+0x28b/0x970
[ 1180.336123][T20355]  ? kernel_read+0x1e0/0x1e0
[ 1180.340850][T20355]  ? __fget_files+0x28/0x4b0
[ 1180.345676][T20355]  ? __fget_files+0x28/0x4b0
[ 1180.350407][T20355]  ? __fget_files+0x43d/0x4b0
[ 1180.355237][T20355]  ? __fdget_pos+0x2a3/0x330
[ 1180.359997][T20355]  ? ksys_read+0x75/0x260
[ 1180.364469][T20355]  ksys_read+0x150/0x260
[ 1180.368871][T20355]  ? vfs_write+0x990/0x990
[ 1180.373343][T20355]  ? lockdep_hardirqs_on+0x98/0x150
[ 1180.378602][T20355]  do_syscall_64+0x55/0xa0
[ 1180.383147][T20355]  ? clear_bhb_loop+0x40/0x90
[ 1180.387867][T20355]  ? clear_bhb_loop+0x40/0x90
[ 1180.392590][T20355]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1180.398532][T20355] RIP: 0033:0x7f426275d04e
[ 1180.402987][T20355] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1180.422817][T20355] RSP: 002b:00007f426370cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1180.431371][T20355] RAX: ffffffffffffffda RBX: 00007f426370d6c0 RCX: 00007f426275d04e
[ 1180.439654][T20355] RDX: 000000000000000f RSI: 00007f426370d0a0 RDI: 000000000000002c
[ 1180.447663][T20355] RBP: 00007f426370d090 R08: 0000000000000000 R09: 0000000000000000
[ 1180.455850][T20355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1180.463856][T20355] R13: 00007f4262a16038 R14: 00007f4262a15fa0 R15: 00007ffe3769e948
[ 1180.471974][T20355]  </TASK>
[ 1181.430752][T20373] netlink: 'syz.2.4709': attribute type 1 has an invalid length.
[ 1181.477078][T20373] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.4709'.
[ 1181.807021][T20376] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.4710'.
[ 1181.829613][T20376] bridge_slave_1: default FDB implementation only supports local addresses
[ 1182.608842][T20392] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4716'.
[ 1183.980550][T20411] netlink: 'syz.2.4721': attribute type 1 has an invalid length.
[ 1184.044239][T20411] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.4721'.
[ 1184.718844][T20418] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1184.941334][T20432] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4729'.
[ 1184.999165][T20434] netlink: 'syz.1.4727': attribute type 3 has an invalid length.
[ 1185.056808][T20434] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4727'.
[ 1185.761474][T20446] netlink: 'syz.3.4734': attribute type 8 has an invalid length.
[ 1185.784379][T20446] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.4734'.
[ 1185.993784][T20453] netlink: 'syz.1.4736': attribute type 1 has an invalid length.
[ 1186.010745][T20453] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4736'.
[ 1186.578087][T20463] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4739'.
[ 1187.636572][T20473] netlink: 'syz.1.4744': attribute type 25 has an invalid length.
[ 1187.678831][T20473] netlink: 'syz.1.4744': attribute type 29 has an invalid length.
[ 1188.607088][T20488] netlink: 'syz.0.4749': attribute type 1 has an invalid length.
[ 1188.634931][T20488] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4749'.
[ 1188.648006][T20491] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4750'.
[ 1188.964923][T20485] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1189.892679][T20506] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4755'.
[ 1191.091279][T20519] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4759'.
[ 1191.322161][T20525] netlink: 'syz.1.4761': attribute type 29 has an invalid length.
[ 1191.332334][T20521] FAULT_INJECTION: forcing a failure.
[ 1191.332334][T20521] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1191.350490][T20525] netlink: 'syz.1.4761': attribute type 29 has an invalid length.
[ 1191.359337][T20521] CPU: 0 PID: 20521 Comm: syz.2.4760 Not tainted syzkaller #0
[ 1191.366860][T20521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1191.377151][T20521] Call Trace:
[ 1191.380549][T20521]  <TASK>
[ 1191.383527][T20521]  dump_stack_lvl+0x18c/0x250
[ 1191.388481][T20521]  ? show_regs_print_info+0x20/0x20
[ 1191.393744][T20521]  ? load_image+0x420/0x420
[ 1191.398301][T20521]  ? __might_fault+0xaa/0x120
[ 1191.403192][T20521]  ? __lock_acquire+0x7d40/0x7d40
[ 1191.408269][T20521]  should_fail_ex+0x39d/0x4d0
[ 1191.413006][T20521]  _copy_from_user+0x2f/0xe0
[ 1191.417740][T20521]  bpf_prog_test_run_skb+0x266/0x12b0
[ 1191.423338][T20521]  ? __fget_files+0x28/0x4b0
[ 1191.427979][T20521]  ? __fget_files+0x28/0x4b0
[ 1191.432620][T20521]  ? __fget_files+0x43d/0x4b0
[ 1191.437520][T20521]  ? cpu_online+0x60/0x60
[ 1191.441981][T20521]  bpf_prog_test_run+0x321/0x390
[ 1191.446957][T20521]  __sys_bpf+0x49d/0x890
[ 1191.451221][T20521]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1191.456628][T20521]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1191.462906][T20521]  __x64_sys_bpf+0x7c/0x90
[ 1191.467350][T20521]  do_syscall_64+0x55/0xa0
[ 1191.471780][T20521]  ? clear_bhb_loop+0x40/0x90
[ 1191.476483][T20521]  ? clear_bhb_loop+0x40/0x90
[ 1191.481317][T20521]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1191.487399][T20521] RIP: 0033:0x7f5eda19c819
[ 1191.491837][T20521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1191.511631][T20521] RSP: 002b:00007f5edb137028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1191.520082][T20521] RAX: ffffffffffffffda RBX: 00007f5eda415fa0 RCX: 00007f5eda19c819
[ 1191.528242][T20521] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[ 1191.536317][T20521] RBP: 00007f5edb137090 R08: 0000000000000000 R09: 0000000000000000
[ 1191.544486][T20521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1191.553075][T20521] R13: 00007f5eda416038 R14: 00007f5eda415fa0 R15: 00007ffd3fd8fcd8
[ 1191.561075][T20521]  </TASK>
[ 1191.749847][T20532] netlink: 'syz.1.4763': attribute type 1 has an invalid length.
[ 1191.784514][T20532] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4763'.
[ 1192.735826][T20554] FAULT_INJECTION: forcing a failure.
[ 1192.735826][T20554] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1192.764498][T20554] CPU: 1 PID: 20554 Comm: syz.1.4772 Not tainted syzkaller #0
[ 1192.772130][T20554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1192.782315][T20554] Call Trace:
[ 1192.785722][T20554]  <TASK>
[ 1192.788699][T20554]  dump_stack_lvl+0x18c/0x250
[ 1192.793527][T20554]  ? show_regs_print_info+0x20/0x20
[ 1192.798766][T20554]  ? load_image+0x420/0x420
[ 1192.803311][T20554]  ? __lock_acquire+0x7d40/0x7d40
[ 1192.808459][T20554]  ? perf_trace_lock+0xfc/0x3b0
[ 1192.813354][T20554]  should_fail_ex+0x39d/0x4d0
[ 1192.818177][T20554]  prepare_alloc_pages+0x1e2/0x5f0
[ 1192.823332][T20554]  __alloc_pages+0x134/0x460
[ 1192.827965][T20554]  ? zone_statistics+0x170/0x170
[ 1192.832955][T20554]  ? alloc_pages+0x4dc/0x740
[ 1192.837676][T20554]  ? do_raw_spin_unlock+0x121/0x230
[ 1192.843029][T20554]  __get_free_pages+0xc/0x30
[ 1192.847685][T20554]  kasan_populate_vmalloc_pte+0x35/0x100
[ 1192.853459][T20554]  __apply_to_page_range+0x860/0xdd0
[ 1192.858839][T20554]  ? kasan_populate_vmalloc+0x70/0x70
[ 1192.864382][T20554]  ? apply_to_page_range+0x50/0x50
[ 1192.869734][T20554]  ? do_raw_spin_unlock+0x121/0x230
[ 1192.875099][T20554]  alloc_vmap_area+0x1d0c/0x1e30
[ 1192.880418][T20554]  ? vm_map_ram+0xcb0/0xcb0
[ 1192.885150][T20554]  ? rcu_is_watching+0x15/0xb0
[ 1192.890064][T20554]  __get_vm_area_node+0x162/0x370
[ 1192.895321][T20554]  ? bpf_map_area_alloc+0x5e/0x110
[ 1192.900571][T20554]  __vmalloc_node_range+0x36e/0x1330
[ 1192.905991][T20554]  ? dev_map_create_hash+0x24/0x1d0
[ 1192.911391][T20554]  ? free_vm_area+0x50/0x50
[ 1192.916033][T20554]  ? __kmem_cache_alloc_node+0x13a/0x250
[ 1192.921800][T20554]  bpf_map_area_alloc+0xf1/0x110
[ 1192.926822][T20554]  ? dev_map_create_hash+0x24/0x1d0
[ 1192.932059][T20554]  dev_map_create_hash+0x24/0x1d0
[ 1192.937127][T20554]  ? bpf_map_init_from_attr+0x14a/0x340
[ 1192.942858][T20554]  dev_map_alloc+0x277/0x4c0
[ 1192.947629][T20554]  map_create+0x877/0x12f0
[ 1192.952334][T20554]  ? bpf_lsm_bpf+0x9/0x10
[ 1192.957003][T20554]  __sys_bpf+0x651/0x890
[ 1192.961503][T20554]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1192.967315][T20554]  ? lock_chain_count+0x20/0x20
[ 1192.972565][T20554]  __x64_sys_bpf+0x7c/0x90
[ 1192.977234][T20554]  do_syscall_64+0x55/0xa0
[ 1192.981782][T20554]  ? clear_bhb_loop+0x40/0x90
[ 1192.986642][T20554]  ? clear_bhb_loop+0x40/0x90
[ 1192.991547][T20554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1192.997692][T20554] RIP: 0033:0x7f426279c819
[ 1193.002263][T20554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1193.022032][T20554] RSP: 002b:00007f426370d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1193.030777][T20554] RAX: ffffffffffffffda RBX: 00007f4262a15fa0 RCX: 00007f426279c819
[ 1193.039074][T20554] RDX: 0000000000000048 RSI: 0000200000000580 RDI: 0000000000000000
[ 1193.047293][T20554] RBP: 00007f426370d090 R08: 0000000000000000 R09: 0000000000000000
[ 1193.055316][T20554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1193.063416][T20554] R13: 00007f4262a16038 R14: 00007f4262a15fa0 R15: 00007ffe3769e948
[ 1193.071451][T20554]  </TASK>
[ 1193.364581][T20563] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4773'.
[ 1193.725560][T20568] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1193.794519][T20578] FAULT_INJECTION: forcing a failure.
[ 1193.794519][T20578] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1193.835989][T20578] CPU: 1 PID: 20578 Comm: syz.3.4778 Not tainted syzkaller #0
[ 1193.843977][T20578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1193.854095][T20578] Call Trace:
[ 1193.857417][T20578]  <TASK>
[ 1193.860407][T20578]  dump_stack_lvl+0x18c/0x250
[ 1193.865172][T20578]  ? show_regs_print_info+0x20/0x20
[ 1193.870612][T20578]  ? load_image+0x420/0x420
[ 1193.875178][T20578]  ? __lock_acquire+0x7d40/0x7d40
[ 1193.880253][T20578]  ? snprintf+0xe9/0x140
[ 1193.884557][T20578]  should_fail_ex+0x39d/0x4d0
[ 1193.889426][T20578]  _copy_to_user+0x2f/0xa0
[ 1193.893904][T20578]  simple_read_from_buffer+0xe7/0x150
[ 1193.899602][T20578]  proc_fail_nth_read+0x1e8/0x260
[ 1193.904781][T20578]  ? proc_fault_inject_write+0x360/0x360
[ 1193.910544][T20578]  ? fsnotify_perm+0x271/0x5e0
[ 1193.915460][T20578]  ? proc_fault_inject_write+0x360/0x360
[ 1193.921154][T20578]  vfs_read+0x28b/0x970
[ 1193.925386][T20578]  ? kernel_read+0x1e0/0x1e0
[ 1193.930014][T20578]  ? __fget_files+0x28/0x4b0
[ 1193.934723][T20578]  ? __fget_files+0x28/0x4b0
[ 1193.939615][T20578]  ? __fget_files+0x43d/0x4b0
[ 1193.944336][T20578]  ? __fdget_pos+0x2a3/0x330
[ 1193.948958][T20578]  ? ksys_read+0x75/0x260
[ 1193.953317][T20578]  ksys_read+0x150/0x260
[ 1193.957765][T20578]  ? vfs_write+0x990/0x990
[ 1193.962234][T20578]  ? lockdep_hardirqs_on+0x98/0x150
[ 1193.967512][T20578]  do_syscall_64+0x55/0xa0
[ 1193.972229][T20578]  ? clear_bhb_loop+0x40/0x90
[ 1193.977209][T20578]  ? clear_bhb_loop+0x40/0x90
[ 1193.981926][T20578]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1193.988053][T20578] RIP: 0033:0x7fd43795d04e
[ 1193.992611][T20578] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1194.012795][T20578] RSP: 002b:00007fd4387bdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1194.021333][T20578] RAX: ffffffffffffffda RBX: 00007fd4387be6c0 RCX: 00007fd43795d04e
[ 1194.029331][T20578] RDX: 000000000000000f RSI: 00007fd4387be0a0 RDI: 0000000000000004
[ 1194.037321][T20578] RBP: 00007fd4387be090 R08: 0000000000000000 R09: 0000000000000000
[ 1194.045424][T20578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1194.053610][T20578] R13: 00007fd437c16128 R14: 00007fd437c16090 R15: 00007ffccb805868
[ 1194.061878][T20578]  </TASK>
[ 1194.184984][T20580] netlink: 15231 bytes leftover after parsing attributes in process `syz.2.4779'.
