last executing test programs:

25.142032614s ago: executing program 3 (id=2502):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x9}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
close(r1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x98, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x402, 0x3, 0x0, 0x0, 0x400, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x1}, 0x80000, 0xca, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0xe, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000010000000004ea2e100e16c0000", @ANYRES32=0x1, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="010000000500"/28], 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x80, 0x2, 0x0, 0x3, 0xfd, 0x0, 0x5, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8, 0x10, 0x0, 0x6}, 0xffffffffffffffff, 0x0, r2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x9, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x0, 0x6, 0xa, 0x0, 0xfe00, 0x41}, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x9, 0x3, 0xc4f, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000100), 0x6c7, r6}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=""/211, &(0x7f0000000180), &(0x7f0000000440), 0x3, r6}, 0x38)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x27, 0x8, 0x0, &(0x7f0000000180)="0005000000000001", 0x0, 0x405, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xa, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x6, 0x5e}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.current\x00', 0x26e1, 0x0)
close(r7)
r8 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000004c0)={&(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x4, 0x3, 0x3, 0x0, {0xa, 0x4e23, 0x9, @loopback, 0x97}}}, 0x80, 0x0}, 0x2000f765)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000940)=@bpf_lsm={0x1d, 0x11, &(0x7f00000006c0)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x26}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}], &(0x7f0000000400)='GPL\x00', 0x6, 0x8f, &(0x7f0000000880)=""/143, 0x40f00, 0x14, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0xb, 0xfff, 0x8}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f00000005c0)=[{0x2, 0x1, 0x4, 0x3}, {0x3, 0x3, 0xf, 0xb}, {0x5, 0x2, 0x9, 0x7}], 0x10, 0x7}, 0x94)
recvmsg$unix(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x1c0)
write$cgroup_subtree(r9, &(0x7f0000000180)=ANY=[@ANYRES8=r1, @ANYBLOB], 0x9a)

24.728781968s ago: executing program 3 (id=2503):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000100)="5c00000014006b", 0x7}, {&(0x7f00000017c0)="00000000ffffffff1f01a0c9a1171aa56a7f9138a6c073e99f8f2ffed6bd642c1238663e9e5189a46cb56c776afa8ec3d4d4d9c0648fc18bad3a6b5656235d60cb5af5c5a69e10ed9fd4ea", 0x4b}, {&(0x7f0000001840)="9a9245a259250adbc6e2", 0xa}], 0x3, 0x0, 0x0, 0x1f00c00e}, 0x0)

24.554050358s ago: executing program 3 (id=2504):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x6, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b904021d080201000000040000a1180002f00000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x20000000)

23.433855113s ago: executing program 3 (id=2506):
r0 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, @perf_config_ext={0x4}, 0x0, 0x2, 0x0, 0x0, 0x2, 0x1000000}, 0xffffffffffffffff, 0x0, r0, 0x0)

23.275873803s ago: executing program 3 (id=2508):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x9}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
close(r1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x98, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x402, 0x3, 0x0, 0x0, 0x400, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x1}, 0x80000, 0xca, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0xe, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000010000000004ea2e100e16c0000", @ANYRES32=0x1, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="010000000500"/28], 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x80, 0x2, 0x0, 0x3, 0xfd, 0x0, 0x5, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8, 0x10, 0x0, 0x6}, 0xffffffffffffffff, 0x0, r2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x9, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x0, 0x6, 0xa, 0x0, 0xfe00, 0x41}, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x9, 0x3, 0xc4f, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000100), 0x6c7, r6}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=""/211, &(0x7f0000000180), &(0x7f0000000440), 0x3, r6}, 0x38)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x27, 0x8, 0x0, &(0x7f0000000180)="0005000000000001", 0x0, 0x405, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xa, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x6, 0x5e}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.current\x00', 0x26e1, 0x0)
close(r7)
r8 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000004c0)={&(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x4, 0x3, 0x3, 0x0, {0xa, 0x4e23, 0x9, @loopback, 0x97}}}, 0x80, 0x0}, 0x2000f765)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000940)=@bpf_lsm={0x1d, 0x11, &(0x7f00000006c0)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x26}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}], &(0x7f0000000400)='GPL\x00', 0x6, 0x8f, &(0x7f0000000880)=""/143, 0x40f00, 0x14, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0xb, 0xfff, 0x8}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f00000005c0)=[{0x2, 0x1, 0x4, 0x3}, {0x3, 0x3, 0xf, 0xb}, {0x5, 0x2, 0x9, 0x7}], 0x10, 0x7}, 0x94)
recvmsg$unix(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0}, 0x1c0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYRES8=r1, @ANYBLOB], 0x9a)

