last executing test programs:

2.405284751s ago: executing program 1 (id=2323):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000500)=ANY=[@ANYBLOB], &(0x7f0000000400)=""/188, 0x3a, 0xbc}, 0x28)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x4, @perf_bp={&(0x7f0000000140), 0x2}, 0x500, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x5, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x87)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='cpuset.effective_cpus\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffdf, 0xffffffffffffffff, 0x2) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffdf, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, 0x0) (async)
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x3f, 0x4, 0x0, 0x3, 0xfffe, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x703, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000010000b0fd25a806c8c6f94f90a24fc60", 0x33fe0}], 0x1, 0x0, 0x0, 0x20000000}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffffa)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x5}, 0x11314, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x1, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x3385, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x3385, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES64=0x0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, 0x8054)
close(0xffffffffffffffff) (async)
close(0xffffffffffffffff)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r4, &(0x7f0000000200)="39b83c1c43d31ae7f6d21defcba7e8442c6735061223f2b9808a05e7711b1860208215a12bb06edb753ca167a1cf6f097386ddc17bb81c"}, 0x20) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r4, &(0x7f0000000200)="39b83c1c43d31ae7f6d21defcba7e8442c6735061223f2b9808a05e7711b1860208215a12bb06edb753ca167a1cf6f097386ddc17bb81c"}, 0x20)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r0, 0x58, &(0x7f0000000280)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r0, 0x58, &(0x7f0000000280)}, 0x10)

2.14761751s ago: executing program 0 (id=2327):
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001100)={r1, 0xe0, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000100), &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x42, &(0x7f0000000200), 0x0, 0x0, 0x0, &(0x7f0000000ec0), 0x8, 0x12, 0x8, 0x8, &(0x7f0000000fc0)}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001100)={r1, 0xe0, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000100), &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0, 0x42, &(0x7f0000000200), 0x0, 0x0, 0x0, &(0x7f0000000ec0), 0x8, 0x12, 0x8, 0x8, &(0x7f0000000fc0)}}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001200)={&(0x7f0000001140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x5}, {0x0, [0x5f, 0x30, 0x2e]}}, 0x0, 0x1d, 0x0, 0x1, 0x0, 0x10000}, 0x28) (async)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001200)={&(0x7f0000001140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x5}, {0x0, [0x5f, 0x30, 0x2e]}}, 0x0, 0x1d, 0x0, 0x1, 0x0, 0x10000}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x18, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, [@exit]}, &(0x7f0000000080)='GPL\x00', 0x179, 0x0, 0x0, 0x41000, 0x48, '\x00', r2, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001280)=[{0x1, 0x2, 0x1, 0x9}], 0x10, 0x8}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=r3, 0x4)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x1, 0xe, &(0x7f0000001980)=ANY=[@ANYBLOB="b7000000ff00001fbfa300000000000007030000f0ffffff620af0fff8ffffff79a4f0ff000000002d040200000000001d400200000000004704000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000f1000000b5040000000000009500000000000000023bc065b58111c6dfa041b63af41171250e877d4a9910e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebaa2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd5070ce5c24099d3f18079ebbea6f1707207acb4b9c65fee9d5a1700000000f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b28753531d3f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d156ae8383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15f279b513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aa0000000000000000832371fe5bc621426d1ed0a4a99702cc1b692c3f0b15629eaf4c12a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbad937f778af083e055f6138a757ebd0ed93517a6b244f99bac1ac5d73a008364e0606a594807031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac42738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c250000000000000000054000000000000000a2e30ca9be8ebc15ecb4d916758000000046aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4abac595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998802008f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db24a4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91ed92cac7c2ccd17d338bbda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922928e000000ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d64323000000000000ffff796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d3a984ddffce4b588eabb8a9982ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c7636f9d1b88caadef8930fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139566fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb8bc70000a4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe6290421338ef8f6d27117cd1471bf3c0b64416fbbe955da0281e7ef7f7d5176150e86cda98d07f7de2088cb2ffd1d4c71097635c2bb3d9a0b01e757256ee427f0a244d48682bf89e2279b383b616b40f116172bc1b995eb2c1220597af8df52646f1f0cb65cfa7e038e8bb5d4d52b86a61d82dc14a4f5cc7e6061c65ccdbc2afc3f363ecf34ad0b227687c3ea8d63683ddd5914116edd9e075da9e3638647188bc8f95107c9250995eb6cadcd0f65b8504ff10304f2ceba275f9d485ed5554d64005db877f0fbb3beba596684066f132d521671f813c67d3cc96077835823592d6d392f5ff62f6f876eb10d8cbf0a73f8421b74c8916e4077b8866c95ad88fc7130244183ed216210f10f69b3e0ee13d06e4eb240cce5ec1c3b1defe4c0f8b83a34ef4f5f8f9ceefb678ad29d3683e3c44a01549e55ffca41c0b06e013f054257646c58b667ec0701004c239589b3e64ef5e1d5ed22b5ed5a90fe3453327c3652d5c9762428f0bd0178d1b80a60f64343ab77d8baa0a388711c8d2d6d3e9049814b15b6ea21387040989d69c3aa27256c55780f33d20823d8e2eb6e56850162969bf"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r4, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0) (async)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r6, 0x0, 0xf, 0x0, 0x0) (async)
setsockopt$sock_attach_bpf(r6, 0x0, 0xf, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x2, 0x3a) (async)
socket$kcm(0xa, 0x2, 0x3a)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xd, 0x590f}, 0x2920, 0x0, 0x6, 0x8, 0x80000000, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r7}, &(0x7f0000000200), 0x0}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r7}, &(0x7f0000000200), 0x0}, 0x20)
socket$kcm(0x10, 0x400000002, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b9040200000000806c0100001500100014000000001209000d2000000401a80018000a600e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d939acd92637429397f632838", 0xd8}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={0x0, 0x8}, 0x7602, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0xa, 0x2, 0x0) (async)
r10 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r10, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0)

2.14717572s ago: executing program 1 (id=2328):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='syzkaller\x00', 0xf000000, 0x0, 0x0, 0x0, 0x40, '\x00', r1}, 0x94)

2.123780872s ago: executing program 2 (id=2329):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
close(r0)
socket$kcm(0x2, 0x3, 0x2)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x1ff, 0x200}, 0x8000, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
socket$kcm(0xa, 0x5, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r4, 0x0, 0x12, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee68886dd", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x50)

1.786408905s ago: executing program 1 (id=2330):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x2c}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8003}}]}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x33fe0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r4, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f00000000c0)=[{0x25, 0x1, 0x3, 0xfffffffe}, {}, {0x28}, {0x6, 0x6}]})
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x40000100)
r5 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003d000b08d25a80648c7494f90224fc60580002400c000400030082c137153e3719ac018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000040)={0x0, 0xfeff, &(0x7f0000000180)=[{&(0x7f0000000b40)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08021a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4803f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r9}, 0x94)

1.727782649s ago: executing program 3 (id=2331):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000008000000000050005"], 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="000000000000003c95000000000000", @ANYRES32=0x0, @ANYRES32], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040), 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x3c97a0, 0x0)
ioctl$TUNGETVNETBE(r1, 0x800454df, &(0x7f0000000280)=0x1)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4800)
close(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup(r2, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r3, &(0x7f0000000240), 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x3, 0x10, &(0x7f0000000e40)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r5, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="61df712bc884fed5722780b605a7", 0x0, 0x2f00, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.591367788s ago: executing program 3 (id=2332):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

1.590955328s ago: executing program 2 (id=2333):
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f00000002c0)=@in6={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x35}, 0x7}, 0x80, 0x0}, 0x8e8c5)
sendmsg$sock(r0, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x4000103)

1.508621334s ago: executing program 3 (id=2334):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x80000000c8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102030400fef2000e40000b00875a65969ff57b00ff020000000100000000000000000001"], 0xfdef)

1.484504286s ago: executing program 0 (id=2335):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b9040a00000700000000000000000600142603600e12090018", 0x27}], 0x1}, 0x0) (async)
r0 = socket$kcm(0x10, 0x2, 0x0) (async, rerun: 64)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@base={0x5, 0x4, 0x4, 0xc}, 0x50) (rerun: 64)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r2}, 0xc)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x33fe0)

1.376200684s ago: executing program 2 (id=2336):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021f08020a000500040000a118000200000000e4ffff0d1208000f0100810401a80016ea1f0006400303000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)

1.323575877s ago: executing program 3 (id=2337):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xe, 0x0, 0x0, &(0x7f0000000480)='GPL\x00', 0x100}, 0x94)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x16, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="dbaa00fea00000007110970000"], &(0x7f0000000480)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x790f}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000010000000400"/26], 0x50)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000340)='cgroup\x00'}, 0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000340))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/15], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80102, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x18944, 0x401, 0x25, 0x0, 0x1, 0x200, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x2, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407ffd, 0xaea}, 0x14105, 0x31, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x111640, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000400)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x3, 0x0, 0x0, {0xa, 0x1000, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x80, 0x0}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x3, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x1, @perf_bp={0x0, 0x3}, 0x8000, 0x4000005, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='/proc/1/\x00\x82q\xee\xe5\xa0\xbd\xc2\x98#YP\xee\x9c2G\xf0\x81x\x97'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f00000011c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r5 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r5, 0x84, 0x9, &(0x7f0000000380), 0x98)
ioctl$SIOCSIFHWADDR(r2, 0x8b0f, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r6, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="bf8bdef940f6945ac7c87ffb8d1df1bface38870a6a10991ce631000000000479893acca9ee82a9863bcefd90c11487d82d9ee8afd3bcc884f6a49e59ab0bf5b50f80ad74a3a06287ed1b27953ad97096f0a5045b5d1f99b3b263af9a1a81fc53783d29b7cb626e1c24cba10aa998225e858ce8314e6f6320eefa709cd507b5322104ffc2dac0547d1d4298fae4c5a32827e1cfc20d508afac4ed55054d6f45f84415b64"], 0x10}, 0x0)

1.263418751s ago: executing program 2 (id=2338):
socket$kcm(0x11, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext={0x8001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000000, 0xfe7f, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

842.153451ms ago: executing program 0 (id=2339):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000002340)=[{&(0x7f0000002500)="5c000000130025cc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc00800250007000200060023af0064bc24eab556a705251e618294ff0051f60a84c9f4b5938037e786a6d0001000000e450958bbcd72c60677", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xc000000, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x50}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYRES64=r1], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000e00)=ANY=[@ANYBLOB="9feb01001800000000000000ae000000ae00000007000000040000000000000b01000000050000000000000901000000090000000000001203000000030000000200000f0200000003000000000224620400000002000000060000000900000032c3050000000000000e040000000100e2416bf2aca26d0000000000000900000d00000000050000000200000004000000010000000a000000010000000000000005000000030000000100000007000000000000000c"], &(0x7f0000000640)=""/160, 0xcf, 0xa0, 0x1, 0x2}, 0x28)
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x891c, &(0x7f0000000040)={'ip6_vti0\x00', @random="02000400"})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x40, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00"/13], 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r4, r3}, 0xc)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd3c0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66}, 0x94)
sendmsg$kcm(r6, &(0x7f0000000dc0)={&(0x7f00000002c0)=@can, 0x80, &(0x7f0000000bc0)=[{&(0x7f00000014c0)="24bd96a0e7b961de9aff886679cde0187747e1a545850be1967bd6bd83637afece52c3f091c5b68761fd4a7ea8de9276c8201024415f3354c2ee6af179352c0775efeb59e4a86bd9aa2bc51f3a190f4e677c78bf424b5d876c862e15625b7b603ec6c2a8bcd6d842c902253b0c6d4fad4c1cc7e46a1eba7291a8212a5a8b8382d14133394d2b692cb82c74162512952255ea540881a69ab43d1ee2ffb91e83eb7aefcf16c811d75af0059f1852d2ea080d50553e956fe40159ee2fdf96fdb80122ec426207c81b22b93452af28a678f9706eeae4a839b025381043d169be6d3cda9fd61a938dfbe015835aafac90553cbcf1b6849ad0ae76cfb766d90eadbac1098379cddc0a9ed0a81b500d932f9da3ad872088a2d8db6daab4c94e1b9618ea91c651c54a61a0508734b434db69f09b3be62d8e28b3a8bb05024241505446f05efad3593c7df1a38a52b9436225e578f14719d466ac8241d814ce38d6bbf86b1257e355eef6ed804f46524e36a39be27d4186f149d7ac44ff4769413020c096b1dbdec49fbbd1035a5185111fab98cad621b5945b008e5ccf1f4acf63add992c2780cadd6bdbdc307838aff215455d8f751783a49f091b5424ff4ccf0c2dc37e835d74ffc72dc99de240af1144a52505547d88063cec125873805431cea558adfa594defbaf3ec6ae3f32f8eb95c2fe5d54a09f6f000ecc7e28351fa06c14f072d2393e87e44e23c897b7239d2c4fe05c741780041694e283e618ec4dec190a1a81261bb52314d1cab561183decc859f068f57f07b7d55ac59f2e7d13fe3b22c43d893ba8fee9ad11008772f995ace8b60d04dc0fefac150dcbd2ca731013093587e7018ec78b1d41607a4705b6d36fb2f4fd28dbfad783fb2503d5b1b1a16934413218b7005f0d4149c5111fc39689b6c2ff2023d20f94f2c543ff464bb30eb9c27b993cc6da3988953e84e873fc400e3b374ef833452a4a3699ed5a9db5949fbafa351022325ab8678b003a3f702953b01a426db7e56d41ff4f647d98cd2391898125abccfb7951fc4e2a55b10dab7433ae168595637be5903feb176e803cee2d6a69b0465affd11e4188f18a752141c711cead6ce5a712f8764d20552d71cd9fd61f4820394e16d5954093c6e589780566cf5566484ce20e87cad7ab29a2f8c783880d0397eadd1f4eda0d693bf7147bc2240b5774b86477d9961fb457b66c30dbe0e6adbf54315dd965f910b4c19056108ad9693435d10aaf96de1da1643603b9478a7b4b5fb8b059df3fa24ddc5062d05acb5fbb640f838b156665b3f4838a1b3c9d15759ae6ab08a5242bc3a455d396e146be08b24d57cd143fe1de0e98f2902644e5b494719c84cf90f57f32d525ac430dbd6732a122a8bc21fad621043274b9fe3fbb3fbfc7116e101562a345471ddc253a29cb999bcbb2d82e44cf2380e084d443596bff7090603f6c46788e6667b45942fc9c4fc6ea314acec15e5719160d418905c4cc1ce98b9773a682b9a51f3aee0945c0861c18b22ae850c52e0de3617e932df68c1406726099a987f69966f2881cd01612133fef47225aadca4db94908597a3d501c9a76c26e94b42a83b0e0f77b8f423b49492751131acf43b771c5aded3affeb3223ed83a67692cd2b83c1ff5fd610fee62e6dde7ac4111ad99d7858b50dcd6497f585ab124e6a0287662b2b492a8366b8757bb63834f92b3cd424a9d1dc4913c89fd2cb12509103951b6c211c69b0b975713681325fb474073e63436ccaa87b6734c77fb7848de40352988c0dd3ad0503c657bac3231b66c1e15aa3ff74b260d71fb325d46f520a5bcfd9b8196da3a1985eeafef501e632889c78d78c9cb504dac72571baf7150f715b84c426f746c41b8167236597370c3acbcb06e98396bcd5466e643793c5f8dc2469f6e20e1287cb001de0e0d697b461031739e31ba235539b3079bc439b75db1c67b5ee018d36c769bbccf0e0615301a3f90030c9a618d189dced379c93d4a986c62bf63a1c0e72fdfa98ac496f5950b491c4974ab4304dc13bd61971d98cdcfda9cfcd6e72443e2d153903c8ba9bde684dd9ea9e5be03f1e6f8c6bfac54f3cc7ae8dde07ad54c35f7ef06c778794bcdca5e86c7b22611355b0d8ce0eb01644620ac3ffd1d92c077d9a2d33ac0717003ff0ad02a8ba580da8eb837e6778eefca22819abb2c2092dec5f9403e307449a8114bf6caddf3f2667efe07d27d60cdfcca9353ebe3dd7ac97e82047dcfc47832b59c48066b70ed589927c8509dc7f2917f00630b51c3187871f9da806b746d961f8ac504d0d83172b408a275864fe1c165d5935806b682085e6fe3b1b9bb48be95df1bab2cdaa2052012e72739907723b910346f04fc23183b4c53efccba1b80b055958ecc63114e55d9342334009c0433cad95ae5dc76f3c085d31c73c27462606024a0abe8edfb4f084ceb7f33e4bbe5fc8692dd9a52a677083a73a3d7cc101759bc8ddf3e077b0e22467fe44b2187ddb05be7c7a088f81332b9ddf2989b4bdbbc0d0cc3670228d28ac7b9daf8f7d2b6a39d8850f72ce895f24b87793b5c3214cfaf5f5c58aa800b871e594e69c5f07a331281d6754b15ce92140319cde4a42101500e63aa50b73169fa4d4c0ff9a1bb867982d6bbad52d4355a0a16f9e6184baf07ae215f4513badf40cfa101215b219111af3efa5e2022a358b0d8bed9b95ede9f6ea84452f45f6a0f6512a0c0f10ae84e90177e82b877666c5aa7fd3d23e427b86dcac24099fe7eb5804f5a8c52102e7686b73913132c53d6adae8a10cd87d20c937e3b1629fb6c5a1cc3c1744aedcf404d84185f79b80e0642f0bf5e145bf8f910f46aa2e0754a81f3a0ee702872d6bd6e5ec66dd71488f6ed6589567aa42724f72adc7c9cb584d9c776c06875d8d882e4211749e37c62c7535398df7cb0455d833664f913e15ca1f7dc7cf7d71ae2a01a34989ea26f025e96d29a37904ef0fad4a7e7baa6235b730f048e040550510e6da134222a6a04a4cabecc03f8ac9bb1052867863c0b0c1bd19906c40899d66a33cec43e0b0cfb0d8143eab932a7286bffa32150dd1e2a75c62196aba44cb2ba834c230dc17663e7df299ae3869d52eeaa1104d72bd03fc6fa229a9ebc3447330a20e34ab293d90f20f4ace09bdce523575ef8bbd71bced96cfd904b76931b3a1349f0336489ef1e03c80c801a19f97a6d18261d8f8c9f254fd377d317248057fe0d2772ee2cc93a4ebdbc7f308e186579c17004b3b058ac3aedf18d9a457d720ac391c04d2298914d89eb32d8d60d793edd0f1288ebb95e36874854c57936d82b1d891b601c1bd055df989d1f20d7708f583c039cc4b57242d204220540aad8c27530efcdd8dd3975a7afc9dfb15d6dc1c4b35cf4b531ce8fb3a6aecaac4a14020c55502c2e5683951cf538d8d83935b69c795439922b545beb19eb2365b9aa4264ee372f7f323d9f94064acca59cb12e3d9cea4f3b70a123ef233caf1d16d5b555be57bb613a49dde408a2da6b4be5546965f6f581e4a8a02225f8122cee845251bd18de7a648fa21bc7499a453289e257acf482de995430b4990d8af2689991ebaaee84f5e8f9cd3d109bc73edcfe22c05dc1716ce25979a93a1e8f5ef49f1cb2e483210796f65ab50ebf056c4210e035d9cbcba97ca5551f0e261098164afd473c78ca96f1fc5ee5e55ca0ce6247dc85c07980baae1f81444fc11fe5ee35df45b6132815cb92e7cc287ec63c7591f39ef1dd9542b294a0460015a2a844418ee91ea6d9677c85221893235f1ff9cd5a76f5693188d04e601214cc43cb78536a4f2b1bc34be0b226f612aa3a14608e522a2f946a7af231321d981bab2db40a62525fb74453d04b6feff31be93ace1bfe1cebea62b78d1bd2e4a8114cb0c57fb4189770f3f09f65ec9aeb68af3a98ee3783a29a3708f03aa148b77b864d0fb5c605657e7ae6b6787dcb982faadde102aa96b2c6cec4bce32c67dbccd00e71d71f160b10654a6c035e1689c5eb74725bfe157ecbaeffd0f3e3eb0075522096556ae0794e45bac7807d619f18401a1283632354cc0569cc31dfc6c8fc81312660550408aea659e4fccd4db3704f284b68074f5a69c370c1f680d949c2b443be8065956f3ef02dd4002e9b78e8fba021732e9dfba78292b5b31c6a6d689c85f824eae38265855d59261e08af23fd1b3bf7aba652b7e078ce33942b2827fad4fd32f39319ed7d37b467d8e1d777dd089b85df15bf546c7612500f168ecdc8234ed018537d0818b94b1228d81d80e975e67c0c2d6cd1132f44fb5106860ece58e4db5325cad20969368fceb7838421230e2df352ffa4b9eb97ea5790f8373cb1b3965868ee7e27f90e8ad7251aa6281bf3c640850d00a249e31c25741eabf2da08c4adbb2e4d46138f830fbb249aca84aa78bd17d4fc1cef0ef845067f2a1aa8a3a47f0e01d9b1fe53997ee062803b5e2f4930a2d57a0b88b36e96075c42cf43c7681afbd28b715a772cab8f984f2f0664aec64f513ad87cd3391f3cb1998111fb2eca5b16c63e848f04a8f1b70e270ecdc4baab5d1310236cda6a6dc9bf09db511b4d51b97addac1ba5ffcc99ee647076f0d1f560af302fdc64bde9078a20114a1a6eedbc88bbe90b3468a249ddddb1f099471dbcae80f907bb343d94614c61d950cb2749202cf3d17be163b0b0233ed7370572ba254cfbaa78ad66c33eb1d52d6070431a33f88a3707da5abce161fadda1b334435135a514e17f8f465766fd8ba7eed7f600f131bfdfb700dcbde69bb8305850455556364e30cbc736bae7ca4a607e22865fe2c3577cb3dd361a07fbab5e4b31d4c0ae6ee18ff14abd329ead354e5f4bb33ac4778c11852fdd37b7419fb57d99b7718b524e6b07ac04ea6fb55bcf8f3f8da6e5a00d40aabe44f1a393a55e421f171c2ffac66edb71ee383f4d7f22d8b35a037d05103a182dee18e75533585a97cb7cebafa2ac8f398f5e321300ec86312450dd14300af036c1f32a419468a86a8", 0xde8}, {&(0x7f0000000a40)="a83c27ddadb50be9a0951b7078e138f54546364d0ed799895a2dcb771a689d0a025fe4e922d745c78611050a19f3a132ce89774e48baba4873456583e55394055ea10248f81d3d51bdcde28e33eaaac1dd0d6fb76f3dab78437efdeecef6ac4fb2ba5528e3834c144676", 0x6a}, {&(0x7f0000000ac0)}], 0x3, &(0x7f0000000c40)=[{0x38, 0x10c, 0x7f, "c0818816a5ec0b4addf5543558e5b50f623fd1513dc46bf47b0e80a79437c0dcb6d71585c38589"}, {0x10, 0x109, 0xfffffff8}], 0x48}, 0x4000000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)