[ 1194.301899][T20588] netlink: 'syz.1.4781': attribute type 1 has an invalid length.
[ 1194.321121][T20588] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4781'.
[ 1195.075053][T20599] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4786'.
[ 1195.689671][T20606] netlink: 'syz.1.4788': attribute type 8 has an invalid length.
[ 1195.757068][T20606] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4788'.
[ 1197.147331][T20620] netlink: 'syz.1.4794': attribute type 3 has an invalid length.
[ 1197.161740][T20620] netlink: 'syz.1.4794': attribute type 8 has an invalid length.
[ 1197.173760][T20620] netlink: 197324 bytes leftover after parsing attributes in process `syz.1.4794'.
[ 1197.205884][T20620] netlink: 'syz.1.4794': attribute type 3 has an invalid length.
[ 1197.224223][T20620] netlink: 'syz.1.4794': attribute type 8 has an invalid length.
[ 1197.237348][T20620] netlink: 197324 bytes leftover after parsing attributes in process `syz.1.4794'.
[ 1197.311425][T20628] netlink: 'syz.2.4796': attribute type 1 has an invalid length.
[ 1197.334354][T20628] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.4796'.
[ 1198.057692][T20635] FAULT_INJECTION: forcing a failure.
[ 1198.057692][T20635] name failslab, interval 1, probability 0, space 0, times 0
[ 1198.094091][T20635] CPU: 1 PID: 20635 Comm: syz.0.4798 Not tainted syzkaller #0
[ 1198.101751][T20635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1198.111864][T20635] Call Trace:
[ 1198.115191][T20635]  <TASK>
[ 1198.118256][T20635]  dump_stack_lvl+0x18c/0x250
[ 1198.123002][T20635]  ? show_regs_print_info+0x20/0x20
[ 1198.128346][T20635]  ? load_image+0x420/0x420
[ 1198.133004][T20635]  ? __might_sleep+0xe0/0xe0
[ 1198.137754][T20635]  ? __lock_acquire+0x7d40/0x7d40
[ 1198.142841][T20635]  should_fail_ex+0x39d/0x4d0
[ 1198.147576][T20635]  should_failslab+0x9/0x20
[ 1198.152126][T20635]  slab_pre_alloc_hook+0x59/0x310
[ 1198.157210][T20635]  kmem_cache_alloc_node+0x60/0x320
[ 1198.162466][T20635]  ? __alloc_skb+0x103/0x2c0
[ 1198.167230][T20635]  __alloc_skb+0x103/0x2c0
[ 1198.171875][T20635]  netlink_ack+0x376/0x1180
[ 1198.176525][T20635]  ? __bpf_trace_bpf_trace_printk+0x100/0x100
[ 1198.182655][T20635]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[ 1198.188577][T20635]  ? netlink_dump+0xe50/0xe50
[ 1198.193291][T20635]  ? perf_trace_lock+0x304/0x3b0
[ 1198.198267][T20635]  netlink_rcv_skb+0x2c5/0x4d0
[ 1198.203171][T20635]  ? rtnetlink_bind+0x80/0x80
[ 1198.207959][T20635]  ? netlink_ack+0x1180/0x1180
[ 1198.212759][T20635]  ? __lock_acquire+0x7d40/0x7d40
[ 1198.218073][T20635]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1198.223651][T20635]  netlink_unicast+0x751/0x8d0
[ 1198.228631][T20635]  netlink_sendmsg+0x8d0/0xbf0
[ 1198.233507][T20635]  ? perf_trace_lock+0x304/0x3b0
[ 1198.238560][T20635]  ? netlink_getsockopt+0x590/0x590
[ 1198.243788][T20635]  ? aa_sock_msg_perm+0x94/0x150
[ 1198.248846][T20635]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1198.254269][T20635]  ? security_socket_sendmsg+0x80/0xa0
[ 1198.259917][T20635]  ? netlink_getsockopt+0x590/0x590
[ 1198.265316][T20635]  ____sys_sendmsg+0x5ba/0x960
[ 1198.270132][T20635]  ? __asan_memset+0x22/0x40
[ 1198.274757][T20635]  ? __sys_sendmsg_sock+0x30/0x30
[ 1198.279796][T20635]  ? __import_iovec+0x5f2/0x850
[ 1198.284671][T20635]  ? import_iovec+0x73/0xa0
[ 1198.289368][T20635]  ___sys_sendmsg+0x2a6/0x360
[ 1198.294073][T20635]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1198.298884][T20635]  ? __lock_acquire+0x7d40/0x7d40
[ 1198.304040][T20635]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1198.308913][T20635]  ? __x64_sys_sendmsg+0x80/0x80
[ 1198.313881][T20635]  ? lockdep_hardirqs_on+0x98/0x150
[ 1198.319106][T20635]  do_syscall_64+0x55/0xa0
[ 1198.323686][T20635]  ? clear_bhb_loop+0x40/0x90
[ 1198.328491][T20635]  ? clear_bhb_loop+0x40/0x90
[ 1198.333225][T20635]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1198.339145][T20635] RIP: 0033:0x7f2c9b59c819
[ 1198.343579][T20635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1198.363313][T20635] RSP: 002b:00007f2c9c4fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1198.371750][T20635] RAX: ffffffffffffffda RBX: 00007f2c9b815fa0 RCX: 00007f2c9b59c819
[ 1198.379746][T20635] RDX: 0000000004000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1198.387824][T20635] RBP: 00007f2c9c4fc090 R08: 0000000000000000 R09: 0000000000000000
[ 1198.395825][T20635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1198.403812][T20635] R13: 00007f2c9b816038 R14: 00007f2c9b815fa0 R15: 00007ffe6d93bdc8
[ 1198.411815][T20635]  </TASK>
[ 1198.506794][T20640] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4799'.
[ 1199.282980][ T5782] Bluetooth: hci0: unexpected event 0x32 length: 15 > 9
[ 1199.443194][T20657] FAULT_INJECTION: forcing a failure.
[ 1199.443194][T20657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1199.575864][T20657] CPU: 0 PID: 20657 Comm: syz.2.4807 Not tainted syzkaller #0
[ 1199.583608][T20657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1199.594550][T20657] Call Trace:
[ 1199.597865][T20657]  <TASK>
[ 1199.600843][T20657]  dump_stack_lvl+0x18c/0x250
[ 1199.605596][T20657]  ? show_regs_print_info+0x20/0x20
[ 1199.610833][T20657]  ? load_image+0x420/0x420
[ 1199.615530][T20657]  ? __might_fault+0xaa/0x120
[ 1199.620255][T20657]  ? __lock_acquire+0x7d40/0x7d40
[ 1199.625362][T20657]  should_fail_ex+0x39d/0x4d0
[ 1199.630107][T20657]  _copy_from_iter+0x1d9/0x12e0
[ 1199.635002][T20657]  ? slab_post_alloc_hook+0x8a/0x4b0
[ 1199.640423][T20657]  ? __virt_addr_valid+0x18c/0x540
[ 1199.645588][T20657]  ? __lock_acquire+0x7d40/0x7d40
[ 1199.650647][T20657]  ? rcu_is_watching+0x15/0xb0
[ 1199.655653][T20657]  ? copyout_mc+0x70/0x70
[ 1199.660044][T20657]  ? __virt_addr_valid+0x18c/0x540
[ 1199.665212][T20657]  ? __virt_addr_valid+0x18c/0x540
[ 1199.670378][T20657]  ? __virt_addr_valid+0x469/0x540
[ 1199.675748][T20657]  ? __check_object_size+0x506/0xa20
[ 1199.681064][T20657]  netlink_sendmsg+0x76b/0xbf0
[ 1199.685988][T20657]  ? netlink_getsockopt+0x590/0x590
[ 1199.691310][T20657]  ? aa_sock_msg_perm+0x94/0x150
[ 1199.696312][T20657]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1199.701666][T20657]  ? security_socket_sendmsg+0x80/0xa0
[ 1199.707300][T20657]  ? netlink_getsockopt+0x590/0x590
[ 1199.712636][T20657]  ____sys_sendmsg+0x5ba/0x960
[ 1199.717440][T20657]  ? __asan_memset+0x22/0x40
[ 1199.722165][T20657]  ? __sys_sendmsg_sock+0x30/0x30
[ 1199.727401][T20657]  ? __import_iovec+0x5f2/0x850
[ 1199.732310][T20657]  ? import_iovec+0x73/0xa0
[ 1199.736936][T20657]  ___sys_sendmsg+0x2a6/0x360
[ 1199.741646][T20657]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1199.746446][T20657]  ? trace_call_bpf+0xc3/0x6c0
[ 1199.751263][T20657]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1199.756140][T20657]  ? __x64_sys_sendmsg+0x80/0x80
[ 1199.761109][T20657]  ? lockdep_hardirqs_on+0x98/0x150
[ 1199.766617][T20657]  do_syscall_64+0x55/0xa0
[ 1199.771162][T20657]  ? clear_bhb_loop+0x40/0x90
[ 1199.775872][T20657]  ? clear_bhb_loop+0x40/0x90
[ 1199.780576][T20657]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1199.786489][T20657] RIP: 0033:0x7f5eda19c819
[ 1199.790926][T20657] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1199.810635][T20657] RSP: 002b:00007f5edb137028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1199.819087][T20657] RAX: ffffffffffffffda RBX: 00007f5eda415fa0 RCX: 00007f5eda19c819
[ 1199.827101][T20657] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1199.835186][T20657] RBP: 00007f5edb137090 R08: 0000000000000000 R09: 0000000000000000
[ 1199.843179][T20657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1199.851170][T20657] R13: 00007f5eda416038 R14: 00007f5eda415fa0 R15: 00007ffd3fd8fcd8
[ 1199.859294][T20657]  </TASK>
[ 1200.132066][T20665] netlink: 'syz.2.4809': attribute type 1 has an invalid length.
[ 1200.142414][T20665] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.4809'.
[ 1200.775531][T20679] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4812'.
[ 1201.295025][T20684] netlink: 160 bytes leftover after parsing attributes in process `syz.1.4814'.
[ 1201.490398][T20688] netlink: 52711 bytes leftover after parsing attributes in process `syz.2.4813'.
[ 1201.588993][T20694] FAULT_INJECTION: forcing a failure.
