last executing test programs:

4.331536516s ago: executing program 2 (id=3694):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x2, &(0x7f0000000000), 0x8)
sendmsg$inet(r0, &(0x7f0000000580)={&(0x7f0000000200)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000440)="efa165d2", 0x4}], 0x1, 0x0, 0x0, 0xf00}, 0x24008048)

4.14603493s ago: executing program 4 (id=3698):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x5, 0x83501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x940, 0x4, 0x0, 0x0, 0x6d1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x880)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="93430000520033d487277b9b100b4ab50a", @ANYRES32, @ANYRES8=r2], 0xfe33)

3.756739034s ago: executing program 4 (id=3701):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e0000000400"/20, @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000700007910080000000000c3000000000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f0000000400)=""/198, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff52}, 0x37)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89a0, &(0x7f00000000c0)='%d\xf1\xfa\xbc$j\xfef;q/\x95\xf4\xe4\x13\x95k#Jz.F\xce\xfb\x9c\x19\xf3v\x88\x91\xbct\xb0\x1bLq\x15\x00\xad\t\x13\xf5U\x02\xc9d6q\xc3\xa5\xcf\x01t\r%\xad-\x13\xb0 U\xaaC\xc388\x13\xc6H\x0f \x03\x9e\xa98\xa1\xc3\xe9\x06C\xd4\xb5\x18}4\xa9yA8\x1fQ\xdfN\x8e\xd7m\xee\xb8N\x98\xef\xff\xddR\xec~c\xcb\x93\x84\x7f\\x6\xedZ\x82\xa0\x1by\x17\x1a\xc8\x98\x99\x0f')
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r0, 0x58, &(0x7f0000000280)}, 0x10)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x101, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x2e, 0xfffffbff, 0x4, 0x402, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000003a00)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x9, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x8183, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0xc360, 0xfffffffe}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0xfffffffffffffd46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402000a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030017000b63d25a80648c2594f93824fc60100c024002000009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x29, 0x23, &(0x7f0000000040), 0xcf)
r5 = socket$kcm(0xf, 0x3, 0x2)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000540)={0x5, 0x80, 0x7, 0x2, 0x3, 0x7, 0x0, 0x6, 0x61002, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000200)}, 0x0, 0x8, 0x424, 0xc, 0x8000000000000001, 0x10, 0x8, 0x0, 0xe227, 0x0, 0x3})
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x1, @empty, 'ip6gre0\x00'}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000240)="7b19ad845e1383b7d835902e0a249433e233d17341788481549b5beca75b7a95ca06bf0712084d16698d3583310aef100ec4aa70821650485d1ace0136", 0x3d}, {&(0x7f0000000740)="0c9da8ae2218920c5d94e2ef86cd9d669238ab50adba962229a5c9bc96198f77f75ef8afc9e73770d9c10ad3654f0a5880f09d22a09cee2784b420e9347ff114375f866b", 0x44}, {&(0x7f00000007c0)="b6f84d23b390b7d7a1ccbfc3ccb9ebbdaec361db431ea6da8b1ca4a9716c269aea7bd1cbc8589074dd7c2049d90973040dc15c42d46917ec0b5481430e26decac76d54ec0ac3c6f04ff042479531c3ae338c1fe689527fa697285f9e238810b94766906af9586904caef6f0569eb3f2b9e20bb11ca9acb303ba3c69bd23cef2f45137cf02f969c70441f5703c3f48b9cfa0dae1311213f90452001453309d4fc23662c67d7a646747ac49df9be3acf54a8e709f3886e417318160069fdcdf7b63e18bfae3707acfc97", 0xc9}], 0x3, &(0x7f0000001bc0)=ANY=[@ANYBLOB="88000000000000000600000005000000907b0f8f3a7b439997663eef85daf68d49c70a5822047dd4be823ae1376e433409678074f38ef33edb55ddf43fec9edf54fc4727fd569f13d0bea8778e9e9b4123ab2fd1acab3a907d45e06fadcce5d0eb4cf8fd77ca10af66976ec2535fe9a45ac6d837089ff8654912b90716c99bca3d15ada4fada9e00e0000000000000000f0100000600000070c02ee44bb3e0376d55ada025f80a5a2bd8cb8450d2781d92327ecc1609af7e5cdff56a5da2049f10f6e929ea5d24282d9926aa8a8910c5c4b5322b640ada326a98747495217858bca0e59e54b924cb21e6182b82832c3809376d81e6b5cd95246b06e99ff564309814699e760f4645830491f7fc89244b61462f1870befb41ea78b0d8771b1f9ae5e2d2d3e014c90bc35e4360aebcbc1e18bad94b72815207de9211172a178522d5ebc716baa04d231a76441e64100a8f23b3f7c24122bef09908e4cfac79b8a5dd1b3c597e2568de50000000000000000e010000b00000006a62fe60624357f52793f7e7d67030cc27c439aeb346c8d52b3f955370966d2800fe1abc514d0d2b66e440672a1896d13c26d73e713d7ff2b10000000000000010100000000000000100000000020000477d74f6bcf812080d0349946f99245bd8ff3f43661508acd2522bfd54741134821a6ab8b068db8c320a1e3528d0cb815bdabb0ac7e4268b49bfcb28a738cb634946b64f0b93e6806fc8d77a3e1fd25f13db0c528b358fceb8cf7b6910db778126ca2dc93878539174c21f47065b6c8509cfb49c6ca7bc95f390e5e501535951e45f8894b791b9417fe7412319c7c781a32f0bd565e7dacabcf5ba9f29e1c03c3176ad1b3108c0cd3b73a6f949cfba87c3fca1dac3a7c24220cc46fef6b5e4ee1a78e2c196ef5a668ff46030f7acc56aba665b73fb517921b7a89e0f5ccea02f283a57c9691beb3164d659c7df531703784a64ca79b4fe0fa1a7346d7e4a836d43e92a2d4282e47e55de846db430ebdce4bf4784a5228f81ca61633239ca5ffd93e19f38a9af28c1b4e81cc7c8918abfd87cf508562588233bbba03f9cf8418bb040266feafe527c38e9e5c3320264a32ece9688c7282618fe3bdee12abd7bb1557d38af572a4586b8e1bad88e390911a8d155b6dafe3c09c39f272a2239c605fa7d65d514c5645c7a92e59f09cd75406a0fe20cc1ef9bf1ae00cdf6f0aeeb33888ccf003a9580ee345b6bcae66f64c4ce297237407d6906fc54e365f58ab933389c74bcfa5e8da414f4ad5ac7017842317a269f7db4081540db67e183fe8b587bd29073f91d2664e9ce623e5c7fe91673479e68d3f83e9e2927187b85cfec20e848f6dd821e91194bfb255ad65cd4c0d5c0e582216a2253048f48e76b14922f34dae6da7b8df800b19688286ce87da6c6680ddfcefc20bf2fdce81be284e3d7cc04e2d949be4fa0b90df8c717db6a7e0aa2f12b0e88e58333c1ce2a6316e8ab20a3c45281d930341c47d04d7a4e1854b194c19ec560d717d8e3df0e4c9f6d8b2c128a051fb58a6f14e1d54ffaeeba21dfb6872cba3b50ad1c46ba8cd8d430bf87205feda0a7700ab9867b0c16c20eff0f94df5b35c96339bdafc47ca65ef18b8ffbf2abaf940edec91c9beac06210c302ec38e063b6f48035fad9aeae21535da2ba0fde3136f688fc81fe80a84a802e8886a7f55ad3e8e35aa46d8c201dbc1a8c2163d07093c67a12cf21614b4057b01c8922ba854460b2e691f91b0fba4bef39b8817c717cd0b24764bf4093317f4d958f4de22cf5aeb0a84fa5e4f60c17a6e01d3176fab92e849688a4c86ff9885c2230ce5b8e47cdf147ee7b76119a48ad6734cf34adf2073b62b72f825a4ef3cc6a67276a75105bfb957f7a0917da4bab3551cd6a4eed218b00f5aba7a0d75e4608211be02aa7d9c62ab42172483c796b610625722b0cb78997010aed8e3c785f8d1da92616c6c06e469867a5c99174637c474336867a501b1b778753b6af6f995ce4b2cda9ec9ed17ef046be2386670a4167c14da5c7136f121a99e37b2362bd6d84c7d0cecc27a589c978ee2f947e08bb5887e28adbc11d3ec66e54fc85e28b43ff58a34dda99c3cef53417eb0573904c91451d1813e974a693ebc11d88fd7c695f57fe317a92118dae46423e1e89fb1f26034600535a987f0b8e0264e0228bed7f85046f395757acae0429985c1a70a4180e517a1f6118ec6d4851d3e65b1e6e4db6f19ecf450ccaaa9e9b97ec7d27a65142a3f76e100c911da8e6f29580111442319b676ead5168e9118d2c83ae2a4bebfb649e7a4792d3227b384db2ba840d533133fb108fea4b652c6d0377e8980252702a0046fadcb616e6e2f3e1e526f83de608965d9229fffa86d4f2233a9bace6ead183345bb2b3533f41acdea847c0c9937b88f6742fb5cda672b8ace2e9decc7267783ed7e02b04d58eb03d938d9d9ab3bcacee147fcc024214b2ed10728636aa08375cb862df6ae0f579fbc8767c8571a9d30c931e6f80429ae271e5a037793d893527038e938b2eee8dbe4c1282c71c5e19e836b43ced97ae2021faafad5050f69835b46926cd104f6aef0c37fac7d29396dbd148aae589580c1ed594d6efc9286e6f828d718aea31cc173a13b7f4336e98a61fb95c37029ff3093c612e46b92c5495f343d90cb28087b4dfd05a19478aac6c6b8f814f988dd2956022b9dd87de26024bf1a17ae786bbf74453002abce63b5b41905c3120febc3e8d1b77c5a835f6b8e9931eaba226ab516a42bdc8c715795dfa8566d4c5887d26490a4de63bbf8840800b31c0ba35ae300c6f0788f2882e38ac1d7993a99f2025a110d4e0d13a37fc0a2ff75455f8c322866d57390454f4d52e36532529047ce00509dd3ed21770e67ca6380964bdbd442f5324fe4a0b555ccc8c580b795e830bc7086a09a9a739db05747aab41943403ac3eae06f49dd032f8835f5be5fb55dd8059c840e4eba67f5078db96a6a6e00a9a3ff32eeefaa300800f3bb7cd294f56125939ba3b33c2f23e9ec4eb39677f15952ae0b44b2965aceda0f2dd364adca12584e9686bc1a90d8557fdc9a06b732db3cf6f70cf26ae6b0f169c3f157f73391feba443cdb4544c68d3ae041812933c4fa25ea8600fa3a409527d3038cea95a7bb52db92d668fc1f0cea8e20d133b38ab575d7e1937cf172acb705d2ebeac96c90fc177b2f3cf291562345f759d80054b9a4ebbe96798ca250a297d29481cfebd3253410b87885088e28a9366d5e32428c6d271ba5a0ee5163274df7b1c6a9f2e0d1f9766c2492d3df8902e9a2a9b179864a21ec555954d5ad277bdbff48144753375590e2cfa8995d8ed40505ef71d54fcde3ae9b8f83a9dbff91d308918c6aad1b831b72422a68f139b6aa65ae89c6895205519541cf9a77b8b5c9a5a887ac5427b31aae35e1916146e022da13ae9d81f4bbcfc019c7b552f3d8621ad8949c18abf39993d9631f880a08771e296ad4cd6dfd8b2665a7305c50ab0a40b1cd09e7ee817d5b5a597e7e35e2fb0bf83892ad6cf7543d9d2fa51711d4070dfa99c5a6435e55d403a1009cc4658e4e9b6f1e9ca397e5eee4f11b97294545d32db0e21c35ff6f0e020815d44b5cba3d59987417bfb1b5685e582d6efb6501be4fc2d2e75ac0e30429b8ef147f22f142a4c760f3595121f95fbf64ab68b3acdba503d276d457358fd519f7d5126cdb5831607b1cc6c79ad030228c0e8fd1744cc3ffc27313bb1515a9e74e1d6c85ddbedce4719cfd0033d0d81ee32e71f15c82966afa4d39ecafc5230226e2126ccf0ce5d34b873486fce7b15579d756f53fe827fba42a05f30a7a380ecf431c6e42d02b72488b5b8ad343d3d174034386db0c039a90785911a0c74599912cab144182321b1fa7f3233403a619237dac195798d60a90e143f3a36ede757524e3bbeace30d5c6bc9d5040c0bab4931a50c5bd85723d5dc8e0d0732b23ab7e46777ac67f16e2bb07f6cc00594842ad3db74ed9a4d2f153d6f342881e546d5517ed1c463571ca7848cf4c645005ac55a62a520eec1c01685d1ad4805eebe10597e1601d74ec09bd775282fdbf0c776aaa6cf4f16d282d33a050e780135538a0a4a7b64ec28f167c3faa3f50c5f40b4a656b54479458dfc54396636c5873abee6c316ba406441fe1447f1641f92a08bf4e5dfe6c07113d3682ecc579cc904aa2f8ab6bfb1f5a0d3b721da49e89fde1daced4ff66d45c861f641e66fd156e3cc2adc9edec7995da23f28dbaa6f296d00159d274b9fa09de6f375b0dd169f5477a6a5ddee36b47639c959d03c3bd3683d878fd45d6b352dcfe72a036e41a23ca4cad12d7d3e6e0570acbc66bf6d8d26407def181bb783c10caa98974175aa2b6c0d320a25ad1ed75aeb0ce4780154e097466ebe42a30cf3760cba7251067f1b6392a0ba890aa4b2aae0be500b3754ff7882edd37333b25ce25e376c190ffc7225ba5f727224af59c34f362065fde6b82979c19b9748e9551fdd7008d438a7ee31fc9985ca6ec6bb9c31ea4b85cbc07d857572fde47490a1686c59ba496271311ddd1bb3946ad779c59fd4a7795a9ef1c5922da1fa8cf1f2c704f2d22ca38714c0f4754b2be43c8ce230c744237d524416b44af167082d480275def2d7fda04bdb223b6a171afcd556593ce57f582cf7f1ed15f8db71b56eb9d9288977dfbbc05c6e4d74025f225ab5849fd838ab7fba7dd9023ede3e77180cf53ed67333c627380b2e34303ed834bb8bdcccd87bd73d6246cec884b20ec7e56e2b471b65e9ab33e6822c6a26b1695f40e1bf7f5db2c94c099efc92e02e7a8e38edc582be720ce4e0f9993a64a2de0d61caf872ad932646002e4d0dc054c59632845ea24b44bb09a74b85ffee6591daacd1374ed4926d4893a1ba748b2fdd406edf3350748ad1d7048c73d433352b79de9488963a29e7dcc3ac6aca67ecaab4caae4da9aeae29fb100e918e237d59b5c2a8e8de8ce33cbb16a9b9c4707238e11b96fd0aaab8112bd9cb0431cb492c5d49664312699d2b3fc101212b892dcf3d85259381485dd6267ca3d5aad1128825dbb4727217bed96d4abe44e247288451f76b0faa8e8f4be55a77e006779b1a5735d1e9469ca1c73cd6327ad3d1dcbe28313cbae378d04ee30824bdff382947903f3e6782eecd2633c3badf98a053805089445001229a57931d361c3a01e69e274a9fad3310e5b289d3f91551be26af88a5f90b6e1dd80034780b53fa2b98aeb1a317fc60f62bdb0278668d290be2db9d941f233eceeff6ffe84e2ac4183dd9bdffbeea6aa5740253c4d7ffa78790178ab14aad9892ac4ea23b361f8f7ac1b0faeaeb134b8f66d7a2bdaba5da78789d3626ca7c20867a1538549c73288b2c0e6acc661cc9ca283d879dd6af79c16db198b703b0a5839bba085a75968c0203f26f122c9fed1f392269531e9e619bc3da8d17aee016f92b7ecde295e9291ed40bb5183c8f8cfdd3a5002f4bdfe934c09d8f3527a9e6e6e77de977404a95cfa633186416bb120f6fc23cf800ff2fb5a6e321b9c8b6473eaf2a958137bc3fbafb0904f0627cfb80dc1830955c155ab21af394652113e1fa371ebdb807295329f2e13b6572d187455a3b460341900608f37d1ddcea326149a25ec285a4d1b3da75411c7f539e80f0973cff9de4e10bf393cc12abc541a9dcb158e34d5e12634a659d7955a9bc5b2cb9f34fd18844e0e43f57e27e488d5e8f4b707fee42aa943f095249075d1851b3f3c2a8da0e11ff57686d7d49ffb790549cff411310abe2afede7902d3f9aebce6b777eb5c53ffd78adb8bd1e5fd54e9c49353377e5adc1dff4799c36ff8d6df935e695779c5a5a9b57b5264b15463a440ffe7fcb347cab32601de7f6783a138412273feb996cd4c29fe3b83df7970370e5953fdfcdabd0413dccbed52c3bcd05181c7553c51904683f4c0070ff0c0b8bccc172a876628cf6cc7228654f68af82c173f4f033dafb30e81a13771f554a58933d436ac040c82f4f84bc5b446c202f6fd5217c653c72065ac6cb60d055c01a482a5936ba1fe3f191ba17b158f9518e8f3b2cdc62b0d08af9ee43726117d9342ced6c5a25826f7892f0faf97aa9848a6b4ee8e67b6cb6761ba7e7682a9be641a9f2abf604d3293d30266d3c34695c0456efc41913b83273c67898dadbd82c981d0db3b5d455b9be28a7a2a831aa65b474ebf2df1dbf253a7c2b9f66b22013e70f6d3b32ebc4e687aac2828d68df116282969b567aad3e19e4f9d4eba71ebdae3f1a81b481256ed7b50ef5e5dde5b73d934fe95d7e2f46941ccbe36cb64234f984e5fe0b3def38d873f4643dff8c09de30ccf0bd875f974d945ca8500e364e9700abeb353ac8aaa164007f29323264b91ad035446af0f56f13703e8512"], 0x11c8}, 0x1)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b28, &(0x7f0000000000)={'wlan1\x00', @random="1f00"})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
sendmsg$inet(r5, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="0213020902000000e4a17c4e2ca18baa", 0x10}], 0x1}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001a40)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000030000000000000000000000850000000e00010000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={r7, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$kcm(0x10, 0x2, 0x4)
close(0xffffffffffffffff)

3.64562748s ago: executing program 3 (id=3702):
r0 = socket$kcm(0x21, 0x2, 0x2)
setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000040), 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r1, &(0x7f00000002c0)="086f8facd88b9b2adf84ab2ffff3657e33673931359863e340ec4b8262f9b72c1efef6c3c732a920b21b8a6e8fd7421a46fe9018bb3d3e7699eee2b9c0ff5b7779adba8b63a6ed4c6f57600d5e0017c44f49414241fb0d70db275186c1a526e6b6accb53c8f20c0c398c8fbac6131be5d74ed48156249fe31578570ba3106119843b4e4ac71e7344db76cf4c8ccfbeb6457ab9fade36643aafb111a99cd9b338ce36cc7e25e15dd3c9b209328ff09f4111118a9d3b5196da4fd51e858a12f937abc72ca21bd8b4abd60750da96b21895ed2b6700dcd15a321d24a94cd668d14f3d", &(0x7f00000000c0)=""/113, 0x5256a85ce216a7d8}, 0x20)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, 0x0}, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_pressure(r2, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000080)={'some', 0x20, 0x2000000008, 0x20, 0x10000000fffff}, 0x2f)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000b40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87ea487e223ac37264833d618e92eac195f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d29c7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b356fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff53902a8f57000000009700cf0b4b8bc2294133000000007900000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645463dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a80741f0adba07f01d25eb3d1e23e0f2645d1cdfabfa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361cfbc61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e7567335dc3008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c7ba599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b96a81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000087a5f4bca39ad01340e98399f47f81d522dddcabc93ca6b082eb6be80b24b87652f76c3042ce504ac67b01a62451724b9257a0edceacb715a627247d11689663302f02b90fd6e10638b372c3413ee3066af68ce7ae685ccbd815c567fc50947703444e5625daea863219ebccf6cb3bd813e011097619c3f3c5f72c08ac0fa8f7e2536073bfd9f326f7369a3b4f000c4a300d3ef04db5fcf063e7f92711d1eb068d789e6c4d85c34c89e3e5f73178067e2976212ffe3ec8c284389ec7197a382bcba30b101938062e292e5185d8c1893f90cad3d8cac60b84b39843eed5fa17c362977c788361346eeca1d69fe200bd55a8d7ee48e80266661574f362e2069cec64e7e4426eb0a76a9a72887f68b5081aaf99f4d0a863cf47798cbe87b00663da6c834674fc2160d047e95f011b64a06576016f074e9e6afbe7675636fcd7e8abf2d788f5c8b31857"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='sched_kthread_stop_ret\x00', r4}, 0x10)
close(r3)

3.111352272s ago: executing program 2 (id=3704):
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000060000000000000000000085000000bc000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d2f, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x8000000000000000, 0x3e}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)}, 0x41)
sendmsg(r0, &(0x7f0000000700)={&(0x7f0000000540)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000840)="e871449f45c1f82599c7dec196aa08ba045850ea22cc49ae71fc14ef57ec4bcc40f186961be14329d80f5e55b6ab67cedb586b25183e970162c34fd7517ee2aeeb599639320a3c18b340e36006bf4ff4b42a1218d6a09950662d7d72984f311c04d9779528fa9e34a427c40b5d3c46", 0x6f}], 0x1}, 0x4000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0], 0x0, 0xbf, &(0x7f00000002c0), 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x8, 0x1b, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{}, &(0x7f0000000780), &(0x7f00000007c0)}, 0x20)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0102}}}, 0x80, &(0x7f0000000300)=[{&(0x7f00000007c0)="27031c0016001400020000000000000006e1f0000000890900000002ee1680ca82973d2bd4b836954268e611c00aab9715732c9fb750e42382b7f820d70da9b3621f02bf77789211581f4894e5880d039474d534e618", 0x56}], 0x1}, 0x24000008)

3.084265855s ago: executing program 3 (id=3706):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r1, 0x29, 0x18, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x6, 0x0, 0x0, 0x101, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x6, 0xfffffffffffffff0}, 0x0, 0x2e, 0x2, 0x4, 0x402, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000180)='devices.deny\x00', 0x2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0xb}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r4, &(0x7f0000000100)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1={0xff, 0x2}}, 0x80, &(0x7f0000001500)=[{&(0x7f0000000000), 0x4c00}], 0x1}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
close(r5)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000001f80)={&(0x7f0000001d00)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x80, 0x0}, 0x0)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8, <r10=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r10}, 0x8)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xa345d10fd9106efb, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r9, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0], 0x0, 0x34, 0x0, 0x0, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0xf8, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r11}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1830000000000000000000000300000000000100"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x92, &(0x7f0000000540)=""/146, 0x41000}, 0x94)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
recvmsg(r6, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x20)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'netpci0\x00', @multicast})

3.027123255s ago: executing program 0 (id=3707):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={r0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='netfs_rreq_ref\x00', r1, 0x0, 0x9}, 0x18)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000580)="d8001c00180081064e81f782db44fd56170d12a0b9b545c7", 0x18}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e3, &(0x7f0000000180)={r0, r6})

2.940735818s ago: executing program 1 (id=3708):
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000240)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f00000001c0)=ANY=[], 0x12)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000004c0)={@map=0x1, 0xffffffffffffffff, 0x2f, 0x2000, 0x0, @value=r2}, 0x20)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xc12, 0x830d}, 0x4000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1600000000000000000003000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000e1ff00"/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x4, 0x30009}], 0x10, 0xfffffff6}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001140)={&(0x7f0000002400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@fwd={0x3}]}, {0x0, [0x0, 0x5f, 0x5f, 0x30]}}, 0x0, 0x2a, 0x0, 0x1, 0xaa}, 0x28)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b63d25a80648c2594f90124fc60100c064001000009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000440)={r3, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffc}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x200c8000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0xa49a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
ioctl$PERF_EVENT_IOC_RESET(r5, 0x2403, 0xc5bf)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x20000010)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="000000000000000002"], 0x48)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x890b, &(0x7f0000000100))
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x890c, &(0x7f0000000100))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801004800000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r6)
sendmsg$inet(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)

