last executing test programs:

5.55336802s ago: executing program 1 (id=3748):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x1ff, 0x200}, 0x800, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000000008001"], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4000, 0x0, 0x0, 0x1, 0x8, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r0, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r3, 0x1, 0x41, &(0x7f0000000040)=r2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000580)={&(0x7f00000001c0)=@in6={0xa, 0x4e21, 0x4, @mcast2, 0x9}, 0x80, 0x0}, 0x4000080)
recvmsg$kcm(r3, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/3, 0x3}, 0x2062)
socket$kcm(0x2, 0x200000000000001, 0x106)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x3, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x20}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0), 0xc)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfe, &(0x7f0000000240)=[{&(0x7f0000000140)="2e00000011008188040f80ec59acbc0413a1810031000000000f000000028002002d1f00"/46, 0x2e}], 0x1}, 0x44004)

5.408915567s ago: executing program 1 (id=3753):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000040000e40000000000000000850000002c000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x28)
socket$kcm(0x10, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xc, 0x10, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2fffe}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x15}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r4, 0x18000000000002a0, 0xe, 0x2f00, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0x6400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x7f)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @restrict={0x0, 0x0, 0x0, 0xb, 0x1}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0xfffffffd, [{0x0, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, &(0x7f0000000340)=""/142, 0x4e, 0x8e, 0x1}, 0x28)
r6 = openat$cgroup_int(r5, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_int(r6, &(0x7f0000000040), 0x1)
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r7, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4135, 0x1027}], 0x1}, 0x42)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b67d25a806f8c6394f96724fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff0300610c6991ff9e14beeea9", 0x0, 0xe00, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x50)

4.504594225s ago: executing program 3 (id=3762):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000001b40), 0x4)

4.450675048s ago: executing program 1 (id=3763):
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x33fe0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f0000000680)={&(0x7f00000004c0)=@l2tp6={0xa, 0x0, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000400)='P', 0x1}], 0x1, &(0x7f00000006c0)=ANY=[@ANYBLOB="10000000000000008400000007002000b1860b9b0f1a15c2e5af08a97e8aa223b08870e558419b68f7cf80c490a0ff70b17e8d0b2e40860dc1ca1ea9ee7ac979ab7f2e195b3d3693417dfa215677e5016bfdb7f7961fbafdb237e012d342a39c5ec3119f3e3f8e9e580912a6609ea6b23418d2f1f50c837b8c6506822c8e55ffc99778ac4236905d8a3e58bb761a304f97135b114c19f13ea0fed9a4284d30ae58f37779a593d36ab87b8834cbbef60c680d1a6f820613bf9b6f84977ad1a20752adf8"], 0x20}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x84, 0x64, &(0x7f0000000000)=r7, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x2, 0x0, r3, 0x2, '\x00', 0x0, r7, 0x1, 0x1, 0x4}, 0x50)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r4, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f00000000c0)=[{0x25, 0x1, 0x3, 0xfffffffe}, {}, {0x28}, {0x6, 0x6}]})
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
syz_clone(0x88a05000, 0x0, 0x4f, 0x0, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x40000100)
r8 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
r10 = socket$kcm(0x10, 0x2, 0x10)
r11 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f00000002c0)=ANY=[], 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003d000b08d25a80648c7494f90224fc60580002400c000400030082c137153e", 0x23}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r12, &(0x7f0000000040)={0x0, 0xfeff, &(0x7f0000000180)=[{&(0x7f0000000b40)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08021a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4803f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)

4.393818211s ago: executing program 3 (id=3764):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000001800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000072000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000fd989860000000000000000850000000e0000000000950000000000000000"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r1, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf650f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x2, @perf_bp={0x0, 0x8}, 0x26, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x101, 0x63, &(0x7f00000000c0)=""/99, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000180)={0x0, 0xa, 0x97af, 0x6}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x1, 0x1], &(0x7f0000000200)=[{0x5, 0x2, 0xa, 0xc5eb6e70cf5e2941}], 0x10, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001240)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d504"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d0e, 0x80218, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x7}, 0x2005, 0x0, 0x51, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0x26, 0x0, &(0x7f0000000500)="b9ff03076804268cb89e14f088a847e0ffff2000000000010000ac141416e000000129a13011", 0x0, 0x2800, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r6 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)
r7 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r7, &(0x7f00000000c0)='THAWED\x00', 0x7)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x53}, 0x28)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000680)={@map=r6, 0x1f, 0x1, 0x40, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[0x0, 0x0], &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
r9 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r9, 0x890b, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x9, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000004000000000000000500000085000000390000001800000006000000000000000000000097ba0100ffffffff10000000da49000000000000080000009500000000000000d01cec2d4f03ec670b023ce5ceeae2f7dece0e4bf379a1f62a1fd7d74c6b6e737d08a5abf45b063a88d366085042ad4ebd1dc300000000000037ac155d395fb4238c0a18acaa3fa96000"], &(0x7f0000000740)='GPL\x00', 0xc4d, 0xb4, &(0x7f0000000780)=""/180, 0x40f00, 0x20, '\x00', 0x0, 0x25, r8, 0x8, &(0x7f0000000900)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000940)={0x4, 0x10, 0xeb, 0x3}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000980)=[{0x1, 0x1, 0x4, 0x9}, {0x3, 0x1, 0x9, 0x3}], 0x10, 0x40000000}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000a80)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="180000005d48a0d267ddeeed082e775e69834e84ac5e9c6f2be83b93c80ab9ea7a6b342324a3970d875c13fafbf62af16c04c64544f17351fb68bc294375c689d4ac2d0e8057234bc7db57097ec4a226572f956cd295cb753d4b15816a223afa7b61cff3914a00f060607bf88c7080f7658a71b002c0b61487bde46fb6045b00298ea17993cc3060c2df6e45a72179b765c8641be4d0cd2afc2b77c482085d7b5c17e6a18adee636a06f4c1de2fa16d93b94896cd7a59a7c958b207237ff957bb850abede113", @ANYRES32, @ANYBLOB, @ANYRES32=r4, @ANYBLOB, @ANYRES64=0x0], 0x20)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.240230058s ago: executing program 3 (id=3765):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000480)="d80000001c0081064e81f782db44b9040a1d08041000000000000aa1180015000600142603600e1208000f0000810401a80016002000014003fc000007391bd06b", 0x41}, {&(0x7f0000000840)="5c4875c6cad162c8a030dbf75c317dad4320e1bb556d3b3e131b77de8b1c85166fc0c25d69226ae9915eccf9551f804eae36cf2327896a817179f04f35d9a7deed88adf4ca13a5a0c36a7496d22b9adf2c0fa13e1572ad237e2677a2797d5dd9307bff0bc01e4fd69c546e17a7118272ace242bc6025d0b60a12b3788fa6a7649045e4af16ba69df4bd43527a3d09bb308ac7073e1b8cc", 0x97}], 0x2, 0x0, 0x0, 0x7400}, 0x0)

4.228345419s ago: executing program 0 (id=3766):
getpid()
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a1, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="7a0af8ff7525707cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1ae9f2cfe401dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4800afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692f01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c5c5b011cf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb53a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c9800000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x200000e, 0xe, 0x5f, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000180)=""/95, 0x600, 0x4000000}, 0x50)
recvmsg$kcm(r0, &(0x7f00000053c0)={&(0x7f0000000200)=@in={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000004300)=[{&(0x7f0000000300)=""/240, 0xf0}, {&(0x7f0000000400)=""/56, 0x38}, {&(0x7f0000001040)=""/4096, 0x1000}, {&(0x7f0000002040)=""/70, 0x46}, {&(0x7f00000020c0)=""/4096, 0x1000}, {&(0x7f00000030c0)=""/120, 0x78}, {&(0x7f0000003140)=""/226, 0xe2}, {&(0x7f0000003240)=""/4096, 0x1000}, {&(0x7f0000004240)=""/176, 0xb0}], 0x9, &(0x7f00000043c0)=""/4096, 0x1000}, 0x40000000)

4.076219717s ago: executing program 3 (id=3769):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, 0x0, 0xfe33)
r1 = socket$kcm(0x10, 0x2, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000002c0), 0x4)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000080)='tasks\x00', 0x2, 0x0)
r2 = syz_clone(0x48400, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000011008188e6b62aa73f72cc9f0ba1f8483d0000005e140602f00000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)

3.64488221s ago: executing program 2 (id=3770):
r0 = perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x0, 0xff, 0x5, 0x0, 0x2, 0xe2898, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0xfffffffffffffff8, 0x4}, 0x0, 0xc8, 0x7fffffe, 0x5, 0xffdffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000e9ff00000400000018120700", @ANYRES32=<r4=>0x0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000180000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="001000"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=<r7=>r6, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r5, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0xa, 0x2, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0], 0x0, 0x77, &(0x7f0000000740)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000780), &(0x7f00000007c0), 0x8, 0x41, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000180)=ANY=[@ANYRESHEX=r7, @ANYRES8=r4], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r10)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r11, &(0x7f0000000000), 0x2a979d)
sendmsg$unix(r2, &(0x7f0000001f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x8c4)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r12=>0xffffffffffffffff]}}], 0x18}, 0x40010123)
write$cgroup_subtree(r12, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81e6978800fe08000e40000200875a65969ff57b00ff020000000000000000000000000001e2"], 0xfdef)

3.299458928s ago: executing program 2 (id=3771):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)="2000000020008107090f6b0a26f2000000000200000000000000001f102ec037", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x0)
r1 = socket$kcm(0xf, 0x3, 0x2)
socket$kcm(0xf, 0x3, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)=@isdn={0x22, 0x7, 0x80, 0x52, 0xfd}, 0x80, 0x0}, 0x0)
close(r2)
socket$kcm(0x2, 0x922000000001, 0x106)
ioctl$SIOCSIFHWADDR(r2, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x4e27, @local}, 0x10, 0x0}, 0x0)
r3 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x15, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x84, 0x64, &(0x7f0000000000)=r6, 0x10)
r7 = socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a0f0000}, 0x0)
setsockopt$sock_attach_bpf(r7, 0x84, 0x64, &(0x7f0000000000)=r10, 0x10)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)="73287259edf4ddde3a985b869cc42c37466496eefd7fcb3f27af98a88ca2f4ce804377e5ee921a68e32874da0ca1f295e4ed0a196910d30ddeee25388824c9c5c45eb5fba04dbcc5a2fc56877c9358927789138dfb22f2c5b92e93901305ba8d2752a17ebee53c202ee3e73b692af053af8f6b9c30e8519e0e32a8b3a38eb55060fddcdd7b694dbcb957351b097344a25ba756eb43ce2e3255e844fe26b934f7aff91621a3096c8d3fe43fd0464833f140ecd056037e296e584517db1746a4950f89ed9268ec9446cbac2fdd2a318f4cf0bad7b9d40b5bfb84b6063512b943", 0xdf}, {&(0x7f0000000140)="26b06b44a0e8bb59e35d870258696420b6572b89553038208ac32427de638f799507a88ab24d16f3d61c71b47d8b33ff8bc29bf6a502c7fc1635877036d11864501ec0a03746d4bc9b009de530f19ec5702f29d6a1a5fd11f293922232f6870959ce8df80ca051c280fd3982dc601f05300bfef46feb6ee0193bb7f4eb048cb21b", 0x81}, {&(0x7f0000000200)="96e7c8099906f9344f0e0de61f016bdd3fb8e9ed8f174764ec65397eb88337949196de8fc07fcf7d62e837fc7294c96c418746f0ce48496a7e012c3b0452c04f96dbbd3e54f6c45a29ad985dc31d43304b88c87f1611e4144f0d38cb7e0778bd3e33e56f6519820dc7e6375cfae4a177452c76e38b5ceccda137289c9c88815cdd4d80e3704cc98e4a5a770f16ff6a8811d1a071938faee0754403cdfe7b6a77f85076532ddbb934981afeef5aa354dfa7d2de491f7f5f0efd8d0ea41a", 0xbd}, {&(0x7f00000002c0)="156146a51bb43a09fc6c81c750ebc88dce9fb319b738277046cd75286e854d0b847281fca3bf178d67ce4190e86a0155b763bb45f4d6cd67614f88915e1effdbd3aa84c967b600e32b316922a0198147fdbe9661b126a8ed02cf5285cc0d93854522e05dc79cb939fad152439722940ba16f8404c749a399432647ecf812e18632e4839c784adca1fcf58a3fc9ff75b3144f0951cf68fb7ee850003adc81037f51796cb0bb7f3bd468fe9da367aeefc95b4c658e2209a7385e28e4133a764dee33fe83acfe94d03070fcdf7e87e056af8e3335c5e196", 0xd6}, {&(0x7f00000003c0)="fa538d31b908d71551b5df41dad8e2d1b631d32401fa93e550958d2f44215dc9a7a3eb82c38fe826727e0e2749b1ef5aee47e55deef829d299184cdb2e6d7de4f8eda777bc3069758af896763f3b7fd9abee2c809a0fa33bbd920cc0c7e6f5f1f647d69890f4b3a2cd569262658a4bf2954e1454fa14a5dd9aa69affee2637b44496ba4161b9", 0x86}, {&(0x7f0000000480)="7b31624f0bd8dfa195c3b4f5e3352a4334d2f15abeeb2f82daac12241ba0abf231050101cc7ff9622c78f8f6075171a1c59dd82f3fc7a689a7a64245bd0c9adc59a357c89c4b8df6371f3b475e43373b66fbc702e42839a17c56279f42815f3adc260df1860a20952456a704e38f7579ef51f547ff4e319c38e4d1482fed8a4c718abba6f12fac1e5717ab74ea535fddd0cbf125ef27f00981afda9cbf38c7cbc0fba6b252e94400049dd0233ad4149d560a6a13175227838be46dde4bd676527d8899a5bdb7d85b0804a6e244413a15fb", 0xd1}, {&(0x7f0000000580)="1fb0c4dc78eca8ea1108f3b210c0e77afb7f0fefe6a279ec709c8681177511c17488d80139", 0x25}], 0x7}, 0x44057)

3.286763569s ago: executing program 0 (id=3774):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000073aa"], 0x48)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000f0cd00000000000004000000850000000500000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r5, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20)
sendmsg$unix(r2, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="e687", 0x2}], 0x1, 0x0, 0x0, 0x44190}, 0x2004c001)

3.198292313s ago: executing program 0 (id=3775):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b703000080000000850000002b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9c, 0x1, 0x0, 0x0, 0x0, 0x5, 0x6a024, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1ff}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0xe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907a56675f37538ec86dd6317ce22667f1100db5b686158bbcfe8875a6596"], 0xfdef)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
close(0x3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r2, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r1, 0x58}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1c, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000ffffffff000000000a00000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000b7080000000000007b8af8ff00000000b7080000080000007b8af0ff00000000bf1e13996c7da1000000000000070100e8426b5a1ba18600f8ffffecbfa400000000000007040000f0ffffff", @ANYBLOB="bbc80787e0b9a2937a16bf7c8bde99a82aea75c64b77a57eea95fcd0348c2e7551e08e5126836f0e8c7dde433cf87c908edbf4f8b7226e581eb1413612d6a2f61b17409a17", @ANYBLOB="0000000000000000b70500000800000085000000a50000000b01f4ff10000000850000002300000095000000000000001828000030e414996858a5bc5056228e67a5baef", @ANYRES32, @ANYRESDEC=r0], &(0x7f0000000200)='syzkaller\x00', 0xfffffff9, 0x8f, &(0x7f0000000240)=""/143, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0xf, 0x4, 0x9}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000380)=[0xffffffffffffffff], &(0x7f00000003c0)=[{0x2, 0x5, 0x5, 0x7}], 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.100139878s ago: executing program 0 (id=3776):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000001b40), 0x4)

3.031945031s ago: executing program 2 (id=3777):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x1ff, 0x200}, 0x800, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000000008001"], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4000, 0x0, 0x0, 0x1, 0x8, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r0, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r3, 0x1, 0x41, &(0x7f0000000040)=r2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000580)={&(0x7f00000001c0)=@in6={0xa, 0x4e21, 0x4, @mcast2, 0x9}, 0x80, 0x0}, 0x4000080)
recvmsg$kcm(r3, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/3, 0x3}, 0x2062)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000001b40), 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x3, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x20}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0), 0xc)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfe, &(0x7f0000000240)=[{&(0x7f0000000140)="2e00000011008188040f80ec59acbc0413a1810031000000000f000000028002002d1f00"/46, 0x2e}], 0x1}, 0x44004)

3.031658051s ago: executing program 0 (id=3778):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="851000000000000018100000", @ANYRES32=0x0, @ANYBLOB="f0f605748aed0000000000000c0000"], 0x0, 0xfffffffd}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'tunl0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f3, &(0x7f0000000080))

3.003748683s ago: executing program 3 (id=3779):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r2=>0xffffffffffffffff}, 0x0, &(0x7f00000006c0)=r1}, 0x20)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000a40), 0x0, 0x0)
r6 = socket$kcm(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r6, 0x6, 0x1d, &(0x7f00000000c0), 0xd8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x15)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f00000000c0)={r6, r7})
close(r5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETFILTEREBPF(r3, 0x800454e1, &(0x7f0000000380)=r8)
write$cgroup_devices(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

2.984288154s ago: executing program 1 (id=3780):
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='cpuset.memory_spread_slab\x00', 0x2, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x28)
setsockopt$sock_attach_bpf(r2, 0x29, 0x18, 0x0, 0xfcd8)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x904, 0x81, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000", @ANYRES8=r2, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000010000000400"/28], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000015c0)={r1, 0x58, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
r6 = socket$kcm(0x10, 0x0, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002f000b12d25a80648c2594f90124fc60100c034002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r7 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000001c0)="143099acded7e369cf20c88b9f9787ea82e281a2811f7efb21f4a47cb2aa02906edb19314493a6d252d4cb65a71e5b4a252d6c9d77c393830ba383cb5f9b12ed6215", 0x42}], 0x1}, 0x404a)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r9}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r9}, 0x38)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x0, 0x2c, &(0x7f0000000240)=ANY=[@ANYBLOB="23b308001000000095000018280000", @ANYRES32=r1, @ANYBLOB="00000000f9ffffff6d161000fcffffff68a0500000000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a5000000852000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018190000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000b7080000ff7f00007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a5000000"], &(0x7f00000003c0)='GPL\x00', 0x38, 0x1000, &(0x7f0000000540)=""/4096, 0x41100, 0x4a, '\x00', r5, @fallback=0x12, r1, 0x8, &(0x7f0000001600)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000001640)={0x3, 0xc, 0xad6, 0x5}, 0x10, 0x0, r1, 0x3, 0x0, &(0x7f0000001680)=[{0x4, 0x4, 0xd, 0xc}, {0x4, 0x1, 0xa, 0x9}, {0x2, 0x4, 0x6, 0xc}], 0x10, 0x4}, 0x94)
socket$kcm(0x10, 0x400000002, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmsg$inet(r11, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
sendmsg$inet(r13, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r14=>0xffffffffffffffff})
sendmsg$inet(r14, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)

2.927398307s ago: executing program 0 (id=3781):
socket$kcm(0x29, 0x2, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0xfffe, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x2}, 0x80, 0x0}, 0xe07e872420df67de)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x108b84, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64e9f4080003000601000004000200d700", 0x5a}, {&(0x7f0000000680)="ffaf", 0x2}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x4080)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xd, 0x1, 0x0, 0x0, 0x0, 0x9, 0x70101, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r6 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r6, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x34037}], 0x1}, 0x600)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r7)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x8914, &(0x7f0000000080))
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
sendmsg$sock(r4, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="7a6eca88ca428c8d4f36c8b8fc2047659bdcb41a9ebe5ac0bed120663c7a3c234c937452515eae867806e58adcd922e70fa89f0e436ab6", 0x37}, {&(0x7f0000000100), 0xfffffeda}], 0x2}, 0x4804)

