last executing test programs:

5.823149569s ago: executing program 3 (id=6229):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xf}, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x23, &(0x7f0000000000), 0x4)
sendmsg$inet(r1, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002940)=""/4098, 0x15}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000080), &(0x7f0000000240)=r3}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x9, [@enum64={0x7, 0x1, 0x0, 0x13, 0x0, 0x2, [{0x3, 0x1, 0x6}]}]}, {0x0, [0x0, 0x61, 0x0, 0x61, 0x5f, 0x61, 0x5f]}}, 0x0, 0x39, 0x0, 0x1, 0x7}, 0x28)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x80}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1000d7, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x80, 0x8, 0x5, 0x4d, 0x9, 0x0, 0x800, 0x10, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={0x0, 0x4}, 0x2040, 0x8000000000000001, 0x4, 0x9, 0x3ff, 0x8, 0xc6bd, 0x0, 0x4, 0x0, 0x8000000000000001}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_ID(r5, 0x80082407, &(0x7f0000000240))
bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0)
r6 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x84, 0x64, &(0x7f0000000000)=r9, 0x10)
sendmsg$inet(r6, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0x1a000}], 0x1}, 0x80d1)
close(0x3)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r4}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)

5.423398319s ago: executing program 1 (id=6231):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f00000006c0)="4ff9f247d0e14f7e52db9ff57ad870e5590bc15c0582f93a01cdd819020db85df5dc3215a4ed1f3627a77be1882c21de970ab221d05295c1f1a72110b34cf6989ab3ce31ffe467bcf80c22342c28c9599c4872258d", 0xe, 0xffffffffffffffff, 0x4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000001000000000000000000001812000096961341ef52acae4ceaa06d19bf80195c6a81d6cfb8dcef3164ba322fc20d124c", @ANYRES32, @ANYBLOB="0000000000000000b7030000000000008500000054000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x2, 0x10, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810000}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {0x3, 0x0}, {0x5, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {}, {}, {0x18, 0x4, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x94}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0x1, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40e00, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000007c0)={r0, 0x58, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x0, &(0x7f0000000200), &(0x7f0000000540)='syzkaller\x00', 0x2, 0x51, &(0x7f0000000580)=""/81, 0x41100, 0x1, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000840)=[r0, r0, r0, r0], &(0x7f0000000880)=[{0x5, 0x5, 0x6}, {0x2, 0x4, 0x6, 0x3}, {0x4, 0x4, 0x7, 0x3}, {0x2, 0x5, 0x10, 0xc}, {0x1, 0x3, 0xc, 0x9}], 0x10, 0xfffffff8}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x14, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10a2600, 0x0, 0x0, 0x0, 0xfff}, [@map_fd={0x18, 0x3, 0x1, 0x0, r0}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0xc}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000140)='GPL\x00', 0xf2, 0x0, 0x0, 0x41100, 0x11, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x6, 0x1}, 0x3, 0x10, &(0x7f00000001c0)={0x0, 0x10, 0x5, 0x7}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000000200), &(0x7f00000003c0)=[{0x5, 0x5, 0x2, 0x3}, {0x2, 0x3, 0x5, 0x1}, {0x8, 0x4, 0x3, 0x9}, {0x3, 0x4, 0x9, 0x1}, {0x5, 0x5, 0xa, 0xa}, {0x3, 0x5, 0x5, 0x2}, {0x0, 0x2, 0x2, 0x1}, {0x4, 0x2, 0x7}, {0x4, 0x1, 0x7, 0x5}], 0x10, 0x312}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r1, 0x0, 0x28, 0x1000, &(0x7f0000000200)="3fd85db756ecd2beb509003411808c79487859df19340404ab6a11434841479f40abe2e98c9ca059", &(0x7f0000000a40)=""/4096, 0x7, 0x0, 0xaf, 0xb0, &(0x7f0000001a40)="9a8c83b4e6cf0edc109604698195bfe35389908d21eda1085053204ec5d66489cde2f02463eb9e893ebf6c064c8a84b9c46c32d8dfb87ca1b663fe6b18b5d37fbe660e18b0a67acc75bf049a1e7bd9a427b71ecd42d4500dc82fa03aea452a98ca5f43a3c3e2241a78df2c0ccb1fba1ab0a628d5cdbd3af6ed34535f87cc710f432db8c6e4ba8b0536b86703f80266bdc10a9fd849cb7a6905ca58cfe2627fe665d55ffee69194efa8bbb9dc8be585", &(0x7f0000001b00)="d67eda36d71cebee5238225cef0e0375ca5c232037d0687703b10a7e8a39b13de943d43a9e9a4d0f703f59e10e06d444ab74f8da137e4737c53671b11e26f0c9991f3bf956b6bb47f1f4545c9e812e1053d670e4241ac9ebb347df820f5342ace71230207570ed611f954ca5cc19d320fc7667dac33ea1843bd4466f29107ebc7dbf6a0243de36bbc26a77f5f1af9b6abb308f5732d8ee876bfca732d3f3fb930bc2abfeea3c0eef0075a5ee61445df4", 0x2, 0x0, 0x9}, 0x50)

5.38037258s ago: executing program 2 (id=6232):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xf}, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000ac0)=[{0x0}, {0x0}], 0x2, &(0x7f0000000b00)=""/182, 0xb6}, 0x41)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000003780)=[{&(0x7f0000000380)="270502001a0014000600002fb96dbcf706e10500000086ddffff1144ee162fd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000102821880b0000", 0x46}], 0x1}, 0x1800)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(r4, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/syz1\x00', 0x1ff)
recvmsg(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002940)=""/4098, 0x15}, 0x0)
r5 = socket$kcm(0xa, 0x922000000003, 0x11)
r6 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r6, 0x84, 0x83, &(0x7f0000000000), 0x8)
setsockopt$sock_attach_bpf(r5, 0x29, 0x7, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000008c0)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0xffffffffffffffff, 0x2b4}, 0x0, 0x10000, 0x0, 0x0, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000050000000100000007"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
sendmsg$inet(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f00000002c0)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000500eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20004080)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001400)={&(0x7f0000001200)=ANY=[@ANYBLOB="9feb010018000000000000006b0100006b010000030000000a0000000000001104000000ffffffff0a0000000900000f03000000030000000e000000ffffffff03000000060000000100008001000000000000007f000000010000000c000000010000000200000003000000100300000400000000000100030000000100000001000000ff0f000004000000090000000080000004000000e50a0000090000005e540a040000000600000f01000000030000000f000000060000000200000000000100010100000100000004000000000001000300000000000000b200000002000000040000004c000000020000000900000000000000c20a0000000000001205000000090000000000000b040000000e0000000000000b04004000000000000800000d000000000f0000000200000000000000040000000f0000000100000005000000040000000e000000020000000100000000000000080000000100000008000000030000000a0000000100000f0300000004000000000040000600000051417000006100"], &(0x7f00000013c0)=""/61, 0x187, 0x3d, 0x0, 0x5}, 0x28)

4.760282837s ago: executing program 1 (id=6233):
socket$kcm(0xa, 0x5, 0x0)
r0 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x5452, &(0x7f0000000080))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r2, &(0x7f00000010c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)}, 0x4000040)
sendmsg$inet(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000700)=[{0x0}], 0x1}, 0x8040)
close(r2)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x800000}, 0x10}, 0x94)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x8, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=0x0, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r6, 0x2000300, 0xe, 0x21, &(0x7f0000000180)="064000000000000000000000f4ffff1677000000000800bc3b7fe26caacff9c7353ef93442538d824ab89ab63950699b46a5a879819a92c764de139222315873871d666c34a517d4302d72941f69755a980f6d6ba667d333677b04d414f1fbb836f8626caa8a3a4f", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x7f)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000002c80)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000aed808a87ce1fd1d979660d7dfa9000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a9230", 0xd2}, {&(0x7f00000004c0)="f809c3e2eedd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0x1, <r8=>0xffffffffffffffff}, 0x4)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f00000000c0)={0x1, 0x0, [0x0]})
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x12, &(0x7f0000000900)=@raw=[@btf_id={0x18, 0x0, 0x3, 0x0, 0x1}, @map_val={0x18, 0x9, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x1ff}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @map_fd={0x18, 0x1, 0x1, 0x0, r8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}], &(0x7f0000000280)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0x2, 0xfffffff4, 0x3bb7c006}, 0x10, 0x12c87, r1, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=[{0x0, 0x2, 0xa, 0x9}, {0x0, 0x4, 0xc, 0x5}, {0x1, 0x3, 0x1}, {0x4, 0x1, 0x3, 0xc}, {0x5, 0x5, 0xb, 0x6}, {0x3, 0x4, 0x7, 0x2}, {0x0, 0x3, 0x4, 0x2}], 0x10, 0x9}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r9, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xf9, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000006c0), &(0x7f0000000740), 0x8, 0xde, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
socketpair(0x8, 0x6, 0x8, &(0x7f0000000600))

4.722925667s ago: executing program 3 (id=6234):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
r1 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x29, 0x39, &(0x7f0000000100), 0x174)
socket$kcm(0x2, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@o_path={&(0x7f0000000140)='./file0\x00', 0x0, 0x18, r0}, 0x18)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000001c0)={r4, r3}, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYRES8=r6], 0x10)
socket$kcm(0xa, 0x2, 0x88)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x26, 0xc, 0x0, 0x0, 0x0, 0x9, 0x242b9, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x382a, 0xffffffffffff0001}, 0x8000, 0x3, 0x43a1bd76, 0x7, 0x9, 0x658, 0x1, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x5, [@struct={0x3, 0x0, 0x0, 0x4, 0x1, 0xa}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x1}]}]}, {0x0, [0x61, 0x61, 0x5f]}}, 0x0, 0x3d, 0x0, 0x1}, 0x28)
r7 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r7, 0x29, 0x1e, &(0x7f0000000040), 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfb6}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x40, 0x8}, 0x10a410, 0x3, 0x43a1bd76, 0x7, 0x7, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x1b, &(0x7f00000005c0), 0x0, 0x10, &(0x7f0000000840), &(0x7f0000000880), 0x8, 0x60, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r9], 0x0, 0x8, 0x0, 0x0, 0x41000}, 0x94)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x8, 0x30001, 0x9, 0x1, 0xffffffffffffffff, 0xfffffffc}, 0x50)
close(r10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
ioctl$PERF_EVENT_IOC_RESET(r8, 0x2403, 0x2)
ioctl$SIOCSIFHWADDR(r10, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100ffffffff"})

3.8523047s ago: executing program 2 (id=6236):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x181000, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140), 0x4)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{}, 0x0, &(0x7f0000000180)='%-010d \x00'}, 0x20)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b1a, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b81, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x6, 0x43a1bd76, 0x9, 0x9, 0x851, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0)
perf_event_open(&(0x7f0000000e80)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b82, 0x2, @perf_config_ext={0x5, 0x9}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x541b, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="89000000120081ae08060cdc030ec0007f03e3f70003000140e2ffca1b1f00f0000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120c000200040000000400446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000240)={&(0x7f0000000380)=@caif=@dgm={0x25, 0x5, 0x4d}, 0x80, 0x0}, 0x20000000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x43}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x12, 0x3, &(0x7f0000000440)=@framed, 0x0, 0xfffffa84, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000580)={@map=r0, 0x24, 0x1, 0xffff8000, &(0x7f0000000180)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000380), &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0]}, 0x40)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/13], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r4, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r5, 0x0, 0x0}, 0x10)

3.587636917s ago: executing program 0 (id=6237):
r0 = socket$kcm(0x2, 0x3, 0x84)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0xff, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xd000, 0x0, 0xfffffffa, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xe, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0x0, 0x3e, 0x0, 0x8, 0x0, 0x0, 0x61000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x8001, 0xc}, 0xa100, 0xc8, 0x1000003, 0x8, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r1, &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd63f580fc02082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(r3, &(0x7f00000004c0)=ANY=[], 0xfdef)
sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000007000000890704ac14140f0011000000000000000000000001000000fc0000000000000014000000000000000100000041"], 0x4c}, 0x20001850)

3.407344461s ago: executing program 3 (id=6238):
r0 = gettid()
r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0xd6, 0x4, 0x4, 0xd2, 0x0, 0x2, 0x500, 0xf, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffe00000, 0x2, @perf_config_ext={0x4, 0xe274}, 0x100, 0x9, 0xb, 0x9, 0x7, 0x4, 0xa, 0x0, 0x8f, 0x0, 0x95}, 0x0, 0x4, 0xffffffffffffffff, 0xf)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9, 0x7, 0x74, 0x4, 0x0, 0x4, 0x20000, 0xd, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2850, 0x2, @perf_config_ext={0x100000001, 0x9}, 0x2000, 0x0, 0xe, 0x5, 0x7, 0x10000, 0x2, 0x0, 0x531, 0x0, 0xfffffffffffffffd}, r0, 0xb, r1, 0xb)
r2 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r2, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000041)
sendmsg(r2, &(0x7f00000008c0)={0x0, 0x241, &(0x7f0000000580)=[{&(0x7f0000000440)="a6", 0xffffff58}], 0x1}, 0x40001)
sendmsg$sock(r2, &(0x7f0000002800)={0x0, 0x0, 0x0}, 0x4)
sendmsg$sock(r2, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x20000001)

3.012343392s ago: executing program 2 (id=6239):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000280), 0x0}, 0x20)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x0, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, 0x0, @perf_bp={0x0, 0x7}, 0x8000, 0x9, 0x47a1bd76, 0x5, 0x2, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r2)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b904021d080207000000040000a118000200e01d000000000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843c8802033d0803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xa, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x200})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000190081054e81f782db4cb9040220080000000000000000070a0016000900142603600e1208001e0000050401d559e0e0df7fc07963acc3038ebba8000400027c", 0x44}], 0x1}, 0x14)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, &(0x7f0000000080))
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000011008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000f00)=ANY=[@ANYBLOB="1b0000000000000000000e2064cbe237fed5985000a5431e5200000000", @ANYRES32=r1, @ANYBLOB="dd9500"/20, @ANYRES32, @ANYBLOB="02000000030000000400"/28], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={0x1, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000010c0)=ANY=[@ANYBLOB="9feb01001800000000000000d8000000d8000000020000000f00000005000084010000001a00000005000000000200000c0000000000000035cc00000300000004000000f0ee00200900000003000000050000000800000001000000bb0e00000a000000030000840004000002000000010000007f0000000400000004000000fcffffff07000000020000000f000000030000000000000a050000000000cd19e481cdac6e7e003da508000000030000001000004001000000100000c883876300050000000300000002000000101f0000001900070000000003000000000000110300"], &(0x7f0000000800)=""/50, 0xf2, 0xffffffffffffff80, 0x0, 0xfffffffa}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000a80)={0xffffffffffffffff, 0x20, &(0x7f0000000a40)={&(0x7f00000008c0)=""/246, 0xf6, <r9=>0x0, &(0x7f0000000a00)=""/7, 0x7}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x1a, 0x16, &(0x7f0000000e00)=ANY=[@ANYRES32=r6, @ANYBLOB="00000000000000008520000004000000184600000700000000000000000000008520000001000000bf9100c03a9834341ed360a6430000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000440)='GPL\x00', 0xd6, 0xf5, &(0x7f0000000580)=""/245, 0x41100, 0x0, '\x00', r7, @fallback=0x19, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x5, 0x6, 0x0, 0xfffffffd}, 0x10, r9, 0xffffffffffffffff, 0xa, &(0x7f0000000b40)=[r1], &(0x7f0000000b80)=[{0x1, 0x5, 0xf, 0x2}, {0x5, 0x1, 0x2, 0x2}, {0x3, 0x3, 0x8, 0xc}, {0x2, 0x3, 0xd, 0x9}, {0x0, 0x1, 0x1, 0x7}, {0x3, 0x1, 0x4, 0x9}, {0x0, 0x3, 0x7, 0x2}, {0x0, 0x1, 0xf, 0x5}, {0x0, 0x2, 0x3, 0xca096dd2ec051b7f}, {0x2, 0x1, 0x6, 0x9}], 0x10, 0x7}, 0x94)
socket$kcm(0x29, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
r10 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r10, 0x0, 0x8840)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000070000000000000000800000850000007500000095000000000000006cbaf9310a3cada18faa26d7"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa16ae, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x11416, 0xa4, 0x2, 0x1, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$ITER_CREATE(0x21, &(0x7f00000003c0), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.956568373s ago: executing program 0 (id=6240):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071100a000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00004a00530c8e5eb88edc5a9c0e0a9b80"], 0xfe33)

2.491275605s ago: executing program 1 (id=6241):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0xa738, 0x207, 0x6, 0x0, 0x1, 0xcb02}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1b, 0xf, &(0x7f00000005c0)=@ringbuf={{0x18, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0x2}, {}, {0x85, 0x0, 0x0, 0x9c}}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)

2.442454597s ago: executing program 0 (id=6242):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xf}, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x23, &(0x7f0000000000), 0x4)
sendmsg$inet(r1, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002940)=""/4098, 0x15}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000080), &(0x7f0000000240)=r3}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x9, [@enum64={0x7, 0x1, 0x0, 0x13, 0x0, 0x2, [{0x3, 0x1, 0x6}]}]}, {0x0, [0x0, 0x61, 0x0, 0x61, 0x5f, 0x61, 0x5f]}}, 0x0, 0x39, 0x0, 0x1, 0x7}, 0x28)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x80}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1000d7, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x80, 0x8, 0x5, 0x4d, 0x9, 0x0, 0x800, 0x10, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={0x0, 0x4}, 0x2040, 0x8000000000000001, 0x4, 0x9, 0x3ff, 0x8, 0xc6bd, 0x0, 0x4, 0x0, 0x8000000000000001}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_ID(r5, 0x80082407, &(0x7f0000000240))
bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0)
r6 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x84, 0x64, &(0x7f0000000000)=r9, 0x10)
sendmsg$inet(r6, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0x1a000}], 0x1}, 0x80d1)
close(0x3)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r4}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)

2.183546773s ago: executing program 2 (id=6243):
r0 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0xe, 0x9}, 0x118d2a, 0x0, 0x0, 0x0, 0x10000, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r3 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r3, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000040)={r3, r2})
sendmsg$kcm(r1, &(0x7f0000002080)={0x0, 0x34000, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x4c)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000a0000000000004200000000000000000000000bb2040000000900000001"], 0x0, 0x4a, 0x0, 0x1, 0x800, 0x10000}, 0x28)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x60000002)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x14, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000002b411000000002c"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, r5}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0xffffffffffffff3c, &(0x7f0000000000)="ff", 0x0, 0x3, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x4000}, 0x48)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000000c0)={r0, r4})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r4, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000008fd90000000000000000000000000000000000800600000000"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r8, @ANYBLOB="0000000002000500b70500000800000085000000c900000095", @ANYRES64=r8, @ANYRES8=r8], &(0x7f0000000300)='GPL\x00', 0x4, 0x2c, &(0x7f00000014c0)=""/4098, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe65}, 0x3f)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r4, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000000000000000060000009500000000000000c0bea4b0b0ff0f4f85c89564dd5fb9ff4017f6d7c9676f311a9eb80df0888277bf679e253ff2805e77110a619ea7519c0b3e870be1f5bedc9a5210639aac15421caea8ccf3408bd31d68889e5cc667e5dc0ef3bc210610f8eb0a8d1d3b8a86e93de564020d1d36cfcb467e20c4384ab2b0a1c86838ee616f"], &(0x7f00000007c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', r9}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000880)=@bpf_ext={0x1c, 0x7, &(0x7f00000009c0)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0xad7, 0x0, 0x0, 0x40f00, 0x3a, '\x00', r7, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2c672, r10, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r11 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r11)
write$cgroup_subtree(r11, &(0x7f00000005c0)=ANY=[@ANYBLOB="2d626c6b696f20349e71b303dc938023d1186a36252d72646d61202b70696473202b63707561636374202b68756765746c62202b68756765746c62202d6d656d6f7279202d"], 0x45)
ioctl$SIOCSIFHWADDR(r11, 0x8924, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xc, 0xe, &(0x7f0000000380)=ANY=[], 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r12 = socket$kcm(0x2, 0x5, 0x84)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r12, 0x84, 0x77, &(0x7f0000000000)=r13, 0x62)

1.971423869s ago: executing program 1 (id=6244):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000080)={'some', 0x20, 0x2000000005, 0x20, 0x10000000fffff}, 0x2f)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'batadv_slave_0\x00', 0x1})
socketpair(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8924, &(0x7f0000000080)) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8924, &(0x7f0000000080))
recvmsg$unix(r0, &(0x7f00000006c0)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000580)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000180)=""/142, 0x8e}, {&(0x7f0000000240)=""/252, 0xfc}, {&(0x7f0000000340)=""/158, 0x9e}, {&(0x7f0000000400)=""/91, 0x5b}, {&(0x7f0000000480)=""/131, 0x83}, {&(0x7f0000000540)=""/44, 0x2c}], 0x7, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x98}, 0x23)

1.970346319s ago: executing program 3 (id=6245):
r0 = socket$kcm(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000240)=ANY=[@ANYBLOB="050000f2e400000008064d02df2a06cda3fcc8449f513aed5dd1839d6afec26b1456c370bb02cc95c40823e1d5cbd1eb72bd137b5f287309fdd2b31279b86b537610df2e895fe543ac8645071db2b05b8ce83cf82ca727576d3c9280e4da1e3d353ba31666a87fa32980aa1fed45993521299301fdcc726dde954475033ba7af9344f7cfab0a7c9dc41a890de326a13f1c59472de7a083bf5b7700c5e2c3c09bd1cace11359584132d8cc1311f224c8a0b2b5d4182a2e28e9c21b698ea26eb7706d520e23afd7e6beda42e5301d3acc7237aef3866f786"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1200000009000000080000000200000000000000", @ANYRES32=0x1, @ANYBLOB="020000006dd30f2194884fd60000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000100)=r1}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r3, &(0x7f0000000380)="12c3055f9b341cf501987b20c54f21762a79202d7e60ff4469a01ee5599a2848d0df32d12b7d5bc7bc7307acdb3a20d15405b984502fb4f6a1029059fc04a07bae208544921987f1e19d0c1e839c7f546d9568a6c5ba407f6e44c98660bea601729fb0b1040b51fb17f501570a132789aabeba409fa4005c010100001596087f0d7d0ab1964635f8d21867", 0x0, 0x4}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000041)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1, 0x14, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000055a60701000000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200007fae000085000000860000008500000007000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sendmsg$sock(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@timestamping={{0x14, 0x1, 0x25, 0x115}}], 0x18}, 0x20000001)

1.326542646s ago: executing program 0 (id=6246):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x20, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xb}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xffffffff, 0x0, 0xffffffffffffbbfe, 0x0, 0x0, 0x0, 0xfffffffd}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0xa738, 0x207, 0x6, 0x0, 0x1, 0xcb02}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xf, &(0x7f00000005c0)=@ringbuf={{0x18, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0x2}, {}, {0x85, 0x0, 0x0, 0x9c}}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)