2.882634452s ago: executing program 0 (id=3709):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x838, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x0, 0x7ffbd, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x1800}, 0x50)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x122}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)

2.870211313s ago: executing program 2 (id=3710):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f", 0x11}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0", 0x89}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x3, 0x2)
r3 = socket$kcm(0x2, 0x3, 0x2)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x7fff}, 0x8)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
sendmsg$inet(r3, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1}}}], 0x20}, 0x4008804)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x3, 0x10)
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000ec0)="1f", 0x1}], 0x1}, 0x815)

2.74379443s ago: executing program 4 (id=3711):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0x80}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
socket$kcm(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)=0x7fffffffffffffff, 0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="180000007600a9fe059f317a9dab00000000000340000000", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$kcm(0x10, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x183241, 0x0)
mkdir(&(0x7f0000000080)='./cgroup/../file0\x00', 0x152)
bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x2, 0x4, 0x7, 0x80, 0x0, 0x1}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfff9, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40))
r3 = socket$kcm(0x2, 0x1000000000000005, 0x0)
sendmsg$inet(r3, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=[@ip_tos_u8={{0x11, 0x34000}}, @ip_pktinfo={{0x1c, 0xfd000f00, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x28f0700, 0x8, {0x0, @empty=0xa0050000}}}, @ip_retopts={{0x24, 0x0, 0x7, {[@ra={0x94, 0x4}, @timestamp={0x44, 0x10, 0x88, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}, @ip_tos_u8={{0x11}}], 0x98}, 0x0)

2.493796452s ago: executing program 0 (id=3712):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000010040b7080000000000007b8af8ff00000000b7080000000000107b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0xa}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x10, &(0x7f0000000000), 0x4)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x14, 0x0}, 0x20000040)
socket$kcm(0x29, 0x7, 0x0)

2.381589068s ago: executing program 0 (id=3713):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = gettid()
r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x101, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x2e, 0xfffffbff, 0x4, 0x402, 0x0, 0x6}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0xb}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x4000040)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
socket$kcm(0x10, 0x3, 0x10)
r3 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x18445, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000280), 0x2}, 0x8080, 0xa9, 0x80000000, 0x5, 0x400000a5, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x41064400, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x18, 0x0, 0x0, 0x0, 0x0, 0xa6001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0x9f)
close(r3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="020000000400000005000000aa"], 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0xa7c, r5}, 0x38)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0x1, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex=r6, 0xb, 0x1, 0x954, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0]}, 0x40)
r7 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r7, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x10b8}, 0x200008c0)
sendmsg$kcm(r7, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
sendmsg$kcm(r7, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r2, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000002c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0], 0x0, 0xc2, &(0x7f0000000380)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x32, 0x8, 0x0, 0x0}}, 0x10)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040), 0xcf)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000053116500000000008510000002020000b7510000700000009500c200000000009500001200000000"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d}, 0x94)
r8 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0)
r9 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r9, &(0x7f0000000100)={&(0x7f00000001c0)={0x2, 0x4e1d, @multicast2=0xe0000018}, 0xfe3c, &(0x7f0000000000)=[{&(0x7f00000005c0)="476de32199", 0xffe4}], 0x1, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x29}, @multicast1}}}], 0x20}, 0x40004)
openat$cgroup_netprio_ifpriomap(r8, &(0x7f00000000c0), 0x2, 0x0)

2.368412835s ago: executing program 3 (id=3714):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000140), 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c9042, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x226140, 0x0)
close(r8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r8, 0x8923, &(0x7f0000002280)={'syzkaller0\x00', @random="2d311e000008"})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89a0, &(0x7f00000000c0)='%d\xf1\xfa\xbc$j\xfef;q1\x95\xf4\xe4\x13\x95k#Jz.F\xce\xfb\x9c\x19\xf3v\x88\x91\xbct\xb0\x1bLq\x15\x00\xad\t\x13\xf5U\x02\xc9d6q\xc3\xa5\xcf\x01t\r%\xad-\x13\xb0 U\xaaC\xc388\x13\xc6H\x0f \x03\x9e\xa98\xa1\xc3\xe9\x06C\xd4\xb5\x18}4\xa9yA8\x1fQ\xdfN\x8e\xd7m\xee\xb8N\x98\xef\xff\xddR\xec~c\xcb\x93\x84\x7f\\x6\xedZ\x82\xa0\x1by\x17\x1a\xc8\x98\x99\x0f')
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r5, r9, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20)
sendmsg$inet(r3, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001380)='U', 0x1}], 0x1}, 0x3)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a00)=@o_path={&(0x7f0000001440)='./file0\x00', 0x0, 0x4008}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1f00000004000000060000000700000080130000", @ANYRES32, @ANYBLOB="0000000000000000008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000001"], 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b9040a", 0x11}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000580)=ANY=[], 0xfe33)

2.27865708s ago: executing program 1 (id=3715):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r1, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f0000000040), 0x4)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0xfffffffd, 0x1}, 0x0, 0x100000001, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)={0x1b, 0x0, 0x0, 0xc5, 0x0, 0x1, 0x81, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x3}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r4, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0xfffffffffffffe80)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0)=0xffffffffffffffff, 0x4)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0xffff, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x3}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_lsm={0x1d, 0x15, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000004804000000000000c00a0000181100002a6d7a562e9cd6b283d6fc673e2d460505d194614eab83e2bfe6547af0db9e05515c2570e2178561a17c7a94e0fc03c1278fc9d6ce9613658ec99bc403c0965247a7ba36fe8f2786544c4d64311692f6a962b6d29a599f63198839fe87881384bc0e7ec232c247faf2c0ceb528aca533e5eeac80624b0a4a909e50df9d81e0cb69b003bef2b1deb51f807488b7fbb1de0391cb8c3dc4050013aa5f1bc6a12af86dcc4247fc82b0f19374f8562e262b836f261d3b78abfa51a7c71780cb4fb80d4efb747cd0c3782599570023648827a43f445cbe0dbb8a822d9093be23bc9db1f30f9b74c07e9927dcc9124315002ef91a78239a87e890ac6e1400"/285, @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018360000020000000000000000000000851000000400000018000000ff000000000000000500000019b7f4ff10000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0xfffffff8, 0x0, 0x0, 0x41000, 0x1, '\x00', r5, 0x1b, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000500)=[r7], 0x0, 0x10, 0x6}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
socket$kcm(0x2, 0x3, 0x2)
unlink(&(0x7f0000000080)='./cgroup/cgroup.procs\x00')
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000004440)={0x0, 0x0, 0x0}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="050000000600000008000000ad00000000000000", @ANYRES32, @ANYBLOB="0000000400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000973b52c198c04c4c2e44c982dc390d72bcb635926ba72ee681c52974f003ab8fcc7116d2ec9438a400800000000000007504a64651b373f893e7a8bff1e67dd6652c276b0f01c40837b04d9cbef1b86ccd4334e458b0b7169b6f4428c73934331a2304431ec26fa51adaf1347b247ece061e5b14683adcc4be325f53517c68b86bb94044fb8034b20025216061032650621065cb53873328455d5816f8"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x5, r8, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffd, 0x8000000}, 0x50)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x50)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0x400000000aea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x200, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x8, 0x10000}, 0x0, 0x9, 0x9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.self_freezing\x00', 0x26e1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))

1.790440075s ago: executing program 2 (id=3716):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000001000000080000000c00000001000000", @ANYRES32, @ANYBLOB="44d694511acbf818398b0bc3c3a191405605f7", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000fc0)={{r1}, &(0x7f0000000f40), &(0x7f0000000f80)='%pK    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0xd, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
sendmsg$inet(r0, 0x0, 0x600)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000001c0)="2e00000010008188040f46ecdb4cb9cca7480ef40f000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)

1.621212319s ago: executing program 3 (id=3717):
r0 = socket$kcm(0x21, 0x2, 0x2)
setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000040), 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000), 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, 0x0}, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_pressure(r1, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000080)={'some', 0x20, 0x2000000008, 0x20, 0x10000000fffff}, 0x2f)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000b40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87ea487e223ac37264833d618e92eac195f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d29c7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b356fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff53902a8f57000000009700cf0b4b8bc2294133000000007900000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645463dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a80741f0adba07f01d25eb3d1e23e0f2645d1cdfabfa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361cfbc61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e7567335dc3008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c7ba599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b96a81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000087a5f4bca39ad01340e98399f47f81d522dddcabc93ca6b082eb6be80b24b87652f76c3042ce504ac67b01a62451724b9257a0edceacb715a627247d11689663302f02b90fd6e10638b372c3413ee3066af68ce7ae685ccbd815c567fc50947703444e5625daea863219ebccf6cb3bd813e011097619c3f3c5f72c08ac0fa8f7e2536073bfd9f326f7369a3b4f000c4a300d3ef04db5fcf063e7f92711d1eb068d789e6c4d85c34c89e3e5f73178067e2976212ffe3ec8c284389ec7197a382bcba30b101938062e292e5185d8c1893f90cad3d8cac60b84b39843eed5fa17c362977c788361346eeca1d69fe200bd55a8d7ee48e80266661574f362e2069cec64e7e4426eb0a76a9a72887f68b5081aaf99f4d0a863cf47798cbe87b00663da6c834674fc2160d047e95f011b64a06576016f074e9e6afbe7675636fcd7e8abf2d788f5c8b31857"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='sched_kthread_stop_ret\x00', r3}, 0x10)
close(r2)

1.326345008s ago: executing program 4 (id=3718):
r0 = getpid()
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r0, r1, 0x0, 0x1, &(0x7f0000000240)='\x00'}, 0x30)
r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x40403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x4}, 0xf242, 0x5, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x1}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x806, 0x0, 0xfffffffc, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@fallback=r5, 0x0, 0x1, 0x9, &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8983, &(0x7f00000000c0)='\x02\x00\x00\x00\xbc$j\xfef;q1\xff\xd3r\xa3\xc81U\x8ez.F\xce\xfb\x9c\x19\xf3v\x88\x91\xbct\xb0\x1bLq\x15\x00\xad\t\x13\xf5U\x02\xc9d6q\xc3\xa5\xcd\x01t\r=\xad-\x13\xb0 U\xaaC\xc388\x13\xc6H\x0f \x03\x9e\xa98\xa1\xc3\xe9\x06C\xd4\xb5\x18}4\xa9yA8\x1fQ\xdfN\x8e\xd7m\xee\xb8N\x98\xef\xff\xddR\xec~c\xcb\x93\x84\x7f\\x6\xedZ\x82\xa0\x1by\x17\x1a\xc8\x98\x99\x0f')
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x24000001)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x12, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c000000c85859000008000000000000610000000000000000000000937f5fd299"], 0x0, 0x28}, 0x20)

1.080925461s ago: executing program 1 (id=3719):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={r0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='netfs_rreq_ref\x00', r1, 0x0, 0x9}, 0x18)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000580)="d8001c00180081064e81f782db44fd56170d12a0b9b545c7", 0x18}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e3, &(0x7f0000000180)={r0, r6})

1.042902101s ago: executing program 4 (id=3720):
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000060000000000000000000085000000bc000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d2f, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x8000000000000000, 0x3e}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)}, 0x41)
sendmsg(r0, &(0x7f0000000700)={&(0x7f0000000540)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000840)="e871449f45c1f82599c7dec196aa08ba045850ea22cc49ae71fc14ef57ec4bcc40f186961be14329d80f5e55b6ab67cedb586b25183e970162c34fd7517ee2aeeb599639320a3c18b340e36006bf4ff4b42a1218d6a09950662d7d72984f311c04d9779528fa9e34a427c40b5d3c46", 0x6f}], 0x1}, 0x4000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0], 0x0, 0xbf, &(0x7f00000002c0), 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x8, 0x1b, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{}, &(0x7f0000000780), &(0x7f00000007c0)}, 0x20)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0102}}}, 0x80, &(0x7f0000000300)=[{&(0x7f00000007c0)="27031c0016001400020000000000000006e1f0000000890900000002ee1680ca82973d2bd4b836954268e611c00aab9715732c9fb750e42382b7f820d70da9b3621f02bf77789211581f4894e5880d039474d534e618", 0x56}], 0x1}, 0x24000008)

953.567658ms ago: executing program 2 (id=3721):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x7ff1, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair(0x22, 0x2, 0x26, 0x0)
r0 = socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0xfffffed6, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r2, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r2}, 0x4)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x804, 0x14c9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x803, 0x0, @perf_config_ext={0x1}, 0xa0, 0x9, 0x0, 0x4, 0x2, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="160a00000400000061104c000000000005000000000000009500000000000000789feabd11d545f8e1b9a498a5241994b11b8d163cb647fa1171ce5a0a994ce8a9ea7e7e6b042145b14bf17aacab7e02c1c83446cfa003e8e8aec83bee04a2eebd1cf8"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3}, 0x44)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8020, 0x90000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x6}, 0x8224, 0x2, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}]}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147}, 0x80)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socket$kcm(0x10, 0x2, 0x10)
r3 = socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r3, @ANYRES64=0x0, @ANYRESHEX], 0x20)

863.230591ms ago: executing program 0 (id=3722):
r0 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x400000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x24}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0xa, 0x6, 0x3a)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000190081054e81f782db4cb9040220080000000000000000070a000a000900142603600e1208001e0000050401d559e0e0df7fc07963acc3038ebba8000400027c035c0461c1d67f6f94007134cf6efb8001a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c3f5aeb4edbb57a5025ccca9e008026f6e6ddba61f5fad95667e006dcdf639500bfeb789d00000000000000d5e1cace81ed6c117ab5d6d69bda4039e81f86f60f0bffece0b42a9ecbee5de6ccd40dd6e4ed", 0xd8}], 0x1}, 0x14)

826.071408ms ago: executing program 3 (id=3723):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2141, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xfffffffffffffffb}, 0x0, 0x0, 0x0, 0x0, 0xb, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1400000035000b63717a3c4a01d8985b0808aa78", 0x14}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="b7000000001000d54d0010000000000000000000184a0000fdffffff0000000000000000950010000000009d00000000b44a3911085ebf404f6cdce9c105d638f5352b76c65540599f1ed46960494cce9de44203355b5ce5e0c8a7f8f70d0f96faa4466374fb1102e7a9934c2fb41588cf3484e95554cbe2790947394833c90894ea29289a3ffaf155d51dda4ca429856374310983379e253e40faf248340d23dbd25bbdc9234803ca2952eb1538e4cdd8862e11436d29ed943db08c94eb71ce36d2cac8948b145b02beb92c5c0f6b5f"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'dvmrp0\x00', 0x2})
ioctl$TUNGETVNETBE(r1, 0x800454df, &(0x7f00000000c0)=0x1)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100080}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000000)=0x5a130500)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfff, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x900000, &(0x7f0000000040)="0d3d9fa291ccba4a13279c52c0b8e6730f23468620c398b0da301392e8e3a41c29037c9936504e3b036e03c82bdf1f9bfdf2e973eb767bea442ba1df20db66af50d1838ab3d15e98acef53a7a1a8793942fb7e76f997c2dc5283cc474260848056", 0x61, &(0x7f00000000c0), &(0x7f00000001c0), &(0x7f0000000200)="b60b968b403ae69ef112251f9db37cea60c3fe13541042f98fff0e6d664c212e1a956190c5d85bbc3b8fc17d7668711b3735d38821c50bfa482ce95d02bf8185a2bdf89a073f4495abf036a25187f099dc67b82b8c2f5e2a24a35a5c5e23e0966523159f1648585e132be91935b1a85694f62d1fcb43f226771501652a1f3be865049d1745cc90dca8786a81b5")
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0xc0045878, 0x0)

685.158041ms ago: executing program 4 (id=3724):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r1, 0x29, 0x18, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x6, 0x0, 0x0, 0x101, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x6, 0xfffffffffffffff0}, 0x0, 0x2e, 0x2, 0x4, 0x402, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000180)='devices.deny\x00', 0x2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0xb}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r4, &(0x7f0000000100)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1={0xff, 0x2}}, 0x80, &(0x7f0000001500)=[{&(0x7f0000000000), 0x4c00}], 0x1}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
close(r5)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000001f80)={&(0x7f0000001d00)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x80, 0x0}, 0x0)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8, <r10=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r10}, 0x8)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xa345d10fd9106efb, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r9, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0], 0x0, 0x34, 0x0, 0x0, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0xf8, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r11}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1830000000000000000000000300000000000100"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x92, &(0x7f0000000540)=""/146, 0x41000}, 0x94)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
recvmsg(r6, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x20)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'netpci0\x00', @multicast})

588.566668ms ago: executing program 1 (id=3725):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000780)="d800fff51a0081044e81f782db4cb9040a1d0800fe007c05e8fe55a115001d000200142603600e12080005007a010401a8001600200003400d000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)

376.011174ms ago: executing program 1 (id=3726):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x10000032, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

200.863951ms ago: executing program 2 (id=3727):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x1}, 0x80000, 0xca, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0xe, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8924, 0x0)
recvmsg$unix(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x1c0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYBLOB='>'], 0x9a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000400)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

84.31ms ago: executing program 1 (id=3728):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0x80}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
socket$kcm(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)=0x7fffffffffffffff, 0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="180000007600a9fe059f317a9dab00000000000340000000", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$kcm(0x10, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x183241, 0x0)
mkdir(&(0x7f0000000080)='./cgroup/../file0\x00', 0x152)
bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x2, 0x4, 0x7, 0x80, 0x0, 0x1}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfff9, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40))
r3 = socket$kcm(0x2, 0x1000000000000005, 0x0)
sendmsg$inet(r3, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=[@ip_tos_u8={{0x11, 0x34000}}, @ip_pktinfo={{0x1c, 0xfd000f00, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x28f0700, 0x8, {0x0, @empty=0xa0050000}}}, @ip_retopts={{0x24, 0x0, 0x7, {[@ra={0x94, 0x4}, @timestamp={0x44, 0x10, 0x88, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}, @ip_tos_u8={{0x11}}], 0x98}, 0x0)

1.941325ms ago: executing program 3 (id=3729):
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x9d, 0x0, &(0x7f0000000680)="7993ff011900000000a63b00008f20e94d079f199b8a1fb521f3756a955ecdf157902f64d1c3c941187f21467c767be90f8829742af2bc17d5721b550573478b6b8282040c5a3747186fdbb5cd07a005be37af4306c2444dad7bc6bee8ca671654ba67b740554a723ad450d2fe05e561efd5b5fd646a06d273ca188f346864bb2a4ba3f2ea1dfb3a21122eae0d8b60fad85a08720d94453f17dff13d4b", 0x0, 0x400, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50) (fail_nth: 5)

0s ago: executing program 0 (id=3730):
r0 = getpid()
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r0, r1, 0x0, 0x1, &(0x7f0000000240)='\x00'}, 0x30)
r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x40403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x4}, 0xf242, 0x5, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x1}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x806, 0x0, 0xfffffffc, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@fallback=r5, 0x0, 0x1, 0x9, &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8983, &(0x7f00000000c0)='\x02\x00\x00\x00\xbc$j\xfef;q1\xff\xd3r\xa3\xc81U\x8ez.F\xce\xfb\x9c\x19\xf3v\x88\x91\xbct\xb0\x1bLq\x15\x00\xad\t\x13\xf5U\x02\xc9d6q\xc3\xa5\xcd\x01t\r=\xad-\x13\xb0 U\xaaC\xc388\x13\xc6H\x0f \x03\x9e\xa98\xa1\xc3\xe9\x06C\xd4\xb5\x18}4\xa9yA8\x1fQ\xdfN\x8e\xd7m\xee\xb8N\x98\xef\xff\xddR\xec~c\xcb\x93\x84\x7f\\x6\xedZ\x82\xa0\x1by\x17\x1a\xc8\x98\x99\x0f')
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x24000001)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x12, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c000000c85859000008000000000000610000000000000000000000937f5fd299"], 0x0, 0x28}, 0x20)

kernel console output (not intermixed with test programs):