[ 1201.588993][T20694] name failslab, interval 1, probability 0, space 0, times 0
[ 1201.657546][T20694] CPU: 1 PID: 20694 Comm: syz.3.4815 Not tainted syzkaller #0
[ 1201.665292][T20694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1201.675514][T20694] Call Trace:
[ 1201.678890][T20694]  <TASK>
[ 1201.681963][T20694]  dump_stack_lvl+0x18c/0x250
[ 1201.686737][T20694]  ? show_regs_print_info+0x20/0x20
[ 1201.692119][T20694]  ? load_image+0x420/0x420
[ 1201.696886][T20694]  ? __might_sleep+0xe0/0xe0
[ 1201.701601][T20694]  ? __lock_acquire+0x7d40/0x7d40
[ 1201.707193][T20694]  should_fail_ex+0x39d/0x4d0
[ 1201.712238][T20694]  should_failslab+0x9/0x20
[ 1201.716904][T20694]  slab_pre_alloc_hook+0x59/0x310
[ 1201.722089][T20694]  ? tomoyo_encode+0x28b/0x540
[ 1201.726916][T20694]  ? tomoyo_encode+0x28b/0x540
[ 1201.731815][T20694]  __kmem_cache_alloc_node+0x53/0x250
[ 1201.737245][T20694]  ? tomoyo_realpath_from_path+0x5d0/0x5d0
[ 1201.743159][T20694]  ? tomoyo_encode+0x28b/0x540
[ 1201.747990][T20694]  __kmalloc+0xa4/0x230
[ 1201.752402][T20694]  tomoyo_encode+0x28b/0x540
[ 1201.757063][T20694]  tomoyo_realpath_from_path+0x592/0x5d0
[ 1201.762770][T20694]  tomoyo_path_number_perm+0x248/0x620
[ 1201.768472][T20694]  ? tomoyo_path_number_perm+0x217/0x620
[ 1201.774250][T20694]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1201.779850][T20694]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1201.785965][T20694]  ? d_alloc_parallel+0x33e/0x1530
[ 1201.791186][T20694]  ? __lock_acquire+0x7d40/0x7d40
[ 1201.796329][T20694]  ? hook_path_mknod+0x14c/0x500
[ 1201.801398][T20694]  tomoyo_path_mknod+0x14b/0x1a0
[ 1201.806456][T20694]  ? hook_path_mkdir+0x20/0x20
[ 1201.811261][T20694]  ? tomoyo_path_symlink+0xf0/0xf0
[ 1201.816435][T20694]  security_path_mknod+0xf0/0x150
[ 1201.821672][T20694]  path_openat+0xb5a/0x3230
[ 1201.826262][T20694]  ? do_filp_open+0x430/0x430
[ 1201.830981][T20694]  ? trace_event_raw_event_lock+0x250/0x250
[ 1201.836912][T20694]  do_filp_open+0x1f5/0x430
[ 1201.841455][T20694]  ? alloc_fd+0x58f/0x630
[ 1201.845911][T20694]  ? vfs_tmpfile+0x490/0x490
[ 1201.850629][T20694]  ? _raw_spin_unlock+0x28/0x40
[ 1201.855511][T20694]  ? alloc_fd+0x58f/0x630
[ 1201.859916][T20694]  do_sys_openat2+0x134/0x1d0
[ 1201.864824][T20694]  ? perf_trace_preemptirq_template+0x269/0x330
[ 1201.871124][T20694]  ? do_sys_open+0xe0/0xe0
[ 1201.875590][T20694]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1201.881695][T20694]  ? lock_chain_count+0x20/0x20
[ 1201.886619][T20694]  __x64_sys_openat+0x139/0x160
[ 1201.891530][T20694]  do_syscall_64+0x55/0xa0
[ 1201.896069][T20694]  ? clear_bhb_loop+0x40/0x90
[ 1201.900802][T20694]  ? clear_bhb_loop+0x40/0x90
[ 1201.905529][T20694]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1201.911662][T20694] RIP: 0033:0x7fd43799c819
[ 1201.916127][T20694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1201.935871][T20694] RSP: 002b:00007fd4387df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1201.944513][T20694] RAX: ffffffffffffffda RBX: 00007fd437c15fa0 RCX: 00007fd43799c819
[ 1201.952713][T20694] RDX: 000000000000275a RSI: 00002000000011c0 RDI: 0000000000000004
[ 1201.960737][T20694] RBP: 00007fd4387df090 R08: 0000000000000000 R09: 0000000000000000
[ 1201.969045][T20694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1201.977130][T20694] R13: 00007fd437c16038 R14: 00007fd437c15fa0 R15: 00007ffccb805868
[ 1201.985170][T20694]  </TASK>
[ 1202.041147][T20694] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1202.366388][T20702] syz.0.4819: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1202.397428][T20702] CPU: 0 PID: 20702 Comm: syz.0.4819 Not tainted syzkaller #0
[ 1202.405074][T20702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1202.415355][T20702] Call Trace:
[ 1202.418685][T20702]  <TASK>
[ 1202.421662][T20702]  dump_stack_lvl+0x18c/0x250
[ 1202.426414][T20702]  ? show_regs_print_info+0x20/0x20
[ 1202.431677][T20702]  ? load_image+0x420/0x420
[ 1202.436334][T20702]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1202.442807][T20702]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[ 1202.449454][T20702]  warn_alloc+0x246/0x340
[ 1202.453856][T20702]  ? stack_trace_save+0xaa/0x100
[ 1202.458852][T20702]  ? zone_watermark_ok_safe+0x230/0x230
[ 1202.464470][T20702]  ? kasan_set_track+0x5f/0x70
[ 1202.469358][T20702]  ? kasan_set_track+0x4e/0x70
[ 1202.474149][T20702]  ? __kasan_kmalloc+0x8f/0xa0
[ 1202.479022][T20702]  ? xsk_init_queue+0xad/0x100
[ 1202.483806][T20702]  ? xsk_setsockopt+0x4e5/0x760
[ 1202.488680][T20702]  ? do_sock_setsockopt+0x175/0x1a0
[ 1202.494067][T20702]  ? __x64_sys_setsockopt+0x182/0x200
[ 1202.499460][T20702]  __vmalloc_node_range+0x126/0x1330
[ 1202.504798][T20702]  ? free_vm_area+0x50/0x50
[ 1202.510201][T20702]  vmalloc_user+0x74/0x80
[ 1202.514638][T20702]  ? xskq_create+0xbf/0x170
[ 1202.519251][T20702]  xskq_create+0xbf/0x170
[ 1202.523615][T20702]  xsk_init_queue+0xad/0x100
[ 1202.528236][T20702]  xsk_setsockopt+0x4e5/0x760
[ 1202.533041][T20702]  ? xsk_poll+0x680/0x680
[ 1202.537640][T20702]  ? __fget_files+0x28/0x4b0
[ 1202.542341][T20702]  ? __fget_files+0x28/0x4b0
[ 1202.547132][T20702]  ? aa_sock_opt_perm+0x74/0x100
[ 1202.552093][T20702]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[ 1202.557663][T20702]  ? security_socket_setsockopt+0x7e/0xa0
[ 1202.563487][T20702]  ? xsk_poll+0x680/0x680
[ 1202.567845][T20702]  do_sock_setsockopt+0x175/0x1a0
[ 1202.572901][T20702]  ? __fdget+0x180/0x210
[ 1202.577277][T20702]  __x64_sys_setsockopt+0x182/0x200
[ 1202.582593][T20702]  do_syscall_64+0x55/0xa0
[ 1202.587036][T20702]  ? clear_bhb_loop+0x40/0x90
[ 1202.591829][T20702]  ? clear_bhb_loop+0x40/0x90
[ 1202.596524][T20702]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1202.602436][T20702] RIP: 0033:0x7f2c9b59c819
[ 1202.606871][T20702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1202.626849][T20702] RSP: 002b:00007f2c9c4db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1202.635284][T20702] RAX: ffffffffffffffda RBX: 00007f2c9b816090 RCX: 00007f2c9b59c819
[ 1202.643365][T20702] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000007
[ 1202.651356][T20702] RBP: 00007f2c9b632c91 R08: 0000000000000004 R09: 0000000000000000
[ 1202.659444][T20702] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[ 1202.667520][T20702] R13: 00007f2c9b816128 R14: 00007f2c9b816090 R15: 00007ffe6d93bdc8
[ 1202.675622][T20702]  </TASK>
[ 1202.724464][T20702] Mem-Info:
[ 1202.732137][T20702] active_anon:29735 inactive_anon:0 isolated_anon:0
[ 1202.732137][T20702]  active_file:20724 inactive_file:40366 isolated_file:0
[ 1202.732137][T20702]  unevictable:768 dirty:32 writeback:0
[ 1202.732137][T20702]  slab_reclaimable:10870 slab_unreclaimable:92830
[ 1202.732137][T20702]  mapped:29163 shmem:5932 pagetables:582
[ 1202.732137][T20702]  sec_pagetables:0 bounce:0
[ 1202.732137][T20702]  kernel_misc_reclaimable:0
[ 1202.732137][T20702]  free:1319417 free_pcp:10303 free_cma:0
[ 1202.777001][T20705] netlink: 'syz.3.4821': attribute type 1 has an invalid length.
[ 1202.820729][T20702] Node 0 active_anon:119340kB inactive_anon:0kB active_file:82896kB inactive_file:161264kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:117152kB dirty:128kB writeback:0kB shmem:22592kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9996kB pagetables:2328kB sec_pagetables:0kB all_unreclaimable? no
[ 1202.869362][T20705] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.4821'.
[ 1202.886884][T20702] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1202.944162][T20702] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1202.987286][T20702] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1202.993719][T20702] Node 0 DMA32 free:1371360kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:119900kB inactive_anon:0kB active_file:82896kB inactive_file:160436kB unevictable:1536kB writepending:128kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:20320kB local_pcp:1040kB free_cma:0kB
[ 1203.035860][T20702] lowmem_reserve[]: 0 0 0 0 0
[ 1203.052853][T20702] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1203.117158][T20702] lowmem_reserve[]: 0 0 0 0 0
[ 1203.148436][T20702] Node 1 Normal free:3889204kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21204kB local_pcp:9644kB free_cma:0kB
[ 1203.232881][T20702] lowmem_reserve[]: 0 0 0 0 0
[ 1203.250333][T20702] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1203.283722][T20702] Node 0 DMA32: 415*4kB (UE) 846*8kB (UE) 177*16kB (UE) 1028*32kB (UME) 873*64kB (UME) 709*128kB (UME) 214*256kB (UM) 69*512kB (UME) 21*1024kB (UM) 2*2048kB (UM) 259*4096kB (UM) = 1367356kB
[ 1203.329563][T20702] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[ 1203.371558][T20702] Node 1 Normal: 235*4kB (UME) 51*8kB (UME) 37*16kB (UME) 47*32kB (UME) 19*64kB (UME) 6*128kB (UE) 1*256kB (E) 3*512kB (UME) 1*1024kB (U) 1*2048kB (E) 947*4096kB (M) = 3889204kB
[ 1203.430207][T20702] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1203.454277][T20702] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1203.474754][T20702] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1203.496528][T20702] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1203.517292][T20702] 68298 total pagecache pages
[ 1203.528287][T20702] 0 pages in swap cache
[ 1203.538593][T20702] Free swap  = 124996kB
[ 1203.550526][T20702] Total swap = 124996kB
[ 1203.560697][T20702] 2097051 pages RAM
[ 1203.572898][T20702] 0 pages HighMem/MovableOnly
[ 1203.583035][T20702] 416927 pages reserved
[ 1203.588611][T20702] 0 pages cma reserved
[ 1204.322591][T20732] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.4829'.
[ 1204.862394][T20743] netlink: 'syz.0.4834': attribute type 1 has an invalid length.
[ 1204.881554][T20743] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4834'.
[ 1204.919140][T20747] netlink: 3752 bytes leftover after parsing attributes in process `syz.2.4835'.
[ 1205.798063][T20765] netlink: 'syz.3.4841': attribute type 3 has an invalid length.
[ 1205.810097][T20765] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4841'.
[ 1205.966573][T20771] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4842'.
[ 1207.021861][T20789] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4849'.
[ 1207.218342][T20792] netlink: 'syz.2.4850': attribute type 1 has an invalid length.
[ 1207.324109][T20792] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.4850'.
[ 1209.018719][T20803] FAULT_INJECTION: forcing a failure.
