last executing test programs:

2.161961049s ago: executing program 0 (id=3438):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0xfdef}], 0x1, 0x0, 0x0, 0x800300}, 0x20000801)
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000180000000000000", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/25], 0x48)
openat$cgroup_freezer_state(r1, &(0x7f0000000580), 0x2, 0x0)
close(0xffffffffffffffff)
r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7, 0x43cd, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001ac0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
socket$kcm(0x11, 0x3, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
recvmsg(r4, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
close(r4)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
close(r6)
socket$kcm(0xa, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"})
ioctl$SIOCSIFHWADDR(r6, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)

1.972369984s ago: executing program 2 (id=3439):
r0 = socket$kcm(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x1}, {0x0, 0x3, 0x8}, {0x0, 0x4, 0x10004}]}, 0x94)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x5, @empty, 0x20000, 0x1}, 0x80, 0x0}, 0x240440d1)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r4, 0x88, 0x67, &(0x7f00000002c0), 0x4)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x4e1f, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast2}}}, @ip_retopts={{0x10}}], 0x30}, 0x844)
sendmsg$kcm(r0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x20000001)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="a6", 0xffffff58}], 0x1}, 0x40001)

1.675286899s ago: executing program 3 (id=3441):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000680)={0x0, 0x61, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e1406ca000000000e000a000f000600028000001294", 0x2e}], 0x1}, 0x0)

1.673620559s ago: executing program 3 (id=3442):
r0 = socket$kcm(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x1}, {0x0, 0x3, 0x8}, {0x0, 0x4, 0x10004}]}, 0x94)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x5, @empty, 0x20000, 0x1}, 0x80, 0x0}, 0x240440d1)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r4, 0x88, 0x67, &(0x7f00000002c0), 0x4)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x4e1f, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=[@ip_retopts={{0x10}}], 0x10}, 0x844)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="a6", 0xffffff58}], 0x1}, 0x40001)

1.673062998s ago: executing program 0 (id=3447):
r0 = syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0}}, 0x10)
write$cgroup_pid(r2, &(0x7f00000005c0)=r0, 0x12)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa16ae, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x90, 0xa4, 0x2, 0x1, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x5, 0x41}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r9)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r8}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20)
syz_clone(0x21140200, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8991, &(0x7f0000001000)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed@n\x00\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xf3\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x9c\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1')
r10 = gettid()
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@rights={{0x14, 0x1, 0x1, [r6]}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xee00}}}, @rights={{0x2c, 0x1, 0x1, [r1, r5, r2, r5, r5, 0xffffffffffffffff, r1]}}, @cred={{0x1c, 0x1, 0x2, {r10, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r10, 0xffffffffffffffff}}}], 0xa8, 0x20008840}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000600)="d800000018007bf6e00212ba0d8105040a600000000f040b067c55a1bc0009003e0006990600000015000500fe", 0x2d}], 0x1, 0x0, 0x0, 0x2663}, 0x4000004)
r11 = socket$kcm(0x10, 0x2, 0x0)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r12}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb}, {0x6d}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x6, 0x1, 0xc, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_subtree(r11, &(0x7f0000000000)=ANY=[], 0xfe33)

1.671495588s ago: executing program 2 (id=3444):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000580), 0x800, r0}, 0x38) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="bf2f4fd8124254eded97e3fefe25d2d5c766db0267ffa21871ba60808d1c6c11c00bb8d63a2008c5597a1d5f0f4a2bbbd951c0ea788e21650a91bc390c5700a3993644c2bfb59102c41a7640a8d621d816d5c30e4504fc78b1f09016632d08e7e8eff2edd5242033222665fee502a1da8c5d5f341ab867eac83de4bc143443661cc26c8b32e2bf93f1086b30646c227b65718cc1a6226c26aab43a20cafe81df57eef515c575d724cfbb0bace7d9476f2360b04af0c3c517954f7690a2c974e292d719f2c3fb4820", 0xc8}], 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) (async)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x21000000, [{0x0, 0x2, 0x1000000}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, 0x0, 0x52, 0x0, 0x1}, 0x28) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={r0, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10) (async, rerun: 64)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x5, 0x4, 0x5}, {0x2, 0x3, 0xffffffff}]}, 0x94)
r5 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7) (async)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x84, 0x64, &(0x7f0000000000)=r8, 0x11) (async, rerun: 32)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000003c0)={<r9=>r1}) (rerun: 32)
sendmsg$tipc(r9, &(0x7f0000000a00)={&(0x7f0000000400)=@name={0x1e, 0x2, 0x3, {{0x2}, 0x3}}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000440)="4a486741756ca5029f3058ffe9500475a64955904097f9a42c98430fd0d9f37872b05f178c9e5dd2a1", 0x29}, {&(0x7f0000000480)="920056055f15efd83005f15edeb467c53dcb8bff5707da80f99dd8681c99f167a26b9c46c8e82f25e424ea86db914eda892e8f0e7ab325967dd0456e9475063e601641be7f1d658765dd9c640ab6c69995d5bf2d7e407190b06deadc0ed573955813be6894262d76ad9c591cd4f4e8f29d5794539f1ff6d2eb2232580e67ba690618f2be3de2c10d27bede13992e82cafa8b89d8b82ab5183e9e705c9fb7ba1834eb987fefefa3f3c6a42813d7d598c94fc7f2aabeae2e857c7ffe5cb8d44a78ffc9247bdde5dc48cfeb33d556987a590a51c6364e2ad63f443bdb9d59a2df26263134794a235f3c04", 0xe9}, {&(0x7f0000000580)="fe17e2498f00b3317d8e3144822e6d1dc45fba6a74cfbef5194d3dbc76c0b815398ba879cd4f158a49c532b245bc38d31d71a670316e2ff821d36c4c0dbb43fad44244a5a1c3369ac7a8401e1bf9ea5f5d006009e536166855ead78647c8c00934ab0b56b5f0b90a3361b03ca057a098ac2a46941f38e80fbf1587f6fdfc453ff43b7d592d53fa5dc4087aaf790fa45d0f2fb58f3bd23c2a353e163cfdb8f33afb450df2f7952fa39b", 0xa9}, {&(0x7f00000006c0)="01d749368aa6bea862bfcbcfaed05a3710edd2a4c64eabca69e170decf1de173676ecbcef06521d46d53234adeacc8f5261e388099e98d63859bce1bb99a826df58446a544805823e9153b292d381a9d9d5e86a46adaf2ccc0804e4d56d70e00fd18b96fd00d0729ad1e51519ff652db07bedf7c0ec241", 0x77}, {&(0x7f0000000740)}, {&(0x7f0000000780)="105c3e78bdf5ea8501dac033ad9e9dc751c5aacd2c84d7ee2a2197fcd4977a408914e1b8b3bee32b2d422df5a638dce41c3881b6149d17f7a10f30e2d9ae8919b4016324a49a62e96f959e560bf6181f223ae04192b67e4c14f08460aa37401699968193d56562d9e5a21fc4ca99c246f42e5fd3639580ee5d0a3fbecae0b7dd5bd5930c422787b002846e093954aec0011502549d3c53ec503f537e22ed4a1020610ba4fbc9e07a39e303de27490404fc938e10c08ba0c3d957be2c02a6c369d57fb418587747e85453947c77590bfd7ba7a92bd498e0d3c64a52af73eef454e251593b0dbb265c25f326b759003e3dfacbd5a4262c9144", 0xf8}], 0x6, &(0x7f0000000900)="9fc80fffcd7cce5b051a9750583b41eea4215ecdd4592b29ab924b83ff5be512fae4edc79e910ae6a9c9de79cd5147c8304ee19da0c519656a5cbdfa0e76d22da9d8b56a1661bbaf23326276b20b84ffa1cfc8d756717823dcb9d3ee91e962ee6c963fdd51d57f9d7a66d3f0f38421f28fa3581383e6a43cd7d039a51d8b44e2fb64616b86124958bec2f3804f67f075d43336a1b5e11c5ccd4c5b33bc58395fc2438710703db65af535e97e33e55e8c6631ac5f98175e08ea3abe1bf7931156d9850e0c7eab0c9db41d9bd078689291692ddc0180117d6c0b93738cf5464a2aac1af5999af2a981750b2286926fad12", 0xf0, 0x4000}, 0x20000060) (async, rerun: 64)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x7, '\x00', r4, r3, 0x0, 0x3, 0x5}, 0x50) (async, rerun: 64)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x6, 0x0, 0x0, 0x0, 0x7e93, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1}, 0x11efa, 0x1, 0x9b, 0x0, 0x2, 0xfffff270, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0x3, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) (async)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x6e, r0}, 0x38)

1.487692624s ago: executing program 2 (id=3445):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r1, 0x6, 0x9, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)
r2 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x84, &(0x7f0000000000), 0x90)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xb01, 0x0)
ioctl$TUNGETVNETLE(r3, 0x800454dd, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x28)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000009000000000000000000009500000000000000f2dcc6d0e5bfb6ecc27477a80d1fcf4b137d054bd61743b079bac97f2141d9f3fc65776a653c4ec621d3c20287f5605901decf24849b329a36c04e4b9ed84e68605ca797889c2552b819a920c3ea749c4760aa70f09c9c56b6a43f7c5b6d22e5b85ad8359b1ca3ce6562fb42785fa4a7fee635efcaa4ba6fab659971224383e4bf1cf7f3e03373a9750690557a2efd747ce8afce6d4cd5"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r5, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffff97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

1.440178716s ago: executing program 1 (id=3446):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
r1 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x75, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x40}, @exit], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf1}, 0x94)

1.407041769s ago: executing program 3 (id=3448):
bpf$MAP_CREATE(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="040000002000000004000000010000000018"], 0x50)

1.392759797s ago: executing program 1 (id=3449):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000b00)={&(0x7f0000000a80)=@hci={0x1f, 0x300, 0x6}, 0x80, &(0x7f00000002c0)=[{&(0x7f00000013c0)="62031400d755af176510122f1eafbcf72be12b30087f5c582d26116642c4", 0x1e}, {&(0x7f0000001400)="935deb19b2b890c21382bf1f79aa9b071cd87f9e3a38", 0x16}], 0x2}, 0x4041) (fail_nth: 8)

1.268340224s ago: executing program 0 (id=3450):
r0 = socket$kcm(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x1}, {0x0, 0x3, 0x8}, {0x0, 0x4, 0x10004}]}, 0x94)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x5, @empty, 0x20000, 0x1}, 0x80, 0x0}, 0x240440d1)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r4, 0x88, 0x67, &(0x7f00000002c0), 0x4)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x4e1f, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast2}}}, @ip_retopts={{0x10}}], 0x30}, 0x844)
sendmsg$kcm(r0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x20000001)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="a6", 0xffffff58}], 0x1}, 0x40001)

1.082359229s ago: executing program 3 (id=3451):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="97eb01001800000000000000500000005000000002000000090000000000000e03000000010000000a0000000000000203000000000000000500000d0000fa8c99dc00000100000000000000000000000000000000000000090000000000000001000000030010"], 0x0, 0x6a, 0x0, 0x0, 0x7fffffff}, 0x28)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
close(0xffffffffffffffff)
r0 = socket$kcm(0x10, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001280)='\x00', 0x1}], 0x1}, 0x480d0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})
socket$kcm(0x1e, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r1 = socket$kcm(0x29, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3efd7ab4c41335d9, @perf_config_ext={0x7, 0x4}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x10, 0x2, 0x0) (async)
r2 = socket$kcm(0x10, 0x2, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0) (async)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f00000018c0)={r2})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800"], 0x48) (async)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r4, &(0x7f0000000080)="a0", 0x0}, 0x20)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000200)="2000000020008107090f9becdb4cb96b0200000000fbff010000000000000000", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x4) (async)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000200)="2000000020008107090f9becdb4cb96b0200000000fbff010000000000000000", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x4)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r6, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg$kcm(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/43, 0x2b}, 0x100)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000004000400000000200000000000000000000030000000003000000020000000000000000000000000000010500000020000000000000000000000300000000022800000200000004"], 0x0, 0x5a}, 0x28) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000004000400000000200000000000000000000030000000003000000020000000000000000000000000000010500000020000000000000000000000300000000022800000200000004"], 0x0, 0x5a}, 0x28)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180)=0x20) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40086602, &(0x7f0000000180)=0x20)
bpf$ITER_CREATE(0x21, &(0x7f00000017c0)={r5}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001800)={0x3, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="7a0a008ce6ee42c77b4153c7e0dfe3ed4cbc7106579b10bff0ffffff000500000000000000"], &(0x7f0000000480)='syzkaller\x00'}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001800)={0x3, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="7a0a008ce6ee42c77b4153c7e0dfe3ed4cbc7106579b10bff0ffffff000500000000000000"], &(0x7f0000000480)='syzkaller\x00'}, 0x94)
recvmsg$unix(r7, &(0x7f0000001780)={&(0x7f0000000100), 0x6e, 0x0, 0x0, &(0x7f0000001680)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd8}, 0x81) (async)
recvmsg$unix(r7, &(0x7f0000001780)={&(0x7f0000000100), 0x6e, 0x0, 0x0, &(0x7f0000001680)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd8}, 0x81)

1.019521508s ago: executing program 2 (id=3452):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="190000000400000004000000ffff010000000000", @ANYRES32=0x1, @ANYBLOB="008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002"], 0x48) (fail_nth: 84)

962.804578ms ago: executing program 1 (id=3453):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9eaafdc0a00e9bfde908990817b364e51afe9c81a97f0570759f1cae63487ff68fffffffffffe8e3932e2b7185a25a4cf8a9456aa8a701c318c67edb6e9330b53c0eeba8644311ba75411890700000000000000d8e5b1dc91c5499bea0977"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x8, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xd00, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8640888a8", 0x0, 0x1200, 0x0, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x0, 0x0, 0xcfc}, 0x28)

904.714157ms ago: executing program 2 (id=3454):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffdbc, &(0x7f0000000080)=[{&(0x7f0000000040)="180000006a00f96b1324", 0x18}], 0x1}, 0x4080)
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x86bf2056334f3ae6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$tipc(r4, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000010}, 0x20000080)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x6, 0x4, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_device=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0xfda8, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x2)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmsg$tipc(r10, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x4000041)
close(r10)
r11 = socket$kcm(0xa, 0x2, 0x11)
setsockopt$sock_attach_bpf(r11, 0x1, 0x3d, &(0x7f00000002c0), 0x8)
sendmsg$sock(r11, &(0x7f00000000c0)={&(0x7f0000000180)=@in6={0xa, 0x4e22, 0x400000, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000100)=[@txtime={{0x18, 0x1, 0x3d, 0xffffffffffff0000}}], 0x18}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r9}, &(0x7f0000000240), &(0x7f0000000300)=r8}, 0x20)
ioctl$TUNSETCARRIER(r8, 0x400454e2, &(0x7f0000000080)=0x1)
r12 = socket$kcm(0x29, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r12, 0x8990, &(0x7f0000000200)={'bond0\x00', @local})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000002d030100000000009500ffb1000000006926000000000000bf67000000000000150002000fff5d004507000007000000d60600000ee60000bf1600000000000040700000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c043a7bc4b29d2dc480dd7a0d981422b32d93bad720100010000000000b39d0af449deaa27ea949e8f9000d885dfea27834aa7eb8d33ac04060630e78a30fc835e29eb532ba8546fc020c196738b5f32b09f95f5d5b196b9ffc02f952ac53e817671d1000000008ba8583aa4c77097f1c75df9bdd8288fd2f8743924cd6dd4ed457183edc74ca79c79a3da0cea39dbacd0e4b608cece26817f0f53dde0d43388e8f92d0bfdd4b427ee5b708aa2685c735f840e055a163e38a276b7fd16492587edaec8bc43f312c7ddfa59a53c9e772832f527c0ae9afcf582413f6f8c442ce39039a64965facb4340f2249cc60a8dec5b8a9ac6d60e36f57dbe1664decf85b7cae19a1d0d7bce02902284aa9041366eed09c3baafb2a4c14a373f8ffdfe107d401b7b93866f8aadff4df0f226f411d43d579541275f0bacd2dc24faf2d4d992d9f8031a422f2a30cf35e9d00644acc1ff674781281c6b93447312cc93c738b6a83a2e83225af295e0776d033557913ac9096ee1e119a06a38fcd918a18f4c01f60692a1684c55086bec71e819f8b345a5f80d3e5bc7e6854e2ea7a035b975b96e9459382fafc5f6fd106fbbd3b014b5a546f523afd9c9bed9212d7bb745123259e8f46b413e633db1668ad038725e3e01bd6707aee08b267dcd54b961c4d56b608d903ae06cc23eb1d79b3384512f2c424739aba4297063005376b6b900f3416835151fb61f08dfb4ad3732fc0f5a05339608b003a80cce6b032f13b5f2890ec29130022ff6fa874ce885e91c8e4df772286210e5aca1a64dfb12f0a2c1e992aae6afb3514afd648230650e532e8ec540a25b65657a7259922602ffdd3375a4b0f864db09907c7b8e97abb824c1f3167cff71e96682f37f37b156833d729d7369af37345fb97f3ac3e9c01328a3d7f36ae6d48c94bcf630fe6e94c5a080fe3ccde9ff72f98bd0454203a5cbe34ab7df76e54ec26942835ca6b9e0db2b24d19de496bf22d5cac91b6deb25b5622ddd7bddad97d4850735df6fff37098b06d660e5d73efdce87be427bc79e67ad31d7768d65f811ed84f29db15b8456dc951dcb8be1da330fd0c1371dbbfcedaff57e29b95b4277b46aa41eab05a756d8556d4c14b570770bc0a3c9cdd688e3e583ee2284fc32c6eed47d70c6c22c8226ae8d4144fac10d2ca22673cbe55ee11b68bf18f4811cf943b9a7f30f07be34ae41ae192b1222ccc12000966d63ee0f75e73c0ae0cd660cc27583f3a7c81f652948c92569f0ca58d4c42e91000000000000000000000000d8e5c9a920c1418f62bf914bcac98ad06c42b86346d4cc4658abfdf3475a579337d1cf5529a14b64f14c478c0e390628c4702c3daf07d681e412c91484a6bc790ecdb597a461d9ac4d69a005f3fdf015d622c027c0e0181631a9f6d56361187e2076a14caf88c82a37248ff7b26d20a1ff7c1f1a31fe22ed64360c29124bf041f978042f5a23624447ee4d1612268c80e5c3b88a2a22264ad8012750997733121fcbaa2a094ef8ab27579d4daa10d9b42b9f75ef42df0c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
write$cgroup_subtree(r8, &(0x7f0000000500)=ANY=[@ANYBLOB="8fedcb79070311"], 0xfdef)
socket$kcm(0xa, 0x1, 0x106)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x52cc)

835.998014ms ago: executing program 0 (id=3455):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000040000010000000850000006b00000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

771.638652ms ago: executing program 1 (id=3456):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x114905, 0x4, 0x9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
sendmsg$kcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000740)="2e00000010008188e6b62aa73f72cc9f0ba1f8481a0000005e140602000000000e000a00100000000a8000001294", 0x2e}], 0x1}, 0x100000000000000)

746.671218ms ago: executing program 3 (id=3457):
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x5, 0x1, 0x70, 0x6, 0x0, 0x3, 0x180, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x401, 0x4, @perf_config_ext={0x1, 0x10000000000000}, 0x1, 0x0, 0x2, 0x4, 0x7, 0x7ff, 0xf4f1, 0x0, 0x3, 0x0, 0x1}, 0x0, 0x8, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f00000000c0)=ANY=[@ANYBLOB="070000000000000000000000000000000000000000000000000000000000000000000000ac735c346f68c5e58643746fe66beab26d45965bdec277edc8ddb94af721bd06ba26d97691a6d64edb9f087b93d9e82d2c9018bc94644ed5f724d6e26c5423bc1873101118ca01a4d9f61fa74cbbcc5d5c828b730870f88c97e07fcbd237b064480316ab9423f494917dcedb94b37424e7c354c87280e4af76ffba02e76a070a87a7c7f77a3d9abcbf03bc3ea41ef9e8bc182d37ad74b9f458c529e0416ea7954ba2e00e6264c54976e015760f5ed05c028064b2138213285fa07767759eb2c663eee065c4440f2dffdb84de6a1efb44db5dee228c"])
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f00000009c0)={&(0x7f0000000240)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a'], 0x38}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xb, 0x5, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x23}, @call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x1000, 0x0, r3}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r4}, &(0x7f0000000840), &(0x7f0000000880)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r4}, &(0x7f0000000180), &(0x7f00000002c0)=r3}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x8, 0x8, &(0x7f0000000080)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x320e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

390.105122ms ago: executing program 0 (id=3458):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0xff, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x14002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b71}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, r0, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f00000001c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80feffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}})