.
[  661.123408][T15678] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.2998'.
[  661.465380][T15670] wg2: entered promiscuous mode
[  661.473948][T15670] wg2: entered allmulticast mode
[  661.644708][T15684] syzkaller0: entered promiscuous mode
[  661.676296][T15684] syzkaller0: entered allmulticast mode
[  662.748619][T15711] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3008'.
[  666.569316][T15364] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  666.627543][T15364] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  666.695785][T15364] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  666.908943][T15364] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  667.547587][T15748] netlink: 'syz.3.3014': attribute type 25 has an invalid length.
[  667.556966][T15748] netlink: 'syz.3.3014': attribute type 28 has an invalid length.
[  667.662869][T15364] 8021q: adding VLAN 0 to HW filter on device bond0
[  667.713254][T15364] 8021q: adding VLAN 0 to HW filter on device team0
[  667.837677][T14804] bridge0: port 1(bridge_slave_0) entered blocking state
[  667.845255][T14804] bridge0: port 1(bridge_slave_0) entered forwarding state
[  667.870146][ T1169] bridge0: port 2(bridge_slave_1) entered blocking state
[  667.877369][ T1169] bridge0: port 2(bridge_slave_1) entered forwarding state
[  668.311642][T15763] netlink: 'syz.3.3017': attribute type 4 has an invalid length.
[  668.575796][T15773] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3020'.
[  668.996900][T15775] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.3009'.
[  669.102877][T15364] 8021q: adding VLAN 0 to HW filter on device batadv0
[  669.188927][T15787] netlink: 'syz.4.3021': attribute type 10 has an invalid length.
[  669.242652][T15364] veth0_vlan: entered promiscuous mode
[  669.281586][T15364] veth1_vlan: entered promiscuous mode
[  669.446589][T15364] veth0_macvtap: entered promiscuous mode
[  669.484123][T15364] veth1_macvtap: entered promiscuous mode
[  669.566165][T15364] batman_adv: batadv0: Interface activated: batadv_slave_0
[  669.580427][T15364] batman_adv: batadv0: Interface activated: batadv_slave_1
[  669.660949][ T8430] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  669.676085][ T8430] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  669.684986][ T8430] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  670.238602][ T8430] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  671.035728][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  671.077430][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  671.128558][T15823] netlink: 'syz.0.3026': attribute type 2 has an invalid length.
[  671.160811][T15823] netlink: 164 bytes leftover after parsing attributes in process `syz.0.3026'.
[  671.268870][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  671.309750][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  671.389787][T15830] IPv6: NLM_F_CREATE should be specified when creating new route
[  671.667069][T15838] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.3029'.
[  672.109512][T15847] FAULT_INJECTION: forcing a failure.
[  672.109512][T15847] name failslab, interval 1, probability 0, space 0, times 0
[  672.210215][T15847] CPU: 0 UID: 0 PID: 15847 Comm: syz.2.2928 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  672.210254][T15847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  672.210268][T15847] Call Trace:
[  672.210277][T15847]  <TASK>
[  672.210286][T15847]  dump_stack_lvl+0x189/0x250
[  672.210316][T15847]  ? __pfx____ratelimit+0x10/0x10
[  672.210345][T15847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  672.210369][T15847]  ? __pfx__printk+0x10/0x10
[  672.210403][T15847]  ? __pfx___might_resched+0x10/0x10
[  672.210434][T15847]  ? fs_reclaim_acquire+0x7d/0x100
[  672.210473][T15847]  should_fail_ex+0x414/0x560
[  672.210509][T15847]  should_failslab+0xa8/0x100
[  672.210543][T15847]  __kmalloc_cache_noprof+0x70/0x3d0
[  672.210571][T15847]  ? cfg80211_set_encryption+0x143/0x15c0
[  672.210606][T15847]  cfg80211_set_encryption+0x143/0x15c0
[  672.210653][T15847]  cfg80211_wext_siwencodeext+0x62f/0x860
[  672.210693][T15847]  ? __pfx_cfg80211_wext_siwencodeext+0x10/0x10
[  672.210742][T15847]  ioctl_standard_iw_point+0x689/0xd40
[  672.210790][T15847]  ? __pfx_cfg80211_wext_siwencodeext+0x10/0x10
[  672.210821][T15847]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  672.210854][T15847]  ? __pfx___mutex_lock+0x10/0x10
[  672.210891][T15847]  ? full_name_hash+0x92/0xe0
[  672.210925][T15847]  ? __pfx_cfg80211_wext_siwencodeext+0x10/0x10
[  672.210955][T15847]  ioctl_standard_call+0xaf/0x1b0
[  672.210989][T15847]  ? __pfx_cfg80211_wext_siwencodeext+0x10/0x10
[  672.211017][T15847]  wext_ioctl_dispatch+0xee/0x410
[  672.211045][T15847]  ? __pfx_ioctl_standard_call+0x10/0x10
[  672.211080][T15847]  wext_handle_ioctl+0x100/0x1c0
[  672.211114][T15847]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  672.211143][T15847]  ? __lock_acquire+0xab9/0xd20
[  672.211190][T15847]  sock_ioctl+0x15f/0x790
[  672.211218][T15847]  ? __pfx_sock_ioctl+0x10/0x10
[  672.211250][T15847]  ? __fget_files+0x2a/0x420
[  672.211279][T15847]  ? __fget_files+0x3a0/0x420
[  672.211307][T15847]  ? __fget_files+0x2a/0x420
[  672.211340][T15847]  ? bpf_lsm_file_ioctl+0x9/0x20
[  672.211365][T15847]  ? __pfx_sock_ioctl+0x10/0x10
[  672.211388][T15847]  __se_sys_ioctl+0xfc/0x170
[  672.211414][T15847]  do_syscall_64+0xfa/0x3b0
[  672.211441][T15847]  ? lockdep_hardirqs_on+0x9c/0x150
[  672.211468][T15847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  672.211490][T15847]  ? clear_bhb_loop+0x60/0xb0
[  672.211516][T15847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  672.211538][T15847] RIP: 0033:0x7f434ad8eb69
[  672.211556][T15847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  672.211575][T15847] RSP: 002b:00007f434bb88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  672.211598][T15847] RAX: ffffffffffffffda RBX: 00007f434afb6080 RCX: 00007f434ad8eb69
[  672.211614][T15847] RDX: 0000200000000000 RSI: 0000000000008b34 RDI: 0000000000000006
[  672.211629][T15847] RBP: 00007f434bb88090 R08: 0000000000000000 R09: 0000000000000000
[  672.211641][T15847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  672.211654][T15847] R13: 0000000000000000 R14: 00007f434afb6080 R15: 00007ffc1f7efda8
[  672.211688][T15847]  </TASK>
[  673.244726][ T5860] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  673.285702][ T5860] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  673.305337][ T5860] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  673.329951][ T5860] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  673.364980][ T5860] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  674.646725][T15865] chnl_net:caif_netlink_parms(): no params data found
[  674.833019][ T1169] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.031026][ T1169] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.321171][ T1169] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.344295][T15865] bridge0: port 1(bridge_slave_0) entered blocking state
[  675.351883][T15865] bridge0: port 1(bridge_slave_0) entered disabled state
[  675.359728][T15865] bridge_slave_0: entered allmulticast mode
[  675.368081][T15865] bridge_slave_0: entered promiscuous mode
[  675.395924][ T1169] batman_adv: batadv0: Removing interface: ÿÿÿÿÿÿ
[  675.405293][ T1169] netdevsim netdevsim1 ÿÿÿÿÿÿ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.423233][T15865] bridge0: port 2(bridge_slave_1) entered blocking state
[  675.430537][ T5860] Bluetooth: hci4: command tx timeout
[  675.440151][T15865] bridge0: port 2(bridge_slave_1) entered disabled state
[  675.448554][T15865] bridge_slave_1: entered allmulticast mode
[  675.457613][T15865] bridge_slave_1: entered promiscuous mode
[  675.503397][T15909] netlink: 'syz.0.3042': attribute type 6 has an invalid length.
[  675.521995][T15909] netlink: 'syz.0.3042': attribute type 3 has an invalid length.
[  675.538992][T15909] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.3042'.
[  675.594580][T15865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  675.634360][T15865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  675.771829][T15865] team0: Port device team_slave_0 added
[  675.845936][T15865] team0: Port device team_slave_1 added
[  676.073511][T15865] batman_adv: batadv0: Adding interface: batadv_slave_0
[  676.107252][T15865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.159557][T15865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  676.333439][T15865] batman_adv: batadv0: Adding interface: batadv_slave_1
[  676.354439][T15865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.415357][T15865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  677.488738][ T1169] bridge_slave_1: left allmulticast mode
[  677.494502][ T1169] bridge_slave_1: left promiscuous mode
[  677.511794][ T5860] Bluetooth: hci4: command tx timeout
[  677.521933][ T1169] bridge0: port 2(bridge_slave_1) entered disabled state
[  677.572713][T15938] FAULT_INJECTION: forcing a failure.
[  677.572713][T15938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  677.670245][T15938] CPU: 1 UID: 0 PID: 15938 Comm: syz.4.3047 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  677.670277][T15938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  677.670291][T15938] Call Trace:
[  677.670300][T15938]  <TASK>
[  677.670309][T15938]  dump_stack_lvl+0x189/0x250
[  677.670340][T15938]  ? __pfx____ratelimit+0x10/0x10
[  677.670369][T15938]  ? __pfx_dump_stack_lvl+0x10/0x10
[  677.670393][T15938]  ? __pfx__printk+0x10/0x10
[  677.670423][T15938]  ? __might_fault+0xb0/0x130
[  677.670468][T15938]  should_fail_ex+0x414/0x560
[  677.670507][T15938]  _copy_from_iter+0x1db/0x16f0
[  677.670537][T15938]  ? rcu_is_watching+0x15/0xb0
[  677.670572][T15938]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  677.670605][T15938]  ? __pfx__copy_from_iter+0x10/0x10
[  677.670632][T15938]  ? __build_skb_around+0x257/0x3e0
[  677.670669][T15938]  ? skb_put+0x11b/0x210
[  677.670712][T15938]  pfkey_sendmsg+0x230/0x1090
[  677.670753][T15938]  ? __pfx___might_resched+0x10/0x10
[  677.670783][T15938]  ? __lock_acquire+0xab9/0xd20
[  677.670822][T15938]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  677.670863][T15938]  ? aa_sk_perm+0x81e/0x950
[  677.670887][T15938]  ? is_bpf_text_address+0x26/0x2b0
[  677.670922][T15938]  ? __pfx_aa_sk_perm+0x10/0x10
[  677.670940][T15938]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  677.670979][T15938]  ? aa_sock_msg_perm+0x94/0x160
[  677.671006][T15938]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  677.671029][T15938]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  677.671060][T15938]  __sock_sendmsg+0x21c/0x270
[  677.671091][T15938]  ____sys_sendmsg+0x505/0x830
[  677.671133][T15938]  ? __pfx_____sys_sendmsg+0x10/0x10
[  677.671180][T15938]  ? import_iovec+0x74/0xa0
[  677.671213][T15938]  ___sys_sendmsg+0x21f/0x2a0
[  677.671250][T15938]  ? __pfx____sys_sendmsg+0x10/0x10
[  677.671338][T15938]  ? __fget_files+0x2a/0x420
[  677.671367][T15938]  ? __fget_files+0x3a0/0x420
[  677.671412][T15938]  __x64_sys_sendmsg+0x19b/0x260
[  677.671450][T15938]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  677.671498][T15938]  ? __pfx_ksys_write+0x10/0x10
[  677.671521][T15938]  ? rcu_is_watching+0x15/0xb0
[  677.671561][T15938]  ? do_syscall_64+0xbe/0x3b0
[  677.671596][T15938]  do_syscall_64+0xfa/0x3b0
[  677.671624][T15938]  ? lockdep_hardirqs_on+0x9c/0x150
[  677.671650][T15938]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.671672][T15938]  ? clear_bhb_loop+0x60/0xb0
[  677.671704][T15938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.671726][T15938] RIP: 0033:0x7fb3b2d8eb69
[  677.671745][T15938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  677.671764][T15938] RSP: 002b:00007fb3b3b77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  677.671787][T15938] RAX: ffffffffffffffda RBX: 00007fb3b2fb6080 RCX: 00007fb3b2d8eb69
[  677.671804][T15938] RDX: 0000000000000000 RSI: 0000200000003780 RDI: 0000000000000004
[  677.671817][T15938] RBP: 00007fb3b3b77090 R08: 0000000000000000 R09: 0000000000000000
[  677.671832][T15938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  677.671845][T15938] R13: 0000000000000000 R14: 00007fb3b2fb6080 R15: 00007fffadc9e598
[  677.671883][T15938]  </TASK>
[  678.375962][T15953] netlink: 'syz.2.3052': attribute type 21 has an invalid length.
[  678.422051][T15953] IPv6: NLM_F_CREATE should be specified when creating new route
[  678.432575][T15951] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.3051'.
[  678.475068][T15953] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  678.482486][T15953] IPv6: NLM_F_CREATE should be set when creating new route
[  678.490015][T15953] IPv6: NLM_F_CREATE should be set when creating new route
[  678.497568][T15953] IPv6: NLM_F_CREATE should be set when creating new route
[  678.506462][T15951] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  679.034354][ T1169] team0: Port device geneve1 removed
[  679.097734][ T1169] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  679.383632][ T1169] team0: Port device bond0 removed
[  679.392902][ T1169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  679.404656][ T1169] bond0 (unregistering): Released all slaves
[  679.445006][T15865] hsr_slave_0: entered promiscuous mode
[  679.456578][T15865] hsr_slave_1: entered promiscuous mode
[  679.463451][T15865] debugfs: 'hsr0' already exists in 'hsr'
[  679.475840][T15865] Cannot create hsr debugfs directory
[  679.574576][T15956] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3053'.
[  679.584977][T15956] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  679.595959][ T5860] Bluetooth: hci4: command tx timeout
[  679.690204][T15965] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3055'.
[  680.048636][T15962] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3055'.
[  680.084648][T15974] FAULT_INJECTION: forcing a failure.
[  680.084648][T15974] name failslab, interval 1, probability 0, space 0, times 0
[  680.123351][T15974] CPU: 1 UID: 0 PID: 15974 Comm: syz.4.3059 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  680.123385][T15974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  680.123400][T15974] Call Trace:
[  680.123409][T15974]  <TASK>
[  680.123419][T15974]  dump_stack_lvl+0x189/0x250
[  680.123450][T15974]  ? __pfx____ratelimit+0x10/0x10
[  680.123480][T15974]  ? __pfx_dump_stack_lvl+0x10/0x10
[  680.123504][T15974]  ? __pfx__printk+0x10/0x10
[  680.123540][T15974]  ? __pfx___might_resched+0x10/0x10
[  680.123579][T15974]  should_fail_ex+0x414/0x560
[  680.123617][T15974]  should_failslab+0xa8/0x100
[  680.123650][T15974]  kmem_cache_alloc_noprof+0x73/0x3c0
[  680.123680][T15974]  ? security_inode_alloc+0x39/0x330
[  680.123714][T15974]  security_inode_alloc+0x39/0x330
[  680.123746][T15974]  inode_init_always_gfp+0x9ed/0xdc0
[  680.123783][T15974]  ? __pfx_sock_alloc_inode+0x10/0x10
[  680.123809][T15974]  alloc_inode+0x82/0x1b0
[  680.123839][T15974]  __sock_create+0x12d/0x9f0
[  680.123878][T15974]  __sys_socketpair+0x23a/0x560
[  680.123915][T15974]  __x64_sys_socketpair+0x9b/0xb0
[  680.123946][T15974]  do_syscall_64+0xfa/0x3b0
[  680.123977][T15974]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.123998][T15974]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  680.124021][T15974]  ? clear_bhb_loop+0x60/0xb0
[  680.124047][T15974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.124069][T15974] RIP: 0033:0x7fb3b2d8eb69
[  680.124088][T15974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.124107][T15974] RSP: 002b:00007fb3b3b98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  680.124130][T15974] RAX: ffffffffffffffda RBX: 00007fb3b2fb5fa0 RCX: 00007fb3b2d8eb69
[  680.124147][T15974] RDX: 0000000000000000 RSI: 0000000000080005 RDI: 0000000000000023
[  680.124160][T15974] RBP: 00007fb3b3b98090 R08: 0000000000000000 R09: 0000000000000000
[  680.124191][T15974] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  680.124206][T15974] R13: 0000000000000000 R14: 00007fb3b2fb5fa0 R15: 00007fffadc9e598
[  680.124240][T15974]  </TASK>
[  680.349890][T15974] socket: no more sockets
[  680.623229][T15980] netlink: 'syz.3.3060': attribute type 10 has an invalid length.
[  680.631679][T15980] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3060'.
[  680.790981][T15980] dummy0: entered promiscuous mode
[  680.810525][T15980] bridge0: port 3(dummy0) entered blocking state
[  680.834692][T15980] bridge0: port 3(dummy0) entered disabled state
[  680.865747][T15980] dummy0: entered allmulticast mode
[  680.875111][T15980] bridge0: port 3(dummy0) entered blocking state
[  680.881791][T15980] bridge0: port 3(dummy0) entered forwarding state
[  680.944812][ T1169] team0: Port device O3ãc¤± removed
[  680.958933][T15987] netlink: 'syz.4.3064': attribute type 10 has an invalid length.
[  680.988117][T15987] bond0: (slave bond_slave_0): Releasing backup interface
[  680.996309][T15987] bond_slave_0: left allmulticast mode
[  681.002113][T15987] bond_slave_0: left promiscuous mode
[  681.333728][T15995] netlink: 'syz.0.3065': attribute type 25 has an invalid length.
[  681.357624][T15995] netlink: 'syz.0.3065': attribute type 28 has an invalid length.
[  681.464075][T16006] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3067'.
[  681.506784][T16002] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3067'.
[  681.550492][ T1169] hsr_slave_0: left promiscuous mode
[  681.562056][ T1169] hsr_slave_1: left promiscuous mode
[  681.573346][ T1169] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  681.594365][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_0
[  681.613975][ T1169] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  681.642938][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_1
[  681.665467][ T5860] Bluetooth: hci4: command tx timeout
[  681.720011][ T1169] veth1_macvtap: left promiscuous mode
[  681.726171][ T1169] veth0_macvtap: left promiscuous mode
[  683.058787][T16040] netlink: 'syz.0.3074': attribute type 10 has an invalid length.
[  683.131131][ T1169] team0 (unregistering): Port device team_slave_1 removed
[  683.184717][ T1169] team0 (unregistering): Port device C removed
[  683.609354][T16009] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3067'.
[  683.873496][T16044] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3075'.
[  683.899098][T16044] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  684.612218][T16069] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3079'.
[  684.648691][T16071] netlink: 'syz.3.3082': attribute type 25 has an invalid length.
[  684.669927][T16071] netlink: 'syz.3.3082': attribute type 28 has an invalid length.
[  684.683919][T16058] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3079'.
[  684.888636][T15865] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  684.930185][T15865] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  684.970751][T15865] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  684.992184][T15865] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  685.374662][T15865] 8021q: adding VLAN 0 to HW filter on device bond0
[  685.448019][T16099] netlink: 13010 bytes leftover after parsing attributes in process `syz.2.3086'.
[  685.460896][T15865] 8021q: adding VLAN 0 to HW filter on device team0
[  685.504679][ T8437] bridge0: port 1(bridge_slave_0) entered blocking state
[  685.512091][ T8437] bridge0: port 1(bridge_slave_0) entered forwarding state
[  685.600097][T14813] bridge0: port 2(bridge_slave_1) entered blocking state
[  685.607449][T14813] bridge0: port 2(bridge_slave_1) entered forwarding state
[  685.768530][T16106] netlink: 'syz.0.3087': attribute type 10 has an invalid length.
[  686.514359][T16128] netlink: 'syz.2.3092': attribute type 16 has an invalid length.
[  686.535674][T15865] 8021q: adding VLAN 0 to HW filter on device batadv0
[  686.562147][T16128] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3092'.
[  686.650682][T16134] netlink: 168 bytes leftover after parsing attributes in process `syz.2.3092'.
[  686.676901][T16134] C: renamed from team_slave_0 (while UP)
[  686.800461][T15865] veth0_vlan: entered promiscuous mode
[  686.860988][T15865] veth1_vlan: entered promiscuous mode
[  686.926592][T16148] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3094'.
[  686.947357][T16136] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3094'.
[  686.982389][T15865] veth0_macvtap: entered promiscuous mode
[  687.000911][T15865] veth1_macvtap: entered promiscuous mode
[  687.044244][T15865] batman_adv: batadv0: Interface activated: batadv_slave_0
[  687.071730][T15865] batman_adv: batadv0: Interface activated: batadv_slave_1
[  687.102803][ T8437] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  687.127916][ T8437] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  687.199597][ T8437] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  687.248329][ T8437] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  687.423562][T16160] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.3097'.
[  687.455990][ T8430] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  687.494077][ T8430] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  687.536790][T16159] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.3098'.
[  687.674049][T14813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  687.704753][T14813] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  687.936665][T16171] netlink: 'syz.3.3100': attribute type 2 has an invalid length.
[  687.967015][T16171] netlink: 'syz.3.3100': attribute type 1 has an invalid length.
[  687.974820][T16171] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.3100'.
[  687.990470][T16176] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.3101'.
[  688.021702][T16176] FAULT_INJECTION: forcing a failure.
[  688.021702][T16176] name failslab, interval 1, probability 0, space 0, times 0
[  688.032490][T16171] nbd: illegal input index 65540
[  688.069196][T16182] netlink: 'syz.1.3031': attribute type 10 has an invalid length.
[  688.125271][T16176] CPU: 1 UID: 0 PID: 16176 Comm: syz.2.3101 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  688.125302][T16176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  688.125315][T16176] Call Trace:
[  688.125324][T16176]  <TASK>
[  688.125333][T16176]  dump_stack_lvl+0x189/0x250
[  688.125363][T16176]  ? __pfx____ratelimit+0x10/0x10
[  688.125392][T16176]  ? __pfx_dump_stack_lvl+0x10/0x10
[  688.125423][T16176]  ? __pfx__printk+0x10/0x10
[  688.125448][T16176]  ? perf_trace_lock+0xec/0x3b0
[  688.125502][T16176]  should_fail_ex+0x414/0x560
[  688.125541][T16176]  should_failslab+0xa8/0x100
[  688.125575][T16176]  kmem_cache_alloc_noprof+0x73/0x3c0
[  688.125603][T16176]  ? skb_clone+0x212/0x3a0
[  688.125632][T16176]  skb_clone+0x212/0x3a0
[  688.125658][T16176]  __netlink_deliver_tap+0x404/0x850
[  688.125707][T16176]  ? netlink_deliver_tap+0x2e/0x1b0
[  688.125738][T16176]  netlink_deliver_tap+0x19c/0x1b0
[  688.125770][T16176]  netlink_sendskb+0x68/0x140
[  688.125800][T16176]  netlink_unicast+0x397/0x9e0
[  688.125823][T16176]  ? __asan_memcpy+0x40/0x70
[  688.125859][T16176]  ? __pfx_netlink_unicast+0x10/0x10
[  688.125900][T16176]  netlink_rcv_skb+0x28c/0x470