22.863070537s ago: executing program 3 (id=2511):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000100)="5c00000014006b", 0x7}, {&(0x7f00000017c0)="00000000ffffffff1f01a0c9a1171aa56a7f9138a6c073e99f8f2ffed6bd642c1238663e9e5189a46cb56c776afa8ec3d4d4d9c0648fc18bad3a6b5656235d60cb5af5c5a69e10ed9fd4ea", 0x4b}, {&(0x7f0000001840)="9a9245a259250adbc6e2", 0xa}], 0x3, 0x0, 0x0, 0x1f00c00e}, 0x0)

19.162778512s ago: executing program 1 (id=2533):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x49, &(0x7f0000000000)=r0, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x21, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000780)='ns/pid_for_children\x00')
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000029c0)}, 0x851)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x3, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7f, 0x4, @perf_config_ext={0x0, 0x5ba}, 0x0, 0xe1a, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0xb, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/30], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x200000000000003, 0x106)
r4 = socket$kcm(0x2, 0x922000000001, 0x106)
recvmsg$kcm(r4, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x2100)
socket$kcm(0x2, 0x200000000000001, 0x106)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)}, 0x20)
perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x2, 0x2, 0x6, 0xff, 0x0, 0xffc, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={0x0}, 0xc0, 0x7, 0xd6d4, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x3}, 0x0, 0x3, r2, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf09"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a907"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))

19.061916718s ago: executing program 2 (id=2535):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000050800000000000082000000180100", @ANYRES32, @ANYBLOB="0000000000000000b7080000048000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

18.963302804s ago: executing program 2 (id=2536):
socket$kcm(0x2, 0x3, 0x2)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x43}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xe5, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x68000000}, 0x48)

18.788233724s ago: executing program 1 (id=2538):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff23, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r2, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0x0, @dev, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0fff001004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x4)
socket$kcm(0x25, 0x1, 0x0)