2.883095539s ago: executing program 2 (id=3782):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000680)={&(0x7f00000000c0)=@caif=@rfm={0x25, 0x3, "bd1a67ef8875e8659a309bb52873fc32"}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000140)="baed74a624cd19e3fa409677c460f4f0d945b2ec8a01", 0x16}, {&(0x7f0000000180)="ea484738383fe5aa966e1f7c3db2e3feab9bd43f1e017a1c02e930426cff43e75f62c0297933917979cc19a37c0e7c288d71013efd65aa6cb629f2cae5a5049f54fae836b72c78a40730629aac2c237896dd331e8e550dd51d3e5c8ad3a37ae4401a6845bfdbeb7384f678f4f1dae7c1a0afbeb87110e1ee02416ee0", 0x7c}], 0x2, &(0x7f0000000240)=[{0x70, 0x102, 0x6, "3d404e20dc2461986b292b2800debde417d1220ea8f6ff142f53cd3ee4fc595af0448e0d6efcb2d3ba2b4cfcbf7fccac699de8e74cb78744e1b0c0293adb029287cd50b6ba3fe2f039a84310795769fb8df794361d9f0896ec176c2d7a02"}, {0xd0, 0x10d, 0x400, "ea88498f2698aed929ff76cec574a828583c9457adc88073b9526ebe5b0d1acd2266f588cc059d5d1e06dddd0c5f5d30441e8b8b7f281dd7a86e9ae8d4e177c296f24f233f0ce4ad465d9d265d19afb38e708515a56d88f24d939e8549cdf286a8662cf984702dad919109d01b575dfbfe23f08315de3570f36ead1bbbfac1abbaa00202b6b0ecaebbdb860eb7dbb514fe150d8c64767c0040aef823b4881dbd06829827f40421fafd28e51285178c6b90467e85031d6bf80465"}, {0x28, 0x112, 0x2, "904a6e0e1376b0ad9cde565b559023dc78b85e50839192"}, {0x60, 0x6, 0x4, "465e517137a39ac7c1c1afce1cc5043c4436a042bf5a3883f7b23e3051c23d94e9551148f5e0bf6b6fd42ca9043547ce8fd76e361d585a26f455f7855f04149b2b09bcf71c8854e8b71366cc321e"}, {0x108, 0x108, 0x7, "bd1c789833a60173e4c34e725e970ee4077e6e838a080a11b4b2087a5f409867f390731382605f5b585a12f392341b6f91152abee74bd78ff28faaea4374077bb62c9d19009e0d86fe0f77dcf3b1957a1ebaea25ee327b7b82ca902ac957ae9b29dcf31264bf79428e6846e5e5b29778af71537533fb3c2e2466bba62a4c5ea9634baafae55353a24279f5cba8e00ed33eff3d5636363d9c87c262ffed5e714e4c9d0fcd667212dfba263f90e13e0d3dc8304693094cf9078b86ad724d5b053333eaecd7cefb83e8531658afeab6594cb34a7f7d144e1b98842de41fb6f19292259b2028698402f3382cc05683d5e09e07a4"}, {0x88, 0x103, 0x7, "b15c6b4421605776458a87eb869a8298c57f6cd7dfd589a5133694f4b6ea17284ac7301f6bc169f7cd192ea2bf8ddb08f02e050d101ce9afa8da0d27dccb1364615090288a5f3890b36f18dc2c4faeb0c7218166d8e770bba48c1d36a4d5b7e677db8676f2e050dd751272875f2f10edc8f0"}, {0xc8, 0xcabf90c82839ceb4, 0x7030, "da846bfc656a3519b9a12c7fad5cd2f84db0fb67b6075e4aceea696931d7b36d6379c39b0994eabadd5838ecee88357e3d86fc154c04609c24dbf2d7885bba66ed8804f3965b8637c92b3040fd298684d55860e11cbf9f7a335553ffa0534b1bbeda7ddaf14549a5ca472bdf650693405acf648d71e981f0b14c45fcba5289b051e948d5e11d9c936f37688a4c05746a91164c242c06d12e743c49c6cc2127dd42f2fe03638a1e05db6750ca7d4ac8320c090a339ff3"}, {0x10, 0x10e, 0x5}], 0x430}, 0x4810)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)="2e00000010008188040f46ecdb4cb9cca7480ef431000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x8000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)

2.67620054s ago: executing program 2 (id=3783):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x40, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd3c0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x8000)
socket$kcm(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66}, 0x94)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@cred={{0x1c}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x88}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xaba, 0x7}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030033000b63d25a80648c2594f91224fc60100c214002000003050582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

2.67508455s ago: executing program 1 (id=3784):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b703000080000000850000002b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9c, 0x1, 0x0, 0x0, 0x0, 0x5, 0x6a024, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1ff}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0xe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907a56675f37538ec86dd6317ce22667f1100db5b686158bbcfe8875a6596"], 0xfdef)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
close(0x3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r2, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r1, 0x58}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1c, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000ffffffff000000000a00000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000b7080000000000007b8af8ff00000000b7080000080000007b8af0ff00000000bf1e13996c7da1000000000000070100e8426b5a1ba18600f8ffffecbfa400000000000007040000f0ffffff", @ANYBLOB="bbc80787e0b9a2937a16bf7c8bde99a82aea75c64b77a57eea95fcd0348c2e7551e08e5126836f0e8c7dde433cf87c908edbf4f8b7226e581eb1413612d6a2f61b17409a17", @ANYBLOB="0000000000000000b70500000800000085000000a50000000b01f4ff10000000850000002300000095000000000000001828000030e414996858a5bc5056228e67a5baef", @ANYRES32, @ANYRESDEC=r0], &(0x7f0000000200)='syzkaller\x00', 0xfffffff9, 0x8f, &(0x7f0000000240)=""/143, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0xf, 0x4, 0x9}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000380)=[0xffffffffffffffff], &(0x7f00000003c0)=[{0x2, 0x5, 0x5, 0x7}], 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.115253359s ago: executing program 1 (id=3785):
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="28010000000000000100000001", @ANYRESDEC, @ANYRES32=0x0, @ANYRES32], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x20040880)
recvmsg$unix(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd8}, 0x2146)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x4}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="00000000ff070080000000009be71d000008ffffffff0dfbd65e28424525a4fdf8546e6dc23cebf7afe57da0286cf837c2f2b6399e18092485de7567ad51812206e9cd40cad2c0d06581d521a58b2222ac657867031e58d06a3e47281936685c52020a97bb8a2ced98bfe5523079f666a474e16338c944b62b8fad1a2663d34b39d7c94c0b9f96456975eb24ec65dd34d1a46c15193a1b65ebdd521a0ed2e16d743d9c5ab941b02a6030e8e94bcbd0996d4cc4c86595647305a8b558b94c41b1955042ba7eda75e8e4cf5c42b7ae3433684f187461a3a4b4d7cea1288c02df91", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x34)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r3, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r3, &(0x7f0000000040)="20f3207eb9f68d8fda81c6a0a150521afcad17e6c4f92a0512d144965361d8ef7d4cf50b3fe6975a65696d1828799c55ee3ca335795c", &(0x7f0000000140)=""/109}, 0x20)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x8000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'tunl0\x00', 0x200})
write$cgroup_int(r2, &(0x7f00000002c0)=0xb197bc1, 0x12)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f2, &(0x7f0000000080))
socketpair(0x15, 0x5, 0x7, &(0x7f0000000300)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8946, &(0x7f0000000080))

2.09432ms ago: executing program 2 (id=3786):
r0 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000005, 0x80100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x11540}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x9, 0x1, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="d8000000180081064e81f782db4cb904021d0800fd0002020c600e41b0000900ac00060311000000040005000a0012000048035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d00"/216, 0xd8}], 0x1}, 0x0)

0s ago: executing program 3 (id=3787):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfd, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00002410008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440009000e000a0010000000ba8000001201", 0x2e}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