545.851662ms ago: executing program 3 (id=2340):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
r1 = perf_event_open(&(0x7f0000000040)={0x9, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000280), 0x2}, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0x400000000, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x29, 0x0, 0x0)
recvmsg$kcm(r2, &(0x7f0000000d40)={&(0x7f00000002c0)=@tipc=@name, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000580)=""/106, 0x65}, {&(0x7f0000000740)=""/4, 0x4}, {&(0x7f0000000840)=""/190, 0xbe}, {&(0x7f0000000940)=""/223, 0xdf}, {&(0x7f0000000340)=""/161, 0xa1}], 0x5, &(0x7f0000000c40)=""/206, 0xce}, 0x2100)
socket$kcm(0x2, 0x7, 0x2)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000240)=@o_path={&(0x7f0000000100)='./file0\x00', 0x0, 0x0, r0}, 0x18)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x29, 0x0, &(0x7f0000000100)="b9ff03fe6044218cb89e14f008060dc77fff00090000002f83fbac14140ee000000d62079f00000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x3}, 0x50)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x3c3743, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000a40), 0x0, 0x0)
close(r4)
socket$kcm(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0x18000000000002a0, 0x15, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff0016e0", 0x0, 0x24, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
close(0xffffffffffffffff)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r5=>0x0, <r6=>0x0})
close(r5)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0x0, r1, 0x0, 0x0, 0x0}, 0x30)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r7=>0x0, <r8=>0x0})
close(r7)
setsockopt$sock_attach_bpf(r8, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0800000004"], 0x50)
setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)

497.907885ms ago: executing program 0 (id=2341):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_lsm={0x1d, 0x3, &(0x7f0000001000)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000030088b63814ef84416763399ad39df6c15fc503a31c51d82edc1df25657b78c1959a5b91cdcce6282c6d975879ebbe9e89ebbe3ea2f1bd29e16fbe0c85800a4b5f49a12204622c06b55e95e3d30e0075165a15f3f29fe5379eb71287ca"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1, 0x0, 0x0, 0x35}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000500), &(0x7f0000000180)='%+9llu \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={r1, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r3, 0x18000000000002a0, 0x28, 0x62, &(0x7f0000000600)="b9ff03075fe9008cb89e08e086dd", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x28)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = socket$kcm(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{0xffffffffffffffff, <r6=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000380)=r1}, 0x20)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000bc0)={r3, 0xe0, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000700)=[0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x2, 0x2, &(0x7f0000000940)=[0x0, 0x0], &(0x7f0000000980)=[0x0, 0x0], 0x0, 0xee, &(0x7f00000009c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000a00), &(0x7f0000000a40), 0x8, 0x54, 0x8, 0x8, &(0x7f0000000a80)}}, 0x10)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000c00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x8, [@float={0xe, 0x0, 0x0, 0x10, 0x10}, @decl_tag={0x5, 0x0, 0x0, 0x11, 0x1, 0x1}, @fwd={0x5}, @fwd={0x7}, @datasec={0x9, 0x2, 0x0, 0xf, 0x1, [{0x4, 0xfffffffb, 0xffffffff}, {0x5, 0x7, 0x8}], 'V'}, @struct={0xf, 0x6, 0x0, 0x4, 0x0, 0x7, [{0x6, 0x3, 0x4}, {0x2, 0x3, 0xe}, {0x4, 0x1, 0x8}, {0x7, 0x3, 0x40000000}, {0x10, 0x5, 0x100}, {0xb, 0x3, 0x6}]}, @fwd={0x9}]}, {0x0, [0x61, 0x0, 0x2e, 0x30, 0x30, 0x2e]}}, &(0x7f0000000d00)=""/121, 0xdc, 0x79, 0x0, 0x80000001, 0x10000, @value=r1}, 0x28)
r10 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r10, 0x29, 0x4e, 0x0, 0x4000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000f40)={0x6, 0x1c, &(0x7f0000000840)=@raw=[@map_idx={0x18, 0x0, 0x5, 0x0, 0x2}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @generic={0x5, 0x0, 0x3, 0xfc9, 0xff}, @exit, @exit, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffd}}], &(0x7f0000000680)='GPL\x00', 0x5, 0x1, &(0x7f00000006c0)=""/1, 0x40f00, 0x14, '\x00', r8, 0x25, r9, 0x8, &(0x7f0000000dc0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000e00)={0x0, 0x10, 0x5, 0x4}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x1, 0x5, 0x4, 0x1}, {0x4, 0x5, 0x5, 0xb}, {0x4, 0x4, 0x0, 0x8}, {0x2, 0x5, 0x7, 0xc}, {0x2, 0x1, 0xd, 0x3}, {0x3, 0x4, 0x9, 0x2}, {0x3, 0x5, 0xa}, {0x4, 0x4, 0x8, 0x5}, {0x3, 0x2, 0x0, 0x7}], 0x10, 0xe}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x1ff)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000740)="d800000019008111e0020f060d8107040a60000000000003001455a12a00090008000699e3ffffff14000500fe80817806000567b8b7b94002000009080016060000000000000000d67f6f9400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237e09000000b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b7b4338c9f1ac76efb42a9ecbee5de6ccd44242f4d643f6fd0f26187b51980dd6", 0xd8}], 0x1}, 0x80)

391.565462ms ago: executing program 2 (id=2342):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

364.911304ms ago: executing program 1 (id=2343):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x7f83, 0x7}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="07000000040000001800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000001000000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
socket$kcm(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff}, 0x104007, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r0, &(0x7f0000000700)={&(0x7f0000000000)={0x2, 0x0, @private=0xa010101}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="280000000000000000000001070000000717a87f000001ac141400e0000001ac1e0001ac1414bb011c000000000000000000000008000000", @ANYRES64=r0], 0x48}, 0x0)

234.907453ms ago: executing program 2 (id=2344):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffff94, 0xfffffffffffffff8}, 0x126a0, 0x1000, 0x0, 0x0, 0x736, 0x2, 0x7ff, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x50, 0x9b, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x100e4a, 0x0, 0x4000, 0x0, 0x17}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x21, 0x2, 0xa)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/net\x00')
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x40049409, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)
socket$kcm(0x29, 0x5, 0x0)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)

234.577143ms ago: executing program 0 (id=2345):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="d5bb6582e18b6ccef970dc469f84023efbbe61aeb441bf339a10a7e6a1d10487d171cdd17e94adbf88", 0x29}], 0x1}, 0x8001)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a076b876c1d0048007ea60864160af36504001a0038001d00", 0x73}, {&(0x7f0000000080)="83d2ff5f00000080d2898a0cc6d6703b87eb28f77b09bc7e64f918fa3bc7664d327d90424d5503002800"/52, 0x34}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x4)

195.175656ms ago: executing program 1 (id=2346):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000780)="d8000000140081044e81f782db44b9040a1d080201000000040000a118000200ff020000000000000000040000000001a80016ea1f00084003bc5f54c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f722f054f55153c6f94007134cf6ee08000a09108e8d8ef075c0100000000000000cb490000001fb791643a5e835913b06218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f52eb4edbb57a5025ccca9e00360d8bcc00400040fad95667e0060000000000000580bb9ad809d5e1cace81b341139fe3cd4032e8edb12d", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0xc04)

161.857908ms ago: executing program 3 (id=2347):
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='tasks\x00', 0x2, 0x0)
r1 = gettid()
write$cgroup_pid(r0, &(0x7f0000000040)=r1, 0x12)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={&(0x7f00000001c0), 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x5d33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x3d, 0x7, 0x0, 0x0, 0xd299, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x100882, 0x7ff, 0x6, 0x0, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003fffe, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9b, 0x3, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x43e90bacaf4f4c62, @perf_bp={0x0}, 0x105260, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x3ff}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x0)

39.145587ms ago: executing program 0 (id=2348):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0x10, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc00d100, 0x0, 0x0, 0x0, 0x100}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfff0, 0x20}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

0s ago: executing program 1 (id=2350):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000e500000001"], 0x48)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000280)=0x8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r2}, &(0x7f0000000080), &(0x7f00000000c0)='%-010d \x00'}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r0, @ANYBLOB="0000000000eaffffc200a000200000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x5, 0xd2, &(0x7f00000002c0)=""/210}, 0x22)

kernel console output (not intermixed with test programs):