18.69423661s ago: executing program 2 (id=2539):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40a08, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0xc}, 0x8c01, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x40, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffff}, [@tail_call, @ringbuf_query, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xffffffffffffffff}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x4}, @ringbuf_query, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}}, @generic={0xfe, 0x6, 0x9, 0x3, 0x4e}, @alu={0x3, 0x0, 0x2, 0x0, 0xb, 0xffffffffffffffc4, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @tail_call, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x12280, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfeff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000500)={<r2=>0xffffffffffffffff})
recvmsg(r2, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000180)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x9, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x12, &(0x7f0000000300)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000380), 0x0, 0x0, 0xc2, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000640), 0x4)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, r1, 0x6, '\x00', r4, r5, 0x4, 0x0, 0x4}, 0x50)
r6 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0x14, &(0x7f0000000000), 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808b80200000000000000334d83239d1d2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cefd07e002cab5ebfcaad34732181feb215139f15eadddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a580900000000000000b4f22cdf550ef091a78098534f0d973058594119d06d5ea9a8d085734000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca39059787790017b0689a1f3db9c24db65c1e00015c1d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86e0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8e34fc7eac9e8af3904ea0f3698cd9492794b82649b50d726bff873339c4cad4ead1348474250eda2c8067ab730c1d85969b95a2a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c02000000000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860a44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cddcb24ebb6eddb9e87c9ece87a42c0000abdf0100000001000000aea1b6eca5a883702b0bf3aeebb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3e0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5bf55b98d926d3c27e7945b2999600000000f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac23c3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa17bc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984aea1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a57094616020f72f1c55ee3d325c7496a7c2f10cfea516ae436751227378f00ca0f1f6c1dcf879700dd90b96a330f92bff736c83ca53e7f02b734d1a9292896f5d7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cdeac995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb7961c07b47521973cf0bb6f5530f6216b447b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d413e7b2a9e2f87f7b44949fe14c00000000000047030c09f62d444b4981db81799776eeb444000000009705fa8b56779bc876ad4f8d8c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dee145ff221159aed2768edc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982e3ddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bf4d30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c208f4032e93408000000000000e96db049b92fc32ee34fe7a3419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab84213bf50000000000000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba375dfa55a49b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be573f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bc850f8035040ad9e562be58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc0555d4bfcfd057980136d6e9000003b24fa300ef90bfe4ad364256937796f941c2faad94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808f109b5e36fc7fdd41def361427b6b9c118e5c9a0a1d5ca24886e33a7f81b2188ec75a5fc9302e3695bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124ba263e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3010975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df74d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf3010100007e206a758a3f02816b4e097cfa3d46e45e7949c5b10691d49b9693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000000000000000019a4e9a9c2cbc906f97fd6eb71b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea12023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6088630d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac6398c1b28bdd33b69b4b86d7c5f30cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a9f9355aea34fe55fd0d3011cb83ac03268dc66dd108a4e9944241e1d4ba69212ee0e7526e72c19346d08d3c3c82cb987f1bd2fd9ce2c88082ea23abbf23c6bd43fc9f9f8ea7656e25d3d73cd056b1f782de1fe349fc33546558366ed99940c0fda039272d277a3576d4e0469779d711e10b6bf040f7274fd9577c1c33326d2e60ee611ae226ef00e2944fb727832dc8dad36a6072aacfc4bcefb808ab7b3b95e0f60616320b2a9e1f8fac812daac9983639b35184803b7d192ce1f226e97fa23c37ff95d067a54a8b412644cad9ecc251fbe418a81aaf00cc8d15758ff0eb885a40630396ba76b8fadc09e62ef70c8a0121e7e8322cb8bc0f50ad33a17143a29c14eca0e214d1257e4dd1b6244e31b888d8f3fa03208d3e9a4826a98f31995509015ebdc89f2f3106e54d5898d3758b9bfc9e4924e9cedf7f8fd584e7185703cc5f23741ffb480b5a87cd7efcceb409d354bdab211ebd50affffffff000000003a59a0f952153c2efd10e72ec9ee5fa2a00f9637851ddb81d059f9a363c4ada68dd25f19ee9e4841ac047c1b35ad6f9d54cf4939ce78a55a04e655d7746a3989c6f33b02f8497aacb6bfca7456111900000000000000000048d35af24acb66fdd4d1fb150138f0ee6abfc7049c94346868ed76d3a5df7335184386a5c532d425f1a098ff93efd05e5dd8b765121fbdfe5ef44f6472b939c31883f45889142e82086c2448da60d7a40774d71c2da2e7f6d4fe5d36923213cc7b7d71a1c90006e8f8d84953f284b0eb4366beff5df5595827dcd736e8cfab28cfa416e83c06213ca7fd21af56e3de1d80e77060447e20a8b317a4c06e24e99239824d08abf670a685bc46c8168bee4cfc30cc6d0dc030a592925bad3e0f805f0d4b2b600dc3f0c4c6f75bb4e49982f4198ac90ab77c5572c956d415858bad5ee117b3e5f1507bbd0d7a30388865deb11106a932"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={r7, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f008004de7f9c764360000000200", 0x0, 0xe00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000002000000000000001f0000006ba204000000000095"], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xe, 0x4, &(0x7f00000003c0)=ANY=[], &(0x7f0000002080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10, 0x0, 0x0, 0x2}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x4e}, 0x28)
r8 = socket$kcm(0x23, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000140)={&(0x7f0000000000)=@phonet, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)="b8", 0x1ff48}], 0x1, 0x0, 0x0, 0xeaff}, 0x0)