236.259923ms ago: executing program 3 (id=3459):
r0 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x41}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x2, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000000)={0x0, 0xfffffffffffffd46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402000a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x1e, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113380000000000bf1000000000000025000200091b00003d200000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200001400000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x1, 0x4}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x10006}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b20d25a80648c2594f90124fc60100c", 0x16}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe000030"], 0xfe33)
setsockopt$sock_attach_bpf(r1, 0x29, 0x23, &(0x7f0000000040), 0xcf)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x14, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@call={0x85, 0x0, 0x0, 0xa0}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@generic={0x11, "a896a943436c6d72a83275cd8f5e7a328464e2956c246f5d8f5bd06745aa4b4a5d9022b5bf1e7dfead8a9e0e83562318d1ca3e2cacabf196b0776ec4f6870c68cd74d6638483ad8b71b731edbe24f62f42f64041633f6192f27c68b36916769cc94a3d5ddaf50aeced1b65360a851c0eb420ec69da25d8ea035e5e87ae04"}, 0x80, 0x0}, 0x4044091)

234.080693ms ago: executing program 2 (id=3460):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x1, 0x2b4}, 0x2000, 0x10000, 0x0, 0x0, 0x8, 0xfffeffff, 0x0, 0x0, 0x1, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@bloom_filter={0x1e, 0x0, 0xa612, 0x3}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r1, 0x0, 0x0}, 0x20)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r2}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x3, 0x1, 0xffff}}, 0x80, 0x0}, 0x200008d5)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e81f782db44b9b545c7910006007c09e8fe55a10a0017", 0x1f}], 0x1}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffc}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x1400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xaffffff7ffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="364000001a00"], 0x82d7)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2e, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="1802000000000000000000000000000085100000010000"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0xa}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x1})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8924, &(0x7f0000000080))
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90f24fc60", 0x14}], 0x1}, 0x2404c084)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/ipc\x00')
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)

223.018731ms ago: executing program 1 (id=3461):
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67db3e6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b19abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f0000000000f8e10238d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x8, 0x0, 0xee, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001a00)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000440)="b9ff0307683a268cb8f8ffff888e", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}, 0x50)

213.879079ms ago: executing program 0 (id=3462):
r0 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0xf9, 0x3, 0x2, 0x9, 0x0, 0x4, 0x8024, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x2, 0x3, 0x715a, 0x3, 0x0, 0x8, 0x7, 0x0, 0x6, 0x0, 0xe1}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, r0, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f0000000040)=0x700, 0x0}, 0x20)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x40000000}, 0x48)

0s ago: executing program 1 (id=3463):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r3) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r3)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12506, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000001, 0x8}, 0x7602, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x9)
r6 = openat$cgroup_procs(r5, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r6, &(0x7f0000000080), 0x12)
r8 = openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000200)=0x1, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_procs(r9, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r10, &(0x7f00000001c0), 0x12) (async)
write$cgroup_pid(r10, &(0x7f00000001c0), 0x12)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) (async)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r11}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x1005, &(0x7f0000000e00)=""/4101, 0x0, 0xc}, 0x22)

kernel console output (not intermixed with test programs):