[  688.125931][T16176]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  688.125964][T16176]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  688.126007][T16176]  ? netlink_deliver_tap+0x2e/0x1b0
[  688.126049][T16176]  netlink_unicast+0x82c/0x9e0
[  688.126088][T16176]  ? __pfx_netlink_unicast+0x10/0x10
[  688.126117][T16176]  ? netlink_sendmsg+0x642/0xb30
[  688.126144][T16176]  ? skb_put+0x11b/0x210
[  688.126181][T16176]  netlink_sendmsg+0x805/0xb30
[  688.126224][T16176]  ? __pfx_netlink_sendmsg+0x10/0x10
[  688.126260][T16176]  ? aa_sock_msg_perm+0x94/0x160
[  688.126288][T16176]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  688.126310][T16176]  ? __pfx_netlink_sendmsg+0x10/0x10
[  688.126342][T16176]  __sock_sendmsg+0x21c/0x270
[  688.126373][T16176]  sock_write_iter+0x258/0x330
[  688.126408][T16176]  ? __pfx_sock_write_iter+0x10/0x10
[  688.126429][T16176]  ? perf_trace_lock+0xec/0x3b0
[  688.126475][T16176]  ? bpf_lsm_file_permission+0x9/0x20
[  688.126498][T16176]  ? security_file_permission+0x75/0x290
[  688.126546][T16176]  vfs_write+0x548/0xa90
[  688.126580][T16176]  ? __pfx_sock_write_iter+0x10/0x10
[  688.126606][T16176]  ? __pfx_vfs_write+0x10/0x10
[  688.126647][T16176]  ? __fget_files+0x2a/0x420
[  688.126690][T16176]  ksys_write+0x145/0x250
[  688.126732][T16176]  ? __pfx_ksys_write+0x10/0x10
[  688.126766][T16176]  ? do_syscall_64+0xbe/0x3b0
[  688.126802][T16176]  do_syscall_64+0xfa/0x3b0
[  688.126829][T16176]  ? lockdep_hardirqs_on+0x9c/0x150
[  688.126857][T16176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  688.126888][T16176]  ? clear_bhb_loop+0x60/0xb0
[  688.126916][T16176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  688.126937][T16176] RIP: 0033:0x7f434ad8eb69
[  688.126956][T16176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  688.126975][T16176] RSP: 002b:00007f434bba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  688.126998][T16176] RAX: ffffffffffffffda RBX: 00007f434afb5fa0 RCX: 00007f434ad8eb69
[  688.127014][T16176] RDX: 000000000000fe33 RSI: 0000200000000080 RDI: 0000000000000003
[  688.127029][T16176] RBP: 00007f434bba9090 R08: 0000000000000000 R09: 0000000000000000
[  688.127042][T16176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  688.127056][T16176] R13: 0000000000000000 R14: 00007f434afb5fa0 R15: 00007ffc1f7efda8
[  688.127095][T16176]  </TASK>
[  688.569877][T16182] batman_adv: batadv0: Adding interface: netdevsim0
[  688.643373][T16182] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  688.875003][T16182] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  689.132342][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  689.172929][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  689.187774][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  689.197734][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  689.218906][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  690.105976][T16230] FAULT_INJECTION: forcing a failure.
[  690.105976][T16230] name failslab, interval 1, probability 0, space 0, times 0
[  690.165358][T16230] CPU: 1 UID: 0 PID: 16230 Comm: syz.0.3112 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  690.165389][T16230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  690.165403][T16230] Call Trace:
[  690.165412][T16230]  <TASK>
[  690.165422][T16230]  dump_stack_lvl+0x189/0x250
[  690.165450][T16230]  ? __pfx____ratelimit+0x10/0x10
[  690.165484][T16230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  690.165512][T16230]  ? __pfx__printk+0x10/0x10
[  690.165560][T16230]  should_fail_ex+0x414/0x560
[  690.165599][T16230]  should_failslab+0xa8/0x100
[  690.165634][T16230]  __kmalloc_cache_noprof+0x70/0x3d0
[  690.165663][T16230]  ? sctp_add_bind_addr+0x8c/0x370
[  690.165702][T16230]  sctp_add_bind_addr+0x8c/0x370
[  690.165735][T16230]  sctp_copy_local_addr_list+0x30b/0x4e0
[  690.165768][T16230]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  690.165795][T16230]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  690.165828][T16230]  ? sctp_v4_is_any+0x35/0x60
[  690.165854][T16230]  ? sctp_copy_one_addr+0x93/0x360
[  690.165886][T16230]  sctp_bind_addr_copy+0xb3/0x3c0
[  690.165915][T16230]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  690.165944][T16230]  sctp_connect_new_asoc+0x2e0/0x690
[  690.165982][T16230]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  690.166012][T16230]  ? __local_bh_enable_ip+0x12d/0x1c0
[  690.166055][T16230]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  690.166078][T16230]  ? security_sctp_bind_connect+0x7e/0x2e0
[  690.166118][T16230]  sctp_sendmsg+0x155c/0x2810
[  690.166168][T16230]  ? __pfx_sctp_sendmsg+0x10/0x10
[  690.166205][T16230]  ? aa_sk_perm+0x81e/0x950
[  690.166227][T16230]  ? perf_trace_lock_acquire+0xf5/0x410
[  690.166264][T16230]  ? __pfx_aa_sk_perm+0x10/0x10
[  690.166296][T16230]  ? sock_rps_record_flow+0x19/0x410
[  690.166325][T16230]  ? inet_sendmsg+0x2f4/0x370
[  690.166355][T16230]  __sock_sendmsg+0x19c/0x270
[  690.166386][T16230]  ____sys_sendmsg+0x505/0x830
[  690.166429][T16230]  ? __pfx_____sys_sendmsg+0x10/0x10
[  690.166477][T16230]  ? import_iovec+0x74/0xa0
[  690.166513][T16230]  ___sys_sendmsg+0x21f/0x2a0
[  690.166551][T16230]  ? __pfx____sys_sendmsg+0x10/0x10
[  690.166635][T16230]  ? __fget_files+0x2a/0x420
[  690.166664][T16230]  ? __fget_files+0x3a0/0x420
[  690.166713][T16230]  __x64_sys_sendmsg+0x19b/0x260
[  690.166751][T16230]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  690.166799][T16230]  ? __pfx_ksys_write+0x10/0x10
[  690.166822][T16230]  ? rcu_is_watching+0x15/0xb0
[  690.166862][T16230]  ? do_syscall_64+0xbe/0x3b0
[  690.166897][T16230]  do_syscall_64+0xfa/0x3b0
[  690.166924][T16230]  ? lockdep_hardirqs_on+0x9c/0x150
[  690.166952][T16230]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  690.166974][T16230]  ? clear_bhb_loop+0x60/0xb0
[  690.167001][T16230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  690.167022][T16230] RIP: 0033:0x7f9a1ef8eb69
[  690.167042][T16230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  690.167060][T16230] RSP: 002b:00007f9a1fe60038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  690.167084][T16230] RAX: ffffffffffffffda RBX: 00007f9a1f1b5fa0 RCX: 00007f9a1ef8eb69
[  690.167100][T16230] RDX: 0000000000000040 RSI: 00002000000003c0 RDI: 0000000000000003
[  690.167115][T16230] RBP: 00007f9a1fe60090 R08: 0000000000000000 R09: 0000000000000000
[  690.167128][T16230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  690.167142][T16230] R13: 0000000000000000 R14: 00007f9a1f1b5fa0 R15: 00007ffce9043bf8
[  690.167181][T16230]  </TASK>
[  690.723734][T16197] chnl_net:caif_netlink_parms(): no params data found
[  690.777292][T16242] netlink: 'syz.1.3115': attribute type 10 has an invalid length.
[  691.141489][ T8430] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  691.190152][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  691.200111][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  691.300385][T16260] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3119'.
[  691.346041][   T51] Bluetooth: hci2: command tx timeout
[  691.552447][T16254] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3118'.
[  692.142634][ T8430] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.578498][ T8430] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.849835][T16197] bridge0: port 1(bridge_slave_0) entered blocking state
[  692.892639][T16197] bridge0: port 1(bridge_slave_0) entered disabled state
[  692.935761][T16197] bridge_slave_0: entered allmulticast mode
[  693.013292][T16197] bridge_slave_0: entered promiscuous mode
[  693.219019][ T8430] batman_adv: batadv0: Removing interface: ÿÿÿÿÿÿ
[  693.243590][ T8430] netdevsim netdevsim4 ÿÿÿÿÿÿ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.305234][T16304] netlink: 'syz.0.3128': attribute type 10 has an invalid length.
[  693.321076][T16298] netlink: 'syz.2.3127': attribute type 6 has an invalid length.
[  693.335674][T16197] bridge0: port 2(bridge_slave_1) entered blocking state
[  693.337495][T16298] netlink: 'syz.2.3127': attribute type 3 has an invalid length.
[  693.353467][T16197] bridge0: port 2(bridge_slave_1) entered disabled state
[  693.353697][T16197] bridge_slave_1: entered allmulticast mode
[  693.369448][T16197] bridge_slave_1: entered promiscuous mode
[  693.401815][T16298] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.3127'.
[  693.426453][   T51] Bluetooth: hci2: command tx timeout
[  693.578450][T16307] netdevsim netdevsim1 ÿÿÿÿÿÿ: renamed from netdevsim0
[  693.655019][T16197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  693.708277][T16197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  694.128005][T16329] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3131'.
[  694.153528][T16197] team0: Port device team_slave_0 added
[  694.194763][T16197] team0: Port device team_slave_1 added
[  694.471259][T16335] netlink: 'syz.1.3132': attribute type 22 has an invalid length.
[  694.509463][T16335] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3132'.
[  695.505522][   T51] Bluetooth: hci2: command tx timeout
[  697.032139][T16341] netlink: 'syz.1.3134': attribute type 27 has an invalid length.
[  697.042341][T16341] netlink: 'syz.1.3134': attribute type 3 has an invalid length.
[  697.083716][T16342] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.3133'.
[  697.102105][T16341] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3134'.
[  697.172131][T16197] batman_adv: batadv0: Adding interface: batadv_slave_0
[  697.194732][T16197] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  697.268405][T16197] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  697.312530][T16197] batman_adv: batadv0: Adding interface: batadv_slave_1
[  697.325428][T16197] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  697.371634][T16197] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  697.386217][ T8430] bond0: left allmulticast mode
[  697.391312][ T8430] bond_slave_1: left allmulticast mode
[  697.398193][ T8430] dummy0: left allmulticast mode
[  697.403646][ T8430] bridge0: port 3(bond0) entered disabled state
[  697.413236][ T8430] bridge_slave_1: left allmulticast mode
[  697.423808][ T8430] bridge_slave_1: left promiscuous mode
[  697.555503][ T8430] bridge0: port 2(bridge_slave_1) entered disabled state
[  697.582813][ T8430] bridge_slave_0: left allmulticast mode
[  697.592492][   T51] Bluetooth: hci2: command tx timeout
[  697.613123][ T8430] bridge_slave_0: left promiscuous mode
[  697.632488][ T8430] bridge0: port 1(bridge_slave_0) entered disabled state
[  699.449555][ T8430] team0: Port device geneve1 removed
[  699.939527][ T8430] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  699.953970][ T8430] bond_slave_1: left promiscuous mode
[  699.975796][ T8430] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  699.996614][ T8430] bond0 (unregistering): Released all slaves
[  700.320976][T16381] netlink: 96168 bytes leftover after parsing attributes in process `syz.0.3143'.
[  700.374117][ T8430] team0: Port device wlan1 removed
[  700.388476][T16379] sit0: left promiscuous mode
[  700.524093][T16197] hsr_slave_0: entered promiscuous mode
[  700.532471][T16197] hsr_slave_1: entered promiscuous mode
[  700.559233][T16382] sit0: entered promiscuous mode
[  700.826616][T16390] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.3146'.
[  700.920251][ T8430] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  700.930594][ T8430] batman_adv: batadv0: Removing interface: batadv_slave_0
[  700.952229][ T8430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  700.982107][ T8430] batman_adv: batadv0: Removing interface: batadv_slave_1
[  701.028151][T16402] FAULT_INJECTION: forcing a failure.
[  701.028151][T16402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  701.042353][T16402] CPU: 1 UID: 0 PID: 16402 Comm: syz.1.3149 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  701.042383][T16402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  701.042396][T16402] Call Trace:
[  701.042405][T16402]  <TASK>
[  701.042414][T16402]  dump_stack_lvl+0x189/0x250
[  701.042445][T16402]  ? __pfx____ratelimit+0x10/0x10
[  701.042474][T16402]  ? __pfx_dump_stack_lvl+0x10/0x10
[  701.042499][T16402]  ? __pfx__printk+0x10/0x10
[  701.042529][T16402]  ? lockdep_hardirqs_on+0x9c/0x150
[  701.042568][T16402]  should_fail_ex+0x414/0x560
[  701.042605][T16402]  _copy_to_user+0x31/0xb0
[  701.042636][T16402]  __htab_map_lookup_and_delete_batch+0xfe4/0x13a0
[  701.042720][T16402]  ? __pfx___htab_map_lookup_and_delete_batch+0x10/0x10
[  701.042764][T16402]  ? __pfx_htab_percpu_map_lookup_batch+0x10/0x10
[  701.042797][T16402]  bpf_map_do_batch+0x25e/0x5f0
[  701.042827][T16402]  ? security_bpf+0x7e/0x300
[  701.042854][T16402]  __sys_bpf+0x557/0x870
[  701.042883][T16402]  ? __pfx___sys_bpf+0x10/0x10
[  701.042929][T16402]  ? ksys_write+0x22a/0x250
[  701.042959][T16402]  ? __pfx_ksys_write+0x10/0x10
[  701.042996][T16402]  __x64_sys_bpf+0x7c/0x90
[  701.043021][T16402]  do_syscall_64+0xfa/0x3b0
[  701.043049][T16402]  ? lockdep_hardirqs_on+0x9c/0x150
[  701.043076][T16402]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.043098][T16402]  ? clear_bhb_loop+0x60/0xb0
[  701.043125][T16402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.043147][T16402] RIP: 0033:0x7f143ad8eb69
[  701.043166][T16402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  701.043186][T16402] RSP: 002b:00007f1438bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  701.043217][T16402] RAX: ffffffffffffffda RBX: 00007f143afb6080 RCX: 00007f143ad8eb69
[  701.043233][T16402] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  701.043247][T16402] RBP: 00007f1438bf6090 R08: 0000000000000000 R09: 0000000000000000
[  701.043261][T16402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  701.043274][T16402] R13: 0000000000000001 R14: 00007f143afb6080 R15: 00007ffe3b30faa8
[  701.043312][T16402]  </TASK>
[  702.198086][T16410] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3153'.
[  702.471326][ T8430] team0 (unregistering): Port device team_slave_1 removed
[  703.093657][T16427] netlink: 'syz.3.3158': attribute type 10 has an invalid length.
[  703.325574][T16417] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3156'.
[  703.423658][T16418] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3156'.
[  703.536646][T16420] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3156'.
[  703.880354][T16443] netlink: 'syz.2.3163': attribute type 10 has an invalid length.
[  704.131358][T16452] netlink: 'syz.1.3164': attribute type 1 has an invalid length.
[  704.142718][T16443] veth0_vlan: left promiscuous mode
[  704.156438][T16452] netlink: 17 bytes leftover after parsing attributes in process `syz.1.3164'.
[  704.256740][T16443] veth0_vlan: entered promiscuous mode
[  704.373811][T16443] team0: Device veth0_vlan failed to register rx_handler
[  705.565970][T16197] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  705.630786][T16197] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  705.684926][T16197] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  705.712380][T16197] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  706.179785][T16197] 8021q: adding VLAN 0 to HW filter on device bond0
[  706.322183][T16197] 8021q: adding VLAN 0 to HW filter on device team0
[  706.394620][ T2953] bridge0: port 1(bridge_slave_0) entered blocking state
[  706.402014][ T2953] bridge0: port 1(bridge_slave_0) entered forwarding state
[  706.631399][ T2953] bridge0: port 2(bridge_slave_1) entered blocking state
[  706.639013][ T2953] bridge0: port 2(bridge_slave_1) entered forwarding state
[  707.100898][T16530] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3180'.
[  707.640782][T16546] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3182'.
[  707.686190][T16549] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3182'.
[  707.789824][T16556] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3186'.
[  707.826794][T16546] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3182'.
[  707.837653][T16556] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  707.920041][T16197] 8021q: adding VLAN 0 to HW filter on device batadv0
[  708.286676][T16564] netlink: 'syz.2.3188': attribute type 37 has an invalid length.
[  708.363469][T16564] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3188'.
[  708.425586][T16564] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  708.971454][T16577] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.3191'.
[  709.158663][T16197] veth0_vlan: entered promiscuous mode
[  709.222260][T16197] veth1_vlan: entered promiscuous mode
[  709.619392][T16197] veth0_macvtap: entered promiscuous mode
[  709.659334][T16197] veth1_macvtap: entered promiscuous mode
[  709.734521][T16197] batman_adv: batadv0: Interface activated: batadv_slave_0
[  709.771419][T16197] batman_adv: batadv0: Interface activated: batadv_slave_1
[  709.830249][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  709.862038][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  709.921196][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  709.948638][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  709.984727][T16596] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3197'.
[  710.021442][T16596] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  710.291189][T16607] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3198'.
[  710.863680][T16609] netlink: 180 bytes leftover after parsing attributes in process `syz.3.3200'.
[  710.973488][ T2953] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  710.997196][ T2953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  711.081044][ T8437] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  711.118190][ T8437] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  711.403366][T16627] netlink: zone id is out of range
[  711.408904][T16627] netlink: zone id is out of range
[  711.414621][T16627] netlink: zone id is out of range
[  711.442339][T16627] netlink: zone id is out of range
[  711.468616][T16627] netlink: zone id is out of range
[  711.493250][T16627] netlink: zone id is out of range
[  711.521073][T16627] netlink: zone id is out of range
[  712.407740][T16647] netlink: 'syz.3.3215': attribute type 21 has an invalid length.
[  712.445465][T16647] __nla_validate_parse: 3 callbacks suppressed
[  712.445488][T16647] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3215'.
[  712.494484][T16649] netlink: 'syz.2.3214': attribute type 10 has an invalid length.
[  712.544377][T16649] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3214'.
[  712.558950][T16653] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3215'.
[  712.566439][T16653] bridge0: port 1(bridge_slave_0) entered disabled state
[  712.903574][T16653] bridge_slave_0 (unregistering): left allmulticast mode
[  712.983228][T16653] bridge_slave_0 (unregistering): left promiscuous mode
[  713.017707][T16653] bridge0: port 1(bridge_slave_0) entered disabled state
[  713.258978][ T5860] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  713.274478][ T5860] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  713.284316][ T5860] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  713.302248][ T5860] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  713.316255][ T5860] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  713.685923][T16649] team0: entered promiscuous mode
[  713.692111][T16649] C: entered promiscuous mode
[  713.702499][T16649] team_slave_1: entered promiscuous mode
[  713.726955][T16649] bridge0: port 3(team0) entered blocking state
[  713.733417][T16649] bridge0: port 3(team0) entered disabled state
[  713.785828][T16649] team0: entered allmulticast mode
[  713.795908][T16649] C: entered allmulticast mode
[  713.800773][T16649] team_slave_1: entered allmulticast mode
[  714.093037][T16675] netlink: 17 bytes leftover after parsing attributes in process `syz.2.3221'.
[  714.143282][T16675] net_ratelimit: 80 callbacks suppressed
[  714.143307][T16675] netlink: zone id is out of range
[  714.181870][T16675] netlink: zone id is out of range
[  714.195142][T16675] netlink: zone id is out of range
[  714.211255][T16675] netlink: zone id is out of range
[  714.233091][T16675] netlink: zone id is out of range
[  714.243824][T16675] netlink: zone id is out of range
[  714.269236][T16675] netlink: zone id is out of range
[  714.279164][T16675] netlink: zone id is out of range
[  714.299163][T16675] netlink: zone id is out of range
[  714.305819][T16675] netlink: zone id is out of range
[  714.575033][T16679] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3220'.
[  714.640930][T16674] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3220'.
[  714.882947][ T2953] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.062869][T16696] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.3225'.
[  715.077135][ T2953] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.080221][T16696] netlink: 6320 bytes leftover after parsing attributes in process `syz.4.3225'.
[  715.129742][T16699] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3226'.
[  715.352834][   T51] Bluetooth: hci3: command tx timeout
[  716.091284][ T2953] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.189678][T16713] netlink: 'syz.1.3231': attribute type 2 has an invalid length.
[  716.198360][T16713] netlink: 164 bytes leftover after parsing attributes in process `syz.1.3231'.
[  716.381312][ T2953] batman_adv: batadv0: Removing interface: ÿÿÿÿÿÿ
[  716.407695][ T2953] netdevsim netdevsim0 ÿÿÿÿÿÿ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.612063][T16663] chnl_net:caif_netlink_parms(): no params data found
[  717.427379][   T51] Bluetooth: hci3: command tx timeout
[  717.482395][T16663] bridge0: port 1(bridge_slave_0) entered blocking state
[  717.522128][T16663] bridge0: port 1(bridge_slave_0) entered disabled state
[  717.564660][T16663] bridge_slave_0: entered allmulticast mode
[  717.587434][T16663] bridge_slave_0: entered promiscuous mode
[  717.643723][T16663] bridge0: port 2(bridge_slave_1) entered blocking state
[  717.666792][T16663] bridge0: port 2(bridge_slave_1) entered disabled state
[  717.674449][T16663] bridge_slave_1: entered allmulticast mode
[  717.718149][T16663] bridge_slave_1: entered promiscuous mode
[  717.814049][T16759] __nla_validate_parse: 4 callbacks suppressed
[  717.814073][T16759] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.3243'.
[  718.858897][T16663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  718.924599][T16663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  718.952646][ T2953] bond0: left allmulticast mode
[  718.957772][ T2953] bond_slave_0: left allmulticast mode
[  718.985077][ T2953] bond_slave_1: left allmulticast mode
[  719.005499][ T2953] geneve0: left allmulticast mode
[  719.027076][ T2953] bridge0: port 3(bond0) entered disabled state
[  719.062525][ T2953] bridge_slave_1: left allmulticast mode
[  719.104897][ T2953] bridge_slave_1: left promiscuous mode
[  719.122427][ T2953] bridge0: port 2(bridge_slave_1) entered disabled state
[  719.167842][ T2953] bridge_slave_0: left promiscuous mode
[  719.184208][ T2953] bridge0: port 1(bridge_slave_0) entered disabled state
[  719.226663][T16778] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3248'.
[  719.497255][T16788] netlink: 'syz.2.3245': attribute type 10 has an invalid length.
[  719.508770][   T51] Bluetooth: hci3: command tx timeout