[ 1209.018719][T20803] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1209.044217][T20803] CPU: 0 PID: 20803 Comm: syz.1.4854 Not tainted syzkaller #0
[ 1209.052015][T20803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1209.062387][T20803] Call Trace:
[ 1209.065706][T20803]  <TASK>
[ 1209.068685][T20803]  dump_stack_lvl+0x18c/0x250
[ 1209.073514][T20803]  ? show_regs_print_info+0x20/0x20
[ 1209.078773][T20803]  ? load_image+0x420/0x420
[ 1209.083441][T20803]  ? __lock_acquire+0x7d40/0x7d40
[ 1209.088795][T20803]  ? snprintf+0xe9/0x140
[ 1209.093104][T20803]  should_fail_ex+0x39d/0x4d0
[ 1209.098025][T20803]  _copy_to_user+0x2f/0xa0
[ 1209.102591][T20803]  simple_read_from_buffer+0xe7/0x150
[ 1209.108133][T20803]  proc_fail_nth_read+0x1e8/0x260
[ 1209.113218][T20803]  ? proc_fault_inject_write+0x360/0x360
[ 1209.118958][T20803]  ? fsnotify_perm+0x271/0x5e0
[ 1209.123879][T20803]  ? proc_fault_inject_write+0x360/0x360
[ 1209.129708][T20803]  vfs_read+0x28b/0x970
[ 1209.134023][T20803]  ? kernel_read+0x1e0/0x1e0
[ 1209.138765][T20803]  ? __fget_files+0x28/0x4b0
[ 1209.143615][T20803]  ? __fget_files+0x28/0x4b0
[ 1209.148375][T20803]  ? __fget_files+0x43d/0x4b0
[ 1209.153236][T20803]  ? __fdget_pos+0x2a3/0x330
[ 1209.157975][T20803]  ? ksys_read+0x75/0x260
[ 1209.162545][T20803]  ksys_read+0x150/0x260
[ 1209.167120][T20803]  ? vfs_write+0x990/0x990
[ 1209.171593][T20803]  ? lockdep_hardirqs_on+0x98/0x150
[ 1209.176937][T20803]  do_syscall_64+0x55/0xa0
[ 1209.181631][T20803]  ? clear_bhb_loop+0x40/0x90
[ 1209.186382][T20803]  ? clear_bhb_loop+0x40/0x90
[ 1209.191230][T20803]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1209.197272][T20803] RIP: 0033:0x7f426275d04e
[ 1209.201908][T20803] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1209.222006][T20803] RSP: 002b:00007f426370cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1209.230748][T20803] RAX: ffffffffffffffda RBX: 00007f426370d6c0 RCX: 00007f426275d04e
[ 1209.238766][T20803] RDX: 000000000000000f RSI: 00007f426370d0a0 RDI: 0000000000000009
[ 1209.246868][T20803] RBP: 00007f426370d090 R08: 0000000000000000 R09: 0000000000000000
[ 1209.254873][T20803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1209.262976][T20803] R13: 00007f4262a16038 R14: 00007f4262a15fa0 R15: 00007ffe3769e948
[ 1209.271094][T20803]  </TASK>
[ 1209.969193][T20835] netlink: 'syz.3.4864': attribute type 1 has an invalid length.
[ 1209.979731][T20835] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.4864'.
[ 1210.942715][T20852] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4868'.
[ 1210.996549][T20847] can: request_module (can-proto-0) failed.
[ 1212.202852][T20876] netlink: 'syz.0.4878': attribute type 1 has an invalid length.
[ 1212.235836][T20876] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4878'.
[ 1212.291746][T20860] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4872'.
[ 1213.983720][T12905] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1213.994647][T12905] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1214.005046][T12905] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1214.014934][T12905] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1214.031499][T12905] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1214.039345][T12905] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1214.108978][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1214.256785][T20915] FAULT_INJECTION: forcing a failure.
[ 1214.256785][T20915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1214.266423][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1214.273440][T20915] CPU: 0 PID: 20915 Comm: syz.1.4890 Not tainted syzkaller #0
[ 1214.288056][T20915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1214.298159][T20915] Call Trace:
[ 1214.301673][T20915]  <TASK>
[ 1214.304644][T20915]  dump_stack_lvl+0x18c/0x250
[ 1214.309489][T20915]  ? show_regs_print_info+0x20/0x20
[ 1214.314756][T20915]  ? load_image+0x420/0x420
[ 1214.319412][T20915]  ? __lock_acquire+0x7d40/0x7d40
[ 1214.324675][T20915]  ? snprintf+0xe9/0x140
[ 1214.328958][T20915]  should_fail_ex+0x39d/0x4d0
[ 1214.333673][T20915]  _copy_to_user+0x2f/0xa0
[ 1214.338111][T20915]  simple_read_from_buffer+0xe7/0x150
[ 1214.343600][T20915]  proc_fail_nth_read+0x1e8/0x260
[ 1214.348741][T20915]  ? proc_fault_inject_write+0x360/0x360
[ 1214.354669][T20915]  ? fsnotify_perm+0x271/0x5e0
[ 1214.359468][T20915]  ? proc_fault_inject_write+0x360/0x360
[ 1214.365143][T20915]  vfs_read+0x28b/0x970
[ 1214.369324][T20915]  ? kernel_read+0x1e0/0x1e0
[ 1214.374117][T20915]  ? __fget_files+0x28/0x4b0
[ 1214.378729][T20915]  ? __fget_files+0x28/0x4b0
[ 1214.383512][T20915]  ? __fget_files+0x43d/0x4b0
[ 1214.388303][T20915]  ? __fdget_pos+0x2a3/0x330
[ 1214.392908][T20915]  ? ksys_read+0x75/0x260
[ 1214.397258][T20915]  ksys_read+0x150/0x260
[ 1214.401527][T20915]  ? vfs_write+0x990/0x990
[ 1214.405968][T20915]  ? lockdep_hardirqs_on+0x98/0x150
[ 1214.411187][T20915]  do_syscall_64+0x55/0xa0
[ 1214.415617][T20915]  ? clear_bhb_loop+0x40/0x90
[ 1214.420313][T20915]  ? clear_bhb_loop+0x40/0x90
[ 1214.425007][T20915]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1214.431087][T20915] RIP: 0033:0x7f426275d04e
[ 1214.435522][T20915] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1214.455233][T20915] RSP: 002b:00007f426370cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1214.463675][T20915] RAX: ffffffffffffffda RBX: 00007f426370d6c0 RCX: 00007f426275d04e
[ 1214.471669][T20915] RDX: 000000000000000f RSI: 00007f426370d0a0 RDI: 0000000000000004
[ 1214.479663][T20915] RBP: 00007f426370d090 R08: 0000000000000000 R09: 0000000000000000
[ 1214.487733][T20915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1214.495891][T20915] R13: 00007f4262a16038 R14: 00007f4262a15fa0 R15: 00007ffe3769e948
[ 1214.503983][T20915]  </TASK>
[ 1214.647607][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1214.698811][T20918] netlink: 'syz.0.4891': attribute type 1 has an invalid length.
[ 1214.743020][T20918] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.4891'.
[ 1214.782933][   T49] batman_adv: batadv0: Removing interface: netdevsim0
[ 1214.807753][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1215.261288][T20928] netlink: 188 bytes leftover after parsing attributes in process `syz.1.4893'.
[ 1215.746408][T20903] chnl_net:caif_netlink_parms(): no params data found
[ 1216.106021][ T5782] Bluetooth: hci0: command tx timeout
[ 1216.286473][T20947] netlink: 'syz.1.4897': attribute type 8 has an invalid length.
[ 1216.324229][T20947] netlink: 'syz.1.4897': attribute type 1 has an invalid length.
[ 1216.332533][T20947] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4897'.
[ 1216.386808][T20957] FAULT_INJECTION: forcing a failure.
[ 1216.386808][T20957] name failslab, interval 1, probability 0, space 0, times 0
[ 1216.446133][T20957] CPU: 1 PID: 20957 Comm: syz.0.4898 Not tainted syzkaller #0
[ 1216.453679][T20957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1216.463847][T20957] Call Trace:
[ 1216.467178][T20957]  <TASK>
[ 1216.470237][T20957]  dump_stack_lvl+0x18c/0x250
[ 1216.474978][T20957]  ? show_regs_print_info+0x20/0x20
[ 1216.480235][T20957]  ? load_image+0x420/0x420
[ 1216.484793][T20957]  ? __might_sleep+0xe0/0xe0
[ 1216.489608][T20957]  ? __lock_acquire+0x7d40/0x7d40
[ 1216.494967][T20957]  should_fail_ex+0x39d/0x4d0
[ 1216.499716][T20957]  should_failslab+0x9/0x20
[ 1216.504357][T20957]  slab_pre_alloc_hook+0x59/0x310
[ 1216.509520][T20957]  ? tomoyo_encode+0x28b/0x540
[ 1216.514504][T20957]  ? tomoyo_encode+0x28b/0x540
[ 1216.519313][T20957]  __kmem_cache_alloc_node+0x53/0x250
[ 1216.524926][T20957]  ? tomoyo_encode+0x28b/0x540
[ 1216.529738][T20957]  __kmalloc+0xa4/0x230
[ 1216.533946][T20957]  tomoyo_encode+0x28b/0x540
[ 1216.538594][T20957]  tomoyo_realpath_from_path+0x592/0x5d0
[ 1216.544465][T20957]  tomoyo_path_number_perm+0x248/0x620
[ 1216.549954][T20957]  ? tomoyo_path_number_perm+0x217/0x620
[ 1216.555622][T20957]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1216.561112][T20957]  ? trace_call_bpf+0xc3/0x6c0
[ 1216.565985][T20957]  ? trace_call_bpf+0xc3/0x6c0
[ 1216.570864][T20957]  ? trace_call_bpf+0x5e9/0x6c0
[ 1216.575780][T20957]  ? __fget_files+0x28/0x4b0
[ 1216.580475][T20957]  ? __fget_files+0x28/0x4b0
[ 1216.585096][T20957]  security_file_ioctl+0x70/0xa0
[ 1216.590138][T20957]  __se_sys_ioctl+0x48/0x170
[ 1216.594838][T20957]  do_syscall_64+0x55/0xa0
[ 1216.599368][T20957]  ? clear_bhb_loop+0x40/0x90
[ 1216.604073][T20957]  ? clear_bhb_loop+0x40/0x90
[ 1216.608852][T20957]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1216.615034][T20957] RIP: 0033:0x7f2c9b59c819
[ 1216.619556][T20957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1216.639527][T20957] RSP: 002b:00007f2c9c4db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1216.648068][T20957] RAX: ffffffffffffffda RBX: 00007f2c9b816090 RCX: 00007f2c9b59c819
[ 1216.656168][T20957] RDX: 0000200000000140 RSI: 000000000000894b RDI: 0000000000000003
[ 1216.664279][T20957] RBP: 00007f2c9c4db090 R08: 0000000000000000 R09: 0000000000000000
[ 1216.672537][T20957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1216.680728][T20957] R13: 00007f2c9b816128 R14: 00007f2c9b816090 R15: 00007ffe6d93bdc8
[ 1216.688752][T20957]  </TASK>
[ 1216.741876][T20957] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1217.332091][T20903] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1217.366890][T20903] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1217.405960][T20903] bridge_slave_0: entered allmulticast mode
[ 1217.426869][T20903] bridge_slave_0: entered promiscuous mode
[ 1217.502409][T20980] tap1: tun_chr_ioctl cmd 1074025680
[ 1217.518566][T20903] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1217.538830][T20903] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1217.564258][T20903] bridge_slave_1: entered allmulticast mode
[ 1217.586656][T20903] bridge_slave_1: entered promiscuous mode
[ 1217.824837][T20987] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4902'.
[ 1217.830271][T20989] netlink: 'syz.1.4904': attribute type 1 has an invalid length.
[ 1217.874364][T20989] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4904'.
[ 1218.062752][T20903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1218.120102][T20903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1218.195149][ T5782] Bluetooth: hci0: command tx timeout
[ 1218.582617][T20903] team0: Port device team_slave_0 added
[ 1218.617018][T20903] team0: Port device team_slave_1 added
[ 1218.805758][T20903] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1218.826481][T20903] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1218.923999][T20903] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1219.207938][T20903] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1219.254107][T20903] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1219.314307][T20903] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1219.869752][T21027] FAULT_INJECTION: forcing a failure.