d promiscuous mode
[  555.784974][T13280] bridge0: port 2(bridge_slave_1) entered blocking state
[  555.805608][T13280] bridge0: port 2(bridge_slave_1) entered disabled state
[  555.812994][T13280] bridge_slave_1: entered allmulticast mode
[  555.826346][T13280] bridge_slave_1: entered promiscuous mode
[  556.456557][T13280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  556.587528][T13370] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.2515'.
[  556.601730][T13280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  557.126367][T13280] team0: Port device team_slave_0 added
[  557.135240][T13280] team0: Port device team_slave_1 added
[  557.448383][T13280] batman_adv: batadv0: Adding interface: batadv_slave_0
[  557.455389][T13280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  557.505987][T13280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  557.576578][T13280] batman_adv: batadv0: Adding interface: batadv_slave_1
[  557.583700][T13280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  557.611318][T13280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  557.637242][T13404] netlink: 63503 bytes leftover after parsing attributes in process `syz.2.2524'.
[  557.747830][T13280] hsr_slave_0: entered promiscuous mode
[  557.766156][ T5768] Bluetooth: hci1: command tx timeout
[  557.826473][T13280] hsr_slave_1: entered promiscuous mode
[  557.833077][T13280] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  557.854987][T13280] Cannot create hsr debugfs directory
[  557.948102][T13410] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2526'.
[  559.856026][ T5768] Bluetooth: hci1: command tx timeout
[  561.411681][T13443] netlink: 'syz.1.2537': attribute type 21 has an invalid length.
[  561.446047][T13443] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2537'.
[  561.709092][T13453] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2539'.
[  561.932669][ T5768] Bluetooth: hci1: command tx timeout
[  562.089205][ T5920] hsr_slave_0: left promiscuous mode
[  562.130728][ T5920] hsr_slave_1: left promiscuous mode
[  563.210472][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  563.225592][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  565.702559][ T5920] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  565.750987][ T5920] team0 (unregistering): Port device team_slave_1 removed
[  565.842950][ T5920] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  565.890474][ T5920] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  566.205770][ T5920] bond0 (unregistering): Released all slaves
[  566.452816][T13488] C: renamed from team_slave_0 (while UP)
[  566.485069][T13488] netlink: 'syz.1.2548': attribute type 3 has an invalid length.
[  566.506210][T13488] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2548'.
[  566.523910][T13488] netlink: 'syz.1.2548': attribute type 3 has an invalid length.
[  566.532387][T13488] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2548'.
[  566.848776][T13280] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  566.938807][T13280] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  566.990748][T13504] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2553'.
[  569.800025][T13280] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  569.810675][T13280] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  570.065235][T13280] 8021q: adding VLAN 0 to HW filter on device bond0
[  570.118798][T13280] 8021q: adding VLAN 0 to HW filter on device team0
[  570.169007][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state
[  570.176198][ T5932] bridge0: port 1(bridge_slave_0) entered forwarding state
[  570.226200][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state
[  570.233369][ T5932] bridge0: port 2(bridge_slave_1) entered forwarding state
[  570.473922][T13537] IPv6: Can't replace route, no match found
[  571.498634][T13572] FAULT_INJECTION: forcing a failure.
[  571.498634][T13572] name failslab, interval 1, probability 0, space 0, times 0
[  571.543844][T13572] CPU: 1 PID: 13572 Comm: syz.3.2568 Not tainted syzkaller #0
[  571.551378][T13572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  571.561552][T13572] Call Trace:
[  571.564860][T13572]  <TASK>
[  571.567819][T13572]  dump_stack_lvl+0x18c/0x250
[  571.572572][T13572]  ? show_regs_print_info+0x20/0x20
[  571.577815][T13572]  ? load_image+0x400/0x400
[  571.582446][T13572]  ? __might_sleep+0xe0/0xe0
[  571.587068][T13572]  ? __lock_acquire+0x7d40/0x7d40
[  571.592127][T13572]  should_fail_ex+0x39d/0x4d0
[  571.597101][T13572]  should_failslab+0x9/0x20
[  571.601631][T13572]  slab_pre_alloc_hook+0x59/0x310
[  571.606688][T13572]  ? tomoyo_encode+0x28b/0x540
[  571.611477][T13572]  ? tomoyo_encode+0x28b/0x540
[  571.616260][T13572]  __kmem_cache_alloc_node+0x53/0x250
[  571.621684][T13572]  ? tomoyo_encode+0x28b/0x540
[  571.626477][T13572]  __kmalloc+0xa4/0x230
[  571.630670][T13572]  tomoyo_encode+0x28b/0x540
[  571.635297][T13572]  tomoyo_realpath_from_path+0x592/0x5d0
[  571.640989][T13572]  tomoyo_path_number_perm+0x248/0x620
[  571.646572][T13572]  ? tomoyo_path_number_perm+0x217/0x620
[  571.652250][T13572]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  571.657752][T13572]  ? ksys_write+0x1c4/0x260
[  571.662328][T13572]  ? __fget_files+0x28/0x4b0
[  571.666949][T13572]  ? __fget_files+0x28/0x4b0
[  571.671581][T13572]  security_file_ioctl+0x70/0xa0
[  571.676553][T13572]  __se_sys_ioctl+0x48/0x170
[  571.681207][T13572]  do_syscall_64+0x55/0xa0
[  571.685658][T13572]  ? clear_bhb_loop+0x40/0x90
[  571.690360][T13572]  ? clear_bhb_loop+0x40/0x90
[  571.695061][T13572]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  571.701071][T13572] RIP: 0033:0x7ff235d9c799
[  571.705526][T13572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  571.725169][T13572] RSP: 002b:00007ff236ca8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  571.733631][T13572] RAX: ffffffffffffffda RBX: 00007ff236015fa0 RCX: 00007ff235d9c799
[  571.741631][T13572] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000004
[  571.749623][T13572] RBP: 00007ff236ca8090 R08: 0000000000000000 R09: 0000000000000000
[  571.757627][T13572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  571.765732][T13572] R13: 00007ff236016038 R14: 00007ff236015fa0 R15: 00007fff21358688
[  571.773756][T13572]  </TASK>
[  571.831821][T13572] ERROR: Out of memory at tomoyo_realpath_from_path.
[  574.322535][T13280] 8021q: adding VLAN 0 to HW filter on device batadv0
[  574.334260][T13568] netlink: 'syz.1.2567': attribute type 10 has an invalid length.
[  574.343355][T13568] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  574.357524][T13568] batman_adv: batadv0: Removing interface: batadv_slave_0
[  574.372087][T13568] batadv_slave_0: entered promiscuous mode
[  574.379073][T13568] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  574.657512][T13280] veth0_vlan: entered promiscuous mode
[  574.694208][T13280] veth1_vlan: entered promiscuous mode
[  574.820041][T13280] veth0_macvtap: entered promiscuous mode
[  574.838258][T13598] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2572'.
[  574.864996][T13280] veth1_macvtap: entered promiscuous mode
[  574.918018][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  574.939388][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.963914][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  574.978851][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  574.991880][T13280] batman_adv: batadv0: Interface activated: batadv_slave_0
[  575.020649][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  575.062716][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.105642][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  575.156042][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.180771][T13280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  575.216877][T13611] FAULT_INJECTION: forcing a failure.
[  575.216877][T13611] name failslab, interval 1, probability 0, space 0, times 0
[  575.232941][T13280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.246700][T13280] batman_adv: batadv0: Interface activated: batadv_slave_1
[  575.254175][T13611] CPU: 1 PID: 13611 Comm: syz.2.2576 Not tainted syzkaller #0
[  575.261668][T13611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  575.271727][T13611] Call Trace:
[  575.275006][T13611]  <TASK>
[  575.277933][T13611]  dump_stack_lvl+0x18c/0x250
[  575.282613][T13611]  ? __se_sys_sendmsg+0x1c2/0x2b0
[  575.287632][T13611]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  575.293697][T13611]  ? show_regs_print_info+0x20/0x20
[  575.298898][T13611]  ? load_image+0x400/0x400
[  575.303410][T13611]  should_fail_ex+0x39d/0x4d0
[  575.308096][T13611]  should_failslab+0x9/0x20
[  575.312603][T13611]  slab_pre_alloc_hook+0x59/0x310
[  575.317644][T13611]  ? nf_ct_ext_add+0x1ab/0x440
[  575.322409][T13611]  ? nf_ct_ext_add+0x1ab/0x440
[  575.327178][T13611]  __kmem_cache_alloc_node+0x53/0x250
[  575.332554][T13611]  ? nf_ct_ext_add+0x1ab/0x440
[  575.337313][T13611]  __kmalloc_node_track_caller+0xa2/0x230
[  575.343034][T13611]  krealloc+0x86/0x120
[  575.347102][T13611]  nf_ct_ext_add+0x1ab/0x440
[  575.351695][T13611]  init_conntrack+0x69c/0xf10
[  575.356375][T13611]  ? early_drop+0x7f0/0x7f0
[  575.360875][T13611]  ? nf_conntrack_find_get+0x650/0x650
[  575.366327][T13611]  ? __local_bh_enable_ip+0x13a/0x1c0
[  575.371693][T13611]  ? __siphash_unaligned+0x22e/0x3a0
[  575.376979][T13611]  nf_conntrack_in+0xc06/0x15c0
[  575.381842][T13611]  ? nf_ct_pernet+0x270/0x270
[  575.386519][T13611]  ? ipt_do_table+0x2c1/0x15e0
[  575.391289][T13611]  ? ipv4_conntrack_defrag+0x29d/0x5a0
[  575.396755][T13611]  ? ipv4_conntrack_local+0x123/0x200
[  575.402124][T13611]  ? ipv4_conntrack_in+0x20/0x20
[  575.407074][T13611]  nf_hook_slow+0xbd/0x200
[  575.411504][T13611]  ? nf_hook+0x390/0x390
[  575.415746][T13611]  nf_hook+0x228/0x390
[  575.419818][T13611]  ? nf_hook+0xa2/0x390
[  575.423975][T13611]  ? __ip_local_out+0x5f0/0x5f0
[  575.428829][T13611]  ? nf_hook+0x390/0x390
[  575.433067][T13611]  ? __lock_acquire+0x7d40/0x7d40
[  575.438092][T13611]  ? ip_fast_csum+0x1ee/0x2b0
[  575.442764][T13611]  __ip_local_out+0x4db/0x5f0
[  575.447438][T13611]  ? nf_hook+0x390/0x390
[  575.451679][T13611]  ? __ip_queue_xmit+0x5d/0x1950
[  575.456609][T13611]  __ip_queue_xmit+0xf7c/0x1950
[  575.461460][T13611]  ? __ip_queue_xmit+0x5d/0x1950
[  575.466392][T13611]  sctp_packet_transmit+0x247d/0x2a30
[  575.471795][T13611]  sctp_packet_singleton+0x235/0x340
[  575.477083][T13611]  ? sctp_outq_select_transport+0x570/0x570
[  575.482999][T13611]  ? sctp_outq_select_transport+0x45d/0x570
[  575.488892][T13611]  ? sctp_transport_burst_limited+0x197/0x280
[  575.494987][T13611]  sctp_outq_flush+0x50e/0x3120
[  575.499854][T13611]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  575.505788][T13611]  ? _raw_spin_unlock+0x40/0x40
[  575.510638][T13611]  ? rcu_is_watching+0x15/0xb0
[  575.515399][T13611]  ? enqueue_timer+0x23d/0x550
[  575.520160][T13611]  ? sctp_outq_tail+0x8a0/0x8a0
[  575.525015][T13611]  ? sctp_outq_tail+0x604/0x8a0
[  575.529869][T13611]  ? sctp_outq_uncork+0x4d/0xa0
[  575.534897][T13611]  sctp_do_sm+0x533b/0x5a60
[  575.539409][T13611]  ? do_syscall_64+0x55/0xa0
[  575.543999][T13611]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  575.550068][T13611]  ? sctp_generate_t3_rtx_event+0x340/0x340
[  575.555997][T13611]  ? __sk_mem_raise_allocated+0xa29/0x1340
[  575.561815][T13611]  sctp_primitive_ASSOCIATE+0x95/0xc0
[  575.567209][T13611]  sctp_sendmsg_to_asoc+0x10a6/0x1830
[  575.572584][T13611]  ? __asan_memcpy+0x40/0x70
[  575.577177][T13611]  ? sctp_assoc_add_peer+0xcf3/0x1390
[  575.582564][T13611]  ? sctp_sendmsg_check_sflags+0x2d0/0x2d0
[  575.588373][T13611]  ? __sctp_connect+0xd80/0xd80
[  575.593219][T13611]  ? __local_bh_enable_ip+0x13a/0x1c0
[  575.598607][T13611]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  575.604171][T13611]  ? security_sctp_bind_connect+0x89/0xb0
[  575.609916][T13611]  sctp_sendmsg+0x1b83/0x28c0
[  575.614612][T13611]  ? sctp_getsockopt+0xb60/0xb60
[  575.619721][T13611]  ? aa_sk_perm+0x83c/0x970
[  575.624248][T13611]  ? aa_af_perm+0x330/0x330
[  575.628756][T13611]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  575.635173][T13611]  ? sock_rps_record_flow+0x19/0x3f0
[  575.640456][T13611]  ? inet_sendmsg+0xe9/0x2f0
[  575.645128][T13611]  ? inet_send_prepare+0x260/0x260
[  575.650235][T13611]  ____sys_sendmsg+0x5ba/0x960
[  575.655014][T13611]  ? __lock_acquire+0x7d40/0x7d40
[  575.660044][T13611]  ? __asan_memset+0x22/0x40
[  575.664633][T13611]  ? __sys_sendmsg_sock+0x30/0x30
[  575.669649][T13611]  ? __import_iovec+0x5f2/0x850
[  575.674529][T13611]  ? import_iovec+0x73/0xa0
[  575.679030][T13611]  ___sys_sendmsg+0x2a6/0x360
[  575.683702][T13611]  ? get_pid_task+0x20/0x1e0
[  575.688294][T13611]  ? __sys_sendmsg+0x2a0/0x2a0
[  575.693070][T13611]  ? __lock_acquire+0x7d40/0x7d40
[  575.698199][T13611]  __se_sys_sendmsg+0x1c2/0x2b0
[  575.703049][T13611]  ? __x64_sys_sendmsg+0x80/0x80
[  575.707999][T13611]  ? lockdep_hardirqs_on+0x98/0x150
[  575.713287][T13611]  do_syscall_64+0x55/0xa0
[  575.717703][T13611]  ? clear_bhb_loop+0x40/0x90
[  575.722391][T13611]  ? clear_bhb_loop+0x40/0x90
[  575.727070][T13611]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  575.732984][T13611] RIP: 0033:0x7f891799c799
[  575.737398][T13611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  575.756999][T13611] RSP: 002b:00007f8918868028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  575.765411][T13611] RAX: ffffffffffffffda RBX: 00007f8917c15fa0 RCX: 00007f891799c799
[  575.773399][T13611] RDX: 0000000000000c54 RSI: 0000200000000380 RDI: 0000000000000003
[  575.781365][T13611] RBP: 00007f8918868090 R08: 0000000000000000 R09: 0000000000000000
[  575.789335][T13611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  575.797303][T13611] R13: 00007f8917c16038 R14: 00007f8917c15fa0 R15: 00007ffd55c99cb8
[  575.805287][T13611]  </TASK>
[  575.815249][T13280] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  575.824076][T13280] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  575.833416][T13280] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  575.842314][T13280] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  576.112150][ T5920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  576.145598][ T5920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  576.200809][ T5929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  576.229853][ T5929] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  579.201204][T13644] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.2494'.
[  579.391222][T13651] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2582'.
[  579.663578][T13665] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2587'.
[  583.526795][T13683] netlink: 'syz.1.2594': attribute type 10 has an invalid length.
[  583.554711][T13683] netlink: 65015 bytes leftover after parsing attributes in process `syz.1.2594'.
[  583.781018][T13698] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2599'.
[  583.844556][T13700] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2600'.
[  584.105339][T13706] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2603'.
[  584.170907][T13710] Dead loop on virtual device ip6_vti0, fix it urgently!
[  587.876918][T13733] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2613'.
[  588.848267][T13741] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2624'.
[  588.922176][T13743] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2616'.
[  591.022224][T13735] netlink: 'syz.0.2614': attribute type 10 has an invalid length.
[  591.051396][T13735] team0: Device wg1 is of different type
[  591.240114][T13759] netlink: 'syz.1.2621': attribute type 10 has an invalid length.
[  594.251720][T13759] bond0: (slave netdevsim0): Releasing backup interface
[  594.497969][T13777] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2627'.
[  594.694693][T13783] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2628'.
[  597.482320][T13805] FAULT_INJECTION: forcing a failure.
[  597.482320][T13805] name failslab, interval 1, probability 0, space 0, times 0
[  597.518401][T13807] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2638'.
[  597.554479][T13805] CPU: 0 PID: 13805 Comm: syz.3.2637 Not tainted syzkaller #0
[  597.562014][T13805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  597.572097][T13805] Call Trace:
[  597.575409][T13805]  <TASK>
[  597.578365][T13805]  dump_stack_lvl+0x18c/0x250
[  597.583086][T13805]  ? sctp_sendmsg+0x1575/0x28c0
[  597.587966][T13805]  ? ___sys_sendmsg+0x2a6/0x360
[  597.592843][T13805]  ? show_regs_print_info+0x20/0x20
[  597.598071][T13805]  ? load_image+0x400/0x400
[  597.602623][T13805]  should_fail_ex+0x39d/0x4d0
[  597.607347][T13805]  should_failslab+0x9/0x20
[  597.611878][T13805]  slab_pre_alloc_hook+0x59/0x310
[  597.616936][T13805]  ? sctp_add_bind_addr+0x8c/0x360
[  597.622071][T13805]  __kmem_cache_alloc_node+0x53/0x250
[  597.627475][T13805]  ? sctp_add_bind_addr+0x8c/0x360
[  597.632611][T13805]  kmalloc_trace+0x2a/0xe0
[  597.637055][T13805]  sctp_add_bind_addr+0x8c/0x360
[  597.642019][T13805]  sctp_copy_local_addr_list+0x315/0x4f0
[  597.647704][T13805]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  597.653449][T13805]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  597.659546][T13805]  ? sctp_v4_is_any+0x35/0x60
[  597.664244][T13805]  ? sctp_copy_one_addr+0x8c/0x350
[  597.669664][T13805]  sctp_bind_addr_copy+0xb3/0x3c0
[  597.674735][T13805]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  597.681097][T13805]  sctp_connect_new_asoc+0x2f9/0x6a0
[  597.686424][T13805]  ? __sctp_connect+0xd80/0xd80
[  597.691296][T13805]  ? __local_bh_enable_ip+0x13a/0x1c0
[  597.696703][T13805]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  597.702282][T13805]  ? security_sctp_bind_connect+0x89/0xb0
[  597.708033][T13805]  sctp_sendmsg+0x1575/0x28c0
[  597.712752][T13805]  ? sctp_getsockopt+0xb60/0xb60
[  597.717723][T13805]  ? aa_sk_perm+0x83c/0x970
[  597.722249][T13805]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  597.728514][T13805]  ? lockdep_hardirqs_on+0x98/0x150
[  597.733748][T13805]  ? aa_af_perm+0x330/0x330
[  597.739117][T13805]  ? sock_rps_record_flow+0x19/0x3f0
[  597.744435][T13805]  ? inet_sendmsg+0xe9/0x2f0
[  597.749050][T13805]  ? inet_send_prepare+0x260/0x260
[  597.754190][T13805]  ____sys_sendmsg+0x5ba/0x960
[  597.758978][T13805]  ? __lock_acquire+0x7d40/0x7d40
[  597.764042][T13805]  ? __asan_memset+0x22/0x40
[  597.768655][T13805]  ? __sys_sendmsg_sock+0x30/0x30
[  597.773713][T13805]  ? __import_iovec+0x5f2/0x850
[  597.778611][T13805]  ? import_iovec+0x73/0xa0
[  597.783144][T13805]  ___sys_sendmsg+0x2a6/0x360
[  597.787861][T13805]  ? __sys_sendmsg+0x2a0/0x2a0
[  597.792705][T13805]  __se_sys_sendmsg+0x1c2/0x2b0
[  597.797590][T13805]  ? __x64_sys_sendmsg+0x80/0x80
[  597.802570][T13805]  ? syscall_enter_from_user_mode+0x2e/0x80
[  597.808494][T13805]  do_syscall_64+0x55/0xa0
[  597.812937][T13805]  ? clear_bhb_loop+0x40/0x90
[  597.817641][T13805]  ? clear_bhb_loop+0x40/0x90
[  597.822362][T13805]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  597.828273][T13805] RIP: 0033:0x7ff235d9c799
[  597.832790][T13805] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  597.852423][T13805] RSP: 002b:00007ff236ca8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  597.860867][T13805] RAX: ffffffffffffffda RBX: 00007ff236015fa0 RCX: 00007ff235d9c799
[  597.868865][T13805] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000011
[  597.876959][T13805] RBP: 00007ff236ca8090 R08: 0000000000000000 R09: 0000000000000000
[  597.884950][T13805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  597.892940][T13805] R13: 00007ff236016038 R14: 00007ff236015fa0 R15: 00007fff21358688
[  597.900951][T13805]  </TASK>
[  598.621247][T13820] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.2640'.
[  598.634302][T13820] netlink: 22856 bytes leftover after parsing attributes in process `syz.2.2640'.
[  600.625099][ T1114] tipc: Subscription rejected, illegal request
[  600.634935][T13829] FAULT_INJECTION: forcing a failure.
[  600.634935][T13829] name failslab, interval 1, probability 0, space 0, times 0
[  600.647920][T13829] CPU: 1 PID: 13829 Comm: syz.1.2645 Not tainted syzkaller #0
[  600.655416][T13829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  600.665498][T13829] Call Trace:
[  600.668880][T13829]  <TASK>
[  600.671818][T13829]  dump_stack_lvl+0x18c/0x250
[  600.676523][T13829]  ? show_regs_print_info+0x20/0x20
[  600.681912][T13829]  ? load_image+0x400/0x400
[  600.686435][T13829]  ? __lock_acquire+0x1347/0x7d40
[  600.691486][T13829]  ? run_filter+0x23/0x260
[  600.696003][T13829]  should_fail_ex+0x39d/0x4d0
[  600.700714][T13829]  should_failslab+0x9/0x20
[  600.705237][T13829]  slab_pre_alloc_hook+0x59/0x310
[  600.710283][T13829]  ? __lock_acquire+0x7d40/0x7d40
[  600.715354][T13829]  ? __lock_acquire+0x1273/0x7d40
[  600.720392][T13829]  kmem_cache_alloc+0x5a/0x2d0
[  600.725162][T13829]  ? skb_clone+0x1eb/0x370
[  600.729586][T13829]  skb_clone+0x1eb/0x370
[  600.733821][T13829]  ? packet_rcv+0x47a/0x13d0
[  600.738411][T13829]  packet_rcv+0x5dd/0x13d0
[  600.742831][T13829]  ? fanout_init_data+0xf0/0xf0