772.38003ms ago: executing program 2 (id=6247):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0xffffffff, 0xf}, {}, {0x280000, 0x4, 0x10009, 0x1}], 0x10, 0xfffffff6}, 0x94)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='rdma.current\x00', 0x26e1, 0x0)
close(r1)
ioctl$SIOCSIFHWADDR(r1, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @local})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x18, 0xffffffff, 0x40, 0x6, 0x4904, r0, 0xfffc0000, '\x00', 0x0, r1, 0x2, 0x5, 0x2}, 0x50)
r2 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x88202, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000008f000000000000000100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000054000001b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000c309000001000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0xd}, 0x94)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000080000000100"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000180)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = socket$kcm(0x2a, 0x2, 0x0)
r8 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000001f80)={&(0x7f0000001d00)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x80, 0x0}, 0x0)
recvmsg(r8, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40002182)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1, &(0x7f0000000240)=""/45, 0x2d}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r8, 0x890b, 0x0)
sendmsg$kcm(r7, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x0)
r9 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r9, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004001)
ioctl$sock_kcm_SIOCKCMATTACH(r9, 0x894b, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x5b, &(0x7f0000000580)=ANY=[@ANYRES64=r6, @ANYRES32=r4], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sched_cls=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x400000, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60100c02400a000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

772.13124ms ago: executing program 0 (id=6248):
r0 = socket$kcm(0x2, 0x3, 0x84)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0xff, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xd000, 0x0, 0xfffffffa, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xe, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0x0, 0x3e, 0x0, 0x8, 0x0, 0x0, 0x61000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x8001, 0xc}, 0xa100, 0xc8, 0x1000003, 0x8, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r1, &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd63f580fc02082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef)
write$cgroup_subtree(r3, &(0x7f00000004c0)=ANY=[], 0xfdef)
sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000007000000890704ac14140f0011000000000000000000000001000000fc0000000000000014000000000000000100000041"], 0x4c}, 0x20001850)

636.471984ms ago: executing program 3 (id=6249):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002, 0xfffffffc, 0x0, 0x6}]}, 0x94)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f0000000340)=r3, 0x4)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041410b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

567.396136ms ago: executing program 1 (id=6250):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071100a000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00004a00530c8e5eb88edc5a9c0e0a9b80"], 0xfe33)

387.81929ms ago: executing program 0 (id=6251):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000280), 0x0}, 0x20)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x0, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, 0x0, @perf_bp={0x0, 0x7}, 0x8000, 0x9, 0x47a1bd76, 0x5, 0x2, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r2)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b904021d080207000000040000a118000200e01d000000000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843c8802033d0803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xa, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x200})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000190081054e81f782db4cb9040220080000000000000000070a0016000900142603600e1208001e0000050401d559e0e0df7fc07963acc3038ebba8000400027c", 0x44}], 0x1}, 0x14)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, &(0x7f0000000080))
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000011008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000f00)=ANY=[@ANYBLOB="1b0000000000000000000e2064cbe237fed5985000a5431e5200000000", @ANYRES32=r1, @ANYBLOB="dd9500"/20, @ANYRES32, @ANYBLOB="02000000030000000400"/28], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000700)={0x1, 0x58, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000010c0)=ANY=[@ANYBLOB="9feb01001800000000000000d8000000d8000000020000000f00000005000084010000001a00000005000000000200000c0000000000000035cc00000300000004000000f0ee00200900000003000000050000000800000001000000bb0e00000a000000030000840004000002000000010000007f0000000400000004000000fcffffff07000000020000000f000000030000000000000a050000000000cd19e481cdac6e7e003da508000000030000001000004001000000100000c883876300050000000300000002000000101f0000001900070000000003000000000000110300"], &(0x7f0000000800)=""/50, 0xf2, 0xffffffffffffff80, 0x0, 0xfffffffa}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000a80)={0xffffffffffffffff, 0x20, &(0x7f0000000a40)={&(0x7f00000008c0)=""/246, 0xf6, <r9=>0x0, &(0x7f0000000a00)=""/7, 0x7}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x1a, 0x16, &(0x7f0000000e00)=ANY=[@ANYRES32=r6, @ANYBLOB="00000000000000008520000004000000184600000700000000000000000000008520000001000000bf9100c03a9834341ed360a6430000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000440)='GPL\x00', 0xd6, 0xf5, &(0x7f0000000580)=""/245, 0x41100, 0x0, '\x00', r7, @fallback=0x19, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x5, 0x6, 0x0, 0xfffffffd}, 0x10, r9, 0xffffffffffffffff, 0xa, &(0x7f0000000b40)=[r1], &(0x7f0000000b80)=[{0x1, 0x5, 0xf, 0x2}, {0x5, 0x1, 0x2, 0x2}, {0x3, 0x3, 0x8, 0xc}, {0x2, 0x3, 0xd, 0x9}, {0x0, 0x1, 0x1, 0x7}, {0x3, 0x1, 0x4, 0x9}, {0x0, 0x3, 0x7, 0x2}, {0x0, 0x1, 0xf, 0x5}, {0x0, 0x2, 0x3, 0xca096dd2ec051b7f}, {0x2, 0x1, 0x6, 0x9}], 0x10, 0x7}, 0x94)
socket$kcm(0x29, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
r10 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r10, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xf}, @dev={0xac, 0x14, 0x14, 0x3a}}}}], 0x20}, 0x8840)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000070000000000000000800000850000007500000095000000000000006cbaf9310a3cada18faa26d7"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa16ae, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x11416, 0xa4, 0x2, 0x1, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$ITER_CREATE(0x21, &(0x7f00000003c0), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

180.476845ms ago: executing program 3 (id=6252):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)
r1 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x29, 0x1f, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040)='FROZEN\x00', 0x7)
mkdirat$cgroup(r2, &(0x7f0000000080)='syz1\x00', 0x1ff)

107.030928ms ago: executing program 1 (id=6253):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x6, 0xf, 0x8, 0x41}, 0x50)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x4044}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r3 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1e, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x2}, {0x0, 0x80004, 0x10100, 0x3}], 0x10, 0x1}, 0x94)
r4 = socket$kcm(0x10, 0x3, 0x10)
ioctl$TUNSETDEBUG(r4, 0x400454c9, &(0x7f00000000c0)=0x9)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000248053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xef, 0x7, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffdfffc, 0x0, @perf_bp={0x0, 0x8}, 0x800, 0x2000000000, 0x0, 0x5, 0x0, 0x200000b, 0xfffd, 0x0, 0x9, 0x0, 0x3f}, 0x0, 0x9, 0xffffffffffffffff, 0x3)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x8, [@typedef={0x6, 0x0, 0x0, 0x8, 0x3}, @float={0x1, 0x0, 0x0, 0x10, 0x10}, @type_tag={0x2, 0x0, 0x0, 0x12, 0x4}, @float={0x3, 0x0, 0x0, 0x10, 0x10}]}, {0x0, [0x61, 0x30, 0x2e, 0x0, 0x2e, 0x5f]}}, &(0x7f0000000300)=""/201, 0x50, 0x6, 0x1, 0x8005}, 0x28)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b03d25a806f8c6394f90524fc60040f03", 0x17}], 0x1}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="934300005a0033d4"], 0xfe33)
sendmsg$kcm(r3, &(0x7f00000002c0)={0x0, 0x6000, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000010008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x67}], 0x1}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f8481400d36b706c8ad200ba00005e14060200009400"/54, 0x36}, {&(0x7f0000000100)="0fa8e620f21de71bf610766679eaa1fcddeaa650e74014e5361b037723228e45b0ebb17c58895476a91a1574a9d73eeb76e46a9be2cd4a2bacc30946e065949c59c708ffbe1b10ba0d522485a6541bb4c4c791ab60219e14a0f49063f37f6bc1638477d00025ca8840910ad608e1bda8c056282280454d10762927f33839a5ed4b31909cc129b002ca9dbe040dad3c1a6fbc984993201b3f741bfd3ebf6a778295b63c7043cb1155a6f6562cb2890242f179ee148003b256cf3483", 0xbb}, {&(0x7f0000000780)="e467c95546da736aa6e6611bf322fc3562f9a7a8f0da61a5f8296d2a6e66f3f92c9d66cf1bf9fbf40ae2e40a1492224d4cd07eabcebd0bca3f46eb193d1bb71129b8e155ebff122a810ac0dba118f69bd601caa0622223bd6b47d39b467f62d2a1260008bb5468ad9636e301000000000000002db63e1b136d6075191a4be297b2f281f7bcfbab3cfbd87a059be7999367f249121d81d15df26e9a7f01e290a103ecc1e3967813e58d4a3ea2927ab918c8d92f56fd775baa06f685c2b67f2f46472338cde602bacb3b0798236f10fe5c65ff33fb7f252a67d4ba030e21baab236caab525b27ac336920e3d6d18b04f46c7267c9de83779", 0xf7}, {&(0x7f0000000340)="999a34d20f75f529b8599b9d01feb1220593ae004040bedb2727890371c44d580b21be5bdaa7338660254a30cf3e54387a9a878a577b9ba57f32a6b5cd650432384bc8a3b7b067aafa124b2b673d79326b43c217ad81c92ba2c57e074dd7d9164c37025b8e9edbfcd50bea9b533c1c2007c69be7a641dc248b8bfc86e007ce75a1063351f6c44a4f24d176ef2be66f49b83d930341cce685a51ee3518dc656c290e309f4d07abe0b6363e6d89079431261b7661dd9a0176a66ab849355fd8bdd327eb778b0d41b3ffd52e54228475c834e0f162c284a5bbbcc0f", 0xda}, {&(0x7f0000000440)="9e36d6ea666e9bbcc266abe099901c7ef270d3a2d2c149c7fd47f1510a41673e8bc73d6e5e0c2c5143d72b19fb09aa9afea5b1dbbe65bc12a07fcc329a17445d5727d4a24ae1be766967b21360cc774ea254ea1a34d2c026776538940d61649f8cd79dcc9ab6c6ff7279d965e9aa294b84a17576045c1d4a", 0x78}, {&(0x7f00000004c0)="5c84158d1de02b8eb26ff619e6e20575bd95aae6d1a31eb48ab7dee8bdaa92fef90b6de342fb2df781adbec454d0af431784b89aecb023c8719510163501d9dc71711d476dd7b52d55837ddaee5a0a013db6489b32e3b156d4bb6414b5ab1bd701ff3ae7a331dc65361e23aef074e797cc384cab9357b9df46df15ee5b45d5c296f8e2ceb155f69a9f617d77a14165a79e640ab7", 0x94}, {&(0x7f0000000580)="b0db864d082f23b5afbefd1a617971610a52a4b451eacbea09d5e882544ccbd606e001d8c5441a1d078117736554a1f42a74913d94035ac6b799199cd110985fbff7125be01adc699bad9385f7df22870c9aa8ef7de392221b5e4787249b329a140be54b050dc799f6774d2123562c5e3b10aad66b9240", 0x77}, {&(0x7f0000000600)="f821168ccf0231216070365aa4be2d9c47981cab2a741ef2be3b812df031f223433b3d229634a79109381640f0762f76be398500f0e25c133a39c8c79dabd3efbd9d8585e7092170189a2a5cb886adc7bcbe96730cf9fe8ed617f2b290a8f1e2ec9a8d24c023af483f06c9efcce79fc256987223c9bf2db362cc5ae57a310cb3a594f9930de80eb5219eb7d73265be4387c70ac581b5977e65350894e57a1d82ed2f1813a4d6abdbbd83c2c2b9c18df2013550b45a7bd852d8a908849879899960591a5967599badb024433a8abd66df5f1590c6a5ea1570466f492566ad17a2808749343daf03e94ff62ade5cf1", 0xee}], 0x8}, 0x0)

0s ago: executing program 2 (id=6254):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xf}, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x23, &(0x7f0000000000), 0x4)
sendmsg$inet(r1, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002940)=""/4098, 0x15}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000080), &(0x7f0000000240)=r3}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x9, [@enum64={0x7, 0x1, 0x0, 0x13, 0x0, 0x2, [{0x3, 0x1, 0x6}]}]}, {0x0, [0x0, 0x61, 0x0, 0x61, 0x5f, 0x61, 0x5f]}}, 0x0, 0x39, 0x0, 0x1, 0x7}, 0x28)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x80}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1000d7, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x80, 0x8, 0x5, 0x4d, 0x9, 0x0, 0x800, 0x10, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={0x0, 0x4}, 0x2040, 0x8000000000000001, 0x4, 0x9, 0x3ff, 0x8, 0xc6bd, 0x0, 0x4, 0x0, 0x8000000000000001}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_ID(r5, 0x80082407, &(0x7f0000000240))
bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0)
r6 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x84, 0x64, &(0x7f0000000000)=r9, 0x10)
sendmsg$inet(r6, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0x1a000}], 0x1}, 0x80d1)
close(0x3)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r4}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)

kernel console output (not intermixed with test programs):