17.358973518s ago: executing program 1 (id=2540):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x513, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x202, 0x0, 0xffffffff, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@in6={0xa, 0x2, 0x11, @loopback={0xfec0ffff00000000}, 0x20}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000000)="99", 0x1}], 0x1}, 0x40844) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a4f1ff0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffff20}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
close(r1)
r2 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r2, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, 0x0, 0x0, 0x0, 0x6b}, 0x0) (async)
close(r1) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000140)={'veth0_macvtap\x00', 0x200}) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{}], 0x1}, 0x0) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000500)=""/184}, 0x20) (async)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x3d) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xfffffd26)
bpf$ITER_CREATE(0x21, &(0x7f0000000300)={r4}, 0x8)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_to_bond\x00'}) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x4d, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x11}}, 0x0}, 0x94) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x14, 0x2}, 0x50) (async)
socket$kcm(0x10, 0x2, 0x0) (async)
socket$kcm(0x15, 0x5, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x4) (async)
sendmsg$kcm(r4, &(0x7f0000000980)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)="087662e3159f73db42e861e2436516266ec041064fcd74c70925dd593093943e08707438bac9ad96f013bc13405db1e4c62a2799bed51b22abf1544c7c29746dea53241fd1965178e07fbd946b3ecc1634eac82f820fe8fa58b6008fef5db01003999d140f720578ef0228ca68321b21e34794ee92540fa08de969a8387cf1b61fae9b5922a1e4b363df3a87e25efd1ab6e847550964bd869a8b0fc354f559e7a4718d87a35291d3846f32ac84463bf84987ef601c4b549ff78b6c8d492abce88766c6ec57c27759f8560488432195e27815827d", 0xd4}, {&(0x7f0000000440)="ba01cd6e9b7551b1bd5dd26c534b46b7b6ca817e4a6510096748aa85332cbe00ed887ef6c6a0a90376e04b", 0x2b}, {&(0x7f00000006c0)="18770a61524f00b26ada3ff6c4942bfc4cc11387cbe22bb8fae2af78d06403f0555e9f2406511d75bde0497aec64348fe423d45a528a491a772dd5bf50963a2a29b112cb84aab43fb76aa8fe614f791835b371272e94ed0be42657d99c4c0e2017ba1269f5f0b9d7efd81e6b14b285e0cb4ed0e69b45e8ea40be355ec04105d2cd6712f85158c6a948a4c85a38ec0f0bb2556fee4b38b483827ffe87bffe3c4c13a150603ce1204e8af51d24c1009c2ef6cc95012372e8550f1b81eb6471cc5a7c65d2a8ba99405ed24c9b00bb2f906a96e8f0a145590e809703be84bece86568ca533459a9a625228d3", 0xea}, {&(0x7f00000005c0)="5a4915901122ff870ddc0bb00b2322cc", 0x10}, {&(0x7f00000007c0)="3baf6f492ac0e8eec4926c00db86f430abded6e8bd436b59b0762a3a01d6eb882db60babba269ecd543db5a887f544c6f1660b03095e51f8fe5e00a96133fa35f581d0a3be57daa917c1ecd8bd450e161ab2c70c35ddff9da18b731f614465198b10f5598911d852210b94171ba39cdb95dec437464e204d6c2de08fe04c6c4e8e623ee4a2af85459c25845f855a00daedef13044d9dd5f01db58f1c7e57bda55d2b35efacdfa4f35099b4e850ef804b340ef90760ccd07eff9af9b6c2d50f0f336fbc9729edda1a7031fec880530321691df3bc1262d1bc50896c4a9b1451314f494bcfdbcc3b6d", 0xe8}], 0x5}, 0x44)