st_dest: Unknown node
[  592.920250][ T5769] Bluetooth: hci4: unexpected subevent 0x01 length: 150 > 18
[  594.987147][ T5769] Bluetooth: hci4: command tx timeout
[  595.166883][T14216] netlink: 'syz.2.2820': attribute type 39 has an invalid length.
[  595.654898][T14238] FAULT_INJECTION: forcing a failure.
[  595.654898][T14238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  595.661781][T14241] netlink: 'syz.1.2829': attribute type 21 has an invalid length.
[  595.691931][T14238] CPU: 0 PID: 14238 Comm: syz.0.2827 Not tainted syzkaller #0
[  595.699453][T14238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  595.709543][T14238] Call Trace:
[  595.712843][T14238]  <TASK>
[  595.715788][T14238]  dump_stack_lvl+0x18c/0x250
[  595.720501][T14238]  ? show_regs_print_info+0x20/0x20
[  595.725734][T14238]  ? load_image+0x420/0x420
[  595.730267][T14238]  ? __might_fault+0xaa/0x120
[  595.734970][T14238]  ? __lock_acquire+0x7d40/0x7d40
[  595.740115][T14238]  should_fail_ex+0x39d/0x4d0
[  595.744889][T14238]  _copy_from_user+0x2f/0xe0
[  595.749506][T14238]  bpf_prog_test_run_skb+0x266/0x12b0
[  595.754887][T14238]  ? __fget_files+0x28/0x4b0
[  595.759505][T14238]  ? __fget_files+0x28/0x4b0
[  595.764091][T14238]  ? __fget_files+0x43d/0x4b0
[  595.768769][T14238]  ? cpu_online+0x60/0x60
[  595.773096][T14238]  bpf_prog_test_run+0x321/0x390
[  595.778036][T14238]  __sys_bpf+0x49d/0x890
[  595.782269][T14238]  ? bpf_link_show_fdinfo+0x390/0x390
[  595.787648][T14238]  ? lock_chain_count+0x20/0x20
[  595.792537][T14238]  __x64_sys_bpf+0x7c/0x90
[  595.796954][T14238]  do_syscall_64+0x55/0xa0
[  595.801363][T14238]  ? clear_bhb_loop+0x40/0x90
[  595.806041][T14238]  ? clear_bhb_loop+0x40/0x90
[  595.810711][T14238]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  595.816596][T14238] RIP: 0033:0x7fc07379c819
[  595.821004][T14238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  595.840609][T14238] RSP: 002b:00007fc07457b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  595.849021][T14238] RAX: ffffffffffffffda RBX: 00007fc073a15fa0 RCX: 00007fc07379c819
[  595.857073][T14238] RDX: 0000000000000050 RSI: 0000200000002280 RDI: 000000000000000a
[  595.865035][T14238] RBP: 00007fc07457b090 R08: 0000000000000000 R09: 0000000000000000
[  595.872996][T14238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  595.880958][T14238] R13: 00007fc073a16038 R14: 00007fc073a15fa0 R15: 00007ffc53985198
[  595.888940][T14238]  </TASK>
[  596.152948][T14247] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  596.246689][T14247] syzkaller0: entered promiscuous mode
[  596.252817][T14247] syzkaller0: entered allmulticast mode
[  599.343180][T14259] netlink: 'syz.1.2833': attribute type 39 has an invalid length.
[  599.505233][T14271] netlink: 'syz.2.2839': attribute type 21 has an invalid length.
[  599.642717][T14274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  599.660823][T14274] batman_adv: batadv0: Removing interface: batadv_slave_0
[  601.062831][ T5773] Bluetooth: hci4: command 0x0406 tx timeout
[  602.188704][T14274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  602.214547][T14274] batman_adv: batadv0: Removing interface: batadv_slave_1
[  602.383336][T14279] netlink: 'syz.3.2838': attribute type 21 has an invalid length.
[  602.678254][T14299] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  602.735878][T14301] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2851'.
[  602.762272][T14299] syzkaller0: entered promiscuous mode
[  602.769486][T14301] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes.
[  602.772952][T14299] syzkaller0: entered allmulticast mode
[  605.966841][T14376] netlink: 'syz.0.2855': attribute type 21 has an invalid length.
[  606.134818][T14387] netlink: 9286 bytes leftover after parsing attributes in process `syz.0.2860'.
[  606.473997][T14395] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2864'.
[  606.493697][T14395] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes.
[  607.034397][T14414] netlink: 'syz.0.2868': attribute type 13 has an invalid length.
[  607.054812][T14414] netlink: 160 bytes leftover after parsing attributes in process `syz.0.2868'.
[  608.113366][T14455] netlink: 'syz.1.2875': attribute type 29 has an invalid length.
[  608.129522][T14455] netlink: 'syz.1.2875': attribute type 29 has an invalid length.
[  608.467439][T14459] netlink: 'syz.3.2876': attribute type 10 has an invalid length.
[  609.066725][T14475] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  609.206139][T14475] syzkaller0: entered promiscuous mode
[  609.225993][T14475] syzkaller0: entered allmulticast mode
[  612.081717][T14496] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2886'.
[  612.106142][T14496] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes.
[  612.792231][T14533] FAULT_INJECTION: forcing a failure.
[  612.792231][T14533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  612.812804][T14533] CPU: 0 PID: 14533 Comm: syz.3.2896 Not tainted syzkaller #0
[  612.820320][T14533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  612.830415][T14533] Call Trace:
[  612.833704][T14533]  <TASK>
[  612.836644][T14533]  dump_stack_lvl+0x18c/0x250
[  612.841507][T14533]  ? show_regs_print_info+0x20/0x20
[  612.846707][T14533]  ? load_image+0x420/0x420
[  612.851211][T14533]  ? __might_fault+0xaa/0x120
[  612.855903][T14533]  ? __lock_acquire+0x7d40/0x7d40
[  612.860931][T14533]  should_fail_ex+0x39d/0x4d0
[  612.865969][T14533]  _copy_from_iter+0x1d9/0x12e0
[  612.870818][T14533]  ? __virt_addr_valid+0x18c/0x540
[  612.875942][T14533]  ? __lock_acquire+0x7d40/0x7d40
[  612.880969][T14533]  ? rcu_is_watching+0x15/0xb0
[  612.885736][T14533]  ? copyout_mc+0x70/0x70
[  612.890090][T14533]  ? __virt_addr_valid+0x18c/0x540
[  612.895203][T14533]  ? __virt_addr_valid+0x18c/0x540
[  612.900311][T14533]  ? __virt_addr_valid+0x469/0x540
[  612.905419][T14533]  ? __check_object_size+0x506/0xa20
[  612.910699][T14533]  kcm_sendmsg+0xd95/0x28b0
[  612.915227][T14533]  ? kcm_getsockopt+0x280/0x280
[  612.920158][T14533]  ? aa_sock_msg_perm+0x94/0x150
[  612.925106][T14533]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  612.930504][T14533]  ? security_socket_sendmsg+0x80/0xa0
[  612.936065][T14533]  ? kcm_getsockopt+0x280/0x280
[  612.940926][T14533]  ____sys_sendmsg+0x5ba/0x960
[  612.945696][T14533]  ? __asan_memset+0x22/0x40
[  612.950373][T14533]  ? __sys_sendmsg_sock+0x30/0x30
[  612.955417][T14533]  ? __import_iovec+0x5f2/0x850
[  612.960266][T14533]  ? import_iovec+0x73/0xa0
[  612.964766][T14533]  ___sys_sendmsg+0x2a6/0x360
[  612.969438][T14533]  ? get_pid_task+0x20/0x1e0
[  612.974070][T14533]  ? __sys_sendmsg+0x2a0/0x2a0
[  612.978844][T14533]  ? __lock_acquire+0x7d40/0x7d40
[  612.983882][T14533]  __se_sys_sendmsg+0x1c2/0x2b0
[  612.988737][T14533]  ? __x64_sys_sendmsg+0x80/0x80
[  612.993696][T14533]  ? lockdep_hardirqs_on+0x98/0x150
[  612.998902][T14533]  do_syscall_64+0x55/0xa0
[  613.003309][T14533]  ? clear_bhb_loop+0x40/0x90
[  613.007978][T14533]  ? clear_bhb_loop+0x40/0x90
[  613.012659][T14533]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  613.018554][T14533] RIP: 0033:0x7f816159c819
[  613.022972][T14533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  613.042612][T14533] RSP: 002b:00007f8162499028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  613.051027][T14533] RAX: ffffffffffffffda RBX: 00007f8161816090 RCX: 00007f816159c819
[  613.059169][T14533] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 0000000000000003
[  613.067134][T14533] RBP: 00007f8162499090 R08: 0000000000000000 R09: 0000000000000000
[  613.075109][T14533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  613.083161][T14533] R13: 00007f8161816128 R14: 00007f8161816090 R15: 00007ffd88a49ad8
[  613.091138][T14533]  </TASK>
[  613.530880][T14542] netlink: 16247 bytes leftover after parsing attributes in process `syz.0.2907'.
[  613.580862][T14543] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  613.682770][T14543] syzkaller0: entered promiscuous mode
[  613.688752][T14543] syzkaller0: entered allmulticast mode
[  616.321267][T14546] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  616.340631][T14546] syzkaller0: entered promiscuous mode
[  616.348526][T14546] syzkaller0: entered allmulticast mode
[  616.364754][T14560] netlink: 'syz.3.2903': attribute type 39 has an invalid length.
[  617.559970][T14575] delete_channel: no stack
[  618.296106][T14571] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.2906'.
[  618.319990][T14571] bridge_slave_1: default FDB implementation only supports local addresses
[  618.335510][T14573] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.2908'.
[  618.366697][T14576] netlink: 11562 bytes leftover after parsing attributes in process `syz.1.2909'.
[  618.394919][T14577] netlink: 172 bytes leftover after parsing attributes in process `syz.1.2909'.
[  618.696286][T14590] netlink: 'syz.3.2914': attribute type 21 has an invalid length.
[  618.721624][T14590] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2914'.
[  619.123623][T14605] netlink: 'syz.3.2917': attribute type 39 has an invalid length.
[  619.186050][T14597] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  619.279078][T14597] syzkaller0: entered promiscuous mode
[  619.286739][T14597] syzkaller0: entered allmulticast mode
[  621.108883][T14611] syzkaller0: entered promiscuous mode
[  621.114468][T14611] syzkaller0: entered allmulticast mode
[  623.029877][T14635] netlink: 'syz.2.2925': attribute type 21 has an invalid length.
[  623.060334][T14635] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2925'.
[  623.356676][T14645] netlink: 'syz.3.2930': attribute type 39 has an invalid length.
[  623.411660][T14648] netlink: 202920 bytes leftover after parsing attributes in process `syz.2.2931'.
[  624.588186][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  624.594696][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  626.635086][T14656] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2933'.
[  626.663301][ T5773] Bluetooth: hci1: command 0x0406 tx timeout
[  627.965376][T14661] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  628.048861][T14661] syzkaller0: entered promiscuous mode
[  628.057948][T14661] syzkaller0: entered allmulticast mode
[  628.566853][T14682] netlink: 'syz.2.2941': attribute type 3 has an invalid length.
[  628.611853][T14682] netlink: 199824 bytes leftover after parsing attributes in process `syz.2.2941'.
[  628.687428][T14684] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.2942'.
[  633.057814][T14687] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2943'.
[  633.217222][T14692] netlink: 'syz.1.2945': attribute type 3 has an invalid length.
[  633.228683][T14690] netlink: 'syz.2.2944': attribute type 39 has an invalid length.
[  633.235312][T14692] netlink: 'syz.1.2945': attribute type 1 has an invalid length.
[  633.246540][T14692] netlink: 191376 bytes leftover after parsing attributes in process `syz.1.2945'.
[  633.511343][T14702] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.2951'.
[  633.751201][T14700] netlink: 'syz.1.2949': attribute type 3 has an invalid length.
[  633.790170][T14700] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2949'.
[  636.472978][T14724] netlink: 'syz.0.2955': attribute type 10 has an invalid length.
[  636.490908][T14724] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  636.512920][T14724] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  636.522382][T14724] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  636.543459][T14724] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  636.576667][T14724] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  636.595983][T14724] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  636.606162][T14724] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  636.615609][T14724] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  636.637778][T14724] team0: Port device geneve1 added
[  636.679441][T14734] netlink: 'syz.3.2961': attribute type 39 has an invalid length.
[  637.329995][T14744] netlink: 202920 bytes leftover after parsing attributes in process `syz.0.2964'.
[  640.746329][T14767] netlink: 'syz.2.2971': attribute type 33 has an invalid length.
[  640.747519][T14760] netlink: 'syz.3.2972': attribute type 39 has an invalid length.
[  640.762788][T14767] netlink: 'syz.2.2971': attribute type 3 has an invalid length.
[  640.770661][T14767] netlink: 153952 bytes leftover after parsing attributes in process `syz.2.2971'.
[  641.006975][T14777] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  641.094273][T14776] syzkaller0: entered promiscuous mode
[  641.101201][T14776] syzkaller0: entered allmulticast mode
[  643.084027][T14804] netlink: 'syz.1.2984': attribute type 8 has an invalid length.
[  643.110627][T14804] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2984'.
[  643.898899][T14808] netlink: 'syz.1.2985': attribute type 39 has an invalid length.
[  644.421097][T14821] syzkaller0: entered promiscuous mode
[  644.430601][T14821] syzkaller0: entered allmulticast mode
[  647.939716][T14854] netlink: 'syz.2.2999': attribute type 39 has an invalid length.
[  648.283763][T14890] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  648.347047][T14890] syzkaller0: entered promiscuous mode
[  648.354734][T14890] syzkaller0: entered allmulticast mode
[  650.539035][T14919] FAULT_INJECTION: forcing a failure.
[  650.539035][T14919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  650.573658][T14917] netlink: 'syz.1.3019': attribute type 39 has an invalid length.
[  650.590141][T14919] CPU: 0 PID: 14919 Comm: syz.3.3020 Not tainted syzkaller #0
[  650.597670][T14919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  650.607755][T14919] Call Trace:
[  650.611059][T14919]  <TASK>
[  650.614014][T14919]  dump_stack_lvl+0x18c/0x250
[  650.618732][T14919]  ? show_regs_print_info+0x20/0x20
[  650.623972][T14919]  ? load_image+0x420/0x420
[  650.628501][T14919]  ? __lock_acquire+0x7d40/0x7d40
[  650.633555][T14919]  ? snprintf+0xe9/0x140
[  650.637916][T14919]  should_fail_ex+0x39d/0x4d0
[  650.642727][T14919]  _copy_to_user+0x2f/0xa0
[  650.647256][T14919]  simple_read_from_buffer+0xe7/0x150
[  650.652751][T14919]  proc_fail_nth_read+0x1e8/0x260
[  650.657815][T14919]  ? proc_fault_inject_write+0x360/0x360
[  650.663487][T14919]  ? fsnotify_perm+0x271/0x5e0
[  650.668295][T14919]  ? proc_fault_inject_write+0x360/0x360
[  650.674101][T14919]  vfs_read+0x28b/0x970
[  650.678271][T14919]  ? kernel_read+0x1e0/0x1e0
[  650.682873][T14919]  ? __fget_files+0x28/0x4b0
[  650.687485][T14919]  ? __fget_files+0x28/0x4b0
[  650.692103][T14919]  ? __fget_files+0x43d/0x4b0
[  650.696859][T14919]  ? __fdget_pos+0x2a3/0x330
[  650.701461][T14919]  ? ksys_read+0x75/0x260
[  650.705922][T14919]  ksys_read+0x150/0x260
[  650.710194][T14919]  ? vfs_write+0x990/0x990
[  650.714617][T14919]  ? lockdep_hardirqs_on+0x98/0x150
[  650.719820][T14919]  do_syscall_64+0x55/0xa0
[  650.724241][T14919]  ? clear_bhb_loop+0x40/0x90
[  650.728913][T14919]  ? clear_bhb_loop+0x40/0x90
[  650.733771][T14919]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  650.739663][T14919] RIP: 0033:0x7f816155d04e
[  650.744137][T14919] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  650.764105][T14919] RSP: 002b:00007f81624b9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  650.772528][T14919] RAX: ffffffffffffffda RBX: 00007f81624ba6c0 RCX: 00007f816155d04e
[  650.780613][T14919] RDX: 000000000000000f RSI: 00007f81624ba0a0 RDI: 0000000000000004
[  650.788585][T14919] RBP: 00007f81624ba090 R08: 0000000000000000 R09: 0000000000000000
[  650.796640][T14919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  650.804612][T14919] R13: 00007f8161816038 R14: 00007f8161815fa0 R15: 00007ffd88a49ad8
[  650.812608][T14919]  </TASK>
[  650.860094][T14925] netlink: 'syz.2.3022': attribute type 21 has an invalid length.
[  650.871933][T14925] IPv6: NLM_F_CREATE should be specified when creating new route
[  651.324074][T14942] netlink: 'syz.1.3027': attribute type 21 has an invalid length.
[  651.332051][T14942] IPv6: NLM_F_CREATE should be specified when creating new route
[  651.888901][T14949] syzkaller0: entered promiscuous mode
[  651.897034][T14949] syzkaller0: entered allmulticast mode
[  654.930908][T14957] veth1_macvtap: left promiscuous mode
[  654.946198][T14959] veth1_macvtap: entered promiscuous mode
[  654.952063][T14959] macsec0: entered promiscuous mode
[  654.957553][T14959] macsec0: entered allmulticast mode
[  654.966411][T14959] veth1_macvtap: entered allmulticast mode
[  654.977421][T14960] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  655.011949][T14960] syzkaller0: entered promiscuous mode
[  655.032728][T14960] syzkaller0: entered allmulticast mode
[  659.906368][T14975] netlink: 'syz.2.3039': attribute type 2 has an invalid length.
[  659.915224][T14975] netlink: 'syz.2.3039': attribute type 8 has an invalid length.
[  659.923101][T14975] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3039'.
[  660.247159][T15004] FAULT_INJECTION: forcing a failure.
[  660.247159][T15004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  660.293329][T15004] CPU: 0 PID: 15004 Comm: syz.1.3049 Not tainted syzkaller #0
[  660.300950][T15004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  660.311074][T15004] Call Trace:
[  660.314387][T15004]  <TASK>
[  660.317346][T15004]  dump_stack_lvl+0x18c/0x250
[  660.322072][T15004]  ? show_regs_print_info+0x20/0x20
[  660.327315][T15004]  ? load_image+0x420/0x420
[  660.331861][T15004]  ? __might_fault+0xaa/0x120
[  660.336587][T15004]  ? __lock_acquire+0x7d40/0x7d40
[  660.341658][T15004]  should_fail_ex+0x39d/0x4d0
[  660.346418][T15004]  _copy_from_iter+0x1d9/0x12e0
[  660.351312][T15004]  ? slab_post_alloc_hook+0x8a/0x4b0
[  660.356637][T15004]  ? __virt_addr_valid+0x18c/0x540
[  660.361789][T15004]  ? __lock_acquire+0x7d40/0x7d40
[  660.366935][T15004]  ? rcu_is_watching+0x15/0xb0
[  660.371746][T15004]  ? copyout_mc+0x70/0x70
[  660.376111][T15004]  ? __virt_addr_valid+0x18c/0x540
[  660.381271][T15004]  ? __virt_addr_valid+0x18c/0x540
[  660.386434][T15004]  ? __virt_addr_valid+0x469/0x540
[  660.391584][T15004]  ? __check_object_size+0x506/0xa20
[  660.396905][T15004]  netlink_sendmsg+0x76b/0xbf0
[  660.401816][T15004]  ? netlink_getsockopt+0x590/0x590
[  660.407088][T15004]  ? aa_sock_msg_perm+0x94/0x150
[  660.412065][T15004]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  660.417384][T15004]  ? security_socket_sendmsg+0x80/0xa0
[  660.422870][T15004]  ? netlink_getsockopt+0x590/0x590
[  660.428106][T15004]  ____sys_sendmsg+0x5ba/0x960
[  660.431885][T15003] syzkaller0: entered promiscuous mode
[  660.432893][T15004]  ? __asan_memset+0x22/0x40
[  660.432922][T15004]  ? __sys_sendmsg_sock+0x30/0x30
[  660.432940][T15004]  ? __import_iovec+0x5f2/0x850
[  660.432978][T15004]  ? import_iovec+0x73/0xa0
[  660.433006][T15004]  ___sys_sendmsg+0x2a6/0x360
[  660.433026][T15004]  ? get_pid_task+0x20/0x1e0
[  660.433060][T15004]  ? __sys_sendmsg+0x2a0/0x2a0
[  660.433119][T15004]  ? __lock_acquire+0x7d40/0x7d40
[  660.433197][T15004]  __se_sys_sendmsg+0x1c2/0x2b0
[  660.433225][T15004]  ? __x64_sys_sendmsg+0x80/0x80
[  660.433276][T15004]  ? lockdep_hardirqs_on+0x98/0x150
[  660.438906][T15003] syzkaller0: entered allmulticast mode
[  660.443288][T15004]  do_syscall_64+0x55/0xa0
[  660.443309][T15004]  ? clear_bhb_loop+0x40/0x90
[  660.443330][T15004]  ? clear_bhb_loop+0x40/0x90
[  660.443355][T15004]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  660.443377][T15004] RIP: 0033:0x7f196259c819
[  660.443398][T15004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  660.443416][T15004] RSP: 002b:00007f196341e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  660.443439][T15004] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  660.443454][T15004] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  660.443467][T15004] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  660.443480][T15004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  660.443492][T15004] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  660.443535][T15004]  </TASK>
[  660.615330][T15009] netlink: 'syz.2.3052': attribute type 46 has an invalid length.
[  662.763879][T15033] FAULT_INJECTION: forcing a failure.
[  662.763879][T15033] name failslab, interval 1, probability 0, space 0, times 0
[  662.783431][T15033] CPU: 0 PID: 15033 Comm: syz.3.3057 Not tainted syzkaller #0
[  662.790944][T15033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  662.801192][T15033] Call Trace:
[  662.804503][T15033]  <TASK>
[  662.807445][T15033]  dump_stack_lvl+0x18c/0x250
[  662.812132][T15033]  ? show_regs_print_info+0x20/0x20
[  662.817330][T15033]  ? load_image+0x420/0x420
[  662.821833][T15033]  ? __might_sleep+0xe0/0xe0
[  662.826416][T15033]  ? __lock_acquire+0x7d40/0x7d40
[  662.831441][T15033]  should_fail_ex+0x39d/0x4d0
[  662.836123][T15033]  should_failslab+0x9/0x20
[  662.840621][T15033]  slab_pre_alloc_hook+0x59/0x310
[  662.845642][T15033]  ? __lock_acquire+0x7d40/0x7d40
[  662.850657][T15033]  kmem_cache_alloc_node+0x60/0x320
[  662.855850][T15033]  ? __alloc_skb+0x103/0x2c0