 1067.766084][T22628]  ? __sys_sendmsg_sock+0x30/0x30
[ 1067.771229][T22628]  ? __import_iovec+0x3fa/0x850
[ 1067.776319][T22628]  ? import_iovec+0x73/0xa0
[ 1067.780988][T22628]  ___sys_sendmsg+0x2a6/0x360
[ 1067.786040][T22628]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1067.791551][T22628]  ? __lock_acquire+0x7d40/0x7d40
[ 1067.797050][T22628]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1067.802343][T22628]  ? __x64_sys_sendmsg+0x80/0x80
[ 1067.807599][T22628]  ? lockdep_hardirqs_on+0x98/0x150
[ 1067.813236][T22628]  do_syscall_64+0x55/0xa0
[ 1067.818039][T22628]  ? clear_bhb_loop+0x40/0x90
[ 1067.825017][T22628]  ? clear_bhb_loop+0x40/0x90
[ 1067.830048][T22628]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1067.836178][T22628] RIP: 0033:0x7f71b4d9cdd9
[ 1067.840727][T22628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1067.860741][T22628] RSP: 002b:00007f71b5c0a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1067.869375][T22628] RAX: ffffffffffffffda RBX: 00007f71b5015fa0 RCX: 00007f71b4d9cdd9
[ 1067.877396][T22628] RDX: 0000000020000800 RSI: 0000200000000140 RDI: 0000000000000004
[ 1067.885426][T22628] RBP: 00007f71b5c0a090 R08: 0000000000000000 R09: 0000000000000000
[ 1067.893784][T22628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1067.901968][T22628] R13: 00007f71b5016038 R14: 00007f71b5015fa0 R15: 00007ffead728628
[ 1067.910161][T22628]  </TASK>
[ 1068.512523][T22633] netlink: 'syz.1.5511': attribute type 2 has an invalid length.
[ 1068.544057][T22633] netlink: 'syz.1.5511': attribute type 8 has an invalid length.
[ 1068.579697][T22633] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5511'.
[ 1068.619744][T22634] netlink: 'syz.1.5511': attribute type 10 has an invalid length.
[ 1069.240040][T22642] netlink: 14 bytes leftover after parsing attributes in process `syz.3.5515'.
[ 1069.318834][T22642] netlink: 'syz.3.5515': attribute type 10 has an invalid length.
[ 1069.327109][T22642] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5515'.
[ 1070.016284][T22652] netlink: 'syz.3.5519': attribute type 10 has an invalid length.
[ 1070.210977][T22657] netlink: 'syz.2.5521': attribute type 10 has an invalid length.
[ 1070.377527][T22657] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.431259][T22657] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.527835][T22657] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.536983][T22657] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.621642][T22657] geneve0: entered promiscuous mode
[ 1071.213816][T22670] netlink: 'syz.3.5524': attribute type 2 has an invalid length.
[ 1071.247748][T22670] netlink: 'syz.3.5524': attribute type 8 has an invalid length.
[ 1071.271958][T22670] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5524'.
[ 1071.358837][T22670] netlink: 'syz.3.5524': attribute type 10 has an invalid length.
[ 1072.517877][T22678] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1072.584349][T22678] bridge_slave_1: left allmulticast mode
[ 1072.623799][T22678] bridge_slave_1: left promiscuous mode
[ 1072.659043][T22678] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1073.600524][T22678] .`: (slave bridge_slave_1): Enslaving as an active interface with an up link
[ 1074.734424][T22702] validate_nla: 1 callbacks suppressed
[ 1074.735258][T22702] netlink: 'syz.1.5532': attribute type 10 has an invalid length.
[ 1075.727327][T22711] netlink: 'syz.0.5536': attribute type 2 has an invalid length.
[ 1075.746830][T22711] netlink: 'syz.0.5536': attribute type 8 has an invalid length.
[ 1075.771438][T22711] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5536'.
[ 1075.818279][T22711] netlink: 'syz.0.5536': attribute type 10 has an invalid length.
[ 1075.839716][T22715] netlink: 61211 bytes leftover after parsing attributes in process `syz.1.5539'.
[ 1076.417090][T22718] netlink: 'syz.3.5540': attribute type 10 has an invalid length.
[ 1076.661112][T22726] FAULT_INJECTION: forcing a failure.
[ 1076.661112][T22726] name failslab, interval 1, probability 0, space 0, times 0
[ 1076.737619][T22726] CPU: 0 PID: 22726 Comm: syz.2.5541 Not tainted syzkaller #0
[ 1076.745295][T22726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1076.756150][T22726] Call Trace:
[ 1076.760654][T22726]  <TASK>
[ 1076.763996][T22726]  dump_stack_lvl+0x18c/0x250
[ 1076.769114][T22726]  ? show_regs_print_info+0x20/0x20
[ 1076.774550][T22726]  ? load_image+0x420/0x420
[ 1076.779199][T22726]  ? __might_sleep+0xe0/0xe0
[ 1076.783926][T22726]  ? __lock_acquire+0x7d40/0x7d40
[ 1076.789104][T22726]  should_fail_ex+0x39d/0x4d0
[ 1076.794742][T22726]  should_failslab+0x9/0x20
[ 1076.799916][T22726]  slab_pre_alloc_hook+0x59/0x310
[ 1076.805337][T22726]  ? __lock_acquire+0x7d40/0x7d40
[ 1076.811058][T22726]  ? dev_ethtool+0x129/0x18d0
[ 1076.815897][T22726]  __kmem_cache_alloc_node+0x53/0x250
[ 1076.821510][T22726]  ? __might_fault+0xaa/0x120
[ 1076.826338][T22726]  ? dev_ethtool+0x129/0x18d0
[ 1076.831161][T22726]  kmalloc_trace+0x2a/0xe0
[ 1076.835922][T22726]  dev_ethtool+0x129/0x18d0
[ 1076.840848][T22726]  ? ethtool_get_module_eeprom_call+0x170/0x170
[ 1076.847409][T22726]  ? __lock_acquire+0x7d40/0x7d40
[ 1076.852825][T22726]  ? __might_fault+0xaa/0x120
[ 1076.857723][T22726]  ? full_name_hash+0x92/0xe0
[ 1076.862549][T22726]  ? dev_load+0x21/0x1f0
[ 1076.867058][T22726]  dev_ioctl+0x392/0x1140
[ 1076.871666][T22726]  sock_do_ioctl+0x239/0x310
[ 1076.876602][T22726]  ? sock_show_fdinfo+0xb0/0xb0
[ 1076.881818][T22726]  sock_ioctl+0x5ba/0x7e0
[ 1076.886291][T22726]  ? sock_poll+0x3e0/0x3e0
[ 1076.890780][T22726]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1076.895751][T22726]  ? security_file_ioctl+0x80/0xa0
[ 1076.901295][T22726]  ? sock_poll+0x3e0/0x3e0
[ 1076.906194][T22726]  __se_sys_ioctl+0xfd/0x170
[ 1076.911205][T22726]  do_syscall_64+0x55/0xa0
[ 1076.916347][T22726]  ? clear_bhb_loop+0x40/0x90
[ 1076.921247][T22726]  ? clear_bhb_loop+0x40/0x90
[ 1076.926317][T22726]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1076.932433][T22726] RIP: 0033:0x7f71b4d9cdd9
[ 1076.936993][T22726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1076.957708][T22726] RSP: 002b:00007f71b5bc8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1076.967081][T22726] RAX: ffffffffffffffda RBX: 00007f71b5016180 RCX: 00007f71b4d9cdd9
[ 1076.975179][T22726] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000010
[ 1076.983544][T22726] RBP: 00007f71b5bc8090 R08: 0000000000000000 R09: 0000000000000000
[ 1076.991921][T22726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1077.000373][T22726] R13: 00007f71b5016218 R14: 00007f71b5016180 R15: 00007ffead728628
[ 1077.008911][T22726]  </TASK>
[ 1077.371273][T22734] netlink: 'syz.0.5543': attribute type 10 has an invalid length.
[ 1077.452278][T22734] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1077.548348][T22734] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1077.556125][T22734] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1077.622664][T22734] .`: (slave bridge0): Enslaving as an active interface with an up link
[ 1077.985675][T22741] FAULT_INJECTION: forcing a failure.
[ 1077.985675][T22741] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.024692][T22741] CPU: 1 PID: 22741 Comm: syz.2.5545 Not tainted syzkaller #0
[ 1078.033085][T22741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1078.044017][T22741] Call Trace:
[ 1078.047712][T22741]  <TASK>
[ 1078.050718][T22741]  dump_stack_lvl+0x18c/0x250
[ 1078.055673][T22741]  ? show_regs_print_info+0x20/0x20
[ 1078.061432][T22741]  ? load_image+0x420/0x420
[ 1078.066350][T22741]  ? __might_sleep+0xe0/0xe0
[ 1078.071217][T22741]  ? __lock_acquire+0x7d40/0x7d40
[ 1078.077299][T22741]  ? prepend_path+0x4b/0x960
[ 1078.082539][T22741]  should_fail_ex+0x39d/0x4d0
[ 1078.087905][T22741]  should_failslab+0x9/0x20
[ 1078.092869][T22741]  slab_pre_alloc_hook+0x59/0x310
[ 1078.098776][T22741]  ? __asan_memcpy+0x40/0x70
[ 1078.103450][T22741]  ? tomoyo_encode+0x28b/0x540
[ 1078.108991][T22741]  ? tomoyo_encode+0x28b/0x540
[ 1078.114111][T22741]  __kmem_cache_alloc_node+0x53/0x250
[ 1078.119684][T22741]  ? prepend_path+0x4b/0x960
[ 1078.124482][T22741]  ? tomoyo_encode+0x28b/0x540
[ 1078.129509][T22741]  __kmalloc+0xa4/0x230
[ 1078.133772][T22741]  tomoyo_encode+0x28b/0x540
[ 1078.138554][T22741]  tomoyo_realpath_from_path+0x592/0x5d0
[ 1078.144475][T22741]  tomoyo_path_number_perm+0x248/0x620
[ 1078.150937][T22741]  ? tomoyo_path_number_perm+0x217/0x620
[ 1078.157085][T22741]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1078.162997][T22741]  ? trace_call_bpf+0xc3/0x6c0
[ 1078.168182][T22741]  ? trace_call_bpf+0xc3/0x6c0
[ 1078.174411][T22741]  ? trace_call_bpf+0x5e9/0x6c0
[ 1078.179866][T22741]  ? __fget_files+0x28/0x4b0
[ 1078.184727][T22741]  ? __fget_files+0x28/0x4b0
[ 1078.189693][T22741]  security_file_ioctl+0x70/0xa0
[ 1078.194874][T22741]  __se_sys_ioctl+0x48/0x170
[ 1078.199617][T22741]  do_syscall_64+0x55/0xa0
[ 1078.204191][T22741]  ? clear_bhb_loop+0x40/0x90
[ 1078.209343][T22741]  ? clear_bhb_loop+0x40/0x90
[ 1078.214504][T22741]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1078.220700][T22741] RIP: 0033:0x7f71b4d9cdd9
[ 1078.225765][T22741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1078.245978][T22741] RSP: 002b:00007f71b5c0a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1078.255092][T22741] RAX: ffffffffffffffda RBX: 00007f71b5015fa0 RCX: 00007f71b4d9cdd9
[ 1078.264012][T22741] RDX: 00002000000000c0 RSI: 00000000400454d1 RDI: 0000000000000003
[ 1078.272645][T22741] RBP: 00007f71b5c0a090 R08: 0000000000000000 R09: 0000000000000000
[ 1078.281302][T22741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1078.289765][T22741] R13: 00007f71b5016038 R14: 00007f71b5015fa0 R15: 00007ffead728628
[ 1078.298364][T22741]  </TASK>
[ 1078.358401][T22741] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1079.503722][T22761] netlink: 'syz.2.5551': attribute type 2 has an invalid length.
[ 1079.538252][T22761] netlink: 'syz.2.5551': attribute type 8 has an invalid length.
[ 1079.573555][T22761] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5551'.
[ 1079.609281][T22766] netlink: 'syz.2.5551': attribute type 10 has an invalid length.
[ 1080.029551][T22768] netlink: 'syz.3.5553': attribute type 10 has an invalid length.
[ 1080.085927][T22768] FAULT_INJECTION: forcing a failure.
[ 1080.085927][T22768] name failslab, interval 1, probability 0, space 0, times 0
[ 1080.108000][T22768] CPU: 1 PID: 22768 Comm: syz.3.5553 Not tainted syzkaller #0
[ 1080.115825][T22768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1080.127903][T22768] Call Trace:
[ 1080.131590][T22768]  <TASK>
[ 1080.135034][T22768]  dump_stack_lvl+0x18c/0x250
[ 1080.140231][T22768]  ? show_regs_print_info+0x20/0x20
[ 1080.146095][T22768]  ? load_image+0x420/0x420
[ 1080.151086][T22768]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1080.157501][T22768]  should_fail_ex+0x39d/0x4d0
[ 1080.162871][T22768]  should_failslab+0x9/0x20
[ 1080.167997][T22768]  slab_pre_alloc_hook+0x59/0x310
[ 1080.173346][T22768]  ? switchdev_deferred_enqueue+0x2d/0x240
[ 1080.179592][T22768]  ? switchdev_deferred_enqueue+0x2d/0x240
[ 1080.185874][T22768]  __kmem_cache_alloc_node+0x53/0x250
[ 1080.191402][T22768]  ? switchdev_deferred_enqueue+0x2d/0x240
[ 1080.197351][T22768]  ? switchdev_deferred_enqueue+0x240/0x240
[ 1080.203471][T22768]  __kmalloc+0xa4/0x230
[ 1080.207899][T22768]  switchdev_deferred_enqueue+0x2d/0x240
[ 1080.213871][T22768]  switchdev_port_attr_set+0xf9/0x2d0
[ 1080.219483][T22768]  ? switchdev_deferred_process+0x2a0/0x2a0
[ 1080.225775][T22768]  ? trace_event_raw_event_lock+0x250/0x250
[ 1080.231902][T22768]  ? mark_lock+0x94/0x320
[ 1080.236412][T22768]  br_set_state+0x36f/0x710
[ 1080.241500][T22768]  ? br_ioctl_stub+0xd50/0xd50
[ 1080.246413][T22768]  ? do_raw_spin_lock+0x11f/0x2c0
[ 1080.251749][T22768]  ? __rwlock_init+0x150/0x150
[ 1080.257853][T22768]  ? br_become_designated_port+0x20/0x250
[ 1080.263976][T22768]  br_stp_disable_port+0x76/0x1c0
[ 1080.269754][T22768]  br_stp_disable_bridge+0x81/0x150
[ 1080.275007][T22768]  br_dev_stop+0x2d/0x180
[ 1080.279637][T22768]  ? br_dev_open+0x140/0x140
[ 1080.284801][T22768]  __dev_close_many+0x1d5/0x2b0
[ 1080.290053][T22768]  ? dev_close_many+0x410/0x410
[ 1080.295004][T22768]  __dev_change_flags+0x2dc/0x6a0
[ 1080.300540][T22768]  ? dev_get_flags+0x1c0/0x1c0
[ 1080.305537][T22768]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1080.312389][T22768]  dev_change_flags+0x88/0x1a0
[ 1080.317531][T22768]  do_setlink+0xc58/0x4130
[ 1080.322475][T22768]  ? nlmsg_parse_deprecated_strict+0x110/0x110
[ 1080.329887][T22768]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1080.336190][T22768]  ? perf_trace_preemptirq_template+0xac/0x330
[ 1080.342692][T22768]  ? trace_event_raw_event_preemptirq_template+0x1f0/0x1f0
[ 1080.350886][T22768]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1080.357385][T22768]  ? mark_lock+0x94/0x320
[ 1080.361869][T22768]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1080.368431][T22768]  ? lock_chain_count+0x20/0x20
[ 1080.373351][T22768]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1080.380253][T22768]  ? lockdep_hardirqs_on+0x98/0x150
[ 1080.386281][T22768]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1080.392774][T22768]  ? validate_linkmsg+0x719/0x910
[ 1080.398204][T22768]  rtnl_newlink+0x17da/0x20a0
[ 1080.403044][T22768]  ? rtnl_newlink+0x4b1/0x20a0
[ 1080.408060][T22768]  ? rtnl_setlink+0x4e0/0x4e0
[ 1080.413052][T22768]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1080.420931][T22768]  ? rcu_is_watching+0x15/0xb0
[ 1080.426132][T22768]  ? trace_contention_end+0x39/0xe0
[ 1080.431926][T22768]  ? __mutex_lock+0x315/0xcc0
[ 1080.437001][T22768]  ? rtnetlink_rcv_msg+0x221/0xfa0
[ 1080.442335][T22768]  ? rtnetlink_rcv_msg+0x221/0xfa0
[ 1080.447916][T22768]  ? rtnl_setlink+0x4e0/0x4e0
[ 1080.452988][T22768]  rtnetlink_rcv_msg+0x869/0xfa0
[ 1080.458345][T22768]  ? rtnetlink_bind+0x80/0x80
[ 1080.463345][T22768]  ? trace_call_bpf+0xc3/0x6c0
[ 1080.468361][T22768]  ? trace_call_bpf+0xc3/0x6c0
[ 1080.473365][T22768]  ? __lock_acquire+0x7d40/0x7d40
[ 1080.478513][T22768]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1080.484123][T22768]  ? trace_call_bpf+0xc3/0x6c0
[ 1080.489283][T22768]  ? trace_call_bpf+0xc3/0x6c0
[ 1080.494359][T22768]  ? trace_call_bpf+0x5e9/0x6c0
[ 1080.499724][T22768]  ? __dev_queue_xmit+0x265/0x3660
[ 1080.504988][T22768]  ? trace_call_bpf+0xc3/0x6c0
[ 1080.510159][T22768]  ? __dev_queue_xmit+0x1b2c/0x3660
[ 1080.515761][T22768]  ? __bpf_trace_bpf_trace_printk+0x100/0x100
[ 1080.521998][T22768]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[ 1080.528136][T22768]  ? perf_trace_lock+0x304/0x3b0
[ 1080.533233][T22768]  netlink_rcv_skb+0x241/0x4d0
[ 1080.538081][T22768]  ? rtnetlink_bind+0x80/0x80
[ 1080.542936][T22768]  ? netlink_ack+0x1180/0x1180
[ 1080.548094][T22768]  ? __lock_acquire+0x7d40/0x7d40
[ 1080.553411][T22768]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1080.559051][T22768]  netlink_unicast+0x751/0x8d0
[ 1080.564512][T22768]  netlink_sendmsg+0x8d0/0xbf0
[ 1080.569539][T22768]  ? perf_trace_lock+0x304/0x3b0
[ 1080.574890][T22768]  ? netlink_getsockopt+0x590/0x590
[ 1080.580343][T22768]  ? aa_sock_msg_perm+0x94/0x150
[ 1080.586430][T22768]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1080.592507][T22768]  ? security_socket_sendmsg+0x80/0xa0
[ 1080.598370][T22768]  ? netlink_getsockopt+0x590/0x590
[ 1080.604063][T22768]  ____sys_sendmsg+0x5ba/0x960
[ 1080.609589][T22768]  ? __asan_memset+0x22/0x40
[ 1080.614577][T22768]  ? __sys_sendmsg_sock+0x30/0x30
[ 1080.620097][T22768]  ? __import_iovec+0x5f2/0x850
[ 1080.625925][T22768]  ? import_iovec+0x73/0xa0
[ 1080.630928][T22768]  ___sys_sendmsg+0x2a6/0x360
[ 1080.636316][T22768]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1080.641767][T22768]  ? __lock_acquire+0x7d40/0x7d40
[ 1080.647339][T22768]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1080.652663][T22768]  ? __x64_sys_sendmsg+0x80/0x80
[ 1080.659663][T22768]  ? lockdep_hardirqs_on+0x98/0x150
[ 1080.665995][T22768]  do_syscall_64+0x55/0xa0
[ 1080.671011][T22768]  ? clear_bhb_loop+0x40/0x90
[ 1080.676009][T22768]  ? clear_bhb_loop+0x40/0x90
[ 1080.680951][T22768]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1080.687982][T22768] RIP: 0033:0x7f8c8759cdd9
[ 1080.692823][T22768] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1080.713762][T22768] RSP: 002b:00007f8c8849d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1080.722594][T22768] RAX: ffffffffffffffda RBX: 00007f8c87816090 RCX: 00007f8c8759cdd9
[ 1080.731790][T22768] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000b
[ 1080.740187][T22768] RBP: 00007f8c8849d090 R08: 0000000000000000 R09: 0000000000000000
[ 1080.748484][T22768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1080.756874][T22768] R13: 00007f8c87816128 R14: 00007f8c87816090 R15: 00007ffd307dab68
[ 1080.765404][T22768]  </TASK>
[ 1080.771795][T22768] bridge0: error setting offload STP state on port 1(bridge_slave_0)
[ 1081.545418][T22784] netlink: 61211 bytes leftover after parsing attributes in process `syz.3.5556'.
[ 1082.092386][T22792] FAULT_INJECTION: forcing a failure.
[ 1082.092386][T22792] name failslab, interval 1, probability 0, space 0, times 0
[ 1082.157619][T22792] CPU: 0 PID: 22792 Comm: syz.3.5559 Not tainted syzkaller #0
[ 1082.165829][T22792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1082.176585][T22792] Call Trace:
[ 1082.180235][T22792]  <TASK>
[ 1082.183347][T22792]  dump_stack_lvl+0x18c/0x250
[ 1082.188225][T22792]  ? trace_event_raw_event_lock+0x250/0x250
[ 1082.194215][T22792]  ? show_regs_print_info+0x20/0x20
[ 1082.199843][T22792]  ? load_image+0x420/0x420
[ 1082.204632][T22792]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1082.211164][T22792]  should_fail_ex+0x39d/0x4d0
[ 1082.216040][T22792]  should_failslab+0x9/0x20
[ 1082.220807][T22792]  slab_pre_alloc_hook+0x59/0x310
[ 1082.226539][T22792]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1082.232060][T22792]  kmem_cache_alloc+0x5a/0x2d0
[ 1082.237173][T22792]  ? dst_alloc+0x105/0x170
[ 1082.241764][T22792]  dst_alloc+0x105/0x170
[ 1082.246099][T22792]  ip_route_output_key_hash_rcu+0x14f6/0x2370
[ 1082.252602][T22792]  ? ip_route_output_key_hash+0x13d/0x330
[ 1082.258556][T22792]  ip_route_output_key_hash+0x1f3/0x330
[ 1082.264418][T22792]  ? ip_route_input_rcu+0x30f0/0x30f0
[ 1082.270083][T22792]  ? __lock_acquire+0x7d40/0x7d40
[ 1082.275199][T22792]  ip_route_output_flow+0x2a/0x150
[ 1082.280399][T22792]  ? security_sk_classify_flow+0x7b/0x90
[ 1082.286629][T22792]  raw_sendmsg+0x129a/0x1c00
[ 1082.291523][T22792]  ? compat_raw_ioctl+0x70/0x70
[ 1082.298869][T22792]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[ 1082.306367][T22792]  ? sock_rps_record_flow+0x19/0x3f0
[ 1082.312713][T22792]  ? inet_sendmsg+0x7c/0x2f0
[ 1082.317458][T22792]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1082.322990][T22792]  ? security_socket_sendmsg+0x80/0xa0
[ 1082.328961][T22792]  ? inet_send_prepare+0x260/0x260
[ 1082.334394][T22792]  ____sys_sendmsg+0x5ba/0x960
[ 1082.339295][T22792]  ? __lock_acquire+0x7d40/0x7d40
[ 1082.344467][T22792]  ? __sys_sendmsg_sock+0x30/0x30
[ 1082.349529][T22792]  ? __import_iovec+0x3fa/0x850
[ 1082.354531][T22792]  ? import_iovec+0x73/0xa0
[ 1082.359531][T22792]  ___sys_sendmsg+0x2a6/0x360
[ 1082.364455][T22792]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1082.370020][T22792]  ? __lock_acquire+0x7d40/0x7d40
[ 1082.375260][T22792]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1082.380256][T22792]  ? __x64_sys_sendmsg+0x80/0x80
[ 1082.385275][T22792]  ? lockdep_hardirqs_on+0x98/0x150
[ 1082.390611][T22792]  do_syscall_64+0x55/0xa0
[ 1082.395240][T22792]  ? clear_bhb_loop+0x40/0x90
[ 1082.400481][T22792]  ? clear_bhb_loop+0x40/0x90
[ 1082.405814][T22792]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1082.411926][T22792] RIP: 0033:0x7f8c8759cdd9
[ 1082.416393][T22792] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1082.436949][T22792] RSP: 002b:00007f8c884be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1082.445942][T22792] RAX: ffffffffffffffda RBX: 00007f8c87815fa0 RCX: 00007f8c8759cdd9
[ 1082.454039][T22792] RDX: 0000000000000000 RSI: 0000200000001000 RDI: 0000000000000003
[ 1082.462505][T22792] RBP: 00007f8c884be090 R08: 0000000000000000 R09: 0000000000000000
[ 1082.470627][T22792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1082.478982][T22792] R13: 00007f8c87816038 R14: 00007f8c87815fa0 R15: 00007ffd307dab68
[ 1082.487511][T22792]  </TASK>
[ 1082.585242][T22798] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5561'.
[ 1083.009441][T22806] netlink: 'syz.1.5563': attribute type 2 has an invalid length.
[ 1083.027582][T22806] netlink: 'syz.1.5563': attribute type 8 has an invalid length.
[ 1083.036969][T22806] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5563'.
[ 1083.051258][T22806] netlink: 'syz.1.5563': attribute type 10 has an invalid length.