  do_syscall_64+0x55/0xa0
[  212.513337][ T8295]  ? clear_bhb_loop+0x40/0x90
[  212.518049][ T8295]  ? clear_bhb_loop+0x40/0x90
[  212.522858][ T8295]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  212.528872][ T8295] RIP: 0033:0x7fa3bdd9c819
[  212.533502][ T8295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  212.553223][ T8295] RSP: 002b:00007fa3bec23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  212.561921][ T8295] RAX: ffffffffffffffda RBX: 00007fa3be015fa0 RCX: 00007fa3bdd9c819
[  212.569885][ T8295] RDX: 0000000000000094 RSI: 00002000000002c0 RDI: 0000000000000005
[  212.577964][ T8295] RBP: 00007fa3bec23090 R08: 0000000000000000 R09: 0000000000000000
[  212.585961][ T8295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.593973][ T8295] R13: 00007fa3be016038 R14: 00007fa3be015fa0 R15: 00007ffd3a168748
[  212.601975][ T8295]  </TASK>
[  212.636481][ T8295] syz.2.928: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  212.657624][ T8295] CPU: 1 PID: 8295 Comm: syz.2.928 Not tainted syzkaller #0
[  212.664964][ T8295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  212.675316][ T8295] Call Trace:
[  212.678619][ T8295]  <TASK>
[  212.681574][ T8295]  dump_stack_lvl+0x18c/0x250
[  212.686305][ T8295]  ? show_regs_print_info+0x20/0x20
[  212.691537][ T8295]  ? load_image+0x420/0x420
[  212.696593][ T8295]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  212.703084][ T8295]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  212.709714][ T8295]  warn_alloc+0x246/0x340
[  212.714173][ T8295]  ? __get_vm_area_node+0x125/0x370
[  212.719593][ T8295]  ? zone_watermark_ok_safe+0x230/0x230
[  212.725445][ T8295]  ? rcu_is_watching+0x15/0xb0
[  212.730521][ T8295]  ? __get_vm_area_node+0x356/0x370
[  212.735853][ T8295]  __vmalloc_node_range+0x393/0x1330
[  212.741184][ T8295]  ? mark_lock+0x94/0x320
[  212.745558][ T8295]  ? __lock_acquire+0x1347/0x7d40
[  212.750723][ T8295]  ? verify_lock_unused+0x140/0x140
[  212.755981][ T8295]  ? free_vm_area+0x50/0x50
[  212.760619][ T8295]  ? end_current_label_crit_section+0x170/0x170
[  212.767119][ T8295]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  212.772706][ T8295]  __vmalloc+0x7a/0x90
[  212.776826][ T8295]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  212.782414][ T8295]  bpf_prog_alloc_no_stats+0x47/0x440
[  212.787852][ T8295]  ? bpf_prog_alloc+0x2b/0x1a0
[  212.792649][ T8295]  bpf_prog_alloc+0x3d/0x1a0
[  212.797284][ T8295]  bpf_prog_load+0x6eb/0x1670
[  212.802005][ T8295]  ? map_freeze+0x420/0x420
[  212.806805][ T8295]  ? __might_fault+0xaa/0x120
[  212.811867][ T8295]  ? __lock_acquire+0x7d40/0x7d40
[  212.817377][ T8295]  ? file_end_write+0x159/0x250
[  212.822349][ T8295]  ? __might_fault+0xaa/0x120
[  212.827061][ T8295]  ? __might_fault+0xc6/0x120
[  212.831761][ T8295]  ? __might_fault+0xaa/0x120
[  212.836551][ T8295]  ? bpf_lsm_bpf+0x9/0x10
[  212.841071][ T8295]  ? security_bpf+0x7e/0xa0
[  212.845585][ T8295]  __sys_bpf+0x5ba/0x890
[  212.849843][ T8295]  ? bpf_link_show_fdinfo+0x390/0x390
[  212.855320][ T8295]  ? lock_chain_count+0x20/0x20
[  212.860272][ T8295]  __x64_sys_bpf+0x7c/0x90
[  212.865047][ T8295]  do_syscall_64+0x55/0xa0
[  212.869485][ T8295]  ? clear_bhb_loop+0x40/0x90
[  212.874160][ T8295]  ? clear_bhb_loop+0x40/0x90
[  212.878842][ T8295]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  212.884915][ T8295] RIP: 0033:0x7fa3bdd9c819
[  212.889341][ T8295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  212.909407][ T8295] RSP: 002b:00007fa3bec23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  212.918029][ T8295] RAX: ffffffffffffffda RBX: 00007fa3be015fa0 RCX: 00007fa3bdd9c819
[  212.926096][ T8295] RDX: 0000000000000094 RSI: 00002000000002c0 RDI: 0000000000000005
[  212.934153][ T8295] RBP: 00007fa3bec23090 R08: 0000000000000000 R09: 0000000000000000
[  212.942311][ T8295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.950330][ T8295] R13: 00007fa3be016038 R14: 00007fa3be015fa0 R15: 00007ffd3a168748
[  212.958343][ T8295]  </TASK>
[  212.973582][ T8295] Mem-Info:
[  212.976844][ T8295] active_anon:5430 inactive_anon:0 isolated_anon:0
[  212.976844][ T8295]  active_file:15091 inactive_file:39988 isolated_file:0
[  212.976844][ T8295]  unevictable:768 dirty:354 writeback:0
[  212.976844][ T8295]  slab_reclaimable:10026 slab_unreclaimable:95037
[  212.976844][ T8295]  mapped:24369 shmem:1361 pagetables:523
[  212.976844][ T8295]  sec_pagetables:0 bounce:0
[  212.976844][ T8295]  kernel_misc_reclaimable:0
[  212.976844][ T8295]  free:1349541 free_pcp:6315 free_cma:0
[  213.111781][ T8295] Node 0 active_anon:21712kB inactive_anon:0kB active_file:60364kB inactive_file:159752kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101528kB dirty:1416kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10528kB pagetables:2148kB sec_pagetables:0kB all_unreclaimable? no
[  213.217535][ T8295] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  213.253463][ T8295] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  213.288998][ T8295] lowmem_reserve[]: 0 2521 2522 2522 2522
[  213.295446][ T8295] Node 0 DMA32 free:1485904kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:21852kB inactive_anon:0kB active_file:60364kB inactive_file:158920kB unevictable:1536kB writepending:1428kB present:3129332kB managed:2586956kB mlocked:0kB bounce:0kB free_pcp:6400kB local_pcp:5724kB free_cma:0kB
[  213.336483][ T8295] lowmem_reserve[]: 0 0 0 0 0
[  213.343116][ T8295] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  213.374867][ T8295] lowmem_reserve[]: 0 0 0 0 0
[  213.379749][ T8295] Node 1 Normal free:3895552kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19872kB local_pcp:11072kB free_cma:0kB
[  213.415567][ T8295] lowmem_reserve[]: 0 0 0 0 0
[  213.420549][ T8295] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  213.449366][ T8295] Node 0 DMA32: 2434*4kB (UM) 1349*8kB (UME) 1360*16kB (UME) 673*32kB (UME) 392*64kB (UME) 91*128kB (UME) 26*256kB (UM) 13*512kB (UM) 9*1024kB (UM) 5*2048kB (UM) 330*4096kB (M) = 1485008kB
[  213.490895][ T8295] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  213.508172][ T8296] delete_channel: no stack
[  213.515533][ T8295] Node 1 Normal: 220*4kB (UM) 50*8kB (UME) 34*16kB (UME) 49*32kB (UME) 15*64kB (UE) 8*128kB (UME) 2*256kB (UE) 3*512kB (UME) 1*1024kB (U) 2*2048kB (UE) 948*4096kB (M) = 3895552kB
[  213.538278][ T8295] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  213.556602][ T8295] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  213.566740][ T8295] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  213.581369][ T8295] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  213.594695][ T8295] 56440 total pagecache pages
[  213.599611][ T8295] 0 pages in swap cache
[  213.605521][ T8295] Free swap  = 124996kB
[  213.609823][ T8295] Total swap = 124996kB
[  213.617980][ T8295] 2097051 pages RAM
[  213.623429][ T8295] 0 pages HighMem/MovableOnly
[  213.628425][ T8295] 416926 pages reserved
[  213.636669][ T8295] 0 pages cma reserved
[  214.307903][ T8324] netlink: 10 bytes leftover after parsing attributes in process `syz.2.938'.
[  214.914587][ T8341] netlink: 10 bytes leftover after parsing attributes in process `syz.2.945'.
[  215.149389][ T8348] netlink: 152 bytes leftover after parsing attributes in process `syz.2.948'.
[  215.749245][ T8348] bond0: (slave bond_slave_0): Releasing backup interface
[  215.800428][ T8348] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  215.890115][ T8351] FAULT_INJECTION: forcing a failure.
[  215.890115][ T8351] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  215.911556][ T8351] CPU: 1 PID: 8351 Comm: syz.1.950 Not tainted syzkaller #0
[  215.919012][ T8351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  215.929172][ T8351] Call Trace:
[  215.932541][ T8351]  <TASK>
[  215.935467][ T8351]  dump_stack_lvl+0x18c/0x250
[  215.940158][ T8351]  ? show_regs_print_info+0x20/0x20
[  215.945357][ T8351]  ? load_image+0x420/0x420
[  215.949860][ T8351]  ? __lock_acquire+0x7d40/0x7d40
[  215.954980][ T8351]  should_fail_ex+0x39d/0x4d0
[  215.959661][ T8351]  prepare_alloc_pages+0x1e2/0x5f0
[  215.964776][ T8351]  __alloc_pages+0x134/0x460
[  215.969743][ T8351]  ? zone_statistics+0x170/0x170
[  215.974690][ T8351]  ? alloc_pages+0x4dc/0x740
[  215.979363][ T8351]  ? do_raw_spin_unlock+0x121/0x230
[  215.984557][ T8351]  __get_free_pages+0xc/0x30
[  215.989141][ T8351]  kasan_populate_vmalloc_pte+0x35/0x100
[  215.994867][ T8351]  __apply_to_page_range+0x860/0xdd0
[  216.000174][ T8351]  ? kasan_populate_vmalloc+0x70/0x70
[  216.005570][ T8351]  ? apply_to_page_range+0x50/0x50
[  216.010717][ T8351]  ? do_raw_spin_unlock+0x121/0x230
[  216.015962][ T8351]  alloc_vmap_area+0x1d0c/0x1e30
[  216.020925][ T8351]  ? vm_map_ram+0xcb0/0xcb0
[  216.025519][ T8351]  ? rcu_is_watching+0x15/0xb0
[  216.030287][ T8351]  __get_vm_area_node+0x162/0x370
[  216.035402][ T8351]  __vmalloc_node_range+0x36e/0x1330
[  216.040701][ T8351]  ? sock_map_alloc+0x1af/0x2c0
[  216.045572][ T8351]  ? free_vm_area+0x50/0x50
[  216.050086][ T8351]  ? bpf_map_area_alloc+0x5e/0x110
[  216.055206][ T8351]  ? rcu_is_watching+0x15/0xb0
[  216.060095][ T8351]  ? bpf_map_area_alloc+0x5e/0x110
[  216.065236][ T8351]  bpf_map_area_alloc+0xf1/0x110
[  216.070174][ T8351]  ? sock_map_alloc+0x1af/0x2c0
[  216.075047][ T8351]  sock_map_alloc+0x1af/0x2c0
[  216.079726][ T8351]  map_create+0x877/0x12f0
[  216.084222][ T8351]  ? bpf_lsm_bpf+0x9/0x10
[  216.088559][ T8351]  __sys_bpf+0x651/0x890
[  216.093023][ T8351]  ? bpf_link_show_fdinfo+0x390/0x390
[  216.098514][ T8351]  ? lock_chain_count+0x20/0x20
[  216.103566][ T8351]  __x64_sys_bpf+0x7c/0x90
[  216.108157][ T8351]  do_syscall_64+0x55/0xa0
[  216.112662][ T8351]  ? clear_bhb_loop+0x40/0x90
[  216.117537][ T8351]  ? clear_bhb_loop+0x40/0x90
[  216.122725][ T8351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  216.129527][ T8351] RIP: 0033:0x7f601f79c819
[  216.133947][ T8351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  216.154601][ T8351] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  216.163012][ T8351] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  216.170990][ T8351] RDX: 0000000000000048 RSI: 0000200000000580 RDI: 0600000000000000
[  216.178958][ T8351] RBP: 00007f602065b090 R08: 0000000000000000 R09: 0000000000000000
[  216.186928][ T8351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  216.194983][ T8351] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  216.202963][ T8351]  </TASK>
[  216.426182][ T8349] delete_channel: no stack
[  216.930302][ T5776] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  218.449233][ T8384] netpci0: tun_chr_ioctl cmd 2147767517
[  218.465189][ T8384] netpci0: tun_chr_ioctl cmd 1074025698
[  218.525785][ T8384] netlink: 14568 bytes leftover after parsing attributes in process `syz.2.963'.
[  220.056234][ T8428] netlink: 'syz.3.978': attribute type 3 has an invalid length.
[  220.076430][ T8428] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.978'.
[  220.739733][ T8451] netlink: 'syz.0.988': attribute type 10 has an invalid length.
[  220.751421][ T8451] netlink: 2 bytes leftover after parsing attributes in process `syz.0.988'.
[  220.767897][ T8451] hsr0: entered promiscuous mode
[  220.838194][ T8451] bridge0: port 4(hsr0) entered blocking state
[  220.862791][ T8451] bridge0: port 4(hsr0) entered disabled state
[  220.892212][ T8451] hsr0: entered allmulticast mode
[  220.908275][ T8451] hsr_slave_0: entered allmulticast mode
[  220.924079][ T8451] hsr_slave_1: entered allmulticast mode
[  221.026575][ T8451] bridge0: port 4(hsr0) entered blocking state
[  221.033722][ T8451] bridge0: port 4(hsr0) entered forwarding state
[  223.205184][ T8509] FAULT_INJECTION: forcing a failure.
[  223.205184][ T8509] name failslab, interval 1, probability 0, space 0, times 0
[  223.243819][ T8509] CPU: 0 PID: 8509 Comm: syz.3.1011 Not tainted syzkaller #0
[  223.251529][ T8509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  223.261857][ T8509] Call Trace:
[  223.265472][ T8509]  <TASK>
[  223.268403][ T8509]  dump_stack_lvl+0x18c/0x250
[  223.273196][ T8509]  ? sctp_sendmsg+0x1575/0x28c0
[  223.278056][ T8509]  ? ___sys_sendmsg+0x2a6/0x360
[  223.282993][ T8509]  ? show_regs_print_info+0x20/0x20
[  223.288207][ T8509]  ? load_image+0x420/0x420
[  223.292739][ T8509]  should_fail_ex+0x39d/0x4d0
[  223.297549][ T8509]  should_failslab+0x9/0x20
[  223.302164][ T8509]  slab_pre_alloc_hook+0x59/0x310
[  223.307287][ T8509]  ? sctp_add_bind_addr+0x8c/0x360
[  223.312408][ T8509]  __kmem_cache_alloc_node+0x53/0x250
[  223.318134][ T8509]  ? sctp_add_bind_addr+0x8c/0x360
[  223.323328][ T8509]  kmalloc_trace+0x2a/0xe0
[  223.327842][ T8509]  sctp_add_bind_addr+0x8c/0x360
[  223.332793][ T8509]  sctp_copy_local_addr_list+0x315/0x4f0
[  223.338879][ T8509]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  223.344658][ T8509]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  223.351026][ T8509]  ? sctp_v6_is_any+0x64/0x70
[  223.355708][ T8509]  ? sctp_copy_one_addr+0x8c/0x350
[  223.360821][ T8509]  sctp_bind_addr_copy+0xb3/0x3c0
[  223.366111][ T8509]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  223.372460][ T8509]  sctp_connect_new_asoc+0x2f9/0x6a0
[  223.377861][ T8509]  ? __sctp_connect+0xd80/0xd80
[  223.382882][ T8509]  ? __local_bh_enable_ip+0x13a/0x1c0
[  223.388282][ T8509]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  223.393954][ T8509]  ? security_sctp_bind_connect+0x89/0xb0
[  223.399691][ T8509]  sctp_sendmsg+0x1575/0x28c0
[  223.404374][ T8509]  ? sctp_getsockopt+0xb60/0xb60
[  223.409570][ T8509]  ? aa_sk_perm+0x83c/0x970
[  223.414084][ T8509]  ? aa_af_perm+0x330/0x330
[  223.418597][ T8509]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  223.425022][ T8509]  ? sock_rps_record_flow+0x19/0x3f0
[  223.430433][ T8509]  ? inet_sendmsg+0xe9/0x2f0
[  223.435019][ T8509]  ? inet_send_prepare+0x260/0x260
[  223.440128][ T8509]  ____sys_sendmsg+0x5ba/0x960
[  223.444891][ T8509]  ? __lock_acquire+0x7d40/0x7d40
[  223.449921][ T8509]  ? __asan_memset+0x22/0x40
[  223.454800][ T8509]  ? __sys_sendmsg_sock+0x30/0x30
[  223.459834][ T8509]  ? __import_iovec+0x5f2/0x850
[  223.464940][ T8509]  ? import_iovec+0x73/0xa0
[  223.469922][ T8509]  ___sys_sendmsg+0x2a6/0x360
[  223.474696][ T8509]  ? get_pid_task+0x20/0x1e0
[  223.479296][ T8509]  ? __sys_sendmsg+0x2a0/0x2a0
[  223.484089][ T8509]  ? __lock_acquire+0x7d40/0x7d40
[  223.489131][ T8509]  __se_sys_sendmsg+0x1c2/0x2b0
[  223.493979][ T8509]  ? __x64_sys_sendmsg+0x80/0x80
[  223.499047][ T8509]  ? lockdep_hardirqs_on+0x98/0x150
[  223.504251][ T8509]  do_syscall_64+0x55/0xa0
[  223.508661][ T8509]  ? clear_bhb_loop+0x40/0x90
[  223.513341][ T8509]  ? clear_bhb_loop+0x40/0x90
[  223.518113][ T8509]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  223.524195][ T8509] RIP: 0033:0x7f8c06b9c819
[  223.528630][ T8509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  223.548943][ T8509] RSP: 002b:00007f8c0796e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.557484][ T8509] RAX: ffffffffffffffda RBX: 00007f8c06e15fa0 RCX: 00007f8c06b9c819
[  223.565512][ T8509] RDX: 000000002600c055 RSI: 00002000000000c0 RDI: 0000000000000003
[  223.573570][ T8509] RBP: 00007f8c0796e090 R08: 0000000000000000 R09: 0000000000000000
[  223.581835][ T8509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  223.589994][ T8509] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  223.598081][ T8509]  </TASK>
[  223.653089][ T5776] Bluetooth: hci0: ISO packet for unknown connection handle 2622
[  223.914551][ T8526] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1018'.
[  223.957197][ T5776] Bluetooth: hci0: ISO packet for unknown connection handle 2622
[  224.929968][ T8535] netlink: 'syz.1.1021': attribute type 3 has an invalid length.
[  224.959823][ T8535] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1021'.
[  225.084406][ T8543] netlink: 'syz.3.1024': attribute type 12 has an invalid length.
[  225.095698][ T8543] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1024'.
[  225.425598][ T8562] netlink: 'syz.2.1030': attribute type 10 has an invalid length.
[  225.451667][ T8562] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1030'.
[  225.471637][ T8562] `: entered promiscuous mode
[  225.477003][ T8562] C: entered promiscuous mode
[  225.487783][ T8562] team_slave_1: entered promiscuous mode
[  225.494268][ T8562] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  225.502578][ T8562] `: entered allmulticast mode
[  225.507773][ T8562] C: entered allmulticast mode
[  225.516336][ T8562] team_slave_1: entered allmulticast mode
[  225.523054][ T8562] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  225.534331][ T8562] A link change request failed with some changes committed already. Interface ` may have been left with an inconsistent configuration, please check.
[  226.320800][ T8578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1037'.
[  227.395586][ T8617] netlink: 'syz.3.1053': attribute type 10 has an invalid length.
[  227.406187][ T8617] netlink: 55 bytes leftover after parsing attributes in process `syz.3.1053'.
[  229.101853][ T8634] netlink: 'syz.1.1059': attribute type 29 has an invalid length.
[  229.124729][ T8632] netlink: 'syz.0.1058': attribute type 10 has an invalid length.
[  229.246123][ T8643] netlink: 'syz.0.1058': attribute type 3 has an invalid length.
[  229.286544][ T8643] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1058'.
[  229.358250][ T8634] netlink: 'syz.1.1059': attribute type 29 has an invalid length.
[  229.392720][ T8639] netlink: 'syz.0.1058': attribute type 2 has an invalid length.
[  229.411149][ T8639] netlink: 'syz.0.1058': attribute type 8 has an invalid length.
[  229.431351][ T8639] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1058'.
[  229.599580][ T8655] netlink: 11562 bytes leftover after parsing attributes in process `syz.1.1065'.
[  229.632737][ T8654] delete_channel: no stack
[  229.703924][ T8661] netlink: 'syz.0.1067': attribute type 10 has an invalid length.
[  229.714433][ T8661] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.726330][ T8661] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.736565][ T8661] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.746781][ T8661] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  230.730538][ T8668] netlink: 'syz.2.1069': attribute type 4 has an invalid length.
[  232.116454][ T8706] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1082'.
[  233.918108][ T8762] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1102'.
[  233.934666][ T8762] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[  238.452314][ T8810] raw_sendmsg: syz.0.1119 forgot to set AF_INET. Fix it!
[  239.344027][ T8829] delete_channel: no stack
[  239.348753][ T8829] delete_channel: no stack
[  239.404662][ T8829] delete_channel: no stack
[  239.448063][ T8829] netlink: 'syz.0.1127': attribute type 10 has an invalid length.
[  240.159789][ T8828] delete_channel: no stack
[  240.658650][ T8845] netlink: 'syz.3.1133': attribute type 21 has an invalid length.
[  240.688562][ T8845] netlink: 'syz.3.1133': attribute type 6 has an invalid length.
[  241.635956][ T8875] netlink: 'syz.0.1145': attribute type 10 has an invalid length.
[  241.644378][ T8875] bridge0: port 4(hsr0) entered disabled state
[  241.650853][ T8875] bridge0: port 3(`) entered disabled state
[  241.657382][ T8875] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.664769][ T8875] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.688217][ T8920] skbuff: bad partial csum: csum=65535/127 headroom=178 headlen=65664
[  244.714855][ T8902] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1156'.
[  245.191059][ T8902] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1156'.
[  245.345472][ T8902] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  245.378690][ T8902] CPU: 0 PID: 8902 Comm: syz.1.1156 Not tainted syzkaller #0
[  245.386216][ T8902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  245.396305][ T8902] Call Trace:
[  245.399693][ T8902]  <TASK>
[  245.402735][ T8902]  dump_stack_lvl+0x18c/0x250
[  245.407553][ T8902]  ? show_regs_print_info+0x20/0x20
[  245.412807][ T8902]  ? load_image+0x420/0x420
[  245.417376][ T8902]  sysfs_warn_dup+0x8e/0xa0
[  245.422131][ T8902]  sysfs_do_create_link_sd+0xc0/0x110
[  245.427556][ T8902]  device_add_class_symlinks+0x1cf/0x240
[  245.433323][ T8902]  device_add+0x507/0xc20
[  245.437705][ T8902]  wiphy_register+0x1dad/0x2ae0
[  245.442680][ T8902]  ? cfg80211_event_work+0x40/0x40
[  245.447798][ T8902]  ? minstrel_ht_alloc+0x88a/0x990
[  245.452931][ T8902]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  245.459119][ T8902]  ieee80211_register_hw+0x3464/0x4250
[  245.464627][ T8902]  ? ieee80211_tasklet_handler+0x20/0x20
[  245.470296][ T8902]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  245.476288][ T8902]  ? __debug_object_init+0xec/0x450
[  245.481589][ T8902]  ? __asan_memset+0x22/0x40
[  245.486248][ T8902]  ? __hrtimer_init+0x186/0x270
[  245.491121][ T8902]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  245.496880][ T8902]  ? mac80211_hwsim_free+0x220/0x220
[  245.502172][ T8902]  ? rcu_is_watching+0x15/0xb0