[  600.747689][T13829]  __netif_receive_skb_core+0xcff/0x3af0
[  600.753327][T13829]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  600.759310][T13829]  ? qdisc_run+0x230/0x230
[  600.763721][T13829]  ? ktime_get_real_ts64+0x440/0x440
[  600.769005][T13829]  ? read_lock_is_recursive+0x20/0x20
[  600.774375][T13829]  __netif_receive_skb+0x74/0x290
[  600.779400][T13829]  ? netif_receive_skb+0x106/0x720
[  600.784508][T13829]  netif_receive_skb+0x1bc/0x720
[  600.789443][T13829]  ? enqueue_to_backlog+0xe30/0xe30
[  600.794643][T13829]  ? __lock_acquire+0x7d40/0x7d40
[  600.799663][T13829]  ? tun_rx_batched+0x186/0x790
[  600.804511][T13829]  tun_rx_batched+0x1df/0x790
[  600.809195][T13829]  ? pskb_may_pull+0xf0/0xf0
[  600.813794][T13829]  ? __local_bh_enable_ip+0x13a/0x1c0
[  600.819182][T13829]  ? lockdep_hardirqs_on+0x98/0x150
[  600.824376][T13829]  ? read_lock_is_recursive+0x20/0x20
[  600.829827][T13829]  ? __local_bh_enable_ip+0x13a/0x1c0
[  600.835194][T13829]  ? _local_bh_enable+0xa0/0xa0
[  600.840037][T13829]  ? skb_copy_datagram_from_iter+0x62e/0x6e0
[  600.846032][T13829]  tun_get_user+0x28a3/0x3ca0
[  600.850707][T13829]  ? tun_get_user+0x24d9/0x3ca0
[  600.855555][T13829]  ? aa_file_perm+0x11b/0xee0
[  600.860233][T13829]  ? rcu_read_unlock+0xa0/0xa0
[  600.865088][T13829]  ? tun_get+0x1c/0x2e0
[  600.869274][T13829]  ? __lock_acquire+0x7d40/0x7d40
[  600.874297][T13829]  ? tun_get+0x1c/0x2e0
[  600.878458][T13829]  tun_chr_write_iter+0x119/0x200
[  600.883475][T13829]  vfs_write+0x46c/0x990
[  600.887718][T13829]  ? file_end_write+0x250/0x250
[  600.892568][T13829]  ? __fget_files+0x43d/0x4b0
[  600.897251][T13829]  ? __fdget_pos+0x1d8/0x330
[  600.901832][T13829]  ? ksys_write+0x75/0x260
[  600.906246][T13829]  ksys_write+0x150/0x260
[  600.911113][T13829]  ? __ia32_sys_read+0x90/0x90
[  600.915891][T13829]  ? lockdep_hardirqs_on+0x98/0x150
[  600.921100][T13829]  do_syscall_64+0x55/0xa0
[  600.925519][T13829]  ? clear_bhb_loop+0x40/0x90
[  600.930196][T13829]  ? clear_bhb_loop+0x40/0x90
[  600.934867][T13829]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  600.940769][T13829] RIP: 0033:0x7f0b52b9c799
[  600.945183][T13829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  600.965045][T13829] RSP: 002b:00007f0b53b01028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  600.973455][T13829] RAX: ffffffffffffffda RBX: 00007f0b52e15fa0 RCX: 00007f0b52b9c799
[  600.981419][T13829] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8
[  600.989396][T13829] RBP: 00007f0b53b01090 R08: 0000000000000000 R09: 0000000000000000
[  600.997360][T13829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  601.005323][T13829] R13: 00007f0b52e16038 R14: 00007f0b52e15fa0 R15: 00007ffc11a4d438
[  601.013390][T13829]  </TASK>
[  601.196971][T13837] FAULT_INJECTION: forcing a failure.
[  601.196971][T13837] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  601.219570][T13837] CPU: 0 PID: 13837 Comm: syz.0.2649 Not tainted syzkaller #0
[  601.227086][T13837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  601.237161][T13837] Call Trace:
[  601.240453][T13837]  <TASK>
[  601.243396][T13837]  dump_stack_lvl+0x18c/0x250
[  601.248103][T13837]  ? show_regs_print_info+0x20/0x20
[  601.253328][T13837]  ? load_image+0x400/0x400
[  601.257854][T13837]  ? __lock_acquire+0x7d40/0x7d40
[  601.262907][T13837]  should_fail_ex+0x39d/0x4d0
[  601.267612][T13837]  prepare_alloc_pages+0x1e2/0x5f0
[  601.272756][T13837]  __alloc_pages+0x134/0x460
[  601.277366][T13837]  ? rcu_is_watching+0x15/0xb0
[  601.282151][T13837]  ? zone_statistics+0x170/0x170
[  601.287116][T13837]  ? __build_skb_around+0x255/0x3d0
[  601.292349][T13837]  alloc_skb_with_frags+0x23c/0x7b0
[  601.297561][T13837]  sock_alloc_send_pskb+0x883/0x9a0
[  601.302777][T13837]  ? sock_kzfree_s+0x50/0x50
[  601.307409][T13837]  tun_get_user+0x82c/0x3ca0
[  601.312026][T13837]  ? aa_file_perm+0x11b/0xee0
[  601.316727][T13837]  ? rcu_read_unlock+0xa0/0xa0
[  601.321516][T13837]  ? tun_get+0x1c/0x2e0
[  601.325692][T13837]  ? __lock_acquire+0x7d40/0x7d40
[  601.330749][T13837]  ? tun_get+0x1c/0x2e0
[  601.334929][T13837]  tun_chr_write_iter+0x119/0x200
[  601.339970][T13837]  vfs_write+0x46c/0x990
[  601.344230][T13837]  ? file_end_write+0x250/0x250
[  601.349097][T13837]  ? __fget_files+0x43d/0x4b0
[  601.353786][T13837]  ? __fdget_pos+0x1d8/0x330
[  601.358375][T13837]  ? ksys_write+0x75/0x260
[  601.362792][T13837]  ksys_write+0x150/0x260
[  601.367120][T13837]  ? __ia32_sys_read+0x90/0x90
[  601.371881][T13837]  ? lockdep_hardirqs_on+0x98/0x150
[  601.377075][T13837]  do_syscall_64+0x55/0xa0
[  601.381534][T13837]  ? clear_bhb_loop+0x40/0x90
[  601.386204][T13837]  ? clear_bhb_loop+0x40/0x90
[  601.390877][T13837]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  601.396763][T13837] RIP: 0033:0x7fcd0279c799
[  601.401176][T13837] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  601.420774][T13837] RSP: 002b:00007fcd035ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  601.429201][T13837] RAX: ffffffffffffffda RBX: 00007fcd02a15fa0 RCX: 00007fcd0279c799
[  601.437167][T13837] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8
[  601.445133][T13837] RBP: 00007fcd035ed090 R08: 0000000000000000 R09: 0000000000000000
[  601.453092][T13837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.461054][T13837] R13: 00007fcd02a16038 R14: 00007fcd02a15fa0 R15: 00007ffd12f42268
[  601.469059][T13837]  </TASK>
[  601.607113][T13850] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2651'.
[  605.101684][T13880] netlink: 'syz.3.2660': attribute type 3 has an invalid length.
[  605.132135][T13880] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2660'.
[  605.132686][T13883] netlink: 'syz.0.2663': attribute type 10 has an invalid length.
[  605.150404][T13883] syz_tun: entered promiscuous mode
[  605.172819][T13883] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  605.176483][T13880] netlink: 'syz.3.2660': attribute type 3 has an invalid length.
[  605.185357][T13884] netlink: 'syz.2.2662': attribute type 10 has an invalid length.
[  605.205731][T13884] team0: Device wg1 is up. Set it down before adding it as a team port
[  605.211216][T13880] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.2660'.
[  605.593568][T13902] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.2670'.
[  605.603857][T13903] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.2670'.
[  608.869773][T13930] netlink: 'syz.1.2676': attribute type 25 has an invalid length.
[  608.879139][T13930] netlink: 'syz.1.2676': attribute type 9 has an invalid length.
[  609.267878][T13940] syz.2.2681[13940] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  609.268009][T13940] syz.2.2681[13940] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  609.309020][ T5768] Bluetooth: hci0: ISO packet for unknown connection handle 3852
[  609.645685][T13951] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2684'.
[  609.661976][T13954] netlink: 'syz.2.2683': attribute type 3 has an invalid length.
[  609.670771][T13954] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2683'.
[  609.681384][T13954] FAULT_INJECTION: forcing a failure.
[  609.681384][T13954] name failslab, interval 1, probability 0, space 0, times 0
[  609.694842][T13954] CPU: 1 PID: 13954 Comm: syz.2.2683 Not tainted syzkaller #0
[  609.702335][T13954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  609.712421][T13954] Call Trace:
[  609.715719][T13954]  <TASK>
[  609.718670][T13954]  dump_stack_lvl+0x18c/0x250
[  609.723379][T13954]  ? show_regs_print_info+0x20/0x20
[  609.728619][T13954]  ? load_image+0x400/0x400
[  609.733409][T13954]  ? __might_sleep+0xe0/0xe0
[  609.738020][T13954]  ? __lock_acquire+0x7d40/0x7d40
[  609.743069][T13954]  should_fail_ex+0x39d/0x4d0
[  609.747775][T13954]  should_failslab+0x9/0x20
[  609.752300][T13954]  slab_pre_alloc_hook+0x59/0x310
[  609.757353][T13954]  kmem_cache_alloc_node+0x60/0x320
[  609.762585][T13954]  ? __alloc_skb+0x103/0x2c0
[  609.767295][T13954]  __alloc_skb+0x103/0x2c0
[  609.771743][T13954]  inet6_rtm_getroute+0xd0f/0x17c0
[  609.776965][T13954]  ? inet6_rtm_getroute+0x912/0x17c0
[  609.782643][T13954]  ? inet6_rtm_delroute+0x600/0x600
[  609.787908][T13954]  ? inet6_rtm_delroute+0x600/0x600
[  609.793220][T13954]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  609.798351][T13954]  ? inet6_rtm_delroute+0x600/0x600
[  609.803663][T13954]  rtnetlink_rcv_msg+0x8b8/0xfa0
[  609.808717][T13954]  ? rtnetlink_bind+0x80/0x80
[  609.813423][T13954]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  609.819602][T13954]  ? lockdep_hardirqs_on+0x98/0x150
[  609.824823][T13954]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  609.831009][T13954]  ? __dev_queue_xmit+0x265/0x3660
[  609.836161][T13954]  ? __local_bh_enable_ip+0x142/0x1c0
[  609.841575][T13954]  ? _local_bh_enable+0xa0/0xa0
[  609.846461][T13954]  ? __dev_queue_xmit+0x265/0x3660
[  609.851605][T13954]  ? __dev_queue_xmit+0x265/0x3660
[  609.856748][T13954]  ? __dev_queue_xmit+0x1b2c/0x3660
[  609.861984][T13954]  ? __dev_queue_xmit+0x265/0x3660
[  609.867135][T13954]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  609.873145][T13954]  ? lock_chain_count+0x20/0x20
[  609.878031][T13954]  ? ref_tracker_free+0x690/0x840
[  609.883091][T13954]  netlink_rcv_skb+0x241/0x4d0
[  609.888139][T13954]  ? rtnetlink_bind+0x80/0x80
[  609.892842][T13954]  ? netlink_ack+0x1180/0x1180
[  609.897649][T13954]  ? __lock_acquire+0x7d40/0x7d40
[  609.902714][T13954]  ? netlink_deliver_tap+0x2e/0x1b0
[  609.907948][T13954]  netlink_unicast+0x751/0x8d0
[  609.912841][T13954]  netlink_sendmsg+0x8d0/0xbf0
[  609.917651][T13954]  ? lockdep_hardirqs_on+0x98/0x150
[  609.922877][T13954]  ? netlink_getsockopt+0x590/0x590
[  609.928114][T13954]  ? netlink_getsockopt+0x590/0x590
[  609.933346][T13954]  ____sys_sendmsg+0x5ba/0x960
[  609.938138][T13954]  ? __asan_memset+0x22/0x40
[  609.942753][T13954]  ? __sys_sendmsg_sock+0x30/0x30
[  609.947801][T13954]  ? __import_iovec+0x5f2/0x850
[  609.952692][T13954]  ? import_iovec+0x73/0xa0
[  609.957221][T13954]  ___sys_sendmsg+0x2a6/0x360
[  609.961921][T13954]  ? __sys_sendmsg+0x2a0/0x2a0
[  609.966751][T13954]  __se_sys_sendmsg+0x1c2/0x2b0
[  609.971627][T13954]  ? __x64_sys_sendmsg+0x80/0x80
[  609.976600][T13954]  ? syscall_enter_from_user_mode+0x2e/0x80
[  609.982520][T13954]  do_syscall_64+0x55/0xa0
[  609.986972][T13954]  ? clear_bhb_loop+0x40/0x90
[  609.991667][T13954]  ? clear_bhb_loop+0x40/0x90
[  609.996365][T13954]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  610.002299][T13954] RIP: 0033:0x7f891799c799
[  610.006739][T13954] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  610.026372][T13954] RSP: 002b:00007f8918868028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  610.034818][T13954] RAX: ffffffffffffffda RBX: 00007f8917c15fa0 RCX: 00007f891799c799
[  610.042817][T13954] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  610.050816][T13954] RBP: 00007f8918868090 R08: 0000000000000000 R09: 0000000000000000
[  610.058808][T13954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  610.066808][T13954] R13: 00007f8917c16038 R14: 00007f8917c15fa0 R15: 00007ffd55c99cb8
[  610.074816][T13954]  </TASK>
[  612.751823][T13964] netlink: 'syz.3.2688': attribute type 2 has an invalid length.
[  612.779950][T13964] netlink: 'syz.3.2688': attribute type 3 has an invalid length.
[  612.806290][T13964] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2688'.
[  613.365373][T13992] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2697'.
[  613.434994][T13987] netlink: 'syz.0.2695': attribute type 10 has an invalid length.
[  613.584856][T13987] team0: Device ipvlan1 failed to register rx_handler
[  613.615925][T13998] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2699'.
[  613.769647][T13973] delete_channel: no stack
[  616.606236][T14001] syzkaller0: entered allmulticast mode
[  616.828451][T14015] syz.0.2703[14015] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  616.828691][T14015] syz.0.2703[14015] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  616.988689][T14020] netlink: 'syz.2.2706': attribute type 17 has an invalid length.
[  617.017080][T14020] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2706'.
[  617.178195][T14023] syzkaller0: entered promiscuous mode
[  617.183724][T14023] syzkaller0: entered allmulticast mode
[  617.470132][T14042] netlink: 21 bytes leftover after parsing attributes in process `syz.0.2714'.
[  617.479503][T14042] ksmbd: Unknown IPC event: 0, ignore.
[  617.750409][T14048] netlink: 212912 bytes leftover after parsing attributes in process `syz.0.2714'.
[  617.761440][T14048] openvswitch: netlink: IP tunnel dst address not specified
[  620.495245][T14055] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2716'.
[  620.999826][T14058] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2718'.
[  621.585896][T14060] FAULT_INJECTION: forcing a failure.
[  621.585896][T14060] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  621.601342][T14060] CPU: 0 PID: 14060 Comm: syz.3.2719 Not tainted syzkaller #0
[  621.608853][T14060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  621.613731][ T5768] Bluetooth: hci4: command 0x0406 tx timeout
[  621.618908][T14060] Call Trace:
[  621.618920][T14060]  <TASK>
[  621.618927][T14060]  dump_stack_lvl+0x18c/0x250
[  621.618957][T14060]  ? show_regs_print_info+0x20/0x20
[  621.618979][T14060]  ? load_image+0x400/0x400
[  621.619000][T14060]  ? __might_fault+0xaa/0x120
[  621.650230][T14060]  ? __lock_acquire+0x7d40/0x7d40
[  621.655281][T14060]  should_fail_ex+0x39d/0x4d0
[  621.659960][T14060]  _copy_from_user+0x2f/0xe0
[  621.664657][T14060]  sctp_setsockopt+0x19e/0x11e0
[  621.669520][T14060]  ? sock_common_recvmsg+0x190/0x190
[  621.674819][T14060]  do_sock_setsockopt+0x175/0x1a0
[  621.679832][T14060]  ? __fdget+0x180/0x210
[  621.684070][T14060]  __x64_sys_setsockopt+0x182/0x200
[  621.689265][T14060]  do_syscall_64+0x55/0xa0
[  621.693684][T14060]  ? clear_bhb_loop+0x40/0x90
[  621.698357][T14060]  ? clear_bhb_loop+0x40/0x90
[  621.703037][T14060]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  621.708932][T14060] RIP: 0033:0x7ff235d9c799
[  621.713343][T14060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  621.732944][T14060] RSP: 002b:00007ff236ca8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  621.741356][T14060] RAX: ffffffffffffffda RBX: 00007ff236015fa0 RCX: 00007ff235d9c799
[  621.749320][T14060] RDX: 0000000000000018 RSI: 0000000000000084 RDI: 0000000000000004
[  621.757297][T14060] RBP: 00007ff236ca8090 R08: 0000000000000008 R09: 0000000000000000
[  621.765272][T14060] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  621.773323][T14060] R13: 00007ff236016038 R14: 00007ff236015fa0 R15: 00007fff21358688
[  621.781303][T14060]  </TASK>
[  621.921033][T14062] netlink: 207496 bytes leftover after parsing attributes in process `syz.3.2720'.
[  622.843563][T14042] netlink: 'syz.0.2714': attribute type 15 has an invalid length.
[  622.851723][T14042] netlink: 'syz.0.2714': attribute type 5 has an invalid length.
[  622.860000][T14042] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2714'.
[  622.872649][T14048] tap0: tun_chr_ioctl cmd 1074025675
[  622.878335][T14048] tap0: persist disabled
[  622.973837][T14067] netlink: 'syz.1.2722': attribute type 33 has an invalid length.
[  622.981876][T14067] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2722'.
[  623.026802][T14069] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2723'.
[  623.065236][T14067] netlink: 'syz.1.2722': attribute type 10 has an invalid length.
[  623.090084][T14067] netlink: 55 bytes leftover after parsing attributes in process `syz.1.2722'.
[  624.652270][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  624.659474][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  626.717962][T14086] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2730'.
[  629.696629][T14088] netlink: 'syz.2.2727': attribute type 2 has an invalid length.
[  629.704452][T14088] netlink: 'syz.2.2727': attribute type 8 has an invalid length.
[  629.736617][T14088] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2727'.
[  630.007718][T14093] syzkaller0: entered promiscuous mode
[  630.015030][T14097] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2733'.
[  630.024627][T14093] syzkaller0: entered allmulticast mode
[  630.261325][T14107] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2736'.
[  630.500575][T14111] netlink: 'syz.1.2737': attribute type 8 has an invalid length.
[  630.514353][T14111] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.2737'.
[  631.048168][T14117] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2740'.
[  634.026487][T14104] syzkaller0: entered promiscuous mode
[  634.031990][T14104] syzkaller0: entered allmulticast mode
[  636.104342][T14123] veth0_vlan: entered allmulticast mode
[  636.111065][T14126] netlink: 'syz.1.2742': attribute type 10 has an invalid length.
[  636.312683][T14136] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2745'.
[  636.387535][T14136] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2745'.
[  636.397913][T14141] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2745'.
[  636.408958][T14136] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2745'.
[  636.615035][T14152] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2747'.
[  637.184393][T14160] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2751'.
[  640.530652][T14181] netlink: 121460 bytes leftover after parsing attributes in process `syz.3.2761'.
[  640.595167][T14181] netlink: 22828 bytes leftover after parsing attributes in process `syz.3.2761'.
[  641.031570][T14193] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2764'.
[  641.144972][T14200] netlink: 'syz.0.2769': attribute type 28 has an invalid length.
[  641.163396][T14200] netlink: 'syz.0.2769': attribute type 4 has an invalid length.
[  641.175038][T14200] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2769'.
[  641.211628][T14204] bond_slave_0: entered promiscuous mode
[  641.217429][T14204] bond_slave_1: entered promiscuous mode
[  642.096849][T12747] Bluetooth: hci0: command 0x0406 tx timeout
[  642.445074][T14224] sock: sock_timestamping_bind_phc: sock not bind to device
[  643.397997][T14239] __nla_validate_parse: 1 callbacks suppressed
[  643.398032][T14239] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2779'.
[  643.961769][T14257] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2787'.
[  644.058708][T14255] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2786'.
[  644.087507][T14251] netlink: 'syz.0.2785': attribute type 10 has an invalid length.
[  644.970967][T14280] FAULT_INJECTION: forcing a failure.
[  644.970967][T14280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  644.984386][T14280] CPU: 0 PID: 14280 Comm: syz.0.2794 Not tainted syzkaller #0
[  644.991872][T14280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  645.001937][T14280] Call Trace:
[  645.005214][T14280]  <TASK>
[  645.008142][T14280]  dump_stack_lvl+0x18c/0x250
[  645.012824][T14280]  ? show_regs_print_info+0x20/0x20
[  645.018021][T14280]  ? load_image+0x400/0x400
[  645.022522][T14280]  ? __might_fault+0xaa/0x120
[  645.027191][T14280]  ? __lock_acquire+0x7d40/0x7d40
[  645.032218][T14280]  should_fail_ex+0x39d/0x4d0
[  645.036905][T14280]  _copy_from_user+0x2f/0xe0
[  645.041504][T14280]  generic_map_update_batch+0x59a/0x810
[  645.047064][T14280]  ? rcu_read_unlock+0xa0/0xa0
[  645.051835][T14280]  ? __fdget+0x180/0x210
[  645.056087][T14280]  ? rcu_read_unlock+0xa0/0xa0
[  645.060855][T14280]  bpf_map_do_batch+0x3d7/0x610
[  645.065709][T14280]  __sys_bpf+0x381/0x890
[  645.069980][T14280]  ? bpf_link_show_fdinfo+0x390/0x390
[  645.075369][T14280]  ? lock_chain_count+0x20/0x20
[  645.080222][T14280]  __x64_sys_bpf+0x7c/0x90
[  645.084637][T14280]  do_syscall_64+0x55/0xa0
[  645.089053][T14280]  ? clear_bhb_loop+0x40/0x90
[  645.093825][T14280]  ? clear_bhb_loop+0x40/0x90
[  645.098497][T14280]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  645.104473][T14280] RIP: 0033:0x7fcd0279c799
[  645.109063][T14280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  645.128755][T14280] RSP: 002b:00007fcd035ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  645.137178][T14280] RAX: ffffffffffffffda RBX: 00007fcd02a15fa0 RCX: 00007fcd0279c799
[  645.145148][T14280] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  645.153116][T14280] RBP: 00007fcd035ed090 R08: 0000000000000000 R09: 0000000000000000
[  645.161088][T14280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  645.169055][T14280] R13: 00007fcd02a16038 R14: 00007fcd02a15fa0 R15: 00007ffd12f42268
[  645.177040][T14280]  </TASK>
[  645.539621][T14289] FAULT_INJECTION: forcing a failure.
[  645.539621][T14289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  645.585637][T14289] CPU: 1 PID: 14289 Comm: syz.2.2798 Not tainted syzkaller #0
[  645.593166][T14289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  645.603677][T14289] Call Trace:
[  645.606972][T14289]  <TASK>
[  645.609916][T14289]  dump_stack_lvl+0x18c/0x250
[  645.614653][T14289]  ? lock_chain_count+0x20/0x20
[  645.619529][T14289]  ? show_regs_print_info+0x20/0x20
[  645.624757][T14289]  ? load_image+0x400/0x400