[ 1083.906305][T22824] netlink: 61211 bytes leftover after parsing attributes in process `syz.2.5567'.
[ 1083.947609][T22825] netlink: 'syz.1.5575': attribute type 2 has an invalid length.
[ 1083.977978][T22825] netlink: 'syz.1.5575': attribute type 8 has an invalid length.
[ 1084.019416][T22825] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5575'.
[ 1084.038101][T22828] netlink: 'syz.1.5575': attribute type 10 has an invalid length.
[ 1085.359643][T22838] netlink: 'syz.1.5572': attribute type 3 has an invalid length.
[ 1086.742387][T22863] FAULT_INJECTION: forcing a failure.
[ 1086.742387][T22863] name failslab, interval 1, probability 0, space 0, times 0
[ 1086.779919][T22863] CPU: 0 PID: 22863 Comm: syz.1.5580 Not tainted syzkaller #0
[ 1086.787593][T22863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1086.798262][T22863] Call Trace:
[ 1086.802044][T22863]  <TASK>
[ 1086.805188][T22863]  dump_stack_lvl+0x18c/0x250
[ 1086.810346][T22863]  ? show_regs_print_info+0x20/0x20
[ 1086.815830][T22863]  ? load_image+0x420/0x420
[ 1086.820608][T22863]  ? __might_sleep+0xe0/0xe0
[ 1086.825988][T22863]  ? __lock_acquire+0x7d40/0x7d40
[ 1086.831370][T22863]  should_fail_ex+0x39d/0x4d0
[ 1086.836235][T22863]  should_failslab+0x9/0x20
[ 1086.840841][T22863]  slab_pre_alloc_hook+0x59/0x310
[ 1086.845966][T22863]  ? __get_vm_area_node+0x125/0x370
[ 1086.851551][T22863]  __kmem_cache_alloc_node+0x53/0x250
[ 1086.857212][T22863]  ? __get_vm_area_node+0x125/0x370
[ 1086.862896][T22863]  kmalloc_node_trace+0x26/0xe0
[ 1086.868035][T22863]  __get_vm_area_node+0x125/0x370
[ 1086.873342][T22863]  __vmalloc_node_range+0x36e/0x1330
[ 1086.878701][T22863]  ? netlink_sendmsg+0x602/0xbf0
[ 1086.883829][T22863]  ? netlink_insert+0x109f/0x13a0
[ 1086.889100][T22863]  ? netlink_data_ready+0x10/0x10
[ 1086.894471][T22863]  ? free_vm_area+0x50/0x50
[ 1086.899266][T22863]  ? netlink_sendmsg+0x602/0xbf0
[ 1086.904537][T22863]  vmalloc+0x79/0x90
[ 1086.908588][T22863]  ? netlink_sendmsg+0x602/0xbf0
[ 1086.913689][T22863]  netlink_sendmsg+0x602/0xbf0
[ 1086.918957][T22863]  ? perf_trace_lock+0x304/0x3b0
[ 1086.924091][T22863]  ? netlink_getsockopt+0x590/0x590
[ 1086.929644][T22863]  ? aa_sock_msg_perm+0x94/0x150
[ 1086.934660][T22863]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1086.940097][T22863]  ? security_socket_sendmsg+0x80/0xa0
[ 1086.945642][T22863]  ? netlink_getsockopt+0x590/0x590
[ 1086.951487][T22863]  ____sys_sendmsg+0x5ba/0x960
[ 1086.956487][T22863]  ? __asan_memset+0x22/0x40
[ 1086.961415][T22863]  ? __sys_sendmsg_sock+0x30/0x30
[ 1086.966585][T22863]  ? __import_iovec+0x5f2/0x850
[ 1086.971722][T22863]  ? import_iovec+0x73/0xa0
[ 1086.976498][T22863]  ___sys_sendmsg+0x2a6/0x360
[ 1086.981439][T22863]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1086.986837][T22863]  ? __lock_acquire+0x7d40/0x7d40
[ 1086.992036][T22863]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1086.997274][T22863]  ? __x64_sys_sendmsg+0x80/0x80
[ 1087.002544][T22863]  ? lockdep_hardirqs_on+0x98/0x150
[ 1087.008221][T22863]  do_syscall_64+0x55/0xa0
[ 1087.012812][T22863]  ? clear_bhb_loop+0x40/0x90
[ 1087.018076][T22863]  ? clear_bhb_loop+0x40/0x90
[ 1087.023009][T22863]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1087.029091][T22863] RIP: 0033:0x7f8f2d59cdd9
[ 1087.033865][T22863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1087.054511][T22863] RSP: 002b:00007f8f2e490028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1087.063258][T22863] RAX: ffffffffffffffda RBX: 00007f8f2d815fa0 RCX: 00007f8f2d59cdd9
[ 1087.071906][T22863] RDX: 0000000000000600 RSI: 0000200000000540 RDI: 000000000000000a
[ 1087.080803][T22863] RBP: 00007f8f2e490090 R08: 0000000000000000 R09: 0000000000000000
[ 1087.089212][T22863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1087.097788][T22863] R13: 00007f8f2d816038 R14: 00007f8f2d815fa0 R15: 00007fffd8e46978
[ 1087.106079][T22863]  </TASK>
[ 1087.179377][T22863] syz.1.5580: vmalloc error: size 60672, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[ 1087.237251][T22863] CPU: 1 PID: 22863 Comm: syz.1.5580 Not tainted syzkaller #0
[ 1087.245265][T22863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1087.255654][T22863] Call Trace:
[ 1087.259199][T22863]  <TASK>
[ 1087.262285][T22863]  dump_stack_lvl+0x18c/0x250
[ 1087.267175][T22863]  ? show_regs_print_info+0x20/0x20
[ 1087.272458][T22863]  ? load_image+0x420/0x420
[ 1087.277380][T22863]  ? __rcu_read_unlock+0x7c/0xd0
[ 1087.282841][T22863]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1087.289503][T22863]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[ 1087.296262][T22863]  warn_alloc+0x246/0x340
[ 1087.300739][T22863]  ? __get_vm_area_node+0x125/0x370
[ 1087.306089][T22863]  ? zone_watermark_ok_safe+0x230/0x230
[ 1087.311862][T22863]  ? rcu_is_watching+0x15/0xb0
[ 1087.316795][T22863]  ? __get_vm_area_node+0x356/0x370
[ 1087.322428][T22863]  __vmalloc_node_range+0x393/0x1330
[ 1087.327935][T22863]  ? netlink_insert+0x109f/0x13a0
[ 1087.333268][T22863]  ? netlink_data_ready+0x10/0x10
[ 1087.338693][T22863]  ? free_vm_area+0x50/0x50
[ 1087.343355][T22863]  ? netlink_sendmsg+0x602/0xbf0
[ 1087.348510][T22863]  vmalloc+0x79/0x90
[ 1087.352462][T22863]  ? netlink_sendmsg+0x602/0xbf0
[ 1087.357640][T22863]  netlink_sendmsg+0x602/0xbf0
[ 1087.362538][T22863]  ? perf_trace_lock+0x304/0x3b0
[ 1087.367543][T22863]  ? netlink_getsockopt+0x590/0x590
[ 1087.372962][T22863]  ? aa_sock_msg_perm+0x94/0x150
[ 1087.378300][T22863]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1087.383710][T22863]  ? security_socket_sendmsg+0x80/0xa0
[ 1087.389485][T22863]  ? netlink_getsockopt+0x590/0x590
[ 1087.394763][T22863]  ____sys_sendmsg+0x5ba/0x960
[ 1087.399774][T22863]  ? __asan_memset+0x22/0x40
[ 1087.404493][T22863]  ? __sys_sendmsg_sock+0x30/0x30
[ 1087.409826][T22863]  ? __import_iovec+0x5f2/0x850
[ 1087.414928][T22863]  ? import_iovec+0x73/0xa0
[ 1087.419742][T22863]  ___sys_sendmsg+0x2a6/0x360
[ 1087.424475][T22863]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1087.429685][T22863]  ? __lock_acquire+0x7d40/0x7d40
[ 1087.435478][T22863]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1087.440488][T22863]  ? __x64_sys_sendmsg+0x80/0x80
[ 1087.445608][T22863]  ? lockdep_hardirqs_on+0x98/0x150
[ 1087.451128][T22863]  do_syscall_64+0x55/0xa0
[ 1087.455690][T22863]  ? clear_bhb_loop+0x40/0x90
[ 1087.460674][T22863]  ? clear_bhb_loop+0x40/0x90
[ 1087.465435][T22863]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1087.471658][T22863] RIP: 0033:0x7f8f2d59cdd9
[ 1087.476384][T22863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1087.498059][T22863] RSP: 002b:00007f8f2e490028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1087.506918][T22863] RAX: ffffffffffffffda RBX: 00007f8f2d815fa0 RCX: 00007f8f2d59cdd9
[ 1087.515139][T22863] RDX: 0000000000000600 RSI: 0000200000000540 RDI: 000000000000000a
[ 1087.524153][T22863] RBP: 00007f8f2e490090 R08: 0000000000000000 R09: 0000000000000000
[ 1087.532524][T22863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1087.540631][T22863] R13: 00007f8f2d816038 R14: 00007f8f2d815fa0 R15: 00007fffd8e46978
[ 1087.548950][T22863]  </TASK>
[ 1087.696226][T22863] Mem-Info:
[ 1087.700057][T22863] active_anon:5769 inactive_anon:0 isolated_anon:0
[ 1087.700057][T22863]  active_file:18582 inactive_file:40335 isolated_file:0
[ 1087.700057][T22863]  unevictable:768 dirty:290 writeback:0
[ 1087.700057][T22863]  slab_reclaimable:10683 slab_unreclaimable:94862
[ 1087.700057][T22863]  mapped:24954 shmem:1361 pagetables:525
[ 1087.700057][T22863]  sec_pagetables:0 bounce:0
[ 1087.700057][T22863]  kernel_misc_reclaimable:0
[ 1087.700057][T22863]  free:1339912 free_pcp:14699 free_cma:0
[ 1087.776689][T22863] Node 0 active_anon:23076kB inactive_anon:0kB active_file:74328kB inactive_file:161136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99816kB dirty:1160kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10052kB pagetables:2100kB sec_pagetables:0kB all_unreclaimable? no
[ 1087.812365][T22863] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1087.884435][T22863] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1087.947921][T22863] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1087.958945][T22863] Node 0 DMA32 free:1451920kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:22936kB inactive_anon:0kB active_file:74328kB inactive_file:160316kB unevictable:1536kB writepending:1160kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:37480kB local_pcp:17736kB free_cma:0kB
[ 1088.057678][T22863] lowmem_reserve[]: 0 0 0 0 0
[ 1088.061936][T22867] netlink: 'syz.2.5581': attribute type 2 has an invalid length.
[ 1088.073656][T22863] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[ 1088.101558][T22867] netlink: 'syz.2.5581': attribute type 8 has an invalid length.
[ 1088.101598][T22867] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5581'.
[ 1088.103882][T22867] netlink: 'syz.2.5581': attribute type 10 has an invalid length.
[ 1088.164017][T22863] lowmem_reserve[]: 0 0 0 0 0
[ 1088.169356][T22863] Node 1 Normal free:3892368kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21156kB local_pcp:11040kB free_cma:0kB
[ 1088.237977][T22863] lowmem_reserve[]: 0 0 0 0 0
[ 1088.247546][T22863] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1088.277817][T22863] Node 0 DMA32: 946*4kB (UM) 1143*8kB (UM) 1037*16kB (UME) 794*32kB (UM) 424*64kB (UME) 786*128kB (UME) 214*256kB (UME) 58*512kB (UM) 29*1024kB (UM) 6*2048kB (M) 279*4096kB (UM) = 1451920kB
[ 1088.319402][T22863] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1088.347608][T22863] Node 1 Normal: 182*4kB (UM) 39*8kB (UME) 24*16kB (UME) 18*32kB (UME) 9*64kB (UE) 5*128kB (UME) 0*256kB 2*512kB (UM) 1*1024kB (E) 2*2048kB (UE) 948*4096kB (M) = 3892368kB
[ 1088.437638][T22863] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1088.468990][T22863] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1088.507464][T22863] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1088.537615][T22863] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1088.562909][T22863] 60278 total pagecache pages
[ 1088.589152][T22863] 0 pages in swap cache
[ 1088.593508][T22863] Free swap  = 124996kB
[ 1088.618389][T22863] Total swap = 124996kB
[ 1088.628867][T22863] 2097051 pages RAM
[ 1088.632940][T22863] 0 pages HighMem/MovableOnly
[ 1088.657766][T22863] 416927 pages reserved
[ 1088.662338][T22863] 0 pages cma reserved
[ 1089.074786][T21442] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1089.578448][T22888] netlink: 'syz.2.5590': attribute type 29 has an invalid length.
[ 1089.690860][T22888] netlink: 'syz.2.5590': attribute type 29 has an invalid length.
[ 1089.764322][T22890] netlink: 'syz.2.5590': attribute type 29 has an invalid length.
[ 1089.807812][T22891] netlink: 'syz.2.5590': attribute type 29 has an invalid length.
[ 1089.917735][T22892] netlink: 'syz.2.5590': attribute type 29 has an invalid length.
[ 1090.495124][T22899] netlink: 'syz.0.5594': attribute type 2 has an invalid length.
[ 1090.535271][T22899] netlink: 'syz.0.5594': attribute type 8 has an invalid length.
[ 1090.577605][T22899] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5594'.
[ 1090.601623][T19529] Bluetooth: hci0: unexpected event 0x05 length: 15 > 4
[ 1090.606135][T22905] netlink: 'syz.0.5594': attribute type 10 has an invalid length.
[ 1092.553147][T22930] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1092.852570][T22935] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.5606'.
[ 1092.891364][T22934] netlink: 'syz.3.5607': attribute type 2 has an invalid length.
[ 1092.928933][T22934] netlink: 'syz.3.5607': attribute type 8 has an invalid length.
[ 1092.937021][T22934] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5607'.
[ 1093.028270][T22934] netlink: 'syz.3.5607': attribute type 10 has an invalid length.
[ 1093.133810][T22939] netlink: 'syz.1.5608': attribute type 3 has an invalid length.
[ 1093.152314][T22939] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.5608'.
[ 1093.840510][T22950] netlink: 'syz.0.5611': attribute type 10 has an invalid length.
[ 1095.246630][T22969] netlink: 'syz.1.5616': attribute type 2 has an invalid length.
[ 1095.256676][T22969] netlink: 'syz.1.5616': attribute type 8 has an invalid length.
[ 1095.265197][T22969] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5616'.
[ 1095.834841][T22974] netlink: 'syz.1.5616': attribute type 10 has an invalid length.
[ 1096.020089][T22971] netlink: 'syz.0.5625': attribute type 10 has an invalid length.
[ 1096.545849][T22987] netlink: 'syz.0.5622': attribute type 2 has an invalid length.
[ 1096.568087][T22987] netlink: 'syz.0.5622': attribute type 8 has an invalid length.
[ 1096.587755][T22987] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5622'.
[ 1096.655112][T22987] netlink: 'syz.0.5622': attribute type 10 has an invalid length.
[ 1098.085784][   T60] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1098.250198][T23010] netlink: 64859 bytes leftover after parsing attributes in process `syz.0.5631'.
[ 1098.570187][T23013] netlink: 'syz.2.5632': attribute type 10 has an invalid length.
[ 1098.618718][T23018] netlink: 'syz.3.5634': attribute type 2 has an invalid length.
[ 1098.627105][T23018] netlink: 'syz.3.5634': attribute type 8 has an invalid length.
[ 1098.647851][T23018] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5634'.
[ 1098.677628][T23018] netlink: 'syz.3.5634': attribute type 10 has an invalid length.
[ 1099.043902][T23023] netlink: 'syz.1.5636': attribute type 2 has an invalid length.
[ 1099.052537][T23023] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5636'.
[ 1100.555755][T23048] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.5645'.
[ 1100.848313][T23054] validate_nla: 3 callbacks suppressed
[ 1100.848338][T23054] netlink: 'syz.2.5646': attribute type 10 has an invalid length.
[ 1100.972503][T23056] netlink: 'syz.1.5648': attribute type 2 has an invalid length.
[ 1100.989922][T23056] netlink: 'syz.1.5648': attribute type 8 has an invalid length.
[ 1101.011219][T23056] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5648'.
[ 1101.042339][T23059] netlink: 'syz.1.5648': attribute type 10 has an invalid length.
[ 1102.976418][T23087] netlink: 'syz.2.5661': attribute type 2 has an invalid length.
[ 1103.016296][T23087] netlink: 'syz.2.5661': attribute type 8 has an invalid length.
[ 1103.041135][T23087] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5661'.
[ 1103.076397][T23092] netlink: 'syz.2.5661': attribute type 10 has an invalid length.
[ 1103.400650][T23095] netlink: 'syz.0.5662': attribute type 10 has an invalid length.
[ 1103.684766][T23101] FAULT_INJECTION: forcing a failure.
[ 1103.684766][T23101] name failslab, interval 1, probability 0, space 0, times 0
[ 1103.730445][T23101] CPU: 1 PID: 23101 Comm: syz.3.5665 Not tainted syzkaller #0
[ 1103.738124][T23101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1103.748517][T23101] Call Trace:
[ 1103.752122][T23101]  <TASK>
[ 1103.755254][T23101]  dump_stack_lvl+0x18c/0x250
[ 1103.760209][T23101]  ? show_regs_print_info+0x20/0x20
[ 1103.765608][T23101]  ? load_image+0x420/0x420
[ 1103.770335][T23101]  ? __might_sleep+0xe0/0xe0
[ 1103.775152][T23101]  ? __lock_acquire+0x7d40/0x7d40
[ 1103.780394][T23101]  should_fail_ex+0x39d/0x4d0
[ 1103.785353][T23101]  should_failslab+0x9/0x20
[ 1103.790018][T23101]  slab_pre_alloc_hook+0x59/0x310
[ 1103.795269][T23101]  ? __get_vm_area_node+0x125/0x370
[ 1103.800902][T23101]  __kmem_cache_alloc_node+0x53/0x250
[ 1103.806465][T23101]  ? __get_vm_area_node+0x125/0x370
[ 1103.812019][T23101]  kmalloc_node_trace+0x26/0xe0
[ 1103.817475][T23101]  __get_vm_area_node+0x125/0x370
[ 1103.822621][T23101]  __vmalloc_node_range+0x36e/0x1330
[ 1103.828292][T23101]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1103.834462][T23101]  ? irqentry_enter+0x37/0x50
[ 1103.839463][T23101]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1103.845629][T23101]  ? lock_chain_count+0x20/0x20
[ 1103.850853][T23101]  ? asm_common_interrupt+0x26/0x40
[ 1103.856166][T23101]  ? free_vm_area+0x50/0x50
[ 1103.860858][T23101]  ? end_current_label_crit_section+0x170/0x170
[ 1103.867186][T23101]  ? safesetid_security_capable+0x42/0x1a0
[ 1103.873275][T23101]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1103.878916][T23101]  __vmalloc+0x7a/0x90
[ 1103.883072][T23101]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1103.888676][T23101]  bpf_prog_alloc_no_stats+0x47/0x440
[ 1103.894196][T23101]  ? bpf_prog_alloc+0x2b/0x1a0
[ 1103.899023][T23101]  bpf_prog_alloc+0x3d/0x1a0
[ 1103.903762][T23101]  bpf_prog_load+0x6eb/0x1670
[ 1103.908690][T23101]  ? map_freeze+0x420/0x420
[ 1103.913594][T23101]  ? __might_fault+0xaa/0x120
[ 1103.918573][T23101]  ? __lock_acquire+0x7d40/0x7d40
[ 1103.923903][T23101]  ? file_end_write+0x159/0x250
[ 1103.929090][T23101]  ? __might_fault+0xaa/0x120
[ 1103.934358][T23101]  ? __might_fault+0xc6/0x120
[ 1103.939407][T23101]  ? __might_fault+0xaa/0x120
[ 1103.944834][T23101]  ? bpf_lsm_bpf+0x9/0x10
[ 1103.949301][T23101]  ? security_bpf+0x7e/0xa0
[ 1103.954044][T23101]  __sys_bpf+0x5ba/0x890
[ 1103.958605][T23101]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1103.964909][T23101]  ? lock_chain_count+0x20/0x20
[ 1103.970035][T23101]  __x64_sys_bpf+0x7c/0x90
[ 1103.974762][T23101]  do_syscall_64+0x55/0xa0
[ 1103.979447][T23101]  ? clear_bhb_loop+0x40/0x90
[ 1103.984588][T23101]  ? clear_bhb_loop+0x40/0x90
[ 1103.989576][T23101]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1103.996275][T23101] RIP: 0033:0x7f8c8759cdd9
[ 1104.001027][T23101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1104.021981][T23101] RSP: 002b:00007f8c884be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1104.030758][T23101] RAX: ffffffffffffffda RBX: 00007f8c87815fa0 RCX: 00007f8c8759cdd9
[ 1104.039140][T23101] RDX: 0000000000000094 RSI: 0000200000000680 RDI: 0000000000000005
[ 1104.047526][T23101] RBP: 00007f8c884be090 R08: 0000000000000000 R09: 0000000000000000
[ 1104.055707][T23101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1104.064491][T23101] R13: 00007f8c87816038 R14: 00007f8c87815fa0 R15: 00007ffd307dab68
[ 1104.072894][T23101]  </TASK>
[ 1104.167543][T23101] syz.3.5665: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[ 1104.216338][T23101] CPU: 1 PID: 23101 Comm: syz.3.5665 Not tainted syzkaller #0
[ 1104.224095][T23101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1104.234665][T23101] Call Trace:
[ 1104.238103][T23101]  <TASK>
[ 1104.241187][T23101]  dump_stack_lvl+0x18c/0x250
[ 1104.246056][T23101]  ? show_regs_print_info+0x20/0x20
[ 1104.251634][T23101]  ? load_image+0x420/0x420
[ 1104.256232][T23101]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1104.262823][T23101]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[ 1104.270213][T23101]  warn_alloc+0x246/0x340
[ 1104.274955][T23101]  ? __get_vm_area_node+0x125/0x370
[ 1104.280358][T23101]  ? zone_watermark_ok_safe+0x230/0x230
[ 1104.286083][T23101]  ? rcu_is_watching+0x15/0xb0
[ 1104.290964][T23101]  ? __get_vm_area_node+0x356/0x370
[ 1104.296579][T23101]  __vmalloc_node_range+0x393/0x1330
[ 1104.303701][T23101]  ? irqentry_enter+0x37/0x50
[ 1104.308754][T23101]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1104.315194][T23101]  ? lock_chain_count+0x20/0x20
[ 1104.320511][T23101]  ? asm_common_interrupt+0x26/0x40
[ 1104.326263][T23101]  ? free_vm_area+0x50/0x50
[ 1104.331124][T23101]  ? end_current_label_crit_section+0x170/0x170
[ 1104.337819][T23101]  ? safesetid_security_capable+0x42/0x1a0
[ 1104.344376][T23101]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1104.350348][T23101]  __vmalloc+0x7a/0x90
[ 1104.354780][T23101]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1104.361718][T23101]  bpf_prog_alloc_no_stats+0x47/0x440
[ 1104.367826][T23101]  ? bpf_prog_alloc+0x2b/0x1a0
[ 1104.372970][T23101]  bpf_prog_alloc+0x3d/0x1a0
[ 1104.377951][T23101]  bpf_prog_load+0x6eb/0x1670
[ 1104.383280][T23101]  ? map_freeze+0x420/0x420
[ 1104.388061][T23101]  ? __might_fault+0xaa/0x120
[ 1104.393085][T23101]  ? __lock_acquire+0x7d40/0x7d40
[ 1104.398671][T23101]  ? file_end_write+0x159/0x250
[ 1104.403900][T23101]  ? __might_fault+0xaa/0x120
[ 1104.408939][T23101]  ? __might_fault+0xc6/0x120
[ 1104.414338][T23101]  ? __might_fault+0xaa/0x120
[ 1104.419136][T23101]  ? bpf_lsm_bpf+0x9/0x10
[ 1104.423821][T23101]  ? security_bpf+0x7e/0xa0
[ 1104.428929][T23101]  __sys_bpf+0x5ba/0x890
[ 1104.433940][T23101]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1104.439948][T23101]  ? lock_chain_count+0x20/0x20
[ 1104.445016][T23101]  __x64_sys_bpf+0x7c/0x90
[ 1104.449610][T23101]  do_syscall_64+0x55/0xa0
[ 1104.454562][T23101]  ? clear_bhb_loop+0x40/0x90
[ 1104.459826][T23101]  ? clear_bhb_loop+0x40/0x90
[ 1104.465311][T23101]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1104.471703][T23101] RIP: 0033:0x7f8c8759cdd9
[ 1104.476473][T23101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1104.497443][T23101] RSP: 002b:00007f8c884be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1104.506081][T23101] RAX: ffffffffffffffda RBX: 00007f8c87815fa0 RCX: 00007f8c8759cdd9