[  662.860434][T15033]  __alloc_skb+0x103/0x2c0
[  662.864846][T15033]  netlink_sendmsg+0x66a/0xbf0
[  662.869611][T15033]  ? netlink_getsockopt+0x590/0x590
[  662.874808][T15033]  ? aa_sock_msg_perm+0x94/0x150
[  662.879736][T15033]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  662.885020][T15033]  ? security_socket_sendmsg+0x80/0xa0
[  662.890466][T15033]  ? netlink_getsockopt+0x590/0x590
[  662.895659][T15033]  ____sys_sendmsg+0x5ba/0x960
[  662.900423][T15033]  ? __asan_memset+0x22/0x40
[  662.905009][T15033]  ? __sys_sendmsg_sock+0x30/0x30
[  662.910020][T15033]  ? __import_iovec+0x5f2/0x850
[  662.914887][T15033]  ? import_iovec+0x73/0xa0
[  662.919472][T15033]  ___sys_sendmsg+0x2a6/0x360
[  662.924143][T15033]  ? __sys_sendmsg+0x2a0/0x2a0
[  662.928913][T15033]  ? trace_call_bpf+0xc3/0x6c0
[  662.933674][T15033]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  662.939924][T15033]  __se_sys_sendmsg+0x1c2/0x2b0
[  662.944794][T15033]  ? __x64_sys_sendmsg+0x80/0x80
[  662.949740][T15033]  ? lockdep_hardirqs_on+0x98/0x150
[  662.954942][T15033]  do_syscall_64+0x55/0xa0
[  662.959351][T15033]  ? clear_bhb_loop+0x40/0x90
[  662.964059][T15033]  ? clear_bhb_loop+0x40/0x90
[  662.968741][T15033]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  662.974641][T15033] RIP: 0033:0x7f816159c819
[  662.979049][T15033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  662.998741][T15033] RSP: 002b:00007f81624ba028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  663.007332][T15033] RAX: ffffffffffffffda RBX: 00007f8161815fa0 RCX: 00007f816159c819
[  663.015303][T15033] RDX: 0000000000048010 RSI: 0000200000000000 RDI: 000000000000000b
[  663.023268][T15033] RBP: 00007f81624ba090 R08: 0000000000000000 R09: 0000000000000000
[  663.031229][T15033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  663.039191][T15033] R13: 00007f8161816038 R14: 00007f8161815fa0 R15: 00007ffd88a49ad8
[  663.047166][T15033]  </TASK>
[  663.307729][T15049] FAULT_INJECTION: forcing a failure.
[  663.307729][T15049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  663.326223][T15049] CPU: 0 PID: 15049 Comm: syz.2.3064 Not tainted syzkaller #0
[  663.333734][T15049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  663.343852][T15049] Call Trace:
[  663.347164][T15049]  <TASK>
[  663.350119][T15049]  dump_stack_lvl+0x18c/0x250
[  663.354891][T15049]  ? show_regs_print_info+0x20/0x20
[  663.360224][T15049]  ? load_image+0x420/0x420
[  663.364754][T15049]  ? __might_fault+0xaa/0x120
[  663.369451][T15049]  ? __lock_acquire+0x7d40/0x7d40
[  663.374503][T15049]  should_fail_ex+0x39d/0x4d0
[  663.379217][T15049]  _copy_from_user+0x2f/0xe0
[  663.383845][T15049]  ___sys_sendmsg+0x1c7/0x360
[  663.388544][T15049]  ? __sys_sendmsg+0x2a0/0x2a0
[  663.393348][T15049]  ? __lock_acquire+0x7d40/0x7d40
[  663.398429][T15049]  __se_sys_sendmsg+0x1c2/0x2b0
[  663.403395][T15049]  ? __x64_sys_sendmsg+0x80/0x80
[  663.408376][T15049]  ? lockdep_hardirqs_on+0x98/0x150
[  663.413610][T15049]  do_syscall_64+0x55/0xa0
[  663.418047][T15049]  ? clear_bhb_loop+0x40/0x90
[  663.422753][T15049]  ? clear_bhb_loop+0x40/0x90
[  663.427458][T15049]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  663.433375][T15049] RIP: 0033:0x7f0055f9c819
[  663.437867][T15049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  663.457499][T15049] RSP: 002b:00007f0056d74028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  663.465947][T15049] RAX: ffffffffffffffda RBX: 00007f0056215fa0 RCX: 00007f0055f9c819
[  663.474206][T15049] RDX: e07e872420dfefca RSI: 0000200000000780 RDI: 0000000000000004
[  663.482200][T15049] RBP: 00007f0056d74090 R08: 0000000000000000 R09: 0000000000000000
[  663.490189][T15049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  663.498180][T15049] R13: 00007f0056216038 R14: 00007f0056215fa0 R15: 00007ffc49084cf8
[  663.506199][T15049]  </TASK>
[  663.667969][T15060] netlink: 'syz.2.3067': attribute type 39 has an invalid length.
[  663.918441][T15071] netlink: 'syz.3.3073': attribute type 10 has an invalid length.
[  664.076091][T15077] netlink: 'syz.3.3075': attribute type 29 has an invalid length.
[  664.119078][T15077] netlink: 'syz.3.3075': attribute type 29 has an invalid length.
[  664.470845][T15092] netlink: 'syz.3.3079': attribute type 39 has an invalid length.
[  664.739754][T15101] tap1: tun_chr_ioctl cmd 1074025677
[  664.764114][T15101] tap1: linktype set to 778
[  666.057497][T15120] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3087'.
[  668.218875][T15121] netlink: 188 bytes leftover after parsing attributes in process `syz.1.3087'.
[  668.553843][T15135] netlink: 'syz.0.3091': attribute type 39 has an invalid length.
[  668.998153][T15152] netlink: 'syz.2.3098': attribute type 29 has an invalid length.
[  669.536318][T15152] netlink: 'syz.2.3098': attribute type 29 has an invalid length.
[  669.990367][T15166] netlink: 'syz.3.3105': attribute type 39 has an invalid length.
[  670.451660][T15187] FAULT_INJECTION: forcing a failure.
[  670.451660][T15187] name failslab, interval 1, probability 0, space 0, times 0
[  670.456781][T15184] netlink: 'syz.0.3111': attribute type 29 has an invalid length.
[  670.473354][T15187] CPU: 0 PID: 15187 Comm: syz.1.3113 Not tainted syzkaller #0
[  670.473418][T15187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  670.473432][T15187] Call Trace:
[  670.473442][T15187]  <TASK>
[  670.473453][T15187]  dump_stack_lvl+0x18c/0x250
[  670.473495][T15187]  ? show_regs_print_info+0x20/0x20
[  670.473526][T15187]  ? load_image+0x420/0x420
[  670.473560][T15187]  ? __might_sleep+0xe0/0xe0
[  670.473588][T15187]  ? __lock_acquire+0x7d40/0x7d40
[  670.473609][T15187]  ? __asan_memset+0x22/0x40
[  670.473643][T15187]  should_fail_ex+0x39d/0x4d0
[  670.473683][T15187]  should_failslab+0x9/0x20
[  670.473709][T15187]  slab_pre_alloc_hook+0x59/0x310
[  670.473741][T15187]  ? sctp_add_bind_addr+0x8c/0x360
[  670.473765][T15187]  __kmem_cache_alloc_node+0x53/0x250
[  670.473797][T15187]  ? sctp_add_bind_addr+0x8c/0x360
[  670.473820][T15187]  kmalloc_trace+0x2a/0xe0
[  670.473852][T15187]  sctp_add_bind_addr+0x8c/0x360
[  670.473884][T15187]  sctp_bind_addr_copy+0xb3/0x3c0
[  670.473910][T15187]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  670.473953][T15187]  sctp_connect_new_asoc+0x2f9/0x6a0
[  670.473984][T15187]  ? __sctp_connect+0xd80/0xd80
[  670.474004][T15187]  ? __local_bh_enable_ip+0x13a/0x1c0
[  670.474026][T15187]  ? _local_bh_enable+0xa0/0xa0
[  670.474046][T15187]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  670.474068][T15187]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  670.474094][T15187]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  670.474118][T15187]  ? security_sctp_bind_connect+0x89/0xb0
[  670.474152][T15187]  sctp_sendmsg+0x1575/0x28c0
[  670.474200][T15187]  ? sctp_getsockopt+0xb60/0xb60
[  670.474225][T15187]  ? aa_sk_perm+0x83c/0x970
[  670.474273][T15187]  ? aa_af_perm+0x330/0x330
[  670.474297][T15187]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  670.474329][T15187]  ? sock_rps_record_flow+0x19/0x3f0
[  670.474360][T15187]  ? inet_sendmsg+0x7c/0x2f0
[  670.474381][T15187]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  670.474403][T15187]  ? security_socket_sendmsg+0x80/0xa0
[  670.474423][T15187]  ? inet_send_prepare+0x260/0x260
[  670.474453][T15187]  ____sys_sendmsg+0x5ba/0x960
[  670.474475][T15187]  ? __lock_acquire+0x7d40/0x7d40
[  670.474507][T15187]  ? __asan_memset+0x22/0x40
[  670.474533][T15187]  ? __sys_sendmsg_sock+0x30/0x30
[  670.474551][T15187]  ? __import_iovec+0x5f2/0x850
[  670.474592][T15187]  ? import_iovec+0x73/0xa0
[  670.474621][T15187]  ___sys_sendmsg+0x2a6/0x360
[  670.474655][T15187]  ? __sys_sendmsg+0x2a0/0x2a0
[  670.474723][T15187]  ? __lock_acquire+0x7d40/0x7d40
[  670.474801][T15187]  __se_sys_sendmsg+0x1c2/0x2b0
[  670.474830][T15187]  ? __x64_sys_sendmsg+0x80/0x80
[  670.474887][T15187]  ? lockdep_hardirqs_on+0x98/0x150
[  670.474927][T15187]  do_syscall_64+0x55/0xa0
[  670.474945][T15187]  ? clear_bhb_loop+0x40/0x90
[  670.474968][T15187]  ? clear_bhb_loop+0x40/0x90
[  670.474997][T15187]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  670.475019][T15187] RIP: 0033:0x7f196259c819
[  670.475041][T15187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  670.475058][T15187] RSP: 002b:00007f196341e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  670.475083][T15187] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  670.475099][T15187] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  670.475113][T15187] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  670.475127][T15187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  670.475140][T15187] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  670.475188][T15187]  </TASK>
[  671.445933][T15184] netlink: 'syz.0.3111': attribute type 29 has an invalid length.
[  671.848294][T15214] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3124'.
[  671.870992][T15214] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3124'.
[  671.882523][T15214] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3124'.
[  671.957247][T15217] netlink: 207496 bytes leftover after parsing attributes in process `syz.2.3127'.
[  671.971360][T15218] netlink: 'syz.3.3126': attribute type 5 has an invalid length.
[  672.910462][T15235] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3133'.
[  672.964336][T15235] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  673.041868][T15235] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  673.449984][T15253] netlink: 64859 bytes leftover after parsing attributes in process `syz.0.3138'.
[  673.585275][T15259] netlink: 'syz.3.3142': attribute type 10 has an invalid length.
[  674.066057][T15282] netlink: 'syz.0.3152': attribute type 19 has an invalid length.
[  674.084104][T15282] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3152'.
[  674.444230][T15294] FAULT_INJECTION: forcing a failure.
[  674.444230][T15294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  674.458003][T15294] CPU: 1 PID: 15294 Comm: syz.0.3155 Not tainted syzkaller #0
[  674.465667][T15294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  674.475759][T15294] Call Trace:
[  674.479070][T15294]  <TASK>
[  674.482026][T15294]  dump_stack_lvl+0x18c/0x250
[  674.486755][T15294]  ? show_regs_print_info+0x20/0x20
[  674.492002][T15294]  ? load_image+0x420/0x420
[  674.496534][T15294]  ? __might_fault+0xaa/0x120
[  674.501223][T15294]  ? __lock_acquire+0x7d40/0x7d40
[  674.506259][T15294]  should_fail_ex+0x39d/0x4d0
[  674.510972][T15294]  _copy_from_iter+0x1d9/0x12e0
[  674.515938][T15294]  ? slab_post_alloc_hook+0x8a/0x4b0
[  674.521243][T15294]  ? __virt_addr_valid+0x18c/0x540
[  674.526374][T15294]  ? __lock_acquire+0x7d40/0x7d40
[  674.531403][T15294]  ? rcu_is_watching+0x15/0xb0
[  674.536183][T15294]  ? copyout_mc+0x70/0x70
[  674.540544][T15294]  ? __virt_addr_valid+0x18c/0x540
[  674.545677][T15294]  ? __virt_addr_valid+0x18c/0x540
[  674.550806][T15294]  ? __virt_addr_valid+0x469/0x540
[  674.555928][T15294]  ? __check_object_size+0x506/0xa20
[  674.561226][T15294]  netlink_sendmsg+0x76b/0xbf0
[  674.566086][T15294]  ? perf_trace_lock+0x304/0x3b0
[  674.571037][T15294]  ? netlink_getsockopt+0x590/0x590
[  674.576267][T15294]  ? aa_sock_msg_perm+0x94/0x150
[  674.581230][T15294]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  674.586624][T15294]  ? security_socket_sendmsg+0x80/0xa0
[  674.592092][T15294]  ? netlink_getsockopt+0x590/0x590
[  674.597353][T15294]  ____sys_sendmsg+0x5ba/0x960
[  674.602130][T15294]  ? __asan_memset+0x22/0x40
[  674.606731][T15294]  ? __sys_sendmsg_sock+0x30/0x30
[  674.611763][T15294]  ? __import_iovec+0x5f2/0x850
[  674.616716][T15294]  ? import_iovec+0x73/0xa0
[  674.621229][T15294]  ___sys_sendmsg+0x2a6/0x360
[  674.625927][T15294]  ? __sys_sendmsg+0x2a0/0x2a0
[  674.630724][T15294]  ? __lock_acquire+0x7d40/0x7d40
[  674.635788][T15294]  __se_sys_sendmsg+0x1c2/0x2b0
[  674.640645][T15294]  ? __x64_sys_sendmsg+0x80/0x80
[  674.645608][T15294]  ? lockdep_hardirqs_on+0x98/0x150
[  674.650815][T15294]  do_syscall_64+0x55/0xa0
[  674.655231][T15294]  ? clear_bhb_loop+0x40/0x90
[  674.659906][T15294]  ? clear_bhb_loop+0x40/0x90
[  674.664588][T15294]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  674.670483][T15294] RIP: 0033:0x7fc07379c819
[  674.674902][T15294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  674.694859][T15294] RSP: 002b:00007fc07457b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  674.703451][T15294] RAX: ffffffffffffffda RBX: 00007fc073a15fa0 RCX: 00007fc07379c819
[  674.711424][T15294] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  674.719484][T15294] RBP: 00007fc07457b090 R08: 0000000000000000 R09: 0000000000000000
[  674.727460][T15294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  674.735433][T15294] R13: 00007fc073a16038 R14: 00007fc073a15fa0 R15: 00007ffc53985198
[  674.743529][T15294]  </TASK>
[  676.094236][T15313] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  676.166548][T15313] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  676.206987][T15313] bond0 (unregistering): Released all slaves
[  676.250760][T15321] netlink: 'syz.1.3165': attribute type 10 has an invalid length.
[  676.413470][T15320] netlink: 'syz.2.3164': attribute type 39 has an invalid length.
[  676.481522][T15329] netlink: 'syz.1.3167': attribute type 10 has an invalid length.
[  677.385740][T15346] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3175'.
[  677.511456][T15348] netlink: 'syz.0.3176': attribute type 2 has an invalid length.
[  677.542793][T15348] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3176'.
[  677.748246][T15353] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3177'.
[  677.803744][T15353] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  677.853643][T15353] batman_adv: batadv0: Removing interface: batadv_slave_0
[  677.912738][T15353] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  677.942955][T15353] batman_adv: batadv0: Removing interface: batadv_slave_1
[  677.989225][T15353] batman_adv: batadv0: Interface deactivated: veth1_virt_wifi
[  678.058824][T15353] batman_adv: batadv0: Removing interface: veth1_virt_wifi
[  678.385012][T15365] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  678.428723][T15365] syzkaller0: entered promiscuous mode
[  678.436837][T15365] syzkaller0: entered allmulticast mode
[  678.487959][ T5769] Bluetooth: hci1: ISO packet for unknown connection handle 2622
[  680.972063][T15387] netlink: 'syz.2.3187': attribute type 3 has an invalid length.
[  681.032192][T15387] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3187'.
[  681.252234][T15395] FAULT_INJECTION: forcing a failure.
[  681.252234][T15395] name failslab, interval 1, probability 0, space 0, times 0
[  681.265232][T15395] CPU: 0 PID: 15395 Comm: syz.0.3188 Not tainted syzkaller #0
[  681.272725][T15395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  681.282796][T15395] Call Trace:
[  681.286093][T15395]  <TASK>
[  681.289048][T15395]  dump_stack_lvl+0x18c/0x250
[  681.293853][T15395]  ? bpf_prog_test_run_skb+0xad2/0x12b0
[  681.299438][T15395]  ? __sys_bpf+0x49d/0x890
[  681.302737][ T5769] Bluetooth: hci4: ISO packet for unknown connection handle 2622
[  681.303868][T15395]  ? show_regs_print_info+0x20/0x20
[  681.316810][T15395]  ? load_image+0x420/0x420
[  681.321368][T15395]  should_fail_ex+0x39d/0x4d0
[  681.326080][T15395]  should_failslab+0x9/0x20
[  681.330607][T15395]  slab_pre_alloc_hook+0x59/0x310
[  681.335747][T15395]  ? nf_ct_ext_add+0x1ab/0x440
[  681.340532][T15395]  ? nf_ct_ext_add+0x1ab/0x440
[  681.345322][T15395]  __kmem_cache_alloc_node+0x53/0x250
[  681.350729][T15395]  ? nf_ct_ext_add+0x1ab/0x440
[  681.355512][T15395]  __kmalloc_node_track_caller+0xa2/0x230
[  681.361266][T15395]  krealloc+0x86/0x120
[  681.365710][T15395]  nf_ct_ext_add+0x1ab/0x440
[  681.370332][T15395]  init_conntrack+0x69c/0xf10
[  681.375043][T15395]  ? early_drop+0x7f0/0x7f0
[  681.379571][T15395]  ? nf_conntrack_find_get+0x650/0x650
[  681.385045][T15395]  ? __local_bh_enable_ip+0x13a/0x1c0
[  681.390613][T15395]  ? __siphash_unaligned+0x22e/0x3a0
[  681.395930][T15395]  nf_conntrack_in+0xc06/0x15c0
[  681.400835][T15395]  ? nf_ct_pernet+0x270/0x270
[  681.405801][T15395]  ? ipt_do_table+0x2c1/0x15e0
[  681.410598][T15395]  ? read_lock_is_recursive+0x20/0x20
[  681.415986][T15395]  ? ipv4_conntrack_defrag+0x29d/0x5a0
[  681.421461][T15395]  ? ipv4_conntrack_local+0x123/0x200
[  681.426937][T15395]  ? ipv4_conntrack_in+0x20/0x20
[  681.431897][T15395]  nf_hook_slow+0xbd/0x200
[  681.436339][T15395]  ? nf_hook+0x390/0x390
[  681.440603][T15395]  nf_hook+0x228/0x390
[  681.444695][T15395]  ? nf_hook+0xa2/0x390
[  681.448862][T15395]  ? __ip_local_out+0x5f0/0x5f0
[  681.453733][T15395]  ? nf_hook+0x390/0x390
[  681.457996][T15395]  ? __asan_memset+0x22/0x40
[  681.462703][T15395]  ? ip_fast_csum+0x1ee/0x2b0
[  681.467537][T15395]  __ip_local_out+0x4db/0x5f0
[  681.472228][T15395]  ? nf_hook+0x390/0x390
[  681.476491][T15395]  ip_local_out+0x2a/0x130
[  681.480926][T15395]  iptunnel_xmit+0x4f0/0x920
[  681.485558][T15395]  ip_tunnel_xmit+0x1cbc/0x2410
[  681.490484][T15395]  ? ip4_dst_hoplimit+0x2d0/0x2d0
[  681.495540][T15395]  ? validate_xmit_xfrm+0xbc/0x12c0
[  681.500778][T15395]  ? gre_build_header+0x25b/0x990
[  681.505883][T15395]  ipgre_xmit+0x7a6/0xb20
[  681.510337][T15395]  dev_hard_start_xmit+0x246/0x740
[  681.515497][T15395]  __dev_queue_xmit+0x19a3/0x3660
[  681.520559][T15395]  ? __dev_queue_xmit+0x265/0x3660
[  681.525702][T15395]  ? netdev_core_pick_tx+0x340/0x340
[  681.531016][T15395]  ? skb_release_data+0x1cf/0x800
[  681.536076][T15395]  ? pskb_expand_head+0xbfe/0x1230
[  681.541218][T15395]  __bpf_tx_skb+0x189/0x250
[  681.545747][T15395]  bpf_clone_redirect+0x30f/0x4a0
[  681.550889][T15395]  bpf_prog_208b094576c80b22+0x5e/0x63
[  681.556379][T15395]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  681.562226][T15395]  ? perf_trace_preemptirq_template+0x269/0x330
[  681.568512][T15395]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  681.574531][T15395]  ? lockdep_softirqs_on+0x580/0x580
[  681.579850][T15395]  ? lock_chain_count+0x20/0x20
[  681.584728][T15395]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  681.591012][T15395]  ? __local_bh_disable_ip+0x108/0x1a0
[  681.596574][T15395]  ? __cant_sleep+0x220/0x220
[  681.601271][T15395]  ? __local_bh_enable_ip+0x13a/0x1c0
[  681.606660][T15395]  ? _local_bh_enable+0xa0/0xa0
[  681.611535][T15395]  ? bpf_test_timer_continue+0x135/0x380
[  681.617190][T15395]  ? bpf_test_run+0x174/0x870
[  681.621891][T15395]  bpf_test_run+0x2df/0x870
[  681.626600][T15395]  ? bpf_test_run+0x174/0x870
[  681.631383][T15395]  ? convert___skb_to_skb+0x590/0x590
[  681.636780][T15395]  ? eth_get_headlen+0x210/0x210
[  681.641768][T15395]  ? slab_build_skb+0x25f/0x3f0
[  681.646640][T15395]  ? convert___skb_to_skb+0x3d/0x590
[  681.651984][T15395]  bpf_prog_test_run_skb+0xad2/0x12b0
[  681.657491][T15395]  ? cpu_online+0x60/0x60
[  681.661845][T15395]  bpf_prog_test_run+0x321/0x390
[  681.666807][T15395]  __sys_bpf+0x49d/0x890
[  681.671071][T15395]  ? bpf_link_show_fdinfo+0x390/0x390
[  681.676481][T15395]  ? lock_chain_count+0x20/0x20
[  681.681368][T15395]  __x64_sys_bpf+0x7c/0x90
[  681.685806][T15395]  do_syscall_64+0x55/0xa0
[  681.690240][T15395]  ? clear_bhb_loop+0x40/0x90
[  681.694936][T15395]  ? clear_bhb_loop+0x40/0x90
[  681.699636][T15395]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  681.705553][T15395] RIP: 0033:0x7fc07379c819
[  681.709991][T15395] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  681.729792][T15395] RSP: 002b:00007fc07457b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  681.738317][T15395] RAX: ffffffffffffffda RBX: 00007fc073a15fa0 RCX: 00007fc07379c819
[  681.746317][T15395] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  681.754393][T15395] RBP: 00007fc07457b090 R08: 0000000000000000 R09: 0000000000000000
[  681.762563][T15395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  681.770558][T15395] R13: 00007fc073a16038 R14: 00007fc073a15fa0 R15: 00007ffc53985198
[  681.778580][T15395]  </TASK>
[  682.403763][T15406] netlink: 'syz.3.3195': attribute type 21 has an invalid length.
[  683.167072][T15405] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  683.261223][T15405] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  683.288530][T15405] bond0 (unregistering): Released all slaves
[  684.323370][T15435] netlink: 'syz.1.3209': attribute type 39 has an invalid length.
[  686.027403][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  686.033774][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  686.508263][T15449] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.3207'.
[  686.898729][T15454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  686.948777][T15454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  687.166532][T15454] bond0 (unregistering): Released all slaves
[  687.794819][T15458] netlink: 'syz.1.3211': attribute type 46 has an invalid length.
[  687.988148][T15472] netlink: 'syz.1.3215': attribute type 39 has an invalid length.