17.280675973s ago: executing program 0 (id=2541):
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x60}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa067707"], 0xfdef)
perf_event_open(&(0x7f0000000040)={0x9, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff8d}, 0x48)

17.218020796s ago: executing program 2 (id=2542):
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x208, 0x8, 0x0, 0x5, 0x0, 0x7, 0x0, 0x0, 0xd4000000, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x4}, 0xc00, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
socketpair$unix(0x1, 0x2, 0x406, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x0, {0xa, 0x4e23, 0x996, @remote, 0x8}}, 0x80, 0x0, 0x3f, 0x0, 0x0, 0x68000000}, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x1f, &(0x7f0000000100), 0x120)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'sit0\x00', @local})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'sit0\x00', @random="4f33e363a4b1"})
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x300d, 0x2}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0, 0x1, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000900000000000000000000030000000001000000020000000303000007faffffff00001202000000002e00005f00005f00"], 0x0, 0x45, 0x0, 0x1}, 0x28)
write$cgroup_subtree(r5, &(0x7f0000000a40)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e48863"], 0xfdef)

16.313435939s ago: executing program 0 (id=2543):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000050800000000000082000000180100", @ANYRES32, @ANYBLOB="0000000000000000b7080000048000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

16.223816704s ago: executing program 0 (id=2544):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x8, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff274, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000002000000000000000100000085000000cc00000085000000a000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r2 = perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r5 = socket$kcm(0x1e, 0x4, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f00000000c0)=0x5) (async)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43) (async)
r6 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r6, &(0x7f0000000040)=ANY=[], 0xfdef) (async)
recvmsg(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000002a80)=""/4096, 0xfdef}], 0x1, 0x0, 0x0, 0x18}, 0x10021) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r7)
r8 = socket$kcm(0x10, 0x400000002, 0x0) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000100000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000380)='syzkaller\x00', 0x6, 0x1006, &(0x7f0000002080)=""/4102, 0x41000}, 0x94)
sendmsg$inet(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="110000001e007f109e03e601d8878d53d3", 0x11}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x1, 0x4}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x10006}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0) (async)
r10 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c8c6f94f90424fc60100005000a000200053582c137153e37000c0680050002000300", 0x33fe0}], 0x1}, 0x0)

16.061957094s ago: executing program 2 (id=2545):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x2}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x8, 0x8, 0x1, 0x0, r0, 0x3}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x4, 0x8, 0x43, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x2e, &(0x7f0000002080)=""/4102}, 0x94)
r3 = socket$kcm(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000001800"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x8, &(0x7f00000000c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffbffffb, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r5, 0x0, 0xe, 0x0, &(0x7f0000000200)="6f11babf530000000000001e80f3", 0x0, 0x3008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
setsockopt$sock_attach_bpf(r3, 0x29, 0x6, &(0x7f0000000040), 0x4)
r6 = socket$kcm(0xa, 0x2, 0x0)
close(r6)
r7 = perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0xff, 0xfa, 0x7, 0x1, 0x0, 0xfffffffffffffffe, 0x100018, 0xd, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_config_ext={0xfffffffffffffff7, 0xffff}, 0x2000, 0xffffffff8f96e812, 0x400, 0x5, 0x7, 0x9, 0x3, 0x0, 0x3ff, 0x0, 0xffffffffffbffff8}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_DISABLE(r7, 0x2401, 0xff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000023c0)={r2, 0xe0, &(0x7f00000022c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], <r8=>0x0, 0x28, &(0x7f00000021c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000002200), &(0x7f0000002240), 0x8, 0x2d, 0x8, 0x8, &(0x7f0000002280)}}, 0x10)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000031c0)={&(0x7f00000030c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0xc, [@type_tag={0x7, 0x0, 0x0, 0x12, 0x1}, @float={0xe, 0x0, 0x0, 0x10, 0x16}, @int={0x9, 0x0, 0x0, 0x1, 0x0, 0x10, 0x0, 0x48, 0x2}, @volatile]}, {0x0, [0x5f, 0x5f, 0x2e, 0x5f, 0x61, 0x2e, 0x0, 0x0, 0x2e, 0x30]}}, &(0x7f0000003140)=""/104, 0x58, 0x68, 0x1, 0x864c, 0x10000}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x6, 0x4, &(0x7f0000003200)=ANY=[@ANYRESHEX=r2], &(0x7f0000000040)='GPL\x00', 0x4, 0xfe9, &(0x7f0000000300)=""/4073, 0x0, 0x0, '\x00', 0x0, @xdp, r9, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r8}, 0x94)
setsockopt$sock_attach_bpf(r6, 0x29, 0x39, 0x0, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x3, @remote, 0x5, 0x3}, 0x80, 0x0}, 0x2600c055)