[ 1219.869752][T21027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1219.894018][T21027] CPU: 1 PID: 21027 Comm: syz.1.4914 Not tainted syzkaller #0
[ 1219.901899][T21027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1219.912157][T21027] Call Trace:
[ 1219.915476][T21027]  <TASK>
[ 1219.918423][T21027]  dump_stack_lvl+0x18c/0x250
[ 1219.923247][T21027]  ? show_regs_print_info+0x20/0x20
[ 1219.928642][T21027]  ? load_image+0x420/0x420
[ 1219.933167][T21027]  ? __lock_acquire+0x7d40/0x7d40
[ 1219.938302][T21027]  ? snprintf+0xe9/0x140
[ 1219.942577][T21027]  should_fail_ex+0x39d/0x4d0
[ 1219.947633][T21027]  _copy_to_user+0x2f/0xa0
[ 1219.952250][T21027]  simple_read_from_buffer+0xe7/0x150
[ 1219.957708][T21027]  proc_fail_nth_read+0x1e8/0x260
[ 1219.962812][T21027]  ? proc_fault_inject_write+0x360/0x360
[ 1219.968496][T21027]  ? fsnotify_perm+0x271/0x5e0
[ 1219.973309][T21027]  ? proc_fault_inject_write+0x360/0x360
[ 1219.979002][T21027]  vfs_read+0x28b/0x970
[ 1219.983288][T21027]  ? kernel_read+0x1e0/0x1e0
[ 1219.987917][T21027]  ? __fget_files+0x28/0x4b0
[ 1219.992523][T21027]  ? __fget_files+0x28/0x4b0
[ 1219.997295][T21027]  ? __fget_files+0x43d/0x4b0
[ 1220.002113][T21027]  ? __fdget_pos+0x2a3/0x330
[ 1220.006744][T21027]  ? ksys_read+0x75/0x260
[ 1220.011201][T21027]  ksys_read+0x150/0x260
[ 1220.015499][T21027]  ? vfs_write+0x990/0x990
[ 1220.020352][T21027]  ? lockdep_hardirqs_on+0x98/0x150
[ 1220.025587][T21027]  do_syscall_64+0x55/0xa0
[ 1220.030054][T21027]  ? clear_bhb_loop+0x40/0x90
[ 1220.034931][T21027]  ? clear_bhb_loop+0x40/0x90
[ 1220.039803][T21027]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1220.045721][T21027] RIP: 0033:0x7f426275d04e
[ 1220.050269][T21027] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1220.069915][T21027] RSP: 002b:00007f42636ebfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1220.078376][T21027] RAX: ffffffffffffffda RBX: 00007f42636ec6c0 RCX: 00007f426275d04e
[ 1220.086475][T21027] RDX: 000000000000000f RSI: 00007f42636ec0a0 RDI: 0000000000000007
[ 1220.094488][T21027] RBP: 00007f42636ec090 R08: 0000000000000000 R09: 0000000000000000
[ 1220.102590][T21027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1220.110762][T21027] R13: 00007f4262a16128 R14: 00007f4262a16090 R15: 00007ffe3769e948
[ 1220.118796][T21027]  </TASK>
[ 1220.228632][   T49] hsr_slave_0: left promiscuous mode
[ 1220.264204][ T5782] Bluetooth: hci0: command tx timeout
[ 1220.374153][   T49] hsr_slave_1: left promiscuous mode
[ 1220.457820][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1220.486459][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1220.499845][T21037] netlink: 'syz.1.4916': attribute type 1 has an invalid length.
[ 1220.518440][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1220.534065][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1220.541574][T21037] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.4916'.
[ 1220.646292][   T49] veth1_macvtap: left allmulticast mode
[ 1220.652407][   T49] veth1_macvtap: left promiscuous mode
[ 1221.077988][T21049] FAULT_INJECTION: forcing a failure.
[ 1221.077988][T21049] name failslab, interval 1, probability 0, space 0, times 0
[ 1221.134652][T21049] CPU: 0 PID: 21049 Comm: syz.0.4919 Not tainted syzkaller #0
[ 1221.142366][T21049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1221.152687][T21049] Call Trace:
[ 1221.156227][T21049]  <TASK>
[ 1221.159229][T21049]  dump_stack_lvl+0x18c/0x250
[ 1221.164186][T21049]  ? show_regs_print_info+0x20/0x20
[ 1221.169471][T21049]  ? load_image+0x420/0x420
[ 1221.174068][T21049]  ? __might_sleep+0xe0/0xe0
[ 1221.178830][T21049]  ? __lock_acquire+0x7d40/0x7d40
[ 1221.183948][T21049]  should_fail_ex+0x39d/0x4d0
[ 1221.188735][T21049]  should_failslab+0x9/0x20
[ 1221.193491][T21049]  slab_pre_alloc_hook+0x59/0x310
[ 1221.198602][T21049]  ? trace_call_bpf+0x5e9/0x6c0
[ 1221.203702][T21049]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1221.209472][T21049]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1221.215341][T21049]  __kmem_cache_alloc_node+0x53/0x250
[ 1221.221069][T21049]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1221.226835][T21049]  __kmalloc+0xa4/0x230
[ 1221.231053][T21049]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1221.236678][T21049]  tomoyo_path_number_perm+0x248/0x620
[ 1221.242300][T21049]  ? tomoyo_path_number_perm+0x217/0x620
[ 1221.248021][T21049]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1221.253620][T21049]  ? ksys_write+0x1c4/0x260
[ 1221.258293][T21049]  ? __fget_files+0x28/0x4b0
[ 1221.263182][T21049]  ? __fget_files+0x28/0x4b0
[ 1221.267848][T21049]  security_file_ioctl+0x70/0xa0
[ 1221.272838][T21049]  __se_sys_ioctl+0x48/0x170
[ 1221.277482][T21049]  do_syscall_64+0x55/0xa0
[ 1221.281931][T21049]  ? clear_bhb_loop+0x40/0x90
[ 1221.286659][T21049]  ? clear_bhb_loop+0x40/0x90
[ 1221.291460][T21049]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1221.297396][T21049] RIP: 0033:0x7f2c9b59c819
[ 1221.301860][T21049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1221.321692][T21049] RSP: 002b:00007f2c9c4fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1221.330248][T21049] RAX: ffffffffffffffda RBX: 00007f2c9b815fa0 RCX: 00007f2c9b59c819
[ 1221.338266][T21049] RDX: 0000200000000640 RSI: 000000000000541b RDI: 0000000000000003
[ 1221.346274][T21049] RBP: 00007f2c9c4fc090 R08: 0000000000000000 R09: 0000000000000000
[ 1221.354472][T21049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1221.362559][T21049] R13: 00007f2c9b816038 R14: 00007f2c9b815fa0 R15: 00007ffe6d93bdc8
[ 1221.370709][T21049]  </TASK>
[ 1221.396428][T21049] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1222.360665][ T5782] Bluetooth: hci0: command tx timeout
[ 1237.045429][T12905] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1237.054889][T12905] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1237.072728][T12905] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1237.081350][T12905] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1237.090814][T12905] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1237.099415][T12905] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1238.059638][ T5782] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1238.068859][ T5782] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1238.079288][ T5782] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1238.091025][ T5782] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1238.099910][ T5782] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1238.109848][ T5782] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1239.107001][ T5782] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1239.118516][ T5782] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1239.127269][ T5782] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1239.136886][ T5782] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1239.151529][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.157956][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.164243][ T5782] Bluetooth: hci2: command tx timeout
[ 1239.172515][T19896] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1239.180786][T19896] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1240.194191][T19896] Bluetooth: hci5: command tx timeout
[ 1241.224246][T19896] Bluetooth: hci2: command tx timeout
[ 1241.234176][T19896] Bluetooth: hci6: command tx timeout
[ 1242.264318][T19896] Bluetooth: hci5: command tx timeout
[ 1243.304247][T19896] Bluetooth: hci6: command tx timeout
[ 1243.304275][T12905] Bluetooth: hci2: command tx timeout
[ 1244.354155][T12905] Bluetooth: hci5: command tx timeout
[ 1245.385970][T12905] Bluetooth: hci2: command tx timeout
[ 1245.386042][T19896] Bluetooth: hci6: command tx timeout
[ 1246.424260][T19896] Bluetooth: hci5: command tx timeout
[ 1247.464259][T19896] Bluetooth: hci6: command tx timeout
[ 1271.944224][T19896] Bluetooth: hci3: command 0x0406 tx timeout
[ 1273.144864][T19896] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1273.153367][T19896] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1273.162975][T19896] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1273.172198][T19896] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1273.181875][T19896] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 1273.189978][T19896] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1275.234254][T19896] Bluetooth: hci7: command tx timeout
[ 1277.314163][T19896] Bluetooth: hci7: command tx timeout
[ 1279.384132][T19896] Bluetooth: hci7: command tx timeout
[ 1281.464099][T19896] Bluetooth: hci7: command tx timeout
[ 1297.220349][T12905] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1297.234191][T12905] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1297.243389][T12905] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1297.252763][T12905] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1297.261264][T12905] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 1297.269091][T12905] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1298.250427][T19896] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1298.260801][T19896] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1298.270360][T19896] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1298.285020][T19896] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1298.293145][T19896] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[ 1298.301437][T19896] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1299.282274][T19896] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1299.295040][T19896] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1299.309458][ T5782] Bluetooth: hci8: command tx timeout
[ 1299.309457][T19896] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1299.330117][T19896] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1299.338769][T19896] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[ 1299.346554][T19896] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1300.344170][T19896] Bluetooth: hci9: command tx timeout
[ 1300.588512][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.595711][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1301.384168][T19896] Bluetooth: hci8: command tx timeout
[ 1301.389774][T19896] Bluetooth: hci10: command tx timeout
[ 1302.424327][T19896] Bluetooth: hci9: command tx timeout
[ 1303.464103][T19896] Bluetooth: hci10: command tx timeout
[ 1303.464139][T12905] Bluetooth: hci8: command tx timeout
[ 1304.504044][T12905] Bluetooth: hci9: command tx timeout
[ 1305.548578][T12905] Bluetooth: hci8: command tx timeout
[ 1305.553996][T19896] Bluetooth: hci10: command tx timeout
[ 1306.584049][T12905] Bluetooth: hci9: command tx timeout
[ 1307.624026][T12905] Bluetooth: hci10: command tx timeout
[ 1333.402542][T19896] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1333.412740][T19896] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1333.423372][T19896] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1333.432020][T19896] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1333.443170][T19896] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[ 1333.451802][T19896] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1335.544326][T12905] Bluetooth: hci11: command tx timeout
[ 1337.624177][T19896] Bluetooth: hci11: command tx timeout
[ 1338.504056][T19896] Bluetooth: hci0: command 0x0406 tx timeout
[ 1339.704139][T12905] Bluetooth: hci11: command tx timeout
[ 1341.784060][T12905] Bluetooth: hci11: command tx timeout
[ 1357.485187][T19896] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1357.500705][T19896] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1357.509418][T19896] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1357.518099][T19896] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1357.526475][T19896] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[ 1357.535220][T19896] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1358.538713][T12905] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1358.547821][T12905] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1358.557085][T12905] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1358.565545][T12905] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1358.573740][T12905] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[ 1358.582630][T12905] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 1359.555377][T12905] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[ 1359.570139][T12905] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[ 1359.578577][T12905] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[ 1359.587165][T12905] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[ 1359.600345][T12905] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[ 1359.609293][T12905] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[ 1359.624405][T12905] Bluetooth: hci12: command tx timeout
[ 1360.664208][ T5782] Bluetooth: hci13: command tx timeout
[ 1361.704074][T19896] Bluetooth: hci12: command tx timeout
[ 1361.710744][ T5782] Bluetooth: hci14: command tx timeout
[ 1362.028131][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.034720][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.744058][T21128] Bluetooth: hci13: command tx timeout
[ 1363.784078][T21128] Bluetooth: hci14: command tx timeout
[ 1363.785546][T21095] Bluetooth: hci12: command tx timeout
[ 1364.116899][T19896] Bluetooth: hci2: command 0x0406 tx timeout
[ 1364.117228][ T5782] Bluetooth: hci5: command 0x0406 tx timeout
[ 1364.123018][T19896] Bluetooth: hci6: command 0x0406 tx timeout
[ 1364.838169][T12905] Bluetooth: hci13: command tx timeout
[ 1365.864872][T19896] Bluetooth: hci12: command tx timeout
[ 1365.870521][T12905] Bluetooth: hci14: command tx timeout
[ 1366.903996][T12905] Bluetooth: hci13: command tx timeout
[ 1367.954180][T12905] Bluetooth: hci14: command tx timeout
[ 1376.743968][   T29] INFO: task kworker/0:1:9 blocked for more than 143 seconds.