[  645.629291][T14289]  ? lockdep_hardirqs_on+0x98/0x150
[  645.634521][T14289]  should_fail_ex+0x39d/0x4d0
[  645.639236][T14289]  _copy_from_user+0x2f/0xe0
[  645.643851][T14289]  __sys_bpf+0x23e/0x890
[  645.648117][T14289]  ? bpf_link_show_fdinfo+0x390/0x390
[  645.653523][T14289]  ? lock_chain_count+0x20/0x20
[  645.658402][T14289]  __x64_sys_bpf+0x7c/0x90
[  645.662840][T14289]  do_syscall_64+0x55/0xa0
[  645.667286][T14289]  ? clear_bhb_loop+0x40/0x90
[  645.672252][T14289]  ? clear_bhb_loop+0x40/0x90
[  645.676986][T14289]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  645.682914][T14289] RIP: 0033:0x7f891799c799
[  645.687356][T14289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  645.706995][T14289] RSP: 002b:00007f8918868028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  645.715437][T14289] RAX: ffffffffffffffda RBX: 00007f8917c15fa0 RCX: 00007f891799c799
[  645.723427][T14289] RDX: 0000000000000050 RSI: 0000200000002300 RDI: 000000000000000a
[  645.731422][T14289] RBP: 00007f8918868090 R08: 0000000000000000 R09: 0000000000000000
[  645.739411][T14289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  645.747408][T14289] R13: 00007f8917c16038 R14: 00007f8917c15fa0 R15: 00007ffd55c99cb8
[  645.755415][T14289]  </TASK>
[  655.588281][T14373] netlink: 'syz.0.2822': attribute type 1 has an invalid length.
[  655.602835][T14373] netlink: 112865 bytes leftover after parsing attributes in process `syz.0.2822'.
[  657.455960][T12747] Bluetooth: hci3: command 0x0406 tx timeout
[  657.533198][T14421] IPv6: Can't replace route, no match found
[  657.831828][T14429] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2841'.
[  658.245292][T14438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2846'.
[  658.739979][T14442] netlink: 'syz.3.2847': attribute type 6 has an invalid length.
[  658.771991][T14442] netlink: 168 bytes leftover after parsing attributes in process `syz.3.2847'.
[  658.902972][T14442] netlink: 'syz.3.2847': attribute type 3 has an invalid length.
[  658.929438][T14442] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.2847'.
[  659.201601][T14448] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2849'.
[  659.224923][T14448] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2849'.
[  661.470459][T14452] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2850'.
[  662.197563][T14485] Ÿë
: port 1(gretap0) entered blocking state
[  662.248214][T14485] Ÿë
: port 1(gretap0) entered disabled state
[  662.255251][T14485] gretap0: entered allmulticast mode
[  662.262316][T14485] gretap0: entered promiscuous mode
[  665.472488][T14503] netlink: 'syz.1.2870': attribute type 10 has an invalid length.
[  666.105252][T14517] netlink: 'syz.1.2876': attribute type 6 has an invalid length.
[  666.180207][T14517] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2876'.
[  666.374293][T14517] netlink: 'syz.1.2876': attribute type 3 has an invalid length.
[  666.404636][T14517] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2876'.
[  667.138657][T14549] netlink: 'syz.1.2884': attribute type 10 has an invalid length.
[  667.151953][T14549] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2884'.
[  667.162649][T14549] netlink: 'syz.1.2884': attribute type 10 has an invalid length.
[  667.178064][T14549] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2884'.
[  667.191943][T14546] netlink: 'syz.1.2884': attribute type 10 has an invalid length.
[  667.221908][T14546] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2884'.
[  669.696088][T14552] netlink: 'syz.3.2885': attribute type 10 has an invalid length.
[  669.713043][T14552] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  669.788593][T14552] batman_adv: batadv0: Removing interface: batadv_slave_0
[  669.940476][T14552] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  669.952333][T14558] netlink: 180 bytes leftover after parsing attributes in process `syz.2.2888'.
[  669.985620][T14556] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2887'.
[  670.300106][T14572] netlink: 'syz.0.2891': attribute type 6 has an invalid length.
[  670.312335][T14572] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2891'.
[  670.395974][T14575] syzkaller0: entered promiscuous mode
[  670.401603][T14575] syzkaller0: entered allmulticast mode
[  670.407767][T14572] netlink: 'syz.0.2891': attribute type 3 has an invalid length.
[  670.434757][T14572] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2891'.
[  673.381175][T14600] netlink: 'syz.0.2902': attribute type 10 has an invalid length.
[  673.394003][T14600] team0: Device wg1 is of different type
[  673.622753][T14608] netlink: 'syz.2.2906': attribute type 10 has an invalid length.
[  673.642988][T14606] netlink: 'syz.0.2903': attribute type 10 has an invalid length.
[  673.651438][T14606] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  673.671375][T14606] batman_adv: batadv0: Removing interface: batadv_slave_0
[  673.694990][T14606] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  673.874228][T14614] netlink: 'syz.2.2907': attribute type 6 has an invalid length.
[  673.895147][T14614] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2907'.
[  673.897264][T14616] FAULT_INJECTION: forcing a failure.
[  673.897264][T14616] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  673.936022][T14616] CPU: 1 PID: 14616 Comm: syz.0.2909 Not tainted syzkaller #0
[  673.943546][T14616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  673.953606][T14616] Call Trace:
[  673.956883][T14616]  <TASK>
[  673.959836][T14616]  dump_stack_lvl+0x18c/0x250
[  673.964518][T14616]  ? show_regs_print_info+0x20/0x20
[  673.969732][T14616]  ? load_image+0x400/0x400
[  673.974247][T14616]  ? __might_fault+0xaa/0x120
[  673.978930][T14616]  should_fail_ex+0x39d/0x4d0
[  673.983612][T14616]  copyin+0x1a/0x90
[  673.987420][T14616]  _copy_from_iter+0x404/0x12e0
[  673.992269][T14616]  ? __virt_addr_valid+0x18c/0x540
[  673.997385][T14616]  ? __lock_acquire+0x7d40/0x7d40
[  674.002423][T14616]  ? copyout_mc+0x70/0x70
[  674.006750][T14616]  ? __virt_addr_valid+0x18c/0x540
[  674.011856][T14616]  ? __virt_addr_valid+0x18c/0x540
[  674.016969][T14616]  ? __virt_addr_valid+0x469/0x540
[  674.022088][T14616]  ? __check_object_size+0x506/0xa20
[  674.027399][T14616]  skb_copy_datagram_from_iter+0xf4/0x6e0
[  674.033127][T14616]  ? dev_get_by_index+0x22/0x2d0
[  674.038077][T14616]  ? skb_put+0x11b/0x210
[  674.042322][T14616]  packet_sendmsg+0x3566/0x4d70
[  674.047189][T14616]  ? verify_lock_unused+0x140/0x140
[  674.052383][T14616]  ? mark_lock+0x94/0x320
[  674.056709][T14616]  ? __lock_acquire+0x1273/0x7d40
[  674.061727][T14616]  ? verify_lock_unused+0x140/0x140
[  674.066931][T14616]  ? aa_sk_perm+0x83c/0x970
[  674.071435][T14616]  ? packet_getsockopt+0xad0/0xad0
[  674.076577][T14616]  ? aa_sock_msg_perm+0x94/0x150
[  674.081510][T14616]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  674.086792][T14616]  ? security_socket_sendmsg+0x80/0xa0
[  674.092248][T14616]  ? packet_getsockopt+0xad0/0xad0
[  674.097365][T14616]  ____sys_sendmsg+0x5ba/0x960
[  674.102129][T14616]  ? __lock_acquire+0x7d40/0x7d40
[  674.107159][T14616]  ? __asan_memset+0x22/0x40
[  674.111745][T14616]  ? __sys_sendmsg_sock+0x30/0x30
[  674.116766][T14616]  ? __import_iovec+0x3fa/0x850
[  674.121624][T14616]  ? import_iovec+0x73/0xa0
[  674.126122][T14616]  ___sys_sendmsg+0x2a6/0x360
[  674.130807][T14616]  ? get_pid_task+0x20/0x1e0
[  674.135423][T14616]  ? __sys_sendmsg+0x2a0/0x2a0
[  674.140203][T14616]  ? __lock_acquire+0x7d40/0x7d40
[  674.145243][T14616]  __se_sys_sendmsg+0x1c2/0x2b0
[  674.150097][T14616]  ? __x64_sys_sendmsg+0x80/0x80
[  674.155305][T14616]  ? lockdep_hardirqs_on+0x98/0x150
[  674.160507][T14616]  do_syscall_64+0x55/0xa0
[  674.164927][T14616]  ? clear_bhb_loop+0x40/0x90
[  674.169603][T14616]  ? clear_bhb_loop+0x40/0x90
[  674.174283][T14616]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  674.180172][T14616] RIP: 0033:0x7fcd0279c799
[  674.184586][T14616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  674.204278][T14616] RSP: 002b:00007fcd035ed028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  674.212687][T14616] RAX: ffffffffffffffda RBX: 00007fcd02a15fa0 RCX: 00007fcd0279c799
[  674.220651][T14616] RDX: 0000000000004041 RSI: 0000200000000b00 RDI: 0000000000000003
[  674.228618][T14616] RBP: 00007fcd035ed090 R08: 0000000000000000 R09: 0000000000000000
[  674.236669][T14616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  674.244634][T14616] R13: 00007fcd02a16038 R14: 00007fcd02a15fa0 R15: 00007ffd12f42268
[  674.252642][T14616]  </TASK>
[  674.375244][T14614] netlink: 'syz.2.2907': attribute type 3 has an invalid length.
[  674.416919][T14614] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2907'.
[  674.573962][T14627] syzkaller0: entered promiscuous mode
[  674.588542][T14627] syzkaller0: entered allmulticast mode
[  677.566472][T14646] netlink: 'syz.3.2921': attribute type 10 has an invalid length.
[  677.574381][T14646] netlink: 210880 bytes leftover after parsing attributes in process `syz.3.2921'.
[  677.928794][ T5768] Bluetooth: hci1: command 0x0406 tx timeout
[  680.618990][T14643] netlink: 'syz.2.2919': attribute type 10 has an invalid length.
[  680.627148][T14643] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  680.645185][T14643] batman_adv: batadv0: Removing interface: batadv_slave_0
[  680.661139][T14643] batadv_slave_0: entered promiscuous mode
[  680.667680][T14643] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  680.682087][T14671] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2930'.
[  680.845924][T14679] FAULT_INJECTION: forcing a failure.
[  680.845924][T14679] name failslab, interval 1, probability 0, space 0, times 0
[  680.871569][T14679] CPU: 0 PID: 14679 Comm: syz.1.2933 Not tainted syzkaller #0
[  680.879088][T14679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  680.889172][T14679] Call Trace:
[  680.892494][T14679]  <TASK>
[  680.895443][T14679]  dump_stack_lvl+0x18c/0x250
[  680.900161][T14679]  ? show_regs_print_info+0x20/0x20
[  680.902507][T14676] netlink: 'syz.0.2931': attribute type 8 has an invalid length.
[  680.905376][T14679]  ? load_image+0x400/0x400
[  680.905436][T14679]  ? mark_lock+0x94/0x320
[  680.905460][T14679]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  680.905482][T14679]  should_fail_ex+0x39d/0x4d0
[  680.905508][T14679]  should_failslab+0x9/0x20
[  680.905529][T14679]  slab_pre_alloc_hook+0x59/0x310
[  680.905554][T14679]  ? sctp_add_bind_addr+0x8c/0x360
[  680.905573][T14679]  __kmem_cache_alloc_node+0x53/0x250
[  680.905598][T14679]  ? sctp_add_bind_addr+0x8c/0x360
[  680.905615][T14679]  kmalloc_trace+0x2a/0xe0
[  680.905638][T14679]  sctp_add_bind_addr+0x8c/0x360
[  680.905660][T14679]  sctp_copy_local_addr_list+0x315/0x4f0
[  680.917683][T14676] netlink: 'syz.0.2931': attribute type 1 has an invalid length.
[  680.917859][T14679]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  680.917892][T14679]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  680.917921][T14679]  ? sctp_v4_is_any+0x35/0x60
[  680.923405][T14676] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2931'.
[  680.929343][T14679]  ? sctp_copy_one_addr+0x8c/0x350
[  680.929383][T14679]  sctp_bind_addr_copy+0xb3/0x3c0
[  680.929406][T14679]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  680.929426][T14679]  sctp_connect_new_asoc+0x2f9/0x6a0
[  680.929446][T14679]  ? __sctp_connect+0xd80/0xd80
[  680.929460][T14679]  ? __local_bh_enable_ip+0x13a/0x1c0
[  680.929483][T14679]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  680.929502][T14679]  ? security_sctp_bind_connect+0x89/0xb0
[  680.929523][T14679]  sctp_sendmsg+0x1575/0x28c0
[  680.929550][T14679]  ? sctp_getsockopt+0xb60/0xb60
[  680.929569][T14679]  ? aa_sk_perm+0x83c/0x970
[  680.929600][T14679]  ? aa_af_perm+0x330/0x330
[  680.929619][T14679]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  680.929643][T14679]  ? sock_rps_record_flow+0x19/0x3f0
[  680.929666][T14679]  ? inet_sendmsg+0xe9/0x2f0
[  680.929685][T14679]  ? inet_send_prepare+0x260/0x260
[  680.929705][T14679]  ____sys_sendmsg+0x5ba/0x960
[  680.929723][T14679]  ? __lock_acquire+0x7d40/0x7d40
[  680.929747][T14679]  ? __asan_memset+0x22/0x40
[  681.105902][T14679]  ? __sys_sendmsg_sock+0x30/0x30
[  681.110958][T14679]  ? __import_iovec+0x5f2/0x850
[  681.115851][T14679]  ? import_iovec+0x73/0xa0
[  681.120381][T14679]  ___sys_sendmsg+0x2a6/0x360
[  681.125108][T14679]  ? __sys_sendmsg+0x2a0/0x2a0
[  681.129959][T14679]  __se_sys_sendmsg+0x1c2/0x2b0
[  681.134854][T14679]  ? __x64_sys_sendmsg+0x80/0x80
[  681.139854][T14679]  do_syscall_64+0x55/0xa0
[  681.144296][T14679]  ? clear_bhb_loop+0x40/0x90
[  681.148992][T14679]  ? clear_bhb_loop+0x40/0x90
[  681.153692][T14679]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  681.159608][T14679] RIP: 0033:0x7f0b52b9c799
[  681.164046][T14679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  681.183678][T14679] RSP: 002b:00007f0b53b01028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  681.192122][T14679] RAX: ffffffffffffffda RBX: 00007f0b52e15fa0 RCX: 00007f0b52b9c799
[  681.200211][T14679] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000011
[  681.208202][T14679] RBP: 00007f0b53b01090 R08: 0000000000000000 R09: 0000000000000000
[  681.216188][T14679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  681.224171][T14679] R13: 00007f0b52e16038 R14: 00007f0b52e15fa0 R15: 00007ffc11a4d438
[  681.232183][T14679]  </TASK>
[  681.425300][T14693] netlink: 'syz.2.2935': attribute type 17 has an invalid length.
[  681.500338][T14693] netlink: 'syz.2.2935': attribute type 16 has an invalid length.
[  681.615953][T14693] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2935'.
[  682.574165][T14706] syzkaller0: entered promiscuous mode
[  682.586148][T14706] syzkaller0: entered allmulticast mode
[  682.829711][T14713] netlink: 'syz.2.2942': attribute type 7 has an invalid length.
[  683.028727][T14717] FAULT_INJECTION: forcing a failure.
[  683.028727][T14717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  683.065870][T14717] CPU: 0 PID: 14717 Comm: syz.1.2944 Not tainted syzkaller #0
[  683.073404][T14717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  683.083591][T14717] Call Trace:
[  683.086885][T14717]  <TASK>
[  683.089827][T14717]  dump_stack_lvl+0x18c/0x250
[  683.094519][T14717]  ? show_regs_print_info+0x20/0x20
[  683.099720][T14717]  ? load_image+0x400/0x400
[  683.104223][T14717]  ? __lock_acquire+0x7d40/0x7d40
[  683.109250][T14717]  ? snprintf+0xe9/0x140
[  683.113580][T14717]  should_fail_ex+0x39d/0x4d0
[  683.118265][T14717]  _copy_to_user+0x2f/0xa0
[  683.122686][T14717]  simple_read_from_buffer+0xe7/0x150
[  683.128066][T14717]  proc_fail_nth_read+0x1e8/0x260
[  683.133104][T14717]  ? proc_fault_inject_write+0x360/0x360
[  683.138745][T14717]  ? fsnotify_perm+0x271/0x5e0
[  683.143540][T14717]  ? proc_fault_inject_write+0x360/0x360
[  683.149195][T14717]  vfs_read+0x28b/0x970
[  683.153725][T14717]  ? kernel_read+0x1e0/0x1e0
[  683.158341][T14717]  ? __fget_files+0x28/0x4b0
[  683.162933][T14717]  ? __fget_files+0x28/0x4b0
[  683.167533][T14717]  ? __fget_files+0x43d/0x4b0
[  683.172226][T14717]  ? __fdget_pos+0x2a3/0x330
[  683.176832][T14717]  ? ksys_read+0x75/0x260
[  683.181189][T14717]  ksys_read+0x150/0x260
[  683.185442][T14717]  ? vfs_write+0x990/0x990
[  683.189869][T14717]  ? lockdep_hardirqs_on+0x98/0x150
[  683.195074][T14717]  do_syscall_64+0x55/0xa0
[  683.199494][T14717]  ? clear_bhb_loop+0x40/0x90
[  683.204205][T14717]  ? clear_bhb_loop+0x40/0x90
[  683.208900][T14717]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  683.214829][T14717] RIP: 0033:0x7f0b52b5cfce
[  683.219291][T14717] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  683.239082][T14717] RSP: 002b:00007f0b53b00fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  683.247554][T14717] RAX: ffffffffffffffda RBX: 00007f0b53b016c0 RCX: 00007f0b52b5cfce
[  683.255546][T14717] RDX: 000000000000000f RSI: 00007f0b53b010a0 RDI: 0000000000000006
[  683.263597][T14717] RBP: 00007f0b53b01090 R08: 0000000000000000 R09: 0000000000000000
[  683.272565][T14717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  683.280550][T14717] R13: 00007f0b52e16038 R14: 00007f0b52e15fa0 R15: 00007ffc11a4d438
[  683.288533][T14717]  </TASK>
[  686.088596][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  686.099803][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  689.178012][T14766] IPv6: Can't replace route, no match found
[  689.246891][T14764] mac80211_hwsim hwsim23 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  689.445648][T14769] netlink: 'syz.1.2960': attribute type 10 has an invalid length.
[  689.453534][T14769] team0: Device wg1 is up. Set it down before adding it as a team port
[  689.497945][T14772] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2961'.
[  689.734890][T14779] syzkaller0: entered promiscuous mode
[  689.740764][T14779] syzkaller0: entered allmulticast mode
[  692.520483][T14806] netlink: 'syz.2.2974': attribute type 25 has an invalid length.
[  692.528797][T14806] netlink: 'syz.2.2974': attribute type 9 has an invalid length.
[  692.643285][T14808] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2975'.
[  693.232721][T14834] netlink: 'syz.0.2983': attribute type 3 has an invalid length.
[  693.258486][T14836] netlink: 'syz.1.2981': attribute type 8 has an invalid length.
[  693.271777][T14834] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2983'.
[  693.304813][T14836] netlink: 'syz.1.2981': attribute type 1 has an invalid length.
[  693.341166][T14836] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2981'.
[  693.778452][T14844] netlink: 'syz.0.2985': attribute type 3 has an invalid length.
[  693.790753][T14844] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2985'.
[  693.813067][T14844] FAULT_INJECTION: forcing a failure.
[  693.813067][T14844] name failslab, interval 1, probability 0, space 0, times 0
[  693.843996][T14844] CPU: 0 PID: 14844 Comm: syz.0.2985 Not tainted syzkaller #0
[  693.851527][T14844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  693.861625][T14844] Call Trace:
[  693.865374][T14844]  <TASK>
[  693.868336][T14844]  dump_stack_lvl+0x18c/0x250
[  693.873052][T14844]  ? show_regs_print_info+0x20/0x20
[  693.878291][T14844]  ? load_image+0x400/0x400
[  693.882830][T14844]  ? __might_sleep+0xe0/0xe0
[  693.887463][T14844]  ? __lock_acquire+0x7d40/0x7d40
[  693.892534][T14844]  should_fail_ex+0x39d/0x4d0
[  693.897267][T14844]  should_failslab+0x9/0x20
[  693.901810][T14844]  slab_pre_alloc_hook+0x59/0x310
[  693.906880][T14844]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  693.913083][T14844]  kmem_cache_alloc_node+0x60/0x320
[  693.918326][T14844]  ? __alloc_skb+0x103/0x2c0
[  693.922972][T14844]  __alloc_skb+0x103/0x2c0
[  693.927434][T14844]  netlink_ack+0x376/0x1180
[  693.931999][T14844]  ? __dev_queue_xmit+0x265/0x3660
[  693.937163][T14844]  ? netlink_dump+0xe50/0xe50
[  693.941887][T14844]  ? perf_trace_lock+0xfc/0x3b0
[  693.946789][T14844]  netlink_rcv_skb+0x2c5/0x4d0
[  693.951593][T14844]  ? rtnetlink_bind+0x80/0x80
[  693.956318][T14844]  ? netlink_ack+0x1180/0x1180
[  693.961132][T14844]  ? __lock_acquire+0x7d40/0x7d40
[  693.966193][T14844]  ? netlink_deliver_tap+0x2e/0x1b0
[  693.971425][T14844]  netlink_unicast+0x751/0x8d0
[  693.976238][T14844]  netlink_sendmsg+0x8d0/0xbf0
[  693.981231][T14844]  ? netlink_getsockopt+0x590/0x590
[  693.986474][T14844]  ? aa_sock_msg_perm+0x94/0x150
[  693.991453][T14844]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  693.996776][T14844]  ? security_socket_sendmsg+0x80/0xa0
[  694.002273][T14844]  ? netlink_getsockopt+0x590/0x590
[  694.007534][T14844]  ____sys_sendmsg+0x5ba/0x960
[  694.012353][T14844]  ? __asan_memset+0x22/0x40
[  694.016980][T14844]  ? __sys_sendmsg_sock+0x30/0x30
[  694.022036][T14844]  ? __import_iovec+0x5f2/0x850
[  694.026945][T14844]  ? import_iovec+0x73/0xa0
[  694.031540][T14844]  ___sys_sendmsg+0x2a6/0x360
[  694.036264][T14844]  ? __sys_sendmsg+0x2a0/0x2a0
[  694.041118][T14844]  __se_sys_sendmsg+0x1c2/0x2b0
[  694.046011][T14844]  ? __x64_sys_sendmsg+0x80/0x80
[  694.051007][T14844]  ? syscall_enter_from_user_mode+0x2e/0x80
[  694.056957][T14844]  do_syscall_64+0x55/0xa0
[  694.061549][T14844]  ? clear_bhb_loop+0x40/0x90
[  694.066274][T14844]  ? clear_bhb_loop+0x40/0x90
[  694.071076][T14844]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  694.077007][T14844] RIP: 0033:0x7fcd0279c799
[  694.081456][T14844] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  694.101179][T14844] RSP: 002b:00007fcd035ed028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  694.109807][T14844] RAX: ffffffffffffffda RBX: 00007fcd02a15fa0 RCX: 00007fcd0279c799
[  694.117900][T14844] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  694.125989][T14844] RBP: 00007fcd035ed090 R08: 0000000000000000 R09: 0000000000000000
[  694.134076][T14844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  694.142165][T14844] R13: 00007fcd02a16038 R14: 00007fcd02a15fa0 R15: 00007ffd12f42268
[  694.150270][T14844]  </TASK>
[  694.431502][T14849] syzkaller0: entered promiscuous mode
[  694.446714][T14849] syzkaller0: entered allmulticast mode
[  694.722355][T14855] IPv6: Can't replace route, no match found