[  245.507038][ T8902]  ? kstrndup+0xbd/0x140
[  245.511409][ T8902]  hwsim_new_radio_nl+0xdc9/0x1a90
[  245.516531][ T8902]  ? __nla_validate+0x50/0x50
[  245.521334][ T8902]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  245.527761][ T8902]  ? __nla_parse+0x40/0x50
[  245.532382][ T8902]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  245.538752][ T8902]  genl_family_rcv_msg_doit+0x211/0x310
[  245.544656][ T8902]  ? end_current_label_crit_section+0x170/0x170
[  245.550906][ T8902]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  245.556833][ T8902]  ? bpf_lsm_capable+0x9/0x10
[  245.561530][ T8902]  ? security_capable+0x89/0xb0
[  245.566476][ T8902]  genl_rcv_msg+0x619/0x7a0
[  245.570991][ T8902]  ? genl_bind+0x360/0x360
[  245.575410][ T8902]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  245.581742][ T8902]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  245.588603][ T8902]  ? ref_tracker_free+0x690/0x840
[  245.593646][ T8902]  netlink_rcv_skb+0x241/0x4d0
[  245.598433][ T8902]  ? genl_bind+0x360/0x360
[  245.602847][ T8902]  ? netlink_ack+0x1180/0x1180
[  245.607715][ T8902]  ? __lock_acquire+0x7d40/0x7d40
[  245.612774][ T8902]  ? down_read+0x1ac/0x2e0
[  245.617269][ T8902]  genl_rcv+0x28/0x40
[  245.621264][ T8902]  netlink_unicast+0x751/0x8d0
[  245.626047][ T8902]  netlink_sendmsg+0x8d0/0xbf0
[  245.630820][ T8902]  ? netlink_getsockopt+0x590/0x590
[  245.636030][ T8902]  ? aa_sock_msg_perm+0x94/0x150
[  245.641149][ T8902]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  245.646440][ T8902]  ? security_socket_sendmsg+0x80/0xa0
[  245.652003][ T8902]  ? netlink_getsockopt+0x590/0x590
[  245.657220][ T8902]  ____sys_sendmsg+0x5ba/0x960
[  245.662258][ T8902]  ? __asan_memset+0x22/0x40
[  245.666861][ T8902]  ? __sys_sendmsg_sock+0x30/0x30
[  245.671878][ T8902]  ? __import_iovec+0x5f2/0x850
[  245.676744][ T8902]  ? import_iovec+0x73/0xa0
[  245.681243][ T8902]  ___sys_sendmsg+0x2a6/0x360
[  245.685931][ T8902]  ? __sys_sendmsg+0x2a0/0x2a0
[  245.690840][ T8902]  __se_sys_sendmsg+0x1c2/0x2b0
[  245.695709][ T8902]  ? __x64_sys_sendmsg+0x80/0x80
[  245.700669][ T8902]  ? lockdep_hardirqs_on+0x98/0x150
[  245.705879][ T8902]  do_syscall_64+0x55/0xa0
[  245.710321][ T8902]  ? clear_bhb_loop+0x40/0x90
[  245.715011][ T8902]  ? clear_bhb_loop+0x40/0x90
[  245.719687][ T8902]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  245.725578][ T8902] RIP: 0033:0x7f601f79c819
[  245.729992][ T8902] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  245.749609][ T8902] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.758062][ T8902] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  245.766056][ T8902] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  245.774214][ T8902] RBP: 00007f601f832c91 R08: 0000000000000000 R09: 0000000000000000
[  245.782284][ T8902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  245.790351][ T8902] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  245.798421][ T8902]  </TASK>
[  247.010528][ T8998] FAULT_INJECTION: forcing a failure.
[  247.010528][ T8998] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.047615][ T8998] CPU: 0 PID: 8998 Comm: syz.0.1190 Not tainted syzkaller #0
[  247.055242][ T8998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  247.065892][ T8998] Call Trace:
[  247.069426][ T8998]  <TASK>
[  247.072446][ T8998]  dump_stack_lvl+0x18c/0x250
[  247.077573][ T8998]  ? show_regs_print_info+0x20/0x20
[  247.082827][ T8998]  ? load_image+0x420/0x420
[  247.087380][ T8998]  ? __might_fault+0xaa/0x120
[  247.092363][ T8998]  ? __lock_acquire+0x7d40/0x7d40
[  247.097542][ T8998]  should_fail_ex+0x39d/0x4d0
[  247.102386][ T8998]  _copy_from_user+0x2f/0xe0
[  247.107167][ T8998]  kstrtouint_from_user+0xde/0x170
[  247.112335][ T8998]  ? kstrtol_from_user+0x190/0x190
[  247.117710][ T8998]  proc_fail_nth_write+0x8f/0x250
[  247.122837][ T8998]  ? proc_fail_nth_read+0x260/0x260
[  247.128118][ T8998]  ? proc_fail_nth_read+0x260/0x260
[  247.133367][ T8998]  vfs_write+0x296/0x990
[  247.137666][ T8998]  ? file_end_write+0x250/0x250
[  247.142714][ T8998]  ? __fget_files+0x28/0x4b0
[  247.147963][ T8998]  ? __fget_files+0x28/0x4b0
[  247.152699][ T8998]  ? __fget_files+0x43d/0x4b0
[  247.157539][ T8998]  ? __fdget_pos+0x2a3/0x330
[  247.162438][ T8998]  ? ksys_write+0x75/0x260
[  247.166981][ T8998]  ksys_write+0x150/0x260
[  247.171443][ T8998]  ? __ia32_sys_read+0x90/0x90
[  247.176389][ T8998]  ? lockdep_hardirqs_on+0x98/0x150
[  247.181615][ T8998]  do_syscall_64+0x55/0xa0
[  247.186161][ T8998]  ? clear_bhb_loop+0x40/0x90
[  247.190950][ T8998]  ? clear_bhb_loop+0x40/0x90
[  247.195786][ T8998]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  247.201722][ T8998] RIP: 0033:0x7ff9f5d5d04e
[  247.206248][ T8998] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  247.226706][ T8998] RSP: 002b:00007ff9f6c01fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  247.235519][ T8998] RAX: ffffffffffffffda RBX: 00007ff9f6c026c0 RCX: 00007ff9f5d5d04e
[  247.243771][ T8998] RDX: 0000000000000001 RSI: 00007ff9f6c020a0 RDI: 0000000000000006
[  247.252104][ T8998] RBP: 00007ff9f6c02090 R08: 0000000000000000 R09: 0000000000000000
[  247.260373][ T8998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.269050][ T8998] R13: 00007ff9f6016038 R14: 00007ff9f6015fa0 R15: 00007fff0bbae458
[  247.277735][ T8998]  </TASK>
[  248.036254][ T5776] Bluetooth: hci1: unexpected event 0x04 length: 15 > 10
[  248.718694][ T9038] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1206'.
[  248.781386][ T9026] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.945529][ T9067] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1218'.
[  250.061319][ T5776] Bluetooth: hci1: command 0x0406 tx timeout
[  250.162243][ T9078] netlink: 'syz.0.1222': attribute type 10 has an invalid length.
[  250.755266][ T9107] netlink: 11562 bytes leftover after parsing attributes in process `syz.1.1233'.
[  251.190708][ T9123] netlink: 'syz.1.1241': attribute type 21 has an invalid length.
[  251.212701][ T9123] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1241'.
[  251.251331][ T9127] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1242'.
[  251.393724][ T9129] netlink: 'syz.3.1243': attribute type 29 has an invalid length.
[  251.414983][ T9129] netlink: 'syz.3.1243': attribute type 29 has an invalid length.
[  251.561816][ T9136] FAULT_INJECTION: forcing a failure.
[  251.561816][ T9136] name failslab, interval 1, probability 0, space 0, times 0
[  251.598189][ T9136] CPU: 0 PID: 9136 Comm: syz.3.1246 Not tainted syzkaller #0
[  251.606003][ T9136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  251.616448][ T9136] Call Trace:
[  251.619744][ T9136]  <TASK>
[  251.622790][ T9136]  dump_stack_lvl+0x18c/0x250
[  251.627580][ T9136]  ? sctp_sendmsg+0x1575/0x28c0
[  251.632457][ T9136]  ? ___sys_sendmsg+0x2a6/0x360
[  251.637500][ T9136]  ? show_regs_print_info+0x20/0x20
[  251.642703][ T9136]  ? load_image+0x420/0x420
[  251.647299][ T9136]  should_fail_ex+0x39d/0x4d0
[  251.652254][ T9136]  should_failslab+0x9/0x20
[  251.656944][ T9136]  slab_pre_alloc_hook+0x59/0x310
[  251.661988][ T9136]  ? sctp_add_bind_addr+0x8c/0x360
[  251.667272][ T9136]  __kmem_cache_alloc_node+0x53/0x250
[  251.672824][ T9136]  ? sctp_add_bind_addr+0x8c/0x360
[  251.677989][ T9136]  kmalloc_trace+0x2a/0xe0
[  251.682430][ T9136]  sctp_add_bind_addr+0x8c/0x360
[  251.687378][ T9136]  sctp_copy_local_addr_list+0x315/0x4f0
[  251.693012][ T9136]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  251.698746][ T9136]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  251.704905][ T9136]  ? sctp_v6_is_any+0x64/0x70
[  251.709583][ T9136]  ? sctp_copy_one_addr+0x8c/0x350
[  251.714692][ T9136]  sctp_bind_addr_copy+0xb3/0x3c0
[  251.719712][ T9136]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  251.726060][ T9136]  sctp_connect_new_asoc+0x2f9/0x6a0
[  251.731434][ T9136]  ? __sctp_connect+0xd80/0xd80
[  251.736278][ T9136]  ? __local_bh_enable_ip+0x13a/0x1c0
[  251.741651][ T9136]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  251.747206][ T9136]  ? security_sctp_bind_connect+0x89/0xb0
[  251.753053][ T9136]  sctp_sendmsg+0x1575/0x28c0
[  251.757919][ T9136]  ? sctp_getsockopt+0xb60/0xb60
[  251.762992][ T9136]  ? aa_sk_perm+0x83c/0x970
[  251.767630][ T9136]  ? aa_af_perm+0x330/0x330
[  251.772168][ T9136]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  251.778780][ T9136]  ? sock_rps_record_flow+0x19/0x3f0
[  251.784076][ T9136]  ? inet_sendmsg+0xe9/0x2f0
[  251.788664][ T9136]  ? inet_send_prepare+0x260/0x260
[  251.793788][ T9136]  ____sys_sendmsg+0x5ba/0x960
[  251.798559][ T9136]  ? __lock_acquire+0x7d40/0x7d40
[  251.803598][ T9136]  ? __asan_memset+0x22/0x40
[  251.808200][ T9136]  ? __sys_sendmsg_sock+0x30/0x30
[  251.813483][ T9136]  ? __import_iovec+0x5f2/0x850
[  251.818357][ T9136]  ? import_iovec+0x73/0xa0
[  251.822963][ T9136]  ___sys_sendmsg+0x2a6/0x360
[  251.827748][ T9136]  ? get_pid_task+0x20/0x1e0
[  251.832556][ T9136]  ? __sys_sendmsg+0x2a0/0x2a0
[  251.837453][ T9136]  ? __lock_acquire+0x7d40/0x7d40
[  251.842506][ T9136]  __se_sys_sendmsg+0x1c2/0x2b0
[  251.847478][ T9136]  ? __x64_sys_sendmsg+0x80/0x80
[  251.852457][ T9136]  ? lockdep_hardirqs_on+0x98/0x150
[  251.858140][ T9136]  do_syscall_64+0x55/0xa0
[  251.862657][ T9136]  ? clear_bhb_loop+0x40/0x90
[  251.867445][ T9136]  ? clear_bhb_loop+0x40/0x90
[  251.872122][ T9136]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  251.878056][ T9136] RIP: 0033:0x7f8c06b9c819
[  251.882466][ T9136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  251.902075][ T9136] RSP: 002b:00007f8c0796e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  251.910836][ T9136] RAX: ffffffffffffffda RBX: 00007f8c06e15fa0 RCX: 00007f8c06b9c819
[  251.919076][ T9136] RDX: 0000000000000041 RSI: 0000200000002dc0 RDI: 0000000000000003
[  251.927093][ T9136] RBP: 00007f8c0796e090 R08: 0000000000000000 R09: 0000000000000000
[  251.935296][ T9136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  251.943463][ T9136] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  251.951644][ T9136]  </TASK>
[  252.496733][ T9152] netlink: 'syz.2.1253': attribute type 3 has an invalid length.
[  252.521282][ T9152] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1253'.
[  252.626006][ T9157] netlink: 'syz.2.1253': attribute type 21 has an invalid length.
[  252.642458][ T9157] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1253'.
[  252.665689][ T9165] netlink: 'syz.1.1257': attribute type 1 has an invalid length.
[  252.678349][ T9165] netlink: 16150 bytes leftover after parsing attributes in process `syz.1.1257'.
[  254.056667][ T9218] FAULT_INJECTION: forcing a failure.
[  254.056667][ T9218] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.082312][ T9218] CPU: 0 PID: 9218 Comm: syz.2.1277 Not tainted syzkaller #0
[  254.089851][ T9218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  254.099943][ T9218] Call Trace:
[  254.103283][ T9218]  <TASK>
[  254.106247][ T9218]  dump_stack_lvl+0x18c/0x250
[  254.110968][ T9218]  ? show_regs_print_info+0x20/0x20
[  254.116332][ T9218]  ? load_image+0x420/0x420
[  254.120864][ T9218]  ? __might_fault+0xaa/0x120
[  254.125563][ T9218]  ? __lock_acquire+0x7d40/0x7d40
[  254.130708][ T9218]  should_fail_ex+0x39d/0x4d0
[  254.135491][ T9218]  _copy_from_user+0x2f/0xe0
[  254.140083][ T9218]  generic_map_update_batch+0x54b/0x810
[  254.145684][ T9218]  ? rcu_read_unlock+0xa0/0xa0
[  254.150544][ T9218]  ? __fdget+0x180/0x210
[  254.154781][ T9218]  ? rcu_read_unlock+0xa0/0xa0
[  254.159708][ T9218]  bpf_map_do_batch+0x3d7/0x610
[  254.164559][ T9218]  __sys_bpf+0x381/0x890
[  254.169247][ T9218]  ? bpf_link_show_fdinfo+0x390/0x390
[  254.174628][ T9218]  ? lock_chain_count+0x20/0x20
[  254.179476][ T9218]  __x64_sys_bpf+0x7c/0x90
[  254.183880][ T9218]  do_syscall_64+0x55/0xa0
[  254.188281][ T9218]  ? clear_bhb_loop+0x40/0x90
[  254.193045][ T9218]  ? clear_bhb_loop+0x40/0x90
[  254.197724][ T9218]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  254.203732][ T9218] RIP: 0033:0x7fa3bdd9c819
[  254.208143][ T9218] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  254.227829][ T9218] RSP: 002b:00007fa3bec23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  254.236336][ T9218] RAX: ffffffffffffffda RBX: 00007fa3be015fa0 RCX: 00007fa3bdd9c819
[  254.244474][ T9218] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  254.252444][ T9218] RBP: 00007fa3bec23090 R08: 0000000000000000 R09: 0000000000000000
[  254.260762][ T9218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  254.268815][ T9218] R13: 00007fa3be016038 R14: 00007fa3be015fa0 R15: 00007ffd3a168748
[  254.276820][ T9218]  </TASK>
[  255.169038][ T9243] netlink: 192436 bytes leftover after parsing attributes in process `syz.1.1285'.
[  255.199442][ T9243] openvswitch: netlink: Message has 20480 unknown bytes.
[  255.790571][ T9258] netlink: 'syz.1.1292': attribute type 10 has an invalid length.
[  255.866588][ T9258] vxcan1: entered promiscuous mode
[  255.878878][ T9258] vxcan1: entered allmulticast mode
[  255.897869][ T9258] `: Device vxcan1 is of different type
[  256.008134][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  256.014971][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  256.102118][ T9268] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1296'.
[  256.123070][ T9268] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1296'.
[  256.458089][ T9272] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.1298'.
[  256.529895][ T9283] FAULT_INJECTION: forcing a failure.
[  256.529895][ T9283] name failslab, interval 1, probability 0, space 0, times 0
[  256.543426][ T9283] CPU: 1 PID: 9283 Comm: syz.2.1301 Not tainted syzkaller #0
[  256.550926][ T9283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  256.561000][ T9283] Call Trace:
[  256.564540][ T9283]  <TASK>
[  256.567506][ T9283]  dump_stack_lvl+0x18c/0x250
[  256.572224][ T9283]  ? show_regs_print_info+0x20/0x20
[  256.577455][ T9283]  ? load_image+0x420/0x420
[  256.582142][ T9283]  ? __might_sleep+0xe0/0xe0
[  256.586743][ T9283]  ? __lock_acquire+0x7d40/0x7d40
[  256.591972][ T9283]  should_fail_ex+0x39d/0x4d0
[  256.596668][ T9283]  should_failslab+0x9/0x20
[  256.601180][ T9283]  slab_pre_alloc_hook+0x59/0x310
[  256.606276][ T9283]  ? vfs_write+0x7dd/0x990
[  256.610784][ T9283]  kmem_cache_alloc+0x5a/0x2d0
[  256.615689][ T9283]  ? getname_flags+0xbb/0x500
[  256.620505][ T9283]  getname_flags+0xbb/0x500
[  256.625134][ T9283]  do_sys_openat2+0xda/0x1d0
[  256.629845][ T9283]  ? do_sys_open+0xe0/0xe0
[  256.634429][ T9283]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  256.640561][ T9283]  ? lock_chain_count+0x20/0x20
[  256.645506][ T9283]  __x64_sys_openat+0x139/0x160
[  256.650540][ T9283]  do_syscall_64+0x55/0xa0
[  256.654969][ T9283]  ? clear_bhb_loop+0x40/0x90
[  256.659675][ T9283]  ? clear_bhb_loop+0x40/0x90
[  256.664465][ T9283]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  256.670376][ T9283] RIP: 0033:0x7fa3bdd5d04e
[  256.674806][ T9283] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  256.694516][ T9283] RSP: 002b:00007fa3bec22ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  256.702937][ T9283] RAX: ffffffffffffffda RBX: 00007fa3bec236c0 RCX: 00007fa3bdd5d04e
[  256.710924][ T9283] RDX: 0000000000000002 RSI: 00007fa3bec22f90 RDI: ffffffffffffff9c
[  256.719079][ T9283] RBP: 00007fa3bec23090 R08: 0000000000000000 R09: 0000000000000000
[  256.727169][ T9283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.735140][ T9283] R13: 00007fa3be016038 R14: 00007fa3be015fa0 R15: 00007ffd3a168748
[  256.743222][ T9283]  </TASK>
[  257.468715][ T9308] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1311'.
[  257.510048][ T9308] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1311'.
[  257.648862][ T9315] netlink: 63503 bytes leftover after parsing attributes in process `syz.2.1314'.
[  257.749311][ T9320] FAULT_INJECTION: forcing a failure.
[  257.749311][ T9320] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.781315][ T9320] CPU: 1 PID: 9320 Comm: syz.1.1315 Not tainted syzkaller #0
[  257.788753][ T9320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  257.799104][ T9320] Call Trace:
[  257.802615][ T9320]  <TASK>
[  257.805584][ T9320]  dump_stack_lvl+0x18c/0x250
[  257.810331][ T9320]  ? show_regs_print_info+0x20/0x20
[  257.815654][ T9320]  ? load_image+0x420/0x420
[  257.820376][ T9320]  ? __might_fault+0xaa/0x120
[  257.825076][ T9320]  ? __lock_acquire+0x7d40/0x7d40
[  257.830134][ T9320]  should_fail_ex+0x39d/0x4d0
[  257.834959][ T9320]  _copy_to_user+0x2f/0xa0
[  257.839412][ T9320]  __htab_map_lookup_and_delete_batch+0x1034/0x1360
[  257.846145][ T9320]  ? jhash+0x740/0x740
[  257.850266][ T9320]  ? __fdget+0x180/0x210
[  257.854598][ T9320]  ? htab_percpu_map_lookup_and_delete_elem+0x40/0x40
[  257.861477][ T9320]  bpf_map_do_batch+0x477/0x610
[  257.866367][ T9320]  __sys_bpf+0x78c/0x890
[  257.870655][ T9320]  ? bpf_link_show_fdinfo+0x390/0x390
[  257.876192][ T9320]  ? lock_chain_count+0x20/0x20
[  257.881078][ T9320]  __x64_sys_bpf+0x7c/0x90
[  257.885543][ T9320]  do_syscall_64+0x55/0xa0
[  257.889977][ T9320]  ? clear_bhb_loop+0x40/0x90
[  257.894679][ T9320]  ? clear_bhb_loop+0x40/0x90
[  257.899386][ T9320]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  257.905312][ T9320] RIP: 0033:0x7f601f79c819
[  257.909846][ T9320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  257.929671][ T9320] RSP: 002b:00007f602063a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  257.938205][ T9320] RAX: ffffffffffffffda RBX: 00007f601fa16090 RCX: 00007f601f79c819
[  257.946326][ T9320] RDX: 0000000000000038 RSI: 0000200000000800 RDI: 0000000000000019
[  257.954323][ T9320] RBP: 00007f602063a090 R08: 0000000000000000 R09: 0000000000000000
[  257.962322][ T9320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  257.970407][ T9320] R13: 00007f601fa16128 R14: 00007f601fa16090 R15: 00007ffef0657c18
[  257.978466][ T9320]  </TASK>
[  258.058471][ T9328] netlink: 'syz.2.1320': attribute type 2 has an invalid length.
[  258.067876][ T9328] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1320'.
[  258.258042][ T9337] netlink: 'syz.1.1323': attribute type 29 has an invalid length.
[  258.266919][ T9337] netlink: 'syz.1.1323': attribute type 29 has an invalid length.
[  258.542745][ T9353] netlink: 17279 bytes leftover after parsing attributes in process `syz.2.1329'.
[  258.558732][ T9355] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1330'.
[  258.750113][ T9364] tun0: tun_chr_ioctl cmd 1074025678
[  258.761305][ T9364] tun0: group set to 0
[  258.769379][ T9364] netlink: 'syz.1.1334': attribute type 10 has an invalid length.
[  258.835599][ T9368] netlink: 'syz.0.1337': attribute type 10 has an invalid length.
[  258.897824][ T9364] geneve1: left promiscuous mode
[  258.913154][ T9364] geneve1: left allmulticast mode
[  258.934005][ T9364] `: Port device geneve1 removed
[  258.940490][ T9368] netlink: 'syz.0.1337': attribute type 10 has an invalid length.
[  259.187514][ T9384] netlink: 'syz.2.1342': attribute type 10 has an invalid length.
[  259.908309][ T9419] netlink: 'syz.3.1355': attribute type 41 has an invalid length.
[  260.183249][ T9434] pim6reg1: entered promiscuous mode
[  260.188730][ T9434] pim6reg1: entered allmulticast mode
[  260.605983][ T9452] netlink: 'syz.0.1365': attribute type 21 has an invalid length.
[  260.651647][ T9452] __nla_validate_parse: 6 callbacks suppressed
[  260.651663][ T9452] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1365'.
[  260.684945][ T9454] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  261.021828][ T9471] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  261.041954][ T9471] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  261.776533][ T9501] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1388'.
[  262.228721][ T9517] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1395'.
[  262.252091][ T9517] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1395'.
[  262.275122][ T9518] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1395'.
[  263.343754][ T9528] netlink: 711 bytes leftover after parsing attributes in process `syz.3.1398'.
[  263.412368][ T9533] FAULT_INJECTION: forcing a failure.
[  263.412368][ T9533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.491388][ T9533] CPU: 0 PID: 9533 Comm: syz.1.1399 Not tainted syzkaller #0
[  263.498863][ T9533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  263.508978][ T9533] Call Trace:
[  263.512308][ T9533]  <TASK>
[  263.515285][ T9533]  dump_stack_lvl+0x18c/0x250
[  263.520043][ T9533]  ? show_regs_print_info+0x20/0x20
[  263.525479][ T9533]  ? load_image+0x420/0x420
[  263.529362][ T9529] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.1397'.
[  263.530037][ T9533]  ? __might_fault+0xaa/0x120
[  263.530073][ T9533]  ? __lock_acquire+0x7d40/0x7d40
[  263.530116][ T9533]  should_fail_ex+0x39d/0x4d0
[  263.530163][ T9533]  _copy_from_user+0x2f/0xe0
[  263.530196][ T9533]  generic_map_update_batch+0x54b/0x810
[  263.530257][ T9533]  ? rcu_read_unlock+0xa0/0xa0
[  263.530298][ T9533]  ? __fdget+0x180/0x210