[ 1104.514554][T23101] RDX: 0000000000000094 RSI: 0000200000000680 RDI: 0000000000000005
[ 1104.523344][T23101] RBP: 00007f8c884be090 R08: 0000000000000000 R09: 0000000000000000
[ 1104.531663][T23101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1104.539944][T23101] R13: 00007f8c87816038 R14: 00007f8c87815fa0 R15: 00007ffd307dab68
[ 1104.548372][T23101]  </TASK>
[ 1104.559022][T23101] Mem-Info:
[ 1104.562766][T23101] active_anon:5727 inactive_anon:0 isolated_anon:0
[ 1104.562766][T23101]  active_file:18582 inactive_file:40341 isolated_file:0
[ 1104.562766][T23101]  unevictable:768 dirty:89 writeback:0
[ 1104.562766][T23101]  slab_reclaimable:10731 slab_unreclaimable:95110
[ 1104.562766][T23101]  mapped:24949 shmem:1361 pagetables:526
[ 1104.562766][T23101]  sec_pagetables:0 bounce:0
[ 1104.562766][T23101]  kernel_misc_reclaimable:0
[ 1104.562766][T23101]  free:1339542 free_pcp:14144 free_cma:0
[ 1104.654758][T23101] Node 0 active_anon:23068kB inactive_anon:0kB active_file:74328kB inactive_file:161160kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103904kB dirty:316kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10252kB pagetables:2180kB sec_pagetables:0kB all_unreclaimable? no
[ 1104.757671][T23101] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1104.857555][T23101] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1104.937892][T23101] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1105.027611][T23101] Node 0 DMA32 free:1450440kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:23028kB inactive_anon:0kB active_file:74328kB inactive_file:160340kB unevictable:1536kB writepending:316kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:36316kB local_pcp:18896kB free_cma:0kB
[ 1105.124682][T23101] lowmem_reserve[]: 0 0 0 0 0
[ 1105.131435][T23101] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[ 1105.187760][T23101] lowmem_reserve[]: 0 0 0 0 0
[ 1105.192868][T23101] Node 1 Normal free:3892368kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21156kB local_pcp:10116kB free_cma:0kB
[ 1105.277882][T23101] lowmem_reserve[]: 0 0 0 0 0
[ 1105.282903][T23101] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1105.327708][T23101] Node 0 DMA32: 820*4kB (UM) 1049*8kB (UM) 1037*16kB (UME) 795*32kB (UME) 420*64kB (UME) 786*128kB (UME) 214*256kB (UME) 58*512kB (UM) 29*1024kB (UM) 6*2048kB (M) 279*4096kB (UM) = 1450440kB
[ 1105.391083][T23101] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1105.422961][T23101] Node 1 Normal: 182*4kB (UM) 39*8kB (UME) 24*16kB (UME) 18*32kB (UME) 9*64kB (UE) 5*128kB (UME) 0*256kB 2*512kB (UM) 1*1024kB (E) 2*2048kB (UE) 948*4096kB (M) = 3892368kB
[ 1105.451622][T23101] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1105.489593][T23101] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1105.517787][T23101] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1105.557625][T23101] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1105.577933][T23101] 60286 total pagecache pages
[ 1105.594473][T23101] 0 pages in swap cache
[ 1105.603594][T23101] Free swap  = 124996kB
[ 1105.618105][T23101] Total swap = 124996kB
[ 1105.622375][T23101] 2097051 pages RAM
[ 1105.624375][T23122] netlink: 'syz.0.5672': attribute type 2 has an invalid length.
[ 1105.626309][T23101] 0 pages HighMem/MovableOnly
[ 1105.642808][T23122] netlink: 'syz.0.5672': attribute type 8 has an invalid length.
[ 1105.660915][T23101] 416927 pages reserved
[ 1105.666598][T23101] 0 pages cma reserved
[ 1105.668333][T23122] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5672'.
[ 1106.031161][T23126] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5673'.
[ 1107.122828][T23137] validate_nla: 1 callbacks suppressed
[ 1107.122854][T23137] netlink: 'syz.2.5676': attribute type 10 has an invalid length.
[ 1108.079187][T23157] netlink: 'syz.2.5683': attribute type 2 has an invalid length.
[ 1108.149388][T23157] netlink: 'syz.2.5683': attribute type 8 has an invalid length.
[ 1108.199319][T23157] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5683'.
[ 1108.247684][T23160] netlink: 'syz.2.5683': attribute type 10 has an invalid length.
[ 1108.441067][T23165] netlink: 'syz.3.5684': attribute type 10 has an invalid length.
[ 1110.355968][T23186] netlink: 'syz.2.5691': attribute type 10 has an invalid length.
[ 1110.681294][T23190] netlink: 'syz.3.5694': attribute type 2 has an invalid length.
[ 1110.704985][T23190] netlink: 'syz.3.5694': attribute type 8 has an invalid length.
[ 1110.724706][T23190] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5694'.
[ 1110.746202][T23190] netlink: 'syz.3.5694': attribute type 10 has an invalid length.
[ 1110.772331][T23192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5693'.
[ 1111.326207][T23202] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.5697'.
[ 1112.991794][T23223] netlink: 'syz.1.5704': attribute type 10 has an invalid length.
[ 1113.053072][T23227] netlink: 'syz.0.5706': attribute type 2 has an invalid length.
[ 1113.061914][T23227] netlink: 'syz.0.5706': attribute type 8 has an invalid length.
[ 1113.071410][T23227] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5706'.
[ 1113.084160][T23227] netlink: 'syz.0.5706': attribute type 10 has an invalid length.
[ 1114.599022][T23247] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.5716'.
[ 1114.658485][T23247] netlink: zone id is out of range
[ 1114.690759][T23247] netlink: zone id is out of range
[ 1114.696716][T23247] netlink: zone id is out of range
[ 1114.707228][T23247] netlink: zone id is out of range
[ 1114.713964][T23247] netlink: zone id is out of range
[ 1114.726372][T23247] netlink: zone id is out of range
[ 1114.798436][T23247] netlink: zone id is out of range
[ 1114.804280][T23247] netlink: zone id is out of range
[ 1114.830217][T23250] netlink: 14568 bytes leftover after parsing attributes in process `syz.2.5716'.
[ 1114.870709][T23247] netlink: zone id is out of range
[ 1114.885956][T23247] netlink: zone id is out of range
[ 1114.903551][T23252] netlink: 'syz.0.5717': attribute type 2 has an invalid length.
[ 1114.934120][T23252] netlink: 'syz.0.5717': attribute type 8 has an invalid length.
[ 1114.945078][T23252] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5717'.
[ 1114.976511][T23252] netlink: 'syz.0.5717': attribute type 10 has an invalid length.
[ 1115.718536][T23261] netlink: 'syz.2.5720': attribute type 10 has an invalid length.
[ 1116.453457][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.463488][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.886916][T23282] netlink: 'syz.1.5729': attribute type 2 has an invalid length.
[ 1116.906815][T23282] netlink: 'syz.1.5729': attribute type 8 has an invalid length.
[ 1116.925419][T23282] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5729'.
[ 1117.558128][T19529] Bluetooth: hci0: unexpected subevent 0x03 length: 150 > 9
[ 1117.626807][T23291] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5732'.
[ 1118.334154][T23301] validate_nla: 1 callbacks suppressed
[ 1118.334232][T23301] netlink: 'syz.0.5735': attribute type 10 has an invalid length.
[ 1119.201611][T23314] netlink: 'syz.3.5740': attribute type 10 has an invalid length.
[ 1119.341696][T23314] team0: Port device syz_tun added
[ 1119.376715][T23317] netlink: 'syz.0.5742': attribute type 2 has an invalid length.
[ 1119.407132][T23317] netlink: 'syz.0.5742': attribute type 8 has an invalid length.
[ 1119.439574][T23317] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5742'.
[ 1119.471974][T23321] netlink: 'syz.0.5742': attribute type 10 has an invalid length.
[ 1119.764212][T23325] netlink: 'syz.1.5744': attribute type 10 has an invalid length.
[ 1119.797510][T23325] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1119.934678][T23325] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1119.943249][T23325] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1120.049369][T23325] team0: Port device bridge0 added
[ 1120.204426][T21442] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1121.028788][T23340] netlink: 'syz.0.5750': attribute type 10 has an invalid length.
[ 1121.774825][T23352] netlink: 'syz.3.5754': attribute type 2 has an invalid length.
[ 1121.807919][T23352] netlink: 'syz.3.5754': attribute type 8 has an invalid length.
[ 1121.816069][T23352] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5754'.
[ 1121.890218][T23352] netlink: 'syz.3.5754': attribute type 10 has an invalid length.
[ 1124.073841][T23382] netlink: 'syz.3.5764': attribute type 10 has an invalid length.
[ 1124.349971][T23389] netlink: 'syz.2.5768': attribute type 2 has an invalid length.
[ 1124.381869][T23389] netlink: 'syz.2.5768': attribute type 8 has an invalid length.
[ 1124.407706][T23389] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5768'.
[ 1124.459978][T23389] netlink: 'syz.2.5768': attribute type 10 has an invalid length.
[ 1126.874411][T23425] netlink: 'syz.2.5779': attribute type 10 has an invalid length.
[ 1127.992347][T23442] netlink: 'syz.0.5785': attribute type 2 has an invalid length.
[ 1128.041018][T23442] netlink: 'syz.0.5785': attribute type 8 has an invalid length.
[ 1128.088004][T23442] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5785'.
[ 1128.140434][T23448] netlink: 'syz.0.5785': attribute type 10 has an invalid length.
[ 1129.113160][ T6030] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1130.010529][T23474] netlink: 'syz.0.5794': attribute type 10 has an invalid length.
[ 1130.305168][T23483] netlink: 'syz.2.5797': attribute type 2 has an invalid length.
[ 1130.323949][T23483] netlink: 'syz.2.5797': attribute type 8 has an invalid length.
[ 1130.338269][T23483] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5797'.
[ 1130.383415][T23478] netlink: 'syz.1.5796': attribute type 21 has an invalid length.
[ 1130.401564][T23478] netlink: 'syz.1.5796': attribute type 1 has an invalid length.
[ 1130.427045][T23478] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5796'.
[ 1130.457858][T23484] netlink: 'syz.2.5797': attribute type 10 has an invalid length.
[ 1132.576743][T23511] netlink: 'syz.0.5809': attribute type 2 has an invalid length.
[ 1132.597742][T23511] netlink: 'syz.0.5809': attribute type 8 has an invalid length.
[ 1132.653961][T23511] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5809'.
[ 1132.690887][T23509] netlink: 'syz.3.5808': attribute type 10 has an invalid length.
[ 1132.733901][T23513] netlink: 'syz.0.5809': attribute type 10 has an invalid length.
[ 1138.534542][T23540] netlink: 'syz.0.5820': attribute type 2 has an invalid length.
[ 1138.567921][T23540] netlink: 'syz.0.5820': attribute type 8 has an invalid length.
[ 1138.576321][T23540] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5820'.
[ 1138.609112][T23541] netlink: 'syz.0.5820': attribute type 10 has an invalid length.
[ 1139.224492][T23554] netlink: 'syz.2.5822': attribute type 10 has an invalid length.
[ 1140.455426][T23573] netlink: 'syz.0.5832': attribute type 2 has an invalid length.
[ 1140.463874][T23573] netlink: 'syz.0.5832': attribute type 8 has an invalid length.
[ 1140.472361][T23573] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5832'.
[ 1140.573008][T23573] netlink: 'syz.0.5832': attribute type 10 has an invalid length.
[ 1140.710326][T23576] netlink: 'syz.1.5833': attribute type 1 has an invalid length.
[ 1141.305432][T23586] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.5838'.
[ 1141.408437][T23585] delete_channel: no stack
[ 1142.874068][T23612] netlink: 'syz.0.5847': attribute type 2 has an invalid length.
[ 1142.887518][T23612] netlink: 'syz.0.5847': attribute type 8 has an invalid length.
[ 1142.895705][T23612] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5847'.
[ 1144.908815][T23640] validate_nla: 1 callbacks suppressed
[ 1144.908840][T23640] netlink: 'syz.0.5859': attribute type 2 has an invalid length.
[ 1144.937928][T23640] netlink: 'syz.0.5859': attribute type 8 has an invalid length.
[ 1144.964152][T23640] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5859'.
[ 1145.158502][T23640] netlink: 'syz.0.5859': attribute type 10 has an invalid length.
[ 1146.086367][T23646] netlink: 'syz.1.5860': attribute type 10 has an invalid length.
[ 1146.977891][T23665] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5864'.
[ 1148.540107][T23689] netlink: 'syz.2.5871': attribute type 2 has an invalid length.
[ 1148.558544][T23689] netlink: 'syz.2.5871': attribute type 8 has an invalid length.
[ 1148.577671][T23689] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5871'.
[ 1148.604002][T23689] netlink: 'syz.2.5871': attribute type 10 has an invalid length.
[ 1148.778941][T23691] netlink: 'syz.0.5872': attribute type 10 has an invalid length.
[ 1151.251511][ T2942] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1152.822739][T23723] netlink: 'syz.2.5883': attribute type 2 has an invalid length.
[ 1152.848853][T23723] netlink: 'syz.2.5883': attribute type 8 has an invalid length.
[ 1152.857218][T23723] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5883'.
[ 1152.898316][T23723] netlink: 'syz.2.5883': attribute type 10 has an invalid length.
[ 1153.745850][T23737] netlink: 'syz.0.5887': attribute type 10 has an invalid length.
[ 1155.089163][T23757] netlink: 'syz.2.5896': attribute type 2 has an invalid length.
[ 1155.097113][T23757] netlink: 'syz.2.5896': attribute type 8 has an invalid length.
[ 1155.111721][T23757] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5896'.
[ 1155.128069][T23757] netlink: 'syz.2.5896': attribute type 10 has an invalid length.
[ 1155.645368][T23763] netlink: 14 bytes leftover after parsing attributes in process `syz.3.5898'.
[ 1155.678142][T23763] hsr_slave_0: left promiscuous mode
[ 1155.728869][T23763] hsr_slave_1: left promiscuous mode
[ 1156.717934][T23780] netlink: 'syz.3.5903': attribute type 10 has an invalid length.
[ 1157.061777][T23786] netlink: 'syz.1.5908': attribute type 2 has an invalid length.
[ 1157.078697][T23786] netlink: 'syz.1.5908': attribute type 8 has an invalid length.
[ 1157.114003][T23786] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5908'.
[ 1157.684686][T23794] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.5910'.
[ 1158.180967][T23794] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.5910'.
[ 1159.876966][T23819] validate_nla: 2 callbacks suppressed
[ 1159.876989][T23819] netlink: 'syz.2.5920': attribute type 2 has an invalid length.
[ 1159.894949][T23819] netlink: 'syz.2.5920': attribute type 8 has an invalid length.
[ 1159.907518][T23819] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5920'.
[ 1160.011202][T23819] netlink: 'syz.2.5920': attribute type 10 has an invalid length.
[ 1160.212674][T23821] netlink: 'syz.3.5919': attribute type 10 has an invalid length.
[ 1160.242634][ T1132] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1161.313535][T23838] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.5924'.
[ 1162.503138][T23855] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5932'.
[ 1162.611236][T23855] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5932'.
[ 1162.916815][T23860] netlink: 'syz.1.5933': attribute type 2 has an invalid length.
[ 1162.952604][T23860] netlink: 'syz.1.5933': attribute type 8 has an invalid length.
[ 1162.993984][T23860] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5933'.
[ 1163.043678][T23863] netlink: 'syz.1.5933': attribute type 10 has an invalid length.
[ 1163.307483][T23865] netlink: 'syz.3.5934': attribute type 10 has an invalid length.
[ 1167.809614][T23903] netlink: 'syz.0.5945': attribute type 2 has an invalid length.
[ 1167.837697][T23903] netlink: 'syz.0.5945': attribute type 8 has an invalid length.
[ 1167.845596][T23903] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5945'.
[ 1167.891796][T23905] netlink: 'syz.0.5945': attribute type 10 has an invalid length.
[ 1168.526321][T23908] netlink: 'syz.2.5947': attribute type 10 has an invalid length.
[ 1170.574806][T23938] netlink: 'syz.2.5958': attribute type 2 has an invalid length.
[ 1170.610369][T23938] netlink: 'syz.2.5958': attribute type 8 has an invalid length.
[ 1170.629818][T23938] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5958'.
[ 1170.737842][T23938] netlink: 'syz.2.5958': attribute type 10 has an invalid length.
[ 1174.706652][T23965] syz.2.5967[23965] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1174.717444][T23965] syz.2.5967[23965] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1175.470332][T23979] netlink: 'syz.0.5972': attribute type 2 has an invalid length.
[ 1175.517640][T23979] netlink: 'syz.0.5972': attribute type 8 has an invalid length.
[ 1175.550000][T23979] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5972'.
[ 1175.739822][T23979] netlink: 'syz.0.5972': attribute type 10 has an invalid length.
[ 1177.288683][T24002] netlink: 'syz.2.5978': attribute type 10 has an invalid length.
[ 1177.294681][T24004] netlink: 'syz.0.5979': attribute type 29 has an invalid length.
[ 1177.339921][T24004] netlink: 'syz.0.5979': attribute type 29 has an invalid length.
[ 1177.459477][T24004] netlink: 'syz.0.5979': attribute type 29 has an invalid length.
[ 1177.892716][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.899683][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1178.842549][T24026] netlink: 'syz.0.5987': attribute type 2 has an invalid length.
[ 1178.867907][T24026] netlink: 'syz.0.5987': attribute type 8 has an invalid length.
[ 1178.934984][T24026] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5987'.
[ 1178.974768][T24026] netlink: 'syz.0.5987': attribute type 10 has an invalid length.
[ 1179.296677][T24031] 8021q: adding VLAN 0 to HW filter on device team0
[ 1179.355193][T24031] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1180.182500][T24048] IPv6: Can't replace route, no match found
[ 1180.593199][T24052] FAULT_INJECTION: forcing a failure.
[ 1180.593199][T24052] name failslab, interval 1, probability 0, space 0, times 0
[ 1180.681539][T24052] CPU: 1 PID: 24052 Comm: syz.2.5996 Not tainted syzkaller #0
[ 1180.689146][T24052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1180.699676][T24052] Call Trace:
[ 1180.703159][T24052]  <TASK>
[ 1180.706343][T24052]  dump_stack_lvl+0x18c/0x250
[ 1180.711410][T24052]  ? show_regs_print_info+0x20/0x20
[ 1180.716794][T24052]  ? load_image+0x420/0x420
[ 1180.721442][T24052]  ? verify_lock_unused+0x140/0x140
[ 1180.727178][T24052]  ? perf_trace_lock+0x304/0x3b0
[ 1180.732343][T24052]  should_fail_ex+0x39d/0x4d0
[ 1180.737308][T24052]  should_failslab+0x9/0x20
[ 1180.742158][T24052]  slab_pre_alloc_hook+0x59/0x310
[ 1180.747737][T24052]  kmem_cache_alloc+0x5a/0x2d0
[ 1180.752593][T24052]  ? skb_clone+0x1eb/0x370
[ 1180.757459][T24052]  skb_clone+0x1eb/0x370
[ 1180.761881][T24052]  __netlink_deliver_tap+0x41c/0x830
[ 1180.767467][T24052]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1180.772757][T24052]  netlink_deliver_tap+0x19c/0x1b0
[ 1180.778229][T24052]  __netlink_sendskb+0x4b/0x90
[ 1180.783179][T24052]  netlink_dump+0xa75/0xe50
[ 1180.787909][T24052]  ? netlink_lookup+0x200/0x200
[ 1180.793174][T24052]  ? __inet_diag_dump_start+0x88d/0x9f0
[ 1180.798896][T24052]  ? netlink_lookup+0x30/0x200
[ 1180.804040][T24052]  __netlink_dump_start+0x5f1/0x810
[ 1180.809651][T24052]  inet_diag_rcv_msg_compat+0x215/0x440
[ 1180.815901][T24052]  ? __inet_diag_dump+0x380/0x380
[ 1180.821149][T24052]  ? sock_diag_rcv_msg+0xd1/0x600
[ 1180.826272][T24052]  ? inet_diag_rcv_msg_compat+0x440/0x440
[ 1180.832342][T24052]  ? inet_diag_dump_start_compat+0x20/0x20
[ 1180.838232][T24052]  ? inet_diag_dump+0x50/0x50
[ 1180.843025][T24052]  ? __inet_diag_dump+0x380/0x380
[ 1180.848412][T24052]  sock_diag_rcv_msg+0x3d8/0x600
[ 1180.853926][T24052]  netlink_rcv_skb+0x241/0x4d0
[ 1180.858867][T24052]  ? sock_diag_bind+0xb0/0xb0
[ 1180.863720][T24052]  ? netlink_ack+0x1180/0x1180
[ 1180.868727][T24052]  ? __lock_acquire+0x7d40/0x7d40
[ 1180.873945][T24052]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1180.879437][T24052]  sock_diag_rcv+0x2a/0x40
[ 1180.883929][T24052]  netlink_unicast+0x751/0x8d0
[ 1180.888820][T24052]  netlink_sendmsg+0x8d0/0xbf0
[ 1180.893664][T24052]  ? perf_trace_lock+0x304/0x3b0
[ 1180.898837][T24052]  ? netlink_getsockopt+0x590/0x590
[ 1180.904330][T24052]  ? aa_sock_msg_perm+0x94/0x150
[ 1180.909894][T24052]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1180.915279][T24052]  ? security_socket_sendmsg+0x80/0xa0
[ 1180.920891][T24052]  ? netlink_getsockopt+0x590/0x590
[ 1180.926213][T24052]  ____sys_sendmsg+0x5ba/0x960
[ 1180.931357][T24052]  ? __asan_memset+0x22/0x40
[ 1180.936232][T24052]  ? __sys_sendmsg_sock+0x30/0x30
[ 1180.941518][T24052]  ? __import_iovec+0x5f2/0x850
[ 1180.946669][T24052]  ? import_iovec+0x73/0xa0
[ 1180.951275][T24052]  ___sys_sendmsg+0x2a6/0x360
[ 1180.956060][T24052]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1180.961005][T24052]  ? __lock_acquire+0x7d40/0x7d40
[ 1180.966318][T24052]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1180.971267][T24052]  ? __x64_sys_sendmsg+0x80/0x80