[  719.553275][T16788] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3245'.
[  720.215064][ T2953] team0: Port device geneve1 removed
[  720.284872][ T2953] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  720.656822][T16811] netlink: 'syz.4.3253': attribute type 10 has an invalid length.
[  720.665039][T16811] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3253'.
[  720.683167][ T2953] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  720.692694][ T2953] bond_slave_0: left promiscuous mode
[  720.713226][ T2953] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  720.765992][ T2953] bond_slave_1: left promiscuous mode
[  720.797031][ T2953] bond0 (unregistering): Released all slaves
[  720.930730][T16806] FAULT_INJECTION: forcing a failure.
[  720.930730][T16806] name fail_futex, interval 1, probability 0, space 0, times 1
[  720.982684][T16806] CPU: 1 UID: 0 PID: 16806 Comm: syz.3.3252 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  720.982718][T16806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  720.982733][T16806] Call Trace:
[  720.982742][T16806]  <TASK>
[  720.982752][T16806]  dump_stack_lvl+0x189/0x250
[  720.982784][T16806]  ? __pfx____ratelimit+0x10/0x10
[  720.982813][T16806]  ? __pfx_dump_stack_lvl+0x10/0x10
[  720.982837][T16806]  ? __pfx__printk+0x10/0x10
[  720.982862][T16806]  ? preempt_schedule_notrace+0xd1/0x110
[  720.982905][T16806]  should_fail_ex+0x414/0x560
[  720.982942][T16806]  get_futex_key+0x1a8/0x1640
[  720.982978][T16806]  ? __pfx_get_futex_key+0x10/0x10
[  720.982977][T16811] bridge0: port 3(dummy0) entered blocking state
[  720.983000][T16806]  ? __lock_acquire+0xab9/0xd20
[  720.983043][T16806]  futex_wake+0xf8/0x560
[  720.983071][T16806]  ? __pfx___mutex_trylock_common+0x10/0x10
[  720.983097][T16806]  ? __pfx_futex_wake+0x10/0x10
[  720.983130][T16806]  ? __lock_acquire+0xab9/0xd20
[  720.983171][T16806]  do_futex+0x395/0x420
[  720.983201][T16806]  ? __pfx_do_futex+0x10/0x10
[  720.983224][T16806]  ? __might_fault+0xb0/0x130
[  720.983256][T16806]  mm_release+0x188/0x390
[  720.983292][T16806]  ? __pfx_mm_release+0x10/0x10
[  720.983328][T16806]  ? lockdep_hardirqs_on+0x9c/0x150
[  720.983371][T16806]  exit_mm+0xa8/0x2c0
[  720.983402][T16806]  ? __pfx_exit_mm+0x10/0x10
[  720.983432][T16806]  ? rcu_is_watching+0x15/0xb0
[  720.983468][T16806]  do_exit+0x648/0x2300
[  720.983502][T16806]  ? do_raw_spin_lock+0x121/0x290
[  720.983541][T16806]  ? __pfx_do_exit+0x10/0x10
[  720.983563][T16806]  ? rcu_is_watching+0x15/0xb0
[  720.983617][T16806]  do_group_exit+0x21c/0x2d0
[  720.983644][T16806]  ? lockdep_hardirqs_on+0x9c/0x150
[  720.983676][T16806]  get_signal+0x1286/0x1340
[  720.983735][T16806]  arch_do_signal_or_restart+0x9a/0x750
[  720.983776][T16806]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  720.983807][T16806]  ? perf_trace_preemptirq_template+0xa3/0x340
[  720.983846][T16806]  ? __fget_files+0x2a/0x420
[  720.983884][T16806]  ? exit_to_user_mode_loop+0x40/0x110
[  720.983920][T16806]  exit_to_user_mode_loop+0x75/0x110
[  720.983951][T16806]  do_syscall_64+0x2bd/0x3b0
[  720.983981][T16806]  ? lockdep_hardirqs_on+0x9c/0x150
[  720.984010][T16806]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.984035][T16806]  ? clear_bhb_loop+0x60/0xb0
[  720.984064][T16806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.984086][T16806] RIP: 0033:0x7f54d058eb69
[  720.984108][T16806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  720.984130][T16806] RSP: 002b:00007f54d13fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  720.984154][T16806] RAX: 0000000000000000 RBX: 00007f54d07b6160 RCX: 00007f54d058eb69
[  720.984172][T16806] RDX: 0000200000001200 RSI: 0000000040047459 RDI: 0000000000000005
[  720.984186][T16806] RBP: 00007f54d13fd090 R08: 0000000000000000 R09: 0000000000000000
[  720.984201][T16806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  720.984214][T16806] R13: 0000000000000001 R14: 00007f54d07b6160 R15: 00007ffc912d1318
[  720.984251][T16806]  </TASK>
[  721.382189][T16811] bridge0: port 3(dummy0) entered disabled state
[  721.390538][T16811] dummy0: entered allmulticast mode
[  721.449220][T16811] dummy0: entered promiscuous mode
[  721.456494][T16819] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3256'.
[  721.484458][T16811] bridge0: port 3(dummy0) entered blocking state
[  721.492318][T16811] bridge0: port 3(dummy0) entered forwarding state
[  721.585513][   T51] Bluetooth: hci3: command tx timeout
[  724.357015][T16663] team0: Port device team_slave_0 added
[  724.369259][T16663] team0: Port device team_slave_1 added
[  724.507900][T16663] batman_adv: batadv0: Adding interface: batadv_slave_0
[  724.520105][T16663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  724.567404][T16663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  724.687131][ T2953] team0: Port device wlan1 removed
[  724.708083][T16663] batman_adv: batadv0: Adding interface: batadv_slave_1
[  724.716311][T16663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  724.743328][T16663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  724.946878][T16833] netlink: 'syz.4.3259': attribute type 21 has an invalid length.
[  724.997780][T16836] netlink: 'syz.4.3259': attribute type 10 has an invalid length.
[  725.015518][T16836] netlink: 55 bytes leftover after parsing attributes in process `syz.4.3259'.
[  725.150531][T16663] hsr_slave_0: entered promiscuous mode
[  725.171947][T16663] hsr_slave_1: entered promiscuous mode
[  725.192440][T16663] debugfs: 'hsr0' already exists in 'hsr'
[  725.202174][T16663] Cannot create hsr debugfs directory
[  725.652872][T16862] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3267'.
[  726.236547][T16860] netlink: 'syz.2.3266': attribute type 37 has an invalid length.
[  726.255311][T16864] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3266'.
[  726.264712][T16864] net_ratelimit: 163 callbacks suppressed
[  726.264734][T16864] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  726.294249][ T2953] hsr_slave_0: left promiscuous mode
[  726.301267][ T2953] hsr_slave_1: left promiscuous mode
[  726.309835][ T2953] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  726.325125][ T2953] batman_adv: batadv0: Removing interface: batadv_slave_0
[  726.338247][ T2953] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  726.346557][ T2953] batman_adv: batadv0: Removing interface: batadv_slave_1
[  726.363408][ T2953] veth0_macvtap: left promiscuous mode
[  726.697629][T16881] netlink: 'syz.4.3270': attribute type 21 has an invalid length.
[  726.914851][ T2953] team0 (unregistering): Port device team_slave_1 removed
[  726.967943][ T2953] team0 (unregistering): Port device C removed
[  727.447981][T16876] netlink: 'syz.1.3268': attribute type 25 has an invalid length.
[  727.469348][T16876] netlink: 'syz.1.3268': attribute type 28 has an invalid length.
[  727.491315][T16878] netlink: 'syz.2.3269': attribute type 25 has an invalid length.
[  727.514862][T16878] netlink: 'syz.2.3269': attribute type 28 has an invalid length.
[  727.542668][T16881] netlink: 'syz.4.3270': attribute type 6 has an invalid length.
[  727.575618][T16881] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3270'.
[  727.639801][T16890] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  728.548335][T16925] netlink: 13435 bytes leftover after parsing attributes in process `syz.3.3280'.
[  728.654585][T16925] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.3280'.
[  728.888823][T16932] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3283'.
[  728.992164][T16932] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  729.798554][T16663] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  729.854692][T16663] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  729.943712][T16663] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  730.002148][T16663] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  730.031309][T16957] netlink: 'syz.1.3293': attribute type 10 has an invalid length.
[  730.061723][T16957] batman_adv: batadv0: Removing interface: ÿÿÿÿÿÿ
[  730.202638][T16957] bond0: (slave ÿÿÿÿÿÿ): Enslaving as an active interface with an up link
[  730.383738][T16974] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3295'.
[  730.414313][T16974] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  730.599636][T16980] netlink: 'syz.4.3297': attribute type 25 has an invalid length.
[  730.622814][T16982] netlink: 160 bytes leftover after parsing attributes in process `syz.3.3298'.
[  730.632511][T16980] netlink: 'syz.4.3297': attribute type 28 has an invalid length.
[  730.698147][T16663] 8021q: adding VLAN 0 to HW filter on device bond0
[  730.776565][T16663] 8021q: adding VLAN 0 to HW filter on device team0
[  730.818672][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  730.825931][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  730.897194][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  730.904434][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  731.381772][T17013] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3308'.
[  731.402437][T17013] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  732.241050][T16663] 8021q: adding VLAN 0 to HW filter on device batadv0
[  732.438632][T16663] veth0_vlan: entered promiscuous mode
[  732.474632][T16663] veth1_vlan: entered promiscuous mode
[  732.579572][T16663] veth0_macvtap: entered promiscuous mode
[  732.638647][T16663] veth1_macvtap: entered promiscuous mode
[  732.721834][T16663] batman_adv: batadv0: Interface activated: batadv_slave_0
[  732.737863][T17036] FAULT_INJECTION: forcing a failure.
[  732.737863][T17036] name failslab, interval 1, probability 0, space 0, times 0
[  732.755868][T17027] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3309'.
[  732.767498][T17036] CPU: 0 UID: 0 PID: 17036 Comm: syz.4.3313 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  732.767531][T17036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  732.767546][T17036] Call Trace:
[  732.767555][T17036]  <TASK>
[  732.767564][T17036]  dump_stack_lvl+0x189/0x250
[  732.767594][T17036]  ? __pfx____ratelimit+0x10/0x10
[  732.767622][T17036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  732.767646][T17036]  ? __pfx__printk+0x10/0x10
[  732.767676][T17036]  ? __lock_acquire+0xab9/0xd20
[  732.767716][T17036]  should_fail_ex+0x414/0x560
[  732.767753][T17036]  should_failslab+0xa8/0x100
[  732.767786][T17036]  kmem_cache_alloc_noprof+0x73/0x3c0
[  732.767814][T17036]  ? skb_clone+0x212/0x3a0
[  732.767840][T17036]  skb_clone+0x212/0x3a0
[  732.767865][T17036]  __netlink_deliver_tap+0x404/0x850
[  732.767908][T17036]  ? netlink_deliver_tap+0x2e/0x1b0
[  732.767939][T17036]  netlink_deliver_tap+0x19c/0x1b0
[  732.767971][T17036]  netlink_unicast+0x7fa/0x9e0
[  732.768006][T17036]  ? __pfx_netlink_unicast+0x10/0x10
[  732.768035][T17036]  ? netlink_sendmsg+0x642/0xb30
[  732.768061][T17036]  ? skb_put+0x11b/0x210
[  732.768097][T17036]  netlink_sendmsg+0x805/0xb30
[  732.768138][T17036]  ? __pfx_netlink_sendmsg+0x10/0x10
[  732.768172][T17036]  ? aa_sock_msg_perm+0x94/0x160
[  732.768199][T17036]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  732.768220][T17036]  ? __pfx_netlink_sendmsg+0x10/0x10
[  732.768250][T17036]  __sock_sendmsg+0x21c/0x270
[  732.768279][T17036]  ____sys_sendmsg+0x505/0x830
[  732.768320][T17036]  ? __pfx_____sys_sendmsg+0x10/0x10
[  732.768374][T17036]  ? import_iovec+0x74/0xa0
[  732.768405][T17036]  ___sys_sendmsg+0x21f/0x2a0
[  732.768441][T17036]  ? __pfx____sys_sendmsg+0x10/0x10
[  732.768517][T17036]  ? __fget_files+0x2a/0x420
[  732.768545][T17036]  ? __fget_files+0x3a0/0x420
[  732.768586][T17036]  __x64_sys_sendmsg+0x19b/0x260
[  732.768623][T17036]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  732.768668][T17036]  ? __pfx_ksys_write+0x10/0x10
[  732.768691][T17036]  ? rcu_is_watching+0x15/0xb0
[  732.768729][T17036]  ? do_syscall_64+0xbe/0x3b0
[  732.768763][T17036]  do_syscall_64+0xfa/0x3b0
[  732.768790][T17036]  ? lockdep_hardirqs_on+0x9c/0x150
[  732.768817][T17036]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.768838][T17036]  ? clear_bhb_loop+0x60/0xb0
[  732.768866][T17036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.768886][T17036] RIP: 0033:0x7f3c64d8eb69
[  732.768906][T17036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.768925][T17036] RSP: 002b:00007f3c65c52038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  732.768947][T17036] RAX: ffffffffffffffda RBX: 00007f3c64fb5fa0 RCX: 00007f3c64d8eb69
[  732.768964][T17036] RDX: 0000000000000000 RSI: 0000200000000880 RDI: 0000000000000003
[  732.768977][T17036] RBP: 00007f3c65c52090 R08: 0000000000000000 R09: 0000000000000000
[  732.768991][T17036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  732.769004][T17036] R13: 0000000000000000 R14: 00007f3c64fb5fa0 R15: 00007ffde0401908
[  732.769038][T17036]  </TASK>
[  732.769076][T17036] netlink: 'syz.4.3313': attribute type 13 has an invalid length.
[  732.813233][T17027] netlink: 763 bytes leftover after parsing attributes in process `syz.2.3309'.
[  732.946681][T17036] netlink: 160 bytes leftover after parsing attributes in process `syz.4.3313'.
[  733.101811][T17041] netlink: 10 bytes leftover after parsing attributes in process `syz.2.3309'.
[  733.137104][T16663] batman_adv: batadv0: Interface activated: batadv_slave_1
[  733.269035][T17036] erspan0: refused to change device tx_queue_len
[  733.286180][T17036] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  733.320421][ T2953] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  733.358885][ T1169] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  733.400967][ T1169] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  733.434674][ T1169] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  733.634958][T17057] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3318'.
[  733.647910][T17057] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  733.813582][ T1169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  733.865217][ T1169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  734.030419][ T2953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  734.141092][ T2953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  735.291071][T17105] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.3329'.
[  735.324249][T17105] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  735.517527][T17111] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3331'.
[  735.601068][T17111] batadv_slave_1: entered promiscuous mode
[  735.909544][T17121] netlink: 168 bytes leftover after parsing attributes in process `syz.0.3333'.
[  735.953377][T17123] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3334'.
[  736.002595][T17121] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3333'.
[  736.749811][T17152] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3338'.
[  739.267912][T17179] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3340'.
[  739.464992][T17184] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3341'.
[  739.559510][T17185] IPv6: Can't replace route, no match found
[  739.573562][T17184] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  740.363263][T17199] netlink: 'syz.2.3345': attribute type 10 has an invalid length.
[  740.433415][T17201] netlink: 'syz.0.3346': attribute type 10 has an invalid length.
[  740.480357][T17199] batman_adv: batadv0: Adding interface: netdevsim0
[  740.487752][T17199] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  740.593074][T17199] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  740.654881][T17201] batman_adv: batadv0: Adding interface: netdevsim0
[  740.683627][T17201] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  740.765561][T17201] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  741.070611][T17214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3350'.
[  741.313368][T17214] ksmbd: Daemon and kernel module version mismatch. ksmbd: 36, kernel module: 1. User-space ksmbd should terminate.
[  741.337030][T17222] netlink: 'syz.2.3353': attribute type 10 has an invalid length.
[  741.347424][T17222] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3353'.
[  741.367275][T17220] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.3352'.
[  741.378246][T17222] bond0: entered promiscuous mode
[  741.383846][T17222] bond_slave_0: entered promiscuous mode
[  741.515782][T17222] bond_slave_1: entered promiscuous mode
[  741.562284][T17222] bridge0: port 4(bond0) entered blocking state
[  741.660166][T17222] bridge0: port 4(bond0) entered disabled state
[  741.697163][T17222] bond0: entered allmulticast mode
[  741.885252][T17222] bond_slave_0: entered allmulticast mode
[  741.915980][T17222] bond_slave_1: entered allmulticast mode
[  741.980220][T17232] netlink: 'syz.0.3355': attribute type 10 has an invalid length.
[  742.019739][T17222] bridge0: port 4(bond0) entered blocking state
[  742.026255][T17222] bridge0: port 4(bond0) entered forwarding state
[  742.188546][T17229] netlink: 'syz.2.3353': attribute type 14 has an invalid length.
[  742.278869][T17232] bridge0: port 2(bridge_slave_1) entered disabled state
[  742.288557][T17232] bridge0: port 1(bridge_slave_0) entered disabled state
[  742.408599][T17232] bridge0: port 2(bridge_slave_1) entered blocking state
[  742.416573][T17232] bridge0: port 2(bridge_slave_1) entered forwarding state
[  742.425401][T17232] bridge0: port 1(bridge_slave_0) entered blocking state
[  742.433486][T17232] bridge0: port 1(bridge_slave_0) entered forwarding state
[  742.467885][T17232] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  744.536272][T17245] netdevsim netdevsim2 ÿÿÿÿÿÿ: renamed from netdevsim0
[  745.047405][T17258] netdevsim netdevsim4 ÿÿÿÿÿÿ: renamed from netdevsim0 (while UP)
[  745.728216][T17274] FAULT_INJECTION: forcing a failure.
[  745.728216][T17274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.752542][T17274] CPU: 1 UID: 0 PID: 17274 Comm: syz.0.3369 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  745.752576][T17274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  745.752590][T17274] Call Trace:
[  745.752599][T17274]  <TASK>
[  745.752609][T17274]  dump_stack_lvl+0x189/0x250
[  745.752640][T17274]  ? __pfx____ratelimit+0x10/0x10
[  745.752669][T17274]  ? __pfx_dump_stack_lvl+0x10/0x10
[  745.752693][T17274]  ? __pfx__printk+0x10/0x10
[  745.752722][T17274]  ? __might_fault+0xb0/0x130
[  745.752765][T17274]  should_fail_ex+0x414/0x560
[  745.752802][T17274]  _copy_from_iter+0x1db/0x16f0
[  745.752830][T17274]  ? sock_alloc_send_pskb+0x875/0x990
[  745.752861][T17274]  ? __pfx__copy_from_iter+0x10/0x10
[  745.752902][T17274]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  745.752930][T17274]  skb_copy_datagram_from_iter+0xf5/0x720
[  745.752957][T17274]  ? dev_get_by_index+0x22/0x2e0
[  745.752981][T17274]  ? skb_put+0x11b/0x210
[  745.753018][T17274]  packet_sendmsg+0x3797/0x5080
[  745.753052][T17274]  ? aa_label_match+0x1a00/0x1be0
[  745.753108][T17274]  ? __pfx___might_resched+0x10/0x10
[  745.753138][T17274]  ? __lock_acquire+0xab9/0xd20
[  745.753186][T17274]  ? __pfx_packet_sendmsg+0x10/0x10
[  745.753206][T17274]  ? aa_sk_perm+0x81e/0x950
[  745.753236][T17274]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  745.753271][T17274]  ? __lock_acquire+0xab9/0xd20
[  745.753297][T17274]  ? aa_sock_msg_perm+0x94/0x160
[  745.753324][T17274]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  745.753346][T17274]  ? __pfx_packet_sendmsg+0x10/0x10
[  745.753370][T17274]  __sock_sendmsg+0x21c/0x270
[  745.753399][T17274]  ____sys_sendmsg+0x505/0x830
[  745.753440][T17274]  ? __pfx_____sys_sendmsg+0x10/0x10
[  745.753485][T17274]  ? import_iovec+0x74/0xa0
[  745.753521][T17274]  ___sys_sendmsg+0x21f/0x2a0
[  745.753558][T17274]  ? __pfx____sys_sendmsg+0x10/0x10
[  745.753634][T17274]  ? __fget_files+0x2a/0x420
[  745.753663][T17274]  ? __fget_files+0x3a0/0x420
[  745.753704][T17274]  __x64_sys_sendmsg+0x19b/0x260
[  745.753736][T17274]  ? perf_trace_run_bpf_submit+0x100/0x170
[  745.753774][T17274]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  745.753820][T17274]  ? __pfx_ksys_write+0x10/0x10
[  745.753844][T17274]  ? rcu_is_watching+0x15/0xb0
[  745.753889][T17274]  ? do_syscall_64+0xbe/0x3b0
[  745.753924][T17274]  do_syscall_64+0xfa/0x3b0
[  745.753952][T17274]  ? lockdep_hardirqs_on+0x9c/0x150
[  745.753979][T17274]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.754001][T17274]  ? clear_bhb_loop+0x60/0xb0
[  745.754029][T17274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.754050][T17274] RIP: 0033:0x7f83e278eb69
[  745.754070][T17274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  745.754089][T17274] RSP: 002b:00007f83e35da038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  745.754113][T17274] RAX: ffffffffffffffda RBX: 00007f83e29b5fa0 RCX: 00007f83e278eb69
[  745.754129][T17274] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  745.754144][T17274] RBP: 00007f83e35da090 R08: 0000000000000000 R09: 0000000000000000
[  745.754158][T17274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  745.754171][T17274] R13: 0000000000000000 R14: 00007f83e29b5fa0 R15: 00007ffec344d8c8
[  745.754206][T17274]  </TASK>
[  746.589061][T17285] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.3370'.
[  746.935755][T17289] netlink: 'syz.0.3371': attribute type 6 has an invalid length.
[  746.943921][T17289] netlink: 'syz.0.3371': attribute type 3 has an invalid length.
[  746.962909][T17289] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.3371'.
[  747.551547][T17295] netlink: 'syz.1.3373': attribute type 37 has an invalid length.
[  747.568909][T17295] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3373'.
[  747.578591][T17295] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  748.019406][T17314] netlink: 168 bytes leftover after parsing attributes in process `syz.1.3379'.
[  748.061392][T17313] netdevsim netdevsim0 ÿÿÿÿÿÿ: renamed from netdevsim0
[  748.202985][T17321] netlink: 64859 bytes leftover after parsing attributes in process `syz.1.3380'.
[  749.535935][T17353] netlink: 'syz.4.3387': attribute type 39 has an invalid length.
[  749.804037][T17350] netlink: 'syz.4.3387': attribute type 12 has an invalid length.
[  749.812953][T17350] netlink: 14585 bytes leftover after parsing attributes in process `syz.4.3387'.
[  749.859503][T17359] netlink: 188 bytes leftover after parsing attributes in process `syz.1.3389'.
[  751.582336][T17372] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3394'.
[  751.588543][T17373] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3394'.
[  752.628866][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  752.639500][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  752.783135][T17352] netlink: 'syz.2.3388': attribute type 37 has an invalid length.
[  752.791578][T17356] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3388'.
[  752.801722][T17356] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  753.006004][T17382] netlink: 'syz.1.3398': attribute type 10 has an invalid length.
[  753.042692][T17382] bond0: (slave ÿÿÿÿÿÿ): Releasing backup interface
[  753.090050][T17382] batman_adv: batadv0: Adding interface: ÿÿÿÿÿÿ
[  753.122220][T17382] batman_adv: batadv0: The MTU of interface ÿÿÿÿÿÿ is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  753.156264][T17382] batman_adv: batadv0: Not using interface ÿÿÿÿÿÿ (retrying later): interface not active