[ 1376.751519][   T29]       Not tainted syzkaller #0
[ 1376.756738][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1376.765583][   T29] task:kworker/0:1     state:D stack:23560 pid:9     ppid:2      flags:0x00004000
[ 1376.774975][   T29] Workqueue: events_power_efficient reg_check_chans_work
[ 1376.782072][   T29] Call Trace:
[ 1376.785524][   T29]  <TASK>
[ 1376.788598][   T29]  __schedule+0x1553/0x45a0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1376.793287][   T29]  ? schedule+0x6b/0x170
[ 1376.813904][   T29]  ? mark_lock+0x94/0x320
[ 1376.818412][   T29]  ? asan.module_dtor+0x20/0x20
[ 1376.823349][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[ 1376.844319][   T29]  schedule+0xbd/0x170
[ 1376.848488][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1376.864832][   T29]  __mutex_lock+0x6a9/0xcc0
[ 1376.869573][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 1376.883914][   T29]  ? reg_check_chans_work+0x92/0xd90
[ 1376.889336][   T29]  ? mutex_lock_nested+0x20/0x20
[ 1376.903923][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[ 1376.910009][   T29]  ? process_scheduled_works+0x96f/0x15d0
[ 1376.923920][   T29]  reg_check_chans_work+0x92/0xd90
[ 1376.929145][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1376.945345][   T29]  ? reg_process_ht_flags+0xb80/0xb80
[ 1376.950895][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1376.958165][   T29]  ? process_scheduled_works+0x96f/0x15d0
[ 1376.972438][   T29]  ? process_scheduled_works+0x96f/0x15d0
[ 1376.978617][   T29]  process_scheduled_works+0xa5d/0x15d0
[ 1376.991127][   T29]  ? worker_attach_to_pool+0x380/0x380
[ 1376.997064][   T29]  ? assign_work+0x3d2/0x5d0
[ 1377.001869][   T29]  worker_thread+0xa55/0xfc0
[ 1377.007394][   T29]  kthread+0x2fa/0x390
[ 1377.011585][   T29]  ? pr_cont_work+0x560/0x560
[ 1377.023947][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1377.028768][   T29]  ret_from_fork+0x48/0x80
[ 1377.033320][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1377.043544][   T29]  ret_from_fork_asm+0x11/0x20
[ 1377.050584][   T29]  </TASK>
[ 1377.053811][   T29] INFO: task kworker/u4:9:3419 blocked for more than 143 seconds.
[ 1377.064945][   T29]       Not tainted syzkaller #0
[ 1377.078880][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1377.093121][   T29] task:kworker/u4:9    state:D stack:20840 pid:3419  ppid:2      flags:0x00004000
[ 1377.109081][   T29] Workqueue: events_unbound linkwatch_event
[ 1377.115337][   T29] Call Trace:
[ 1377.118750][   T29]  <TASK>
[ 1377.121730][   T29]  __schedule+0x1553/0x45a0
[ 1377.133597][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[ 1377.139815][   T29]  ? asan.module_dtor+0x20/0x20
[ 1377.153932][   T29]  ? __mutex_lock+0x6a4/0xcc0
[ 1377.158678][   T29]  ? __mutex_trylock_common+0x8a/0x260
[ 1377.169215][   T29]  ? kthread_data+0x4f/0xc0
[ 1377.173976][   T29]  ? wq_worker_sleeping+0x63/0x240
[ 1377.179247][   T29]  schedule+0xbd/0x170
[ 1377.183391][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1377.192880][   T29]  __mutex_lock+0x6a9/0xcc0
[ 1377.202290][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 1377.208487][   T29]  ? linkwatch_event+0xe/0x60
[ 1377.213362][   T29]  ? mutex_lock_nested+0x20/0x20
[ 1377.223571][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1377.230191][   T29]  ? process_scheduled_works+0x96f/0x15d0
[ 1377.242183][   T29]  linkwatch_event+0xe/0x60
[ 1377.248048][   T29]  process_scheduled_works+0xa5d/0x15d0
[ 1377.253776][   T29]  ? worker_attach_to_pool+0x380/0x380
[ 1377.263964][   T29]  ? assign_work+0x3d2/0x5d0
[ 1377.268829][   T29]  worker_thread+0xa55/0xfc0
[ 1377.273781][   T29]  kthread+0x2fa/0x390
[ 1377.283657][   T29]  ? pr_cont_work+0x560/0x560
[ 1377.288467][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1377.293285][   T29]  ret_from_fork+0x48/0x80
[ 1377.304043][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1377.308830][   T29]  ret_from_fork_asm+0x11/0x20
[ 1377.319520][   T29]  </TASK>
[ 1377.322691][   T29] INFO: task dhcpcd:5433 blocked for more than 143 seconds.
[ 1377.330163][   T29]       Not tainted syzkaller #0
[ 1377.374137][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1377.382929][   T29] task:dhcpcd          state:D stack:20968 pid:5433  ppid:5432   flags:0x00004002
[ 1377.418460][   T29] Call Trace:
[ 1377.421818][   T29]  <TASK>
[ 1377.427236][   T29]  __schedule+0x1553/0x45a0
[ 1377.431913][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[ 1377.442054][   T29]  ? asan.module_dtor+0x20/0x20
[ 1377.447184][   T29]  ? __mutex_lock+0x6a4/0xcc0
[ 1377.452004][   T29]  ? __mutex_trylock_common+0x8a/0x260
[ 1377.462460][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1377.469929][   T29]  schedule+0xbd/0x170
[ 1377.474400][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1377.480362][   T29]  __mutex_lock+0x6a9/0xcc0
[ 1377.484958][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 1377.489744][   T29]  ? devinet_ioctl+0x30c/0x1c40
[ 1377.495023][   T29]  ? mutex_lock_nested+0x20/0x20
[ 1377.500021][   T29]  ? bpf_lsm_capable+0x9/0x10
[ 1377.504871][   T29]  ? security_capable+0x89/0xb0
[ 1377.509970][   T29]  devinet_ioctl+0x30c/0x1c40
[ 1377.514921][   T29]  ? inet_ifa_byprefix+0x2a0/0x2a0
[ 1377.520231][   T29]  ? _copy_from_user+0xa5/0xe0
[ 1377.525191][   T29]  ? get_user_ifreq+0x12b/0x180
[ 1377.530153][   T29]  inet_ioctl+0x42b/0x560
[ 1377.534630][   T29]  ? tomoyo_path_number_perm+0x217/0x620
[ 1377.540319][   T29]  ? inet_shutdown+0x370/0x370
[ 1377.545471][   T29]  ? slab_free_freelist_hook+0x130/0x1a0
[ 1377.551150][   T29]  ? tomoyo_path_number_perm+0x500/0x620
[ 1377.557136][   T29]  ? __kmem_cache_free+0xba/0x1e0
[ 1377.562349][   T29]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1377.568109][   T29]  sock_do_ioctl+0xfc/0x310
[ 1377.572661][   T29]  ? sock_show_fdinfo+0xb0/0xb0
[ 1377.577996][   T29]  sock_ioctl+0x5ba/0x7e0
[ 1377.582480][   T29]  ? perf_trace_preemptirq_template+0xac/0x330
[ 1377.588838][   T29]  ? sock_poll+0x3e0/0x3e0
[ 1377.593314][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1377.599484][   T29]  ? fd_install+0x60/0x4e0
[ 1377.603990][   T29]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1377.609163][   T29]  ? security_file_ioctl+0x80/0xa0
[ 1377.614440][   T29]  ? sock_poll+0x3e0/0x3e0
[ 1377.618982][   T29]  __se_sys_ioctl+0xfd/0x170
[ 1377.623802][   T29]  do_syscall_64+0x55/0xa0
[ 1377.628458][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1377.633367][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1377.638436][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1377.644422][   T29] RIP: 0033:0x7f5aa7056378
[ 1377.648878][   T29] RSP: 002b:00007ffda6d2c4d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1377.657785][   T29] RAX: ffffffffffffffda RBX: 0000000000000012 RCX: 00007f5aa7056378
[ 1377.666040][   T29] RDX: 00007ffda6d3c6d0 RSI: 0000000000008914 RDI: 0000000000000012
[ 1377.674198][   T29] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1377.682309][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffda6d4c870
[ 1377.690677][   T29] R13: 00007f5aa6f566c8 R14: 0000000000000028 R15: 0000000000008914
[ 1377.698908][   T29]  </TASK>
[ 1377.702007][   T29] INFO: task syz-executor:20903 blocked for more than 144 seconds.
[ 1377.717861][   T29]       Not tainted syzkaller #0
[ 1377.723074][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1377.732041][   T29] task:syz-executor    state:D stack:21384 pid:20903 ppid:1      flags:0x00004004
[ 1377.741370][   T29] Call Trace:
[ 1377.744807][   T29]  <TASK>
[ 1377.747781][   T29]  __schedule+0x1553/0x45a0
[ 1377.752391][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[ 1377.758615][   T29]  ? asan.module_dtor+0x20/0x20
[ 1377.763606][   T29]  ? __mutex_lock+0x6a4/0xcc0
[ 1377.768534][   T29]  ? __mutex_trylock_common+0x8a/0x260
[ 1377.774164][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1377.780459][   T29]  schedule+0xbd/0x170
[ 1377.784829][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1377.790407][   T29]  __mutex_lock+0x6a9/0xcc0
[ 1377.795004][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 1377.799828][   T29]  ? rtnetlink_rcv_msg+0x811/0xfa0
[ 1377.805029][   T29]  ? mutex_lock_nested+0x20/0x20
[ 1377.810025][   T29]  ? rtnetlink_rcv_msg+0x221/0xfa0
[ 1377.815308][   T29]  rtnetlink_rcv_msg+0x811/0xfa0
[ 1377.820370][   T29]  ? rtnetlink_bind+0x80/0x80
[ 1377.825230][   T29]  ? mark_lock+0x94/0x320
[ 1377.829635][   T29]  ? __lock_acquire+0x1273/0x7d40
[ 1377.835048][   T29]  ? __kernel_text_address+0xd/0x30
[ 1377.840484][   T29]  ? mark_lock+0x94/0x320
[ 1377.844917][   T29]  ? mark_lock+0x94/0x320
[ 1377.849385][   T29]  ? __lock_acquire+0x1273/0x7d40
[ 1377.854594][   T29]  ? perf_trace_lock+0xfc/0x3b0
[ 1377.859659][   T29]  ? verify_lock_unused+0x140/0x140
[ 1377.864955][   T29]  ? verify_lock_unused+0x140/0x140
[ 1377.870338][   T29]  ? perf_trace_lock+0xfc/0x3b0
[ 1377.875405][   T29]  ? perf_trace_lock+0xfc/0x3b0
[ 1377.880494][   T29]  netlink_rcv_skb+0x241/0x4d0
[ 1377.885556][   T29]  ? rtnetlink_bind+0x80/0x80
[ 1377.890283][   T29]  ? netlink_ack+0x1180/0x1180
[ 1377.895242][   T29]  ? __lock_acquire+0x7d40/0x7d40
[ 1377.900423][   T29]  ? net_generic+0x1e/0x240
[ 1377.905100][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1377.910364][   T29]  netlink_unicast+0x751/0x8d0
[ 1377.915269][   T29]  netlink_sendmsg+0x8d0/0xbf0
[ 1377.920078][   T29]  ? netlink_getsockopt+0x590/0x590
[ 1377.925475][   T29]  ? aa_sock_msg_perm+0x94/0x150
[ 1377.930584][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1377.936071][   T29]  ? security_socket_sendmsg+0x80/0xa0
[ 1377.941595][   T29]  __sys_sendto+0x4a9/0x6b0
[ 1377.946220][   T29]  ? __ia32_sys_getpeername+0x90/0x90
[ 1377.951717][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1377.957932][   T29]  ? lock_chain_count+0x20/0x20
[ 1377.962853][   T29]  __x64_sys_sendto+0xde/0xf0
[ 1377.967633][   T29]  do_syscall_64+0x55/0xa0
[ 1377.972093][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1377.977155][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1377.981892][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1377.988238][   T29] RIP: 0033:0x7fb348d5d04e
[ 1377.992719][   T29] RSP: 002b:00007ffe105a2bb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1378.001363][   T29] RAX: ffffffffffffffda RBX: 0000555571998500 RCX: 00007fb348d5d04e
[ 1378.009634][   T29] RDX: 0000000000000058 RSI: 00007fb349b44670 RDI: 0000000000000003
[ 1378.017751][   T29] RBP: 0000000000000001 R08: 00007ffe105a2c34 R09: 000000000000000c
[ 1378.026571][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1378.035182][   T29] R13: 0000000000000000 R14: 00007fb349b44670 R15: 0000000000000000
[ 1378.043473][   T29]  </TASK>
[ 1378.047008][   T29] INFO: task syz.0.4920:21054 blocked for more than 144 seconds.