[  688.369379][T15494] netlink: 'syz.3.3224': attribute type 46 has an invalid length.
[  688.514644][T15499] FAULT_INJECTION: forcing a failure.
[  688.514644][T15499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  688.582855][T15499] CPU: 0 PID: 15499 Comm: syz.0.3225 Not tainted syzkaller #0
[  688.590473][T15499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  688.600648][T15499] Call Trace:
[  688.603952][T15499]  <TASK>
[  688.606915][T15499]  dump_stack_lvl+0x18c/0x250
[  688.611624][T15499]  ? show_regs_print_info+0x20/0x20
[  688.616846][T15499]  ? load_image+0x420/0x420
[  688.621358][T15499]  ? __lock_acquire+0x7d40/0x7d40
[  688.626391][T15499]  should_fail_ex+0x39d/0x4d0
[  688.631084][T15499]  _copy_from_user+0x2f/0xe0
[  688.635682][T15499]  __copy_msghdr+0x3bb/0x580
[  688.640273][T15499]  ___sys_sendmsg+0x214/0x360
[  688.644949][T15499]  ? get_pid_task+0x20/0x1e0
[  688.649543][T15499]  ? __sys_sendmsg+0x2a0/0x2a0
[  688.654328][T15499]  ? __lock_acquire+0x7d40/0x7d40
[  688.659368][T15499]  __se_sys_sendmsg+0x1c2/0x2b0
[  688.664220][T15499]  ? __x64_sys_sendmsg+0x80/0x80
[  688.669252][T15499]  ? lockdep_hardirqs_on+0x98/0x150
[  688.674453][T15499]  do_syscall_64+0x55/0xa0
[  688.678867][T15499]  ? clear_bhb_loop+0x40/0x90
[  688.683557][T15499]  ? clear_bhb_loop+0x40/0x90
[  688.688230][T15499]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  688.694121][T15499] RIP: 0033:0x7fc07379c819
[  688.698533][T15499] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  688.718176][T15499] RSP: 002b:00007fc0719d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  688.726595][T15499] RAX: ffffffffffffffda RBX: 00007fc073a16180 RCX: 00007fc07379c819
[  688.734560][T15499] RDX: 0000000000000001 RSI: 0000200000000c40 RDI: 0000000000000004
[  688.742531][T15499] RBP: 00007fc0719d5090 R08: 0000000000000000 R09: 0000000000000000
[  688.750494][T15499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  688.758457][T15499] R13: 00007fc073a16218 R14: 00007fc073a16180 R15: 00007ffc53985198
[  688.766454][T15499]  </TASK>
[  688.859602][T15497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  688.940187][T15497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  689.012788][T15497] bond0 (unregistering): Released all slaves
[  689.108348][T15500] netlink: 'syz.1.3231': attribute type 39 has an invalid length.
[  690.556749][T15539] netlink: 'syz.0.3241': attribute type 39 has an invalid length.
[  690.704193][T15551] netlink: 'syz.2.3245': attribute type 10 has an invalid length.
[  690.735208][T15551] netlink: 'syz.2.3245': attribute type 10 has an invalid length.
[  691.084593][T15559] IPv6: NLM_F_CREATE should be specified when creating new route
[  691.657248][T15577] netlink: 'syz.1.3255': attribute type 39 has an invalid length.
[  692.359551][T15594] FAULT_INJECTION: forcing a failure.
[  692.359551][T15594] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  692.405607][T15594] CPU: 0 PID: 15594 Comm: syz.1.3260 Not tainted syzkaller #0
[  692.413224][T15594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  692.423307][T15594] Call Trace:
[  692.426783][T15594]  <TASK>
[  692.429742][T15594]  dump_stack_lvl+0x18c/0x250
[  692.434452][T15594]  ? show_regs_print_info+0x20/0x20
[  692.439680][T15594]  ? load_image+0x420/0x420
[  692.444209][T15594]  ? __lock_acquire+0x7d40/0x7d40
[  692.449266][T15594]  ? snprintf+0xe9/0x140
[  692.453538][T15594]  should_fail_ex+0x39d/0x4d0
[  692.458249][T15594]  _copy_to_user+0x2f/0xa0
[  692.462701][T15594]  simple_read_from_buffer+0xe7/0x150
[  692.468102][T15594]  proc_fail_nth_read+0x1e8/0x260
[  692.473156][T15594]  ? proc_fault_inject_write+0x360/0x360
[  692.478818][T15594]  ? fsnotify_perm+0x271/0x5e0
[  692.483782][T15594]  ? proc_fault_inject_write+0x360/0x360
[  692.489446][T15594]  vfs_read+0x28b/0x970
[  692.493733][T15594]  ? kernel_read+0x1e0/0x1e0
[  692.498347][T15594]  ? __fget_files+0x28/0x4b0
[  692.502958][T15594]  ? __fget_files+0x28/0x4b0
[  692.507567][T15594]  ? __fget_files+0x43d/0x4b0
[  692.512266][T15594]  ? __fdget_pos+0x2a3/0x330
[  692.516875][T15594]  ? ksys_read+0x75/0x260
[  692.521239][T15594]  ksys_read+0x150/0x260
[  692.525523][T15594]  ? vfs_write+0x990/0x990
[  692.529980][T15594]  ? lockdep_hardirqs_on+0x98/0x150
[  692.535211][T15594]  do_syscall_64+0x55/0xa0
[  692.539654][T15594]  ? clear_bhb_loop+0x40/0x90
[  692.544362][T15594]  ? clear_bhb_loop+0x40/0x90
[  692.549064][T15594]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  692.554985][T15594] RIP: 0033:0x7f196255d04e
[  692.559426][T15594] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  692.579060][T15594] RSP: 002b:00007f196341dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  692.587514][T15594] RAX: ffffffffffffffda RBX: 00007f196341e6c0 RCX: 00007f196255d04e
[  692.595631][T15594] RDX: 000000000000000f RSI: 00007f196341e0a0 RDI: 0000000000000005
[  692.603631][T15594] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  692.611628][T15594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  692.619632][T15594] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  692.627652][T15594]  </TASK>
[  692.733562][T15597] netlink: 'syz.2.3261': attribute type 30 has an invalid length.
[  692.808068][T15597] netlink: 'syz.2.3261': attribute type 2 has an invalid length.
[  692.829468][T15597] netlink: 'syz.2.3261': attribute type 9 has an invalid length.
[  692.853644][T15597] netlink: 'syz.2.3261': attribute type 10 has an invalid length.
[  692.892809][T15597] netlink: 'syz.2.3261': attribute type 11 has an invalid length.
[  692.900991][T15597] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3261'.
[  692.947803][T15604] netlink: 'syz.2.3261': attribute type 9 has an invalid length.
[  693.003512][T15599] netlink: 'syz.2.3261': attribute type 10 has an invalid length.
[  693.050106][T15604] netlink: 209696 bytes leftover after parsing attributes in process `syz.2.3261'.
[  693.269068][T15611] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3267'.
[  693.297314][T15615] netlink: 'syz.3.3266': attribute type 39 has an invalid length.
[  693.340110][T15597] netlink: 'syz.2.3261': attribute type 9 has an invalid length.
[  693.453863][T15617] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.3269'.
[  693.491736][T15617] bridge_slave_1: default FDB implementation only supports local addresses
[  693.851497][T15633] netlink: 'syz.1.3276': attribute type 10 has an invalid length.
[  693.871229][T15633] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3276'.
[  693.904189][T15637] netlink: 'syz.1.3276': attribute type 28 has an invalid length.
[  693.915550][T15637] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3276'.
[  693.936582][T15633] caif0: entered promiscuous mode
[  693.956830][T15633] caif0: entered allmulticast mode
[  693.969520][T15633] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  694.407369][T15649] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3280'.
[  696.331208][T15693] syzkaller0: entered promiscuous mode
[  696.337562][T15693] syzkaller0: entered allmulticast mode
[  698.545321][T15705] netlink: 164 bytes leftover after parsing attributes in process `syz.1.3301'.
[  698.556871][T15714] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3303'.
[  698.848645][T15726] validate_nla: 4 callbacks suppressed
[  698.848682][T15726] netlink: 'syz.2.3307': attribute type 39 has an invalid length.
[  699.060152][T15735] sit0: entered allmulticast mode
[  699.114928][T15735] sit0: entered promiscuous mode
[  699.173538][ T5769] Bluetooth: hci0: unexpected subevent 0x01 length: 150 > 18
[  699.202546][T15738] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3312'.
[  699.475870][T15741] syzkaller0: entered promiscuous mode
[  699.481800][T15741] syzkaller0: entered allmulticast mode
[  699.558752][ T5773] Bluetooth: hci2: unexpected subevent 0x01 length: 150 > 18
[  699.744432][T15759] netlink: 'syz.1.3322': attribute type 1 has an invalid length.
[  699.755152][T15759] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.3322'.
[  701.529675][T15763] netlink: 'syz.2.3323': attribute type 39 has an invalid length.
[  701.537755][T15765] netlink: 'syz.1.3324': attribute type 10 has an invalid length.
[  701.627639][ T5769] Bluetooth: hci2: command 0x0406 tx timeout
[  701.937625][T15776] netlink: 'syz.2.3328': attribute type 17 has an invalid length.
[  701.956218][T15776] netlink: 148 bytes leftover after parsing attributes in process `syz.2.3328'.
[  702.592600][T15796] syzkaller0: entered promiscuous mode
[  702.600798][T15796] syzkaller0: entered allmulticast mode
[  702.624450][T15795] netlink: 'syz.1.3335': attribute type 39 has an invalid length.
[  704.641351][T15811] netlink: 'syz.2.3341': attribute type 29 has an invalid length.
[  704.664086][T15814] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3343'.
[  704.685375][T15811] netlink: 'syz.2.3341': attribute type 29 has an invalid length.
[  704.708989][T15816] netlink: 'syz.2.3341': attribute type 29 has an invalid length.
[  704.735988][T15815] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3342'.
[  704.902421][T15826] netlink: 'syz.3.3348': attribute type 1 has an invalid length.
[  704.915729][T15826] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.3348'.
[  705.066459][T15822] syzkaller0: entered promiscuous mode
[  705.075986][T15822] syzkaller0: entered allmulticast mode
[  706.771684][T15833] netlink: 'syz.1.3349': attribute type 39 has an invalid length.
[  707.144905][T15850] FAULT_INJECTION: forcing a failure.
[  707.144905][T15850] name failslab, interval 1, probability 0, space 0, times 0
[  707.157808][T15850] CPU: 0 PID: 15850 Comm: syz.3.3355 Not tainted syzkaller #0
[  707.165294][T15850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  707.175377][T15850] Call Trace:
[  707.178685][T15850]  <TASK>
[  707.181636][T15850]  dump_stack_lvl+0x18c/0x250
[  707.186343][T15850]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  707.192534][T15850]  ? show_regs_print_info+0x20/0x20
[  707.197768][T15850]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  707.203963][T15850]  should_fail_ex+0x39d/0x4d0
[  707.208669][T15850]  should_failslab+0x9/0x20
[  707.213204][T15850]  slab_pre_alloc_hook+0x59/0x310
[  707.218265][T15850]  kmem_cache_alloc+0x5a/0x2d0
[  707.223049][T15850]  ? skb_clone+0x1eb/0x370
[  707.227483][T15850]  skb_clone+0x1eb/0x370
[  707.231740][T15850]  bpf_clone_redirect+0x167/0x4a0
[  707.236792][T15850]  bpf_prog_64e505a7b7f97a05+0x5d/0x62
[  707.242350][T15850]  ? __static_call_text_end+0xf6680/0xf6680
[  707.248258][T15850]  ? lockdep_hardirqs_on+0x98/0x150
[  707.253555][T15850]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  707.259940][T15850]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  707.266210][T15850]  ? lockdep_softirqs_on+0x580/0x580
[  707.271509][T15850]  ? seqcount_lockdep_reader_access+0x19a/0x1d0
[  707.277774][T15850]  ? ktime_get_real_ts64+0x440/0x440
[  707.283132][T15850]  ? __x64_sys_bpf+0x7c/0x90
[  707.287739][T15850]  ? __local_bh_disable_ip+0x108/0x1a0
[  707.293212][T15850]  ? __cant_sleep+0x220/0x220
[  707.297987][T15850]  ? read_tsc+0x9/0x20
[  707.302068][T15850]  ? ktime_get+0x24b/0x280
[  707.306506][T15850]  ? bpf_test_run+0x174/0x870
[  707.311192][T15850]  bpf_test_run+0x2df/0x870
[  707.315720][T15850]  ? bpf_test_run+0x174/0x870
[  707.320670][T15850]  ? convert___skb_to_skb+0x590/0x590
[  707.326056][T15850]  ? eth_get_headlen+0x210/0x210
[  707.331013][T15850]  ? bpf_prog_test_run_skb+0x7ad/0x12b0
[  707.336579][T15850]  ? convert___skb_to_skb+0x3d/0x590
[  707.341997][T15850]  bpf_prog_test_run_skb+0xad2/0x12b0
[  707.347414][T15850]  ? cpu_online+0x60/0x60
[  707.351756][T15850]  bpf_prog_test_run+0x321/0x390
[  707.356715][T15850]  __sys_bpf+0x49d/0x890
[  707.360971][T15850]  ? bpf_link_show_fdinfo+0x390/0x390
[  707.366375][T15850]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  707.372560][T15850]  __x64_sys_bpf+0x7c/0x90
[  707.376990][T15850]  do_syscall_64+0x55/0xa0
[  707.381476][T15850]  ? clear_bhb_loop+0x40/0x90
[  707.386185][T15850]  ? clear_bhb_loop+0x40/0x90
[  707.390972][T15850]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  707.396880][T15850] RIP: 0033:0x7f816159c819
[  707.401322][T15850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  707.421045][T15850] RSP: 002b:00007f81624ba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  707.429487][T15850] RAX: ffffffffffffffda RBX: 00007f8161815fa0 RCX: 00007f816159c819
[  707.437469][T15850] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 000000000000000a
[  707.445446][T15850] RBP: 00007f81624ba090 R08: 0000000000000000 R09: 0000000000000000
[  707.453423][T15850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  707.461406][T15850] R13: 00007f8161816038 R14: 00007f8161815fa0 R15: 00007ffd88a49ad8
[  707.469401][T15850]  </TASK>
[  707.524397][T15841] netlink: 164 bytes leftover after parsing attributes in process `syz.0.3353'.
[  707.740644][T15859] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3358'.
[  707.760173][T15859] hsr_slave_0: left promiscuous mode
[  707.772486][T15859] hsr_slave_1: left promiscuous mode
[  708.245132][T15873] netlink: 'syz.1.3362': attribute type 39 has an invalid length.
[  708.480678][T15885] FAULT_INJECTION: forcing a failure.
[  708.480678][T15885] name failslab, interval 1, probability 0, space 0, times 0
[  708.501804][T15885] CPU: 0 PID: 15885 Comm: syz.1.3366 Not tainted syzkaller #0
[  708.509333][T15885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  708.519419][T15885] Call Trace:
[  708.522714][T15885]  <TASK>
[  708.525660][T15885]  dump_stack_lvl+0x18c/0x250
[  708.530396][T15885]  ? show_regs_print_info+0x20/0x20
[  708.535628][T15885]  ? load_image+0x420/0x420
[  708.540162][T15885]  ? __might_sleep+0xe0/0xe0
[  708.544796][T15885]  ? __lock_acquire+0x7d40/0x7d40
[  708.549863][T15885]  should_fail_ex+0x39d/0x4d0
[  708.554577][T15885]  should_failslab+0x9/0x20
[  708.559119][T15885]  slab_pre_alloc_hook+0x59/0x310
[  708.564199][T15885]  ? __get_vm_area_node+0x125/0x370
[  708.569434][T15885]  __kmem_cache_alloc_node+0x53/0x250
[  708.574849][T15885]  ? __get_vm_area_node+0x125/0x370
[  708.580083][T15885]  kmalloc_node_trace+0x26/0xe0
[  708.584978][T15885]  __get_vm_area_node+0x125/0x370
[  708.590037][T15885]  __vmalloc_node_range+0x36e/0x1330
[  708.595323][T15885]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  708.600900][T15885]  ? perf_trace_preemptirq_template+0x269/0x330
[  708.607244][T15885]  ? lock_chain_count+0x20/0x20
[  708.612095][T15885]  ? free_vm_area+0x50/0x50
[  708.616597][T15885]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  708.622764][T15885]  ? lockdep_hardirqs_on+0x98/0x150
[  708.627993][T15885]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  708.634169][T15885]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  708.639719][T15885]  __vmalloc+0x7a/0x90
[  708.643901][T15885]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  708.649588][T15885]  bpf_prog_alloc_no_stats+0x47/0x440
[  708.654967][T15885]  ? bpf_prog_alloc+0x2b/0x1a0
[  708.659791][T15885]  bpf_prog_alloc+0x3d/0x1a0
[  708.664449][T15885]  bpf_prog_load+0x6eb/0x1670
[  708.669171][T15885]  ? map_freeze+0x420/0x420
[  708.673682][T15885]  ? __might_fault+0xaa/0x120
[  708.678348][T15885]  ? __lock_acquire+0x7d40/0x7d40
[  708.683456][T15885]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  708.689816][T15885]  ? __might_fault+0xaa/0x120
[  708.694518][T15885]  ? __might_fault+0xc6/0x120
[  708.699181][T15885]  ? __might_fault+0xaa/0x120
[  708.703855][T15885]  ? bpf_lsm_bpf+0x9/0x10
[  708.708199][T15885]  ? security_bpf+0x7e/0xa0
[  708.712705][T15885]  __sys_bpf+0x5ba/0x890
[  708.717046][T15885]  ? bpf_link_show_fdinfo+0x390/0x390
[  708.722421][T15885]  ? lock_chain_count+0x20/0x20
[  708.727262][T15885]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  708.733284][T15885]  __x64_sys_bpf+0x7c/0x90
[  708.737729][T15885]  do_syscall_64+0x55/0xa0
[  708.742168][T15885]  ? clear_bhb_loop+0x40/0x90
[  708.746857][T15885]  ? clear_bhb_loop+0x40/0x90
[  708.751543][T15885]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  708.757449][T15885] RIP: 0033:0x7f196259c819
[  708.761887][T15885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  708.781522][T15885] RSP: 002b:00007f196341e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  708.789989][T15885] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  708.798054][T15885] RDX: 0000000000000094 RSI: 0000200000000040 RDI: 0000000000000005
[  708.806032][T15885] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  708.814005][T15885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  708.821983][T15885] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  708.829966][T15885]  </TASK>
[  708.842218][T15885] syz.1.3366: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  708.867530][T15885] CPU: 1 PID: 15885 Comm: syz.1.3366 Not tainted syzkaller #0
[  708.875034][T15885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  708.885136][T15885] Call Trace:
[  708.888413][T15885]  <TASK>
[  708.891346][T15885]  dump_stack_lvl+0x18c/0x250
[  708.896035][T15885]  ? show_regs_print_info+0x20/0x20
[  708.901235][T15885]  ? load_image+0x420/0x420
[  708.905743][T15885]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  708.912244][T15885]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  708.918754][T15885]  warn_alloc+0x246/0x340
[  708.923090][T15885]  ? __get_vm_area_node+0x125/0x370
[  708.928292][T15885]  ? zone_watermark_ok_safe+0x230/0x230
[  708.933839][T15885]  ? rcu_is_watching+0x15/0xb0
[  708.938786][T15885]  ? __get_vm_area_node+0x356/0x370
[  708.943994][T15885]  __vmalloc_node_range+0x393/0x1330
[  708.949291][T15885]  ? perf_trace_preemptirq_template+0x269/0x330
[  708.955548][T15885]  ? lock_chain_count+0x20/0x20
[  708.960408][T15885]  ? free_vm_area+0x50/0x50
[  708.964908][T15885]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  708.971081][T15885]  ? lockdep_hardirqs_on+0x98/0x150
[  708.976290][T15885]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  708.982449][T15885]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  708.988015][T15885]  __vmalloc+0x7a/0x90
[  708.992096][T15885]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  708.997649][T15885]  bpf_prog_alloc_no_stats+0x47/0x440
[  709.003068][T15885]  ? bpf_prog_alloc+0x2b/0x1a0
[  709.007863][T15885]  bpf_prog_alloc+0x3d/0x1a0
[  709.012482][T15885]  bpf_prog_load+0x6eb/0x1670
[  709.017188][T15885]  ? map_freeze+0x420/0x420
[  709.021702][T15885]  ? __might_fault+0xaa/0x120
[  709.026379][T15885]  ? __lock_acquire+0x7d40/0x7d40
[  709.031401][T15885]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  709.037647][T15885]  ? __might_fault+0xaa/0x120
[  709.042320][T15885]  ? __might_fault+0xc6/0x120
[  709.046995][T15885]  ? __might_fault+0xaa/0x120
[  709.051668][T15885]  ? bpf_lsm_bpf+0x9/0x10
[  709.055999][T15885]  ? security_bpf+0x7e/0xa0
[  709.060506][T15885]  __sys_bpf+0x5ba/0x890
[  709.064751][T15885]  ? bpf_link_show_fdinfo+0x390/0x390
[  709.070224][T15885]  ? lock_chain_count+0x20/0x20
[  709.075158][T15885]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  709.081241][T15885]  __x64_sys_bpf+0x7c/0x90
[  709.085657][T15885]  do_syscall_64+0x55/0xa0
[  709.090069][T15885]  ? clear_bhb_loop+0x40/0x90
[  709.094837][T15885]  ? clear_bhb_loop+0x40/0x90
[  709.099515][T15885]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  709.105409][T15885] RIP: 0033:0x7f196259c819
[  709.109822][T15885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  709.129430][T15885] RSP: 002b:00007f196341e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  709.137845][T15885] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  709.145814][T15885] RDX: 0000000000000094 RSI: 0000200000000040 RDI: 0000000000000005
[  709.153783][T15885] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  709.161748][T15885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  709.169713][T15885] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  709.177698][T15885]  </TASK>
[  709.228827][T15885] Mem-Info:
[  709.232368][T15885] active_anon:10029 inactive_anon:0 isolated_anon:0
[  709.232368][T15885]  active_file:20925 inactive_file:40326 isolated_file:0
[  709.232368][T15885]  unevictable:768 dirty:303 writeback:0
[  709.232368][T15885]  slab_reclaimable:11460 slab_unreclaimable:92602
[  709.232368][T15885]  mapped:24734 shmem:1361 pagetables:524
[  709.232368][T15885]  sec_pagetables:0 bounce:0
[  709.232368][T15885]  kernel_misc_reclaimable:0
[  709.232368][T15885]  free:1332861 free_pcp:10560 free_cma:0
[  709.291025][T15885] Node 0 active_anon:40016kB inactive_anon:0kB active_file:83700kB inactive_file:161100kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98936kB dirty:1212kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10328kB pagetables:2096kB sec_pagetables:0kB all_unreclaimable? no
[  709.335494][T15885] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  709.378358][T15885] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  709.409905][T15885] lowmem_reserve[]: 0 2521 2522 2522 2522