[  263.530333][ T9533]  ? rcu_read_unlock+0xa0/0xa0
[  263.530351][ T9533]  bpf_map_do_batch+0x3d7/0x610
[  263.530394][ T9533]  __sys_bpf+0x381/0x890
[  263.530424][ T9533]  ? bpf_link_show_fdinfo+0x390/0x390
[  263.548482][ T9529] netlink: zone id is out of range
[  263.549668][ T9533]  ? lock_chain_count+0x20/0x20
[  263.549735][ T9533]  __x64_sys_bpf+0x7c/0x90
[  263.549766][ T9533]  do_syscall_64+0x55/0xa0
[  263.549786][ T9533]  ? clear_bhb_loop+0x40/0x90
[  263.549810][ T9533]  ? clear_bhb_loop+0x40/0x90
[  263.549841][ T9533]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  263.558650][ T9529] netlink: zone id is out of range
[  263.559225][ T9533] RIP: 0033:0x7f601f79c819
[  263.559256][ T9533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  263.559275][ T9533] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  263.559301][ T9533] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  263.559317][ T9533] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  263.559332][ T9533] RBP: 00007f602065b090 R08: 0000000000000000 R09: 0000000000000000
[  263.559346][ T9533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  263.559359][ T9533] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  263.559423][ T9533]  </TASK>
[  263.765864][ T9529] netlink: zone id is out of range
[  263.785840][ T9529] netlink: zone id is out of range
[  263.798349][ T9529] netlink: zone id is out of range
[  263.812319][ T9529] netlink: zone id is out of range
[  263.832195][ T9529] netlink: zone id is out of range
[  263.837855][ T9529] netlink: zone id is out of range
[  263.851738][ T9529] netlink: zone id is out of range
[  263.871312][ T9529] netlink: zone id is out of range
[  264.097588][ T9546] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[  264.154594][ T9546] validate_nla: 1 callbacks suppressed
[  264.154615][ T9546] netlink: 'syz.0.1405': attribute type 10 has an invalid length.
[  266.372440][ T9589] netlink: 'syz.1.1419': attribute type 10 has an invalid length.
[  266.442498][ T9589] netlink: 'syz.1.1419': attribute type 16 has an invalid length.
[  266.450484][ T9589] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1419'.
[  267.190512][ T9592] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1420'.
[  267.230750][ T9592] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1420'.
[  267.282919][ T9593] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1420'.
[  271.982314][ T9608] netlink: 'syz.3.1424': attribute type 21 has an invalid length.
[  271.990772][ T9608] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1424'.
[  272.131226][ T9608] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1424'.
[  272.205210][ T9608] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1424'.
[  273.360731][ T9642] delete_channel: no stack
[  273.372578][ T9642] delete_channel: no stack
[  273.779490][ T9672] netlink: 'syz.3.1447': attribute type 10 has an invalid length.
[  273.811233][ T9672] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1447'.
[  273.832428][ T9672] batman_adv: batadv0: Adding interface: virt_wifi0
[  273.839173][ T9672] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.921200][ T9672] batman_adv: batadv0: Interface activated: virt_wifi0
[  274.121206][ T9682] netlink: 'syz.2.1450': attribute type 10 has an invalid length.
[  274.548038][ T9691] delete_channel: no stack
[  274.920485][ T9714] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1465'.
[  274.949368][ T9714] bond0: (slave bond_slave_0): Releasing backup interface
[  274.972675][ T9714] net_ratelimit: 15 callbacks suppressed
[  274.972691][ T9714] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  275.007813][ T9718] FAULT_INJECTION: forcing a failure.
[  275.007813][ T9718] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  275.026792][ T9718] CPU: 0 PID: 9718 Comm: syz.1.1466 Not tainted syzkaller #0
[  275.034238][ T9718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  275.044323][ T9718] Call Trace:
[  275.047740][ T9718]  <TASK>
[  275.050690][ T9718]  dump_stack_lvl+0x18c/0x250
[  275.055412][ T9718]  ? show_regs_print_info+0x20/0x20
[  275.060654][ T9718]  ? load_image+0x420/0x420
[  275.065204][ T9718]  ? __lock_acquire+0x7d40/0x7d40
[  275.070272][ T9718]  should_fail_ex+0x39d/0x4d0
[  275.074997][ T9718]  prepare_alloc_pages+0x1e2/0x5f0
[  275.080233][ T9718]  __alloc_pages+0x134/0x460
[  275.084859][ T9718]  ? zone_statistics+0x170/0x170
[  275.089828][ T9718]  ? alloc_pages+0x4dc/0x740
[  275.094599][ T9718]  ? do_raw_spin_unlock+0x121/0x230
[  275.099815][ T9718]  __get_free_pages+0xc/0x30
[  275.104405][ T9718]  kasan_populate_vmalloc_pte+0x35/0x100
[  275.110135][ T9718]  __apply_to_page_range+0x860/0xdd0
[  275.115439][ T9718]  ? kasan_populate_vmalloc+0x70/0x70
[  275.120901][ T9718]  ? apply_to_page_range+0x50/0x50
[  275.126021][ T9718]  ? do_raw_spin_unlock+0x121/0x230
[  275.131229][ T9718]  alloc_vmap_area+0x1d0c/0x1e30
[  275.136182][ T9718]  ? vm_map_ram+0xcb0/0xcb0
[  275.140683][ T9718]  ? rcu_is_watching+0x15/0xb0
[  275.145453][ T9718]  __get_vm_area_node+0x162/0x370
[  275.150485][ T9718]  __vmalloc_node_range+0x36e/0x1330
[  275.155772][ T9718]  ? sock_map_alloc+0x1af/0x2c0
[  275.160657][ T9718]  ? free_vm_area+0x50/0x50
[  275.165228][ T9718]  ? bpf_map_area_alloc+0x5e/0x110
[  275.170342][ T9718]  ? rcu_is_watching+0x15/0xb0
[  275.175190][ T9718]  ? bpf_map_area_alloc+0x5e/0x110
[  275.180322][ T9718]  bpf_map_area_alloc+0xf1/0x110
[  275.185269][ T9718]  ? sock_map_alloc+0x1af/0x2c0
[  275.190144][ T9718]  sock_map_alloc+0x1af/0x2c0
[  275.194907][ T9718]  map_create+0x877/0x12f0
[  275.199386][ T9718]  ? bpf_lsm_bpf+0x9/0x10
[  275.203803][ T9718]  __sys_bpf+0x651/0x890
[  275.208039][ T9718]  ? bpf_link_show_fdinfo+0x390/0x390
[  275.213423][ T9718]  ? lock_chain_count+0x20/0x20
[  275.218288][ T9718]  __x64_sys_bpf+0x7c/0x90
[  275.222787][ T9718]  do_syscall_64+0x55/0xa0
[  275.227214][ T9718]  ? clear_bhb_loop+0x40/0x90
[  275.231888][ T9718]  ? clear_bhb_loop+0x40/0x90
[  275.236560][ T9718]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  275.242450][ T9718] RIP: 0033:0x7f601f79c819
[  275.246861][ T9718] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  275.266594][ T9718] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  275.275107][ T9718] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  275.283164][ T9718] RDX: 0000000000000048 RSI: 0000200000000580 RDI: 0600000000000000
[  275.291225][ T9718] RBP: 00007f602065b090 R08: 0000000000000000 R09: 0000000000000000
[  275.299281][ T9718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  275.307292][ T9718] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  275.315364][ T9718]  </TASK>
[  276.399527][ T5776] Bluetooth: hci2: unexpected event 0x04 length: 15 > 10
[  276.399567][ T5776] Bluetooth: unknown link type 110
[  276.413200][ T5776] Bluetooth: hci2: connection err: -111
[  276.666826][ T9782] netlink: 'syz.1.1491': attribute type 1 has an invalid length.
[  276.814449][ T9789] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37
[  277.079820][ T9804] netlink: 'syz.0.1499': attribute type 2 has an invalid length.
[  277.104979][ T9804] netlink: 'syz.0.1499': attribute type 8 has an invalid length.
[  277.151163][ T9804] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1499'.
[  277.783949][ T9825] FAULT_INJECTION: forcing a failure.
[  277.783949][ T9825] name failslab, interval 1, probability 0, space 0, times 0
[  277.804792][ T9821] netlink: 'syz.1.1506': attribute type 2 has an invalid length.
[  277.823306][ T9821] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1506'.
[  277.871140][ T9825] CPU: 1 PID: 9825 Comm: syz.0.1509 Not tainted syzkaller #0
[  277.878681][ T9825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  277.888941][ T9825] Call Trace:
[  277.892260][ T9825]  <TASK>
[  277.895205][ T9825]  dump_stack_lvl+0x18c/0x250
[  277.900260][ T9825]  ? sctp_sendmsg+0x1575/0x28c0
[  277.905150][ T9825]  ? ___sys_sendmsg+0x2a6/0x360
[  277.910141][ T9825]  ? show_regs_print_info+0x20/0x20
[  277.915647][ T9825]  ? load_image+0x420/0x420
[  277.920207][ T9825]  should_fail_ex+0x39d/0x4d0
[  277.925075][ T9825]  should_failslab+0x9/0x20
[  277.929581][ T9825]  slab_pre_alloc_hook+0x59/0x310
[  277.934795][ T9825]  ? sctp_add_bind_addr+0x8c/0x360
[  277.939914][ T9825]  __kmem_cache_alloc_node+0x53/0x250
[  277.945320][ T9825]  ? sctp_add_bind_addr+0x8c/0x360
[  277.950530][ T9825]  kmalloc_trace+0x2a/0xe0
[  277.954948][ T9825]  sctp_add_bind_addr+0x8c/0x360
[  277.959887][ T9825]  sctp_copy_local_addr_list+0x315/0x4f0
[  277.965604][ T9825]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  277.971410][ T9825]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  277.977475][ T9825]  ? sctp_v6_is_any+0x64/0x70
[  277.982242][ T9825]  ? sctp_copy_one_addr+0x8c/0x350
[  277.987351][ T9825]  sctp_bind_addr_copy+0xb3/0x3c0
[  277.992380][ T9825]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  277.998712][ T9825]  sctp_connect_new_asoc+0x2f9/0x6a0
[  278.004087][ T9825]  ? __sctp_connect+0xd80/0xd80
[  278.008937][ T9825]  ? __local_bh_enable_ip+0x13a/0x1c0
[  278.014331][ T9825]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  278.019875][ T9825]  ? security_sctp_bind_connect+0x89/0xb0
[  278.025680][ T9825]  sctp_sendmsg+0x1575/0x28c0
[  278.030450][ T9825]  ? sctp_getsockopt+0xb60/0xb60
[  278.035386][ T9825]  ? aa_sk_perm+0x83c/0x970
[  278.039894][ T9825]  ? aa_af_perm+0x330/0x330
[  278.044391][ T9825]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  278.050978][ T9825]  ? sock_rps_record_flow+0x19/0x3f0
[  278.056265][ T9825]  ? inet_sendmsg+0xe9/0x2f0
[  278.060860][ T9825]  ? inet_send_prepare+0x260/0x260
[  278.065998][ T9825]  ____sys_sendmsg+0x5ba/0x960
[  278.070759][ T9825]  ? __lock_acquire+0x7d40/0x7d40
[  278.075897][ T9825]  ? __asan_memset+0x22/0x40
[  278.080659][ T9825]  ? __sys_sendmsg_sock+0x30/0x30
[  278.085767][ T9825]  ? __import_iovec+0x5f2/0x850
[  278.090829][ T9825]  ? import_iovec+0x73/0xa0
[  278.095351][ T9825]  ___sys_sendmsg+0x2a6/0x360
[  278.100034][ T9825]  ? get_pid_task+0x20/0x1e0
[  278.104627][ T9825]  ? __sys_sendmsg+0x2a0/0x2a0
[  278.109412][ T9825]  ? __lock_acquire+0x7d40/0x7d40
[  278.114456][ T9825]  __se_sys_sendmsg+0x1c2/0x2b0
[  278.119597][ T9825]  ? __x64_sys_sendmsg+0x80/0x80
[  278.124672][ T9825]  ? lockdep_hardirqs_on+0x98/0x150
[  278.130080][ T9825]  do_syscall_64+0x55/0xa0
[  278.134543][ T9825]  ? clear_bhb_loop+0x40/0x90
[  278.139222][ T9825]  ? clear_bhb_loop+0x40/0x90
[  278.143913][ T9825]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  278.150001][ T9825] RIP: 0033:0x7ff9f5d9c819
[  278.154431][ T9825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  278.174210][ T9825] RSP: 002b:00007ff9f6c02028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.182632][ T9825] RAX: ffffffffffffffda RBX: 00007ff9f6015fa0 RCX: 00007ff9f5d9c819
[  278.190602][ T9825] RDX: 000000002600c055 RSI: 00002000000000c0 RDI: 0000000000000003
[  278.198744][ T9825] RBP: 00007ff9f6c02090 R08: 0000000000000000 R09: 0000000000000000
[  278.206978][ T9825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  278.214972][ T9825] R13: 00007ff9f6016038 R14: 00007ff9f6015fa0 R15: 00007fff0bbae458
[  278.223044][ T9825]  </TASK>
[  278.281582][ T9829] netlink: 'syz.3.1507': attribute type 15 has an invalid length.
[  278.299995][ T9829] netlink: 'syz.3.1507': attribute type 7 has an invalid length.
[  278.732313][ T9850] netlink: 'syz.3.1516': attribute type 12 has an invalid length.
[  278.749811][ T9850] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1516'.
[  279.144800][ T9868] netlink: 'syz.1.1521': attribute type 10 has an invalid length.
[  279.166755][ T9868] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1521'.
[  279.192783][ T9868] A link change request failed with some changes committed already. Interface ` may have been left with an inconsistent configuration, please check.
[  279.899907][ T9890] tap0: tun_chr_ioctl cmd 1074025677
[  279.930700][ T9890] tap0: linktype set to 805
[  280.121413][ T9896] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1533'.
[  280.321379][ T9903] netlink: 'syz.1.1536': attribute type 10 has an invalid length.
[  280.329436][ T9903] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1536'.
[  280.878660][ T9916] netlink: 'syz.1.1541': attribute type 29 has an invalid length.
[  280.919586][ T9916] netlink: 'syz.1.1541': attribute type 29 has an invalid length.
[  281.610325][ T9923] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1542'.
[  281.644426][ T9920] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.663863][ T9920] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.692241][ T9920] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.713234][ T9920] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.989811][ T9922] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1542'.
[  282.105091][ T9931] netlink: 11562 bytes leftover after parsing attributes in process `syz.2.1544'.
[  282.204703][ T9930] delete_channel: no stack
[  282.214978][ T9934] validate_nla: 6 callbacks suppressed
[  282.215031][ T9934] netlink: 'syz.3.1545': attribute type 10 has an invalid length.
[  282.563989][ T9941] netlink: 'syz.2.1548': attribute type 4 has an invalid length.
[  283.034505][ T9952] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1553'.
[  283.797132][ T9976] netlink: 'syz.1.1560': attribute type 13 has an invalid length.
[  283.820861][ T9976] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1560'.
[  283.846630][ T9976] syz_tun: refused to change device tx_queue_len
[  283.874441][ T9979] netlink: 'syz.1.1560': attribute type 11 has an invalid length.
[  284.202380][ T9985] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1563'.
[  284.234614][ T9988] IPv6: Can't replace route, no match found
[  284.408520][ T9995] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.1566'.
[  284.431427][ T5776] Bluetooth: hci2: ISO packet for unknown connection handle 2366
[  284.777659][T10006] delete_channel: no stack
[  286.868447][T10040] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.1581'.
[  286.902065][T10040] bridge_slave_1: default FDB implementation only supports local addresses
[  288.055498][T10047] FAULT_INJECTION: forcing a failure.
[  288.055498][T10047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.069144][T10047] CPU: 1 PID: 10047 Comm: syz.1.1585 Not tainted syzkaller #0
[  288.076637][T10047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  288.086888][T10047] Call Trace:
[  288.090164][T10047]  <TASK>
[  288.093119][T10047]  dump_stack_lvl+0x18c/0x250
[  288.097807][T10047]  ? show_regs_print_info+0x20/0x20
[  288.103091][T10047]  ? load_image+0x420/0x420
[  288.107593][T10047]  ? __might_fault+0xaa/0x120
[  288.112347][T10047]  ? __lock_acquire+0x7d40/0x7d40
[  288.117414][T10047]  should_fail_ex+0x39d/0x4d0
[  288.122111][T10047]  _copy_from_user+0x2f/0xe0
[  288.126805][T10047]  __sys_bpf+0x23e/0x890
[  288.131048][T10047]  ? bpf_link_show_fdinfo+0x390/0x390
[  288.136423][T10047]  ? lock_chain_count+0x20/0x20
[  288.141272][T10047]  __x64_sys_bpf+0x7c/0x90
[  288.145719][T10047]  do_syscall_64+0x55/0xa0
[  288.150127][T10047]  ? clear_bhb_loop+0x40/0x90
[  288.154803][T10047]  ? clear_bhb_loop+0x40/0x90
[  288.159480][T10047]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  288.165367][T10047] RIP: 0033:0x7f601f79c819
[  288.169775][T10047] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  288.189567][T10047] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  288.198069][T10047] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  288.206133][T10047] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  288.214187][T10047] RBP: 00007f602065b090 R08: 0000000000000000 R09: 0000000000000000
[  288.222174][T10047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.230141][T10047] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  288.238131][T10047]  </TASK>
[  289.221219][ T5776] Bluetooth: hci3: unexpected event 0x06 length: 15 > 3
[  289.244629][T10059] netlink: 'syz.0.1589': attribute type 2 has an invalid length.
[  289.288630][T10059] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1589'.
[  289.452379][T10071] netlink: 'syz.2.1593': attribute type 1 has an invalid length.
[  289.716470][T10077] netlink: 'syz.1.1597': attribute type 10 has an invalid length.
[  289.767056][T10077] bridge0: port 1(hsr0) entered disabled state
[  289.773651][T10077] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.755686][T10103] delete_channel: no stack
[  290.935975][T10108] netlink: 'syz.2.1607': attribute type 3 has an invalid length.
[  290.944654][T10108] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1607'.
[  291.166506][T10114] skbuff: bad partial csum: csum=65535/127 headroom=178 headlen=65664
[  291.180584][T10112] netlink: 'syz.0.1609': attribute type 39 has an invalid length.
[  291.304862][T10096] delete_channel: no stack
[  292.625506][T10157] netlink: 192436 bytes leftover after parsing attributes in process `syz.2.1624'.
[  292.648000][T10150] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.1621'.
[  292.710695][T10157] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  292.907274][T10150] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1621'.
[  292.960461][T10150] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  293.001435][T10150] CPU: 0 PID: 10150 Comm: syz.3.1621 Not tainted syzkaller #0
[  293.008993][T10150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  293.019198][T10150] Call Trace:
[  293.022533][T10150]  <TASK>
[  293.025520][T10150]  dump_stack_lvl+0x18c/0x250
[  293.030285][T10150]  ? show_regs_print_info+0x20/0x20
[  293.035559][T10150]  ? load_image+0x420/0x420
[  293.040221][T10150]  sysfs_warn_dup+0x8e/0xa0
[  293.044753][T10150]  sysfs_do_create_link_sd+0xc0/0x110
[  293.050243][T10150]  device_add_class_symlinks+0x1cf/0x240
[  293.055928][T10150]  device_add+0x507/0xc20
[  293.060301][T10150]  wiphy_register+0x1dad/0x2ae0
[  293.065293][T10150]  ? cfg80211_event_work+0x40/0x40
[  293.070530][T10150]  ? minstrel_ht_alloc+0x88a/0x990
[  293.075702][T10150]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  293.082205][T10150]  ieee80211_register_hw+0x3464/0x4250
[  293.087881][T10150]  ? ieee80211_tasklet_handler+0x20/0x20
[  293.093567][T10150]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  293.099514][T10150]  ? __debug_object_init+0xec/0x450
[  293.104806][T10150]  ? __asan_memset+0x22/0x40
[  293.109522][T10150]  ? __hrtimer_init+0x186/0x270
[  293.114592][T10150]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  293.120411][T10150]  ? mac80211_hwsim_free+0x220/0x220
[  293.125722][T10150]  ? rcu_is_watching+0x15/0xb0
[  293.130521][T10150]  ? kstrndup+0xbd/0x140
[  293.134899][T10150]  hwsim_new_radio_nl+0xdc9/0x1a90
[  293.140045][T10150]  ? __nla_validate+0x50/0x50
[  293.144865][T10150]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  293.151433][T10150]  ? __nla_parse+0x40/0x50
[  293.155895][T10150]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  293.162353][T10150]  genl_family_rcv_msg_doit+0x211/0x310
[  293.167952][T10150]  ? end_current_label_crit_section+0x170/0x170
[  293.174330][T10150]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  293.180304][T10150]  ? bpf_lsm_capable+0x9/0x10
[  293.185055][T10150]  ? security_capable+0x89/0xb0
[  293.190001][T10150]  genl_rcv_msg+0x619/0x7a0
[  293.194597][T10150]  ? genl_bind+0x360/0x360
[  293.199086][T10150]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  293.205725][T10150]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  293.212414][T10150]  netlink_rcv_skb+0x241/0x4d0
[  293.217226][T10150]  ? genl_bind+0x360/0x360
[  293.221682][T10150]  ? netlink_ack+0x1180/0x1180
[  293.226513][T10150]  ? __lock_acquire+0x7d40/0x7d40
[  293.231584][T10150]  ? down_read+0x1ac/0x2e0
[  293.236059][T10150]  genl_rcv+0x28/0x40
[  293.240059][T10150]  netlink_unicast+0x751/0x8d0
[  293.244900][T10150]  netlink_sendmsg+0x8d0/0xbf0
[  293.249800][T10150]  ? netlink_getsockopt+0x590/0x590
[  293.255115][T10150]  ? aa_sock_msg_perm+0x94/0x150
[  293.260305][T10150]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  293.265704][T10150]  ? security_socket_sendmsg+0x80/0xa0
[  293.271370][T10150]  ? netlink_getsockopt+0x590/0x590
[  293.276677][T10150]  ____sys_sendmsg+0x5ba/0x960
[  293.281711][T10150]  ? __asan_memset+0x22/0x40
[  293.286332][T10150]  ? __sys_sendmsg_sock+0x30/0x30
[  293.291636][T10150]  ? __import_iovec+0x5f2/0x850
[  293.296533][T10150]  ? import_iovec+0x73/0xa0
[  293.301717][T10150]  ___sys_sendmsg+0x2a6/0x360
[  293.306446][T10150]  ? __sys_sendmsg+0x2a0/0x2a0
[  293.311364][T10150]  __se_sys_sendmsg+0x1c2/0x2b0
[  293.316528][T10150]  ? __x64_sys_sendmsg+0x80/0x80
[  293.321526][T10150]  ? lockdep_hardirqs_on+0x98/0x150
[  293.326844][T10150]  do_syscall_64+0x55/0xa0
[  293.331307][T10150]  ? clear_bhb_loop+0x40/0x90
[  293.336109][T10150]  ? clear_bhb_loop+0x40/0x90
[  293.340824][T10150]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.346749][T10150] RIP: 0033:0x7f8c06b9c819