[ 1378.055276][   T29]       Not tainted syzkaller #0
[ 1378.060507][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1378.069430][   T29] task:syz.0.4920      state:D stack:26376 pid:21054 ppid:13666  flags:0x00004004
[ 1378.079032][   T29] Call Trace:
[ 1378.082344][   T29]  <TASK>
[ 1378.085513][   T29]  __schedule+0x1553/0x45a0
[ 1378.090325][   T29]  ? __stack_depot_save+0x1f/0x630
[ 1378.095785][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[ 1378.101734][   T29]  ? kmalloc_reserve+0x116/0x240
[ 1378.106912][   T29]  ? asan.module_dtor+0x20/0x20
[ 1378.111834][   T29]  ? __mutex_lock+0x6a4/0xcc0
[ 1378.117044][   T29]  ? __mutex_trylock_common+0x8a/0x260
[ 1378.122629][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1378.129216][   T29]  schedule+0xbd/0x170
[ 1378.133494][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1378.139163][   T29]  __mutex_lock+0x6a9/0xcc0
[ 1378.143723][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 1378.148509][   T29]  ? netlink_dump+0x78f/0xe50
[ 1378.153252][   T29]  ? mutex_lock_nested+0x20/0x20
[ 1378.158304][   T29]  ? __build_skb_around+0x255/0x3d0
[ 1378.163622][   T29]  ? __alloc_skb+0x1b2/0x2c0
[ 1378.168459][   T29]  netlink_dump+0x78f/0xe50
[ 1378.173009][   T29]  ? netlink_lookup+0x200/0x200
[ 1378.178339][   T29]  ? netlink_autobind+0x300/0x300
[ 1378.183512][   T29]  ? netlink_lookup+0x30/0x200
[ 1378.188702][   T29]  ? netlink_lookup+0x30/0x200
[ 1378.193608][   T29]  __netlink_dump_start+0x5f1/0x810
[ 1378.199003][   T29]  ? rtnetlink_rcv_msg+0x221/0xfa0
[ 1378.204324][   T29]  rtnetlink_rcv_msg+0xe1d/0xfa0
[ 1378.209318][   T29]  ? tc_get_tfilter+0xe50/0xe50
[ 1378.214447][   T29]  ? rtnetlink_bind+0x80/0x80
[ 1378.219173][   T29]  ? perf_trace_preemptirq_template+0xac/0x330
[ 1378.225559][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1378.231598][   T29]  ? lock_chain_count+0x20/0x20
[ 1378.236951][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1378.242397][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[ 1378.248109][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1378.253710][   T29]  ? _local_bh_enable+0xa0/0xa0
[ 1378.258794][   T29]  ? __dev_queue_xmit+0x265/0x3660
[ 1378.264455][   T29]  ? __dev_queue_xmit+0x265/0x3660
[ 1378.269923][   T29]  ? __dev_queue_xmit+0x1b2c/0x3660
[ 1378.275370][   T29]  ? __dev_queue_xmit+0x265/0x3660
[ 1378.280891][   T29]  ? tc_get_tfilter+0xe50/0xe50
[ 1378.285867][   T29]  ? perf_trace_lock+0xfc/0x3b0
[ 1378.291130][   T29]  netlink_rcv_skb+0x241/0x4d0
[ 1378.296060][   T29]  ? rtnetlink_bind+0x80/0x80
[ 1378.300899][   T29]  ? netlink_ack+0x1180/0x1180
[ 1378.305857][   T29]  ? __lock_acquire+0x7d40/0x7d40
[ 1378.310987][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1378.316632][   T29]  netlink_unicast+0x751/0x8d0
[ 1378.321473][   T29]  netlink_sendmsg+0x8d0/0xbf0
[ 1378.326392][   T29]  ? netlink_getsockopt+0x590/0x590
[ 1378.332000][   T29]  ? aa_sock_msg_perm+0x94/0x150
[ 1378.337323][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1378.342791][   T29]  ? security_socket_sendmsg+0x80/0xa0
[ 1378.348480][   T29]  ? netlink_getsockopt+0x590/0x590
[ 1378.353825][   T29]  ____sys_sendmsg+0x5ba/0x960
[ 1378.358871][   T29]  ? __asan_memset+0x22/0x40
[ 1378.363650][   T29]  ? __sys_sendmsg_sock+0x30/0x30
[ 1378.368758][   T29]  ? __import_iovec+0x3fa/0x850
[ 1378.373763][   T29]  ? import_iovec+0x73/0xa0
[ 1378.378472][   T29]  ___sys_sendmsg+0x2a6/0x360
[ 1378.383208][   T29]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1378.388303][   T29]  ? debug_mutex_init+0x38/0x70
[ 1378.393211][   T29]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1378.398590][   T29]  ? __x64_sys_sendmsg+0x80/0x80
[ 1378.403699][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[ 1378.409084][   T29]  do_syscall_64+0x55/0xa0
[ 1378.413687][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1378.418573][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1378.423331][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1378.429559][   T29] RIP: 0033:0x7f2c9b59c819
[ 1378.434624][   T29] RSP: 002b:00007f2c9c4fc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1378.443231][   T29] RAX: ffffffffffffffda RBX: 00007f2c9b815fa0 RCX: 00007f2c9b59c819
[ 1378.451388][   T29] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000006
[ 1378.460245][   T29] RBP: 00007f2c9b632c91 R08: 0000000000000000 R09: 0000000000000000
[ 1378.472546][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1378.480926][   T29] R13: 00007f2c9b816038 R14: 00007f2c9b815fa0 R15: 00007ffe6d93bdc8
[ 1378.489144][   T29]  </TASK>
[ 1378.492321][   T29] INFO: task syz.1.4925:21077 blocked for more than 145 seconds.
[ 1378.500650][   T29]       Not tainted syzkaller #0
[ 1378.505964][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1378.514927][   T29] task:syz.1.4925      state:D stack:26376 pid:21077 ppid:19895  flags:0x00004004
[ 1378.524310][   T29] Call Trace:
[ 1378.527693][   T29]  <TASK>
[ 1378.530756][   T29]  __schedule+0x1553/0x45a0
[ 1378.535458][   T29]  ? __stack_depot_save+0x1f/0x630
[ 1378.540621][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[ 1378.546783][   T29]  ? kmalloc_reserve+0x116/0x240
[ 1378.551765][   T29]  ? asan.module_dtor+0x20/0x20
[ 1378.556882][   T29]  ? __mutex_lock+0x6a4/0xcc0
[ 1378.561601][   T29]  ? __mutex_trylock_common+0x8a/0x260
[ 1378.567186][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1378.573389][   T29]  schedule+0xbd/0x170
[ 1378.577564][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1378.583073][   T29]  __mutex_lock+0x6a9/0xcc0
[ 1378.587714][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 1378.592454][   T29]  ? netlink_dump+0x78f/0xe50
[ 1378.597434][   T29]  ? mutex_lock_nested+0x20/0x20
[ 1378.602428][   T29]  ? __build_skb_around+0x255/0x3d0
[ 1378.608004][   T29]  ? __alloc_skb+0x1b2/0x2c0
[ 1378.612653][   T29]  netlink_dump+0x78f/0xe50
[ 1378.617322][   T29]  ? netlink_lookup+0x200/0x200
[ 1378.622405][   T29]  ? netlink_autobind+0x300/0x300
[ 1378.627768][   T29]  ? netlink_lookup+0x30/0x200
[ 1378.632581][   T29]  ? netlink_lookup+0x30/0x200
[ 1378.637485][   T29]  __netlink_dump_start+0x5f1/0x810
[ 1378.642744][   T29]  ? rtnetlink_rcv_msg+0x221/0xfa0
[ 1378.648486][   T29]  rtnetlink_rcv_msg+0xe1d/0xfa0
[ 1378.653564][   T29]  ? rtnetlink_rcv_msg+0x221/0xfa0
[ 1378.658799][   T29]  ? rtnl_fdb_dump+0x1090/0x1090
[ 1378.664352][   T29]  ? rtnetlink_bind+0x80/0x80
[ 1378.669326][   T29]  ? __dev_queue_xmit+0x265/0x3660
[ 1378.674583][   T29]  ? rtnl_fdb_dump+0x1090/0x1090
[ 1378.679572][   T29]  ? perf_trace_lock+0xfc/0x3b0
[ 1378.684810][   T29]  netlink_rcv_skb+0x241/0x4d0
[ 1378.689721][   T29]  ? rtnetlink_bind+0x80/0x80
[ 1378.694679][   T29]  ? netlink_ack+0x1180/0x1180
[ 1378.699507][   T29]  ? __lock_acquire+0x7d40/0x7d40
[ 1378.705080][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1378.710531][   T29]  netlink_unicast+0x751/0x8d0
[ 1378.715460][   T29]  netlink_sendmsg+0x8d0/0xbf0
[ 1378.720440][   T29]  ? netlink_getsockopt+0x590/0x590
[ 1378.725729][   T29]  ? aa_sock_msg_perm+0x94/0x150
[ 1378.730719][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1378.736208][   T29]  ? security_socket_sendmsg+0x80/0xa0
[ 1378.741801][   T29]  ? netlink_getsockopt+0x590/0x590
[ 1378.751857][   T29]  ____sys_sendmsg+0x5ba/0x960
[ 1378.756784][   T29]  ? __asan_memset+0x22/0x40
[ 1378.761457][   T29]  ? __sys_sendmsg_sock+0x30/0x30
[ 1378.766608][   T29]  ? __import_iovec+0x3fa/0x850
[ 1378.771505][   T29]  ? import_iovec+0x73/0xa0
[ 1378.776179][   T29]  ___sys_sendmsg+0x2a6/0x360
[ 1378.781080][   T29]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1378.786115][   T29]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1378.791032][   T29]  ? __x64_sys_sendmsg+0x80/0x80
[ 1378.796110][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[ 1378.801351][   T29]  do_syscall_64+0x55/0xa0
[ 1378.805823][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1378.810657][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1378.815453][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1378.821580][   T29] RIP: 0033:0x7f426279c819
[ 1378.826445][   T29] RSP: 002b:00007f42636ec028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1378.835436][   T29] RAX: ffffffffffffffda RBX: 00007f4262a16090 RCX: 00007f426279c819
[ 1378.843548][   T29] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[ 1378.852109][   T29] RBP: 00007f4262832c91 R08: 0000000000000000 R09: 0000000000000000
[ 1378.860414][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1378.868491][   T29] R13: 00007f4262a16128 R14: 00007f4262a16090 R15: 00007ffe3769e948
[ 1378.876611][   T29]  </TASK>
[ 1378.879749][   T29] INFO: task syz.3.4927:21082 blocked for more than 145 seconds.