[  694.745371][T14862] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2992'.
[  694.746146][T14854] mac80211_hwsim hwsim28 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  695.012153][T14866] netlink: 'syz.2.2993': attribute type 3 has an invalid length.
[  695.022207][T14866] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2993'.
[  697.212427][T14880] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2999'.
[  697.227818][T14880] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  697.274654][T14886] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3002'.
[  697.288317][T14881] netlink: 'syz.2.3000': attribute type 8 has an invalid length.
[  697.297110][T14881] netlink: 'syz.2.3000': attribute type 1 has an invalid length.
[  697.304917][T14881] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3000'.
[  697.364133][T14887] syzkaller0: entered promiscuous mode
[  697.372075][T14887] syzkaller0: entered allmulticast mode
[  697.435137][T14889] netlink: 'syz.3.3003': attribute type 3 has an invalid length.
[  697.454117][T14889] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3003'.
[  697.556757][T14891] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3004'.
[  697.611995][T14893] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3005'.
[  698.323505][T14904] IPv6: Can't replace route, no match found
[  698.342134][T14895] netlink: 'syz.2.3006': attribute type 10 has an invalid length.
[  698.435475][T14895] team0: Device ipvlan1 failed to register rx_handler
[  698.578258][T14908] syzkaller0: entered promiscuous mode
[  698.590655][T14908] syzkaller0: entered allmulticast mode
[  698.600817][T14916] netlink: 'syz.0.3011': attribute type 10 has an invalid length.
[  698.647020][T14916] team0: Device hsr_slave_0 failed to register rx_handler
[  698.701216][T14919] netlink: 'syz.1.3012': attribute type 8 has an invalid length.
[  698.721695][T14919] netlink: 199848 bytes leftover after parsing attributes in process `syz.1.3012'.
[  698.832994][T14914] netlink: 'syz.0.3011': attribute type 12 has an invalid length.
[  698.843274][T14914] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3011'.
[  699.609558][T14926] netlink: 'syz.2.3015': attribute type 3 has an invalid length.
[  701.928867][T14936] netlink: 'syz.0.3020': attribute type 8 has an invalid length.
[  701.937206][T14936] __nla_validate_parse: 1 callbacks suppressed
[  701.937237][T14936] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.3020'.
[  702.059702][T14942] netlink: 'syz.1.3022': attribute type 8 has an invalid length.
[  702.074175][T14945] hsr0: entered promiscuous mode
[  702.104037][T14942] netlink: 199848 bytes leftover after parsing attributes in process `syz.1.3022'.
[  702.110803][T14945] hsr0: entered allmulticast mode
[  702.175691][T14945] hsr_slave_0: entered allmulticast mode
[  702.224679][T14945] hsr_slave_1: entered allmulticast mode
[  702.344760][T14946] IPv6: Can't replace route, no match found
[  702.433403][T14953] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3026'.
[  702.502348][T14946] mac80211_hwsim hwsim30 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  703.598756][T14967] syzkaller0: entered promiscuous mode
[  703.604556][T14967] syzkaller0: entered allmulticast mode
[  703.643090][T14979] netlink: 'syz.0.3034': attribute type 8 has an invalid length.
[  703.651419][T14979] netlink: 199848 bytes leftover after parsing attributes in process `syz.0.3034'.
[  703.954278][T14992] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3039'.
[  704.210472][T15000] netlink: 'syz.3.3038': attribute type 8 has an invalid length.
[  704.224146][T15000] netlink: 'syz.3.3038': attribute type 1 has an invalid length.
[  704.232580][T15000] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3038'.
[  705.125958][ T5932] wlan1: Trigger new scan to find an IBSS to join
[  706.538004][T15011] netlink: 'syz.1.3044': attribute type 2 has an invalid length.
[  706.551998][T15011] netlink: 'syz.1.3044': attribute type 4 has an invalid length.
[  706.632209][T15017] netlink: zone id is out of range
[  706.661945][T15017] netlink: set zone limit has 8 unknown bytes
[  707.134682][T15026] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3049'.
[  707.402886][T15032] syzkaller0: entered promiscuous mode
[  707.426439][T15032] syzkaller0: entered allmulticast mode
[  707.874845][T15052] netlink: 'syz.1.3055': attribute type 8 has an invalid length.
[  707.883255][T15052] netlink: 'syz.1.3055': attribute type 1 has an invalid length.
[  707.891604][T15052] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3055'.
[  710.011704][T15067] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3063'.
[  710.184610][T15065] syzkaller0: entered promiscuous mode
[  710.198800][T15065] syzkaller0: entered allmulticast mode
[  710.504893][T15080] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:0603:0000:0023 with DS=0x3f
[  712.841770][T15102] netlink: 'syz.1.3073': attribute type 39 has an invalid length.
[  712.932255][T15107] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3075'.
[  713.953273][T15128] netlink: 121460 bytes leftover after parsing attributes in process `syz.1.3081'.
[  714.027529][T15128] netlink: 22828 bytes leftover after parsing attributes in process `syz.1.3081'.
[  714.073714][T15130] netlink: 'syz.3.3082': attribute type 8 has an invalid length.
[  714.090344][T15130] netlink: 199848 bytes leftover after parsing attributes in process `syz.3.3082'.
[  714.137432][T15135] syzkaller0: entered promiscuous mode
[  714.147224][T15137] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3085'.
[  714.153825][T15135] syzkaller0: entered allmulticast mode
[  717.011958][T15149] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3090'.
[  717.022281][T15151] netlink: 830 bytes leftover after parsing attributes in process `syz.1.3091'.
[  717.457510][T15170] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3098'.
[  718.447108][T15185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3102'.
[  718.659657][T15191] syzkaller0: entered promiscuous mode
[  718.665213][T15191] syzkaller0: entered allmulticast mode
[  718.715162][T15200] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3106'.
[  719.077663][T15215] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3112'.
[  720.113226][T15219] FAULT_INJECTION: forcing a failure.
[  720.113226][T15219] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  720.132152][T15219] CPU: 1 PID: 15219 Comm: syz.0.3114 Not tainted syzkaller #0
[  720.139680][T15219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  720.149784][T15219] Call Trace:
[  720.153100][T15219]  <TASK>
[  720.156066][T15219]  dump_stack_lvl+0x18c/0x250
[  720.160787][T15219]  ? show_regs_print_info+0x20/0x20
[  720.166031][T15219]  ? load_image+0x400/0x400
[  720.170582][T15219]  ? __might_fault+0xaa/0x120
[  720.175288][T15219]  ? __lock_acquire+0x7d40/0x7d40
[  720.180347][T15219]  should_fail_ex+0x39d/0x4d0
[  720.185078][T15219]  _copy_from_user+0x2f/0xe0
[  720.189733][T15219]  generic_map_update_batch+0x54b/0x810
[  720.195358][T15219]  ? rcu_read_unlock+0xa0/0xa0
[  720.200168][T15219]  ? __fdget+0x180/0x210
[  720.204442][T15219]  ? rcu_read_unlock+0xa0/0xa0
[  720.209219][T15219]  bpf_map_do_batch+0x3d7/0x610
[  720.214104][T15219]  __sys_bpf+0x381/0x890
[  720.218366][T15219]  ? bpf_link_show_fdinfo+0x390/0x390
[  720.223785][T15219]  ? lock_chain_count+0x20/0x20
[  720.228755][T15219]  __x64_sys_bpf+0x7c/0x90
[  720.233190][T15219]  do_syscall_64+0x55/0xa0
[  720.237629][T15219]  ? clear_bhb_loop+0x40/0x90
[  720.242337][T15219]  ? clear_bhb_loop+0x40/0x90
[  720.247123][T15219]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  720.254607][T15219] RIP: 0033:0x7fcd0279c799
[  720.259251][T15219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  720.278902][T15219] RSP: 002b:00007fcd035ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  720.287343][T15219] RAX: ffffffffffffffda RBX: 00007fcd02a15fa0 RCX: 00007fcd0279c799
[  720.295329][T15219] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  720.303312][T15219] RBP: 00007fcd035ed090 R08: 0000000000000000 R09: 0000000000000000
[  720.311296][T15219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  720.319278][T15219] R13: 00007fcd02a16038 R14: 00007fcd02a15fa0 R15: 00007ffd12f42268
[  720.327294][T15219]  </TASK>
[  721.646010][T15245] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3123'.
[  722.869608][T15266] netlink: 'syz.2.3128': attribute type 8 has an invalid length.
[  722.899119][T15266] netlink: 199848 bytes leftover after parsing attributes in process `syz.2.3128'.
[  723.858144][T15211] bridge_slave_1: left allmulticast mode
[  723.863936][T15211] bridge_slave_1: left promiscuous mode
[  723.870250][T15211] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.879795][T15211] bridge_slave_0: left allmulticast mode
[  723.886919][T15211] bridge_slave_0: left promiscuous mode
[  723.893904][T15211] bridge0: port 1(bridge_slave_0) entered disabled state
[  724.314762][T12747] Bluetooth: hci3: unexpected subevent 0x01 length: 150 > 18
[  724.596756][T15299] syzkaller0: entered promiscuous mode
[  724.602300][T15299] syzkaller0: entered allmulticast mode
[  725.031587][T15313] netlink: 'syz.1.3144': attribute type 8 has an invalid length.
[  725.039814][T15313] netlink: 199848 bytes leftover after parsing attributes in process `syz.1.3144'.
[  726.558010][T15310] IPv6: Can't replace route, no match found
[  726.774855][T15322] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3149'.
[  727.151577][T15333] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3154'.
[  727.926342][T15348] syzkaller0: entered promiscuous mode
[  727.938749][T15348] syzkaller0: entered allmulticast mode
[  730.211744][T15366] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3163'.
[  730.400896][T15371] FAULT_INJECTION: forcing a failure.
[  730.400896][T15371] name failslab, interval 1, probability 0, space 0, times 0
[  730.445818][T15371] CPU: 1 PID: 15371 Comm: syz.2.3164 Not tainted syzkaller #0
[  730.453379][T15371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  730.463463][T15371] Call Trace:
[  730.466758][T15371]  <TASK>
[  730.469700][T15371]  dump_stack_lvl+0x18c/0x250
[  730.474404][T15371]  ? show_regs_print_info+0x20/0x20
[  730.479615][T15371]  ? load_image+0x400/0x400
[  730.484121][T15371]  ? __might_sleep+0xe0/0xe0
[  730.488711][T15371]  ? __lock_acquire+0x7d40/0x7d40
[  730.493742][T15371]  should_fail_ex+0x39d/0x4d0
[  730.498424][T15371]  should_failslab+0x9/0x20
[  730.502928][T15371]  slab_pre_alloc_hook+0x59/0x310
[  730.507960][T15371]  ? sctp_datamsg_from_user+0x88/0xee0
[  730.513421][T15371]  __kmem_cache_alloc_node+0x53/0x250
[  730.519237][T15371]  ? sctp_datamsg_from_user+0x88/0xee0
[  730.524698][T15371]  kmalloc_trace+0x2a/0xe0
[  730.529126][T15371]  sctp_datamsg_from_user+0x88/0xee0
[  730.534420][T15371]  ? __sk_mem_raise_allocated+0xa29/0x1340
[  730.540234][T15371]  ? sctp_primitive_ASSOCIATE+0x95/0xc0
[  730.545784][T15371]  sctp_sendmsg_to_asoc+0x107f/0x1830
[  730.551151][T15371]  ? __asan_memcpy+0x40/0x70
[  730.555747][T15371]  ? sctp_assoc_add_peer+0xcf3/0x1390
[  730.561124][T15371]  ? sctp_sendmsg_check_sflags+0x2d0/0x2d0
[  730.566927][T15371]  ? __sctp_connect+0xd80/0xd80
[  730.571780][T15371]  ? __local_bh_enable_ip+0x13a/0x1c0
[  730.577238][T15371]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  730.582778][T15371]  ? security_sctp_bind_connect+0x89/0xb0
[  730.588495][T15371]  sctp_sendmsg+0x1b83/0x28c0
[  730.593178][T15371]  ? sctp_getsockopt+0xb60/0xb60
[  730.598110][T15371]  ? aa_sk_perm+0x83c/0x970
[  730.602652][T15371]  ? aa_af_perm+0x330/0x330
[  730.607177][T15371]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  730.613610][T15371]  ? sock_rps_record_flow+0x19/0x3f0
[  730.618909][T15371]  ? inet_sendmsg+0xe9/0x2f0
[  730.623495][T15371]  ? inet_send_prepare+0x260/0x260
[  730.628604][T15371]  ____sys_sendmsg+0x5ba/0x960
[  730.633362][T15371]  ? __lock_acquire+0x7d40/0x7d40
[  730.638389][T15371]  ? __asan_memset+0x22/0x40
[  730.642983][T15371]  ? __sys_sendmsg_sock+0x30/0x30
[  730.648005][T15371]  ? __import_iovec+0x5f2/0x850
[  730.652871][T15371]  ? import_iovec+0x73/0xa0
[  730.657377][T15371]  ___sys_sendmsg+0x2a6/0x360
[  730.662084][T15371]  ? __sys_sendmsg+0x2a0/0x2a0
[  730.666860][T15371]  ? __lock_acquire+0x7d40/0x7d40
[  730.671901][T15371]  __se_sys_sendmsg+0x1c2/0x2b0
[  730.676746][T15371]  ? __x64_sys_sendmsg+0x80/0x80
[  730.681710][T15371]  ? lockdep_hardirqs_on+0x98/0x150
[  730.686906][T15371]  do_syscall_64+0x55/0xa0
[  730.691321][T15371]  ? clear_bhb_loop+0x40/0x90
[  730.695998][T15371]  ? clear_bhb_loop+0x40/0x90
[  730.700678][T15371]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  730.706669][T15371] RIP: 0033:0x7f891799c799
[  730.711105][T15371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  730.730713][T15371] RSP: 002b:00007f8918868028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  730.739129][T15371] RAX: ffffffffffffffda RBX: 00007f8917c15fa0 RCX: 00007f891799c799
[  730.747530][T15371] RDX: 0000000000000c54 RSI: 0000200000000380 RDI: 0000000000000003
[  730.755499][T15371] RBP: 00007f8918868090 R08: 0000000000000000 R09: 0000000000000000
[  730.763465][T15371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  730.771429][T15371] R13: 00007f8917c16038 R14: 00007f8917c15fa0 R15: 00007ffd55c99cb8
[  730.779410][T15371]  </TASK>
[  730.809190][T15373] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3166'.
[  731.314111][T15383] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3170'.
[  731.648138][T15391] pim6reg: tun_chr_ioctl cmd 2147767521
[  731.902186][T15394] syzkaller0: entered promiscuous mode
[  731.907927][T15394] syzkaller0: entered allmulticast mode
[  734.332255][T15406] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3176'.
[  734.971980][T15415] FAULT_INJECTION: forcing a failure.
[  734.971980][T15415] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  735.013638][T15415] CPU: 1 PID: 15415 Comm: syz.0.3179 Not tainted syzkaller #0
[  735.021234][T15415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  735.031280][T15415] Call Trace:
[  735.034549][T15415]  <TASK>
[  735.037472][T15415]  dump_stack_lvl+0x18c/0x250
[  735.042154][T15415]  ? show_regs_print_info+0x20/0x20
[  735.047352][T15415]  ? load_image+0x400/0x400
[  735.052026][T15415]  ? __lock_acquire+0x7d40/0x7d40
[  735.057043][T15415]  should_fail_ex+0x39d/0x4d0
[  735.061724][T15415]  prepare_alloc_pages+0x1e2/0x5f0
[  735.066875][T15415]  __alloc_pages+0x134/0x460
[  735.071485][T15415]  ? zone_statistics+0x170/0x170
[  735.076446][T15415]  ? alloc_pages+0x4dc/0x740
[  735.081034][T15415]  ? do_raw_spin_unlock+0x121/0x230
[  735.086225][T15415]  __get_free_pages+0xc/0x30
[  735.090802][T15415]  kasan_populate_vmalloc_pte+0x35/0x100
[  735.096435][T15415]  __apply_to_page_range+0x860/0xdd0
[  735.101724][T15415]  ? kasan_populate_vmalloc+0x70/0x70
[  735.107127][T15415]  ? apply_to_page_range+0x50/0x50
[  735.112269][T15415]  ? do_raw_spin_unlock+0x121/0x230
[  735.117487][T15415]  alloc_vmap_area+0x1d0c/0x1e30
[  735.122532][T15415]  ? vm_map_ram+0xcb0/0xcb0
[  735.127036][T15415]  ? rcu_is_watching+0x15/0xb0
[  735.131798][T15415]  __get_vm_area_node+0x162/0x370
[  735.136825][T15415]  __vmalloc_node_range+0x36e/0x1330
[  735.142109][T15415]  ? array_map_alloc+0x280/0x6f0
[  735.147093][T15415]  ? end_current_label_crit_section+0x170/0x170
[  735.153418][T15415]  ? __asan_memset+0x22/0x40
[  735.158005][T15415]  ? free_vm_area+0x50/0x50
[  735.162510][T15415]  ? apparmor_capable+0x137/0x1a0
[  735.167530][T15415]  ? bpf_lsm_capable+0x9/0x10
[  735.172205][T15415]  bpf_map_area_alloc+0xf1/0x110
[  735.177141][T15415]  ? array_map_alloc+0x280/0x6f0
[  735.182076][T15415]  array_map_alloc+0x280/0x6f0
[  735.186838][T15415]  prog_array_map_alloc+0x17a/0x200
[  735.192033][T15415]  map_create+0x877/0x12f0
[  735.196449][T15415]  ? bpf_lsm_bpf+0x9/0x10
[  735.200865][T15415]  __sys_bpf+0x651/0x890
[  735.205107][T15415]  ? bpf_link_show_fdinfo+0x390/0x390
[  735.210491][T15415]  ? lock_chain_count+0x20/0x20
[  735.215348][T15415]  __x64_sys_bpf+0x7c/0x90
[  735.219783][T15415]  do_syscall_64+0x55/0xa0
[  735.224198][T15415]  ? clear_bhb_loop+0x40/0x90
[  735.228867][T15415]  ? clear_bhb_loop+0x40/0x90
[  735.233550][T15415]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  735.239453][T15415] RIP: 0033:0x7fcd0279c799
[  735.243864][T15415] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  735.263575][T15415] RSP: 002b:00007fcd035ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  735.271983][T15415] RAX: ffffffffffffffda RBX: 00007fcd02a15fa0 RCX: 00007fcd0279c799
[  735.280037][T15415] RDX: 0000000000000050 RSI: 00002000000009c0 RDI: 0000000000000000
[  735.288002][T15415] RBP: 00007fcd035ed090 R08: 0000000000000000 R09: 0000000000000000
[  735.295978][T15415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  735.303944][T15415] R13: 00007fcd02a16038 R14: 00007fcd02a15fa0 R15: 00007ffd12f42268
[  735.311920][T15415]  </TASK>
[  735.514162][T15421] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3182'.
[  735.638303][T15426] syzkaller0: entered promiscuous mode
[  735.643940][T15426] syzkaller0: entered allmulticast mode
[  735.997815][T15434] FAULT_INJECTION: forcing a failure.
[  735.997815][T15434] name failslab, interval 1, probability 0, space 0, times 0
[  736.010556][T15434] CPU: 1 PID: 15434 Comm: syz.2.3187 Not tainted syzkaller #0
[  736.018123][T15434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  736.028176][T15434] Call Trace:
[  736.031540][T15434]  <TASK>
[  736.034469][T15434]  dump_stack_lvl+0x18c/0x250
[  736.039240][T15434]  ? show_regs_print_info+0x20/0x20
[  736.044467][T15434]  ? load_image+0x400/0x400
[  736.048971][T15434]  ? skb_network_protocol+0x529/0x780
[  736.054348][T15434]  should_fail_ex+0x39d/0x4d0
[  736.059032][T15434]  should_failslab+0x9/0x20
[  736.063534][T15434]  slab_pre_alloc_hook+0x59/0x310
[  736.068563][T15434]  kmem_cache_alloc+0x5a/0x2d0
[  736.073331][T15434]  ? skb_clone+0x1eb/0x370
[  736.077747][T15434]  skb_clone+0x1eb/0x370
[  736.081988][T15434]  ? dev_queue_xmit_nit+0x212/0xbb0
[  736.087359][T15434]  dev_queue_xmit_nit+0x24d/0xbb0
[  736.092385][T15434]  ? dev_queue_xmit_nit+0x2d/0xbb0
[  736.097499][T15434]  ? validate_xmit_skb+0x949/0xf60
[  736.102616][T15434]  dev_hard_start_xmit+0x148/0x740
[  736.107742][T15434]  __dev_queue_xmit+0x19a3/0x3660
[  736.112798][T15434]  ? __dev_queue_xmit+0x265/0x3660
[  736.117941][T15434]  ? netdev_core_pick_tx+0x340/0x340
[  736.123231][T15434]  ? skb_release_data+0x1cf/0x800
[  736.128283][T15434]  ? pskb_expand_head+0xbfe/0x1230
[  736.133411][T15434]  __bpf_tx_skb+0x189/0x250
[  736.137915][T15434]  bpf_clone_redirect+0x30f/0x4a0
[  736.142947][T15434]  bpf_prog_64e505a7b7f97a05+0x5d/0x62
[  736.148407][T15434]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  736.154385][T15434]  ? preempt_schedule+0xc0/0xd0
[  736.159237][T15434]  ? bpf_test_run+0x174/0x870
[  736.163910][T15434]  ? preempt_schedule_common+0x82/0xc0
[  736.169373][T15434]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  736.175441][T15434]  ? lockdep_softirqs_on+0x580/0x580
[  736.180730][T15434]  ? lock_chain_count+0x20/0x20
[  736.185585][T15434]  ? __local_bh_disable_ip+0x108/0x1a0
[  736.191042][T15434]  ? __cant_sleep+0x220/0x220
[  736.195726][T15434]  ? __local_bh_enable_ip+0x13a/0x1c0
[  736.201093][T15434]  ? _local_bh_enable+0xa0/0xa0
[  736.205940][T15434]  ? bpf_test_timer_continue+0x135/0x380
[  736.211580][T15434]  ? bpf_test_run+0x174/0x870
[  736.216253][T15434]  bpf_test_run+0x2df/0x870
[  736.220905][T15434]  ? bpf_test_run+0x174/0x870
[  736.225579][T15434]  ? convert___skb_to_skb+0x590/0x590
[  736.230954][T15434]  ? eth_get_headlen+0x210/0x210
[  736.235898][T15434]  ? bpf_prog_test_run_skb+0x7ad/0x12b0
[  736.241525][T15434]  ? convert___skb_to_skb+0x3d/0x590
[  736.246803][T15434]  bpf_prog_test_run_skb+0xad2/0x12b0
[  736.252182][T15434]  ? cpu_online+0x60/0x60
[  736.256508][T15434]  bpf_prog_test_run+0x321/0x390
[  736.261449][T15434]  __sys_bpf+0x49d/0x890
[  736.265688][T15434]  ? bpf_link_show_fdinfo+0x390/0x390
[  736.271075][T15434]  ? lock_chain_count+0x20/0x20
[  736.275952][T15434]  __x64_sys_bpf+0x7c/0x90
[  736.280394][T15434]  do_syscall_64+0x55/0xa0
[  736.284831][T15434]  ? clear_bhb_loop+0x40/0x90
[  736.289550][T15434]  ? clear_bhb_loop+0x40/0x90
[  736.294233][T15434]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  736.300121][T15434] RIP: 0033:0x7f891799c799
[  736.304534][T15434] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  736.324153][T15434] RSP: 002b:00007f8918868028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  736.332565][T15434] RAX: ffffffffffffffda RBX: 00007f8917c15fa0 RCX: 00007f891799c799
[  736.340531][T15434] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 000000000000000a
[  736.348500][T15434] RBP: 00007f8918868090 R08: 0000000000000000 R09: 0000000000000000
[  736.356472][T15434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  736.364456][T15434] R13: 00007f8917c16038 R14: 00007f8917c15fa0 R15: 00007ffd55c99cb8
[  736.372457][T15434]  </TASK>
[  738.281457][T15446] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3191'.