[  293.351279][T10150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  293.371173][T10150] RSP: 002b:00007f8c0796e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  293.379707][T10150] RAX: ffffffffffffffda RBX: 00007f8c06e15fa0 RCX: 00007f8c06b9c819
[  293.387957][T10150] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  293.396046][T10150] RBP: 00007f8c06c32c91 R08: 0000000000000000 R09: 0000000000000000
[  293.404065][T10150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  293.412170][T10150] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  293.420397][T10150]  </TASK>
[  293.725154][T10168] netlink: 'syz.0.1626': attribute type 10 has an invalid length.
[  293.745459][T10168] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1626'.
[  294.127152][T10197] netlink: 192436 bytes leftover after parsing attributes in process `syz.2.1636'.
[  294.152362][T10200] netlink: 192436 bytes leftover after parsing attributes in process `syz.2.1636'.
[  294.171630][T10197] openvswitch: netlink: Key type 15114 is out of range max 32
[  294.201432][T10200] openvswitch: netlink: Key type 15114 is out of range max 32
[  294.346009][T10209] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1641'.
[  294.628904][T10219] netlink: 171960 bytes leftover after parsing attributes in process `syz.0.1642'.
[  294.698271][T10219] netlink: zone id is out of range
[  294.759519][T10219] netlink: zone id is out of range
[  294.805904][T10219] netlink: zone id is out of range
[  294.824570][T10219] netlink: zone id is out of range
[  294.838414][T10219] netlink: zone id is out of range
[  294.858933][T10219] netlink: zone id is out of range
[  294.964406][T10210] delete_channel: no stack
[  295.259771][T10235] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1651'.
[  295.437156][T10240] netlink: 'syz.3.1655': attribute type 10 has an invalid length.
[  295.472781][T10240] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  295.500065][T10240] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  295.526639][T10240] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  295.537110][T10240] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  295.548789][T10240] geneve0: entered promiscuous mode
[  295.913514][T10264] netlink: 11562 bytes leftover after parsing attributes in process `syz.0.1661'.
[  296.214007][T10277] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.1664'.
[  296.319279][T10280] netlink: 'syz.0.1668': attribute type 29 has an invalid length.
[  296.350711][T10280] netlink: 'syz.0.1668': attribute type 29 has an invalid length.
[  296.407917][T10283] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1667'.
[  296.475392][T10288] FAULT_INJECTION: forcing a failure.
[  296.475392][T10288] name failslab, interval 1, probability 0, space 0, times 0
[  296.493488][T10288] CPU: 0 PID: 10288 Comm: syz.3.1670 Not tainted syzkaller #0
[  296.501013][T10288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  296.511168][T10288] Call Trace:
[  296.514647][T10288]  <TASK>
[  296.517635][T10288]  dump_stack_lvl+0x18c/0x250
[  296.522526][T10288]  ? sctp_sendmsg+0x1575/0x28c0
[  296.527570][T10288]  ? ___sys_sendmsg+0x2a6/0x360
[  296.532427][T10288]  ? show_regs_print_info+0x20/0x20
[  296.537635][T10288]  ? load_image+0x420/0x420
[  296.542153][T10288]  should_fail_ex+0x39d/0x4d0
[  296.546840][T10288]  should_failslab+0x9/0x20
[  296.551363][T10288]  slab_pre_alloc_hook+0x59/0x310
[  296.556422][T10288]  ? sctp_add_bind_addr+0x8c/0x360
[  296.561627][T10288]  __kmem_cache_alloc_node+0x53/0x250
[  296.567020][T10288]  ? sctp_add_bind_addr+0x8c/0x360
[  296.572130][T10288]  kmalloc_trace+0x2a/0xe0
[  296.576567][T10288]  sctp_add_bind_addr+0x8c/0x360
[  296.581509][T10288]  sctp_copy_local_addr_list+0x315/0x4f0
[  296.587184][T10288]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  296.593133][T10288]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  296.599643][T10288]  ? sctp_v6_is_any+0x64/0x70
[  296.604517][T10288]  ? sctp_copy_one_addr+0x8c/0x350
[  296.609831][T10288]  sctp_bind_addr_copy+0xb3/0x3c0
[  296.615117][T10288]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  296.621798][T10288]  sctp_connect_new_asoc+0x2f9/0x6a0
[  296.627261][T10288]  ? __sctp_connect+0xd80/0xd80
[  296.632282][T10288]  ? __local_bh_enable_ip+0x13a/0x1c0
[  296.637832][T10288]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  296.643554][T10288]  ? security_sctp_bind_connect+0x89/0xb0
[  296.649476][T10288]  sctp_sendmsg+0x1575/0x28c0
[  296.654996][T10288]  ? sctp_getsockopt+0xb60/0xb60
[  296.660554][T10288]  ? aa_sk_perm+0x83c/0x970
[  296.665285][T10288]  ? aa_af_perm+0x330/0x330
[  296.669987][T10288]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  296.676789][T10288]  ? sock_rps_record_flow+0x19/0x3f0
[  296.682250][T10288]  ? inet_sendmsg+0xe9/0x2f0
[  296.686935][T10288]  ? inet_send_prepare+0x260/0x260
[  296.692054][T10288]  ____sys_sendmsg+0x5ba/0x960
[  296.696830][T10288]  ? __lock_acquire+0x7d40/0x7d40
[  296.702242][T10288]  ? __asan_memset+0x22/0x40
[  296.707121][T10288]  ? __sys_sendmsg_sock+0x30/0x30
[  296.712267][T10288]  ? __import_iovec+0x5f2/0x850
[  296.717499][T10288]  ? import_iovec+0x73/0xa0
[  296.722026][T10288]  ___sys_sendmsg+0x2a6/0x360
[  296.726797][T10288]  ? get_pid_task+0x20/0x1e0
[  296.731388][T10288]  ? __sys_sendmsg+0x2a0/0x2a0
[  296.736161][T10288]  ? __lock_acquire+0x7d40/0x7d40
[  296.741378][T10288]  __se_sys_sendmsg+0x1c2/0x2b0
[  296.746495][T10288]  ? __x64_sys_sendmsg+0x80/0x80
[  296.751440][T10288]  ? lockdep_hardirqs_on+0x98/0x150
[  296.756734][T10288]  do_syscall_64+0x55/0xa0
[  296.761237][T10288]  ? clear_bhb_loop+0x40/0x90
[  296.766002][T10288]  ? clear_bhb_loop+0x40/0x90
[  296.770701][T10288]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  296.776592][T10288] RIP: 0033:0x7f8c06b9c819
[  296.781109][T10288] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  296.801247][T10288] RSP: 002b:00007f8c0796e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.810185][T10288] RAX: ffffffffffffffda RBX: 00007f8c06e15fa0 RCX: 00007f8c06b9c819
[  296.818248][T10288] RDX: 0000000000000041 RSI: 0000200000002dc0 RDI: 0000000000000003
[  296.826384][T10288] RBP: 00007f8c0796e090 R08: 0000000000000000 R09: 0000000000000000
[  296.834355][T10288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  296.842331][T10288] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  296.850689][T10288]  </TASK>
[  296.964539][T10293] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1672'.
[  297.258762][T10310] netlink: 'syz.1.1678': attribute type 3 has an invalid length.
[  297.271761][T10310] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1678'.
[  297.381993][T10316] netlink: 'syz.1.1678': attribute type 21 has an invalid length.
[  297.416742][T10316] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1678'.
[  297.576751][T10329] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.1683'.
[  297.594735][T10329] net_ratelimit: 480 callbacks suppressed
[  297.594753][T10329] netlink: zone id is out of range
[  297.609871][T10329] netlink: zone id is out of range
[  297.616951][T10329] netlink: zone id is out of range
[  297.627580][T10329] netlink: zone id is out of range
[  297.634385][T10329] netlink: zone id is out of range
[  297.656775][T10329] netlink: zone id is out of range
[  297.681462][T10329] netlink: zone id is out of range
[  297.686855][T10329] netlink: zone id is out of range
[  297.751837][T10329] netlink: zone id is out of range
[  297.757040][T10329] netlink: zone id is out of range
[  297.959860][T10345] netlink: 'syz.0.1690': attribute type 5 has an invalid length.
[  297.995568][T10345] netlink: 'syz.0.1690': attribute type 1 has an invalid length.
[  298.082135][T10355] FAULT_INJECTION: forcing a failure.
[  298.082135][T10355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.095763][T10355] CPU: 0 PID: 10355 Comm: syz.1.1693 Not tainted syzkaller #0
[  298.103448][T10355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  298.113622][T10355] Call Trace:
[  298.117165][T10355]  <TASK>
[  298.120113][T10355]  dump_stack_lvl+0x18c/0x250
[  298.125064][T10355]  ? show_regs_print_info+0x20/0x20
[  298.130475][T10355]  ? load_image+0x420/0x420
[  298.135084][T10355]  ? __might_fault+0xaa/0x120
[  298.139952][T10355]  ? __lock_acquire+0x7d40/0x7d40
[  298.145035][T10355]  should_fail_ex+0x39d/0x4d0
[  298.149739][T10355]  _copy_from_user+0x2f/0xe0
[  298.154545][T10355]  generic_map_update_batch+0x54b/0x810
[  298.160124][T10355]  ? rcu_read_unlock+0xa0/0xa0
[  298.165027][T10355]  ? __fdget+0x180/0x210
[  298.169573][T10355]  ? rcu_read_unlock+0xa0/0xa0
[  298.174531][T10355]  bpf_map_do_batch+0x3d7/0x610
[  298.179826][T10355]  __sys_bpf+0x381/0x890
[  298.184082][T10355]  ? bpf_link_show_fdinfo+0x390/0x390
[  298.189489][T10355]  ? lock_chain_count+0x20/0x20
[  298.194448][T10355]  __x64_sys_bpf+0x7c/0x90
[  298.198878][T10355]  do_syscall_64+0x55/0xa0
[  298.203392][T10355]  ? clear_bhb_loop+0x40/0x90
[  298.208690][T10355]  ? clear_bhb_loop+0x40/0x90
[  298.213429][T10355]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  298.219447][T10355] RIP: 0033:0x7f601f79c819
[  298.223896][T10355] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.244045][T10355] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  298.252843][T10355] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  298.260982][T10355] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  298.269616][T10355] RBP: 00007f602065b090 R08: 0000000000000000 R09: 0000000000000000
[  298.277637][T10355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  298.285900][T10355] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  298.294007][T10355]  </TASK>
[  298.661065][T10364] FAULT_INJECTION: forcing a failure.
[  298.661065][T10364] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.681624][T10364] CPU: 1 PID: 10364 Comm: syz.2.1696 Not tainted syzkaller #0
[  298.689235][T10364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  298.699468][T10364] Call Trace:
[  298.702831][T10364]  <TASK>
[  298.705759][T10364]  dump_stack_lvl+0x18c/0x250
[  298.710635][T10364]  ? show_regs_print_info+0x20/0x20
[  298.716129][T10364]  ? load_image+0x420/0x420
[  298.720748][T10364]  ? __might_fault+0xaa/0x120
[  298.725496][T10364]  ? __lock_acquire+0x7d40/0x7d40
[  298.730544][T10364]  should_fail_ex+0x39d/0x4d0
[  298.735233][T10364]  _copy_from_user+0x2f/0xe0
[  298.739825][T10364]  __sys_bpf+0x23e/0x890
[  298.744079][T10364]  ? bpf_link_show_fdinfo+0x390/0x390
[  298.749462][T10364]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  298.755650][T10364]  __x64_sys_bpf+0x7c/0x90
[  298.760274][T10364]  do_syscall_64+0x55/0xa0
[  298.764825][T10364]  ? clear_bhb_loop+0x40/0x90
[  298.769574][T10364]  ? clear_bhb_loop+0x40/0x90
[  298.774437][T10364]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  298.780362][T10364] RIP: 0033:0x7fa3bdd9c819
[  298.784871][T10364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.805030][T10364] RSP: 002b:00007fa3bec23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  298.813901][T10364] RAX: ffffffffffffffda RBX: 00007fa3be015fa0 RCX: 00007fa3bdd9c819
[  298.822411][T10364] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  298.830937][T10364] RBP: 00007fa3bec23090 R08: 0000000000000000 R09: 0000000000000000
[  298.839289][T10364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.847570][T10364] R13: 00007fa3be016038 R14: 00007fa3be015fa0 R15: 00007ffd3a168748
[  298.855761][T10364]  </TASK>
[  299.300248][T10385] syzkaller0: entered promiscuous mode
[  299.316781][T10385] syzkaller0: entered allmulticast mode
[  299.406823][T10392] netlink: 'syz.0.1708': attribute type 2 has an invalid length.
[  299.433439][T10392] __nla_validate_parse: 3 callbacks suppressed
[  299.433456][T10392] netlink: 119 bytes leftover after parsing attributes in process `syz.0.1708'.
[  300.102477][T10409] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1714'.
[  300.113775][T10409] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1714'.
[  300.322077][T10417] FAULT_INJECTION: forcing a failure.
[  300.322077][T10417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.358700][T10417] CPU: 0 PID: 10417 Comm: syz.3.1719 Not tainted syzkaller #0
[  300.366219][T10417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  300.376280][T10417] Call Trace:
[  300.379569][T10417]  <TASK>
[  300.382533][T10417]  dump_stack_lvl+0x18c/0x250
[  300.387232][T10417]  ? show_regs_print_info+0x20/0x20
[  300.392432][T10417]  ? load_image+0x420/0x420
[  300.396951][T10417]  ? __might_fault+0xaa/0x120
[  300.401639][T10417]  ? __lock_acquire+0x7d40/0x7d40
[  300.406819][T10417]  should_fail_ex+0x39d/0x4d0
[  300.411595][T10417]  strncpy_from_user+0x36/0x2d0
[  300.416557][T10417]  getname_flags+0xf6/0x500
[  300.421063][T10417]  do_sys_openat2+0xda/0x1d0
[  300.425663][T10417]  ? do_sys_open+0xe0/0xe0
[  300.430109][T10417]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  300.436086][T10417]  ? lock_chain_count+0x20/0x20
[  300.441024][T10417]  __x64_sys_openat+0x139/0x160
[  300.445880][T10417]  do_syscall_64+0x55/0xa0
[  300.450288][T10417]  ? clear_bhb_loop+0x40/0x90
[  300.454964][T10417]  ? clear_bhb_loop+0x40/0x90
[  300.459639][T10417]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  300.465530][T10417] RIP: 0033:0x7f8c06b5d04e
[  300.469946][T10417] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  300.489661][T10417] RSP: 002b:00007f8c0796dec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  300.498163][T10417] RAX: ffffffffffffffda RBX: 00007f8c0796e6c0 RCX: 00007f8c06b5d04e
[  300.506137][T10417] RDX: 0000000000000002 RSI: 00007f8c0796df90 RDI: ffffffffffffff9c
[  300.514281][T10417] RBP: 00007f8c0796e090 R08: 0000000000000000 R09: 0000000000000000
[  300.522257][T10417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.530224][T10417] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  300.538228][T10417]  </TASK>
[  300.556554][T10420] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.1717'.
[  300.699390][T10424] syz.0.1721[10424] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  300.699562][T10424] syz.0.1721[10424] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  301.257122][T10453] netlink: 'syz.2.1732': attribute type 2 has an invalid length.
[  301.286895][T10453] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1732'.
[  301.396307][T10458] FAULT_INJECTION: forcing a failure.
[  301.396307][T10458] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  301.475325][T10458] CPU: 0 PID: 10458 Comm: syz.3.1733 Not tainted syzkaller #0
[  301.482857][T10458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  301.492936][T10458] Call Trace:
[  301.496243][T10458]  <TASK>
[  301.499189][T10458]  dump_stack_lvl+0x18c/0x250
[  301.503924][T10458]  ? show_regs_print_info+0x20/0x20
[  301.509154][T10458]  ? load_image+0x420/0x420
[  301.513689][T10458]  ? __lock_acquire+0x7d40/0x7d40
[  301.518760][T10458]  ? mark_lock+0x94/0x320
[  301.523210][T10458]  should_fail_ex+0x39d/0x4d0
[  301.527926][T10458]  prepare_alloc_pages+0x1e2/0x5f0
[  301.533092][T10458]  __alloc_pages+0x134/0x460
[  301.537736][T10458]  ? zone_statistics+0x170/0x170
[  301.542717][T10458]  ? do_wp_page+0x7ca/0x35f0
[  301.547342][T10458]  ? do_wp_page+0xfc5/0x35f0
[  301.551975][T10458]  __folio_alloc+0x10/0x20
[  301.556424][T10458]  vma_alloc_folio+0x47a/0x8f0
[  301.561237][T10458]  do_wp_page+0x1243/0x35f0
[  301.565872][T10458]  ? folio_put+0xd0/0xd0
[  301.570141][T10458]  ? do_raw_spin_lock+0x11f/0x2c0
[  301.575199][T10458]  ? __rwlock_init+0x150/0x150
[  301.580004][T10458]  handle_mm_fault+0x135d/0x4c00
[  301.585134][T10458]  ? handle_mm_fault+0xe7/0x4c00
[  301.590137][T10458]  ? numa_migrate_prep+0x350/0x350
[  301.595273][T10458]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  301.600558][T10458]  do_user_addr_fault+0x730/0x12c0
[  301.605711][T10458]  exc_page_fault+0x64/0x100
[  301.610452][T10458]  asm_exc_page_fault+0x26/0x30
[  301.615582][T10458] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  301.621477][T10458] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  301.641445][T10458] RSP: 0018:ffffc90019b37af0 EFLAGS: 00050206
[  301.647709][T10458] RAX: ffffffff842a2001 RBX: 0000000000001400 RCX: 0000000000000540
[  301.655690][T10458] RDX: 0000000000000000 RSI: ffff888051c78ec0 RDI: 0000200000019000
[  301.663665][T10458] RBP: ffffc90019b37d20 R08: ffff888051c793ff R09: 1ffff1100a38f27f
[  301.671730][T10458] R10: dffffc0000000000 R11: ffffed100a38f280 R12: 0000200000019540
[  301.679716][T10458] R13: 0000000000001400 R14: 0000200000018140 R15: ffff888051c78000
[  301.687708][T10458]  ? _copy_to_user+0x31/0xa0
[  301.692315][T10458]  _copy_to_user+0x85/0xa0
[  301.696820][T10458]  __htab_map_lookup_and_delete_batch+0x1034/0x1360
[  301.703430][T10458]  ? jhash+0x740/0x740
[  301.707517][T10458]  ? __fdget+0x180/0x210
[  301.711854][T10458]  ? htab_percpu_map_lookup_and_delete_elem+0x40/0x40
[  301.718614][T10458]  bpf_map_do_batch+0x477/0x610
[  301.723760][T10458]  __sys_bpf+0x78c/0x890
[  301.728010][T10458]  ? bpf_link_show_fdinfo+0x390/0x390
[  301.733393][T10458]  ? lock_chain_count+0x20/0x20
[  301.738244][T10458]  __x64_sys_bpf+0x7c/0x90
[  301.742669][T10458]  do_syscall_64+0x55/0xa0
[  301.747179][T10458]  ? clear_bhb_loop+0x40/0x90
[  301.751853][T10458]  ? clear_bhb_loop+0x40/0x90
[  301.756528][T10458]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  301.762419][T10458] RIP: 0033:0x7f8c06b9c819
[  301.766930][T10458] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  301.786550][T10458] RSP: 002b:00007f8c04dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  301.795055][T10458] RAX: ffffffffffffffda RBX: 00007f8c06e16180 RCX: 00007f8c06b9c819
[  301.803285][T10458] RDX: 0000000000000038 RSI: 0000200000000800 RDI: 0000000000000019
[  301.811513][T10458] RBP: 00007f8c04dd5090 R08: 0000000000000000 R09: 0000000000000000
[  301.819591][T10458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  301.827654][T10458] R13: 00007f8c06e16218 R14: 00007f8c06e16180 R15: 00007ffc1db3d4f8
[  301.835645][T10458]  </TASK>
[  303.775271][T10474] netlink: 'syz.0.1737': attribute type 29 has an invalid length.
[  303.788193][T10474] netlink: 'syz.0.1737': attribute type 29 has an invalid length.
[  303.933142][T10479] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1742'.
[  304.337592][T10503] netlink: 'syz.3.1750': attribute type 10 has an invalid length.
[  304.359355][T10503] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1750'.
[  304.388282][T10503] netlink: 'syz.3.1750': attribute type 10 has an invalid length.
[  304.409859][T10503] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1750'.
[  304.635539][T10509] netlink: 'syz.3.1755': attribute type 10 has an invalid length.
[  304.720837][T10511] tun0: tun_chr_ioctl cmd 1074025678
[  304.757211][T10511] tun0: group set to 0
[  304.782659][T10511] netlink: 'syz.2.1753': attribute type 10 has an invalid length.
[  304.817628][T10513] netlink: 6 bytes leftover after parsing attributes in process `syz.0.1754'.
[  304.858235][T10511] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.880562][T10511] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.891216][T10511] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.901386][T10511] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.905237][T10513] net_ratelimit: 332 callbacks suppressed
[  304.905254][T10513] openvswitch: netlink: Flow actions attr not present in new flow.
[  304.943890][T10514] netlink: 'syz.0.1754': attribute type 1 has an invalid length.
[  304.962367][T10514] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1754'.
[  305.357980][T10529] netlink: 'syz.2.1761': attribute type 10 has an invalid length.
[  305.508590][T10538] netlink: 'syz.0.1765': attribute type 41 has an invalid length.
[  305.523388][T10536] netlink: 65055 bytes leftover after parsing attributes in process `syz.1.1764'.
[  306.134578][T10563] FAULT_INJECTION: forcing a failure.
[  306.134578][T10563] name failslab, interval 1, probability 0, space 0, times 0
[  306.147429][T10563] CPU: 1 PID: 10563 Comm: syz.1.1776 Not tainted syzkaller #0
[  306.155177][T10563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  306.165274][T10563] Call Trace:
[  306.168583][T10563]  <TASK>
[  306.171548][T10563]  dump_stack_lvl+0x18c/0x250
[  306.176261][T10563]  ? lock_chain_count+0x20/0x20
[  306.181172][T10563]  ? show_regs_print_info+0x20/0x20
[  306.186409][T10563]  ? load_image+0x420/0x420
[  306.190953][T10563]  ? lockdep_hardirqs_on+0x98/0x150
[  306.196187][T10563]  ? finish_task_switch+0x265/0x8f0
[  306.201457][T10563]  should_fail_ex+0x39d/0x4d0
[  306.206177][T10563]  should_failslab+0x9/0x20
[  306.210813][T10563]  slab_pre_alloc_hook+0x59/0x310
[  306.215989][T10563]  kmem_cache_alloc+0x5a/0x2d0
[  306.220878][T10563]  ? skb_clone+0x1eb/0x370
[  306.225321][T10563]  skb_clone+0x1eb/0x370
[  306.229697][T10563]  bpf_clone_redirect+0x167/0x4a0
[  306.234855][T10563]  bpf_prog_208b094576c80b22+0x5e/0x63
[  306.240524][T10563]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  306.246810][T10563]  ? preempt_schedule+0xc0/0xd0
[  306.251983][T10563]  ? bpf_test_run+0x174/0x870