[  709.421762][T15885] Node 0 DMA32 free:1418052kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:39980kB inactive_anon:0kB active_file:83700kB inactive_file:160264kB unevictable:1536kB writepending:1212kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:24588kB local_pcp:3708kB free_cma:0kB
[  709.484378][T15885] lowmem_reserve[]: 0 0 0 0 0
[  709.489174][T15885] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:836kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  709.606727][T15885] lowmem_reserve[]: 0 0 0 0 0
[  709.635505][T15885] Node 1 Normal free:3898032kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:17644kB local_pcp:7236kB free_cma:0kB
[  709.692738][T15885] lowmem_reserve[]: 0 0 0 0 0
[  709.709049][T15885] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  709.755429][T15885] Node 0 DMA32: 1540*4kB (UM) 1279*8kB (UME) 1190*16kB (UME) 1529*32kB (UME) 1419*64kB (UME) 856*128kB (UM) 188*256kB (UM) 45*512kB (UM) 53*1024kB (UM) 12*2048kB (UME) 240*4096kB (UM) = 1417800kB
[  709.817963][T15899] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3371'.
[  709.822700][T15885] Node 0 
[  709.827993][T15899] hsr_slave_0: left promiscuous mode
[  709.834240][T15885] Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  709.851150][T15899] hsr_slave_1: left promiscuous mode
[  709.864218][T15885] Node 1 Normal: 226*4kB (UME) 51*8kB (UME) 45*16kB (UME) 58*32kB (UME) 26*64kB (UME) 8*128kB (UME) 3*256kB (UME) 1*512kB (E) 1*1024kB (U) 1*2048kB (E) 949*4096kB (M) = 3898032kB
[  709.899851][T15885] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  709.919111][T15885] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  709.939017][T15885] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  709.959318][T15885] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  709.970710][T15885] 62612 total pagecache pages
[  709.975775][T15885] 0 pages in swap cache
[  709.980079][T15885] Free swap  = 124728kB
[  709.985505][T15885] Total swap = 124996kB
[  709.989790][T15885] 2097051 pages RAM
[  709.994107][T15885] 0 pages HighMem/MovableOnly
[  709.998893][T15885] 416927 pages reserved
[  710.026817][T15885] 0 pages cma reserved
[  710.202106][T15908] netlink: 'syz.1.3374': attribute type 39 has an invalid length.
[  710.406474][T15919] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37
[  710.921847][T15925] netlink: 'syz.2.3379': attribute type 10 has an invalid length.
[  710.933067][T15925] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3379'.
[  710.952291][T15925] batman_adv: batadv0: Adding interface: veth1_virt_wifi
[  710.960649][T15925] batman_adv: batadv0: The MTU of interface veth1_virt_wifi is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  711.010521][T15925] batman_adv: batadv0: Interface activated: veth1_virt_wifi
[  711.110475][T15940] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3384'.
[  711.147115][T15940] hsr_slave_0: left promiscuous mode
[  711.173208][T15940] hsr_slave_1: left promiscuous mode
[  711.566701][T15952] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37
[  711.618665][T15950] netlink: 'syz.2.3387': attribute type 39 has an invalid length.
[  711.990404][T15975] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37
[  712.218356][T15974] netlink: 'syz.1.3395': attribute type 10 has an invalid length.
[  712.253069][T15974] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3395'.
[  712.298275][T15974] A link change request failed with some changes committed already. Interface veth1_virt_wifi may have been left with an inconsistent configuration, please check.
[  712.332870][T15980] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3399'.
[  712.352085][T15980] hsr_slave_0: left promiscuous mode
[  712.389077][T15980] hsr_slave_1: left promiscuous mode
[  712.560833][T15984] netlink: 'syz.0.3400': attribute type 39 has an invalid length.
[  712.728333][T15993] FAULT_INJECTION: forcing a failure.
[  712.728333][T15993] name failslab, interval 1, probability 0, space 0, times 0
[  712.744668][T15993] CPU: 1 PID: 15993 Comm: syz.1.3404 Not tainted syzkaller #0
[  712.752175][T15993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  712.762251][T15993] Call Trace:
[  712.765548][T15993]  <TASK>
[  712.768499][T15993]  dump_stack_lvl+0x18c/0x250
[  712.773227][T15993]  ? show_regs_print_info+0x20/0x20
[  712.778462][T15993]  ? load_image+0x420/0x420
[  712.782995][T15993]  ? __might_sleep+0xe0/0xe0
[  712.787614][T15993]  ? __lock_acquire+0x7d40/0x7d40
[  712.792686][T15993]  should_fail_ex+0x39d/0x4d0
[  712.797439][T15993]  should_failslab+0x9/0x20
[  712.802058][T15993]  slab_pre_alloc_hook+0x59/0x310
[  712.807116][T15993]  ? rtnl_newlink+0x10d/0x20a0
[  712.811904][T15993]  __kmem_cache_alloc_node+0x53/0x250
[  712.817311][T15993]  ? rtnl_newlink+0x10d/0x20a0
[  712.817828][T15998] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37
[  712.822080][T15993]  kmalloc_trace+0x2a/0xe0
[  712.822111][T15993]  ? rtnl_setlink+0x4e0/0x4e0
[  712.822127][T15993]  rtnl_newlink+0x10d/0x20a0
[  712.844830][T15993]  ? __mutex_trylock_common+0x159/0x260
[  712.850393][T15993]  ? rtnl_setlink+0x4e0/0x4e0
[  712.855093][T15993]  ? trace_raw_output_contention_end+0xd0/0xd0
[  712.861264][T15993]  ? rcu_is_watching+0x15/0xb0
[  712.866046][T15993]  ? trace_contention_end+0x39/0xe0
[  712.871292][T15993]  ? __mutex_lock+0x315/0xcc0
[  712.875993][T15993]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  712.881119][T15993]  ? mutex_lock_nested+0x20/0x20
[  712.886072][T15993]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  712.891190][T15993]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  712.896308][T15993]  ? rtnl_setlink+0x4e0/0x4e0
[  712.900989][T15993]  rtnetlink_rcv_msg+0x869/0xfa0
[  712.905942][T15993]  ? rtnetlink_bind+0x80/0x80
[  712.910623][T15993]  ? mark_lock+0x94/0x320
[  712.914961][T15993]  ? __lock_acquire+0x1273/0x7d40
[  712.920001][T15993]  ? __kernel_text_address+0xd/0x30
[  712.925214][T15993]  ? mark_lock+0x94/0x320
[  712.929564][T15993]  ? mark_lock+0x94/0x320
[  712.933905][T15993]  ? __lock_acquire+0x1273/0x7d40
[  712.938953][T15993]  ? kmalloc_reserve+0x95/0x240
[  712.943813][T15993]  ? verify_lock_unused+0x140/0x140
[  712.949019][T15993]  ? verify_lock_unused+0x140/0x140
[  712.954241][T15993]  netlink_rcv_skb+0x241/0x4d0
[  712.959028][T15993]  ? rtnetlink_bind+0x80/0x80
[  712.963710][T15993]  ? netlink_ack+0x1180/0x1180
[  712.968501][T15993]  ? __lock_acquire+0x7d40/0x7d40
[  712.973533][T15993]  ? net_generic+0x1e/0x240
[  712.978046][T15993]  ? netlink_deliver_tap+0x2e/0x1b0
[  712.983262][T15993]  netlink_unicast+0x751/0x8d0
[  712.988046][T15993]  netlink_sendmsg+0x8d0/0xbf0
[  712.992835][T15993]  ? netlink_getsockopt+0x590/0x590
[  712.998046][T15993]  ? aa_sock_msg_perm+0x94/0x150
[  713.002992][T15993]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  713.008287][T15993]  ? security_socket_sendmsg+0x80/0xa0
[  713.013756][T15993]  ? netlink_getsockopt+0x590/0x590
[  713.018969][T15993]  ____sys_sendmsg+0x5ba/0x960
[  713.023750][T15993]  ? __asan_memset+0x22/0x40
[  713.028347][T15993]  ? __sys_sendmsg_sock+0x30/0x30
[  713.033406][T15993]  ? __import_iovec+0x5f2/0x850
[  713.038270][T15993]  ? import_iovec+0x73/0xa0
[  713.042809][T15993]  ___sys_sendmsg+0x2a6/0x360
[  713.047497][T15993]  ? get_pid_task+0x20/0x1e0
[  713.052100][T15993]  ? __sys_sendmsg+0x2a0/0x2a0
[  713.056902][T15993]  ? __lock_acquire+0x7d40/0x7d40
[  713.061972][T15993]  __se_sys_sendmsg+0x1c2/0x2b0
[  713.066917][T15993]  ? __x64_sys_sendmsg+0x80/0x80
[  713.071872][T15993]  ? lockdep_hardirqs_on+0x98/0x150
[  713.077085][T15993]  do_syscall_64+0x55/0xa0
[  713.081508][T15993]  ? clear_bhb_loop+0x40/0x90
[  713.086193][T15993]  ? clear_bhb_loop+0x40/0x90
[  713.090878][T15993]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  713.096783][T15993] RIP: 0033:0x7f196259c819
[  713.101205][T15993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  713.120819][T15993] RSP: 002b:00007f196341e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  713.129239][T15993] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  713.137653][T15993] RDX: 0000000000000856 RSI: 0000200000000080 RDI: 0000000000000003
[  713.145632][T15993] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  713.153617][T15993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  713.161595][T15993] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  713.169586][T15993]  </TASK>
[  713.302387][T16003] FAULT_INJECTION: forcing a failure.
[  713.302387][T16003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  713.334973][T16003] CPU: 0 PID: 16003 Comm: syz.2.3408 Not tainted syzkaller #0
[  713.342581][T16003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  713.352655][T16003] Call Trace:
[  713.355964][T16003]  <TASK>
[  713.358902][T16003]  dump_stack_lvl+0x18c/0x250
[  713.363677][T16003]  ? show_regs_print_info+0x20/0x20
[  713.368888][T16003]  ? load_image+0x420/0x420
[  713.373392][T16003]  ? __might_fault+0xaa/0x120
[  713.378065][T16003]  ? __lock_acquire+0x7d40/0x7d40
[  713.383102][T16003]  should_fail_ex+0x39d/0x4d0
[  713.387810][T16003]  _copy_from_user+0x2f/0xe0
[  713.392407][T16003]  dev_ethtool+0x24a/0x18d0
[  713.396919][T16003]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  713.403162][T16003]  ? __lock_acquire+0x7d40/0x7d40
[  713.408206][T16003]  ? __might_fault+0xaa/0x120
[  713.412893][T16003]  ? full_name_hash+0x92/0xe0
[  713.417583][T16003]  ? dev_load+0x21/0x1f0
[  713.421829][T16003]  dev_ioctl+0x392/0x1140
[  713.426175][T16003]  sock_do_ioctl+0x239/0x310
[  713.430776][T16003]  ? sock_show_fdinfo+0xb0/0xb0
[  713.435635][T16003]  sock_ioctl+0x5ba/0x7e0
[  713.440137][T16003]  ? sock_poll+0x3e0/0x3e0
[  713.444555][T16003]  ? bpf_lsm_file_ioctl+0x9/0x10
[  713.449486][T16003]  ? security_file_ioctl+0x80/0xa0
[  713.454599][T16003]  ? sock_poll+0x3e0/0x3e0
[  713.459006][T16003]  __se_sys_ioctl+0xfd/0x170
[  713.463595][T16003]  do_syscall_64+0x55/0xa0
[  713.468004][T16003]  ? clear_bhb_loop+0x40/0x90
[  713.472833][T16003]  ? clear_bhb_loop+0x40/0x90
[  713.477505][T16003]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  713.483395][T16003] RIP: 0033:0x7f0055f9c819
[  713.487877][T16003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  713.507565][T16003] RSP: 002b:00007f0056d74028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  713.515976][T16003] RAX: ffffffffffffffda RBX: 00007f0056215fa0 RCX: 00007f0055f9c819
[  713.524042][T16003] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000001a
[  713.532008][T16003] RBP: 00007f0056d74090 R08: 0000000000000000 R09: 0000000000000000
[  713.539986][T16003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  713.547976][T16003] R13: 00007f0056216038 R14: 00007f0056215fa0 R15: 00007ffc49084cf8
[  713.556085][T16003]  </TASK>
[  713.639278][T16008] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3409'.
[  713.952889][T16010] netlink: 'syz.3.3410': attribute type 10 has an invalid length.
[  713.994970][T16010] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3410'.
[  714.012640][T16010] A link change request failed with some changes committed already. Interface veth1_virt_wifi may have been left with an inconsistent configuration, please check.
[  714.075540][T16019] netlink: 'syz.2.3413': attribute type 39 has an invalid length.
[  714.236173][T16030] FAULT_INJECTION: forcing a failure.
[  714.236173][T16030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  714.261367][T16030] CPU: 0 PID: 16030 Comm: syz.0.3425 Not tainted syzkaller #0
[  714.268898][T16030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  714.278981][T16030] Call Trace:
[  714.282289][T16030]  <TASK>
[  714.285251][T16030]  dump_stack_lvl+0x18c/0x250
[  714.289993][T16030]  ? show_regs_print_info+0x20/0x20
[  714.295325][T16030]  ? load_image+0x420/0x420
[  714.299886][T16030]  ? __lock_acquire+0x7d40/0x7d40
[  714.304949][T16030]  ? snprintf+0xe9/0x140
[  714.309231][T16030]  should_fail_ex+0x39d/0x4d0
[  714.313948][T16030]  _copy_to_user+0x2f/0xa0
[  714.318476][T16030]  simple_read_from_buffer+0xe7/0x150
[  714.323880][T16030]  proc_fail_nth_read+0x1e8/0x260
[  714.328930][T16030]  ? proc_fault_inject_write+0x360/0x360
[  714.334575][T16030]  ? fsnotify_perm+0x271/0x5e0
[  714.339346][T16030]  ? proc_fault_inject_write+0x360/0x360
[  714.344983][T16030]  vfs_read+0x28b/0x970
[  714.349142][T16030]  ? kernel_read+0x1e0/0x1e0
[  714.353729][T16030]  ? __fget_files+0x28/0x4b0
[  714.358323][T16030]  ? __fget_files+0x28/0x4b0
[  714.362920][T16030]  ? __fget_files+0x43d/0x4b0
[  714.367606][T16030]  ? __fdget_pos+0x2a3/0x330
[  714.372197][T16030]  ? ksys_read+0x75/0x260
[  714.376545][T16030]  ksys_read+0x150/0x260
[  714.380833][T16030]  ? vfs_write+0x990/0x990
[  714.385279][T16030]  ? lockdep_hardirqs_on+0x98/0x150
[  714.390487][T16030]  do_syscall_64+0x55/0xa0
[  714.394899][T16030]  ? clear_bhb_loop+0x40/0x90
[  714.399576][T16030]  ? clear_bhb_loop+0x40/0x90
[  714.404250][T16030]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  714.410141][T16030] RIP: 0033:0x7fc07375d04e
[  714.414551][T16030] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  714.434364][T16030] RSP: 002b:00007fc07457afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  714.442780][T16030] RAX: ffffffffffffffda RBX: 00007fc07457b6c0 RCX: 00007fc07375d04e
[  714.450834][T16030] RDX: 000000000000000f RSI: 00007fc07457b0a0 RDI: 0000000000000008
[  714.458823][T16030] RBP: 00007fc07457b090 R08: 0000000000000000 R09: 0000000000000000
[  714.466806][T16030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  714.474794][T16030] R13: 00007fc073a16038 R14: 00007fc073a15fa0 R15: 00007ffc53985198
[  714.482812][T16030]  </TASK>
[  714.702058][T16042] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3422'.
[  714.731798][T16042] netlink: del zone limit has 4 unknown bytes
[  714.859740][T16053] netlink: 'syz.1.3427': attribute type 2 has an invalid length.
[  714.874201][T16053] netlink: 'syz.1.3427': attribute type 4 has an invalid length.
[  714.889271][T16053] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3427'.
[  715.590784][T16058] netlink: 'syz.0.3426': attribute type 10 has an invalid length.
[  715.609712][T16058] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3426'.
[  715.623852][T16058] batman_adv: batadv0: Adding interface: veth1_virt_wifi
[  715.631149][T16058] batman_adv: batadv0: The MTU of interface veth1_virt_wifi is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  715.662614][T16058] batman_adv: batadv0: Interface activated: veth1_virt_wifi
[  718.115549][T16069] FAULT_INJECTION: forcing a failure.
[  718.115549][T16069] name failslab, interval 1, probability 0, space 0, times 0
[  718.175802][T16069] CPU: 0 PID: 16069 Comm: syz.0.3433 Not tainted syzkaller #0
[  718.183328][T16069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  718.193484][T16069] Call Trace:
[  718.196773][T16069]  <TASK>
[  718.199821][T16069]  dump_stack_lvl+0x18c/0x250
[  718.204538][T16069]  ? show_regs_print_info+0x20/0x20
[  718.209845][T16069]  ? load_image+0x420/0x420
[  718.214402][T16069]  ? __might_sleep+0xe0/0xe0
[  718.219009][T16069]  ? __lock_acquire+0x7d40/0x7d40
[  718.224067][T16069]  should_fail_ex+0x39d/0x4d0
[  718.228769][T16069]  should_failslab+0x9/0x20
[  718.233294][T16069]  slab_pre_alloc_hook+0x59/0x310
[  718.238425][T16069]  ? __lock_acquire+0x7d40/0x7d40
[  718.243464][T16069]  ? dev_ethtool+0x129/0x18d0
[  718.248156][T16069]  __kmem_cache_alloc_node+0x53/0x250
[  718.253630][T16069]  ? __might_fault+0xaa/0x120
[  718.258320][T16069]  ? dev_ethtool+0x129/0x18d0
[  718.263014][T16069]  kmalloc_trace+0x2a/0xe0
[  718.267455][T16069]  dev_ethtool+0x129/0x18d0
[  718.271987][T16069]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  718.278245][T16069]  ? __lock_acquire+0x7d40/0x7d40
[  718.283294][T16069]  ? __might_fault+0xaa/0x120
[  718.287980][T16069]  ? full_name_hash+0x92/0xe0
[  718.292680][T16069]  ? dev_load+0x21/0x1f0
[  718.296980][T16069]  dev_ioctl+0x392/0x1140
[  718.301333][T16069]  sock_do_ioctl+0x239/0x310
[  718.305945][T16069]  ? sock_show_fdinfo+0xb0/0xb0
[  718.310838][T16069]  sock_ioctl+0x5ba/0x7e0
[  718.315187][T16069]  ? sock_poll+0x3e0/0x3e0
[  718.319639][T16069]  ? bpf_lsm_file_ioctl+0x9/0x10
[  718.324681][T16069]  ? security_file_ioctl+0x80/0xa0
[  718.329802][T16069]  ? sock_poll+0x3e0/0x3e0
[  718.334237][T16069]  __se_sys_ioctl+0xfd/0x170
[  718.338854][T16069]  do_syscall_64+0x55/0xa0
[  718.343282][T16069]  ? clear_bhb_loop+0x40/0x90
[  718.348066][T16069]  ? clear_bhb_loop+0x40/0x90
[  718.352763][T16069]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  718.358676][T16069] RIP: 0033:0x7fc07379c819
[  718.363106][T16069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  718.382810][T16069] RSP: 002b:00007fc07457b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  718.391247][T16069] RAX: ffffffffffffffda RBX: 00007fc073a15fa0 RCX: 00007fc07379c819
[  718.399229][T16069] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000003e
[  718.407306][T16069] RBP: 00007fc07457b090 R08: 0000000000000000 R09: 0000000000000000
[  718.415288][T16069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  718.423277][T16069] R13: 00007fc073a16038 R14: 00007fc073a15fa0 R15: 00007ffc53985198
[  718.431289][T16069]  </TASK>
[  719.173485][T16086] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x37
[  719.594553][ T5769] Bluetooth: hci0: unexpected event 0x2c length: 151 > 17
[  719.597790][T16092] netlink: 'syz.3.3442': attribute type 28 has an invalid length.
[  719.619574][T16092] netlink: 'syz.3.3442': attribute type 3 has an invalid length.
[  719.629812][T16092] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3442'.
[  721.342784][T16101] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3446'.
[  721.436514][T16104] FAULT_INJECTION: forcing a failure.
[  721.436514][T16104] name failslab, interval 1, probability 0, space 0, times 0
[  721.449549][T16104] CPU: 0 PID: 16104 Comm: syz.0.3447 Not tainted syzkaller #0
[  721.457068][T16104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  721.467154][T16104] Call Trace:
[  721.470454][T16104]  <TASK>
[  721.473405][T16104]  dump_stack_lvl+0x18c/0x250
[  721.478163][T16104]  ? show_regs_print_info+0x20/0x20
[  721.483390][T16104]  ? load_image+0x420/0x420
[  721.487910][T16104]  ? skb_network_protocol+0x529/0x780
[  721.493299][T16104]  should_fail_ex+0x39d/0x4d0
[  721.498008][T16104]  should_failslab+0x9/0x20
[  721.502521][T16104]  slab_pre_alloc_hook+0x59/0x310
[  721.507607][T16104]  kmem_cache_alloc+0x5a/0x2d0
[  721.512408][T16104]  ? skb_clone+0x1eb/0x370
[  721.516854][T16104]  skb_clone+0x1eb/0x370
[  721.521101][T16104]  ? dev_queue_xmit_nit+0x212/0xbb0
[  721.526472][T16104]  dev_queue_xmit_nit+0x24d/0xbb0
[  721.531520][T16104]  ? dev_queue_xmit_nit+0x2d/0xbb0
[  721.536640][T16104]  ? validate_xmit_skb+0x949/0xf60
[  721.541755][T16104]  dev_hard_start_xmit+0x148/0x740
[  721.546902][T16104]  __dev_queue_xmit+0x19a3/0x3660
[  721.551947][T16104]  ? __dev_queue_xmit+0x265/0x3660
[  721.557066][T16104]  ? nf_nat_inet_fn+0x975/0xbe0
[  721.561936][T16104]  ? netdev_core_pick_tx+0x340/0x340
[  721.567233][T16104]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  721.573222][T16104]  ? lock_chain_count+0x20/0x20
[  721.578078][T16104]  ? nf_nat_ipv4_out+0x3af/0x4d0
[  721.583017][T16104]  ? ip_finish_output2+0xb04/0x11e0
[  721.588218][T16104]  ? ip_finish_output2+0x457/0x11e0
[  721.593502][T16104]  ip_finish_output2+0xcec/0x11e0
[  721.598528][T16104]  ? ip_finish_output2+0x457/0x11e0
[  721.603744][T16104]  ? ip_fragment+0x210/0x210
[  721.608418][T16104]  ? ip_mc_finish_output+0x250/0x250
[  721.613698][T16104]  ? ip_skb_dst_mtu+0x58a/0x9c0
[  721.618545][T16104]  ? ip_finish_output+0x3ef/0x4c0
[  721.623567][T16104]  ip_output+0x2a1/0x3b0
[  721.627807][T16104]  ? ip_output+0x60/0x3b0
[  721.632129][T16104]  iptunnel_xmit+0x4f0/0x920
[  721.636729][T16104]  ip_tunnel_xmit+0x1cbc/0x2410
[  721.641610][T16104]  ? ip4_dst_hoplimit+0x2d0/0x2d0
[  721.646692][T16104]  ? gre_build_header+0x25b/0x990
[  721.651826][T16104]  ipgre_xmit+0x7a6/0xb20
[  721.656266][T16104]  dev_hard_start_xmit+0x246/0x740
[  721.661405][T16104]  __dev_queue_xmit+0x19a3/0x3660
[  721.666440][T16104]  ? __dev_queue_xmit+0x265/0x3660
[  721.671553][T16104]  ? netdev_core_pick_tx+0x340/0x340
[  721.676840][T16104]  ? skb_release_data+0x1cf/0x800
[  721.681881][T16104]  ? pskb_expand_head+0xbfe/0x1230
[  721.687011][T16104]  __bpf_tx_skb+0x189/0x250
[  721.691514][T16104]  bpf_clone_redirect+0x30f/0x4a0
[  721.696564][T16104]  bpf_prog_208b094576c80b22+0x5e/0x63
[  721.702024][T16104]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  721.708006][T16104]  ? preempt_schedule+0xc0/0xd0
[  721.712863][T16104]  ? perf_trace_preemptirq_template+0xac/0x330
[  721.719017][T16104]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  721.724990][T16104]  ? lockdep_softirqs_on+0x580/0x580
[  721.730266][T16104]  ? lock_chain_count+0x20/0x20
[  721.735119][T16104]  ? __local_bh_disable_ip+0x108/0x1a0
[  721.740581][T16104]  ? __cant_sleep+0x220/0x220
[  721.745262][T16104]  ? __local_bh_enable_ip+0x13a/0x1c0
[  721.750634][T16104]  ? _local_bh_enable+0xa0/0xa0