[  753.326279][T17387] wg2: entered promiscuous mode
[  753.342185][T17387] wg2: entered allmulticast mode
[  753.382950][T17394] netlink: 'syz.2.3400': attribute type 25 has an invalid length.
[  753.420664][T17394] netlink: 'syz.2.3400': attribute type 28 has an invalid length.
[  753.514853][T17397] netlink: 'syz.1.3402': attribute type 25 has an invalid length.
[  753.523472][T17397] netlink: 'syz.1.3402': attribute type 28 has an invalid length.
[  754.829283][T17416] netlink: 128 bytes leftover after parsing attributes in process `syz.3.3407'.
[  754.846576][T17422] netlink: 'syz.1.3408': attribute type 6 has an invalid length.
[  754.854378][T17422] netlink: 'syz.1.3408': attribute type 3 has an invalid length.
[  754.862890][T17422] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.3408'.
[  754.874934][T17416] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  755.147842][T17429] netlink: 15999 bytes leftover after parsing attributes in process `syz.2.3412'.
[  755.238705][T17431] FAULT_INJECTION: forcing a failure.
[  755.238705][T17431] name failslab, interval 1, probability 0, space 0, times 0
[  755.296606][T17431] CPU: 0 UID: 0 PID: 17431 Comm: syz.4.3413 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  755.296638][T17431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  755.296650][T17431] Call Trace:
[  755.296658][T17431]  <TASK>
[  755.296668][T17431]  dump_stack_lvl+0x189/0x250
[  755.296698][T17431]  ? __pfx____ratelimit+0x10/0x10
[  755.296727][T17431]  ? __pfx_dump_stack_lvl+0x10/0x10
[  755.296757][T17431]  ? __pfx__printk+0x10/0x10
[  755.296788][T17431]  ? __pfx___might_resched+0x10/0x10
[  755.296827][T17431]  ? fs_reclaim_acquire+0x7d/0x100
[  755.296866][T17431]  should_fail_ex+0x414/0x560
[  755.296902][T17431]  should_failslab+0xa8/0x100
[  755.296935][T17431]  __kmalloc_noprof+0xcb/0x4f0
[  755.296962][T17431]  ? tomoyo_encode+0x28b/0x550
[  755.296995][T17431]  tomoyo_encode+0x28b/0x550
[  755.297029][T17431]  tomoyo_realpath_from_path+0x58d/0x5d0
[  755.297071][T17431]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  755.297094][T17431]  tomoyo_path_number_perm+0x1e8/0x5a0
[  755.297120][T17431]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  755.297162][T17431]  ? __lock_acquire+0xab9/0xd20
[  755.297227][T17431]  ? __fget_files+0x2a/0x420
[  755.297261][T17431]  ? __fget_files+0x2a/0x420
[  755.297289][T17431]  ? __fget_files+0x3a0/0x420
[  755.297316][T17431]  ? __fget_files+0x2a/0x420
[  755.297354][T17431]  security_file_ioctl+0xcb/0x2d0
[  755.297392][T17431]  __se_sys_ioctl+0x47/0x170
[  755.297418][T17431]  do_syscall_64+0xfa/0x3b0
[  755.297447][T17431]  ? lockdep_hardirqs_on+0x9c/0x150
[  755.297474][T17431]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.297495][T17431]  ? clear_bhb_loop+0x60/0xb0
[  755.297523][T17431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.297544][T17431] RIP: 0033:0x7f3c64d8eb69
[  755.297564][T17431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  755.297584][T17431] RSP: 002b:00007f3c65c52038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  755.297608][T17431] RAX: ffffffffffffffda RBX: 00007f3c64fb5fa0 RCX: 00007f3c64d8eb69
[  755.297626][T17431] RDX: 0000000000000000 RSI: 00000000000054e3 RDI: 0000000000000003
[  755.297640][T17431] RBP: 00007f3c65c52090 R08: 0000000000000000 R09: 0000000000000000
[  755.297654][T17431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  755.297668][T17431] R13: 0000000000000000 R14: 00007f3c64fb5fa0 R15: 00007ffde0401908
[  755.297702][T17431]  </TASK>
[  755.297740][T17431] ERROR: Out of memory at tomoyo_realpath_from_path.
[  755.680026][T17431] syzkaller1: tun_chr_ioctl cmd 21731
[  756.800862][T17460] delete_channel: no stack
[  756.831797][T17460] delete_channel: no stack
[  757.109630][T17462] netlink: 15999 bytes leftover after parsing attributes in process `syz.2.3425'.
[  757.337258][T17466] netlink: 'syz.4.3427': attribute type 6 has an invalid length.
[  757.355377][T17466] netlink: 'syz.4.3427': attribute type 3 has an invalid length.
[  757.419527][T17466] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.3427'.
[  758.297934][T17486] FAULT_INJECTION: forcing a failure.
[  758.297934][T17486] name failslab, interval 1, probability 0, space 0, times 0
[  758.344540][T17486] CPU: 1 UID: 0 PID: 17486 Comm: syz.0.3434 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  758.344574][T17486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  758.344588][T17486] Call Trace:
[  758.344598][T17486]  <TASK>
[  758.344608][T17486]  dump_stack_lvl+0x189/0x250
[  758.344638][T17486]  ? __pfx____ratelimit+0x10/0x10
[  758.344678][T17486]  ? __pfx_dump_stack_lvl+0x10/0x10
[  758.344704][T17486]  ? __pfx__printk+0x10/0x10
[  758.344739][T17486]  ? __pfx___might_resched+0x10/0x10
[  758.344771][T17486]  ? fs_reclaim_acquire+0x7d/0x100
[  758.344811][T17486]  should_fail_ex+0x414/0x560
[  758.344849][T17486]  should_failslab+0xa8/0x100
[  758.344883][T17486]  __kmalloc_noprof+0xcb/0x4f0
[  758.344910][T17486]  ? do_raw_spin_unlock+0x122/0x240
[  758.344933][T17486]  ? bpf_test_init+0xc2/0x170
[  758.344967][T17486]  bpf_test_init+0xc2/0x170
[  758.345000][T17486]  bpf_prog_test_run_xdp+0x37c/0x1000
[  758.345049][T17486]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  758.345085][T17486]  ? __fget_files+0x2a/0x420
[  758.345122][T17486]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  758.345151][T17486]  bpf_prog_test_run+0x2c7/0x340
[  758.345185][T17486]  __sys_bpf+0x581/0x870
[  758.345214][T17486]  ? __pfx___sys_bpf+0x10/0x10
[  758.345258][T17486]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  758.345302][T17486]  __x64_sys_bpf+0x7c/0x90
[  758.345328][T17486]  do_syscall_64+0xfa/0x3b0
[  758.345360][T17486]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  758.345381][T17486]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  758.345404][T17486]  ? clear_bhb_loop+0x60/0xb0
[  758.345431][T17486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  758.345453][T17486] RIP: 0033:0x7f83e278eb69
[  758.345474][T17486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  758.345495][T17486] RSP: 002b:00007f83e35da038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  758.345519][T17486] RAX: ffffffffffffffda RBX: 00007f83e29b5fa0 RCX: 00007f83e278eb69
[  758.345536][T17486] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  758.345551][T17486] RBP: 00007f83e35da090 R08: 0000000000000000 R09: 0000000000000000
[  758.345566][T17486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  758.345579][T17486] R13: 0000000000000000 R14: 00007f83e29b5fa0 R15: 00007ffec344d8c8
[  758.345614][T17486]  </TASK>
[  758.735547][T17491] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3433'.
[  759.041671][T17483] netlink: 'syz.3.3433': attribute type 33 has an invalid length.
[  759.495947][T17503] netlink: 15743 bytes leftover after parsing attributes in process `syz.4.3436'.
[  759.707747][T17507] FAULT_INJECTION: forcing a failure.
[  759.707747][T17507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  759.760358][T17507] CPU: 0 UID: 0 PID: 17507 Comm: syz.2.3439 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  759.760394][T17507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  759.760409][T17507] Call Trace:
[  759.760419][T17507]  <TASK>
[  759.760430][T17507]  dump_stack_lvl+0x189/0x250
[  759.760460][T17507]  ? __pfx____ratelimit+0x10/0x10
[  759.760490][T17507]  ? __pfx_dump_stack_lvl+0x10/0x10
[  759.760514][T17507]  ? __pfx__printk+0x10/0x10
[  759.760566][T17507]  should_fail_ex+0x414/0x560
[  759.760604][T17507]  _copy_to_user+0x31/0xb0
[  759.760635][T17507]  bpf_test_finish+0x1ab/0x700
[  759.760676][T17507]  ? __pfx_bpf_test_finish+0x10/0x10
[  759.760712][T17507]  ? bpf_prog_test_run_skb+0x6ac/0x1560
[  759.760746][T17507]  bpf_prog_test_run_skb+0xed5/0x1560
[  759.760796][T17507]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  759.760827][T17507]  bpf_prog_test_run+0x2c7/0x340
[  759.760861][T17507]  __sys_bpf+0x581/0x870
[  759.760891][T17507]  ? __pfx___sys_bpf+0x10/0x10
[  759.760935][T17507]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  759.760967][T17507]  ? __pfx_ksys_write+0x10/0x10
[  759.760990][T17507]  ? rcu_is_watching+0x15/0xb0
[  759.761032][T17507]  __x64_sys_bpf+0x7c/0x90
[  759.761057][T17507]  do_syscall_64+0xfa/0x3b0
[  759.761086][T17507]  ? lockdep_hardirqs_on+0x9c/0x150
[  759.761114][T17507]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  759.761136][T17507]  ? clear_bhb_loop+0x60/0xb0
[  759.761163][T17507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  759.761186][T17507] RIP: 0033:0x7f434ad8eb69
[  759.761205][T17507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  759.761224][T17507] RSP: 002b:00007f434bba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  759.761248][T17507] RAX: ffffffffffffffda RBX: 00007f434afb5fa0 RCX: 00007f434ad8eb69
[  759.761265][T17507] RDX: 0000000000000050 RSI: 0000200000000b80 RDI: 000000000000000a
[  759.761279][T17507] RBP: 00007f434bba9090 R08: 0000000000000000 R09: 0000000000000000
[  759.761294][T17507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  759.761307][T17507] R13: 0000000000000000 R14: 00007f434afb5fa0 R15: 00007ffc1f7efda8
[  759.761340][T17507]  </TASK>
[  760.177260][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[  760.714730][T17529] FAULT_INJECTION: forcing a failure.
[  760.714730][T17529] name failslab, interval 1, probability 0, space 0, times 0
[  760.793094][T17529] CPU: 1 UID: 0 PID: 17529 Comm: syz.1.3446 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  760.793127][T17529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  760.793142][T17529] Call Trace:
[  760.793151][T17529]  <TASK>
[  760.793162][T17529]  dump_stack_lvl+0x189/0x250
[  760.793194][T17529]  ? __pfx____ratelimit+0x10/0x10
[  760.793224][T17529]  ? __pfx_dump_stack_lvl+0x10/0x10
[  760.793248][T17529]  ? __pfx__printk+0x10/0x10
[  760.793284][T17529]  ? __pfx___might_resched+0x10/0x10
[  760.793317][T17529]  ? fs_reclaim_acquire+0x7d/0x100
[  760.793357][T17529]  should_fail_ex+0x414/0x560
[  760.793395][T17529]  should_failslab+0xa8/0x100
[  760.793443][T17529]  __kmalloc_noprof+0xcb/0x4f0
[  760.793471][T17529]  ? kfree+0x4d/0x440
[  760.793495][T17529]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  760.793531][T17529]  tomoyo_realpath_from_path+0xe3/0x5d0
[  760.793563][T17529]  ? tomoyo_domain+0xd9/0x130
[  760.793599][T17529]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  760.793624][T17529]  tomoyo_path_number_perm+0x1e8/0x5a0
[  760.793650][T17529]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  760.793675][T17529]  ? trace_call_bpf+0xb7/0x850
[  760.793718][T17529]  ? trace_call_bpf+0xb7/0x850
[  760.793750][T17529]  ? trace_call_bpf+0x5ba/0x850
[  760.793790][T17529]  ? __lock_acquire+0xab9/0xd20
[  760.793845][T17529]  ? __fget_files+0x2a/0x420
[  760.793879][T17529]  ? __fget_files+0x2a/0x420
[  760.793908][T17529]  ? __fget_files+0x3a0/0x420
[  760.793937][T17529]  ? __fget_files+0x2a/0x420
[  760.793974][T17529]  security_file_ioctl+0xcb/0x2d0
[  760.794013][T17529]  __se_sys_ioctl+0x47/0x170
[  760.794041][T17529]  do_syscall_64+0xfa/0x3b0
[  760.794071][T17529]  ? lockdep_hardirqs_on+0x9c/0x150
[  760.794099][T17529]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.794122][T17529]  ? clear_bhb_loop+0x60/0xb0
[  760.794160][T17529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.794199][T17529] RIP: 0033:0x7f143ad8eb69
[  760.794228][T17529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  760.794248][T17529] RSP: 002b:00007f143bb22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  760.794272][T17529] RAX: ffffffffffffffda RBX: 00007f143afb5fa0 RCX: 00007f143ad8eb69
[  760.794289][T17529] RDX: 0000000000000000 RSI: 00000000000089ed RDI: 0000000000000005
[  760.794304][T17529] RBP: 00007f143bb22090 R08: 0000000000000000 R09: 0000000000000000
[  760.794319][T17529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  760.794332][T17529] R13: 0000000000000000 R14: 00007f143afb5fa0 R15: 00007ffe3b30faa8
[  760.794369][T17529]  </TASK>
[  761.115401][T17529] ERROR: Out of memory at tomoyo_realpath_from_path.
[  761.607059][T17538] syzkaller0: entered promiscuous mode
[  761.612611][T17538] syzkaller0: entered allmulticast mode
[  762.414136][T17561] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.3454'.
[  764.642783][T17582] netlink: 'syz.3.3463': attribute type 13 has an invalid length.
[  764.690566][T17582] netlink: 'syz.3.3463': attribute type 58 has an invalid length.
[  764.734356][T17582] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3463'.
[  764.770651][T17586] FAULT_INJECTION: forcing a failure.
[  764.770651][T17586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  764.848809][T17586] CPU: 0 UID: 0 PID: 17586 Comm: syz.1.3464 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  764.848849][T17586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  764.848866][T17586] Call Trace:
[  764.848876][T17586]  <TASK>
[  764.848887][T17586]  dump_stack_lvl+0x189/0x250
[  764.848922][T17586]  ? __pfx____ratelimit+0x10/0x10
[  764.848955][T17586]  ? __pfx_dump_stack_lvl+0x10/0x10
[  764.848983][T17586]  ? __pfx__printk+0x10/0x10
[  764.849017][T17586]  ? __asan_memcpy+0x40/0x70
[  764.849055][T17586]  should_fail_ex+0x414/0x560
[  764.849098][T17586]  _copy_to_user+0x31/0xb0
[  764.849131][T17586]  bpf_verifier_vlog+0x48c/0x900
[  764.849178][T17586]  btf_verifier_log+0x10a/0x180
[  764.849219][T17586]  ? __pfx_btf_verifier_log+0x10/0x10
[  764.849264][T17586]  ? btf_func_proto_log+0x645/0x840
[  764.849311][T17586]  __btf_verifier_log_type+0x3f5/0x630
[  764.849361][T17586]  ? __pfx___btf_verifier_log_type+0x10/0x10
[  764.849404][T17586]  ? sort+0xa4/0xf0
[  764.849438][T17586]  btf_func_proto_check_meta+0xed/0x160
[  764.849482][T17586]  btf_parse_type_sec+0x44a/0x24a0
[  764.849520][T17586]  ? __pfx_btf_check_sec_info+0x10/0x10
[  764.849551][T17586]  ? btf_parse_str_sec+0x212/0x2a0
[  764.849580][T17586]  btf_new_fd+0x40e/0xc90
[  764.849605][T17586]  ? apparmor_capable+0x137/0x1b0
[  764.849652][T17586]  ? __pfx_btf_new_fd+0x10/0x10
[  764.849680][T17586]  ? bpf_token_put+0x143/0x160
[  764.849714][T17586]  ? bpf_btf_load+0x126/0x190
[  764.849751][T17586]  __sys_bpf+0x406/0x870
[  764.849784][T17586]  ? __pfx___sys_bpf+0x10/0x10
[  764.849844][T17586]  ? rcu_is_watching+0x15/0xb0
[  764.849889][T17586]  __x64_sys_bpf+0x7c/0x90
[  764.849919][T17586]  do_syscall_64+0xfa/0x3b0
[  764.849951][T17586]  ? lockdep_hardirqs_on+0x9c/0x150
[  764.849982][T17586]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.850008][T17586]  ? clear_bhb_loop+0x60/0xb0
[  764.850039][T17586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.850064][T17586] RIP: 0033:0x7f143ad8eb69
[  764.850086][T17586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  764.850108][T17586] RSP: 002b:00007f143bb22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  764.850135][T17586] RAX: ffffffffffffffda RBX: 00007f143afb5fa0 RCX: 00007f143ad8eb69
[  764.850154][T17586] RDX: 0000000000000028 RSI: 0000200000000540 RDI: 0000000000000012
[  764.850171][T17586] RBP: 00007f143bb22090 R08: 0000000000000000 R09: 0000000000000000
[  764.850187][T17586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  764.850202][T17586] R13: 0000000000000001 R14: 00007f143afb5fa0 R15: 00007ffe3b30faa8
[  764.850242][T17586]  </TASK>
[  765.516280][T17595] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.3467'.
[  767.528341][T17652] netlink: 164 bytes leftover after parsing attributes in process `syz.0.3483'.
[  770.768969][T17670] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3489'.
[  770.779840][T17675] netlink: 'syz.1.3491': attribute type 37 has an invalid length.
[  770.788627][T17676] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3491'.
[  770.809077][T17676] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  770.970299][T17702] netlink: 'syz.1.3498': attribute type 25 has an invalid length.
[  771.014407][T17702] netlink: 'syz.1.3498': attribute type 28 has an invalid length.
[  771.060798][T17710] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3497'.
[  771.139614][T17700] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3497'.
[  771.627399][T17720] FAULT_INJECTION: forcing a failure.
[  771.627399][T17720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  771.663713][T17720] CPU: 1 UID: 0 PID: 17720 Comm: syz.4.3503 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  771.663746][T17720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  771.663761][T17720] Call Trace:
[  771.663772][T17720]  <TASK>
[  771.663785][T17720]  dump_stack_lvl+0x189/0x250
[  771.663820][T17720]  ? __pfx____ratelimit+0x10/0x10
[  771.663854][T17720]  ? __pfx_dump_stack_lvl+0x10/0x10
[  771.663883][T17720]  ? __pfx__printk+0x10/0x10
[  771.663918][T17720]  ? __might_fault+0xb0/0x130
[  771.663960][T17720]  ? __might_fault+0xb0/0x130
[  771.664011][T17720]  should_fail_ex+0x414/0x560
[  771.664063][T17720]  _copy_from_user+0x2d/0xb0
[  771.664097][T17720]  dev_ethtool+0xd0/0x19b0
[  771.664155][T17720]  ? __pfx_perf_trace_lock+0x10/0x10
[  771.664205][T17720]  ? __pfx_dev_ethtool+0x10/0x10
[  771.664248][T17720]  ? dev_load+0x21/0x1f0
[  771.664300][T17720]  ? dev_load+0x21/0x1f0
[  771.664340][T17720]  ? dev_load+0x21/0x1f0
[  771.664379][T17720]  dev_ioctl+0x392/0x1150
[  771.664426][T17720]  sock_do_ioctl+0x22c/0x300
[  771.664465][T17720]  ? __pfx_sock_do_ioctl+0x10/0x10
[  771.664547][T17720]  sock_ioctl+0x576/0x790
[  771.664584][T17720]  ? __pfx_sock_ioctl+0x10/0x10
[  771.664622][T17720]  ? __fget_files+0x2a/0x420
[  771.664653][T17720]  ? __fget_files+0x3a0/0x420
[  771.664683][T17720]  ? __fget_files+0x2a/0x420
[  771.664728][T17720]  ? bpf_lsm_file_ioctl+0x9/0x20
[  771.664757][T17720]  ? __pfx_sock_ioctl+0x10/0x10
[  771.664785][T17720]  __se_sys_ioctl+0xfc/0x170
[  771.664823][T17720]  do_syscall_64+0xfa/0x3b0
[  771.664852][T17720]  ? lockdep_hardirqs_on+0x9c/0x150
[  771.664883][T17720]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.664907][T17720]  ? clear_bhb_loop+0x60/0xb0
[  771.664943][T17720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.664966][T17720] RIP: 0033:0x7f3c64d8eb69
[  771.664990][T17720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.665009][T17720] RSP: 002b:00007f3c65c52038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  771.665034][T17720] RAX: ffffffffffffffda RBX: 00007f3c64fb5fa0 RCX: 00007f3c64d8eb69
[  771.665051][T17720] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000012
[  771.665067][T17720] RBP: 00007f3c65c52090 R08: 0000000000000000 R09: 0000000000000000
[  771.665081][T17720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  771.665095][T17720] R13: 0000000000000000 R14: 00007f3c64fb5fa0 R15: 00007ffde0401908
[  771.665163][T17720]  </TASK>
[  772.329109][T17739] netlink: 'syz.0.3509': attribute type 4 has an invalid length.
[  772.330123][T17740] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.3508'.
[  772.350146][T17739] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.3509'.
[  772.363997][T17739] FAULT_INJECTION: forcing a failure.
[  772.363997][T17739] name failslab, interval 1, probability 0, space 0, times 0
[  772.392112][T17739] CPU: 1 UID: 0 PID: 17739 Comm: syz.0.3509 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  772.392148][T17739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  772.392163][T17739] Call Trace:
[  772.392173][T17739]  <TASK>
[  772.392184][T17739]  dump_stack_lvl+0x189/0x250
[  772.392215][T17739]  ? __pfx____ratelimit+0x10/0x10
[  772.392244][T17739]  ? __pfx_dump_stack_lvl+0x10/0x10
[  772.392269][T17739]  ? __pfx__printk+0x10/0x10
[  772.392305][T17739]  ? __pfx___might_resched+0x10/0x10
[  772.392343][T17739]  ? fs_reclaim_acquire+0x7d/0x100
[  772.392377][T17739]  should_fail_ex+0x414/0x560
[  772.392423][T17739]  should_failslab+0xa8/0x100
[  772.392458][T17739]  __kmalloc_cache_noprof+0x70/0x3d0
[  772.392487][T17739]  ? fou_nl_add_doit+0x1be/0x690
[  772.392523][T17739]  fou_nl_add_doit+0x1be/0x690
[  772.392557][T17739]  ? __pfx_fou_nl_add_doit+0x10/0x10
[  772.392619][T17739]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  772.392653][T17739]  genl_family_rcv_msg_doit+0x215/0x300
[  772.392686][T17739]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  772.392725][T17739]  ? bpf_lsm_capable+0x9/0x20
[  772.392753][T17739]  ? security_capable+0x7e/0x2e0
[  772.392787][T17739]  genl_rcv_msg+0x60e/0x790
[  772.392823][T17739]  ? __pfx_genl_rcv_msg+0x10/0x10
[  772.392844][T17739]  ? __pfx_fou_nl_add_doit+0x10/0x10
[  772.392874][T17739]  ? __asan_memcpy+0x40/0x70
[  772.392904][T17739]  ? __pfx_ref_tracker_free+0x10/0x10
[  772.392947][T17739]  netlink_rcv_skb+0x205/0x470
[  772.392975][T17739]  ? __lock_acquire+0xab9/0xd20
[  772.393005][T17739]  ? __pfx_genl_rcv_msg+0x10/0x10
[  772.393035][T17739]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  772.393088][T17739]  ? down_read+0x1ad/0x2e0
[  772.393128][T17739]  genl_rcv+0x28/0x40
[  772.393148][T17739]  netlink_unicast+0x82c/0x9e0
[  772.393186][T17739]  ? __pfx_netlink_unicast+0x10/0x10
[  772.393215][T17739]  ? netlink_sendmsg+0x642/0xb30
[  772.393243][T17739]  ? skb_put+0x11b/0x210
[  772.393280][T17739]  netlink_sendmsg+0x805/0xb30
[  772.393322][T17739]  ? __pfx_netlink_sendmsg+0x10/0x10
[  772.393358][T17739]  ? aa_sock_msg_perm+0x94/0x160
[  772.393386][T17739]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  772.393409][T17739]  ? __pfx_netlink_sendmsg+0x10/0x10
[  772.393440][T17739]  __sock_sendmsg+0x21c/0x270
[  772.393471][T17739]  ____sys_sendmsg+0x505/0x830
[  772.393512][T17739]  ? __pfx_____sys_sendmsg+0x10/0x10
[  772.393557][T17739]  ? import_iovec+0x74/0xa0
[  772.393599][T17739]  ___sys_sendmsg+0x21f/0x2a0
[  772.393637][T17739]  ? __pfx____sys_sendmsg+0x10/0x10
[  772.393715][T17739]  ? __fget_files+0x2a/0x420
[  772.393745][T17739]  ? __fget_files+0x3a0/0x420
[  772.393787][T17739]  __x64_sys_sendmsg+0x19b/0x260
[  772.393825][T17739]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  772.393872][T17739]  ? __pfx_ksys_write+0x10/0x10
[  772.393896][T17739]  ? rcu_is_watching+0x15/0xb0
[  772.393936][T17739]  ? do_syscall_64+0xbe/0x3b0
[  772.393971][T17739]  do_syscall_64+0xfa/0x3b0
[  772.393999][T17739]  ? lockdep_hardirqs_on+0x9c/0x150
[  772.394027][T17739]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.394050][T17739]  ? clear_bhb_loop+0x60/0xb0
[  772.394077][T17739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.394098][T17739] RIP: 0033:0x7f83e278eb69
[  772.394118][T17739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  772.394139][T17739] RSP: 002b:00007f83e35b9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  772.394246][T17739] RAX: ffffffffffffffda RBX: 00007f83e29b6080 RCX: 00007f83e278eb69
[  772.394265][T17739] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  772.394281][T17739] RBP: 00007f83e35b9090 R08: 0000000000000000 R09: 0000000000000000
[  772.394366][T17739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  772.394390][T17739] R13: 0000000000000000 R14: 00007f83e29b6080 R15: 00007ffec344d8c8
[  772.394429][T17739]  </TASK>
[  772.868388][T17741] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3510'.
[  772.959828][T17749] netlink: 'syz.1.3512': attribute type 10 has an invalid length.