[  306.256806][T10563]  ? preempt_schedule_common+0x82/0xc0
[  306.262387][T10563]  ? schedule_preempt_disabled+0x20/0x20
[  306.268047][T10563]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  306.274085][T10563]  ? lockdep_softirqs_on+0x580/0x580
[  306.279594][T10563]  ? lock_chain_count+0x20/0x20
[  306.284442][T10563]  ? preempt_schedule_thunk+0x1a/0x30
[  306.290171][T10563]  ? __local_bh_disable_ip+0x108/0x1a0
[  306.295809][T10563]  ? __cant_sleep+0x220/0x220
[  306.301110][T10563]  ? __local_bh_enable_ip+0x14b/0x1c0
[  306.306660][T10563]  ? _local_bh_enable+0xa0/0xa0
[  306.311511][T10563]  ? bpf_test_timer_continue+0x135/0x380
[  306.317156][T10563]  ? bpf_test_run+0x174/0x870
[  306.321833][T10563]  bpf_test_run+0x2df/0x870
[  306.326384][T10563]  ? bpf_test_run+0x174/0x870
[  306.331056][T10563]  ? convert___skb_to_skb+0x590/0x590
[  306.336861][T10563]  ? eth_get_headlen+0x210/0x210
[  306.342323][T10563]  ? bpf_prog_test_run_skb+0x7ad/0x12b0
[  306.348485][T10563]  ? convert___skb_to_skb+0x3d/0x590
[  306.353768][T10563]  bpf_prog_test_run_skb+0xad2/0x12b0
[  306.359153][T10563]  ? cpu_online+0x60/0x60
[  306.363482][T10563]  bpf_prog_test_run+0x321/0x390
[  306.368622][T10563]  __sys_bpf+0x49d/0x890
[  306.372885][T10563]  ? bpf_link_show_fdinfo+0x390/0x390
[  306.378560][T10563]  ? lock_chain_count+0x20/0x20
[  306.383435][T10563]  __x64_sys_bpf+0x7c/0x90
[  306.387855][T10563]  do_syscall_64+0x55/0xa0
[  306.392418][T10563]  ? clear_bhb_loop+0x40/0x90
[  306.397208][T10563]  ? clear_bhb_loop+0x40/0x90
[  306.402146][T10563]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  306.408398][T10563] RIP: 0033:0x7f601f79c819
[  306.413016][T10563] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  306.432971][T10563] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  306.441474][T10563] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  306.449439][T10563] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  306.457492][T10563] RBP: 00007f602065b090 R08: 0000000000000000 R09: 0000000000000000
[  306.465926][T10563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  306.474160][T10563] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  306.482229][T10563]  </TASK>
[  307.054896][T10579] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[  307.082463][T10579] mac80211_hwsim hwsim7 wlan0: left allmulticast mode
[  307.121538][T10585] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[  307.135852][T10585] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode
[  307.904805][T10627] hsr_slave_0: left promiscuous mode
[  308.999427][T10642] FAULT_INJECTION: forcing a failure.
[  308.999427][T10642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.016584][T10642] CPU: 1 PID: 10642 Comm: syz.3.1808 Not tainted syzkaller #0
[  309.024480][T10642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  309.034679][T10642] Call Trace:
[  309.038003][T10642]  <TASK>
[  309.040979][T10642]  dump_stack_lvl+0x18c/0x250
[  309.045817][T10642]  ? show_regs_print_info+0x20/0x20
[  309.051285][T10642]  ? load_image+0x420/0x420
[  309.055912][T10642]  ? __might_fault+0xaa/0x120
[  309.060616][T10642]  ? __lock_acquire+0x7d40/0x7d40
[  309.065755][T10642]  should_fail_ex+0x39d/0x4d0
[  309.070553][T10642]  _copy_from_user+0x2f/0xe0
[  309.075201][T10642]  generic_map_update_batch+0x59a/0x810
[  309.080920][T10642]  ? rcu_read_unlock+0xa0/0xa0
[  309.085760][T10642]  ? __fdget+0x180/0x210
[  309.090043][T10642]  ? rcu_read_unlock+0xa0/0xa0
[  309.094812][T10642]  bpf_map_do_batch+0x3d7/0x610
[  309.099688][T10642]  __sys_bpf+0x381/0x890
[  309.104544][T10642]  ? bpf_link_show_fdinfo+0x390/0x390
[  309.110108][T10642]  ? lock_chain_count+0x20/0x20
[  309.115033][T10642]  __x64_sys_bpf+0x7c/0x90
[  309.119565][T10642]  do_syscall_64+0x55/0xa0
[  309.124418][T10642]  ? clear_bhb_loop+0x40/0x90
[  309.129212][T10642]  ? clear_bhb_loop+0x40/0x90
[  309.133946][T10642]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  309.140010][T10642] RIP: 0033:0x7f8c06b9c819
[  309.144586][T10642] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  309.164329][T10642] RSP: 002b:00007f8c0796e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  309.172884][T10642] RAX: ffffffffffffffda RBX: 00007f8c06e15fa0 RCX: 00007f8c06b9c819
[  309.181011][T10642] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  309.189214][T10642] RBP: 00007f8c0796e090 R08: 0000000000000000 R09: 0000000000000000
[  309.197302][T10642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  309.205743][T10642] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  309.213798][T10642]  </TASK>
[  309.258764][T10647] netlink: 763 bytes leftover after parsing attributes in process `syz.0.1810'.
[  311.554336][T10683] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1828'.
[  312.669216][T10689] netlink: 'syz.1.1821': attribute type 10 has an invalid length.
[  313.322044][T10710] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1826'.
[  315.209137][T10707] netlink: 'syz.1.1826': attribute type 21 has an invalid length.
[  315.217284][T10707] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1826'.
[  315.230532][T10707] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1826'.
[  315.326953][T10714] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1829'.
[  315.339481][T10714] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1829'.
[  315.371800][T10714] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1829'.
[  315.382779][T10716] netlink: 'syz.3.1830': attribute type 27 has an invalid length.
[  315.390747][T10716] netlink: 'syz.3.1830': attribute type 3 has an invalid length.
[  315.414474][T10716] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1830'.
[  315.801560][T10732] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1835'.
[  315.816365][T10732] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1835'.
[  316.672366][T10746] __nla_validate_parse: 2 callbacks suppressed
[  316.672384][T10746] netlink: 16255 bytes leftover after parsing attributes in process `syz.3.1839'.
[  316.698801][T10746] netlink: 16255 bytes leftover after parsing attributes in process `syz.3.1839'.
[  316.838369][T10757] netlink: 16255 bytes leftover after parsing attributes in process `syz.3.1845'.
[  317.104785][T10774] netlink: 'syz.3.1850': attribute type 21 has an invalid length.
[  317.141206][T10774] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1850'.
[  317.174612][T10774] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1850'.
[  317.227811][T10774] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1850'.
[  317.430414][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  317.436918][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  317.783310][T10790] netlink: 'syz.0.1854': attribute type 10 has an invalid length.
[  317.807200][T10790] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1854'.
[  318.343902][T10792] netlink: 209032 bytes leftover after parsing attributes in process `syz.3.1856'.
[  318.532927][T10796] FAULT_INJECTION: forcing a failure.
[  318.532927][T10796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.554521][T10796] CPU: 0 PID: 10796 Comm: syz.2.1858 Not tainted syzkaller #0
[  318.562083][T10796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  318.572360][T10796] Call Trace:
[  318.575683][T10796]  <TASK>
[  318.578745][T10796]  dump_stack_lvl+0x18c/0x250
[  318.583501][T10796]  ? show_regs_print_info+0x20/0x20
[  318.588755][T10796]  ? load_image+0x420/0x420
[  318.593317][T10796]  ? __might_fault+0xaa/0x120
[  318.598304][T10796]  ? __lock_acquire+0x7d40/0x7d40
[  318.603587][T10796]  should_fail_ex+0x39d/0x4d0
[  318.608342][T10796]  _copy_from_iter+0x1d9/0x12e0
[  318.613239][T10796]  ? slab_post_alloc_hook+0x8a/0x4b0
[  318.619013][T10796]  ? __virt_addr_valid+0x18c/0x540
[  318.624450][T10796]  ? __lock_acquire+0x7d40/0x7d40
[  318.629697][T10796]  ? rcu_is_watching+0x15/0xb0
[  318.634598][T10796]  ? copyout_mc+0x70/0x70
[  318.638952][T10796]  ? __virt_addr_valid+0x18c/0x540
[  318.644175][T10796]  ? __virt_addr_valid+0x18c/0x540
[  318.649316][T10796]  ? __virt_addr_valid+0x469/0x540
[  318.654560][T10796]  ? __check_object_size+0x506/0xa20
[  318.660183][T10796]  netlink_sendmsg+0x76b/0xbf0
[  318.665083][T10796]  ? netlink_getsockopt+0x590/0x590
[  318.670485][T10796]  ? aa_sock_msg_perm+0x94/0x150
[  318.675475][T10796]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  318.680833][T10796]  ? security_socket_sendmsg+0x80/0xa0
[  318.686321][T10796]  ? netlink_getsockopt+0x590/0x590
[  318.691587][T10796]  ____sys_sendmsg+0x5ba/0x960
[  318.696386][T10796]  ? __asan_memset+0x22/0x40
[  318.701028][T10796]  ? __sys_sendmsg_sock+0x30/0x30
[  318.706083][T10796]  ? __import_iovec+0x5f2/0x850
[  318.711005][T10796]  ? import_iovec+0x73/0xa0
[  318.715674][T10796]  ___sys_sendmsg+0x2a6/0x360
[  318.720421][T10796]  ? __sys_sendmsg+0x2a0/0x2a0
[  318.725383][T10796]  ? __lock_acquire+0x7d40/0x7d40
[  318.730643][T10796]  __se_sys_sendmsg+0x1c2/0x2b0
[  318.735562][T10796]  ? __x64_sys_sendmsg+0x80/0x80
[  318.740659][T10796]  ? lockdep_hardirqs_on+0x98/0x150
[  318.745912][T10796]  do_syscall_64+0x55/0xa0
[  318.750443][T10796]  ? clear_bhb_loop+0x40/0x90
[  318.755183][T10796]  ? clear_bhb_loop+0x40/0x90
[  318.759877][T10796]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  318.765885][T10796] RIP: 0033:0x7fa3bdd9c819
[  318.770322][T10796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  318.790140][T10796] RSP: 002b:00007fa3bec23028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.798756][T10796] RAX: ffffffffffffffda RBX: 00007fa3be015fa0 RCX: 00007fa3bdd9c819
[  318.806832][T10796] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005
[  318.814852][T10796] RBP: 00007fa3bec23090 R08: 0000000000000000 R09: 0000000000000000
[  318.822931][T10796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.830922][T10796] R13: 00007fa3be016038 R14: 00007fa3be015fa0 R15: 00007ffd3a168748
[  318.838963][T10796]  </TASK>
[  319.329410][T10820] netlink: 'syz.2.1865': attribute type 10 has an invalid length.
[  319.374930][T10820] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1865'.
[  319.384450][T10820] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  319.392102][T10820] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  319.590712][T10828] netlink: 'syz.2.1869': attribute type 10 has an invalid length.
[  320.887672][T10863] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1882'.
[  320.920028][T10865] netlink: 'syz.1.1883': attribute type 10 has an invalid length.
[  320.940749][T10865] netlink: 'syz.1.1883': attribute type 10 has an invalid length.
[  321.015540][T10867] FAULT_INJECTION: forcing a failure.
[  321.015540][T10867] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  321.044026][T10867] CPU: 1 PID: 10867 Comm: syz.1.1886 Not tainted syzkaller #0
[  321.052605][T10867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  321.063447][T10867] Call Trace:
[  321.066955][T10867]  <TASK>
[  321.070369][T10867]  dump_stack_lvl+0x18c/0x250
[  321.075261][T10867]  ? show_regs_print_info+0x20/0x20
[  321.081198][T10867]  ? load_image+0x420/0x420
[  321.086229][T10867]  ? __lock_acquire+0x7d40/0x7d40
[  321.092100][T10867]  should_fail_ex+0x39d/0x4d0
[  321.097369][T10867]  prepare_alloc_pages+0x1e2/0x5f0
[  321.103460][T10867]  __alloc_pages+0x134/0x460
[  321.108531][T10867]  ? zone_statistics+0x170/0x170
[  321.115082][T10867]  ? alloc_pages+0x4dc/0x740
[  321.119884][T10867]  ? do_raw_spin_unlock+0x121/0x230
[  321.125541][T10867]  __get_free_pages+0xc/0x30
[  321.130203][T10867]  kasan_populate_vmalloc_pte+0x35/0x100
[  321.136145][T10867]  __apply_to_page_range+0x860/0xdd0
[  321.141652][T10867]  ? kasan_populate_vmalloc+0x70/0x70
[  321.148190][T10867]  ? apply_to_page_range+0x50/0x50
[  321.153694][T10867]  ? do_raw_spin_unlock+0x121/0x230
[  321.159022][T10867]  alloc_vmap_area+0x1d0c/0x1e30
[  321.164208][T10867]  ? vm_map_ram+0xcb0/0xcb0
[  321.169624][T10867]  ? rcu_is_watching+0x15/0xb0
[  321.175217][T10867]  __get_vm_area_node+0x162/0x370
[  321.181129][T10867]  __vmalloc_node_range+0x36e/0x1330
[  321.186752][T10867]  ? sock_map_alloc+0x1af/0x2c0
[  321.192334][T10867]  ? free_vm_area+0x50/0x50
[  321.196894][T10867]  ? bpf_map_area_alloc+0x5e/0x110
[  321.202427][T10867]  ? rcu_is_watching+0x15/0xb0
[  321.207398][T10867]  ? bpf_map_area_alloc+0x5e/0x110
[  321.212925][T10867]  bpf_map_area_alloc+0xf1/0x110
[  321.218258][T10867]  ? sock_map_alloc+0x1af/0x2c0
[  321.223483][T10867]  sock_map_alloc+0x1af/0x2c0
[  321.228554][T10867]  map_create+0x877/0x12f0
[  321.233442][T10867]  ? bpf_lsm_bpf+0x9/0x10
[  321.238247][T10867]  __sys_bpf+0x651/0x890
[  321.242977][T10867]  ? bpf_link_show_fdinfo+0x390/0x390
[  321.248843][T10867]  ? lock_chain_count+0x20/0x20
[  321.254189][T10867]  __x64_sys_bpf+0x7c/0x90
[  321.258907][T10867]  do_syscall_64+0x55/0xa0
[  321.264066][T10867]  ? clear_bhb_loop+0x40/0x90
[  321.268872][T10867]  ? clear_bhb_loop+0x40/0x90
[  321.273624][T10867]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  321.279957][T10867] RIP: 0033:0x7f601f79c819
[  321.284779][T10867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  321.305988][T10867] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  321.315059][T10867] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  321.323453][T10867] RDX: 0000000000000048 RSI: 0000200000000580 RDI: 0600000000000000
[  321.332371][T10867] RBP: 00007f602065b090 R08: 0000000000000000 R09: 0000000000000000
[  321.340374][T10867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  321.348828][T10867] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  321.357320][T10867]  </TASK>
[  321.588315][T10885] netlink: 'syz.1.1890': attribute type 4 has an invalid length.
[  322.687289][T10908] netlink: 'syz.0.1899': attribute type 10 has an invalid length.
[  322.695754][T10908] __nla_validate_parse: 3 callbacks suppressed
[  322.695768][T10908] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1899'.
[  322.716693][T10908] netlink: 'syz.0.1899': attribute type 10 has an invalid length.
[  322.750856][T10908] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1899'.
[  323.109375][T10917] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.1901'.
[  323.131596][T10917] netlink: zone id is out of range
[  323.136905][T10917] netlink: zone id is out of range
[  323.168129][T10917] netlink: zone id is out of range
[  323.185528][T10917] netlink: zone id is out of range
[  323.190747][T10917] netlink: zone id is out of range
[  323.241857][T10917] netlink: zone id is out of range
[  323.252011][T10917] netlink: zone id is out of range
[  323.263966][T10917] netlink: zone id is out of range
[  323.276707][T10917] netlink: zone id is out of range
[  323.286863][T10917] netlink: zone id is out of range
[  323.307438][T10927] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1904'.
[  323.454849][T10929] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1905'.
[  323.550744][ T5776] Bluetooth: hci3: ISO packet for unknown connection handle 2366
[  323.575964][T10932] netlink: 144316 bytes leftover after parsing attributes in process `syz.1.1906'.
[  323.638461][T10935] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1908'.
[  324.017973][T10948] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1916'.
[  324.177085][T10951] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1915'.
[  324.322825][T10962] netlink: 144316 bytes leftover after parsing attributes in process `syz.1.1920'.
[  324.432290][T10966] IPv6: Can't replace route, no match found
[  325.005443][T10983] bridge_slave_1: left allmulticast mode
[  325.011704][T10983] bridge_slave_1: left promiscuous mode
[  325.021977][T10983] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.048804][T10983] bridge_slave_0: left allmulticast mode
[  325.075281][T10983] bridge_slave_0: left promiscuous mode
[  325.087184][T10983] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.702220][T11004] IPv6: Can't replace route, no match found
[  326.366645][T11018] netlink: 'syz.0.1940': attribute type 4 has an invalid length.
[  326.880387][T11031] netlink: 'syz.0.1954': attribute type 3 has an invalid length.
[  328.336958][ T5776] Bluetooth: hci0: ISO packet for unknown connection handle 2366
[  328.340455][T11045] __nla_validate_parse: 10 callbacks suppressed
[  328.340477][T11045] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.1950'.
[  328.559394][T11051] FAULT_INJECTION: forcing a failure.
[  328.559394][T11051] name failslab, interval 1, probability 0, space 0, times 0
[  328.579515][T11051] CPU: 1 PID: 11051 Comm: syz.1.1953 Not tainted syzkaller #0
[  328.587655][T11051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  328.597866][T11051] Call Trace:
[  328.601187][T11051]  <TASK>
[  328.604136][T11051]  dump_stack_lvl+0x18c/0x250
[  328.608863][T11051]  ? sctp_sendmsg+0x1575/0x28c0
[  328.613778][T11051]  ? ___sys_sendmsg+0x2a6/0x360
[  328.619111][T11051]  ? show_regs_print_info+0x20/0x20
[  328.624501][T11051]  ? load_image+0x420/0x420
[  328.629235][T11051]  should_fail_ex+0x39d/0x4d0
[  328.634130][T11051]  should_failslab+0x9/0x20
[  328.638833][T11051]  slab_pre_alloc_hook+0x59/0x310
[  328.644046][T11051]  ? sctp_add_bind_addr+0x8c/0x360
[  328.649257][T11051]  __kmem_cache_alloc_node+0x53/0x250
[  328.654932][T11051]  ? sctp_add_bind_addr+0x8c/0x360
[  328.660974][T11051]  kmalloc_trace+0x2a/0xe0
[  328.666023][T11051]  sctp_add_bind_addr+0x8c/0x360
[  328.671091][T11051]  sctp_copy_local_addr_list+0x315/0x4f0
[  328.676852][T11051]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  328.683038][T11051]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  328.689436][T11051]  ? sctp_v6_is_any+0x64/0x70
[  328.694156][T11051]  ? sctp_copy_one_addr+0x8c/0x350
[  328.699362][T11051]  sctp_bind_addr_copy+0xb3/0x3c0
[  328.704753][T11051]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  328.711103][T11051]  sctp_connect_new_asoc+0x2f9/0x6a0
[  328.716420][T11051]  ? __sctp_connect+0xd80/0xd80
[  328.721281][T11051]  ? __local_bh_enable_ip+0x13a/0x1c0
[  328.726665][T11051]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  328.732298][T11051]  ? security_sctp_bind_connect+0x89/0xb0
[  328.738130][T11051]  sctp_sendmsg+0x1575/0x28c0
[  328.742861][T11051]  ? sctp_getsockopt+0xb60/0xb60
[  328.747853][T11051]  ? aa_sk_perm+0x83c/0x970
[  328.752542][T11051]  ? aa_af_perm+0x330/0x330
[  328.757064][T11051]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  328.764198][T11051]  ? sock_rps_record_flow+0x19/0x3f0
[  328.769693][T11051]  ? inet_sendmsg+0xe9/0x2f0
[  328.774336][T11051]  ? inet_send_prepare+0x260/0x260
[  328.779646][T11051]  ____sys_sendmsg+0x5ba/0x960
[  328.784708][T11051]  ? __lock_acquire+0x7d40/0x7d40
[  328.789965][T11051]  ? __asan_memset+0x22/0x40
[  328.794651][T11051]  ? __sys_sendmsg_sock+0x30/0x30
[  328.799772][T11051]  ? __import_iovec+0x5f2/0x850
[  328.804714][T11051]  ? import_iovec+0x73/0xa0
[  328.809217][T11051]  ___sys_sendmsg+0x2a6/0x360
[  328.813920][T11051]  ? get_pid_task+0x20/0x1e0
[  328.818589][T11051]  ? __sys_sendmsg+0x2a0/0x2a0
[  328.823743][T11051]  ? __lock_acquire+0x7d40/0x7d40
[  328.829175][T11051]  __se_sys_sendmsg+0x1c2/0x2b0
[  328.834493][T11051]  ? __x64_sys_sendmsg+0x80/0x80
[  328.839647][T11051]  ? lockdep_hardirqs_on+0x98/0x150
[  328.845573][T11051]  do_syscall_64+0x55/0xa0
[  328.850112][T11051]  ? clear_bhb_loop+0x40/0x90
[  328.855096][T11051]  ? clear_bhb_loop+0x40/0x90
[  328.860126][T11051]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  328.866365][T11051] RIP: 0033:0x7f601f79c819
[  328.870801][T11051] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  328.890675][T11051] RSP: 002b:00007f602065b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  328.899119][T11051] RAX: ffffffffffffffda RBX: 00007f601fa15fa0 RCX: 00007f601f79c819
[  328.907232][T11051] RDX: 000000002600c055 RSI: 00002000000000c0 RDI: 0000000000000003
[  328.915506][T11051] RBP: 00007f602065b090 R08: 0000000000000000 R09: 0000000000000000
[  328.923739][T11051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.931898][T11051] R13: 00007f601fa16038 R14: 00007f601fa15fa0 R15: 00007ffef0657c18
[  328.940155][T11051]  </TASK>
[  329.040779][T11060] netlink: 'syz.1.1958': attribute type 12 has an invalid length.
[  329.064026][T11060] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1958'.
[  329.135500][T11062] netlink: 'syz.2.1959': attribute type 10 has an invalid length.
[  329.144879][T11062] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1959'.
[  329.159842][T11062] net_ratelimit: 41 callbacks suppressed
[  329.159858][T11062] A link change request failed with some changes committed already. Interface ` may have been left with an inconsistent configuration, please check.
[  329.347528][T11057] netlink: 'syz.0.1957': attribute type 10 has an invalid length.
[  329.361383][T11057] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1957'.
[  329.386913][T11057] batman_adv: batadv0: Adding interface: veth1_virt_wifi
[  329.400971][T11057] batman_adv: batadv0: The MTU of interface veth1_virt_wifi is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.460775][T11057] batman_adv: batadv0: Interface activated: veth1_virt_wifi