[  721.755488][T16104]  ? bpf_test_timer_continue+0x135/0x380
[  721.761387][T16104]  ? bpf_test_run+0x174/0x870
[  721.766082][T16104]  bpf_test_run+0x2df/0x870
[  721.770592][T16104]  ? bpf_test_run+0x174/0x870
[  721.775322][T16104]  ? convert___skb_to_skb+0x590/0x590
[  721.780692][T16104]  ? eth_get_headlen+0x210/0x210
[  721.785641][T16104]  ? slab_build_skb+0x25f/0x3f0
[  721.790487][T16104]  ? convert___skb_to_skb+0x3d/0x590
[  721.795769][T16104]  bpf_prog_test_run_skb+0xad2/0x12b0
[  721.801150][T16104]  ? cpu_online+0x60/0x60
[  721.805503][T16104]  bpf_prog_test_run+0x321/0x390
[  721.810440][T16104]  __sys_bpf+0x49d/0x890
[  721.814699][T16104]  ? bpf_link_show_fdinfo+0x390/0x390
[  721.820077][T16104]  ? lock_chain_count+0x20/0x20
[  721.825229][T16104]  __x64_sys_bpf+0x7c/0x90
[  721.829661][T16104]  do_syscall_64+0x55/0xa0
[  721.834079][T16104]  ? clear_bhb_loop+0x40/0x90
[  721.838795][T16104]  ? clear_bhb_loop+0x40/0x90
[  721.843575][T16104]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  721.849488][T16104] RIP: 0033:0x7fc07379c819
[  721.853901][T16104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  721.873617][T16104] RSP: 002b:00007fc07457b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  721.882033][T16104] RAX: ffffffffffffffda RBX: 00007fc073a15fa0 RCX: 00007fc07379c819
[  721.890000][T16104] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  721.898141][T16104] RBP: 00007fc07457b090 R08: 0000000000000000 R09: 0000000000000000
[  721.906199][T16104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  721.914166][T16104] R13: 00007fc073a16038 R14: 00007fc073a15fa0 R15: 00007ffc53985198
[  721.922147][T16104]  </TASK>
[  722.206138][T16117] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  722.459481][ T5769] Bluetooth: hci4: unexpected event 0x2c length: 151 > 17
[  722.471581][T16136] netlink: 'syz.0.3461': attribute type 28 has an invalid length.
[  722.512855][T16136] netlink: 'syz.0.3461': attribute type 3 has an invalid length.
[  722.528571][T16136] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3461'.
[  722.713648][T16136] netlink: 'syz.0.3461': attribute type 39 has an invalid length.
[  723.533371][T16162] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3471'.
[  724.008618][T16184] FAULT_INJECTION: forcing a failure.
[  724.008618][T16184] name failslab, interval 1, probability 0, space 0, times 0
[  724.024155][T16184] CPU: 1 PID: 16184 Comm: syz.1.3480 Not tainted syzkaller #0
[  724.031675][T16184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  724.041935][T16184] Call Trace:
[  724.045284][T16184]  <TASK>
[  724.048241][T16184]  dump_stack_lvl+0x18c/0x250
[  724.052950][T16184]  ? show_regs_print_info+0x20/0x20
[  724.058184][T16184]  ? load_image+0x420/0x420
[  724.062715][T16184]  ? __local_bh_enable_ip+0x13a/0x1c0
[  724.068106][T16184]  ? lockdep_hardirqs_on+0x98/0x150
[  724.073373][T16184]  ? __local_bh_enable_ip+0x13a/0x1c0
[  724.078870][T16184]  should_fail_ex+0x39d/0x4d0
[  724.083560][T16184]  should_failslab+0x9/0x20
[  724.088076][T16184]  slab_pre_alloc_hook+0x59/0x310
[  724.093188][T16184]  ? sctp_get_port_local+0xe65/0x1620
[  724.098574][T16184]  ? sctp_add_bind_addr+0x8c/0x360
[  724.103768][T16184]  __kmem_cache_alloc_node+0x53/0x250
[  724.109134][T16184]  ? sctp_add_bind_addr+0x8c/0x360
[  724.114668][T16184]  kmalloc_trace+0x2a/0xe0
[  724.119099][T16184]  sctp_add_bind_addr+0x8c/0x360
[  724.124047][T16184]  ? sctp_auto_asconf_init+0x15c/0x1e0
[  724.129502][T16184]  sctp_do_bind+0x616/0x990
[  724.134020][T16184]  sctp_connect_new_asoc+0x26a/0x6a0
[  724.139467][T16184]  ? __sctp_connect+0xd80/0xd80
[  724.144307][T16184]  ? __local_bh_enable_ip+0x13a/0x1c0
[  724.149672][T16184]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  724.155213][T16184]  ? security_sctp_bind_connect+0x89/0xb0
[  724.160925][T16184]  sctp_sendmsg+0x1575/0x28c0
[  724.165620][T16184]  ? sctp_getsockopt+0xb60/0xb60
[  724.170563][T16184]  ? aa_sk_perm+0x83c/0x970
[  724.175066][T16184]  ? aa_af_perm+0x330/0x330
[  724.179556][T16184]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  724.185975][T16184]  ? sock_rps_record_flow+0x19/0x3f0
[  724.191289][T16184]  ? inet_sendmsg+0xe9/0x2f0
[  724.196263][T16184]  ? inet_send_prepare+0x260/0x260
[  724.201393][T16184]  ____sys_sendmsg+0x5ba/0x960
[  724.206173][T16184]  ? __lock_acquire+0x7d40/0x7d40
[  724.211281][T16184]  ? __asan_memset+0x22/0x40
[  724.215864][T16184]  ? __sys_sendmsg_sock+0x30/0x30
[  724.220895][T16184]  ? __import_iovec+0x5f2/0x850
[  724.225747][T16184]  ? import_iovec+0x73/0xa0
[  724.230350][T16184]  ___sys_sendmsg+0x2a6/0x360
[  724.235027][T16184]  ? get_pid_task+0x20/0x1e0
[  724.239703][T16184]  ? __sys_sendmsg+0x2a0/0x2a0
[  724.244466][T16184]  ? __lock_acquire+0x7d40/0x7d40
[  724.249493][T16184]  __se_sys_sendmsg+0x1c2/0x2b0
[  724.254331][T16184]  ? __x64_sys_sendmsg+0x80/0x80
[  724.259286][T16184]  ? lockdep_hardirqs_on+0x98/0x150
[  724.264476][T16184]  do_syscall_64+0x55/0xa0
[  724.268876][T16184]  ? clear_bhb_loop+0x40/0x90
[  724.273564][T16184]  ? clear_bhb_loop+0x40/0x90
[  724.278233][T16184]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  724.284122][T16184] RIP: 0033:0x7f196259c819
[  724.288529][T16184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  724.308307][T16184] RSP: 002b:00007f196341e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  724.316798][T16184] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  724.324757][T16184] RDX: 0000000040004044 RSI: 0000200000000140 RDI: 0000000000000003
[  724.332989][T16184] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  724.340964][T16184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  724.348941][T16184] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  724.356926][T16184]  </TASK>
[  724.436087][T16188] netlink: 'syz.0.3481': attribute type 15 has an invalid length.
[  724.462750][T16188] netlink: 'syz.0.3481': attribute type 5 has an invalid length.
[  724.481423][T16188] netlink: 144 bytes leftover after parsing attributes in process `syz.0.3481'.
[  724.588499][ T5769] Bluetooth: hci2: unexpected event 0x2c length: 151 > 17
[  724.623846][T16200] netlink: 'syz.1.3485': attribute type 28 has an invalid length.
[  724.642812][T16200] netlink: 'syz.1.3485': attribute type 3 has an invalid length.
[  724.651683][T16200] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3485'.
[  724.731628][T16204] syz.0.3486[16204] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  724.731908][T16204] syz.0.3486[16204] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  724.748213][T16200] netlink: 'syz.1.3485': attribute type 39 has an invalid length.
[  725.225327][T16211] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3488'.
[  726.559937][T16259] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3503'.
[  726.582498][T16259] netlink: 6 bytes leftover after parsing attributes in process `syz.2.3503'.
[  726.587026][T16254] netlink: 'syz.3.3502': attribute type 29 has an invalid length.
[  726.623441][T16254] netlink: 'syz.3.3502': attribute type 29 has an invalid length.
[  726.708362][T16271] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3508'.
[  726.807608][T16277] FAULT_INJECTION: forcing a failure.
[  726.807608][T16277] name failslab, interval 1, probability 0, space 0, times 0
[  726.877794][T16277] CPU: 1 PID: 16277 Comm: syz.1.3510 Not tainted syzkaller #0
[  726.885369][T16277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  726.895499][T16277] Call Trace:
[  726.898845][T16277]  <TASK>
[  726.901978][T16277]  dump_stack_lvl+0x18c/0x250
[  726.906761][T16277]  ? show_regs_print_info+0x20/0x20
[  726.912052][T16277]  ? load_image+0x420/0x420
[  726.916623][T16277]  ? __lock_acquire+0x7d40/0x7d40
[  726.921789][T16277]  should_fail_ex+0x39d/0x4d0
[  726.926564][T16277]  should_failslab+0x9/0x20
[  726.931143][T16277]  slab_pre_alloc_hook+0x59/0x310
[  726.936259][T16277]  ? kernel_clone+0x24b/0x8a0
[  726.941012][T16277]  ? __x64_sys_clone+0x1b7/0x230
[  726.946019][T16277]  ? do_syscall_64+0x55/0xa0
[  726.950699][T16277]  kmem_cache_alloc_node+0x60/0x320
[  726.955976][T16277]  ? alloc_vmap_area+0x1b4/0x1e30
[  726.961205][T16277]  alloc_vmap_area+0x1b4/0x1e30
[  726.966450][T16277]  ? vm_map_ram+0xcb0/0xcb0
[  726.971083][T16277]  ? rcu_is_watching+0x15/0xb0
[  726.975955][T16277]  __get_vm_area_node+0x162/0x370
[  726.981094][T16277]  __vmalloc_node_range+0x36e/0x1330
[  726.986537][T16277]  ? copy_process+0x586/0x3d80
[  726.991529][T16277]  ? free_vm_area+0x50/0x50
[  726.996117][T16277]  ? arch_dup_task_struct+0x57/0xd0
[  727.001404][T16277]  ? __asan_memcpy+0x40/0x70
[  727.006088][T16277]  dup_task_struct+0x3d0/0x7c0
[  727.010942][T16277]  ? copy_process+0x586/0x3d80
[  727.015864][T16277]  ? lockdep_hardirqs_on+0x98/0x150
[  727.021218][T16277]  copy_process+0x586/0x3d80
[  727.025891][T16277]  ? __might_fault+0xaa/0x120
[  727.030772][T16277]  ? get_pid_task+0x20/0x1e0
[  727.035486][T16277]  ? __pidfd_prepare+0x140/0x140
[  727.040582][T16277]  kernel_clone+0x24b/0x8a0
[  727.045198][T16277]  ? create_io_thread+0x190/0x190
[  727.050511][T16277]  __x64_sys_clone+0x1b7/0x230
[  727.055351][T16277]  ? __fget_files+0x43d/0x4b0
[  727.060137][T16277]  ? __ia32_sys_vfork+0x140/0x140
[  727.065333][T16277]  ? lock_chain_count+0x20/0x20
[  727.070315][T16277]  ? lockdep_hardirqs_on+0x98/0x150
[  727.075620][T16277]  do_syscall_64+0x55/0xa0
[  727.080098][T16277]  ? clear_bhb_loop+0x40/0x90
[  727.084847][T16277]  ? clear_bhb_loop+0x40/0x90
[  727.089611][T16277]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  727.095570][T16277] RIP: 0033:0x7f196259c819
[  727.100076][T16277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  727.119847][T16277] RSP: 002b:00007f196341dfd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  727.128361][T16277] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  727.136411][T16277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  727.144456][T16277] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  727.152504][T16277] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  727.160551][T16277] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  727.168687][T16277]  </TASK>
[  727.197468][T16277] syz.1.3510: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  727.214304][T16277] CPU: 1 PID: 16277 Comm: syz.1.3510 Not tainted syzkaller #0
[  727.221935][T16277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  727.232068][T16277] Call Trace:
[  727.235430][T16277]  <TASK>
[  727.238433][T16277]  dump_stack_lvl+0x18c/0x250
[  727.243215][T16277]  ? show_regs_print_info+0x20/0x20
[  727.248504][T16277]  ? load_image+0x420/0x420
[  727.253129][T16277]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  727.259644][T16277]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  727.266247][T16277]  warn_alloc+0x246/0x340
[  727.270679][T16277]  ? slab_free_freelist_hook+0x130/0x1a0
[  727.276408][T16277]  ? zone_watermark_ok_safe+0x230/0x230
[  727.282058][T16277]  ? __get_vm_area_node+0x17b/0x370
[  727.287389][T16277]  ? __get_vm_area_node+0x17b/0x370
[  727.292715][T16277]  __vmalloc_node_range+0x393/0x1330
[  727.298332][T16277]  ? free_vm_area+0x50/0x50
[  727.302920][T16277]  ? arch_dup_task_struct+0x57/0xd0
[  727.308211][T16277]  ? __asan_memcpy+0x40/0x70
[  727.312902][T16277]  dup_task_struct+0x3d0/0x7c0
[  727.317746][T16277]  ? copy_process+0x586/0x3d80
[  727.322606][T16277]  ? lockdep_hardirqs_on+0x98/0x150
[  727.327916][T16277]  copy_process+0x586/0x3d80
[  727.332765][T16277]  ? __might_fault+0xaa/0x120
[  727.337581][T16277]  ? get_pid_task+0x20/0x1e0
[  727.342235][T16277]  ? __pidfd_prepare+0x140/0x140
[  727.347257][T16277]  kernel_clone+0x24b/0x8a0
[  727.351820][T16277]  ? create_io_thread+0x190/0x190
[  727.356946][T16277]  __x64_sys_clone+0x1b7/0x230
[  727.361733][T16277]  ? __fget_files+0x43d/0x4b0
[  727.366465][T16277]  ? __ia32_sys_vfork+0x140/0x140
[  727.371582][T16277]  ? lock_chain_count+0x20/0x20
[  727.376511][T16277]  ? lockdep_hardirqs_on+0x98/0x150
[  727.381762][T16277]  do_syscall_64+0x55/0xa0
[  727.386208][T16277]  ? clear_bhb_loop+0x40/0x90
[  727.390914][T16277]  ? clear_bhb_loop+0x40/0x90
[  727.395628][T16277]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  727.401550][T16277] RIP: 0033:0x7f196259c819
[  727.405998][T16277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  727.425650][T16277] RSP: 002b:00007f196341dfd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  727.434100][T16277] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  727.442095][T16277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  727.450086][T16277] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  727.458080][T16277] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  727.466075][T16277] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  727.474135][T16277]  </TASK>
[  727.502944][T16277] Mem-Info:
[  727.506331][T16277] active_anon:10967 inactive_anon:0 isolated_anon:0
[  727.506331][T16277]  active_file:20925 inactive_file:40334 isolated_file:0
[  727.506331][T16277]  unevictable:768 dirty:447 writeback:0
[  727.506331][T16277]  slab_reclaimable:10795 slab_unreclaimable:96209
[  727.506331][T16277]  mapped:24752 shmem:1361 pagetables:601
[  727.506331][T16277]  sec_pagetables:0 bounce:0
[  727.506331][T16277]  kernel_misc_reclaimable:0
[  727.506331][T16277]  free:1329777 free_pcp:8731 free_cma:0
[  727.590386][T16277] Node 0 active_anon:44068kB inactive_anon:0kB active_file:83700kB inactive_file:161132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99008kB dirty:1788kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10544kB pagetables:2404kB sec_pagetables:0kB all_unreclaimable? no
[  727.689840][T16277] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  727.749349][T16277] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  727.809619][T16277] lowmem_reserve[]: 0 2521 2522 2522 2522
[  727.853797][T16277] Node 0 DMA32 free:1405860kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:44732kB inactive_anon:0kB active_file:83700kB inactive_file:160296kB unevictable:1536kB writepending:1788kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:19912kB local_pcp:13884kB free_cma:0kB
[  727.933701][T16277] lowmem_reserve[]: 0 0 0 0 0
[  727.938561][T16277] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:836kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  728.022793][T16277] lowmem_reserve[]: 0 0 0 0 0
[  728.027821][T16277] Node 1 Normal free:3898032kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:17644kB local_pcp:7236kB free_cma:0kB
[  728.067078][T16277] lowmem_reserve[]: 0 0 0 0 0
[  728.071860][T16277] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  728.112734][T16277] Node 0 DMA32: 2*4kB (ME) 716*8kB (UME) 954*16kB (UME) 2549*32kB (UME) 1598*64kB (UME) 581*128kB (UME) 136*256kB (UM) 56*512kB (UME) 52*1024kB (UM) 13*2048kB (UME) 240*4096kB (UM) = 1405608kB
[  728.145704][T16277] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  728.173945][T16277] Node 1 Normal: 226*4kB (UME) 51*8kB (UME) 45*16kB (UME) 58*32kB (UME) 26*64kB (UME) 8*128kB (UME) 3*256kB (UME) 1*512kB (E) 1*1024kB (U) 1*2048kB (E) 949*4096kB (M) = 3898032kB
[  728.197041][T16277] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  728.207196][T16277] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  728.216702][T16277] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  728.226535][T16277] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  728.236075][T16277] 62620 total pagecache pages
[  728.240897][T16277] 0 pages in swap cache
[  728.245135][T16277] Free swap  = 124728kB
[  728.251715][T16277] Total swap = 124996kB
[  728.255953][T16277] 2097051 pages RAM
[  728.259993][T16277] 0 pages HighMem/MovableOnly
[  728.264986][T16277] 416927 pages reserved
[  728.269497][T16277] 0 pages cma reserved
[  728.549826][T16287] mac80211_hwsim hwsim43 wlan0: entered promiscuous mode
[  728.563079][T16287] mac80211_hwsim hwsim43 wlan0: entered allmulticast mode
[  728.708491][T16295] validate_nla: 5 callbacks suppressed
[  728.708507][T16295] netlink: 'syz.3.3515': attribute type 10 has an invalid length.
[  728.739929][T16295] netlink: 'syz.3.3515': attribute type 19 has an invalid length.
[  728.761128][T16295] netlink: 14536 bytes leftover after parsing attributes in process `syz.3.3515'.
[  729.490684][T16302] netlink: 'syz.2.3519': attribute type 10 has an invalid length.
[  729.508207][T16302] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3519'.
[  729.625330][ T5769] Bluetooth: hci0: unexpected subevent 0x03 length: 150 > 9
[  729.824761][T16327] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3531'.
[  729.946917][T16331] netlink: 'syz.3.3531': attribute type 3 has an invalid length.
[  729.982851][T16331] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.3531'.
[  731.111694][T16347] netlink: 'syz.3.3536': attribute type 10 has an invalid length.
[  731.126958][T16347] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3536'.
[  731.154157][T16347] A link change request failed with some changes committed already. Interface veth1_virt_wifi may have been left with an inconsistent configuration, please check.
[  731.347531][T16359] netlink: 'syz.2.3540': attribute type 21 has an invalid length.
[  731.366249][T16359] netlink: 16174 bytes leftover after parsing attributes in process `syz.2.3540'.
[  731.478266][T16359] netlink: 105120 bytes leftover after parsing attributes in process `syz.2.3540'.
[  731.504597][T16359] netlink: 'syz.2.3540': attribute type 2 has an invalid length.
[  731.970420][T16372] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3544'.
[  732.766860][T16382] netlink: 'syz.0.3547': attribute type 10 has an invalid length.
[  732.785413][T16382] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3547'.
[  733.085491][T16398] netlink: 'syz.3.3553': attribute type 39 has an invalid length.
[  733.101176][T16399] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3554'.
[  734.369395][T16427] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3565'.
[  734.532790][T16429] netlink: 'syz.0.3564': attribute type 21 has an invalid length.
[  734.808450][T16438] netlink: 'syz.1.3567': attribute type 39 has an invalid length.
[  735.455335][T16459] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3575'.
[  735.472045][T16455] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3574'.
[  735.504361][T16455] openvswitch: netlink: Tunnel attr 0 has unexpected len 1788 expected 8
[  735.557535][T16461] netlink: 'syz.1.3576': attribute type 11 has an invalid length.
[  735.660996][T16466] FAULT_INJECTION: forcing a failure.
[  735.660996][T16466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  735.688677][T16466] CPU: 0 PID: 16466 Comm: syz.3.3578 Not tainted syzkaller #0
[  735.696199][T16466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  735.706630][T16466] Call Trace:
[  735.709934][T16466]  <TASK>
[  735.712885][T16466]  dump_stack_lvl+0x18c/0x250
[  735.717686][T16466]  ? show_regs_print_info+0x20/0x20
[  735.722920][T16466]  ? load_image+0x420/0x420
[  735.727466][T16466]  ? __might_fault+0xaa/0x120
[  735.732184][T16466]  ? __lock_acquire+0x7d40/0x7d40
[  735.737327][T16466]  should_fail_ex+0x39d/0x4d0
[  735.742041][T16466]  _copy_from_user+0x2f/0xe0
[  735.746664][T16466]  ___sys_sendmsg+0x1c7/0x360
[  735.751368][T16466]  ? get_pid_task+0x20/0x1e0
[  735.755984][T16466]  ? __sys_sendmsg+0x2a0/0x2a0
[  735.760759][T16466]  ? __lock_acquire+0x7d40/0x7d40
[  735.765794][T16466]  __se_sys_sendmsg+0x1c2/0x2b0
[  735.770644][T16466]  ? __x64_sys_sendmsg+0x80/0x80
[  735.775589][T16466]  ? lockdep_hardirqs_on+0x98/0x150
[  735.780783][T16466]  do_syscall_64+0x55/0xa0
[  735.785214][T16466]  ? clear_bhb_loop+0x40/0x90
[  735.790284][T16466]  ? clear_bhb_loop+0x40/0x90
[  735.794953][T16466]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  735.800861][T16466] RIP: 0033:0x7f816159c819
[  735.805304][T16466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  735.825012][T16466] RSP: 002b:00007f81624ba028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  735.833432][T16466] RAX: ffffffffffffffda RBX: 00007f8161815fa0 RCX: 00007f816159c819
[  735.841502][T16466] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  735.849464][T16466] RBP: 00007f81624ba090 R08: 0000000000000000 R09: 0000000000000000
[  735.857466][T16466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  735.865451][T16466] R13: 00007f8161816038 R14: 00007f8161815fa0 R15: 00007ffd88a49ad8
[  735.873536][T16466]  </TASK>
[  736.609986][T16490] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3585'.
[  737.500646][T16511] netlink: 'syz.2.3592': attribute type 39 has an invalid length.
[  737.553705][T16515] FAULT_INJECTION: forcing a failure.
[  737.553705][T16515] name failslab, interval 1, probability 0, space 0, times 0
[  737.567125][T16515] CPU: 1 PID: 16515 Comm: syz.0.3594 Not tainted syzkaller #0
[  737.574627][T16515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  737.584706][T16515] Call Trace:
[  737.588023][T16515]  <TASK>
[  737.590982][T16515]  dump_stack_lvl+0x18c/0x250
[  737.595785][T16515]  ? show_regs_print_info+0x20/0x20