[  775.091820][T17749] 8021q: adding VLAN 0 to HW filter on device bond0
[  775.121553][T17749] team0: Port device bond0 added
[  775.136178][T17762] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3514'.
[  775.285797][T17775] netlink: 15999 bytes leftover after parsing attributes in process `syz.1.3518'.
[  775.844043][T17789] netlink: 128 bytes leftover after parsing attributes in process `syz.3.3521'.
[  775.860938][T17789] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  776.211281][T17792] netlink: 15743 bytes leftover after parsing attributes in process `syz.1.3525'.
[  776.390542][T17798] netlink: 'syz.3.3526': attribute type 14 has an invalid length.
[  776.404278][T17803] FAULT_INJECTION: forcing a failure.
[  776.404278][T17803] name failslab, interval 1, probability 0, space 0, times 0
[  776.420303][T17803] CPU: 0 UID: 0 PID: 17803 Comm: syz.0.3527 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  776.420335][T17803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  776.420347][T17803] Call Trace:
[  776.420355][T17803]  <TASK>
[  776.420364][T17803]  dump_stack_lvl+0x189/0x250
[  776.420393][T17803]  ? __pfx____ratelimit+0x10/0x10
[  776.420420][T17803]  ? __pfx_dump_stack_lvl+0x10/0x10
[  776.420443][T17803]  ? __pfx__printk+0x10/0x10
[  776.420476][T17803]  ? __pfx___might_resched+0x10/0x10
[  776.420512][T17803]  should_fail_ex+0x414/0x560
[  776.420549][T17803]  should_failslab+0xa8/0x100
[  776.420582][T17803]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  776.420611][T17803]  ? __alloc_skb+0x112/0x2d0
[  776.420647][T17803]  __alloc_skb+0x112/0x2d0
[  776.420682][T17803]  netlink_sendmsg+0x5c6/0xb30
[  776.420723][T17803]  ? __pfx_netlink_sendmsg+0x10/0x10
[  776.420757][T17803]  ? aa_sock_msg_perm+0x94/0x160
[  776.420785][T17803]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  776.420806][T17803]  ? __pfx_netlink_sendmsg+0x10/0x10
[  776.420838][T17803]  __sock_sendmsg+0x21c/0x270
[  776.420875][T17803]  ____sys_sendmsg+0x505/0x830
[  776.420916][T17803]  ? __pfx_____sys_sendmsg+0x10/0x10
[  776.420960][T17803]  ? import_iovec+0x74/0xa0
[  776.420991][T17803]  ___sys_sendmsg+0x21f/0x2a0
[  776.421028][T17803]  ? __pfx____sys_sendmsg+0x10/0x10
[  776.421093][T17803]  ? __fget_files+0x2a/0x420
[  776.421137][T17803]  ? __fget_files+0x2a/0x420
[  776.421165][T17803]  ? __fget_files+0x3a0/0x420
[  776.421207][T17803]  __x64_sys_sendmsg+0x19b/0x260
[  776.421245][T17803]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  776.421291][T17803]  ? __pfx_ksys_write+0x10/0x10
[  776.421314][T17803]  ? rcu_is_watching+0x15/0xb0
[  776.421353][T17803]  ? do_syscall_64+0xbe/0x3b0
[  776.421400][T17803]  do_syscall_64+0xfa/0x3b0
[  776.421426][T17803]  ? lockdep_hardirqs_on+0x9c/0x150
[  776.421454][T17803]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.421476][T17803]  ? clear_bhb_loop+0x60/0xb0
[  776.421503][T17803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.421524][T17803] RIP: 0033:0x7f83e278eb69
[  776.421544][T17803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  776.421563][T17803] RSP: 002b:00007f83e35da038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  776.421586][T17803] RAX: ffffffffffffffda RBX: 00007f83e29b5fa0 RCX: 00007f83e278eb69
[  776.421603][T17803] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  776.421618][T17803] RBP: 00007f83e35da090 R08: 0000000000000000 R09: 0000000000000000
[  776.421632][T17803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  776.421646][T17803] R13: 0000000000000000 R14: 00007f83e29b5fa0 R15: 00007ffec344d8c8
[  776.421680][T17803]  </TASK>
[  776.755930][T17803] netlink: 'syz.0.3527': attribute type 21 has an invalid length.
[  776.764706][T17803] netlink: 'syz.0.3527': attribute type 10 has an invalid length.
[  776.775428][T17803] netlink: 55 bytes leftover after parsing attributes in process `syz.0.3527'.
[  776.829011][T17805] netlink: 'syz.4.3528': attribute type 21 has an invalid length.
[  776.890812][T17808] netlink: 'syz.4.3528': attribute type 10 has an invalid length.
[  776.915464][T17808] netlink: 55 bytes leftover after parsing attributes in process `syz.4.3528'.
[  777.014990][T17820] netlink: 17 bytes leftover after parsing attributes in process `syz.2.3532'.
[  777.044306][T17820] netlink: zone id is out of range
[  777.051127][T17820] netlink: zone id is out of range
[  777.089635][T17820] netlink: zone id is out of range
[  777.134749][T17820] netlink: zone id is out of range
[  777.150840][T17820] netlink: zone id is out of range
[  777.201537][T17820] netlink: zone id is out of range
[  777.252138][T17820] netlink: zone id is out of range
[  777.294238][T17820] netlink: zone id is out of range
[  777.354070][T17820] netlink: zone id is out of range
[  777.776226][T17834] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3538'.
[  778.187188][T17851] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.3541'.
[  778.484475][T17862] netlink: 'syz.1.3545': attribute type 2 has an invalid length.
[  778.497376][T17862] netlink: 164 bytes leftover after parsing attributes in process `syz.1.3545'.
[  778.509297][T17862] FAULT_INJECTION: forcing a failure.
[  778.509297][T17862] name failslab, interval 1, probability 0, space 0, times 0
[  778.528773][T17862] CPU: 0 UID: 0 PID: 17862 Comm: syz.1.3545 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  778.528806][T17862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  778.528821][T17862] Call Trace:
[  778.528832][T17862]  <TASK>
[  778.528842][T17862]  dump_stack_lvl+0x189/0x250
[  778.528873][T17862]  ? __pfx____ratelimit+0x10/0x10
[  778.528903][T17862]  ? __pfx_dump_stack_lvl+0x10/0x10
[  778.528937][T17862]  ? __pfx__printk+0x10/0x10
[  778.528973][T17862]  ? __pfx___might_resched+0x10/0x10
[  778.529006][T17862]  ? fs_reclaim_acquire+0x7d/0x100
[  778.529046][T17862]  should_fail_ex+0x414/0x560
[  778.529085][T17862]  should_failslab+0xa8/0x100
[  778.529120][T17862]  __kmalloc_cache_noprof+0x70/0x3d0
[  778.529151][T17862]  ? fib_insert_alias+0x66a/0x1210
[  778.529188][T17862]  fib_insert_alias+0x66a/0x1210
[  778.529236][T17862]  fib_table_insert+0x67c/0x1b50
[  778.529288][T17862]  ? l3mdev_fib_table+0x18/0x160
[  778.529320][T17862]  fib_magic+0x2c4/0x390
[  778.529352][T17862]  ? __pfx_fib_magic+0x10/0x10
[  778.529372][T17862]  ? queue_work_on+0x1ed/0x270
[  778.529410][T17862]  ? preempt_schedule_notrace+0xd1/0x110
[  778.529437][T17862]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[  778.529462][T17862]  ? addr_event+0x34f/0x470
[  778.529502][T17862]  fib_add_ifaddr+0x144/0x5f0
[  778.529537][T17862]  fib_inetaddr_event+0x12e/0x190
[  778.529569][T17862]  notifier_call_chain+0x1b3/0x3e0
[  778.529615][T17862]  blocking_notifier_call_chain+0x6a/0x90
[  778.529642][T17862]  __inet_insert_ifa+0xa13/0xbf0
[  778.529685][T17862]  ? __pfx___inet_insert_ifa+0x10/0x10
[  778.529724][T17862]  inet_rtm_newaddr+0xf3a/0x18b0
[  778.529765][T17862]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  778.529810][T17862]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  778.529834][T17862]  rtnetlink_rcv_msg+0x7cc/0xb70
[  778.529870][T17862]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  778.529900][T17862]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  778.529935][T17862]  ? ref_tracker_free+0x63a/0x7d0
[  778.529970][T17862]  ? __asan_memcpy+0x40/0x70
[  778.529994][T17862]  ? __pfx_ref_tracker_free+0x10/0x10
[  778.530025][T17862]  ? __skb_clone+0x63/0x7a0
[  778.530057][T17862]  netlink_rcv_skb+0x205/0x470
[  778.530090][T17862]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  778.530122][T17862]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  778.530166][T17862]  ? netlink_deliver_tap+0x2e/0x1b0
[  778.530205][T17862]  netlink_unicast+0x82c/0x9e0
[  778.530243][T17862]  ? __pfx_netlink_unicast+0x10/0x10
[  778.530272][T17862]  ? netlink_sendmsg+0x642/0xb30
[  778.530300][T17862]  ? skb_put+0x11b/0x210
[  778.530337][T17862]  netlink_sendmsg+0x805/0xb30
[  778.530378][T17862]  ? __pfx_netlink_sendmsg+0x10/0x10
[  778.530413][T17862]  ? aa_sock_msg_perm+0x94/0x160
[  778.530441][T17862]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  778.530463][T17862]  ? __pfx_netlink_sendmsg+0x10/0x10
[  778.530496][T17862]  __sock_sendmsg+0x21c/0x270
[  778.530526][T17862]  sock_write_iter+0x258/0x330
[  778.530554][T17862]  ? __pfx_sock_write_iter+0x10/0x10
[  778.530592][T17862]  ? bpf_lsm_file_permission+0x9/0x20
[  778.530616][T17862]  ? security_file_permission+0x75/0x290
[  778.530662][T17862]  vfs_write+0x548/0xa90
[  778.530695][T17862]  ? __pfx_sock_write_iter+0x10/0x10
[  778.530721][T17862]  ? __pfx_vfs_write+0x10/0x10
[  778.530759][T17862]  ? __fget_files+0x2a/0x420
[  778.530801][T17862]  ksys_write+0x145/0x250
[  778.530831][T17862]  ? __pfx_ksys_write+0x10/0x10
[  778.530855][T17862]  ? rcu_is_watching+0x15/0xb0
[  778.530895][T17862]  ? do_syscall_64+0xbe/0x3b0
[  778.530936][T17862]  do_syscall_64+0xfa/0x3b0
[  778.530964][T17862]  ? lockdep_hardirqs_on+0x9c/0x150
[  778.530992][T17862]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.531015][T17862]  ? clear_bhb_loop+0x60/0xb0
[  778.531043][T17862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.531066][T17862] RIP: 0033:0x7f143ad8eb69
[  778.531086][T17862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  778.531105][T17862] RSP: 002b:00007f143bb22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  778.531129][T17862] RAX: ffffffffffffffda RBX: 00007f143afb5fa0 RCX: 00007f143ad8eb69
[  778.531146][T17862] RDX: 000000000000fe33 RSI: 0000200000000580 RDI: 0000000000000003
[  778.531161][T17862] RBP: 00007f143bb22090 R08: 0000000000000000 R09: 0000000000000000
[  778.531176][T17862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  778.531189][T17862] R13: 0000000000000000 R14: 00007f143afb5fa0 R15: 00007ffe3b30faa8
[  778.531224][T17862]  </TASK>
[  779.082672][T17863] netlink: 13 bytes leftover after parsing attributes in process `syz.4.3544'.
[  779.247058][T17867] syzkaller0: entered promiscuous mode
[  779.253819][T17867] syzkaller0: entered allmulticast mode
[  781.880754][T17899] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.3556'.
[  783.480224][T17935] netlink: 'syz.2.3568': attribute type 21 has an invalid length.
[  783.491275][T17935] netlink: 14508 bytes leftover after parsing attributes in process `syz.2.3568'.
[  783.688882][T17947] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3573'.
[  783.723921][T17947] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3573'.
[  783.742489][T17947] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3573'.
[  783.998478][T17953] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3572'.
[  784.308595][T17943] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3572'.
[  787.219544][T18021] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3590'.
[  787.239118][T18008] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3590'.
[  787.262951][T18023] netlink: 65047 bytes leftover after parsing attributes in process `syz.2.3593'.
[  788.793410][T18059] netlink: 'syz.4.3604': attribute type 11 has an invalid length.
[  788.808769][T18059] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.3604'.
[  788.843132][T18059] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  789.831610][T18072] netlink: 1010 bytes leftover after parsing attributes in process `syz.1.3608'.
[  789.873745][T18072] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  790.157732][T18081] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3610'.
[  790.203380][T18073] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3610'.
[  790.789631][T18101] netlink: 'syz.1.3617': attribute type 10 has an invalid length.
[  791.064679][T18103] netlink: 'syz.2.3616': attribute type 10 has an invalid length.
[  792.267108][T18120] netlink: 17 bytes leftover after parsing attributes in process `syz.0.3623'.
[  792.308487][T18120] net_ratelimit: 77 callbacks suppressed
[  792.308509][T18120] netlink: zone id is out of range
[  792.322175][T18120] netlink: zone id is out of range
[  792.330795][T18120] netlink: zone id is out of range
[  792.350558][T18120] netlink: zone id is out of range
[  792.361811][T18120] netlink: zone id is out of range
[  792.398374][T18120] netlink: zone id is out of range
[  792.505374][T18132] netlink: 'syz.1.3627': attribute type 64 has an invalid length.
[  792.538845][T18120] netlink: zone id is out of range
[  792.544302][T18120] netlink: zone id is out of range
[  792.572921][T18120] netlink: zone id is out of range
[  792.578662][T18120] netlink: zone id is out of range
[  793.158180][T18141] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3629'.
[  793.196075][T18136] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3629'.
[  794.509447][T18174] netlink: 17 bytes leftover after parsing attributes in process `syz.3.3640'.
[  794.545051][T18175] warn_alloc: 1 callbacks suppressed
[  794.545072][T18175] syz.4.3641: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  794.580636][T18175] CPU: 0 UID: 0 PID: 18175 Comm: syz.4.3641 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  794.580670][T18175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  794.580685][T18175] Call Trace:
[  794.580694][T18175]  <TASK>
[  794.580708][T18175]  dump_stack_lvl+0x189/0x250
[  794.580744][T18175]  ? __pfx_dump_stack_lvl+0x10/0x10
[  794.580770][T18175]  ? __pfx__printk+0x10/0x10
[  794.580802][T18175]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  794.580828][T18175]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  794.580858][T18175]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  794.580887][T18175]  warn_alloc+0x214/0x310
[  794.580923][T18175]  ? stack_depot_save_flags+0x40/0x900
[  794.580962][T18175]  ? __pfx_warn_alloc+0x10/0x10
[  794.581000][T18175]  ? kasan_save_track+0x4f/0x80
[  794.581031][T18175]  ? xskq_create+0x56/0x170
[  794.581057][T18175]  ? xsk_init_queue+0xb0/0x110
[  794.581081][T18175]  ? xsk_setsockopt+0x57b/0x8d0
[  794.581105][T18175]  ? do_sock_setsockopt+0x179/0x1b0
[  794.581210][T18175]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  794.581243][T18175]  ? do_syscall_64+0xfa/0x3b0
[  794.581273][T18175]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.581306][T18175]  __vmalloc_node_range_noprof+0x125/0x12f0
[  794.581376][T18175]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  794.581456][T18175]  ? __kasan_kmalloc+0x93/0xb0
[  794.581493][T18175]  vmalloc_user_noprof+0xad/0xf0
[  794.581530][T18175]  ? xskq_create+0xbf/0x170
[  794.581561][T18175]  xskq_create+0xbf/0x170
[  794.581596][T18175]  xsk_init_queue+0xb0/0x110
[  794.581630][T18175]  xsk_setsockopt+0x57b/0x8d0
[  794.581660][T18175]  ? __pfx_xsk_setsockopt+0x10/0x10
[  794.581688][T18175]  ? __pfx_aa_sk_perm+0x10/0x10
[  794.581717][T18175]  ? __fget_files+0x2a/0x420
[  794.581750][T18175]  ? aa_sock_opt_perm+0x74/0x110
[  794.581780][T18175]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  794.581804][T18175]  ? __pfx_xsk_setsockopt+0x10/0x10
[  794.581833][T18175]  do_sock_setsockopt+0x179/0x1b0
[  794.581876][T18175]  __x64_sys_setsockopt+0x13f/0x1b0
[  794.581921][T18175]  do_syscall_64+0xfa/0x3b0
[  794.581953][T18175]  ? lockdep_hardirqs_on+0x9c/0x150
[  794.581984][T18175]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.582007][T18175]  ? clear_bhb_loop+0x60/0xb0
[  794.582037][T18175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.582062][T18175] RIP: 0033:0x7f3c64d8eb69
[  794.582084][T18175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  794.582104][T18175] RSP: 002b:00007f3c65c31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  794.582131][T18175] RAX: ffffffffffffffda RBX: 00007f3c64fb6080 RCX: 00007f3c64d8eb69
[  794.582148][T18175] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000007
[  794.582163][T18175] RBP: 00007f3c64e11df1 R08: 0000000000000004 R09: 0000000000000000
[  794.582179][T18175] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  794.582194][T18175] R13: 0000000000000000 R14: 00007f3c64fb6080 R15: 00007ffde0401908
[  794.582231][T18175]  </TASK>
[  794.582496][T18175] Mem-Info:
[  794.915903][T18175] active_anon:7953 inactive_anon:0 isolated_anon:0
[  794.915903][T18175]  active_file:21867 inactive_file:40110 isolated_file:0
[  794.915903][T18175]  unevictable:768 dirty:212 writeback:0
[  794.915903][T18175]  slab_reclaimable:10905 slab_unreclaimable:99636
[  794.915903][T18175]  mapped:30055 shmem:1356 pagetables:1257
[  794.915903][T18175]  sec_pagetables:0 bounce:0
[  794.915903][T18175]  kernel_misc_reclaimable:0
[  794.915903][T18175]  free:1309898 free_pcp:15274 free_cma:0
[  794.971783][T18175] Node 0 active_anon:31812kB inactive_anon:0kB active_file:87468kB inactive_file:160244kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120220kB dirty:848kB writeback:0kB shmem:3888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11552kB pagetables:4900kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  795.018929][T18175] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  795.075112][T18175] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  795.121008][T18175] lowmem_reserve[]: 0 2500 2502 2502 2502
[  795.175643][T18175] Node 0 DMA32 free:1338316kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31412kB inactive_anon:0kB active_file:87468kB inactive_file:158428kB unevictable:1536kB writepending:852kB present:3129332kB managed:2560200kB mlocked:0kB bounce:0kB free_pcp:38424kB local_pcp:19664kB free_cma:0kB
[  795.217509][T18175] lowmem_reserve[]: 0 0 1 1 1
[  795.222326][T18175] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1816kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  795.336073][T18175] lowmem_reserve[]: 0 0 0 0 0
[  795.340918][T18175] Node 1 Normal free:3885888kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:23568kB local_pcp:13612kB free_cma:0kB
[  795.411313][T18175] lowmem_reserve[]: 0 0 0 0 0
[  795.417062][T18175] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  795.437994][T18175] Node 0 DMA32: 2301*4kB (UME) 1891*8kB (UME) 1214*16kB (UME) 987*32kB (UME) 286*64kB (UME) 198*128kB (UME) 127*256kB (UME) 52*512kB (UME) 45*1024kB (UM) 6*2048kB (M) 269*4096kB (UM) = 1338316kB
[  795.471735][T18175] Node 0 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB
[  795.494370][T18175] Node 1 Normal: 142*4kB (UE) 35*8kB (UME) 23*16kB (UME) 56*32kB (UME) 12*64kB (UME) 7*128kB (UME) 5*256kB (UME) 4*512kB (UME) 1*1024kB (M) 1*2048kB (E) 946*4096kB (M) = 3885888kB
[  795.513194][T18175] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  795.525105][T18175] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  795.537042][T18175] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  795.547387][T18175] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  795.560723][T18175] 63329 total pagecache pages
[  795.568105][T18175] 0 pages in swap cache
[  795.585231][T18175] Free swap  = 124996kB
[  795.589469][T18175] Total swap = 124996kB
[  795.604515][T18175] 2097051 pages RAM
[  795.608506][T18175] 0 pages HighMem/MovableOnly
[  795.613818][T18175] 424895 pages reserved
[  795.622597][T18175] 0 pages cma reserved
[  795.665576][ T5860] Bluetooth: hci4: command 0x0406 tx timeout
[  797.486218][T18237] netlink: 'syz.3.3662': attribute type 10 has an invalid length.
[  797.528938][T18237] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3662'.
[  797.570727][T18237] bond0: entered promiscuous mode
[  797.638344][T18237] bond_slave_0: entered promiscuous mode
[  797.644836][T18237] bond_slave_1: entered promiscuous mode
[  797.678015][T18237] bridge0: port 1(bond0) entered blocking state
[  797.719585][T18237] bridge0: port 1(bond0) entered disabled state
[  797.800921][T18237] bond0: entered allmulticast mode
[  797.855490][T18237] bond_slave_0: entered allmulticast mode
[  797.899326][T18237] bond_slave_1: entered allmulticast mode
[  798.043977][T18237] bridge0: port 1(bond0) entered blocking state
[  798.051396][T18237] bridge0: port 1(bond0) entered forwarding state
[  798.230206][T18242] netlink: 'syz.3.3662': attribute type 14 has an invalid length.
[  798.284420][T18260] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3667'.
[  798.312338][T18258] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3667'.
[  798.484319][T18258] netlink: 'syz.1.3667': attribute type 3 has an invalid length.
[  798.503773][T18272] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3670'.
[  798.554450][T18258] netlink: 'syz.1.3667': attribute type 3 has an invalid length.
[  798.572830][T18268] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3670'.
[  798.585833][T18258] netlink: 'syz.1.3667': attribute type 2 has an invalid length.
[  798.593896][T18258] netlink: 127708 bytes leftover after parsing attributes in process `syz.1.3667'.
[  798.624812][T18273] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3670'.
[  798.979927][T18279] can: request_module (can-proto-5) failed.
[  799.625983][T18278] delete_channel: no stack
[  800.593305][T18313] netlink: 15999 bytes leftover after parsing attributes in process `syz.4.3682'.
[  800.707643][T18315] netlink: 17 bytes leftover after parsing attributes in process `syz.2.3683'.
[  800.721743][T18315] net_ratelimit: 158 callbacks suppressed
[  800.721770][T18315] netlink: zone id is out of range
[  800.734046][T18315] netlink: zone id is out of range
[  800.739378][T18315] netlink: zone id is out of range
[  800.744813][T18315] netlink: zone id is out of range
[  800.750223][T18315] netlink: zone id is out of range
[  800.765362][T18315] netlink: zone id is out of range
[  800.812675][T18315] netlink: zone id is out of range
[  800.819539][T18322] netlink: 'syz.1.3687': attribute type 10 has an invalid length.
[  800.831935][T18315] netlink: zone id is out of range
[  800.848983][T18315] netlink: zone id is out of range
[  800.854688][T18315] netlink: zone id is out of range
[  801.044886][T18326] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.3688'.
[  804.374771][T18360] __nla_validate_parse: 1 callbacks suppressed
[  804.374800][T18360] netlink: 15999 bytes leftover after parsing attributes in process `syz.4.3698'.
[  804.428981][T18362] netlink: 'syz.0.3699': attribute type 10 has an invalid length.
[  804.445138][T18362] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3699'.
[  804.496795][T18362] bond0: entered promiscuous mode
[  804.527845][T18362] bond_slave_0: entered promiscuous mode
[  804.541801][T18362] bond_slave_1: entered promiscuous mode
[  804.557839][T18362] bridge0: entered promiscuous mode
[  804.591693][T18362] bridge0: port 3(bond0) entered blocking state
[  804.621908][T18362] bridge0: port 3(bond0) entered disabled state
[  804.660320][T18362] bond0: entered allmulticast mode
[  804.710058][T18362] bond_slave_0: entered allmulticast mode
[  804.726480][T18362] bond_slave_1: entered allmulticast mode
[  804.734477][T18362] bridge0: entered allmulticast mode
[  804.819909][T18362] bond0: left allmulticast mode
[  804.825025][T18362] bond_slave_0: left allmulticast mode
[  804.850162][T18362] bond_slave_1: left allmulticast mode
[  804.874947][T18362] bridge0: left allmulticast mode
[  805.501625][T18388] netlink: 'syz.1.3708': attribute type 6 has an invalid length.
[  805.542410][T18388] netlink: 'syz.1.3708': attribute type 3 has an invalid length.
[  805.577786][T18388] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.3708'.