[  738.817397][T15464] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.3200'.
[  739.207760][T15470] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3202'.
[  739.853982][T15472] syzkaller0: entered promiscuous mode
[  739.863117][T15472] syzkaller0: entered allmulticast mode
[  742.228905][T15495] FAULT_INJECTION: forcing a failure.
[  742.228905][T15495] name failslab, interval 1, probability 0, space 0, times 0
[  742.241633][T15495] CPU: 1 PID: 15495 Comm: syz.2.3210 Not tainted syzkaller #0
[  742.249096][T15495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  742.259150][T15495] Call Trace:
[  742.262425][T15495]  <TASK>
[  742.265349][T15495]  dump_stack_lvl+0x18c/0x250
[  742.270042][T15495]  ? show_regs_print_info+0x20/0x20
[  742.275241][T15495]  ? load_image+0x400/0x400
[  742.279752][T15495]  should_fail_ex+0x39d/0x4d0
[  742.284438][T15495]  should_failslab+0x9/0x20
[  742.288970][T15495]  slab_pre_alloc_hook+0x59/0x310
[  742.293995][T15495]  ? find_exception+0x175/0xa30
[  742.298847][T15495]  kmem_cache_alloc+0x5a/0x2d0
[  742.303610][T15495]  ? dst_alloc+0x105/0x170
[  742.308024][T15495]  dst_alloc+0x105/0x170
[  742.312269][T15495]  ip_route_output_key_hash_rcu+0x14f6/0x2370
[  742.318351][T15495]  ? ip_route_output_key_hash+0x13d/0x330
[  742.324079][T15495]  ip_route_output_key_hash+0x1f3/0x330
[  742.329632][T15495]  ? ip_route_input_rcu+0x30f0/0x30f0
[  742.335002][T15495]  ? ___sys_sendmsg+0x2a6/0x360
[  742.339846][T15495]  ? __siphash_unaligned+0x25f/0x3a0
[  742.345156][T15495]  ? dst_cache_per_cpu_get+0x180/0x2d0
[  742.350611][T15495]  ip_route_output_flow+0x2a/0x150
[  742.355815][T15495]  geneve_get_v4_rt+0x7f4/0xcd0
[  742.360672][T15495]  ? jhash+0x430/0x430
[  742.364824][T15495]  ? skb_tunnel_info+0x330/0x330
[  742.369765][T15495]  geneve_xmit+0x6fc/0x3540
[  742.374273][T15495]  ? geneve_xmit+0x15e/0x3540
[  742.378972][T15495]  ? verify_lock_unused+0x140/0x140
[  742.384196][T15495]  ? xfrm_init_replay+0x2a0/0x2a0
[  742.389229][T15495]  ? geneve_stop+0x1b0/0x1b0
[  742.393827][T15495]  ? validate_xmit_skb+0x949/0xf60
[  742.398946][T15495]  ? __local_bh_disable_ip+0x108/0x1a0
[  742.404399][T15495]  ? __bpf_trace_tasklet+0x160/0x160
[  742.409688][T15495]  ? validate_xmit_skb_list+0x120/0x120
[  742.415244][T15495]  ? netdev_pick_tx+0x7c9/0xc20
[  742.420111][T15495]  ? __lock_acquire+0x7d40/0x7d40
[  742.425174][T15495]  __dev_direct_xmit+0x4d7/0x7a0
[  742.430110][T15495]  ? __dev_direct_xmit+0x365/0x7a0
[  742.435218][T15495]  ? __dev_queue_xmit+0x3660/0x3660
[  742.440443][T15495]  ? netdev_pick_tx+0x7c9/0xc20
[  742.445304][T15495]  packet_xmit+0x1c0/0x330
[  742.449727][T15495]  packet_sendmsg+0x3b7a/0x4d70
[  742.454609][T15495]  ? verify_lock_unused+0x140/0x140
[  742.459812][T15495]  ? mark_lock+0x94/0x320
[  742.464170][T15495]  ? __lock_acquire+0x1273/0x7d40
[  742.469192][T15495]  ? verify_lock_unused+0x140/0x140
[  742.474396][T15495]  ? aa_sk_perm+0x83c/0x970
[  742.478900][T15495]  ? packet_getsockopt+0xad0/0xad0
[  742.484017][T15495]  ? aa_sock_msg_perm+0x94/0x150
[  742.488961][T15495]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  742.494244][T15495]  ? security_socket_sendmsg+0x80/0xa0
[  742.499698][T15495]  ? packet_getsockopt+0xad0/0xad0
[  742.504811][T15495]  ____sys_sendmsg+0x5ba/0x960
[  742.509576][T15495]  ? __lock_acquire+0x7d40/0x7d40
[  742.514600][T15495]  ? __asan_memset+0x22/0x40
[  742.519186][T15495]  ? __sys_sendmsg_sock+0x30/0x30
[  742.524202][T15495]  ? __import_iovec+0x3fa/0x850
[  742.529070][T15495]  ? import_iovec+0x73/0xa0
[  742.533657][T15495]  ___sys_sendmsg+0x2a6/0x360
[  742.538328][T15495]  ? get_pid_task+0x20/0x1e0
[  742.542917][T15495]  ? __sys_sendmsg+0x2a0/0x2a0
[  742.547688][T15495]  ? __lock_acquire+0x7d40/0x7d40
[  742.552725][T15495]  __se_sys_sendmsg+0x1c2/0x2b0
[  742.557572][T15495]  ? __x64_sys_sendmsg+0x80/0x80
[  742.562513][T15495]  ? lockdep_hardirqs_on+0x98/0x150
[  742.567731][T15495]  do_syscall_64+0x55/0xa0
[  742.572180][T15495]  ? clear_bhb_loop+0x40/0x90
[  742.576867][T15495]  ? clear_bhb_loop+0x40/0x90
[  742.581629][T15495]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  742.587526][T15495] RIP: 0033:0x7f891799c799
[  742.591943][T15495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  742.611637][T15495] RSP: 002b:00007f8918868028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  742.620051][T15495] RAX: ffffffffffffffda RBX: 00007f8917c15fa0 RCX: 00007f891799c799
[  742.628021][T15495] RDX: 0000000004000080 RSI: 0000200000000240 RDI: 0000000000000003
[  742.635986][T15495] RBP: 00007f8918868090 R08: 0000000000000000 R09: 0000000000000000
[  742.643979][T15495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.651954][T15495] R13: 00007f8917c16038 R14: 00007f8917c15fa0 R15: 00007ffd55c99cb8
[  742.660025][T15495]  </TASK>
[  744.782578][T15514] netlink: 'syz.3.3216': attribute type 10 has an invalid length.
[  745.026975][T15533] FAULT_INJECTION: forcing a failure.
[  745.026975][T15533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.081059][T15533] CPU: 0 PID: 15533 Comm: syz.1.3221 Not tainted syzkaller #0
[  745.088585][T15533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  745.098658][T15533] Call Trace:
[  745.101963][T15533]  <TASK>
[  745.104915][T15533]  dump_stack_lvl+0x18c/0x250
[  745.109615][T15533]  ? show_regs_print_info+0x20/0x20
[  745.114832][T15533]  ? load_image+0x400/0x400
[  745.119379][T15533]  ? __might_fault+0xaa/0x120
[  745.124097][T15533]  should_fail_ex+0x39d/0x4d0
[  745.128824][T15533]  copyin+0x1a/0x90
[  745.132674][T15533]  _copy_from_iter+0x54f/0x12e0
[  745.137557][T15533]  ? __virt_addr_valid+0x18c/0x540
[  745.142706][T15533]  ? copyout_mc+0x70/0x70
[  745.147062][T15533]  ? __virt_addr_valid+0x18c/0x540
[  745.152207][T15533]  ? __virt_addr_valid+0x18c/0x540
[  745.157344][T15533]  ? __virt_addr_valid+0x469/0x540
[  745.162476][T15533]  ? __check_object_size+0x506/0xa20
[  745.167756][T15533]  skb_copy_datagram_from_iter+0xf4/0x6e0
[  745.173473][T15533]  ? dev_get_by_index+0x22/0x2d0
[  745.178406][T15533]  ? skb_put+0x11b/0x210
[  745.182636][T15533]  packet_sendmsg+0x3566/0x4d70
[  745.187518][T15533]  ? verify_lock_unused+0x140/0x140
[  745.192734][T15533]  ? mark_lock+0x94/0x320
[  745.197068][T15533]  ? __lock_acquire+0x1273/0x7d40
[  745.202115][T15533]  ? verify_lock_unused+0x140/0x140
[  745.207341][T15533]  ? aa_sk_perm+0x83c/0x970
[  745.211855][T15533]  ? packet_getsockopt+0xad0/0xad0
[  745.216978][T15533]  ? aa_sock_msg_perm+0x94/0x150
[  745.221912][T15533]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  745.227194][T15533]  ? security_socket_sendmsg+0x80/0xa0
[  745.232644][T15533]  ? packet_getsockopt+0xad0/0xad0
[  745.237757][T15533]  ____sys_sendmsg+0x5ba/0x960
[  745.242519][T15533]  ? __lock_acquire+0x7d40/0x7d40
[  745.247589][T15533]  ? __asan_memset+0x22/0x40
[  745.252177][T15533]  ? __sys_sendmsg_sock+0x30/0x30
[  745.257281][T15533]  ? __import_iovec+0x3fa/0x850
[  745.262142][T15533]  ? import_iovec+0x73/0xa0
[  745.266642][T15533]  ___sys_sendmsg+0x2a6/0x360
[  745.271321][T15533]  ? get_pid_task+0x20/0x1e0
[  745.275927][T15533]  ? __sys_sendmsg+0x2a0/0x2a0
[  745.280698][T15533]  ? __lock_acquire+0x7d40/0x7d40
[  745.285734][T15533]  __se_sys_sendmsg+0x1c2/0x2b0
[  745.290586][T15533]  ? __x64_sys_sendmsg+0x80/0x80
[  745.295526][T15533]  ? lockdep_hardirqs_on+0x98/0x150
[  745.300723][T15533]  do_syscall_64+0x55/0xa0
[  745.305234][T15533]  ? clear_bhb_loop+0x40/0x90
[  745.309910][T15533]  ? clear_bhb_loop+0x40/0x90
[  745.314589][T15533]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  745.320485][T15533] RIP: 0033:0x7f0b52b9c799
[  745.324899][T15533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  745.344516][T15533] RSP: 002b:00007f0b53b01028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  745.352928][T15533] RAX: ffffffffffffffda RBX: 00007f0b52e15fa0 RCX: 00007f0b52b9c799
[  745.360986][T15533] RDX: 0000000000004041 RSI: 0000200000000b00 RDI: 0000000000000003
[  745.369129][T15533] RBP: 00007f0b53b01090 R08: 0000000000000000 R09: 0000000000000000
[  745.377186][T15533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  745.385171][T15533] R13: 00007f0b52e16038 R14: 00007f0b52e15fa0 R15: 00007ffc11a4d438
[  745.393178][T15533]  </TASK>
[  745.795892][T15552] netlink: 'syz.3.3228': attribute type 8 has an invalid length.
[  745.815751][T15552] netlink: 'syz.3.3228': attribute type 1 has an invalid length.
[  745.823894][T15552] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3228'.
[  745.874138][T15553] netlink: 'syz.2.3229': attribute type 8 has an invalid length.
[  745.883223][T15553] netlink: 'syz.2.3229': attribute type 1 has an invalid length.
[  745.892873][T15553] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3229'.
[  745.903218][T15558] C: renamed from team_slave_0 (while UP)
[  745.919151][T15558] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3231'.
[  747.116387][T15581] FAULT_INJECTION: forcing a failure.
[  747.116387][T15581] name failslab, interval 1, probability 0, space 0, times 0
[  747.145509][T15581] CPU: 0 PID: 15581 Comm: syz.0.3241 Not tainted syzkaller #0
[  747.153046][T15581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  747.163131][T15581] Call Trace:
[  747.166425][T15581]  <TASK>
[  747.169381][T15581]  dump_stack_lvl+0x18c/0x250
[  747.174186][T15581]  ? show_regs_print_info+0x20/0x20
[  747.179425][T15581]  ? load_image+0x400/0x400
[  747.183974][T15581]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  747.189987][T15581]  ? lock_chain_count+0x20/0x20
[  747.194881][T15581]  should_fail_ex+0x39d/0x4d0
[  747.199606][T15581]  should_failslab+0x9/0x20
[  747.204143][T15581]  slab_pre_alloc_hook+0x59/0x310
[  747.209207][T15581]  ? sctp_add_bind_addr+0x8c/0x360
[  747.214325][T15581]  __kmem_cache_alloc_node+0x53/0x250
[  747.219711][T15581]  ? sctp_add_bind_addr+0x8c/0x360
[  747.224818][T15581]  kmalloc_trace+0x2a/0xe0
[  747.229236][T15581]  sctp_add_bind_addr+0x8c/0x360
[  747.234177][T15581]  sctp_copy_local_addr_list+0x315/0x4f0
[  747.239816][T15581]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  747.245550][T15581]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  747.251648][T15581]  ? sctp_v4_is_any+0x35/0x60
[  747.256342][T15581]  ? sctp_copy_one_addr+0x8c/0x350
[  747.261557][T15581]  sctp_bind_addr_copy+0xb3/0x3c0
[  747.266585][T15581]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  747.272917][T15581]  sctp_connect_new_asoc+0x2f9/0x6a0
[  747.278204][T15581]  ? __sctp_connect+0xd80/0xd80
[  747.283057][T15581]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  747.288602][T15581]  ? security_sctp_bind_connect+0x89/0xb0
[  747.294326][T15581]  sctp_sendmsg+0x1575/0x28c0
[  747.299362][T15581]  ? sctp_getsockopt+0xb60/0xb60
[  747.304388][T15581]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  747.310558][T15581]  ? lockdep_hardirqs_on+0x98/0x150
[  747.315772][T15581]  ? inet_sendmsg+0x18a/0x2f0
[  747.320540][T15581]  ? inet_sendmsg+0xe9/0x2f0
[  747.325128][T15581]  ? inet_send_prepare+0x260/0x260
[  747.330238][T15581]  ____sys_sendmsg+0x5ba/0x960
[  747.335001][T15581]  ? __lock_acquire+0x7d40/0x7d40
[  747.340129][T15581]  ? __asan_memset+0x22/0x40
[  747.344717][T15581]  ? __sys_sendmsg_sock+0x30/0x30
[  747.349737][T15581]  ? __import_iovec+0x5f2/0x850
[  747.354597][T15581]  ? import_iovec+0x73/0xa0
[  747.359098][T15581]  ___sys_sendmsg+0x2a6/0x360
[  747.363798][T15581]  ? __sys_sendmsg+0x2a0/0x2a0
[  747.368650][T15581]  ? irqentry_enter+0x37/0x50
[  747.373363][T15581]  __se_sys_sendmsg+0x1c2/0x2b0
[  747.378222][T15581]  ? __x64_sys_sendmsg+0x80/0x80
[  747.383168][T15581]  ? syscall_enter_from_user_mode+0x2e/0x80
[  747.389061][T15581]  do_syscall_64+0x55/0xa0
[  747.393480][T15581]  ? clear_bhb_loop+0x40/0x90
[  747.398165][T15581]  ? clear_bhb_loop+0x40/0x90
[  747.402838][T15581]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  747.408742][T15581] RIP: 0033:0x7fcd0279c799
[  747.413247][T15581] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  747.432864][T15581] RSP: 002b:00007fcd035ed028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  747.441318][T15581] RAX: ffffffffffffffda RBX: 00007fcd02a15fa0 RCX: 00007fcd0279c799
[  747.449291][T15581] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000011
[  747.457267][T15581] RBP: 00007fcd035ed090 R08: 0000000000000000 R09: 0000000000000000
[  747.465231][T15581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  747.473202][T15581] R13: 00007fcd02a16038 R14: 00007fcd02a15fa0 R15: 00007ffd12f42268
[  747.481187][T15581]  </TASK>
[  747.507538][T15586] netlink: 'syz.1.3243': attribute type 8 has an invalid length.
[  747.523322][T15586] netlink: 'syz.1.3243': attribute type 1 has an invalid length.
[  747.588970][T15586] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3243'.
[  747.626971][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  747.633443][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  747.880958][T15592] netlink: 'syz.3.3245': attribute type 8 has an invalid length.
[  747.893516][T15592] netlink: 'syz.3.3245': attribute type 1 has an invalid length.
[  747.911569][T15592] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3245'.
[  748.498254][T15615] netlink: 'syz.1.3255': attribute type 8 has an invalid length.
[  748.530512][T15615] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3255'.
[  748.560320][T15618] hsr_slave_0: left promiscuous mode
[  748.570854][T15618] hsr_slave_1: left promiscuous mode
[  749.307385][T15632] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3259'.
[  749.637569][T15644] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.3264'.
[  749.769543][T15644] netlink: 21068 bytes leftover after parsing attributes in process `syz.0.3264'.
[  749.958730][T15644] tipc: Started in network mode
[  750.047202][T15644] tipc: Node identity b, cluster identity 73
[  750.138926][T15644] tipc: Node number set to 11
[  752.623279][T15657] netlink: 9286 bytes leftover after parsing attributes in process `syz.0.3269'.
[  752.640523][T15661] validate_nla: 4 callbacks suppressed
[  752.640537][T15661] netlink: 'syz.2.3271': attribute type 10 has an invalid length.
[  752.676372][T15661] team0: Device wg1 is up. Set it down before adding it as a team port
[  753.154192][T15673] netlink: 'syz.2.3276': attribute type 10 has an invalid length.
[  753.548857][T15676] syzkaller0: entered promiscuous mode
[  753.561373][T15676] syzkaller0: entered allmulticast mode
[  755.886712][T15688] netlink: 'syz.1.3278': attribute type 8 has an invalid length.
[  755.903453][T15688] netlink: 'syz.1.3278': attribute type 1 has an invalid length.
[  755.912574][T15688] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3278'.
[  755.942788][T15691] netlink: 'syz.0.3281': attribute type 3 has an invalid length.
[  755.951191][T15691] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3281'.
[  758.005693][T15706] 
: renamed from bond_slave_0 (while UP)
[  758.030340][T15705] netlink: 'syz.0.3284': attribute type 25 has an invalid length.
[  758.055682][T15705] netlink: 'syz.0.3284': attribute type 9 has an invalid length.
[  758.506974][T15723] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3292'.
[  761.209991][T15723] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  761.539256][T15733] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3294'.
[  761.714284][T15735] syzkaller0: entered promiscuous mode
[  761.722464][T15735] syzkaller0: entered allmulticast mode
[  761.731602][T15745] netlink: 'syz.0.3299': attribute type 29 has an invalid length.
[  761.793686][T15745] netlink: 'syz.0.3299': attribute type 29 has an invalid length.
[  761.804460][T15746] netlink: 'syz.0.3299': attribute type 29 has an invalid length.
[  761.813104][T15747] netlink: 'syz.0.3299': attribute type 29 has an invalid length.
[  761.833916][T15740] netlink: 'syz.2.3297': attribute type 8 has an invalid length.
[  761.853489][T15740] netlink: 'syz.2.3297': attribute type 1 has an invalid length.
[  761.886426][T15740] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3297'.
[  763.673458][T15753] netlink: 'syz.3.3300': attribute type 10 has an invalid length.
[  763.689190][T15753] team0: Device ipvlan1 failed to register rx_handler
[  763.798935][T15756] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3301'.
[  767.338693][T15779] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3310'.
[  767.423346][T15782] syzkaller0: entered promiscuous mode
[  767.433087][T15782] syzkaller0: entered allmulticast mode
[  773.137596][T15813] netlink: 'syz.3.3320': attribute type 10 has an invalid length.
[  773.441062][T15825] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3325'.
[  773.500645][T15827] netlink: 'syz.1.3333': attribute type 8 has an invalid length.
[  773.536285][T15827] netlink: 199848 bytes leftover after parsing attributes in process `syz.1.3333'.
[  773.732207][T15833] syz.0.3327[15833] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  773.732461][T15833] syz.0.3327[15833] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  773.972562][T15844] syzkaller0: entered promiscuous mode
[  773.991104][T15844] syzkaller0: entered allmulticast mode
[  774.000146][T15841] netlink: 'syz.3.3330': attribute type 21 has an invalid length.
[  774.120658][T15847] netlink: 'syz.2.3332': attribute type 4 has an invalid length.
[  774.133786][T15847] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3332'.
[  774.159179][T15847] .`: renamed from bond0 (while UP)
[  774.173157][T15847] bond_slave_0: left promiscuous mode
[  774.178876][T15847] bond_slave_1: left promiscuous mode
[  774.184330][T15847] batadv_slave_0: left promiscuous mode
[  774.261270][T15851] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3330'.
[  776.484501][T15854] netlink: 'syz.2.3334': attribute type 10 has an invalid length.
[  776.659784][T15865] netlink: 'syz.3.3337': attribute type 8 has an invalid length.
[  776.667820][T15865] netlink: 199848 bytes leftover after parsing attributes in process `syz.3.3337'.
[  776.867446][T15871] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3340'.
[  776.879311][T15870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3339'.
[  777.285030][T15881] FAULT_INJECTION: forcing a failure.
[  777.285030][T15881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  777.301588][T15878] syzkaller0: entered promiscuous mode
[  777.306812][T15881] CPU: 0 PID: 15881 Comm: syz.1.3345 Not tainted syzkaller #0
[  777.314549][T15881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  777.324622][T15881] Call Trace:
[  777.327912][T15881]  <TASK>
[  777.330945][T15881]  dump_stack_lvl+0x18c/0x250
[  777.335656][T15881]  ? show_regs_print_info+0x20/0x20
[  777.340867][T15881]  ? load_image+0x400/0x400
[  777.345380][T15881]  ? __might_fault+0xaa/0x120
[  777.350065][T15881]  ? __lock_acquire+0x7d40/0x7d40
[  777.355093][T15881]  should_fail_ex+0x39d/0x4d0
[  777.359773][T15881]  _copy_from_user+0x2f/0xe0
[  777.364365][T15881]  generic_map_update_batch+0x59a/0x810
[  777.369910][T15881]  ? rcu_read_unlock+0xa0/0xa0
[  777.374671][T15881]  ? __fdget+0x180/0x210
[  777.378915][T15881]  ? rcu_read_unlock+0xa0/0xa0
[  777.383689][T15881]  bpf_map_do_batch+0x3d7/0x610
[  777.388541][T15881]  __sys_bpf+0x381/0x890
[  777.392783][T15881]  ? bpf_link_show_fdinfo+0x390/0x390
[  777.398169][T15881]  ? lock_chain_count+0x20/0x20
[  777.403027][T15881]  __x64_sys_bpf+0x7c/0x90
[  777.407442][T15881]  do_syscall_64+0x55/0xa0
[  777.411974][T15881]  ? clear_bhb_loop+0x40/0x90
[  777.416741][T15881]  ? clear_bhb_loop+0x40/0x90
[  777.421415][T15881]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  777.427307][T15881] RIP: 0033:0x7f0b52b9c799
[  777.431719][T15881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  777.451325][T15881] RSP: 002b:00007f0b53b01028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  777.459738][T15881] RAX: ffffffffffffffda RBX: 00007f0b52e15fa0 RCX: 00007f0b52b9c799
[  777.467705][T15881] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  777.475672][T15881] RBP: 00007f0b53b01090 R08: 0000000000000000 R09: 0000000000000000
[  777.483636][T15881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  777.491601][T15881] R13: 00007f0b52e16038 R14: 00007f0b52e15fa0 R15: 00007ffc11a4d438
[  777.499586][T15881]  </TASK>
[  777.502727][T15878] syzkaller0: entered allmulticast mode
[  777.776948][T15895] netlink: 'syz.1.3348': attribute type 8 has an invalid length.
[  777.784829][T15895] netlink: 199848 bytes leftover after parsing attributes in process `syz.1.3348'.
[  777.805819][T15887] syzkaller0: entered promiscuous mode
[  777.811344][T15887] syzkaller0: entered allmulticast mode
[  780.028593][T15907] sock: sock_timestamping_bind_phc: sock not bind to device
[  781.600501][T15926] netlink: 'syz.2.3360': attribute type 8 has an invalid length.
[  781.621450][T15926] netlink: 199848 bytes leftover after parsing attributes in process `syz.2.3360'.
[  782.421223][T15900] netlink: 'syz.0.3350': attribute type 10 has an invalid length.
[  783.061581][T15953] netlink: 'syz.1.3370': attribute type 10 has an invalid length.
[  783.250495][T15959] syzkaller0: entered promiscuous mode
[  783.275524][T15959] syzkaller0: entered allmulticast mode