[  329.735283][T11079] netlink: 144316 bytes leftover after parsing attributes in process `syz.0.1965'.
[  330.459767][T11082] syzkaller0: entered promiscuous mode
[  330.468853][T11082] syzkaller0: entered allmulticast mode
[  336.620344][T11095] netlink: 'syz.1.1970': attribute type 2 has an invalid length.
[  336.628403][T11095] netlink: 119 bytes leftover after parsing attributes in process `syz.1.1970'.
[  336.776235][T11103] netlink: 144316 bytes leftover after parsing attributes in process `syz.1.1974'.
[  339.959931][T11119] netlink: 'syz.0.1978': attribute type 10 has an invalid length.
[  339.967903][T11119] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1978'.
[  340.074873][T11127] netlink: 11562 bytes leftover after parsing attributes in process `syz.0.1980'.
[  340.133033][T11126] delete_channel: no stack
[  340.191273][T11131] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1982'.
[  340.219828][T11134] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.1984'.
[  340.255704][T11131] netlink: 'syz.1.1982': attribute type 17 has an invalid length.
[  340.264621][T11131] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1982'.
[  340.282330][T11131] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  340.880425][T11149] netlink: 'syz.0.1990': attribute type 10 has an invalid length.
[  341.513562][T11169] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.1996'.
[  341.875375][T11184] skbuff: bad partial csum: csum=65535/127 headroom=178 headlen=65664
[  342.266473][T11200] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.2007'.
[  342.654112][T11215] netlink: 'syz.3.2012': attribute type 3 has an invalid length.
[  342.668662][T11215] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  343.910941][T11238] netlink: 144316 bytes leftover after parsing attributes in process `syz.0.2019'.
[  345.175546][T11251] netlink: 'syz.0.2025': attribute type 10 has an invalid length.
[  345.241250][T11251] netlink: 55 bytes leftover after parsing attributes in process `syz.0.2025'.
[  345.267374][T11256] netlink: 'syz.0.2025': attribute type 4 has an invalid length.
[  345.357634][T11261] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2018'.
[  345.487962][T11229] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.2018'.
[  345.636170][ T5776] Bluetooth: hci2: unexpected event 0x07 length: 15 < 255
[  345.806601][T11261] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô!'
[  345.831307][T11261] CPU: 1 PID: 11261 Comm: syz.2.2018 Not tainted syzkaller #0
[  345.838924][T11261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  345.849017][T11261] Call Trace:
[  345.852316][T11261]  <TASK>
[  345.855275][T11261]  dump_stack_lvl+0x18c/0x250
[  345.859993][T11261]  ? show_regs_print_info+0x20/0x20
[  345.865236][T11261]  ? load_image+0x420/0x420
[  345.869794][T11261]  sysfs_warn_dup+0x8e/0xa0
[  345.874417][T11261]  sysfs_do_create_link_sd+0xc0/0x110
[  345.879827][T11261]  device_add_class_symlinks+0x1cf/0x240
[  345.885505][T11261]  device_add+0x507/0xc20
[  345.889874][T11261]  wiphy_register+0x1dad/0x2ae0
[  345.894767][T11261]  ? cfg80211_event_work+0x40/0x40
[  345.900061][T11261]  ? minstrel_ht_alloc+0x88a/0x990
[  345.905187][T11261]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  345.911278][T11261]  ieee80211_register_hw+0x3464/0x4250
[  345.916847][T11261]  ? ieee80211_tasklet_handler+0x20/0x20
[  345.922565][T11261]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  345.928479][T11261]  ? __debug_object_init+0xec/0x450
[  345.933949][T11261]  ? __asan_memset+0x22/0x40
[  345.938732][T11261]  ? __hrtimer_init+0x186/0x270
[  345.943785][T11261]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  345.949528][T11261]  ? mac80211_hwsim_free+0x220/0x220
[  345.954820][T11261]  ? rcu_is_watching+0x15/0xb0
[  345.959666][T11261]  ? kstrndup+0xbd/0x140
[  345.964004][T11261]  hwsim_new_radio_nl+0xdc9/0x1a90
[  345.969127][T11261]  ? __nla_validate+0x50/0x50
[  345.973821][T11261]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  345.980335][T11261]  ? __nla_parse+0x40/0x50
[  345.984770][T11261]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  345.991113][T11261]  genl_family_rcv_msg_doit+0x211/0x310
[  345.996850][T11261]  ? end_current_label_crit_section+0x170/0x170
[  346.003096][T11261]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  346.009003][T11261]  ? bpf_lsm_capable+0x9/0x10
[  346.013702][T11261]  ? security_capable+0x89/0xb0
[  346.018562][T11261]  genl_rcv_msg+0x619/0x7a0
[  346.023070][T11261]  ? genl_bind+0x360/0x360
[  346.027581][T11261]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  346.034085][T11261]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  346.040679][T11261]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  346.047297][T11261]  netlink_rcv_skb+0x241/0x4d0
[  346.052173][T11261]  ? genl_bind+0x360/0x360
[  346.056870][T11261]  ? netlink_ack+0x1180/0x1180
[  346.061678][T11261]  ? __lock_acquire+0x7d40/0x7d40
[  346.066717][T11261]  ? net_generic+0x1e/0x240
[  346.071318][T11261]  ? down_read+0x1ac/0x2e0
[  346.075787][T11261]  genl_rcv+0x28/0x40
[  346.079806][T11261]  netlink_unicast+0x751/0x8d0
[  346.084762][T11261]  netlink_sendmsg+0x8d0/0xbf0
[  346.089589][T11261]  ? netlink_getsockopt+0x590/0x590
[  346.094797][T11261]  ? aa_sock_msg_perm+0x94/0x150
[  346.099737][T11261]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  346.105196][T11261]  ? security_socket_sendmsg+0x80/0xa0
[  346.110769][T11261]  ? netlink_getsockopt+0x590/0x590
[  346.115992][T11261]  ____sys_sendmsg+0x5ba/0x960
[  346.120986][T11261]  ? __asan_memset+0x22/0x40
[  346.125581][T11261]  ? __sys_sendmsg_sock+0x30/0x30
[  346.130692][T11261]  ? __import_iovec+0x5f2/0x850
[  346.135556][T11261]  ? import_iovec+0x73/0xa0
[  346.140067][T11261]  ___sys_sendmsg+0x2a6/0x360
[  346.144757][T11261]  ? __sys_sendmsg+0x2a0/0x2a0
[  346.149566][T11261]  ? trace_call_bpf+0xc3/0x6c0
[  346.154614][T11261]  __se_sys_sendmsg+0x1c2/0x2b0
[  346.159467][T11261]  ? __x64_sys_sendmsg+0x80/0x80
[  346.164412][T11261]  ? lockdep_hardirqs_on+0x98/0x150
[  346.169800][T11261]  do_syscall_64+0x55/0xa0
[  346.174223][T11261]  ? clear_bhb_loop+0x40/0x90
[  346.178917][T11261]  ? clear_bhb_loop+0x40/0x90
[  346.183600][T11261]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  346.189585][T11261] RIP: 0033:0x7fa3bdd9c819
[  346.194003][T11261] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  346.213711][T11261] RSP: 002b:00007fa3bebe1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.222314][T11261] RAX: ffffffffffffffda RBX: 00007fa3be016180 RCX: 00007fa3bdd9c819
[  346.230293][T11261] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  346.238302][T11261] RBP: 00007fa3bde32c91 R08: 0000000000000000 R09: 0000000000000000
[  346.246518][T11261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  346.254498][T11261] R13: 00007fa3be016218 R14: 00007fa3be016180 R15: 00007ffd3a168748
[  346.262507][T11261]  </TASK>
[  346.302473][T11272] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2028'.
[  346.473892][T11282] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2033'.
[  346.483903][T11284] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2035'.
[  346.730973][T11284] netlink: 'syz.2.2035': attribute type 17 has an invalid length.
[  346.759983][T11284] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2035'.
[  346.776802][T11284] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  347.777095][T11306] netlink: 'syz.1.2043': attribute type 10 has an invalid length.
[  347.832262][T11306] netlink: 55 bytes leftover after parsing attributes in process `syz.1.2043'.
[  347.907165][T11310] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2043'.
[  347.969591][T11306] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2043'.
[  348.122358][T11315] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2047'.
[  348.347473][T11324] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.2052'.
[  348.676508][T11329] pim6reg1: entered promiscuous mode
[  348.682149][T11329] pim6reg1: entered allmulticast mode
[  348.873608][T11335] FAULT_INJECTION: forcing a failure.
[  348.873608][T11335] name failslab, interval 1, probability 0, space 0, times 0
[  348.900175][T11335] CPU: 0 PID: 11335 Comm: syz.3.2057 Not tainted syzkaller #0
[  348.907732][T11335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  348.917936][T11335] Call Trace:
[  348.921309][T11335]  <TASK>
[  348.924373][T11335]  dump_stack_lvl+0x18c/0x250
[  348.929103][T11335]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  348.935327][T11335]  ? show_regs_print_info+0x20/0x20
[  348.940684][T11335]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  348.947027][T11335]  should_fail_ex+0x39d/0x4d0
[  348.951763][T11335]  should_failslab+0x9/0x20
[  348.956282][T11335]  slab_pre_alloc_hook+0x59/0x310
[  348.961327][T11335]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  348.966936][T11335]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  348.972588][T11335]  __kmem_cache_alloc_node+0x53/0x250
[  348.978467][T11335]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  348.984210][T11335]  __kmalloc+0xa4/0x230
[  348.988390][T11335]  bpf_prog_test_run_skb+0x238/0x12b0
[  348.993948][T11335]  ? lockdep_hardirqs_on+0x98/0x150
[  348.999577][T11335]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  349.005856][T11335]  ? cpu_online+0x60/0x60
[  349.010318][T11335]  ? cpu_online+0x60/0x60
[  349.014667][T11335]  bpf_prog_test_run+0x321/0x390
[  349.019824][T11335]  __sys_bpf+0x49d/0x890
[  349.024204][T11335]  ? bpf_link_show_fdinfo+0x390/0x390
[  349.029634][T11335]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  349.035840][T11335]  __x64_sys_bpf+0x7c/0x90
[  349.040267][T11335]  do_syscall_64+0x55/0xa0
[  349.044700][T11335]  ? clear_bhb_loop+0x40/0x90
[  349.049417][T11335]  ? clear_bhb_loop+0x40/0x90
[  349.054120][T11335]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  349.060034][T11335] RIP: 0033:0x7f8c06b9c819
[  349.064468][T11335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  349.084198][T11335] RSP: 002b:00007f8c0796e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  349.092721][T11335] RAX: ffffffffffffffda RBX: 00007f8c06e15fa0 RCX: 00007f8c06b9c819
[  349.100743][T11335] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  349.108827][T11335] RBP: 00007f8c0796e090 R08: 0000000000000000 R09: 0000000000000000
[  349.116988][T11335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.125056][T11335] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  349.133168][T11335]  </TASK>
[  349.189810][T11339] netlink: 192436 bytes leftover after parsing attributes in process `syz.1.2059'.
[  349.211560][T11339] openvswitch: netlink: Message has 20480 unknown bytes.
[  349.623090][T11359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2066'.
[  349.633363][T11359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2066'.
[  350.029966][T11361] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  350.037739][T11361] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  350.067100][T11367] FAULT_INJECTION: forcing a failure.
[  350.067100][T11367] name failslab, interval 1, probability 0, space 0, times 0
[  350.120714][T11367] CPU: 0 PID: 11367 Comm: syz.3.2069 Not tainted syzkaller #0
[  350.128246][T11367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  350.138525][T11367] Call Trace:
[  350.141964][T11367]  <TASK>
[  350.144930][T11367]  dump_stack_lvl+0x18c/0x250
[  350.149612][T11367]  ? show_regs_print_info+0x20/0x20
[  350.154835][T11367]  ? load_image+0x420/0x420
[  350.159464][T11367]  ? __lock_acquire+0x7d40/0x7d40
[  350.165218][T11367]  should_fail_ex+0x39d/0x4d0
[  350.169932][T11367]  should_failslab+0x9/0x20
[  350.174456][T11367]  slab_pre_alloc_hook+0x59/0x310
[  350.179671][T11367]  ? mark_lock+0x94/0x320
[  350.184035][T11367]  kmem_cache_alloc+0x5a/0x2d0
[  350.188835][T11367]  ? alloc_empty_file+0x9e/0x1d0
[  350.193866][T11367]  alloc_empty_file+0x9e/0x1d0
[  350.198654][T11367]  path_openat+0x113/0x3230
[  350.203173][T11367]  ? __kasan_slab_alloc+0x6c/0x80
[  350.208199][T11367]  ? do_sys_openat2+0xda/0x1d0
[  350.212960][T11367]  ? __x64_sys_openat+0x139/0x160
[  350.218033][T11367]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  350.224478][T11367]  ? verify_lock_unused+0x140/0x140
[  350.229738][T11367]  ? do_filp_open+0x430/0x430
[  350.234419][T11367]  ? __virt_addr_valid+0x18c/0x540
[  350.239666][T11367]  do_filp_open+0x1f5/0x430
[  350.244217][T11367]  ? vfs_tmpfile+0x490/0x490
[  350.249536][T11367]  ? _raw_spin_unlock+0x28/0x40
[  350.254608][T11367]  ? alloc_fd+0x58f/0x630
[  350.259047][T11367]  do_sys_openat2+0x134/0x1d0
[  350.263757][T11367]  ? do_sys_open+0xe0/0xe0
[  350.268353][T11367]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  350.274427][T11367]  ? lock_chain_count+0x20/0x20
[  350.279307][T11367]  __x64_sys_openat+0x139/0x160
[  350.284165][T11367]  do_syscall_64+0x55/0xa0
[  350.288571][T11367]  ? clear_bhb_loop+0x40/0x90
[  350.293243][T11367]  ? clear_bhb_loop+0x40/0x90
[  350.297942][T11367]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  350.303834][T11367] RIP: 0033:0x7f8c06b5d04e
[  350.308270][T11367] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  350.327970][T11367] RSP: 002b:00007f8c0796dec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  350.336382][T11367] RAX: ffffffffffffffda RBX: 00007f8c0796e6c0 RCX: 00007f8c06b5d04e
[  350.344351][T11367] RDX: 0000000000000002 RSI: 00007f8c0796df90 RDI: ffffffffffffff9c
[  350.352333][T11367] RBP: 00007f8c0796e090 R08: 0000000000000000 R09: 0000000000000000
[  350.360359][T11367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.368360][T11367] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  350.376386][T11367]  </TASK>
[  350.752276][T11370] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.2070'.
[  351.135459][T11382] netlink: 'syz.3.2076': attribute type 21 has an invalid length.
[  351.148386][T11382] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2076'.
[  351.203431][T11382] netlink: 'syz.3.2076': attribute type 10 has an invalid length.
[  351.286904][T11382] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  352.434600][T11422] netlink: 'syz.3.2092': attribute type 10 has an invalid length.
[  352.684168][T11428] tun0: tun_chr_ioctl cmd 1074025678
[  352.689684][T11428] tun0: group set to 0
[  352.726603][T11428] netlink: 'syz.2.2095': attribute type 10 has an invalid length.
[  352.740833][T11428] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  352.771387][T11428] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  352.803879][T11428] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  352.847080][T11428] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  352.901162][T11428] geneve1: entered promiscuous mode
[  352.934117][T11428] geneve1: entered allmulticast mode
[  352.966300][T11428] `: Port device geneve1 added
[  353.463524][T11450] netlink: 'syz.2.2103': attribute type 41 has an invalid length.
[  354.011439][T11466] netlink: 'syz.2.2111': attribute type 29 has an invalid length.
[  354.039857][T11466] netlink: 'syz.2.2111': attribute type 29 has an invalid length.
[  354.579674][T11476] __nla_validate_parse: 2 callbacks suppressed
[  354.579694][T11476] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.2115'.
[  356.132965][T11490] netlink: 14568 bytes leftover after parsing attributes in process `syz.2.2121'.
[  356.437641][T11504] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.2126'.
[  356.672647][T11511] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  356.680052][T11511] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  356.716940][T11514] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  356.726484][T11514] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  357.423253][T11536] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.2138'.
[  357.454991][T11539] netlink: 'syz.2.2136': attribute type 21 has an invalid length.
[  357.471170][T11539] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2136'.
[  357.502364][T11539] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2136'.
[  357.591664][T11539] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2136'.
[  358.070565][T11550] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2142'.
[  359.468816][T11575] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2152'.
[  360.050493][T11597] netlink: 'syz.2.2159': attribute type 10 has an invalid length.
[  360.271480][T11604] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2162'.
[  360.916724][T11617] veth1_to_bond: entered allmulticast mode
[  361.051775][T11622] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2170'.
[  361.182321][T11630] FAULT_INJECTION: forcing a failure.
[  361.182321][T11630] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  361.206245][T11627] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2171'.
[  361.221113][T11630] CPU: 1 PID: 11630 Comm: syz.3.2173 Not tainted syzkaller #0
[  361.228726][T11630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  361.238807][T11630] Call Trace:
[  361.242259][T11630]  <TASK>
[  361.245187][T11630]  dump_stack_lvl+0x18c/0x250
[  361.249876][T11630]  ? show_regs_print_info+0x20/0x20
[  361.255078][T11630]  ? load_image+0x420/0x420
[  361.259780][T11630]  ? __lock_acquire+0x7d40/0x7d40
[  361.264905][T11630]  should_fail_ex+0x39d/0x4d0
[  361.269774][T11630]  prepare_alloc_pages+0x1e2/0x5f0
[  361.274908][T11630]  __alloc_pages+0x134/0x460
[  361.279490][T11630]  ? zone_statistics+0x170/0x170
[  361.284431][T11630]  ? alloc_pages+0x4dc/0x740
[  361.289046][T11630]  ? do_raw_spin_unlock+0x121/0x230
[  361.294248][T11630]  __get_free_pages+0xc/0x30
[  361.298842][T11630]  kasan_populate_vmalloc_pte+0x35/0x100
[  361.304474][T11630]  __apply_to_page_range+0x860/0xdd0
[  361.309764][T11630]  ? kasan_populate_vmalloc+0x70/0x70
[  361.315176][T11630]  ? apply_to_page_range+0x50/0x50
[  361.320309][T11630]  ? do_raw_spin_unlock+0x121/0x230
[  361.325616][T11630]  alloc_vmap_area+0x1d0c/0x1e30
[  361.330565][T11630]  ? vm_map_ram+0xcb0/0xcb0
[  361.335092][T11630]  ? rcu_is_watching+0x15/0xb0
[  361.339900][T11630]  __get_vm_area_node+0x162/0x370
[  361.344955][T11630]  __vmalloc_node_range+0x36e/0x1330
[  361.350260][T11630]  ? sock_map_alloc+0x1af/0x2c0
[  361.355145][T11630]  ? free_vm_area+0x50/0x50
[  361.359657][T11630]  ? bpf_map_area_alloc+0x5e/0x110
[  361.364855][T11630]  ? rcu_is_watching+0x15/0xb0
[  361.369642][T11630]  ? bpf_map_area_alloc+0x5e/0x110
[  361.374839][T11630]  bpf_map_area_alloc+0xf1/0x110
[  361.379895][T11630]  ? sock_map_alloc+0x1af/0x2c0
[  361.384775][T11630]  sock_map_alloc+0x1af/0x2c0
[  361.389648][T11630]  map_create+0x877/0x12f0
[  361.394195][T11630]  ? bpf_lsm_bpf+0x9/0x10
[  361.398547][T11630]  __sys_bpf+0x651/0x890
[  361.402795][T11630]  ? bpf_link_show_fdinfo+0x390/0x390
[  361.408198][T11630]  ? lock_chain_count+0x20/0x20
[  361.413050][T11630]  __x64_sys_bpf+0x7c/0x90
[  361.417550][T11630]  do_syscall_64+0x55/0xa0
[  361.421982][T11630]  ? clear_bhb_loop+0x40/0x90
[  361.426733][T11630]  ? clear_bhb_loop+0x40/0x90
[  361.431413][T11630]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  361.437317][T11630] RIP: 0033:0x7f8c06b9c819
[  361.441729][T11630] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  361.461711][T11630] RSP: 002b:00007f8c0796e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  361.470224][T11630] RAX: ffffffffffffffda RBX: 00007f8c06e15fa0 RCX: 00007f8c06b9c819
[  361.478191][T11630] RDX: 0000000000000048 RSI: 0000200000000580 RDI: 0600000000000000
[  361.486160][T11630] RBP: 00007f8c0796e090 R08: 0000000000000000 R09: 0000000000000000
[  361.494124][T11630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  361.502096][T11630] R13: 00007f8c06e16038 R14: 00007f8c06e15fa0 R15: 00007ffc1db3d4f8
[  361.510073][T11630]  </TASK>
[  361.656958][T11632] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.2174'.
[  361.672658][T11632] netlink: zone id is out of range
[  361.678030][T11632] netlink: zone id is out of range
[  361.687207][T11632] netlink: zone id is out of range
[  361.695052][T11632] netlink: zone id is out of range
[  361.701363][T11632] netlink: zone id is out of range
[  361.706769][T11632] netlink: zone id is out of range
[  361.731157][T11632] netlink: zone id is out of range
[  361.736703][T11632] netlink: zone id is out of range
[  361.751166][T11632] netlink: zone id is out of range
[  361.756604][T11632] netlink: zone id is out of range
[  362.258990][T11658] netlink: 184 bytes leftover after parsing attributes in process `syz.1.2182'.
[  363.541419][T11672] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.2184'.
[  364.263932][T11691] netlink: 'syz.0.2192': attribute type 12 has an invalid length.
[  364.288670][T11691] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2192'.
[  364.949323][T11716] netlink: 'syz.1.2203': attribute type 4 has an invalid length.
[  364.961250][T11716] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2203'.
Read from remote host us-central1-ssh-serialport.googleapis.com: Connection reset by peer
client_loop: send disconnect: Broken pipe