[ 1180.976700][T24052]  ? lockdep_hardirqs_on+0x98/0x150
[ 1180.982264][T24052]  do_syscall_64+0x55/0xa0
[ 1180.986764][T24052]  ? clear_bhb_loop+0x40/0x90
[ 1180.991606][T24052]  ? clear_bhb_loop+0x40/0x90
[ 1180.996475][T24052]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1181.002880][T24052] RIP: 0033:0x7f71b4d9cdd9
[ 1181.007464][T24052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1181.028331][T24052] RSP: 002b:00007f71b5c0a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1181.038851][T24052] RAX: ffffffffffffffda RBX: 00007f71b5015fa0 RCX: 00007f71b4d9cdd9
[ 1181.047180][T24052] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1181.056031][T24052] RBP: 00007f71b5c0a090 R08: 0000000000000000 R09: 0000000000000000
[ 1181.064518][T24052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1181.072995][T24052] R13: 00007f71b5016038 R14: 00007f71b5015fa0 R15: 00007ffead728628
[ 1181.081761][T24052]  </TASK>
[ 1181.612209][T24062] validate_nla: 2 callbacks suppressed
[ 1181.612235][T24062] netlink: 'syz.3.6000': attribute type 2 has an invalid length.
[ 1181.744561][T24062] netlink: 'syz.3.6000': attribute type 8 has an invalid length.
[ 1181.779106][T24062] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6000'.
[ 1181.816918][T24063] netlink: 'syz.3.6000': attribute type 10 has an invalid length.
[ 1182.758952][T24082] netlink: 'syz.3.6006': attribute type 10 has an invalid length.
[ 1182.770574][ T2942] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1184.149523][T24101] netlink: 'syz.1.6014': attribute type 2 has an invalid length.
[ 1184.203545][T24101] netlink: 'syz.1.6014': attribute type 8 has an invalid length.
[ 1184.231863][T24101] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6014'.
[ 1184.318604][T24103] netlink: 'syz.1.6014': attribute type 10 has an invalid length.
[ 1185.178835][T24117] netlink: 'syz.0.6018': attribute type 10 has an invalid length.
[ 1185.186881][T24117] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6018'.
[ 1185.291336][T24117] team0: entered promiscuous mode
[ 1185.296594][T24117] team_slave_0: entered promiscuous mode
[ 1185.384462][T24117] team_slave_1: entered promiscuous mode
[ 1185.433798][T24117] geneve1: entered promiscuous mode
[ 1185.444191][T24117] team0: entered allmulticast mode
[ 1185.463259][T24117] team_slave_0: entered allmulticast mode
[ 1185.479899][T24117] team_slave_1: entered allmulticast mode
[ 1185.486395][T24117] geneve1: entered allmulticast mode
[ 1185.512781][T24117] bridge0: port 2(team0) entered blocking state
[ 1185.548152][T24117] bridge0: port 2(team0) entered disabled state
[ 1185.594257][T24117] bridge0: port 2(team0) entered blocking state
[ 1185.601252][T24117] bridge0: port 2(team0) entered forwarding state
[ 1185.643806][T24119] netlink: 'syz.1.6019': attribute type 10 has an invalid length.
[ 1186.163882][T24128] FAULT_INJECTION: forcing a failure.
[ 1186.163882][T24128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1186.248865][T24128] CPU: 1 PID: 24128 Comm: syz.0.6022 Not tainted syzkaller #0
[ 1186.256772][T24128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1186.267023][T24128] Call Trace:
[ 1186.270369][T24128]  <TASK>
[ 1186.273456][T24128]  dump_stack_lvl+0x18c/0x250
[ 1186.278341][T24128]  ? show_regs_print_info+0x20/0x20
[ 1186.283628][T24128]  ? load_image+0x420/0x420
[ 1186.288222][T24128]  ? __might_fault+0xaa/0x120
[ 1186.292991][T24128]  ? __lock_acquire+0x7d40/0x7d40
[ 1186.298312][T24128]  should_fail_ex+0x39d/0x4d0
[ 1186.303097][T24128]  _copy_from_user+0x2f/0xe0
[ 1186.307822][T24128]  ___sys_recvmsg+0x176/0x590
[ 1186.312679][T24128]  ? __sys_recvmsg+0x2a0/0x2a0
[ 1186.317594][T24128]  ? trace_call_bpf+0xc3/0x6c0
[ 1186.322674][T24128]  ? trace_call_bpf+0x5e9/0x6c0
[ 1186.327860][T24128]  ? __fget_files+0x43d/0x4b0
[ 1186.332715][T24128]  __x64_sys_recvmsg+0x20c/0x2e0
[ 1186.337872][T24128]  ? perf_trace_preemptirq_template+0x269/0x330
[ 1186.344332][T24128]  ? ___sys_recvmsg+0x590/0x590
[ 1186.349565][T24128]  ? lockdep_hardirqs_on+0x98/0x150
[ 1186.354871][T24128]  do_syscall_64+0x55/0xa0
[ 1186.359427][T24128]  ? clear_bhb_loop+0x40/0x90
[ 1186.364149][T24128]  ? clear_bhb_loop+0x40/0x90
[ 1186.369044][T24128]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1186.375078][T24128] RIP: 0033:0x7fbb47d9cdd9
[ 1186.379534][T24128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1186.399707][T24128] RSP: 002b:00007fbb45ff6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1186.408432][T24128] RAX: ffffffffffffffda RBX: 00007fbb48016090 RCX: 00007fbb47d9cdd9
[ 1186.416530][T24128] RDX: 0000000040000043 RSI: 0000200000003100 RDI: 0000000000000003
[ 1186.424541][T24128] RBP: 00007fbb45ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1186.432720][T24128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1186.440911][T24128] R13: 00007fbb48016128 R14: 00007fbb48016090 R15: 00007ffcd352dc18
[ 1186.449057][T24128]  </TASK>
[ 1187.481984][T24142] netlink: 'syz.0.6027': attribute type 2 has an invalid length.
[ 1187.508636][T24142] netlink: 'syz.0.6027': attribute type 8 has an invalid length.
[ 1187.516836][T24142] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6027'.
[ 1187.550513][T24142] netlink: 'syz.0.6027': attribute type 10 has an invalid length.
[ 1187.629777][T19529] Bluetooth: hci3: unexpected event 0x06 length: 15 > 3
[ 1188.017002][T24153] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6030'.
[ 1188.053723][T24153] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6030'.
[ 1188.082145][T24157] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6030'.
[ 1188.110547][T24153] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6030'.
[ 1188.336318][T24161] netlink: 'syz.2.6032': attribute type 10 has an invalid length.
[ 1188.572633][T24152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1189.828347][T24176] netlink: 'syz.2.6038': attribute type 10 has an invalid length.
[ 1190.440491][T24176] team0 (unregistering): Port device team_slave_0 removed
[ 1190.555645][T24176] team0 (unregistering): Port device team_slave_1 removed
[ 1190.599562][T24176] team0 (unregistering): Port device geneve1 removed
[ 1190.644703][T24185] netlink: 'syz.3.6041': attribute type 2 has an invalid length.
[ 1190.657695][T24185] netlink: 'syz.3.6041': attribute type 8 has an invalid length.
[ 1190.688399][T24185] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6041'.
[ 1190.722672][T24187] netlink: 'syz.3.6041': attribute type 10 has an invalid length.
[ 1191.225442][T21442] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1192.710802][T24205] netlink: 'syz.2.6046': attribute type 10 has an invalid length.
[ 1193.105862][T24208] net_ratelimit: 80 callbacks suppressed
[ 1193.105886][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.221986][T24210] netlink: 'syz.0.6048': attribute type 1 has an invalid length.
[ 1193.230561][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.264041][T24210] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.6048'.
[ 1193.333385][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.422714][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.511353][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.592815][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.625726][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.656852][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.754791][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1193.767636][T24199] Bluetooth: hci3: command 0x0406 tx timeout
[ 1193.812874][T24208] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815
[ 1196.819989][T24220] syz.0.6050[24220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1196.823090][T24220] syz.0.6050[24220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1197.082781][T24227] netlink: 'syz.2.6052': attribute type 2 has an invalid length.
[ 1197.180007][T24227] netlink: 'syz.2.6052': attribute type 8 has an invalid length.
[ 1197.227539][T24227] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6052'.
[ 1197.288701][T24227] netlink: 'syz.2.6052': attribute type 10 has an invalid length.
[ 1199.425999][T24250] netlink: 'syz.2.6061': attribute type 2 has an invalid length.
[ 1199.488658][T24250] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6061'.
[ 1200.140814][T24254] netlink: 'syz.1.6057': attribute type 10 has an invalid length.
[ 1200.672782][T24258] netlink: 'syz.3.6063': attribute type 2 has an invalid length.
[ 1200.711343][T24258] netlink: 'syz.3.6063': attribute type 8 has an invalid length.
[ 1200.747467][T24258] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6063'.
[ 1200.788719][T24259] netlink: 'syz.3.6063': attribute type 10 has an invalid length.
[ 1201.521632][T24269] FAULT_INJECTION: forcing a failure.
[ 1201.521632][T24269] name failslab, interval 1, probability 0, space 0, times 0
[ 1201.566362][T24269] CPU: 0 PID: 24269 Comm: syz.2.6067 Not tainted syzkaller #0
[ 1201.574607][T24269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1201.585270][T24269] Call Trace:
[ 1201.588746][T24269]  <TASK>
[ 1201.591742][T24269]  dump_stack_lvl+0x18c/0x250
[ 1201.596505][T24269]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1201.603277][T24269]  ? show_regs_print_info+0x20/0x20
[ 1201.608749][T24269]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1201.615238][T24269]  should_fail_ex+0x39d/0x4d0
[ 1201.620210][T24269]  should_failslab+0x9/0x20
[ 1201.625343][T24269]  slab_pre_alloc_hook+0x59/0x310
[ 1201.630565][T24269]  ? bpf_prog_test_run_sk_lookup+0x4e9/0xbe0
[ 1201.636731][T24269]  ? bpf_prog_test_run_sk_lookup+0x4e9/0xbe0
[ 1201.643234][T24269]  __kmem_cache_alloc_node+0x53/0x250
[ 1201.650056][T24269]  ? bpf_prog_test_run_sk_lookup+0x4e9/0xbe0
[ 1201.656652][T24269]  __kmalloc+0xa4/0x230
[ 1201.661255][T24269]  bpf_prog_test_run_sk_lookup+0x4e9/0xbe0
[ 1201.667322][T24269]  ? __fget_files+0x28/0x4b0
[ 1201.672098][T24269]  ? __lock_acquire+0x7d40/0x7d40
[ 1201.677263][T24269]  ? bpf_test_timer_leave+0x150/0x150
[ 1201.682766][T24269]  ? bpf_test_timer_leave+0x150/0x150
[ 1201.688219][T24269]  bpf_prog_test_run+0x321/0x390
[ 1201.693509][T24269]  __sys_bpf+0x49d/0x890
[ 1201.698056][T24269]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1201.704227][T24269]  ? lock_chain_count+0x20/0x20
[ 1201.709464][T24269]  __x64_sys_bpf+0x7c/0x90
[ 1201.714042][T24269]  do_syscall_64+0x55/0xa0
[ 1201.718659][T24269]  ? clear_bhb_loop+0x40/0x90
[ 1201.723928][T24269]  ? clear_bhb_loop+0x40/0x90
[ 1201.728770][T24269]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1201.734743][T24269] RIP: 0033:0x7f71b4d9cdd9
[ 1201.739584][T24269] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1201.759811][T24269] RSP: 002b:00007f71b5c0a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1201.768862][T24269] RAX: ffffffffffffffda RBX: 00007f71b5015fa0 RCX: 00007f71b4d9cdd9
[ 1201.776929][T24269] RDX: 0000000000000048 RSI: 0000200000000440 RDI: 000000000000000a
[ 1201.785341][T24269] RBP: 00007f71b5c0a090 R08: 0000000000000000 R09: 0000000000000000
[ 1201.794006][T24269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1201.802573][T24269] R13: 00007f71b5016038 R14: 00007f71b5015fa0 R15: 00007ffead728628
[ 1201.811318][T24269]  </TASK>
[ 1202.434557][T24283] netlink: 'syz.2.6069': attribute type 8 has an invalid length.
[ 1202.477876][T24283] netlink: 199848 bytes leftover after parsing attributes in process `syz.2.6069'.
[ 1202.999748][T24282] netlink: 'syz.2.6069': attribute type 1 has an invalid length.
[ 1203.016272][T24282] netlink: 157116 bytes leftover after parsing attributes in process `syz.2.6069'.
[ 1203.805827][T24293] FAULT_INJECTION: forcing a failure.
[ 1203.805827][T24293] name failslab, interval 1, probability 0, space 0, times 0
[ 1203.834035][T24293] CPU: 1 PID: 24293 Comm: syz.2.6073 Not tainted syzkaller #0
[ 1203.841728][T24293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1203.852470][T24293] Call Trace:
[ 1203.855929][T24293]  <TASK>
[ 1203.859121][T24293]  dump_stack_lvl+0x18c/0x250
[ 1203.863929][T24293]  ? show_regs_print_info+0x20/0x20
[ 1203.869423][T24293]  ? load_image+0x420/0x420
[ 1203.874104][T24293]  ? __might_sleep+0xe0/0xe0
[ 1203.879032][T24293]  ? __lock_acquire+0x7d40/0x7d40
[ 1203.884298][T24293]  should_fail_ex+0x39d/0x4d0
[ 1203.889272][T24293]  should_failslab+0x9/0x20
[ 1203.893867][T24293]  slab_pre_alloc_hook+0x59/0x310
[ 1203.899134][T24293]  ? kvmalloc_node+0x70/0x180
[ 1203.904134][T24293]  ? kvmalloc_node+0x70/0x180
[ 1203.908905][T24293]  __kmem_cache_alloc_node+0x53/0x250
[ 1203.914468][T24293]  ? kvmalloc_node+0x70/0x180
[ 1203.919414][T24293]  __kmalloc_node+0xa4/0x230
[ 1203.924098][T24293]  kvmalloc_node+0x70/0x180
[ 1203.928668][T24293]  unix_prepare_fpl+0x23c/0x460
[ 1203.933781][T24293]  unix_scm_to_skb+0x2ea/0x470
[ 1203.938806][T24293]  queue_oob+0x113/0x4f0
[ 1203.943215][T24293]  ? scm_stat_add+0xc0/0xc0
[ 1203.947778][T24293]  ? trace_event_raw_event_lock+0x250/0x250
[ 1203.954018][T24293]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x10
[ 1203.960309][T24293]  ? security_socket_getpeersec_dgram+0x83/0xa0
[ 1203.967087][T24293]  unix_stream_sendmsg+0xaf3/0xbf0
[ 1203.972371][T24293]  ? aa_sk_perm+0x83c/0x970
[ 1203.977164][T24293]  ? unix_show_fdinfo+0x270/0x270
[ 1203.982578][T24293]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[ 1203.989246][T24293]  ? __might_fault+0xaa/0x120
[ 1203.994151][T24293]  ? aa_sock_msg_perm+0x94/0x150
[ 1203.999422][T24293]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1204.005057][T24293]  ? security_socket_sendmsg+0x80/0xa0
[ 1204.010656][T24293]  ? unix_show_fdinfo+0x270/0x270
[ 1204.015747][T24293]  ____sys_sendmsg+0x5ba/0x960
[ 1204.020785][T24293]  ? __sys_sendmsg_sock+0x30/0x30
[ 1204.026203][T24293]  ? __import_iovec+0x5f2/0x850
[ 1204.031498][T24293]  ? import_iovec+0x73/0xa0
[ 1204.036070][T24293]  ___sys_sendmsg+0x2a6/0x360
[ 1204.041188][T24293]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1204.046428][T24293]  ? __lock_acquire+0x7d40/0x7d40
[ 1204.051690][T24293]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1204.056689][T24293]  ? __x64_sys_sendmsg+0x80/0x80
[ 1204.061831][T24293]  ? lockdep_hardirqs_on+0x98/0x150
[ 1204.067649][T24293]  do_syscall_64+0x55/0xa0
[ 1204.072297][T24293]  ? clear_bhb_loop+0x40/0x90
[ 1204.077198][T24293]  ? clear_bhb_loop+0x40/0x90
[ 1204.082039][T24293]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1204.088164][T24293] RIP: 0033:0x7f71b4d9cdd9
[ 1204.092984][T24293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1204.112997][T24293] RSP: 002b:00007f71b5c0a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1204.122084][T24293] RAX: ffffffffffffffda RBX: 00007f71b5015fa0 RCX: 00007f71b4d9cdd9
[ 1204.130190][T24293] RDX: 0000000004004881 RSI: 0000200000000600 RDI: 0000000000000004
[ 1204.138468][T24293] RBP: 00007f71b5c0a090 R08: 0000000000000000 R09: 0000000000000000
[ 1204.146953][T24293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1204.155326][T24293] R13: 00007f71b5016038 R14: 00007f71b5015fa0 R15: 00007ffead728628
[ 1204.163809][T24293]  </TASK>
[ 1204.697417][T24296] netlink: 'syz.3.6074': attribute type 10 has an invalid length.
[ 1205.027059][T24300] netlink: 'syz.0.6077': attribute type 2 has an invalid length.
[ 1205.047779][T24300] netlink: 'syz.0.6077': attribute type 8 has an invalid length.
[ 1205.063135][T24300] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6077'.
[ 1205.092974][T24302] netlink: 'syz.0.6077': attribute type 10 has an invalid length.
[ 1206.924771][T24324] netlink: 'syz.2.6084': attribute type 9 has an invalid length.
[ 1206.967530][T24324] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.6084'.
[ 1207.171260][T24324] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.6084'.
[ 1207.741827][T24335] netlink: 'syz.0.6087': attribute type 10 has an invalid length.
[ 1208.416565][T24340] netlink: 'syz.1.6089': attribute type 2 has an invalid length.
[ 1208.477457][T24340] netlink: 'syz.1.6089': attribute type 8 has an invalid length.
[ 1208.548925][T24340] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6089'.
[ 1208.626473][T24345] netlink: 'syz.1.6089': attribute type 10 has an invalid length.
[ 1210.968773][T24370] netlink: 'syz.2.6100': attribute type 10 has an invalid length.
[ 1212.888792][T24393] netlink: 'syz.2.6106': attribute type 2 has an invalid length.
[ 1212.896660][T24393] netlink: 'syz.2.6106': attribute type 8 has an invalid length.
[ 1212.949103][T24393] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6106'.
[ 1213.007543][T24395] netlink: 'syz.2.6106': attribute type 10 has an invalid length.
[ 1213.819832][ T1132] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1214.601324][T24411] netlink: 'syz.3.6109': attribute type 10 has an invalid length.
[ 1215.062855][T24411] team0 (unregistering): Port device team_slave_0 removed
[ 1215.161220][T24411] team0 (unregistering): Port device team_slave_1 removed
[ 1215.181732][T24411] team0 (unregistering): Port device geneve1 removed
[ 1215.219084][T24411] team0 (unregistering): Port device syz_tun removed
[ 1215.448581][T24413] netlink: 'syz.2.6110': attribute type 10 has an invalid length.
[ 1216.206076][T24423] netlink: 'syz.2.6116': attribute type 10 has an invalid length.
[ 1216.353886][T24429] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.6119'.
[ 1216.928070][T24438] netlink: 'syz.3.6120': attribute type 2 has an invalid length.
[ 1216.936383][T24438] netlink: 'syz.3.6120': attribute type 8 has an invalid length.
[ 1216.957193][T24438] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6120'.
[ 1216.994522][T24438] netlink: 'syz.3.6120': attribute type 10 has an invalid length.
[ 1218.450394][ T2942] wlan1: Trigger new scan to find an IBSS to join
[ 1219.067967][T24455] netlink: 'syz.1.6125': attribute type 10 has an invalid length.
[ 1220.734497][T24455] bond0: (slave team0): Releasing backup interface
[ 1220.768230][T24455] team0 (unregistering): Port device team_slave_0 removed
[ 1220.805031][T24455] team0 (unregistering): Port device team_slave_1 removed
[ 1220.860320][T24455] team0 (unregistering): Port device geneve1 removed
[ 1220.927774][T24455] team0 (unregistering): Port device wlan1 removed
[ 1221.032913][T24455] team0 (unregistering): Port device hsr_slave_0 removed
[ 1221.058495][T24455] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1221.089758][T24455] team0 (unregistering): Port device bridge0 removed
[ 1221.676845][T24461] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.6128'.
[ 1222.398919][ T6024] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1222.917647][T24472] netlink: 'syz.3.6131': attribute type 10 has an invalid length.
[ 1223.410473][ T1132] wlan1: Trigger new scan to find an IBSS to join
[ 1223.491667][T24485] netlink: 'syz.1.6132': attribute type 10 has an invalid length.
[ 1224.494098][ T1132] wlan1: Creating new IBSS network, BSSID de:9b:30:a4:3d:51
[ 1224.554236][T24500] netlink: 64859 bytes leftover after parsing attributes in process `syz.1.6141'.
[ 1224.628903][T24496] netlink: 'syz.2.6138': attribute type 21 has an invalid length.
[ 1228.753526][T24532] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.6152'.
[ 1229.430484][T24534] netlink: 'syz.3.6150': attribute type 10 has an invalid length.
[ 1229.526770][T24536] netlink: 14556 bytes leftover after parsing attributes in process `syz.1.6159'.
[ 1230.457702][T24542] netlink: 'syz.3.6155': attribute type 10 has an invalid length.
[ 1231.444103][T24550] netlink: 'syz.0.6157': attribute type 29 has an invalid length.
[ 1231.489065][T24550] netlink: 'syz.0.6157': attribute type 29 has an invalid length.
[ 1231.513834][T24553] netlink: 'syz.0.6157': attribute type 29 has an invalid length.
[ 1231.656390][T24550] FAULT_INJECTION: forcing a failure.
[ 1231.656390][T24550] name failslab, interval 1, probability 0, space 0, times 0
[ 1231.687824][T24550] CPU: 1 PID: 24550 Comm: syz.0.6157 Not tainted syzkaller #0
[ 1231.695772][T24550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1231.706600][T24550] Call Trace:
[ 1231.710041][T24550]  <TASK>
[ 1231.713049][T24550]  dump_stack_lvl+0x18c/0x250
[ 1231.717922][T24550]  ? show_regs_print_info+0x20/0x20
[ 1231.723399][T24550]  ? load_image+0x420/0x420
[ 1231.728040][T24550]  ? __lock_acquire+0x7d40/0x7d40
[ 1231.733350][T24550]  should_fail_ex+0x39d/0x4d0
[ 1231.738389][T24550]  should_failslab+0x9/0x20
[ 1231.742983][T24550]  slab_pre_alloc_hook+0x59/0x310
[ 1231.748083][T24550]  ? kernel_clone+0x24b/0x8a0
[ 1231.752836][T24550]  ? __x64_sys_clone+0x1b7/0x230
[ 1231.757853][T24550]  ? do_syscall_64+0x55/0xa0
[ 1231.762623][T24550]  kmem_cache_alloc_node+0x60/0x320
[ 1231.767915][T24550]  ? alloc_vmap_area+0x1b4/0x1e30
[ 1231.773144][T24550]  alloc_vmap_area+0x1b4/0x1e30
[ 1231.778425][T24550]  ? vm_map_ram+0xcb0/0xcb0
[ 1231.783063][T24550]  ? rcu_is_watching+0x15/0xb0
[ 1231.788012][T24550]  __get_vm_area_node+0x162/0x370
[ 1231.793492][T24550]  __vmalloc_node_range+0x36e/0x1330