[  737.601050][T16515]  ? load_image+0x420/0x420
[  737.605586][T16515]  ? __might_sleep+0xe0/0xe0
[  737.610207][T16515]  ? __lock_acquire+0x7d40/0x7d40
[  737.615261][T16515]  should_fail_ex+0x39d/0x4d0
[  737.619980][T16515]  should_failslab+0x9/0x20
[  737.624514][T16515]  slab_pre_alloc_hook+0x59/0x310
[  737.629563][T16515]  ? d_instantiate+0x6f/0x90
[  737.634175][T16515]  kmem_cache_alloc+0x5a/0x2d0
[  737.638960][T16515]  ? alloc_empty_file+0x9e/0x1d0
[  737.643926][T16515]  alloc_empty_file+0x9e/0x1d0
[  737.648723][T16515]  alloc_file+0x5c/0x600
[  737.653063][T16515]  alloc_file_pseudo+0x184/0x210
[  737.658034][T16515]  ? alloc_empty_backing_file+0xe0/0xe0
[  737.663612][T16515]  ? alloc_fd+0x58f/0x630
[  737.667944][T16515]  anon_inode_getfd+0xca/0x1c0
[  737.672781][T16515]  map_create+0xf14/0x12f0
[  737.677300][T16515]  __sys_bpf+0x651/0x890
[  737.681552][T16515]  ? bpf_link_show_fdinfo+0x390/0x390
[  737.686926][T16515]  ? lock_chain_count+0x20/0x20
[  737.691795][T16515]  __x64_sys_bpf+0x7c/0x90
[  737.696294][T16515]  do_syscall_64+0x55/0xa0
[  737.700704][T16515]  ? clear_bhb_loop+0x40/0x90
[  737.705374][T16515]  ? clear_bhb_loop+0x40/0x90
[  737.710157][T16515]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  737.716319][T16515] RIP: 0033:0x7fc07379c819
[  737.720734][T16515] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  737.740748][T16515] RSP: 002b:00007fc07457b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  737.749340][T16515] RAX: ffffffffffffffda RBX: 00007fc073a15fa0 RCX: 00007fc07379c819
[  737.757310][T16515] RDX: 0000000000000048 RSI: 0000200000000640 RDI: 0000000000000000
[  737.765276][T16515] RBP: 00007fc07457b090 R08: 0000000000000000 R09: 0000000000000000
[  737.773254][T16515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  737.781216][T16515] R13: 00007fc073a16038 R14: 00007fc073a15fa0 R15: 00007ffc53985198
[  737.789193][T16515]  </TASK>
[  739.133489][T16544] netlink: 'syz.3.3605': attribute type 39 has an invalid length.
[  739.250694][T16555] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3611'.
[  739.347562][T16557] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3610'.
[  740.001505][T16579] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3622'.
[  740.111932][T16581] netlink: 'syz.3.3621': attribute type 39 has an invalid length.
[  740.191579][T16590] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.3625'.
[  740.202132][T16590] netlink: 22856 bytes leftover after parsing attributes in process `syz.2.3625'.
[  741.367368][T16597] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3628'.
[  742.331394][T16620] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3633'.
[  742.460209][T16630] netlink: 'syz.0.3635': attribute type 3 has an invalid length.
[  742.471080][T16630] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.3635'.
[  742.674539][T16637] bridge_slave_1: left allmulticast mode
[  742.682027][T16637] bridge_slave_1: left promiscuous mode
[  742.690654][T16637] bridge0: port 2(bridge_slave_1) entered disabled state
[  742.704467][T16637] bridge_slave_0: left allmulticast mode
[  742.710162][T16637] bridge_slave_0: left promiscuous mode
[  742.731914][T16637] bridge0: port 1(bridge_slave_0) entered disabled state
[  742.972982][T16640] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3639'.
[  743.074883][T16651] netlink: 'syz.1.3644': attribute type 10 has an invalid length.
[  743.087266][T16651] netlink: 168 bytes leftover after parsing attributes in process `syz.1.3644'.
[  743.287783][T16660] netlink: 'syz.2.3648': attribute type 3 has an invalid length.
[  743.401695][T16665] sit0: entered allmulticast mode
[  743.591111][T16675] bridge_slave_1: left allmulticast mode
[  743.597737][T16675] bridge_slave_1: left promiscuous mode
[  743.603960][T16675] bridge0: port 2(bridge_slave_1) entered disabled state
[  743.616671][T16675] bridge_slave_0: left allmulticast mode
[  743.622381][T16675] bridge_slave_0: left promiscuous mode
[  743.628598][T16675] bridge0: port 1(bridge_slave_0) entered disabled state
[  744.404488][T16708] __nla_validate_parse: 6 callbacks suppressed
[  744.404508][T16708] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3666'.
[  744.476655][T16715] bridge_slave_1: left allmulticast mode
[  744.482391][T16715] bridge_slave_1: left promiscuous mode
[  744.503963][T16715] bridge0: port 2(bridge_slave_1) entered disabled state
[  744.535459][T16715] bridge_slave_0: left allmulticast mode
[  744.541495][T16715] bridge_slave_0: left promiscuous mode
[  744.553443][T16715] bridge0: port 1(bridge_slave_0) entered disabled state
[  744.748957][T16710] netlink: 'syz.0.3667': attribute type 10 has an invalid length.
[  744.847010][T16710] team0: Port device wlan1 added
[  744.869047][T16718] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3668'.
[  745.052493][T16729] FAULT_INJECTION: forcing a failure.
[  745.052493][T16729] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.060102][T16725] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3671'.
[  745.097390][T16729] CPU: 0 PID: 16729 Comm: syz.2.3673 Not tainted syzkaller #0
[  745.104907][T16729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  745.114985][T16729] Call Trace:
[  745.118291][T16729]  <TASK>
[  745.121256][T16729]  dump_stack_lvl+0x18c/0x250
[  745.125970][T16729]  ? show_regs_print_info+0x20/0x20
[  745.131202][T16729]  ? load_image+0x420/0x420
[  745.135753][T16729]  ? __might_fault+0xaa/0x120
[  745.140457][T16729]  ? __lock_acquire+0x7d40/0x7d40
[  745.145507][T16729]  ? strlen+0x32/0x70
[  745.149520][T16729]  should_fail_ex+0x39d/0x4d0
[  745.154233][T16729]  _copy_from_user+0x2f/0xe0
[  745.158843][T16729]  ___sys_sendmsg+0x1c7/0x360
[  745.163606][T16729]  ? __sys_sendmsg+0x2a0/0x2a0
[  745.168403][T16729]  __se_sys_sendmsg+0x1c2/0x2b0
[  745.173255][T16729]  ? __x64_sys_sendmsg+0x80/0x80
[  745.178242][T16729]  ? syscall_enter_from_user_mode+0x2e/0x80
[  745.184307][T16729]  do_syscall_64+0x55/0xa0
[  745.188725][T16729]  ? clear_bhb_loop+0x40/0x90
[  745.193410][T16729]  ? clear_bhb_loop+0x40/0x90
[  745.198098][T16729]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  745.203988][T16729] RIP: 0033:0x7f0055f9c819
[  745.208408][T16729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  745.228532][T16729] RSP: 002b:00007f0056d74028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  745.236945][T16729] RAX: ffffffffffffffda RBX: 00007f0056215fa0 RCX: 00007f0055f9c819
[  745.245111][T16729] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000009
[  745.253072][T16729] RBP: 00007f0056d74090 R08: 0000000000000000 R09: 0000000000000000
[  745.261041][T16729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  745.269004][T16729] R13: 00007f0056216038 R14: 00007f0056215fa0 R15: 00007ffc49084cf8
[  745.276984][T16729]  </TASK>
[  745.808745][T16740] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3677'.
[  745.932250][T16738] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3675'.
[  745.965292][T16743] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3678'.
[  746.529503][T16762] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3688'.
[  746.786440][T16757] netlink: 'syz.2.3686': attribute type 10 has an invalid length.
[  746.811171][T16757] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3686'.
[  747.266875][T16771] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3692'.
[  747.476336][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  747.482991][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  750.377591][T16788] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3699'.
[  750.764247][T16808] FAULT_INJECTION: forcing a failure.
[  750.764247][T16808] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  750.781306][T16808] CPU: 1 PID: 16808 Comm: syz.1.3706 Not tainted syzkaller #0
[  750.788826][T16808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  750.798920][T16808] Call Trace:
[  750.802238][T16808]  <TASK>
[  750.805192][T16808]  dump_stack_lvl+0x18c/0x250
[  750.809911][T16808]  ? show_regs_print_info+0x20/0x20
[  750.815316][T16808]  ? load_image+0x420/0x420
[  750.819859][T16808]  ? __might_fault+0xaa/0x120
[  750.824590][T16808]  should_fail_ex+0x39d/0x4d0
[  750.829300][T16808]  copyin+0x1a/0x90
[  750.833142][T16808]  _copy_from_iter+0x54f/0x12e0
[  750.838036][T16808]  ? slab_post_alloc_hook+0x8a/0x4b0
[  750.843354][T16808]  ? __virt_addr_valid+0x18c/0x540
[  750.848499][T16808]  ? copyout_mc+0x70/0x70
[  750.852927][T16808]  ? __virt_addr_valid+0x18c/0x540
[  750.858071][T16808]  ? __virt_addr_valid+0x18c/0x540
[  750.863306][T16808]  ? __virt_addr_valid+0x469/0x540
[  750.868534][T16808]  ? __check_object_size+0x506/0xa20
[  750.873851][T16808]  netlink_sendmsg+0x76b/0xbf0
[  750.878658][T16808]  ? netlink_getsockopt+0x590/0x590
[  750.883972][T16808]  ? aa_sock_msg_perm+0x94/0x150
[  750.888941][T16808]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  750.894260][T16808]  ? security_socket_sendmsg+0x80/0xa0
[  750.899748][T16808]  ? netlink_getsockopt+0x590/0x590
[  750.905065][T16808]  ____sys_sendmsg+0x5ba/0x960
[  750.909863][T16808]  ? __asan_memset+0x22/0x40
[  750.914476][T16808]  ? __sys_sendmsg_sock+0x30/0x30
[  750.919528][T16808]  ? __import_iovec+0x3fa/0x850
[  750.924409][T16808]  ? import_iovec+0x73/0xa0
[  750.928938][T16808]  ___sys_sendmsg+0x2a6/0x360
[  750.933735][T16808]  ? get_pid_task+0x20/0x1e0
[  750.938346][T16808]  ? __sys_sendmsg+0x2a0/0x2a0
[  750.943131][T16808]  ? __lock_acquire+0x7d40/0x7d40
[  750.948175][T16808]  __se_sys_sendmsg+0x1c2/0x2b0
[  750.953029][T16808]  ? __x64_sys_sendmsg+0x80/0x80
[  750.958068][T16808]  ? lockdep_hardirqs_on+0x98/0x150
[  750.963268][T16808]  do_syscall_64+0x55/0xa0
[  750.967684][T16808]  ? clear_bhb_loop+0x40/0x90
[  750.972453][T16808]  ? clear_bhb_loop+0x40/0x90
[  750.977137][T16808]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  750.983029][T16808] RIP: 0033:0x7f196259c819
[  750.987443][T16808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  751.007057][T16808] RSP: 002b:00007f196341e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  751.015735][T16808] RAX: ffffffffffffffda RBX: 00007f1962815fa0 RCX: 00007f196259c819
[  751.023700][T16808] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  751.031677][T16808] RBP: 00007f196341e090 R08: 0000000000000000 R09: 0000000000000000
[  751.039648][T16808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  751.047615][T16808] R13: 00007f1962816038 R14: 00007f1962815fa0 R15: 00007ffee5798338
[  751.055599][T16808]  </TASK>
[  751.137104][T16819] netlink: 'syz.2.3709': attribute type 10 has an invalid length.
[  751.261990][T16825] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3714'.
[  751.275247][T16823] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3712'.
[  751.384741][T16832] netlink: 168 bytes leftover after parsing attributes in process `syz.0.3716'.
[  752.520236][T16854] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3723'.
[  752.563229][T16860] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3725'.
[  753.128977][T16879] mac80211_hwsim hwsim45 wlan1: entered promiscuous mode
[  753.138059][T16879] mac80211_hwsim hwsim45 wlan1: entered allmulticast mode
[  753.323734][T16885] netlink: 'syz.0.3735': attribute type 9 has an invalid length.
[  753.357352][T16885] netlink: 49779 bytes leftover after parsing attributes in process `syz.0.3735'.
[  753.412343][T16884] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3737'.
[  753.444679][T16890] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3739'.
[  753.945634][T16898] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3742'.
[  754.689273][T16925] netlink: 'syz.1.3753': attribute type 3 has an invalid length.
[  754.759996][ T5769] Bluetooth: hci0: ISO packet for unknown connection handle 2097
[  755.423149][T16940] __nla_validate_parse: 2 callbacks suppressed
[  755.423295][T16940] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3761'.
[  755.670788][T16949] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3773'.
[  755.693011][T16952] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3765'.
[  755.830553][T16953] netlink: 'syz.1.3763': attribute type 4 has an invalid length.
[  755.853525][T16953] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3763'.
[  756.303575][T16961] netlink: 'syz.3.3769': attribute type 10 has an invalid length.
[  756.529263][T16961] veth1_macvtap (unregistering): left allmulticast mode
[  756.943416][T16981] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3777'.
[  757.067290][T16984] syzkaller0: entered promiscuous mode
[  757.076359][T16984] syzkaller0: entered allmulticast mode
[  757.085233][T16990] netlink: 'syz.2.3782': attribute type 10 has an invalid length.
[  757.100592][T16990] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3782'.
[  757.590507][T16988] syzkaller0: entered promiscuous mode
[  757.603495][T16988] syzkaller0: entered allmulticast mode
[  760.006551][    C0] 
[  760.006561][    C0] ================================
[  760.006567][    C0] WARNING: inconsistent lock state
[  760.006578][    C0] syzkaller #0 Not tainted
[  760.006587][    C0] --------------------------------
[  760.006592][    C0] inconsistent {INITIAL USE} -> {IN-NMI} usage.
[  760.006601][    C0] syz.2.3786/17008 [HC1[1]:SC0[0]:HE0:SE1] takes:
[  760.006621][    C0] ffff88802e098c20 (&htab->lockdep_key){....}-{2:2}, at: htab_lock_bucket+0x17d/0x300
[  760.006670][    C0] {INITIAL USE} state was registered at:
[  760.006687][    C0]   lock_acquire+0x19e/0x420
[  760.006707][    C0]   _raw_spin_lock+0x2e/0x40
[  760.006725][    C0]   htab_lock_bucket+0x17d/0x300
[  760.006741][    C0]   htab_lru_map_delete_elem+0x1a4/0x650
[  760.006757][    C0]   bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[  760.006777][    C0]   bpf_overflow_handler+0x1fc/0x510
[  760.006798][    C0]   __perf_event_overflow+0x447/0x630
[  760.006814][    C0]   perf_swevent_event+0x319/0x570
[  760.006830][    C0]   perf_bp_event+0x319/0x430
[  760.006846][    C0]   hw_breakpoint_exceptions_notify+0x23e/0x670
[  760.006865][    C0]   notifier_call_chain+0x197/0x380
[  760.006883][    C0]   atomic_notifier_call_chain+0xda/0x180
[  760.006901][    C0]   notify_die+0x145/0x1a0
[  760.006919][    C0]   notify_debug+0x2e/0x50
[  760.006931][    C0]   noist_exc_debug+0x77/0x120
[  760.006946][    C0]   asm_exc_debug+0x33/0x40
[  760.006962][    C0] irq event stamp: 918
[  760.006968][    C0] hardirqs last  enabled at (917): [<ffffffff81dece2f>] ___slab_alloc+0x10ef/0x12f0
[  760.006997][    C0] hardirqs last disabled at (918): [<ffffffff8a861903>] exc_debug+0x73/0x140
[  760.007017][    C0] softirqs last  enabled at (910): [<ffffffff88b3c14f>] netlink_insert+0x109f/0x13a0
[  760.007044][    C0] softirqs last disabled at (908): [<ffffffff8871708f>] release_sock+0x2f/0x1c0
[  760.007067][    C0] 
[  760.007067][    C0] other info that might help us debug this:
[  760.007072][    C0]  Possible unsafe locking scenario:
[  760.007072][    C0] 
[  760.007077][    C0]        CPU0
[  760.007080][    C0]        ----
[  760.007083][    C0]   lock(&htab->lockdep_key);
[  760.007095][    C0]   <Interrupt>
[  760.007099][    C0]     lock(&htab->lockdep_key);
[  760.007109][    C0] 
[  760.007109][    C0]  *** DEADLOCK ***
[  760.007109][    C0] 
[  760.007113][    C0] no locks held by syz.2.3786/17008.
[  760.007121][    C0] 
[  760.007121][    C0] stack backtrace:
[  760.007127][    C0] CPU: 0 PID: 17008 Comm: syz.2.3786 Not tainted syzkaller #0
[  760.007144][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  760.007155][    C0] Call Trace:
[  760.007163][    C0]  <#DB>
[  760.007172][    C0]  dump_stack_lvl+0x18c/0x250
[  760.007208][    C0]  ? show_regs_print_info+0x20/0x20
[  760.007249][    C0]  ? print_usage_bug+0x475/0x690
[  760.007271][    C0]  ? verify_lock_unused+0x18/0x140
[  760.007300][    C0]  lock_acquire+0x2c2/0x420
[  760.007317][    C0]  ? look_up_lock_class+0x75/0x140
[  760.007346][    C0]  ? htab_lock_bucket+0x17d/0x300
[  760.007371][    C0]  ? read_lock_is_recursive+0x20/0x20
[  760.007422][    C0]  _raw_spin_lock+0x2e/0x40
[  760.007440][    C0]  ? htab_lock_bucket+0x17d/0x300
[  760.007459][    C0]  htab_lock_bucket+0x17d/0x300
[  760.007485][    C0]  ? htab_lru_map_delete_node+0x760/0x760
[  760.007514][    C0]  ? verify_lock_unused+0x18/0x140
[  760.007539][    C0]  ? jhash+0x34e/0x740
[  760.007565][    C0]  htab_lru_map_delete_elem+0x1a4/0x650
[  760.007597][    C0]  ? htab_lru_map_update_elem+0x990/0x990
[  760.007614][    C0]  ? perf_trace_lock+0x198/0x3b0
[  760.007632][    C0]  ? perf_callchain+0x220/0x220
[  760.007668][    C0]  bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[  760.007699][    C0]  bpf_overflow_handler+0x1fc/0x510
[  760.007732][    C0]  ? bpf_overflow_handler+0xde/0x510
[  760.007757][    C0]  ? tp_perf_event_destroy+0x20/0x20
[  760.007778][    C0]  ? lock_release+0xb5/0x8c0
[  760.007812][    C0]  ? __perf_event_account_interrupt+0x187/0x280
[  760.007841][    C0]  __perf_event_overflow+0x447/0x630
[  760.007877][    C0]  perf_swevent_event+0x319/0x570
[  760.007906][    C0]  ? perf_tp_event+0x1520/0x1520
[  760.007928][    C0]  ? perf_trace_buf_alloc+0x290/0x290
[  760.007972][    C0]  perf_bp_event+0x319/0x430
[  760.008006][    C0]  ? perf_event_free_bpf_prog+0x120/0x120
[  760.008093][    C0]  ? lock_acquire+0x2c2/0x420
[  760.008131][    C0]  hw_breakpoint_exceptions_notify+0x23e/0x670
[  760.008165][    C0]  notifier_call_chain+0x197/0x380
[  760.008194][    C0]  ? atomic_notifier_call_chain+0x26/0x180
[  760.008222][    C0]  atomic_notifier_call_chain+0xda/0x180
[  760.008250][    C0]  notify_die+0x145/0x1a0
[  760.008278][    C0]  ? srcu_init_notifier_head+0x90/0x90
[  760.008319][    C0]  ? rcu_is_watching+0x15/0xb0
[  760.008349][    C0]  notify_debug+0x2e/0x50
[  760.008368][    C0]  exc_debug+0xde/0x140
[  760.008394][    C0]  asm_exc_debug+0x1e/0x40
[  760.008413][    C0] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  760.008432][    C0] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  760.008448][    C0] RSP: 0018:ffffc9000c5a7798 EFLAGS: 00050202
[  760.008463][    C0] RAX: ffffffff8427e501 RBX: 00000000000000d8 RCX: 0000000000000048
[  760.008475][    C0] RDX: 0000000000000001 RSI: 0000200000000310 RDI: ffff88802e480d90
[  760.008488][    C0] RBP: ffffc9000c5a78f0 R08: ffff88802e480dd7 R09: 1ffff11005c901ba
[  760.008501][    C0] R10: dffffc0000000000 R11: ffffed1005c901bb R12: ffff88802e480d00
[  760.008514][    C0] R13: 0000200000000280 R14: ffffc9000c5a7e38 R15: 1ffff920018b4fc7
[  760.008544][    C0]  ? _copy_from_iter+0x201/0x12e0
[  760.008583][    C0]  </#DB>
[  760.008589][    C0]  <TASK>
[  760.008594][    C0]  _copy_from_iter+0x24e/0x12e0
[  760.008617][    C0]  ? slab_post_alloc_hook+0x8a/0x4b0
[  760.008640][    C0]  ? __virt_addr_valid+0x18c/0x540
[  760.008666][    C0]  ? __lock_acquire+0x7d40/0x7d40
[  760.008692][    C0]  ? rcu_is_watching+0x15/0xb0
[  760.008725][    C0]  ? copyout_mc+0x70/0x70
[  760.008748][    C0]  ? __virt_addr_valid+0x18c/0x540
[  760.008773][    C0]  ? __virt_addr_valid+0x18c/0x540
[  760.008794][    C0]  ? __virt_addr_valid+0x469/0x540
[  760.008821][    C0]  ? __check_object_size+0x506/0xa20
[  760.008848][    C0]  netlink_sendmsg+0x76b/0xbf0
[  760.008870][    C0]  ? perf_trace_lock+0x304/0x3b0
[  760.008900][    C0]  ? netlink_getsockopt+0x590/0x590
[  760.008928][    C0]  ? aa_sock_msg_perm+0x94/0x150
[  760.008953][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  760.008972][    C0]  ? security_socket_sendmsg+0x80/0xa0
[  760.008990][    C0]  ? netlink_getsockopt+0x590/0x590
[  760.009020][    C0]  ____sys_sendmsg+0x5ba/0x960
[  760.009054][    C0]  ? __asan_memset+0x22/0x40
[  760.009078][    C0]  ? __sys_sendmsg_sock+0x30/0x30
[  760.009094][    C0]  ? __import_iovec+0x5f2/0x850
[  760.009130][    C0]  ? import_iovec+0x73/0xa0
[  760.009156][    C0]  ___sys_sendmsg+0x2a6/0x360
[  760.009187][    C0]  ? __sys_sendmsg+0x2a0/0x2a0
[  760.009301][    C0]  __se_sys_sendmsg+0x1c2/0x2b0
[  760.009328][    C0]  ? __x64_sys_sendmsg+0x80/0x80
[  760.009383][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  760.009413][    C0]  do_syscall_64+0x55/0xa0
[  760.009428][    C0]  ? clear_bhb_loop+0x40/0x90
[  760.009449][    C0]  ? clear_bhb_loop+0x40/0x90
[  760.009475][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  760.009495][    C0] RIP: 0033:0x7f0055f9c819
[  760.009514][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  760.009529][    C0] RSP: 002b:00007f0056d74028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  760.009548][    C0] RAX: ffffffffffffffda RBX: 00007f0056215fa0 RCX: 00007f0055f9c819
[  760.009561][    C0] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  760.009573][    C0] RBP: 00007f0056032c91 R08: 0000000000000000 R09: 0000000000000000
[  760.009584][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  760.009595][    C0] R13: 00007f0056216038 R14: 00007f0056215fa0 R15: 00007ffc49084cf8
[  760.009659][    C0]  </TASK>
[  760.926974][T17012] netlink: 212424 bytes leftover after parsing attributes in process `syz.3.3788'.
[  762.510032][T17008] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3786'.