[  783.556612][T15964] netlink: 'syz.0.3372': attribute type 8 has an invalid length.
[  783.564516][T15964] netlink: 199848 bytes leftover after parsing attributes in process `syz.0.3372'.
[  785.972386][T15966] IPv6: Can't replace route, no match found
[  786.396843][T15988] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3380'.
[  786.461570][T15985] netlink: 'syz.1.3380': attribute type 21 has an invalid length.
[  786.711904][T15993] netlink: 'syz.0.3383': attribute type 7 has an invalid length.
[  786.729501][T15994] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3384'.
[  786.840370][T15996] netlink: 'syz.2.3385': attribute type 9 has an invalid length.
[  786.860134][T15996] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3385'.
[  787.041140][T16000] netlink: 'syz.3.3386': attribute type 8 has an invalid length.
[  787.081755][T16000] netlink: 199848 bytes leftover after parsing attributes in process `syz.3.3386'.
[  787.625722][T16007] syzkaller0: entered promiscuous mode
[  787.643922][T16007] syzkaller0: entered allmulticast mode
[  787.922181][T16024] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3394'.
[  788.480388][T16026] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3395'.
[  790.673510][T16038] netlink: 'syz.0.3399': attribute type 10 has an invalid length.
[  790.775665][T16043] FAULT_INJECTION: forcing a failure.
[  790.775665][T16043] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  790.813866][T16043] CPU: 0 PID: 16043 Comm: syz.0.3401 Not tainted syzkaller #0
[  790.821397][T16043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  790.831500][T16043] Call Trace:
[  790.834781][T16043]  <TASK>
[  790.837726][T16043]  dump_stack_lvl+0x18c/0x250
[  790.842437][T16043]  ? show_regs_print_info+0x20/0x20
[  790.847677][T16043]  ? load_image+0x400/0x400
[  790.852199][T16043]  ? __lock_acquire+0x7d40/0x7d40
[  790.857238][T16043]  should_fail_ex+0x39d/0x4d0
[  790.861943][T16043]  prepare_alloc_pages+0x1e2/0x5f0
[  790.867094][T16043]  __alloc_pages+0x134/0x460
[  790.871707][T16043]  ? zone_statistics+0x170/0x170
[  790.876669][T16043]  ? alloc_pages+0x4dc/0x740
[  790.881275][T16043]  ? do_raw_spin_unlock+0x121/0x230
[  790.886496][T16043]  __get_free_pages+0xc/0x30
[  790.891122][T16043]  kasan_populate_vmalloc_pte+0x35/0x100
[  790.897059][T16043]  __apply_to_page_range+0x860/0xdd0
[  790.902481][T16043]  ? kasan_populate_vmalloc+0x70/0x70
[  790.907888][T16043]  ? apply_to_page_range+0x50/0x50
[  790.913018][T16043]  ? do_raw_spin_unlock+0x121/0x230
[  790.918244][T16043]  alloc_vmap_area+0x1d0c/0x1e30
[  790.923201][T16043]  ? vm_map_ram+0xcb0/0xcb0
[  790.927709][T16043]  ? rcu_is_watching+0x15/0xb0
[  790.932475][T16043]  __get_vm_area_node+0x162/0x370
[  790.937510][T16043]  __vmalloc_node_range+0x36e/0x1330
[  790.942818][T16043]  ? array_map_alloc+0x280/0x6f0
[  790.947851][T16043]  ? end_current_label_crit_section+0x170/0x170
[  790.954091][T16043]  ? __asan_memset+0x22/0x40
[  790.958696][T16043]  ? free_vm_area+0x50/0x50
[  790.963194][T16043]  ? apparmor_capable+0x137/0x1a0
[  790.968212][T16043]  ? bpf_lsm_capable+0x9/0x10
[  790.972894][T16043]  bpf_map_area_alloc+0xf1/0x110
[  790.977851][T16043]  ? array_map_alloc+0x280/0x6f0
[  790.982812][T16043]  array_map_alloc+0x280/0x6f0
[  790.987592][T16043]  prog_array_map_alloc+0x17a/0x200
[  790.992794][T16043]  map_create+0x877/0x12f0
[  790.997206][T16043]  ? bpf_lsm_bpf+0x9/0x10
[  791.001548][T16043]  __sys_bpf+0x651/0x890
[  791.005791][T16043]  ? bpf_link_show_fdinfo+0x390/0x390
[  791.011169][T16043]  ? lock_chain_count+0x20/0x20
[  791.016032][T16043]  __x64_sys_bpf+0x7c/0x90
[  791.020460][T16043]  do_syscall_64+0x55/0xa0
[  791.024872][T16043]  ? clear_bhb_loop+0x40/0x90
[  791.029540][T16043]  ? clear_bhb_loop+0x40/0x90
[  791.034209][T16043]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  791.040114][T16043] RIP: 0033:0x7fcd0279c799
[  791.044523][T16043] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  791.064393][T16043] RSP: 002b:00007fcd035ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  791.072821][T16043] RAX: ffffffffffffffda RBX: 00007fcd02a15fa0 RCX: 00007fcd0279c799
[  791.080806][T16043] RDX: 0000000000000050 RSI: 00002000000009c0 RDI: 0000000000000000
[  791.088899][T16043] RBP: 00007fcd035ed090 R08: 0000000000000000 R09: 0000000000000000
[  791.096871][T16043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  791.104858][T16043] R13: 00007fcd02a16038 R14: 00007fcd02a15fa0 R15: 00007ffd12f42268
[  791.112833][T16043]  </TASK>
[  791.143520][T16048] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3404'.
[  791.283372][T16051] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3406'.
[  791.782885][T16065] syzkaller0: entered promiscuous mode
[  791.810011][T16065] syzkaller0: entered allmulticast mode
[  791.875015][T16061] netlink: 'syz.0.3410': attribute type 1 has an invalid length.
[  791.883383][T16061] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.3410'.
[  791.895767][T16061] netlink: 1 bytes leftover after parsing attributes in process `syz.0.3410'.
[  792.080273][T16081] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3416'.
[  792.304695][T16085] Dead loop on virtual device ip6_vti0, fix it urgently!
[  794.481002][T16105] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3424'.
[  794.523885][T16110] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3427'.
[  795.088268][T16126] FAULT_INJECTION: forcing a failure.
[  795.088268][T16126] name failslab, interval 1, probability 0, space 0, times 0
[  795.101063][T16126] CPU: 0 PID: 16126 Comm: syz.3.3434 Not tainted syzkaller #0
[  795.108550][T16126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  795.118980][T16126] Call Trace:
[  795.122276][T16126]  <TASK>
[  795.125218][T16126]  dump_stack_lvl+0x18c/0x250
[  795.129933][T16126]  ? trace_event_raw_event_lock+0x250/0x250
[  795.135864][T16126]  ? show_regs_print_info+0x20/0x20
[  795.141106][T16126]  ? load_image+0x400/0x400
[  795.145671][T16126]  should_fail_ex+0x39d/0x4d0
[  795.150474][T16126]  should_failslab+0x9/0x20
[  795.155005][T16126]  slab_pre_alloc_hook+0x59/0x310
[  795.160055][T16126]  kmem_cache_alloc+0x5a/0x2d0
[  795.164849][T16126]  ? __nf_conntrack_alloc+0x99/0x380
[  795.170148][T16126]  __nf_conntrack_alloc+0x99/0x380
[  795.175266][T16126]  init_conntrack+0x177/0xf10
[  795.179953][T16126]  ? early_drop+0x7f0/0x7f0
[  795.184459][T16126]  ? nf_conntrack_find_get+0x650/0x650
[  795.189920][T16126]  ? __local_bh_enable_ip+0x13a/0x1c0
[  795.195291][T16126]  ? __siphash_unaligned+0x22e/0x3a0
[  795.200588][T16126]  nf_conntrack_in+0xc06/0x15c0
[  795.205476][T16126]  ? nf_ct_pernet+0x270/0x270
[  795.210186][T16126]  ? ipt_do_table+0x2c1/0x15e0
[  795.215055][T16126]  ? read_lock_is_recursive+0x20/0x20
[  795.220428][T16126]  ? ipv4_conntrack_defrag+0x29d/0x5a0
[  795.225886][T16126]  ? ipv4_conntrack_local+0x123/0x200
[  795.231348][T16126]  ? ipv4_conntrack_in+0x20/0x20
[  795.236285][T16126]  nf_hook_slow+0xbd/0x200
[  795.240705][T16126]  ? nf_hook+0x390/0x390
[  795.244954][T16126]  nf_hook+0x228/0x390
[  795.249031][T16126]  ? nf_hook+0xa2/0x390
[  795.253188][T16126]  ? __ip_local_out+0x5f0/0x5f0
[  795.258047][T16126]  ? nf_hook+0x390/0x390
[  795.262291][T16126]  ? perf_trace_lock+0xfc/0x3b0
[  795.267153][T16126]  ? ip_fast_csum+0x1ee/0x2b0
[  795.271848][T16126]  __ip_local_out+0x4db/0x5f0
[  795.276540][T16126]  ? nf_hook+0x390/0x390
[  795.280792][T16126]  ip_local_out+0x2a/0x130
[  795.285217][T16126]  iptunnel_xmit+0x4f0/0x920
[  795.289826][T16126]  udp_tunnel_xmit_skb+0x249/0x390
[  795.294954][T16126]  geneve_xmit+0x26a8/0x3540
[  795.299562][T16126]  ? geneve_xmit+0x15e/0x3540
[  795.304247][T16126]  ? verify_lock_unused+0xd0/0x140
[  795.309396][T16126]  ? geneve_stop+0x1b0/0x1b0
[  795.313995][T16126]  ? trace_event_raw_event_lock+0x250/0x250
[  795.319903][T16126]  ? validate_xmit_skb+0x949/0xf60
[  795.325065][T16126]  ? __local_bh_disable_ip+0x108/0x1a0
[  795.330532][T16126]  ? __bpf_trace_tasklet+0x160/0x160
[  795.335814][T16126]  ? validate_xmit_skb_list+0x120/0x120
[  795.341814][T16126]  ? netdev_pick_tx+0x7c9/0xc20
[  795.346668][T16126]  ? __lock_acquire+0x7d40/0x7d40
[  795.351704][T16126]  __dev_direct_xmit+0x4d7/0x7a0
[  795.356647][T16126]  ? __dev_direct_xmit+0x365/0x7a0
[  795.361763][T16126]  ? __dev_queue_xmit+0x3660/0x3660
[  795.366966][T16126]  ? netdev_pick_tx+0x7c9/0xc20
[  795.371824][T16126]  packet_xmit+0x1c0/0x330
[  795.376253][T16126]  packet_sendmsg+0x3b7a/0x4d70
[  795.381140][T16126]  ? verify_lock_unused+0x140/0x140
[  795.386353][T16126]  ? perf_trace_lock_acquire+0x104/0x410
[  795.392024][T16126]  ? aa_sk_perm+0x83c/0x970
[  795.396537][T16126]  ? packet_getsockopt+0xad0/0xad0
[  795.401666][T16126]  ? aa_sock_msg_perm+0x94/0x150
[  795.406725][T16126]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  795.412036][T16126]  ? security_socket_sendmsg+0x80/0xa0
[  795.417510][T16126]  ? packet_getsockopt+0xad0/0xad0
[  795.422642][T16126]  ____sys_sendmsg+0x5ba/0x960
[  795.427409][T16126]  ? __lock_acquire+0x7d40/0x7d40
[  795.432442][T16126]  ? __asan_memset+0x22/0x40
[  795.437036][T16126]  ? __sys_sendmsg_sock+0x30/0x30
[  795.442060][T16126]  ? __import_iovec+0x3fa/0x850
[  795.446925][T16126]  ? import_iovec+0x73/0xa0
[  795.451433][T16126]  ___sys_sendmsg+0x2a6/0x360
[  795.456146][T16126]  ? __sys_sendmsg+0x2a0/0x2a0
[  795.460936][T16126]  ? __lock_acquire+0x7d40/0x7d40
[  795.465991][T16126]  __se_sys_sendmsg+0x1c2/0x2b0
[  795.470848][T16126]  ? __x64_sys_sendmsg+0x80/0x80
[  795.475814][T16126]  ? lockdep_hardirqs_on+0x98/0x150
[  795.481022][T16126]  do_syscall_64+0x55/0xa0
[  795.485465][T16126]  ? clear_bhb_loop+0x40/0x90
[  795.490144][T16126]  ? clear_bhb_loop+0x40/0x90
[  795.494915][T16126]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  795.500807][T16126] RIP: 0033:0x7ff235d9c799
[  795.505221][T16126] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  795.524838][T16126] RSP: 002b:00007ff236ca8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  795.533256][T16126] RAX: ffffffffffffffda RBX: 00007ff236015fa0 RCX: 00007ff235d9c799
[  795.541234][T16126] RDX: 0000000004000080 RSI: 0000200000000240 RDI: 0000000000000003
[  795.549227][T16126] RBP: 00007ff236ca8090 R08: 0000000000000000 R09: 0000000000000000
[  795.557220][T16126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  795.565641][T16126] R13: 00007ff236016038 R14: 00007ff236015fa0 R15: 00007fff21358688
[  795.573637][T16126]  </TASK>
[  795.715622][T16133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  795.723270][T16133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  795.901234][T16139] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.3439'.
[  796.039499][T16144] netlink: 'syz.3.3441': attribute type 10 has an invalid length.
[  796.129977][T16146] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3442'.
[  796.494023][T16164] FAULT_INJECTION: forcing a failure.
[  796.494023][T16164] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  796.530708][T16164] CPU: 1 PID: 16164 Comm: syz.1.3449 Not tainted syzkaller #0
[  796.538235][T16164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  796.548356][T16164] Call Trace:
[  796.551665][T16164]  <TASK>
[  796.554615][T16164]  dump_stack_lvl+0x18c/0x250
[  796.559328][T16164]  ? show_regs_print_info+0x20/0x20
[  796.564562][T16164]  ? load_image+0x400/0x400
[  796.569180][T16164]  ? __lock_acquire+0x7d40/0x7d40
[  796.574234][T16164]  ? snprintf+0xe9/0x140
[  796.578571][T16164]  should_fail_ex+0x39d/0x4d0
[  796.583279][T16164]  _copy_to_user+0x2f/0xa0
[  796.587723][T16164]  simple_read_from_buffer+0xe7/0x150
[  796.593133][T16164]  proc_fail_nth_read+0x1e8/0x260
[  796.598173][T16164]  ? proc_fault_inject_write+0x360/0x360
[  796.603826][T16164]  ? fsnotify_perm+0x271/0x5e0
[  796.608637][T16164]  ? proc_fault_inject_write+0x360/0x360
[  796.614307][T16164]  vfs_read+0x28b/0x970
[  796.618479][T16164]  ? kernel_read+0x1e0/0x1e0
[  796.623075][T16164]  ? __fget_files+0x28/0x4b0
[  796.627759][T16164]  ? __fget_files+0x28/0x4b0
[  796.632348][T16164]  ? __fget_files+0x43d/0x4b0
[  796.637028][T16164]  ? __fdget_pos+0x2a3/0x330
[  796.641615][T16164]  ? ksys_read+0x75/0x260
[  796.645945][T16164]  ksys_read+0x150/0x260
[  796.650188][T16164]  ? vfs_write+0x990/0x990
[  796.654601][T16164]  ? lockdep_hardirqs_on+0x98/0x150
[  796.659794][T16164]  do_syscall_64+0x55/0xa0
[  796.664212][T16164]  ? clear_bhb_loop+0x40/0x90
[  796.668973][T16164]  ? clear_bhb_loop+0x40/0x90
[  796.673647][T16164]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  796.679536][T16164] RIP: 0033:0x7f0b52b5cfce
[  796.683950][T16164] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  796.703649][T16164] RSP: 002b:00007f0b53b00fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  796.712064][T16164] RAX: ffffffffffffffda RBX: 00007f0b53b016c0 RCX: 00007f0b52b5cfce
[  796.720029][T16164] RDX: 000000000000000f RSI: 00007f0b53b010a0 RDI: 0000000000000004
[  796.727995][T16164] RBP: 00007f0b53b01090 R08: 0000000000000000 R09: 0000000000000000
[  796.735970][T16164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  796.743970][T16164] R13: 00007f0b52e16038 R14: 00007f0b52e15fa0 R15: 00007ffc11a4d438
[  796.751952][T16164]  </TASK>
[  796.803455][T16168] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.3450'.
[  796.871846][T16172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3451'.
[  796.888109][T16175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3451'.
[  797.135090][T16185] netlink: 'syz.1.3456': attribute type 10 has an invalid length.
[  797.312281][T16185] team0: Device wg1 is of different type
[  797.714954][T16195] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.3459'.
[  797.739643][T16195] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.3459'.
[  797.749483][T16195] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3459'.
[  798.095850][T16203] ------------[ cut here ]------------
[  798.101387][T16203] WARNING: CPU: 0 PID: 16203 at kernel/events/core.c:6806 perf_pending_task+0x35c/0x470
[  798.111345][T16203] Modules linked in:
[  798.115269][T16203] CPU: 0 PID: 16203 Comm: syz.1.3463 Not tainted syzkaller #0
[  798.122818][T16203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  798.133043][T16203] RIP: 0010:perf_pending_task+0x35c/0x470
[  798.138899][T16203] Code: ff 84 db 75 14 e8 74 e0 d5 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 60 e0 d5 ff e8 7b 61 4f ff eb e5 e8 54 e0 d5 ff <0f> 0b e9 f3 fe ff ff e8 48 e0 d5 ff 48 c7 c7 70 f3 1c 8d 4c 89 f6
[  798.158683][T16203] RSP: 0018:ffffc9000c39f9c0 EFLAGS: 00010293
[  798.164781][T16203] RAX: ffffffff81b13c0c RBX: ffff888040130468 RCX: ffff88802c2c8000
[  798.172957][T16203] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  798.181118][T16203] RBP: 0000000000000001 R08: ffffffff8e8aeeef R09: 1ffffffff1d15ddd
[  798.189267][T16203] R10: dffffc0000000000 R11: fffffbfff1d15dde R12: ffff88802c2c8000
[  798.197300][T16203] R13: ffff88804410e930 R14: ffff888040130228 R15: 1ffff11008026045
[  798.205289][T16203] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  798.214307][T16203] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  798.221274][T16203] CR2: 0000000000000000 CR3: 000000006a8f0000 CR4: 00000000003506f0
[  798.229404][T16203] DR0: 0000000000000000 DR1: 0000200000000300 DR2: 0000000000000000
[  798.237447][T16203] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  798.245515][T16203] Call Trace:
[  798.248819][T16203]  <TASK>
[  798.251766][T16203]  task_work_run+0x1d4/0x260
[  798.256476][T16203]  ? task_work_cancel+0x220/0x220
[  798.261541][T16203]  do_exit+0x95a/0x2460
[  798.265767][T16203]  ? put_task_struct+0xc0/0xc0
[  798.270558][T16203]  ? preempt_schedule_common+0x82/0xc0
[  798.276132][T16203]  ? preempt_schedule+0xc0/0xd0
[  798.281009][T16203]  ? schedule_preempt_disabled+0x20/0x20
[  798.286748][T16203]  ? lock_chain_count+0x20/0x20
[  798.291633][T16203]  do_group_exit+0x21b/0x2d0
[  798.296287][T16203]  get_signal+0x12fc/0x13f0
[  798.300838][T16203]  arch_do_signal_or_restart+0xc2/0x800
[  798.306470][T16203]  ? get_sigframe_size+0x20/0x20
[  798.311435][T16203]  ? perf_trace_preemptirq_template+0xac/0x330
[  798.317667][T16203]  ? ksys_write+0x1fb/0x260
[  798.322196][T16203]  ? exit_to_user_mode_loop+0x3b/0x110
[  798.327772][T16203]  exit_to_user_mode_loop+0x70/0x110
[  798.333083][T16203]  exit_to_user_mode_prepare+0xee/0x180
[  798.338733][T16203]  syscall_exit_to_user_mode+0x1a/0x50
[  798.344215][T16203]  do_syscall_64+0x61/0xa0
[  798.348748][T16203]  ? clear_bhb_loop+0x40/0x90
[  798.353443][T16203]  ? clear_bhb_loop+0x40/0x90
[  798.358219][T16203]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  798.364147][T16203] RIP: 0033:0x7f0b52b9c799
[  798.368640][T16203] Code: Unable to access opcode bytes at 0x7f0b52b9c76f.
[  798.375718][T16203] RSP: 002b:00007f0b53b01028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  798.384162][T16203] RAX: 0000000000000012 RBX: 00007f0b52e15fa0 RCX: 00007f0b52b9c799
[  798.392242][T16203] RDX: 0000000000000012 RSI: 0000200000000200 RDI: 0000000000000010
[  798.400308][T16203] RBP: 00007f0b52c32c99 R08: 0000000000000000 R09: 0000000000000000
[  798.408432][T16203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  798.416502][T16203] R13: 00007f0b52e16038 R14: 00007f0b52e15fa0 R15: 00007ffc11a4d438
[  798.424522][T16203]  </TASK>
[  798.427667][T16203] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  798.434957][T16203] CPU: 0 PID: 16203 Comm: syz.1.3463 Not tainted syzkaller #0
[  798.442429][T16203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  798.452499][T16203] Call Trace:
[  798.455786][T16203]  <TASK>
[  798.458725][T16203]  dump_stack_lvl+0x18c/0x250
[  798.463422][T16203]  ? show_regs_print_info+0x20/0x20
[  798.468636][T16203]  ? load_image+0x400/0x400
[  798.473181][T16203]  panic+0x2dc/0x730
[  798.477094][T16203]  ? bpf_jit_dump+0xd0/0xd0
[  798.481630][T16203]  __warn+0x2e0/0x470
[  798.485620][T16203]  ? perf_pending_task+0x35c/0x470
[  798.490752][T16203]  ? perf_pending_task+0x35c/0x470
[  798.495877][T16203]  report_bug+0x2be/0x4f0
[  798.500219][T16203]  ? perf_pending_task+0x35c/0x470
[  798.505352][T16203]  ? perf_pending_task+0x35c/0x470
[  798.510490][T16203]  ? perf_pending_task+0x35e/0x470
[  798.515619][T16203]  handle_bug+0xcf/0x120
[  798.519886][T16203]  exc_invalid_op+0x1a/0x50
[  798.524417][T16203]  asm_exc_invalid_op+0x1a/0x20
[  798.529276][T16203] RIP: 0010:perf_pending_task+0x35c/0x470
[  798.535019][T16203] Code: ff 84 db 75 14 e8 74 e0 d5 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 60 e0 d5 ff e8 7b 61 4f ff eb e5 e8 54 e0 d5 ff <0f> 0b e9 f3 fe ff ff e8 48 e0 d5 ff 48 c7 c7 70 f3 1c 8d 4c 89 f6
[  798.554732][T16203] RSP: 0018:ffffc9000c39f9c0 EFLAGS: 00010293
[  798.560903][T16203] RAX: ffffffff81b13c0c RBX: ffff888040130468 RCX: ffff88802c2c8000
[  798.568882][T16203] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  798.576867][T16203] RBP: 0000000000000001 R08: ffffffff8e8aeeef R09: 1ffffffff1d15ddd
[  798.584847][T16203] R10: dffffc0000000000 R11: fffffbfff1d15dde R12: ffff88802c2c8000
[  798.592832][T16203] R13: ffff88804410e930 R14: ffff888040130228 R15: 1ffff11008026045
[  798.600822][T16203]  ? perf_pending_task+0x35c/0x470
[  798.605971][T16203]  task_work_run+0x1d4/0x260
[  798.610582][T16203]  ? task_work_cancel+0x220/0x220
[  798.615715][T16203]  do_exit+0x95a/0x2460
[  798.619898][T16203]  ? put_task_struct+0xc0/0xc0
[  798.624686][T16203]  ? preempt_schedule_common+0x82/0xc0
[  798.630164][T16203]  ? preempt_schedule+0xc0/0xd0
[  798.635037][T16203]  ? schedule_preempt_disabled+0x20/0x20
[  798.640686][T16203]  ? lock_chain_count+0x20/0x20
[  798.645555][T16203]  do_group_exit+0x21b/0x2d0
[  798.650169][T16203]  get_signal+0x12fc/0x13f0
[  798.654705][T16203]  arch_do_signal_or_restart+0xc2/0x800
[  798.660358][T16203]  ? get_sigframe_size+0x20/0x20
[  798.665317][T16203]  ? perf_trace_preemptirq_template+0xac/0x330
[  798.671499][T16203]  ? ksys_write+0x1fb/0x260
[  798.676022][T16203]  ? exit_to_user_mode_loop+0x3b/0x110
[  798.681500][T16203]  exit_to_user_mode_loop+0x70/0x110
[  798.686800][T16203]  exit_to_user_mode_prepare+0xee/0x180
[  798.692366][T16203]  syscall_exit_to_user_mode+0x1a/0x50
[  798.697859][T16203]  do_syscall_64+0x61/0xa0
[  798.702309][T16203]  ? clear_bhb_loop+0x40/0x90
[  798.707004][T16203]  ? clear_bhb_loop+0x40/0x90
[  798.711699][T16203]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  798.717607][T16203] RIP: 0033:0x7f0b52b9c799
[  798.722034][T16203] Code: Unable to access opcode bytes at 0x7f0b52b9c76f.
[  798.729056][T16203] RSP: 002b:00007f0b53b01028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  798.737508][T16203] RAX: 0000000000000012 RBX: 00007f0b52e15fa0 RCX: 00007f0b52b9c799
[  798.745522][T16203] RDX: 0000000000000012 RSI: 0000200000000200 RDI: 0000000000000010
[  798.753509][T16203] RBP: 00007f0b52c32c99 R08: 0000000000000000 R09: 0000000000000000
[  798.761491][T16203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  798.769481][T16203] R13: 00007f0b52e16038 R14: 00007f0b52e15fa0 R15: 00007ffc11a4d438
[  798.777486][T16203]  </TASK>
[  798.780873][T16203] Kernel Offset: disabled
[  798.785194][T16203] Rebooting in 86400 seconds..