[  806.084910][T18402] -1: renamed from syzkaller0
[  806.275104][T18402] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3714'.
[  806.924817][T18414] netlink: 'syz.2.3716': attribute type 10 has an invalid length.
[  807.045390][T18414] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3716'.
[  807.640495][T18434] netlink: 168 bytes leftover after parsing attributes in process `syz.0.3722'.
[  808.463283][T18456] FAULT_INJECTION: forcing a failure.
[  808.463283][T18456] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  808.464422][T18456] 
[  808.464433][T18456] ======================================================
[  808.464441][T18456] WARNING: possible circular locking dependency detected
[  808.464454][T18456] 6.16.0-syzkaller-g93acc0f43f58 #0 Not tainted
[  808.464465][T18456] ------------------------------------------------------
[  808.464473][T18456] syz.3.3729/18456 is trying to acquire lock:
[  808.464484][T18456] ffffffff8e12e100 (console_owner){-.-.}-{0:0}, at: console_flush_all+0x13a/0xc40
[  808.464537][T18456] 
[  808.464537][T18456] but task is already holding lock:
[  808.464543][T18456] ffff8880b8739f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  808.464590][T18456] 
[  808.464590][T18456] which lock already depends on the new lock.
[  808.464590][T18456] 
[  808.464597][T18456] 
[  808.464597][T18456] the existing dependency chain (in reverse order) is:
[  808.464605][T18456] 
[  808.464605][T18456] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  808.464629][T18456]        lock_acquire+0x120/0x360
[  808.464652][T18456]        _raw_spin_lock_nested+0x32/0x50
[  808.464673][T18456]        raw_spin_rq_lock_nested+0x2a/0x140
[  808.464698][T18456]        task_rq_lock+0xbc/0x470
[  808.464720][T18456]        cgroup_move_task+0x92/0x2a0
[  808.464747][T18456]        css_set_move_task+0x658/0x9e0
[  808.464765][T18456]        cgroup_post_fork+0x1ef/0x790
[  808.464782][T18456]        copy_process+0x3862/0x3c00
[  808.464797][T18456]        kernel_clone+0x21e/0x840
[  808.464813][T18456]        user_mode_thread+0xdd/0x140
[  808.464874][T18456]        rest_init+0x23/0x300
[  808.464888][T18456]        start_kernel+0x3a9/0x410
[  808.464914][T18456]        x86_64_start_reservations+0x24/0x30
[  808.464934][T18456]        x86_64_start_kernel+0x143/0x1c0
[  808.464953][T18456]        common_startup_64+0x13e/0x147
[  808.464974][T18456] 
[  808.464974][T18456] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  808.464998][T18456]        lock_acquire+0x120/0x360
[  808.465019][T18456]        _raw_spin_lock_irqsave+0xa7/0xf0
[  808.465038][T18456]        try_to_wake_up+0x6e/0x1290
[  808.465055][T18456]        __wake_up_common_lock+0x134/0x1f0
[  808.465074][T18456]        tty_port_default_wakeup+0xa2/0xf0
[  808.465094][T18456]        serial8250_tx_chars+0x72e/0x970
[  808.465128][T18456]        serial8250_handle_irq+0x633/0xbb0
[  808.465145][T18456]        serial8250_default_handle_irq+0xbf/0x1e0
[  808.465167][T18456]        serial8250_interrupt+0x8a/0x160
[  808.465192][T18456]        __handle_irq_event_percpu+0x28c/0x980
[  808.465213][T18456]        handle_irq_event+0x8b/0x1e0
[  808.465232][T18456]        handle_edge_irq+0x23b/0x9f0
[  808.465250][T18456]        __common_interrupt+0x143/0x250
[  808.465277][T18456]        common_interrupt+0xb6/0xe0
[  808.465292][T18456]        asm_common_interrupt+0x26/0x40
[  808.465312][T18456]        pv_native_safe_halt+0x13/0x20
[  808.465334][T18456]        default_idle+0x13/0x20
[  808.465357][T18456]        default_idle_call+0x74/0xb0
[  808.465381][T18456]        do_idle+0x1e8/0x510
[  808.465403][T18456]        cpu_startup_entry+0x44/0x60
[  808.465426][T18456]        rest_init+0x2de/0x300
[  808.465438][T18456]        start_kernel+0x3a9/0x410
[  808.465462][T18456]        x86_64_start_reservations+0x24/0x30
[  808.465481][T18456]        x86_64_start_kernel+0x143/0x1c0
[  808.465498][T18456]        common_startup_64+0x13e/0x147
[  808.465517][T18456] 
[  808.465517][T18456] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[  808.465540][T18456]        lock_acquire+0x120/0x360
[  808.465560][T18456]        _raw_spin_lock_irqsave+0xa7/0xf0
[  808.465577][T18456]        __wake_up_common_lock+0x2f/0x1f0
[  808.465594][T18456]        tty_port_default_wakeup+0xa2/0xf0
[  808.465611][T18456]        serial8250_tx_chars+0x72e/0x970
[  808.465636][T18456]        serial8250_handle_irq+0x633/0xbb0
[  808.465650][T18456]        serial8250_default_handle_irq+0xbf/0x1e0
[  808.465669][T18456]        serial8250_interrupt+0x8a/0x160
[  808.465690][T18456]        __handle_irq_event_percpu+0x28c/0x980
[  808.465707][T18456]        handle_irq_event+0x8b/0x1e0
[  808.465723][T18456]        handle_edge_irq+0x23b/0x9f0
[  808.465737][T18456]        __common_interrupt+0x143/0x250
[  808.465760][T18456]        common_interrupt+0xb6/0xe0
[  808.465774][T18456]        asm_common_interrupt+0x26/0x40
[  808.465789][T18456]        pv_native_safe_halt+0x13/0x20
[  808.465807][T18456]        default_idle+0x13/0x20
[  808.465839][T18456]        default_idle_call+0x74/0xb0
[  808.465863][T18456]        do_idle+0x1e8/0x510
[  808.465885][T18456]        cpu_startup_entry+0x44/0x60
[  808.465908][T18456]        rest_init+0x2de/0x300
[  808.465921][T18456]        start_kernel+0x3a9/0x410
[  808.465944][T18456]        x86_64_start_reservations+0x24/0x30
[  808.465962][T18456]        x86_64_start_kernel+0x143/0x1c0
[  808.465980][T18456]        common_startup_64+0x13e/0x147
[  808.465999][T18456] 
[  808.465999][T18456] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  808.466022][T18456]        lock_acquire+0x120/0x360
[  808.466042][T18456]        _raw_spin_lock_irqsave+0xa7/0xf0
[  808.466060][T18456]        serial8250_console_write+0x17e/0x1ba0
[  808.466076][T18456]        console_flush_all+0x728/0xc40
[  808.466093][T18456]        console_unlock+0xc4/0x270
[  808.466106][T18456]        vprintk_emit+0x5b7/0x7a0
[  808.466119][T18456]        _printk+0xcf/0x120
[  808.466139][T18456]        register_console+0xa8b/0xf90
[  808.466155][T18456]        univ8250_console_init+0x3a/0x70
[  808.466173][T18456]        console_init+0x10e/0x430
[  808.466190][T18456]        start_kernel+0x254/0x410
[  808.466213][T18456]        x86_64_start_reservations+0x24/0x30
[  808.466233][T18456]        x86_64_start_kernel+0x143/0x1c0
[  808.466250][T18456]        common_startup_64+0x13e/0x147
[  808.466270][T18456] 
[  808.466270][T18456] -> #0 (console_owner){-.-.}-{0:0}:
[  808.466291][T18456]        validate_chain+0xb9b/0x2140
[  808.466316][T18456]        __lock_acquire+0xab9/0xd20
[  808.466336][T18456]        lock_acquire+0x120/0x360
[  808.466356][T18456]        console_flush_all+0x6d2/0xc40
[  808.466372][T18456]        console_unlock+0xc4/0x270
[  808.466385][T18456]        vprintk_emit+0x5b7/0x7a0
[  808.466398][T18456]        _printk+0xcf/0x120
[  808.466416][T18456]        should_fail_ex+0x3f5/0x560
[  808.466438][T18456]        strncpy_from_user+0x36/0x290
[  808.466458][T18456]        strncpy_from_user_nofault+0x72/0x150
[  808.466475][T18456]        bpf_probe_read_user_str+0x2a/0x70
[  808.466499][T18456]        bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  808.466513][T18456]        bpf_trace_run4+0x28b/0x4a0
[  808.466531][T18456]        __bpf_trace_sched_switch+0x17a/0x1e0
[  808.466549][T18456]        __traceiter_sched_switch+0x9d/0xd0
[  808.466566][T18456]        __schedule+0x238f/0x4cc0
[  808.466584][T18456]        preempt_schedule_common+0x83/0xd0
[  808.466603][T18456]        preempt_schedule+0xae/0xc0
[  808.466620][T18456]        preempt_schedule_thunk+0x16/0x30
[  808.466643][T18456]        on_each_cpu_cond_mask+0x7a/0x80
[  808.466668][T18456]        smp_text_poke_batch_finish+0x5f9/0x1130
[  808.466689][T18456]        __static_call_transform+0x4eb/0x750
[  808.466703][T18456]        arch_static_call_transform+0x98/0xc0
[  808.466728][T18456]        __static_call_update+0xe4/0x5d0
[  808.466744][T18456]        bpf_dispatcher_change_prog+0xacd/0xc90
[  808.466772][T18456]        bpf_prog_test_run_xdp+0x65d/0x1000
[  808.466794][T18456]        bpf_prog_test_run+0x2c7/0x340
[  808.466814][T18456]        __sys_bpf+0x581/0x870
[  808.466838][T18456]        __x64_sys_bpf+0x7c/0x90
[  808.466854][T18456]        do_syscall_64+0xfa/0x3b0
[  808.466876][T18456]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.466892][T18456] 
[  808.466892][T18456] other info that might help us debug this:
[  808.466892][T18456] 
[  808.466898][T18456] Chain exists of:
[  808.466898][T18456]   console_owner --> &p->pi_lock --> &rq->__lock
[  808.466898][T18456] 
[  808.466924][T18456]  Possible unsafe locking scenario:
[  808.466924][T18456] 
[  808.466930][T18456]        CPU0                    CPU1
[  808.466936][T18456]        ----                    ----
[  808.466942][T18456]   lock(&rq->__lock);
[  808.466953][T18456]                                lock(&p->pi_lock);
[  808.466965][T18456]                                lock(&rq->__lock);
[  808.466977][T18456]   lock(console_owner);
[  808.466989][T18456] 
[  808.466989][T18456]  *** DEADLOCK ***
[  808.466989][T18456] 
[  808.466994][T18456] 8 locks held by syz.3.3729/18456:
[  808.467005][T18456]  #0: ffffffff8f50d688 (bpf_dispatcher_xdp.mutex){+.+.}-{4:4}, at: bpf_dispatcher_change_prog+0x9c/0xc90
[  808.467054][T18456]  #1: ffffffff8dfd2f50 (cpu_hotplug_lock){++++}-{0:0}, at: __static_call_update+0x8d/0x5d0
[  808.467095][T18456]  #2: ffffffff8e1eae88 (static_call_mutex){+.+.}-{4:4}, at: __static_call_update+0x9b/0x5d0
[  808.467134][T18456]  #3: ffffffff8dfe6348 (text_mutex){+.+.}-{4:4}, at: arch_static_call_transform+0x2d/0xc0
[  808.467181][T18456]  #4: ffff8880b8739f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  808.467226][T18456]  #5: ffffffff8e139ea0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x19c/0x4a0
[  808.467267][T18456]  #6: ffffffff8e12e160 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x120
[  808.467313][T18456]  #7: ffffffff8e015a30 (console_srcu){....}-{0:0}, at: console_flush_all+0x13a/0xc40
[  808.467348][T18456] 
[  808.467348][T18456] stack backtrace:
[  808.467357][T18456] CPU: 1 UID: 0 PID: 18456 Comm: syz.3.3729 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  808.467375][T18456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  808.467385][T18456] Call Trace:
[  808.467392][T18456]  <TASK>
[  808.467399][T18456]  dump_stack_lvl+0x189/0x250
[  808.467418][T18456]  ? __pfx_dump_stack_lvl+0x10/0x10
[  808.467434][T18456]  ? __pfx__printk+0x10/0x10
[  808.467455][T18456]  ? print_lock_name+0xde/0x100
[  808.467476][T18456]  print_circular_bug+0x2ee/0x310
[  808.467493][T18456]  check_noncircular+0x134/0x160
[  808.467521][T18456]  validate_chain+0xb9b/0x2140
[  808.467558][T18456]  __lock_acquire+0xab9/0xd20
[  808.467582][T18456]  ? console_flush_all+0x13a/0xc40
[  808.467597][T18456]  lock_acquire+0x120/0x360
[  808.467616][T18456]  ? console_flush_all+0x13a/0xc40
[  808.467637][T18456]  ? do_raw_spin_unlock+0x122/0x240
[  808.467652][T18456]  ? console_flush_all+0x13a/0xc40
[  808.467669][T18456]  console_flush_all+0x6d2/0xc40
[  808.467684][T18456]  ? console_flush_all+0x13a/0xc40
[  808.467702][T18456]  ? console_flush_all+0x13a/0xc40
[  808.467721][T18456]  ? __pfx_console_flush_all+0x10/0x10
[  808.467743][T18456]  ? is_printk_cpu_sync_owner+0x32/0x40
[  808.467763][T18456]  console_unlock+0xc4/0x270
[  808.467779][T18456]  ? __pfx_console_unlock+0x10/0x10
[  808.467794][T18456]  ? is_printk_cpu_sync_owner+0x32/0x40
[  808.467815][T18456]  vprintk_emit+0x5b7/0x7a0
[  808.467836][T18456]  ? __pfx_vprintk_emit+0x10/0x10
[  808.467849][T18456]  ? do_user_addr_fault+0x100d/0x1390
[  808.467873][T18456]  ? __pfx___bad_area_nosemaphore+0x10/0x10
[  808.467904][T18456]  _printk+0xcf/0x120
[  808.467922][T18456]  ? __pfx____ratelimit+0x10/0x10
[  808.467942][T18456]  ? __pfx__printk+0x10/0x10
[  808.467962][T18456]  ? perf_trace_lock+0xec/0x3b0
[  808.467990][T18456]  should_fail_ex+0x3f5/0x560
[  808.468013][T18456]  strncpy_from_user+0x36/0x290
[  808.468035][T18456]  strncpy_from_user_nofault+0x72/0x150
[  808.468053][T18456]  bpf_probe_read_user_str+0x2a/0x70
[  808.468079][T18456]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  808.468094][T18456]  bpf_trace_run4+0x28b/0x4a0
[  808.468113][T18456]  ? bpf_trace_run4+0x19c/0x4a0
[  808.468131][T18456]  ? __pfx_bpf_trace_run4+0x10/0x10
[  808.468154][T18456]  ? __bpf_trace_sched_switch+0x15f/0x1e0
[  808.468174][T18456]  __bpf_trace_sched_switch+0x17a/0x1e0
[  808.468194][T18456]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  808.468212][T18456]  ? psi_group_change+0xab8/0x1050
[  808.468236][T18456]  ? __schedule+0x22e9/0x4cc0
[  808.468257][T18456]  ? __schedule+0x22e9/0x4cc0
[  808.468276][T18456]  ? tracing_record_taskinfo_sched_switch+0x7d/0x370
[  808.468295][T18456]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  808.468313][T18456]  __traceiter_sched_switch+0x9d/0xd0
[  808.468333][T18456]  __schedule+0x238f/0x4cc0
[  808.468352][T18456]  ? switch_mm_irqs_off+0x5b6/0x7a0
[  808.468374][T18456]  ? irqentry_exit+0x74/0x90
[  808.468397][T18456]  ? __pfx___schedule+0x10/0x10
[  808.468416][T18456]  ? smp_call_function_many_cond+0xd4b/0x12d0
[  808.468441][T18456]  ? smp_call_function_many_cond+0xd33/0x12d0
[  808.468469][T18456]  ? __pfx_do_sync_core+0x10/0x10
[  808.468487][T18456]  ? preempt_schedule+0xae/0xc0
[  808.468505][T18456]  preempt_schedule_common+0x83/0xd0
[  808.468524][T18456]  ? __pfx_do_sync_core+0x10/0x10
[  808.468541][T18456]  preempt_schedule+0xae/0xc0
[  808.468559][T18456]  ? __pfx_preempt_schedule+0x10/0x10
[  808.468576][T18456]  ? __pfx_text_poke_memcpy+0x10/0x10
[  808.468594][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  808.468611][T18456]  ? __pfx___text_poke+0x10/0x10
[  808.468631][T18456]  preempt_schedule_thunk+0x16/0x30
[  808.468654][T18456]  ? on_each_cpu_cond_mask+0x75/0x80
[  808.468679][T18456]  on_each_cpu_cond_mask+0x7a/0x80
[  808.468704][T18456]  smp_text_poke_batch_finish+0x5f9/0x1130
[  808.468725][T18456]  ? __pfx_smp_text_poke_batch_add+0x10/0x10
[  808.468739][T18456]  ? trace_contention_end+0x39/0x120
[  808.468757][T18456]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[  808.468780][T18456]  ? arch_static_call_transform+0x2d/0xc0
[  808.468804][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  808.468822][T18456]  __static_call_transform+0x4eb/0x750
[  808.468843][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  808.468860][T18456]  ? __pfx___static_call_transform+0x10/0x10
[  808.468877][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  808.468892][T18456]  ? __static_call_validate+0x148/0x240
[  808.468915][T18456]  ? 0xffffffffa02057c0
[  808.468927][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  808.468942][T18456]  arch_static_call_transform+0x98/0xc0
[  808.468967][T18456]  __static_call_update+0xe4/0x5d0
[  808.468984][T18456]  ? 0xffffffffa02057c0
[  808.468995][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  808.469011][T18456]  ? __pfx_sort+0x10/0x10
[  808.469028][T18456]  ? __pfx___static_call_update+0x10/0x10
[  808.469044][T18456]  ? 0xffffffffa02057c0
[  808.469059][T18456]  ? 0xffffffffa02057c0
[  808.469071][T18456]  ? 0xffffffffa02057c0
[  808.469085][T18456]  bpf_dispatcher_change_prog+0xacd/0xc90
[  808.469111][T18456]  ? 0xffffffffa02057c0
[  808.469124][T18456]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  808.469147][T18456]  ? 0xffffffffa0203154
[  808.469180][T18456]  ? _copy_from_user+0x94/0xb0
[  808.469199][T18456]  ? bpf_test_init+0x133/0x170
[  808.469217][T18456]  ? xdp_convert_md_to_buff+0x5b/0x330
[  808.469239][T18456]  bpf_prog_test_run_xdp+0x65d/0x1000
[  808.469268][T18456]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  808.469291][T18456]  ? __fget_files+0x2a/0x420
[  808.469315][T18456]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  808.469336][T18456]  bpf_prog_test_run+0x2c7/0x340
[  808.469358][T18456]  __sys_bpf+0x581/0x870
[  808.469377][T18456]  ? __pfx___sys_bpf+0x10/0x10
[  808.469404][T18456]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  808.469424][T18456]  ? __pfx_ksys_write+0x10/0x10
[  808.469441][T18456]  ? rcu_is_watching+0x15/0xb0
[  808.469468][T18456]  __x64_sys_bpf+0x7c/0x90
[  808.469485][T18456]  do_syscall_64+0xfa/0x3b0
[  808.469504][T18456]  ? lockdep_hardirqs_on+0x9c/0x150
[  808.469523][T18456]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.469539][T18456]  ? clear_bhb_loop+0x60/0xb0
[  808.469556][T18456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.469572][T18456] RIP: 0033:0x7f54d058eb69
[  808.469586][T18456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  808.469600][T18456] RSP: 002b:00007f54d143f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  808.469616][T18456] RAX: ffffffffffffffda RBX: 00007f54d07b5fa0 RCX: 00007f54d058eb69
[  808.469628][T18456] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  808.469638][T18456] RBP: 00007f54d143f090 R08: 0000000000000000 R09: 0000000000000000
[  808.469649][T18456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  808.469658][T18456] R13: 0000000000000000 R14: 00007f54d07b5fa0 R15: 00007ffc912d1318
[  808.469678][T18456]  </TASK>
[  810.093341][T18456] CPU: 1 UID: 0 PID: 18456 Comm: syz.3.3729 Not tainted 6.16.0-syzkaller-g93acc0f43f58 #0 PREEMPT(full) 
[  810.093366][T18456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  810.093377][T18456] Call Trace:
[  810.093386][T18456]  <TASK>
[  810.093396][T18456]  dump_stack_lvl+0x189/0x250
[  810.093417][T18456]  ? __pfx____ratelimit+0x10/0x10
[  810.093438][T18456]  ? __pfx_dump_stack_lvl+0x10/0x10
[  810.093454][T18456]  ? __pfx__printk+0x10/0x10
[  810.093474][T18456]  ? perf_trace_lock+0xec/0x3b0
[  810.093503][T18456]  should_fail_ex+0x414/0x560
[  810.093533][T18456]  strncpy_from_user+0x36/0x290
[  810.093556][T18456]  strncpy_from_user_nofault+0x72/0x150
[  810.093575][T18456]  bpf_probe_read_user_str+0x2a/0x70
[  810.093601][T18456]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  810.093616][T18456]  bpf_trace_run4+0x28b/0x4a0
[  810.093635][T18456]  ? bpf_trace_run4+0x19c/0x4a0
[  810.093654][T18456]  ? __pfx_bpf_trace_run4+0x10/0x10
[  810.093714][T18456]  ? __bpf_trace_sched_switch+0x15f/0x1e0
[  810.093735][T18456]  __bpf_trace_sched_switch+0x17a/0x1e0
[  810.093755][T18456]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  810.093776][T18456]  ? psi_group_change+0xab8/0x1050
[  810.093800][T18456]  ? __schedule+0x22e9/0x4cc0
[  810.093822][T18456]  ? __schedule+0x22e9/0x4cc0
[  810.093842][T18456]  ? tracing_record_taskinfo_sched_switch+0x7d/0x370
[  810.093861][T18456]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  810.093879][T18456]  __traceiter_sched_switch+0x9d/0xd0
[  810.093900][T18456]  __schedule+0x238f/0x4cc0
[  810.093927][T18456]  ? switch_mm_irqs_off+0x5b6/0x7a0
[  810.093952][T18456]  ? irqentry_exit+0x74/0x90
[  810.093976][T18456]  ? __pfx___schedule+0x10/0x10
[  810.093994][T18456]  ? smp_call_function_many_cond+0xd4b/0x12d0
[  810.094020][T18456]  ? smp_call_function_many_cond+0xd33/0x12d0
[  810.094048][T18456]  ? __pfx_do_sync_core+0x10/0x10
[  810.094066][T18456]  ? preempt_schedule+0xae/0xc0
[  810.094085][T18456]  preempt_schedule_common+0x83/0xd0
[  810.094103][T18456]  ? __pfx_do_sync_core+0x10/0x10
[  810.094121][T18456]  preempt_schedule+0xae/0xc0
[  810.094139][T18456]  ? __pfx_preempt_schedule+0x10/0x10
[  810.094155][T18456]  ? __pfx_text_poke_memcpy+0x10/0x10
[  810.094174][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  810.094190][T18456]  ? __pfx___text_poke+0x10/0x10
[  810.094210][T18456]  preempt_schedule_thunk+0x16/0x30
[  810.094233][T18456]  ? on_each_cpu_cond_mask+0x75/0x80
[  810.094258][T18456]  on_each_cpu_cond_mask+0x7a/0x80
[  810.094283][T18456]  smp_text_poke_batch_finish+0x5f9/0x1130
[  810.094304][T18456]  ? __pfx_smp_text_poke_batch_add+0x10/0x10
[  810.094319][T18456]  ? trace_contention_end+0x39/0x120
[  810.094336][T18456]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[  810.094360][T18456]  ? arch_static_call_transform+0x2d/0xc0
[  810.094384][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  810.094402][T18456]  __static_call_transform+0x4eb/0x750
[  810.094417][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  810.094434][T18456]  ? __pfx___static_call_transform+0x10/0x10
[  810.094451][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  810.094466][T18456]  ? __static_call_validate+0x148/0x240
[  810.094490][T18456]  ? 0xffffffffa02057c0
[  810.094503][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  810.094518][T18456]  arch_static_call_transform+0x98/0xc0
[  810.094543][T18456]  __static_call_update+0xe4/0x5d0
[  810.094563][T18456]  ? 0xffffffffa02057c0
[  810.094574][T18456]  ? __SCT__tp_func_azx_runtime_resume+0x8/0x8
[  810.094590][T18456]  ? __pfx_sort+0x10/0x10
[  810.094607][T18456]  ? __pfx___static_call_update+0x10/0x10
[  810.094624][T18456]  ? 0xffffffffa02057c0
[  810.094638][T18456]  ? 0xffffffffa02057c0
[  810.094650][T18456]  ? 0xffffffffa02057c0
[  810.094669][T18456]  bpf_dispatcher_change_prog+0xacd/0xc90
[  810.094697][T18456]  ? 0xffffffffa02057c0
[  810.094710][T18456]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  810.094733][T18456]  ? 0xffffffffa0203154
[  810.094766][T18456]  ? _copy_from_user+0x94/0xb0
[  810.094785][T18456]  ? bpf_test_init+0x133/0x170
[  810.094804][T18456]  ? xdp_convert_md_to_buff+0x5b/0x330
[  810.094826][T18456]  bpf_prog_test_run_xdp+0x65d/0x1000
[  810.094856][T18456]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  810.094880][T18456]  ? __fget_files+0x2a/0x420
[  810.094904][T18456]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  810.094927][T18456]  bpf_prog_test_run+0x2c7/0x340
[  810.094951][T18456]  __sys_bpf+0x581/0x870
[  810.094971][T18456]  ? __pfx___sys_bpf+0x10/0x10
[  810.094998][T18456]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  810.095019][T18456]  ? __pfx_ksys_write+0x10/0x10
[  810.095036][T18456]  ? rcu_is_watching+0x15/0xb0
[  810.095063][T18456]  __x64_sys_bpf+0x7c/0x90
[  810.095080][T18456]  do_syscall_64+0xfa/0x3b0
[  810.095100][T18456]  ? lockdep_hardirqs_on+0x9c/0x150
[  810.095119][T18456]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.095135][T18456]  ? clear_bhb_loop+0x60/0xb0
[  810.095153][T18456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.095170][T18456] RIP: 0033:0x7f54d058eb69
[  810.095185][T18456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  810.095199][T18456] RSP: 002b:00007f54d143f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  810.095216][T18456] RAX: ffffffffffffffda RBX: 00007f54d07b5fa0 RCX: 00007f54d058eb69
[  810.095228][T18456] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  810.095239][T18456] RBP: 00007f54d143f090 R08: 0000000000000000 R09: 0000000000000000
[  810.095249][T18456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  810.095259][T18456] R13: 0000000000000000 R14: 00007f54d07b5fa0 R15: 00007ffc912d1318
[  810.095279][T18456]  </TASK>
[  811.235888][T18463] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3731'.
[  811.297141][T18458] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3731'.
[  814.071319][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  814.077922][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  816.157071][   T51] Bluetooth: hci2: command 0x0406 tx timeout