[ 1231.799106][T24550]  ? copy_process+0x586/0x3d80
[ 1231.804223][T24550]  ? free_vm_area+0x50/0x50
[ 1231.808895][T24550]  ? arch_dup_task_struct+0x57/0xd0
[ 1231.814288][T24550]  ? __asan_memcpy+0x40/0x70
[ 1231.819036][T24550]  dup_task_struct+0x3d0/0x7c0
[ 1231.824098][T24550]  ? copy_process+0x586/0x3d80
[ 1231.829169][T24550]  ? lockdep_hardirqs_on+0x98/0x150
[ 1231.834471][T24550]  copy_process+0x586/0x3d80
[ 1231.839145][T24550]  ? perf_trace_buf_alloc+0x290/0x290
[ 1231.844799][T24550]  ? __pidfd_prepare+0x140/0x140
[ 1231.850130][T24550]  kernel_clone+0x24b/0x8a0
[ 1231.854932][T24550]  ? create_io_thread+0x190/0x190
[ 1231.860200][T24550]  __x64_sys_clone+0x1b7/0x230
[ 1231.865139][T24550]  ? __ia32_sys_vfork+0x140/0x140
[ 1231.870340][T24550]  ? 0xffffffffff600000
[ 1231.874687][T24550]  ? lock_chain_count+0x20/0x20
[ 1231.879680][T24550]  ? lockdep_hardirqs_on+0x98/0x150
[ 1231.885089][T24550]  do_syscall_64+0x55/0xa0
[ 1231.889585][T24550]  ? clear_bhb_loop+0x40/0x90
[ 1231.894344][T24550]  ? clear_bhb_loop+0x40/0x90
[ 1231.899147][T24550]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1231.905474][T24550] RIP: 0033:0x7fbb47d9cdd9
[ 1231.909973][T24550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1231.929775][T24550] RSP: 002b:00007fbb48b89fd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1231.938547][T24550] RAX: ffffffffffffffda RBX: 00007fbb48015fa0 RCX: 00007fbb47d9cdd9
[ 1231.946777][T24550] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c9a4080
[ 1231.954842][T24550] RBP: 00007fbb48b8a090 R08: ffffffffff600000 R09: ffffffffff600000
[ 1231.963079][T24550] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 1231.971213][T24550] R13: 00007fbb48016038 R14: 00007fbb48015fa0 R15: 00007ffcd352dc18
[ 1231.979367][T24550]  ? 0xffffffffff600000
[ 1231.983784][T24550]  ? 0xffffffffff600000
[ 1231.988236][T24550]  </TASK>
[ 1232.089343][T24550] syz.0.6157: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1232.158922][T24550] CPU: 0 PID: 24550 Comm: syz.0.6157 Not tainted syzkaller #0
[ 1232.166838][T24550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1232.177398][T24550] Call Trace:
[ 1232.180996][T24550]  <TASK>
[ 1232.184166][T24550]  dump_stack_lvl+0x18c/0x250
[ 1232.189138][T24550]  ? show_regs_print_info+0x20/0x20
[ 1232.194404][T24550]  ? load_image+0x420/0x420
[ 1232.199082][T24550]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1232.205773][T24550]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[ 1232.212532][T24550]  warn_alloc+0x246/0x340
[ 1232.217010][T24550]  ? slab_free_freelist_hook+0x130/0x1a0
[ 1232.222779][T24550]  ? zone_watermark_ok_safe+0x230/0x230
[ 1232.228377][T24550]  ? __get_vm_area_node+0x17b/0x370
[ 1232.233909][T24550]  ? __get_vm_area_node+0x17b/0x370
[ 1232.239348][T24550]  __vmalloc_node_range+0x393/0x1330
[ 1232.244781][T24550]  ? free_vm_area+0x50/0x50
[ 1232.249348][T24550]  ? arch_dup_task_struct+0x57/0xd0
[ 1232.254619][T24550]  ? __asan_memcpy+0x40/0x70
[ 1232.259382][T24550]  dup_task_struct+0x3d0/0x7c0
[ 1232.264284][T24550]  ? copy_process+0x586/0x3d80
[ 1232.269195][T24550]  ? lockdep_hardirqs_on+0x98/0x150
[ 1232.274519][T24550]  copy_process+0x586/0x3d80
[ 1232.279168][T24550]  ? perf_trace_buf_alloc+0x290/0x290
[ 1232.284754][T24550]  ? __pidfd_prepare+0x140/0x140
[ 1232.289854][T24550]  kernel_clone+0x24b/0x8a0
[ 1232.294628][T24550]  ? create_io_thread+0x190/0x190
[ 1232.299836][T24550]  __x64_sys_clone+0x1b7/0x230
[ 1232.304743][T24550]  ? __ia32_sys_vfork+0x140/0x140
[ 1232.310001][T24550]  ? 0xffffffffff600000
[ 1232.314297][T24550]  ? lock_chain_count+0x20/0x20
[ 1232.319469][T24550]  ? lockdep_hardirqs_on+0x98/0x150
[ 1232.324906][T24550]  do_syscall_64+0x55/0xa0
[ 1232.329373][T24550]  ? clear_bhb_loop+0x40/0x90
[ 1232.334272][T24550]  ? clear_bhb_loop+0x40/0x90
[ 1232.339082][T24550]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1232.345363][T24550] RIP: 0033:0x7fbb47d9cdd9
[ 1232.349993][T24550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1232.370249][T24550] RSP: 002b:00007fbb48b89fd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1232.379062][T24550] RAX: ffffffffffffffda RBX: 00007fbb48015fa0 RCX: 00007fbb47d9cdd9
[ 1232.387071][T24550] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c9a4080
[ 1232.395086][T24550] RBP: 00007fbb48b8a090 R08: ffffffffff600000 R09: ffffffffff600000
[ 1232.403368][T24550] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 1232.411725][T24550] R13: 00007fbb48016038 R14: 00007fbb48015fa0 R15: 00007ffcd352dc18
[ 1232.419924][T24550]  ? 0xffffffffff600000
[ 1232.424148][T24550]  ? 0xffffffffff600000
[ 1232.428445][T24550]  </TASK>
[ 1232.503666][T24550] Mem-Info:
[ 1232.513344][T24550] active_anon:7742 inactive_anon:0 isolated_anon:0
[ 1232.513344][T24550]  active_file:18582 inactive_file:40389 isolated_file:0
[ 1232.513344][T24550]  unevictable:768 dirty:173 writeback:0
[ 1232.513344][T24550]  slab_reclaimable:10737 slab_unreclaimable:95265
[ 1232.513344][T24550]  mapped:24949 shmem:3358 pagetables:511
[ 1232.513344][T24550]  sec_pagetables:0 bounce:0
[ 1232.513344][T24550]  kernel_misc_reclaimable:0
[ 1232.513344][T24550]  free:1345413 free_pcp:7285 free_cma:0
[ 1232.606857][T24555] netlink: 'syz.3.6160': attribute type 2 has an invalid length.
[ 1232.617945][T24550] Node 0 active_anon:29896kB inactive_anon:0kB active_file:74328kB inactive_file:161352kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99876kB dirty:692kB writeback:0kB shmem:10728kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9972kB pagetables:2080kB sec_pagetables:0kB all_unreclaimable? no
[ 1232.656608][T24555] netlink: 'syz.3.6160': attribute type 8 has an invalid length.
[ 1232.668566][T24555] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6160'.
[ 1232.679309][T24558] netlink: 'syz.3.6160': attribute type 10 has an invalid length.
[ 1232.692108][T24550] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1232.769987][T24550] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1232.801702][T24550] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1232.811775][T24550] Node 0 DMA32 free:1473460kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:23156kB inactive_anon:0kB active_file:74328kB inactive_file:160532kB unevictable:1536kB writepending:692kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:16228kB local_pcp:6360kB free_cma:0kB
[ 1232.847037][T24550] lowmem_reserve[]: 0 0 0 0 0
[ 1232.852567][T24550] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[ 1232.907527][T24550] lowmem_reserve[]: 0 0 0 0 0
[ 1232.912430][T24550] Node 1 Normal free:3892368kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21156kB local_pcp:11040kB free_cma:0kB
[ 1232.983850][T24560] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.6162'.
[ 1232.987393][T24550] lowmem_reserve[]: 0 0 0 0 0
[ 1233.027597][T24550] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1233.067385][T24550] Node 0 DMA32: 1220*4kB (UE) 1969*8kB (UM) 1230*16kB (UME) 1080*32kB (UME) 531*64kB (UME) 805*128kB (UME) 239*256kB (UME) 64*512kB (UM) 20*1024kB (UM) 4*2048kB (UM) 278*4096kB (UM) = 1473208kB
[ 1233.122824][T24550] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1233.157455][T24550] Node 1 Normal: 182*4kB (UM) 39*8kB (UME) 24*16kB (UME) 18*32kB (UME) 9*64kB (UE) 5*128kB (UME) 0*256kB 2*512kB (UM) 1*1024kB (E) 2*2048kB (UE) 948*4096kB (M) = 3892368kB
[ 1233.187589][T24550] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1233.197263][T24550] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1233.217597][T24550] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1233.241841][T24550] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1233.264800][T24550] 60362 total pagecache pages
[ 1233.296860][T24550] 0 pages in swap cache
[ 1233.301585][T24550] Free swap  = 124996kB
[ 1233.306028][T24550] Total swap = 124996kB
[ 1233.320833][T24550] 2097051 pages RAM
[ 1233.324953][T24550] 0 pages HighMem/MovableOnly
[ 1233.342266][T24550] 416927 pages reserved
[ 1233.346538][T24550] 0 pages cma reserved
[ 1233.537043][T24567] netlink: 'syz.1.6163': attribute type 21 has an invalid length.
[ 1233.648973][T24567] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6163'.
[ 1234.250630][T24573] netlink: 60 bytes leftover after parsing attributes in process `syz.3.6167'.
[ 1235.805884][T24573] netlink: 60 bytes leftover after parsing attributes in process `syz.3.6167'.
[ 1235.859059][T24587] netlink: 14556 bytes leftover after parsing attributes in process `syz.0.6169'.
[ 1237.314181][T24591] delete_channel: no stack
[ 1238.206246][T24601] netlink: 64859 bytes leftover after parsing attributes in process `syz.0.6172'.
[ 1238.400460][T24603] netlink: 'syz.3.6173': attribute type 2 has an invalid length.
[ 1238.417806][T24603] netlink: 'syz.3.6173': attribute type 8 has an invalid length.
[ 1238.437540][T24603] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6173'.
[ 1238.503504][T24608] netlink: 'syz.3.6173': attribute type 10 has an invalid length.
[ 1238.875982][T24613] FAULT_INJECTION: forcing a failure.
[ 1238.875982][T24613] name failslab, interval 1, probability 0, space 0, times 0
[ 1238.899018][T24613] CPU: 1 PID: 24613 Comm: syz.2.6177 Not tainted syzkaller #0
[ 1238.907006][T24613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1238.917402][T24613] Call Trace:
[ 1238.920752][T24613]  <TASK>
[ 1238.923749][T24613]  dump_stack_lvl+0x18c/0x250
[ 1238.928553][T24613]  ? verify_lock_unused+0x140/0x140
[ 1238.934021][T24613]  ? show_regs_print_info+0x20/0x20
[ 1238.939663][T24613]  ? load_image+0x420/0x420
[ 1238.944363][T24613]  ? crng_make_state+0x350/0x700
[ 1238.949648][T24613]  ? lockdep_hardirqs_on+0x98/0x150
[ 1238.955134][T24613]  should_fail_ex+0x39d/0x4d0
[ 1238.959980][T24613]  should_failslab+0x9/0x20
[ 1238.964547][T24613]  slab_pre_alloc_hook+0x59/0x310
[ 1238.969711][T24613]  ? sctp_add_bind_addr+0x8c/0x360
[ 1238.975172][T24613]  __kmem_cache_alloc_node+0x53/0x250
[ 1238.980689][T24613]  ? sctp_add_bind_addr+0x8c/0x360
[ 1238.985943][T24613]  kmalloc_trace+0x2a/0xe0
[ 1238.990527][T24613]  sctp_add_bind_addr+0x8c/0x360
[ 1238.995607][T24613]  sctp_copy_local_addr_list+0x315/0x4f0
[ 1239.001723][T24613]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[ 1239.008046][T24613]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[ 1239.014371][T24613]  ? sctp_v4_is_any+0x35/0x60
[ 1239.019658][T24613]  ? sctp_copy_one_addr+0x8c/0x350
[ 1239.024876][T24613]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1239.030016][T24613]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1239.037639][T24613]  sctp_connect_new_asoc+0x2f9/0x6a0
[ 1239.043173][T24613]  ? __sctp_connect+0xd80/0xd80
[ 1239.048153][T24613]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1239.053699][T24613]  ? _local_bh_enable+0xa0/0xa0
[ 1239.058759][T24613]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 1239.064805][T24613]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 1239.070746][T24613]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1239.076610][T24613]  ? security_sctp_bind_connect+0x89/0xb0
[ 1239.082471][T24613]  sctp_sendmsg+0x1575/0x28c0
[ 1239.087272][T24613]  ? sctp_getsockopt+0xb60/0xb60
[ 1239.092506][T24613]  ? aa_sk_perm+0x83c/0x970
[ 1239.097176][T24613]  ? aa_af_perm+0x330/0x330
[ 1239.102456][T24613]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[ 1239.109046][T24613]  ? sock_rps_record_flow+0x19/0x3f0
[ 1239.114417][T24613]  ? inet_sendmsg+0x7c/0x2f0
[ 1239.119059][T24613]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1239.124650][T24613]  ? security_socket_sendmsg+0x80/0xa0
[ 1239.130328][T24613]  ? inet_send_prepare+0x260/0x260
[ 1239.135578][T24613]  ____sys_sendmsg+0x5ba/0x960
[ 1239.140384][T24613]  ? __lock_acquire+0x7d40/0x7d40
[ 1239.145651][T24613]  ? __asan_memset+0x22/0x40
[ 1239.150548][T24613]  ? __sys_sendmsg_sock+0x30/0x30
[ 1239.155901][T24613]  ? __import_iovec+0x5f2/0x850
[ 1239.161003][T24613]  ? import_iovec+0x73/0xa0
[ 1239.165765][T24613]  ___sys_sendmsg+0x2a6/0x360
[ 1239.170770][T24613]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1239.175816][T24613]  ? __lock_acquire+0x7d40/0x7d40
[ 1239.180957][T24613]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1239.185951][T24613]  ? __x64_sys_sendmsg+0x80/0x80
[ 1239.190980][T24613]  ? lockdep_hardirqs_on+0x98/0x150
[ 1239.196447][T24613]  do_syscall_64+0x55/0xa0
[ 1239.201083][T24613]  ? clear_bhb_loop+0x40/0x90
[ 1239.205888][T24613]  ? clear_bhb_loop+0x40/0x90
[ 1239.210699][T24613]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1239.216787][T24613] RIP: 0033:0x7f71b4d9cdd9
[ 1239.221446][T24613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1239.241529][T24613] RSP: 002b:00007f71b5c0a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1239.250014][T24613] RAX: ffffffffffffffda RBX: 00007f71b5015fa0 RCX: 00007f71b4d9cdd9
[ 1239.258114][T24613] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[ 1239.266423][T24613] RBP: 00007f71b5c0a090 R08: 0000000000000000 R09: 0000000000000000
[ 1239.274516][T24613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1239.282609][T24613] R13: 00007f71b5016038 R14: 00007f71b5015fa0 R15: 00007ffead728628
[ 1239.290668][T24613]  </TASK>
[ 1239.348460][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.354995][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1240.260317][T24627] netlink: 'syz.2.6182': attribute type 21 has an invalid length.
[ 1240.283324][T24627] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6182'.
[ 1241.615978][T24646] netlink: 'syz.3.6187': attribute type 2 has an invalid length.
[ 1241.651678][T24646] netlink: 'syz.3.6187': attribute type 8 has an invalid length.
[ 1241.715654][T24646] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6187'.
[ 1241.737193][T24648] netlink: 'syz.3.6187': attribute type 10 has an invalid length.
[ 1241.794389][T24643] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.6185'.
[ 1243.797195][T24659] netlink: 'syz.3.6192': attribute type 10 has an invalid length.
[ 1243.888865][T24659] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6192'.
[ 1244.010336][T24659] netlink: 'syz.3.6192': attribute type 10 has an invalid length.
[ 1244.063315][T24659] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6192'.
[ 1246.495562][T24680] FAULT_INJECTION: forcing a failure.
[ 1246.495562][T24680] name failslab, interval 1, probability 0, space 0, times 0
[ 1246.599902][T24680] CPU: 1 PID: 24680 Comm: syz.1.6205 Not tainted syzkaller #0
[ 1246.607629][T24680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1246.617869][T24680] Call Trace:
[ 1246.621231][T24680]  <TASK>
[ 1246.624252][T24680]  dump_stack_lvl+0x18c/0x250
[ 1246.629057][T24680]  ? show_regs_print_info+0x20/0x20
[ 1246.634365][T24680]  ? load_image+0x420/0x420
[ 1246.639272][T24680]  ? __might_sleep+0xe0/0xe0
[ 1246.643973][T24680]  ? __lock_acquire+0x7d40/0x7d40
[ 1246.649301][T24680]  should_fail_ex+0x39d/0x4d0
[ 1246.654221][T24680]  should_failslab+0x9/0x20
[ 1246.658817][T24680]  slab_pre_alloc_hook+0x59/0x310
[ 1246.664233][T24680]  ? __lock_acquire+0x7d40/0x7d40
[ 1246.669351][T24680]  kmem_cache_alloc+0x5a/0x2d0
[ 1246.674322][T24680]  ? security_file_alloc+0x34/0x120
[ 1246.679778][T24680]  security_file_alloc+0x34/0x120
[ 1246.684959][T24680]  init_file+0x94/0x1f0
[ 1246.689186][T24680]  alloc_empty_file+0xb7/0x1d0
[ 1246.694234][T24680]  path_openat+0x113/0x3230
[ 1246.698948][T24680]  ? trace_call_bpf+0x5e9/0x6c0
[ 1246.703995][T24680]  ? trace_call_bpf+0xc3/0x6c0
[ 1246.709009][T24680]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[ 1246.714976][T24680]  ? do_filp_open+0x430/0x430
[ 1246.719706][T24680]  ? perf_trace_lock+0x304/0x3b0
[ 1246.724751][T24680]  ? trace_event_raw_event_lock+0x250/0x250
[ 1246.730823][T24680]  do_filp_open+0x1f5/0x430
[ 1246.735473][T24680]  ? alloc_fd+0x58f/0x630
[ 1246.739890][T24680]  ? vfs_tmpfile+0x490/0x490
[ 1246.744796][T24680]  ? _raw_spin_unlock+0x28/0x40
[ 1246.749802][T24680]  ? alloc_fd+0x58f/0x630
[ 1246.754224][T24680]  do_sys_openat2+0x134/0x1d0
[ 1246.759052][T24680]  ? perf_trace_preemptirq_template+0x269/0x330
[ 1246.765620][T24680]  ? do_sys_open+0xe0/0xe0
[ 1246.770124][T24680]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1246.776236][T24680]  ? lock_chain_count+0x20/0x20
[ 1246.781377][T24680]  __x64_sys_openat+0x139/0x160
[ 1246.786388][T24680]  do_syscall_64+0x55/0xa0
[ 1246.790890][T24680]  ? clear_bhb_loop+0x40/0x90
[ 1246.795837][T24680]  ? clear_bhb_loop+0x40/0x90
[ 1246.800834][T24680]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1246.806930][T24680] RIP: 0033:0x7f8f2d59cdd9
[ 1246.811516][T24680] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1246.831793][T24680] RSP: 002b:00007f8f2e490028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1246.840442][T24680] RAX: ffffffffffffffda RBX: 00007f8f2d815fa0 RCX: 00007f8f2d59cdd9
[ 1246.848642][T24680] RDX: 0000000000200002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1246.856957][T24680] RBP: 00007f8f2e490090 R08: 0000000000000000 R09: 0000000000000000
[ 1246.865110][T24680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1246.873399][T24680] R13: 00007f8f2d816038 R14: 00007f8f2d815fa0 R15: 00007fffd8e46978
[ 1246.881658][T24680]  </TASK>
[ 1247.113761][T24692] netlink: 'syz.3.6200': attribute type 29 has an invalid length.
[ 1247.135204][T24689] netlink: 14556 bytes leftover after parsing attributes in process `syz.2.6197'.
[ 1247.146893][T24692] netlink: 'syz.3.6200': attribute type 29 has an invalid length.
[ 1247.178327][T24692] netlink: 'syz.3.6200': attribute type 29 has an invalid length.
[ 1247.200819][T24692] netlink: 'syz.3.6200': attribute type 29 has an invalid length.
[ 1247.220068][T24692] netlink: 'syz.3.6200': attribute type 29 has an invalid length.
[ 1248.412891][T24698] netlink: 16399 bytes leftover after parsing attributes in process `syz.1.6211'.
[ 1249.298152][T24700] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.6202'.
[ 1250.063968][T24718] FAULT_INJECTION: forcing a failure.
[ 1250.063968][T24718] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1250.108205][T24718] CPU: 0 PID: 24718 Comm: syz.3.6209 Not tainted syzkaller #0
[ 1250.116053][T24718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1250.126528][T24718] Call Trace:
[ 1250.130048][T24718]  <TASK>
[ 1250.133144][T24718]  dump_stack_lvl+0x18c/0x250
[ 1250.137937][T24718]  ? show_regs_print_info+0x20/0x20
[ 1250.143520][T24718]  ? load_image+0x420/0x420
[ 1250.148325][T24718]  ? __might_fault+0xaa/0x120
[ 1250.153360][T24718]  ? __lock_acquire+0x7d40/0x7d40
[ 1250.159148][T24718]  should_fail_ex+0x39d/0x4d0
[ 1250.164062][T24718]  _copy_from_iter+0x1d9/0x12e0
[ 1250.169454][T24718]  ? __virt_addr_valid+0x18c/0x540
[ 1250.174845][T24718]  ? __lock_acquire+0x7d40/0x7d40
[ 1250.180169][T24718]  ? copyout_mc+0x70/0x70
[ 1250.184877][T24718]  ? __virt_addr_valid+0x18c/0x540
[ 1250.190206][T24718]  ? __virt_addr_valid+0x18c/0x540
[ 1250.195763][T24718]  ? __virt_addr_valid+0x469/0x540
[ 1250.201039][T24718]  ? __check_object_size+0x506/0xa20
[ 1250.206555][T24718]  kernfs_fop_write_iter+0x1a4/0x520
[ 1250.211909][T24718]  vfs_write+0x46c/0x990
[ 1250.216390][T24718]  ? file_end_write+0x250/0x250
[ 1250.221384][T24718]  ? __fget_files+0x43d/0x4b0
[ 1250.226261][T24718]  ? __fdget_pos+0x2a3/0x330
[ 1250.230894][T24718]  ? ksys_write+0x75/0x260
[ 1250.235422][T24718]  ksys_write+0x150/0x260
[ 1250.239978][T24718]  ? __ia32_sys_read+0x90/0x90
[ 1250.244885][T24718]  ? lockdep_hardirqs_on+0x98/0x150
[ 1250.250227][T24718]  do_syscall_64+0x55/0xa0
[ 1250.254878][T24718]  ? clear_bhb_loop+0x40/0x90
[ 1250.259803][T24718]  ? clear_bhb_loop+0x40/0x90
[ 1250.264529][T24718]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1250.270460][T24718] RIP: 0033:0x7f8c8759cdd9
[ 1250.274917][T24718] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1250.295380][T24718] RSP: 002b:00007f8c884be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1250.304014][T24718] RAX: ffffffffffffffda RBX: 00007f8c87815fa0 RCX: 00007f8c8759cdd9
[ 1250.312115][T24718] RDX: 0000000000000012 RSI: 00002000000000c0 RDI: 0000000000000009
[ 1250.320364][T24718] RBP: 00007f8c884be090 R08: 0000000000000000 R09: 0000000000000000
[ 1250.328836][T24718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1250.336957][T24718] R13: 00007f8c87816038 R14: 00007f8c87815fa0 R15: 00007ffd307dab68
[ 1250.345121][T24718]  </TASK>
[ 1251.541378][T24736] FAULT_INJECTION: forcing a failure.
[ 1251.541378][T24736] name failslab, interval 1, probability 0, space 0, times 0
[ 1251.565229][T24736] CPU: 0 PID: 24736 Comm: syz.0.6216 Not tainted syzkaller #0
[ 1251.573004][T24736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1251.583996][T24736] Call Trace:
[ 1251.587518][T24736]  <TASK>
[ 1251.590949][T24736]  dump_stack_lvl+0x18c/0x250
[ 1251.595823][T24736]  ? show_regs_print_info+0x20/0x20
[ 1251.601459][T24736]  ? load_image+0x420/0x420
[ 1251.606156][T24736]  ? __might_sleep+0xe0/0xe0
[ 1251.610926][T24736]  ? __lock_acquire+0x7d40/0x7d40
[ 1251.616061][T24736]  should_fail_ex+0x39d/0x4d0