[ 1378.887643][   T29]       Not tainted syzkaller #0
[ 1378.892601][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1378.901460][   T29] task:syz.3.4927      state:D stack:27016 pid:21082 ppid:13935  flags:0x00004004
[ 1378.910887][   T29] Call Trace:
[ 1378.914378][   T29]  <TASK>
[ 1378.917357][   T29]  __schedule+0x1553/0x45a0
[ 1378.921929][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[ 1378.928099][   T29]  ? asan.module_dtor+0x20/0x20
[ 1378.933025][   T29]  ? __mutex_lock+0x6a4/0xcc0
[ 1378.937841][   T29]  ? __mutex_trylock_common+0x8a/0x260
[ 1378.943350][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1378.949604][   T29]  schedule+0xbd/0x170
[ 1378.954102][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1378.959620][   T29]  __mutex_lock+0x6a9/0xcc0
[ 1378.964297][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 1378.969014][   T29]  ? tun_chr_close+0x41/0x1c0
[ 1378.973719][   T29]  ? mutex_lock_nested+0x20/0x20
[ 1378.978802][   T29]  ? tun_chr_open+0x510/0x510
[ 1378.983710][   T29]  tun_chr_close+0x41/0x1c0
[ 1378.988430][   T29]  __fput+0x234/0x970
[ 1378.992595][   T29]  task_work_run+0x1d4/0x260
[ 1378.997417][   T29]  ? task_work_cancel+0x220/0x220
[ 1379.002592][   T29]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1379.008423][   T29]  exit_to_user_mode_loop+0xe6/0x110
[ 1379.013769][   T29]  exit_to_user_mode_prepare+0xee/0x180
[ 1379.019473][   T29]  syscall_exit_to_user_mode+0x1a/0x50
[ 1379.025027][   T29]  do_syscall_64+0x61/0xa0
[ 1379.029486][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1379.034415][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1379.039143][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1379.045767][   T29] RIP: 0033:0x7fd43799c819
[ 1379.050215][   T29] RSP: 002b:00007ffccb8059c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1379.058893][   T29] RAX: 0000000000000000 RBX: 00007ffccb805ab0 RCX: 00007fd43799c819
[ 1379.066978][   T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1379.075158][   T29] RBP: 000000000012ac29 R08: 0000000000000001 R09: 0000000000000000
[ 1379.083159][   T29] R10: 0000001b32820000 R11: 0000000000000246 R12: 00007ffccb805af0
[ 1379.091210][   T29] R13: 00007fd437c15fac R14: 000000000012acf0 R15: 00007fd437c15fa0
[ 1379.099349][   T29]  </TASK>
[ 1379.102402][   T29] 
[ 1379.102402][   T29] Showing all locks held in the system:
[ 1379.110590][   T29] 3 locks held by kworker/0:1/9:
[ 1379.115623][   T29]  #0: ffff888017c71d38 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1379.128131][   T29]  #1: ffffc900000e7d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1379.140525][   T29]  #2: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x92/0xd90
[ 1379.152816][   T29] 1 lock held by khungtaskd/29:
[ 1379.159933][   T29]  #0: ffffffff8d1320e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[ 1379.172871][   T29] 4 locks held by kworker/u4:3/49:
[ 1379.179907][   T29]  #0: ffff88801a254938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1379.193776][   T29]  #1: ffffc90000ba7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1379.209687][   T29]  #2: ffffffff8e3b57d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x14c/0xbb0
[ 1379.219867][   T29]  #3: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xf2/0xa80
[ 1379.230680][   T29] 3 locks held by kworker/u4:7/1143:
[ 1379.236199][   T29]  #0: ffff88802c6f5138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1379.248168][   T29]  #1: ffffc90004c1fd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1379.262390][   T29]  #2: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[ 1379.272035][   T29] 3 locks held by kworker/u4:9/3419:
[ 1379.277430][   T29]  #0: ffff888017c71538 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1379.289750][   T29]  #1: ffffc9000d037d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[ 1379.301366][   T29]  #2: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[ 1379.310844][   T29] 1 lock held by dhcpcd/5433:
[ 1379.320097][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x30c/0x1c40
[ 1379.330311][   T29] 2 locks held by getty/5527:
[ 1379.339268][   T29]  #0: ffff88802d5c10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1379.349668][   T29]  #1: ffffc9000328b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[ 1379.366699][   T29] 1 lock held by syz-executor/20903:
[ 1379.372045][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.382681][   T29] 2 locks held by syz.0.4920/21054:
[ 1379.391566][   T29]  #0: ffff888047d3a690 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0xf4/0x810
[ 1379.403660][   T29]  #1: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: netlink_dump+0x78f/0xe50
[ 1379.413951][   T29] 2 locks held by syz.1.4925/21077:
[ 1379.419315][   T29]  #0: ffff888078d46690 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0xf4/0x810
[ 1379.429775][   T29]  #1: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: netlink_dump+0x78f/0xe50
[ 1379.440271][   T29] 1 lock held by syz.3.4927/21082:
[ 1379.446255][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x41/0x1c0
[ 1379.455808][   T29] 1 lock held by syz-executor/21085:
[ 1379.461216][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.471621][   T29] 1 lock held by syz-executor/21090:
[ 1379.477812][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.487400][   T29] 1 lock held by syz-executor/21093:
[ 1379.492966][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.502565][   T29] 1 lock held by syz-executor/21098:
[ 1379.508010][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.517592][   T29] 1 lock held by syz-executor/21102:
[ 1379.522912][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.532420][   T29] 1 lock held by syz-executor/21106:
[ 1379.537801][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.547528][   T29] 1 lock held by syz-executor/21109:
[ 1379.552933][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.562646][   T29] 1 lock held by syz-executor/21112:
[ 1379.568441][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.580481][   T29] 1 lock held by syz-executor/21118:
[ 1379.588546][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.599916][   T29] 1 lock held by syz-executor/21123:
[ 1379.608002][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.619456][   T29] 1 lock held by syz-executor/21126:
[ 1379.628418][   T29]  #0: ffffffff8e3c2808 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[ 1379.639165][   T29] 
[ 1379.641525][   T29] =============================================
[ 1379.641525][   T29] 
[ 1379.650507][   T29] NMI backtrace for cpu 1
[ 1379.654875][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1379.662103][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1379.672272][   T29] Call Trace:
[ 1379.675824][   T29]  <TASK>
[ 1379.678857][   T29]  dump_stack_lvl+0x18c/0x250
[ 1379.683736][   T29]  ? nmi_cpu_backtrace+0x1b6/0x3e0
[ 1379.688885][   T29]  ? show_regs_print_info+0x20/0x20
[ 1379.694108][   T29]  ? load_image+0x420/0x420
[ 1379.698733][   T29]  nmi_cpu_backtrace+0x3a6/0x3e0
[ 1379.703775][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[ 1379.710342][   T29]  ? _printk+0xde/0x130
[ 1379.714711][   T29]  ? load_image+0x420/0x420
[ 1379.719370][   T29]  ? load_image+0x420/0x420
[ 1379.724046][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[ 1379.730155][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[ 1379.736173][   T29]  watchdog+0xf3d/0xf80
[ 1379.740545][   T29]  ? watchdog+0x1e1/0xf80
[ 1379.744898][   T29]  kthread+0x2fa/0x390
[ 1379.749094][   T29]  ? hungtask_pm_notify+0x90/0x90
[ 1379.754167][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1379.758786][   T29]  ret_from_fork+0x48/0x80
[ 1379.763321][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1379.767927][   T29]  ret_from_fork_asm+0x11/0x20
[ 1379.773070][   T29]  </TASK>
[ 1379.776449][   T29] Sending NMI from CPU 1 to CPUs 0:
[ 1379.781722][    C0] NMI backtrace for cpu 0
[ 1379.781735][    C0] CPU: 0 PID: 49 Comm: kworker/u4:3 Not tainted syzkaller #0
[ 1379.781751][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1379.781760][    C0] Workqueue: netns cleanup_net
[ 1379.781787][    C0] RIP: 0010:native_apic_msr_write+0x39/0x50
[ 1379.781807][    C0] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 89 f6 31 d2 e9 4b f8 23 03 66 2e 0f 1f 84 00 00 00 00 00
[ 1379.781820][    C0] RSP: 0018:ffffc90000ba7220 EFLAGS: 00000046
[ 1379.781833][    C0] RAX: 0000000000002f21 RBX: ffff8880b8e28280 RCX: 0000000000000838
[ 1379.781844][    C0] RDX: 0000000000000000 RSI: 0000000000002f21 RDI: 0000000000000838
[ 1379.781854][    C0] RBP: 0000000000000001 R08: ffffffff8e8b15ef R09: 1ffffffff1d162bd
[ 1379.781864][    C0] R10: dffffc0000000000 R11: fffffbfff1d162be R12: dffffc0000000000
[ 1379.781875][    C0] R13: 000000000ffffaf7 R14: 0000000000002f21 R15: 0000000000000020
[ 1379.781886][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1379.781899][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1379.781915][    C0] CR2: 0000563e1e2e6d08 CR3: 000000000cf32000 CR4: 00000000003506f0
[ 1379.781930][    C0] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
[ 1379.781940][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 1379.781949][    C0] Call Trace:
[ 1379.781956][    C0]  <TASK>
[ 1379.781961][    C0]  lapic_next_event+0x11/0x20
[ 1379.781978][    C0]  clockevents_program_event+0x1c0/0x310
[ 1379.782000][    C0]  hrtimer_start_range_ns+0xbfb/0xff0
[ 1379.782024][    C0]  schedule_hrtimeout_range_clock+0x1b6/0x3d0
[ 1379.782045][    C0]  ? hrtimer_nanosleep_restart+0x1d0/0x1d0
[ 1379.782061][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 1379.782079][    C0]  ? __remove_hrtimer+0x470/0x470
[ 1379.782098][    C0]  ? read_tsc+0x9/0x20
[ 1379.782114][    C0]  ? ktime_get+0x24b/0x280
[ 1379.782130][    C0]  ? usleep_range_state+0xc5/0x1b0
[ 1379.782146][    C0]  usleep_range_state+0x127/0x1b0
[ 1379.782163][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1379.782181][    C0]  ? schedule_timeout_idle+0x90/0x90
[ 1379.782203][    C0]  napi_disable+0x104/0x1f0
[ 1379.782223][    C0]  ? napi_watchdog+0x130/0x130
[ 1379.782240][    C0]  ? queue_delayed_work_on+0x1a1/0x200
[ 1379.782257][    C0]  ? delayed_work_timer_fn+0x80/0x80
[ 1379.782274][    C0]  veth_napi_del_range+0xb7/0x210
[ 1379.782304][    C0]  ? veth_open+0x230/0x230
[ 1379.782323][    C0]  veth_close+0x17a/0x1a0
[ 1379.782342][    C0]  __dev_close_many+0x1d5/0x2b0
[ 1379.782360][    C0]  ? dev_close_many+0x410/0x410
[ 1379.782376][    C0]  ? mark_lock+0x94/0x320
[ 1379.782395][    C0]  dev_close_many+0x223/0x410
[ 1379.782410][    C0]  ? lock_chain_count+0x20/0x20
[ 1379.782427][    C0]  ? __dev_open+0x430/0x430
[ 1379.782441][    C0]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1379.782456][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 1379.782476][    C0]  unregister_netdevice_many_notify+0x4c4/0x1900
[ 1379.782492][    C0]  ? do_raw_spin_unlock+0x121/0x230
[ 1379.782517][    C0]  ? unregister_netdevice_many+0x20/0x20
[ 1379.782534][    C0]  ? unregister_netdevice_queue+0x1ae/0x370
[ 1379.782551][    C0]  ? list_netdevice+0x730/0x730
[ 1379.782566][    C0]  ? batadv_softif_destroy_netlink+0x1da/0x270
[ 1379.782588][    C0]  default_device_exit_batch+0x9ee/0xa80
[ 1379.782610][    C0]  ? __might_sleep+0xe0/0xe0
[ 1379.782628][    C0]  ? netdev_exit+0xc0/0xc0
[ 1379.782643][    C0]  ? rdma_dev_init_net+0x280/0x280
[ 1379.782662][    C0]  ? netdev_exit+0xc0/0xc0
[ 1379.782678][    C0]  cleanup_net+0x795/0xbb0
[ 1379.782700][    C0]  ? ops_free_list+0x3b0/0x3b0
[ 1379.782722][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1379.782739][    C0]  ? process_scheduled_works+0x96f/0x15d0
[ 1379.782758][    C0]  ? process_scheduled_works+0x96f/0x15d0
[ 1379.782775][    C0]  process_scheduled_works+0xa5d/0x15d0
[ 1379.782807][    C0]  ? worker_attach_to_pool+0x380/0x380
[ 1379.782828][    C0]  ? assign_work+0x3d2/0x5d0
[ 1379.782848][    C0]  worker_thread+0xa55/0xfc0
[ 1379.782866][    C0]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1379.782883][    C0]  ? _raw_spin_unlock+0x40/0x40
[ 1379.782898][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[ 1379.782925][    C0]  kthread+0x2fa/0x390
[ 1379.782939][    C0]  ? pr_cont_work+0x560/0x560
[ 1379.782956][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 1379.782970][    C0]  ret_from_fork+0x48/0x80
[ 1379.782986][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 1379.783000][    C0]  ret_from_fork_asm+0x11/0x20
[ 1379.783026][    C0]  </TASK>
[ 1379.869527][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[ 1379.869544][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1379.869564][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1379.869575][   T29] Call Trace:
[ 1379.869585][   T29]  <TASK>
[ 1379.869594][   T29]  dump_stack_lvl+0x18c/0x250
[ 1379.869630][   T29]  ? show_regs_print_info+0x20/0x20
[ 1379.869657][   T29]  ? load_image+0x420/0x420
[ 1379.869690][   T29]  panic+0x2dc/0x730
[ 1379.869715][   T29]  ? schedule_preempt_disabled+0x20/0x20
[ 1379.869745][   T29]  ? bpf_jit_dump+0xd0/0xd0
[ 1379.869771][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[ 1379.869797][   T29]  watchdog+0xf7c/0xf80
[ 1379.869821][   T29]  ? watchdog+0x1e1/0xf80
[ 1379.869849][   T29]  kthread+0x2fa/0x390
[ 1379.869866][   T29]  ? hungtask_pm_notify+0x90/0x90
[ 1379.869888][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1379.869906][   T29]  ret_from_fork+0x48/0x80
[ 1379.869926][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1379.869943][   T29]  ret_from_fork_asm+0x11/0x20
[ 1379.869978][   T29]  </TASK>
[ 1379.874726][   T29] Kernel Offset: disabled
[ 1380.332489][   T29] Rebooting in 86400 seconds..