[ 1251.620836][T24736]  should_failslab+0x9/0x20
[ 1251.625497][T24736]  slab_pre_alloc_hook+0x59/0x310
[ 1251.630705][T24736]  ? __get_vm_area_node+0x125/0x370
[ 1251.636182][T24736]  __kmem_cache_alloc_node+0x53/0x250
[ 1251.641651][T24736]  ? __get_vm_area_node+0x125/0x370
[ 1251.647463][T24736]  kmalloc_node_trace+0x26/0xe0
[ 1251.652511][T24736]  __get_vm_area_node+0x125/0x370
[ 1251.657830][T24736]  __vmalloc_node_range+0x36e/0x1330
[ 1251.663196][T24736]  ? netlink_sendmsg+0x602/0xbf0
[ 1251.668394][T24736]  ? netlink_insert+0x109f/0x13a0
[ 1251.673747][T24736]  ? netlink_data_ready+0x10/0x10
[ 1251.679332][T24736]  ? free_vm_area+0x50/0x50
[ 1251.683955][T24736]  ? netlink_sendmsg+0x602/0xbf0
[ 1251.688970][T24736]  vmalloc+0x79/0x90
[ 1251.692937][T24736]  ? netlink_sendmsg+0x602/0xbf0
[ 1251.698125][T24736]  netlink_sendmsg+0x602/0xbf0
[ 1251.703148][T24736]  ? perf_trace_lock+0x304/0x3b0
[ 1251.708374][T24736]  ? netlink_getsockopt+0x590/0x590
[ 1251.713842][T24736]  ? aa_sock_msg_perm+0x94/0x150
[ 1251.718967][T24736]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1251.724506][T24736]  ? security_socket_sendmsg+0x80/0xa0
[ 1251.730272][T24736]  ? netlink_getsockopt+0x590/0x590
[ 1251.735838][T24736]  ____sys_sendmsg+0x5ba/0x960
[ 1251.740748][T24736]  ? __asan_memset+0x22/0x40
[ 1251.745422][T24736]  ? __sys_sendmsg_sock+0x30/0x30
[ 1251.750538][T24736]  ? __import_iovec+0x5f2/0x850
[ 1251.755587][T24736]  ? import_iovec+0x73/0xa0
[ 1251.760443][T24736]  ___sys_sendmsg+0x2a6/0x360
[ 1251.765213][T24736]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1251.770132][T24736]  ? trace_call_bpf+0xc3/0x6c0
[ 1251.775084][T24736]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1251.780111][T24736]  ? __x64_sys_sendmsg+0x80/0x80
[ 1251.785420][T24736]  ? lockdep_hardirqs_on+0x98/0x150
[ 1251.790892][T24736]  do_syscall_64+0x55/0xa0
[ 1251.795389][T24736]  ? clear_bhb_loop+0x40/0x90
[ 1251.800232][T24736]  ? clear_bhb_loop+0x40/0x90
[ 1251.805069][T24736]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1251.811388][T24736] RIP: 0033:0x7fbb47d9cdd9
[ 1251.816313][T24736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1251.836763][T24736] RSP: 002b:00007fbb48b8a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1251.845650][T24736] RAX: ffffffffffffffda RBX: 00007fbb48015fa0 RCX: 00007fbb47d9cdd9
[ 1251.853803][T24736] RDX: 0000000000000600 RSI: 0000200000000540 RDI: 0000000000000006
[ 1251.861930][T24736] RBP: 00007fbb48b8a090 R08: 0000000000000000 R09: 0000000000000000
[ 1251.870030][T24736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1251.878145][T24736] R13: 00007fbb48016038 R14: 00007fbb48015fa0 R15: 00007ffcd352dc18
[ 1251.886485][T24736]  </TASK>
[ 1251.926883][T24731] netlink: 'syz.3.6215': attribute type 2 has an invalid length.
[ 1251.939457][T24736] syz.0.6216: vmalloc error: size 60672, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1251.957522][T24731] netlink: 'syz.3.6215': attribute type 1 has an invalid length.
[ 1251.977509][T24731] netlink: 199820 bytes leftover after parsing attributes in process `syz.3.6215'.
[ 1252.019672][T24736] CPU: 1 PID: 24736 Comm: syz.0.6216 Not tainted syzkaller #0
[ 1252.027255][T24736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1252.037646][T24736] Call Trace:
[ 1252.041317][T24736]  <TASK>
[ 1252.044317][T24736]  dump_stack_lvl+0x18c/0x250
[ 1252.049277][T24736]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1252.055621][T24736]  ? show_regs_print_info+0x20/0x20
[ 1252.060894][T24736]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1252.068232][T24736]  ? dump_stack+0x9/0x20
[ 1252.072768][T24736]  warn_alloc+0x246/0x340
[ 1252.077531][T24736]  ? __kmem_cache_alloc_node+0x53/0x250
[ 1252.083626][T24736]  ? zone_watermark_ok_safe+0x230/0x230
[ 1252.089535][T24736]  ? rcu_is_watching+0x15/0xb0
[ 1252.094664][T24736]  ? __get_vm_area_node+0x356/0x370
[ 1252.100334][T24736]  __vmalloc_node_range+0x393/0x1330
[ 1252.105773][T24736]  ? netlink_insert+0x109f/0x13a0
[ 1252.111060][T24736]  ? netlink_data_ready+0x10/0x10
[ 1252.116261][T24736]  ? free_vm_area+0x50/0x50
[ 1252.121059][T24736]  ? netlink_sendmsg+0x602/0xbf0
[ 1252.126172][T24736]  vmalloc+0x79/0x90
[ 1252.130159][T24736]  ? netlink_sendmsg+0x602/0xbf0
[ 1252.135458][T24736]  netlink_sendmsg+0x602/0xbf0
[ 1252.140315][T24736]  ? perf_trace_lock+0x304/0x3b0
[ 1252.145683][T24736]  ? netlink_getsockopt+0x590/0x590
[ 1252.151423][T24736]  ? aa_sock_msg_perm+0x94/0x150
[ 1252.156534][T24736]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1252.162067][T24736]  ? security_socket_sendmsg+0x80/0xa0
[ 1252.167600][T24736]  ? netlink_getsockopt+0x590/0x590
[ 1252.172988][T24736]  ____sys_sendmsg+0x5ba/0x960
[ 1252.177862][T24736]  ? __asan_memset+0x22/0x40
[ 1252.182703][T24736]  ? __sys_sendmsg_sock+0x30/0x30
[ 1252.187969][T24736]  ? __import_iovec+0x5f2/0x850
[ 1252.193017][T24736]  ? import_iovec+0x73/0xa0
[ 1252.197704][T24736]  ___sys_sendmsg+0x2a6/0x360
[ 1252.202565][T24736]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1252.207578][T24736]  ? trace_call_bpf+0xc3/0x6c0
[ 1252.212958][T24736]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1252.218079][T24736]  ? __x64_sys_sendmsg+0x80/0x80
[ 1252.223158][T24736]  ? lockdep_hardirqs_on+0x98/0x150
[ 1252.228462][T24736]  do_syscall_64+0x55/0xa0
[ 1252.232954][T24736]  ? clear_bhb_loop+0x40/0x90
[ 1252.237842][T24736]  ? clear_bhb_loop+0x40/0x90
[ 1252.242603][T24736]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1252.248568][T24736] RIP: 0033:0x7fbb47d9cdd9
[ 1252.253069][T24736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1252.273235][T24736] RSP: 002b:00007fbb48b8a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1252.282202][T24736] RAX: ffffffffffffffda RBX: 00007fbb48015fa0 RCX: 00007fbb47d9cdd9
[ 1252.290443][T24736] RDX: 0000000000000600 RSI: 0000200000000540 RDI: 0000000000000006
[ 1252.299055][T24736] RBP: 00007fbb48b8a090 R08: 0000000000000000 R09: 0000000000000000
[ 1252.307284][T24736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1252.315100][T24743] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.6219'.
[ 1252.315467][T24736] R13: 00007fbb48016038 R14: 00007fbb48015fa0 R15: 00007ffcd352dc18
[ 1252.315548][T24736]  </TASK>
[ 1252.362415][T24736] Mem-Info:
[ 1252.365855][T24736] active_anon:5854 inactive_anon:0 isolated_anon:0
[ 1252.365855][T24736]  active_file:18582 inactive_file:40397 isolated_file:0
[ 1252.365855][T24736]  unevictable:768 dirty:443 writeback:0
[ 1252.365855][T24736]  slab_reclaimable:10700 slab_unreclaimable:96249
[ 1252.365855][T24736]  mapped:24987 shmem:1361 pagetables:543
[ 1252.365855][T24736]  sec_pagetables:0 bounce:0
[ 1252.365855][T24736]  kernel_misc_reclaimable:0
[ 1252.365855][T24736]  free:1342290 free_pcp:10836 free_cma:0
[ 1252.413497][T24736] Node 0 active_anon:23416kB inactive_anon:0kB active_file:74328kB inactive_file:161384kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99948kB dirty:1772kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10064kB pagetables:2172kB sec_pagetables:0kB all_unreclaimable? no
[ 1252.449453][T24736] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1252.483768][T24736] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1252.557436][T24736] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1252.563537][T24736] Node 0 DMA32 free:1460344kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:23304kB inactive_anon:0kB active_file:74328kB inactive_file:160564kB unevictable:1536kB writepending:1776kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:18312kB local_pcp:16916kB free_cma:0kB
[ 1252.659095][T24736] lowmem_reserve[]: 0 0 0 0 0
[ 1252.887580][T24736] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[ 1252.947488][T24736] lowmem_reserve[]: 0 0 0 0 0
[ 1252.955749][T24736] Node 1 Normal free:3892368kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21156kB local_pcp:11040kB free_cma:0kB
[ 1253.006972][T24736] lowmem_reserve[]: 0 0 0 0 0
[ 1253.056688][T24736] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1253.088164][T24736] Node 0 DMA32: 1748*4kB (UME) 2005*8kB (UME) 1242*16kB (UM) 838*32kB (UME) 391*64kB (UME) 785*128kB (UME) 239*256kB (UME) 69*512kB (UM) 19*1024kB (UM) 5*2048kB (UM) 278*4096kB (UM) = 1460120kB
[ 1253.125567][T24736] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1253.133252][T24746] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1253.138089][T24736] Node 1 Normal: 182*4kB (UM) 39*8kB (UME) 24*16kB (UME) 18*32kB (UME) 9*64kB (UE) 5*128kB (UME) 0*256kB 2*512kB (UM) 1*1024kB (E) 2*2048kB (UE) 948*4096kB (M) = 3892368kB
[ 1253.145863][T24746] IPv6: NLM_F_CREATE should be set when creating new route
[ 1253.177526][T24736] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1253.177556][T24736] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1253.177579][T24736] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1253.177599][T24736] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1253.177623][T24736] 60340 total pagecache pages
[ 1253.177635][T24736] 0 pages in swap cache
[ 1253.177647][T24736] Free swap  = 124996kB
[ 1253.177661][T24736] Total swap = 124996kB
[ 1253.177675][T24736] 2097051 pages RAM
[ 1253.177688][T24736] 0 pages HighMem/MovableOnly
[ 1253.177701][T24736] 416927 pages reserved
[ 1253.177713][T24736] 0 pages cma reserved
[ 1253.308379][T24746] IPv6: NLM_F_CREATE should be set when creating new route
[ 1253.317604][T24746] IPv6: NLM_F_CREATE should be set when creating new route
[ 1254.181554][T24758] netlink: 'syz.0.6224': attribute type 21 has an invalid length.
[ 1254.191306][T24758] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6224'.
[ 1254.261242][T24758] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6224'.
[ 1254.561675][ T6024] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1254.774093][T24772] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.6228'.
[ 1256.206257][T24789] FAULT_INJECTION: forcing a failure.
[ 1256.206257][T24789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1256.258775][T24789] CPU: 1 PID: 24789 Comm: syz.0.6235 Not tainted syzkaller #0
[ 1256.266723][T24789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1256.277457][T24789] Call Trace:
[ 1256.280901][T24789]  <TASK>
[ 1256.283998][T24789]  dump_stack_lvl+0x18c/0x250
[ 1256.288943][T24789]  ? show_regs_print_info+0x20/0x20
[ 1256.294497][T24789]  ? load_image+0x420/0x420
[ 1256.299368][T24789]  ? __might_fault+0xaa/0x120
[ 1256.304497][T24789]  ? __lock_acquire+0x7d40/0x7d40
[ 1256.309894][T24789]  should_fail_ex+0x39d/0x4d0
[ 1256.314785][T24789]  _copy_from_user+0x2f/0xe0
[ 1256.319834][T24789]  ___sys_sendmsg+0x1c7/0x360
[ 1256.324711][T24789]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1256.329809][T24789]  ? __lock_acquire+0x7d40/0x7d40
[ 1256.335394][T24789]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1256.340400][T24789]  ? __x64_sys_sendmsg+0x80/0x80
[ 1256.345461][T24789]  ? lockdep_hardirqs_on+0x98/0x150
[ 1256.350809][T24789]  do_syscall_64+0x55/0xa0
[ 1256.355738][T24789]  ? clear_bhb_loop+0x40/0x90
[ 1256.360564][T24789]  ? clear_bhb_loop+0x40/0x90
[ 1256.365309][T24789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1256.371502][T24789] RIP: 0033:0x7fbb47d9cdd9
[ 1256.376480][T24789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1256.396814][T24789] RSP: 002b:00007fbb48b8a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1256.405812][T24789] RAX: ffffffffffffffda RBX: 00007fbb48015fa0 RCX: 00007fbb47d9cdd9
[ 1256.413976][T24789] RDX: 0000000000000040 RSI: 0000200000000040 RDI: 0000000000000006
[ 1256.422097][T24789] RBP: 00007fbb48b8a090 R08: 0000000000000000 R09: 0000000000000000
[ 1256.430761][T24789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1256.439043][T24789] R13: 00007fbb48016038 R14: 00007fbb48015fa0 R15: 00007ffcd352dc18
[ 1256.447968][T24789]  </TASK>
[ 1256.783046][T24792] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1256.790942][T24792] IPv6: NLM_F_CREATE should be set when creating new route
[ 1256.798775][T24792] IPv6: NLM_F_CREATE should be set when creating new route
[ 1256.806637][T24792] IPv6: NLM_F_CREATE should be set when creating new route
[ 1257.676113][T24803] netlink: 'syz.2.6239': attribute type 2 has an invalid length.
[ 1257.696009][T24803] netlink: 'syz.2.6239': attribute type 8 has an invalid length.
[ 1257.726856][T24803] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6239'.
[ 1257.794746][T24805] netlink: 65047 bytes leftover after parsing attributes in process `syz.0.6240'.
[ 1257.808508][T24803] netlink: 'syz.2.6239': attribute type 10 has an invalid length.
[ 1260.122240][T24829] netlink: 65047 bytes leftover after parsing attributes in process `syz.1.6250'.
[ 1260.186692][T24823] netlink: 'syz.2.6247': attribute type 2 has an invalid length.
[ 1260.198346][T24823] netlink: 'syz.2.6247': attribute type 1 has an invalid length.
[ 1260.210673][T24823] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.6247'.
[ 1260.380280][T24833] netlink: 'syz.0.6251': attribute type 2 has an invalid length.
[ 1260.407508][T24833] netlink: 'syz.0.6251': attribute type 8 has an invalid length.
[ 1260.424313][T24833] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6251'.
[ 1260.457938][T24838] netlink: 'syz.0.6251': attribute type 10 has an invalid length.
[ 1260.614469][    C0] 
[ 1260.614479][    C0] ================================
[ 1260.614485][    C0] WARNING: inconsistent lock state
[ 1260.614489][    C0] syzkaller #0 Not tainted
[ 1260.614500][    C0] --------------------------------
[ 1260.614505][    C0] inconsistent {INITIAL USE} -> {IN-NMI} usage.
[ 1260.614512][    C0] syz.1.6253/24841 [HC1[1]:SC0[0]:HE0:SE1] takes:
[ 1260.614531][    C0] ffff888049bcd8f8 (&htab->lockdep_key){....}-{2:2}, at: htab_lock_bucket+0x17d/0x300
[ 1260.614578][    C0] {INITIAL USE} state was registered at:
[ 1260.614584][    C0]   lock_acquire+0x19e/0x420
[ 1260.614604][    C0]   _raw_spin_lock+0x2e/0x40
[ 1260.614621][    C0]   htab_lock_bucket+0x17d/0x300
[ 1260.614636][    C0]   htab_map_delete_elem+0x1a4/0x650
[ 1260.614650][    C0]   bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[ 1260.614668][    C0]   bpf_overflow_handler+0x1fc/0x510
[ 1260.614688][    C0]   __perf_event_overflow+0x447/0x630
[ 1260.614709][    C0]   perf_swevent_overflow+0x268/0x340
[ 1260.614730][    C0]   perf_swevent_event+0x45c/0x570
[ 1260.614747][    C0]   perf_bp_event+0x319/0x430
[ 1260.614764][    C0]   hw_breakpoint_exceptions_notify+0x23e/0x670
[ 1260.614783][    C0]   notifier_call_chain+0x197/0x380
[ 1260.614801][    C0]   atomic_notifier_call_chain+0xda/0x180
[ 1260.614818][    C0]   notify_die+0x145/0x1a0
[ 1260.614836][    C0]   notify_debug+0x2e/0x50
[ 1260.614848][    C0]   noist_exc_debug+0x77/0x120
[ 1260.614864][    C0]   asm_exc_debug+0x33/0x40
[ 1260.614882][    C0] irq event stamp: 1216
[ 1260.614888][    C0] hardirqs last  enabled at (1215): [<ffffffff8a864985>] exc_debug+0xf5/0x140
[ 1260.614910][    C0] hardirqs last disabled at (1216): [<ffffffff8a864903>] exc_debug+0x73/0x140
[ 1260.614928][    C0] softirqs last  enabled at (740): [<ffffffff81527243>] __irq_exit_rcu+0xd3/0x190
[ 1260.614948][    C0] softirqs last disabled at (713): [<ffffffff81527243>] __irq_exit_rcu+0xd3/0x190
[ 1260.614968][    C0] 
[ 1260.614968][    C0] other info that might help us debug this:
[ 1260.614974][    C0]  Possible unsafe locking scenario:
[ 1260.614974][    C0] 
[ 1260.614979][    C0]        CPU0
[ 1260.614983][    C0]        ----
[ 1260.614986][    C0]   lock(&htab->lockdep_key);
[ 1260.614997][    C0]   <Interrupt>
[ 1260.615001][    C0]     lock(&htab->lockdep_key);
[ 1260.615011][    C0] 
[ 1260.615011][    C0]  *** DEADLOCK ***
[ 1260.615011][    C0] 
[ 1260.615014][    C0] no locks held by syz.1.6253/24841.
[ 1260.615022][    C0] 
[ 1260.615022][    C0] stack backtrace:
[ 1260.615028][    C0] CPU: 0 PID: 24841 Comm: syz.1.6253 Not tainted syzkaller #0
[ 1260.615044][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1260.615055][    C0] Call Trace:
[ 1260.615062][    C0]  <#DB>
[ 1260.615070][    C0]  dump_stack_lvl+0x18c/0x250
[ 1260.615103][    C0]  ? show_regs_print_info+0x20/0x20
[ 1260.615139][    C0]  ? print_usage_bug+0x475/0x690
[ 1260.615160][    C0]  ? verify_lock_unused+0x18/0x140
[ 1260.615187][    C0]  lock_acquire+0x2c2/0x420
[ 1260.615211][    C0]  ? htab_lock_bucket+0x17d/0x300
[ 1260.615231][    C0]  ? read_lock_is_recursive+0x20/0x20
[ 1260.615259][    C0]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[ 1260.615286][    C0]  ? perf_trace_lock+0x304/0x3b0
[ 1260.615310][    C0]  _raw_spin_lock+0x2e/0x40
[ 1260.615329][    C0]  ? htab_lock_bucket+0x17d/0x300
[ 1260.615348][    C0]  htab_lock_bucket+0x17d/0x300
[ 1260.615373][    C0]  ? htab_lru_map_delete_node+0x760/0x760
[ 1260.615392][    C0]  ? look_up_lock_class+0x75/0x140
[ 1260.615417][    C0]  ? verify_lock_unused+0x18/0x140
[ 1260.615441][    C0]  ? jhash+0x2e8/0x740
[ 1260.615464][    C0]  htab_map_delete_elem+0x1a4/0x650
[ 1260.615493][    C0]  ? htab_map_update_elem+0x1040/0x1040
[ 1260.615513][    C0]  ? perf_callchain+0x220/0x220
[ 1260.615543][    C0]  bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[ 1260.615566][    C0]  bpf_overflow_handler+0x1fc/0x510
[ 1260.615597][    C0]  ? bpf_overflow_handler+0xde/0x510
[ 1260.615622][    C0]  ? tp_perf_event_destroy+0x20/0x20
[ 1260.615657][    C0]  ? __perf_event_account_interrupt+0x187/0x280
[ 1260.615682][    C0]  __perf_event_overflow+0x447/0x630
[ 1260.615714][    C0]  perf_swevent_overflow+0x268/0x340
[ 1260.615742][    C0]  ? perf_event_switch_output+0x790/0x790
[ 1260.615768][    C0]  ? __lock_acquire+0x7d40/0x7d40
[ 1260.615824][    C0]  perf_swevent_event+0x45c/0x570
[ 1260.615850][    C0]  ? perf_tp_event+0x1520/0x1520
[ 1260.615869][    C0]  ? trace_call_bpf+0x5e9/0x6c0
[ 1260.615894][    C0]  ? trace_call_bpf+0xc3/0x6c0
[ 1260.615935][    C0]  perf_bp_event+0x319/0x430
[ 1260.615964][    C0]  ? perf_event_free_bpf_prog+0x120/0x120
[ 1260.615985][    C0]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[ 1260.616047][    C0]  ? lock_acquire+0x2c2/0x420
[ 1260.616078][    C0]  hw_breakpoint_exceptions_notify+0x23e/0x670
[ 1260.616108][    C0]  notifier_call_chain+0x197/0x380
[ 1260.616135][    C0]  ? atomic_notifier_call_chain+0x26/0x180
[ 1260.616160][    C0]  atomic_notifier_call_chain+0xda/0x180
[ 1260.616184][    C0]  notify_die+0x145/0x1a0
[ 1260.616209][    C0]  ? srcu_init_notifier_head+0x90/0x90
[ 1260.616252][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1260.616280][    C0]  notify_debug+0x2e/0x50
[ 1260.616298][    C0]  exc_debug+0xde/0x140
[ 1260.616322][    C0]  asm_exc_debug+0x1e/0x40
[ 1260.616341][    C0] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1260.616361][    C0] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[ 1260.616377][    C0] RSP: 0018:ffffc9000e63fd50 EFLAGS: 00050206
[ 1260.616393][    C0] RAX: ffffffff842a2a01 RBX: 0000000000000090 RCX: 000000000000008c
[ 1260.616406][    C0] RDX: 0000000000000001 RSI: 0000200000000304 RDI: ffffc9000e63fdc4
[ 1260.616419][    C0] RBP: ffffc9000e63fee8 R08: ffffc9000e63fe4f R09: 1ffff92001cc7fc9
[ 1260.616432][    C0] R10: dffffc0000000000 R11: fffff52001cc7fca R12: 0000200000000390
[ 1260.616445][    C0] R13: 0000000000000090 R14: ffffc9000e63fdc0 R15: 0000200000000300
[ 1260.616469][    C0]  ? _copy_from_user+0x11/0xe0
[ 1260.616502][    C0]  </#DB>
[ 1260.616508][    C0]  <TASK>
[ 1260.616513][    C0]  _copy_from_user+0x8b/0xe0
[ 1260.616538][    C0]  __sys_bpf+0x23e/0x890
[ 1260.616563][    C0]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1260.616606][    C0]  ? lock_chain_count+0x20/0x20
[ 1260.616640][    C0]  __x64_sys_bpf+0x7c/0x90
[ 1260.616660][    C0]  do_syscall_64+0x55/0xa0
[ 1260.616676][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1260.616696][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1260.616720][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1260.616741][    C0] RIP: 0033:0x7f8f2d59cdd9
[ 1260.616756][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1260.616770][    C0] RSP: 002b:00007f8f2e490028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1260.616787][    C0] RAX: ffffffffffffffda RBX: 00007f8f2d815fa0 RCX: 00007f8f2d59cdd9
[ 1260.616800][    C0] RDX: 0000000000000094 RSI: 0000200000000300 RDI: 0000000000000005
[ 1260.616812][    C0] RBP: 00007f8f2d632d69 R08: 0000000000000000 R09: 0000000000000000
[ 1260.616824][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1260.616834][    C0] R13: 00007f8f2d816038 R14: 00007f8f2d815fa0 R15: 00007fffd8e46978
[ 1260.616869][    C0]  </TASK>
[ 1261.378531][T24841] netlink: 209592 bytes leftover after parsing attributes in process `syz.1.6253'.
[ 1261.453731][T24841] netlink: 'syz.1.6253': attribute type 3 has an invalid length.
[ 1261.507809][T24841] netlink: 13435 bytes leftover after parsing attributes in process `syz.1.6253'.
[ 1261.544063][T24844] netlink: 14 bytes leftover after parsing attributes in process `syz.1.6253'.