16.058992394s ago: executing program 1 (id=2546):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00 \x00A\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

16.007795277s ago: executing program 0 (id=2547):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x49, &(0x7f0000000000)=r0, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x21, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000780)='ns/pid_for_children\x00')
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000029c0)}, 0x851)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x3, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7f, 0x4, @perf_config_ext={0x0, 0x5ba}, 0x0, 0xe1a, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0xb, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/30], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x200000000000003, 0x106)
r4 = socket$kcm(0x2, 0x922000000001, 0x106)
recvmsg$kcm(r4, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x2100)
socket$kcm(0x2, 0x200000000000001, 0x106)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)}, 0x20)
perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x2, 0x2, 0x6, 0xff, 0x0, 0xffc, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={0x0}, 0xc0, 0x7, 0xd6d4, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x3}, 0x0, 0x3, r2, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf09"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a907"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))

15.928414672s ago: executing program 1 (id=2548):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x1f00)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfd, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440009000e000a0010002000ba8000001201", 0x2e}], 0x1}, 0x0)

15.842018076s ago: executing program 2 (id=2549):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89a2, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
r2 = socket$kcm(0x10, 0x7, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb9040a1d080006007c095dd208", 0x1b}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030036000b05d25a806c8c6f94f90224fc60100005000a", 0x19}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="97d9deabea352018000000000000006761110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="3504000040000511d25a35400c0002000200002037153e370c040180060410", 0x1f}], 0x1}, 0x10049014)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b05d25a806f8c6394f91a24fc600702", 0x16}], 0x1, 0x0, 0x0, 0x400300}, 0x20044050)
r3 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10)
write$cgroup_subtree(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x3, 0x14, &(0x7f0000000a80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af81801000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095000000000000004faaf4057c2fe7cb3b362fb1c507a177d503574b1264f7bd93a4"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x0, 0xe, 0x39, &(0x7f00000003c0)="928e04b416cac951c35f7f4586e6", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = socket$kcm(0xa, 0x1, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xb, 0x5, 0x10001, 0xa, 0x1, 0xffffffffffffffff, 0x3}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r9, &(0x7f0000000080), &(0x7f00000001c0)=""/155}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r9}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r8}, &(0x7f0000000040), &(0x7f0000000140)=r7}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r8, &(0x7f0000000500), 0x0}, 0x20)
setsockopt$sock_attach_bpf(r6, 0x0, 0x41, 0x0, 0x90)
syz_clone(0x41909000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1400000037000b63717a3c4a01d8b45b0808aa78", 0x14}], 0x1}, 0x1)
mkdir(&(0x7f0000000140)='./file0\x00', 0x20)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000800))
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x24000000)

15.699523245s ago: executing program 1 (id=2550):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb0100180000000000000014000000140000000500000002000000010000060400000003000008ffff168cffd0ffff00"], &(0x7f0000000480)=""/2, 0x31, 0x2, 0x1, 0x4}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000003f01f00660000007f00000001000000", @ANYRES32, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r0) (async)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})
close(0xffffffffffffffff) (async)
close(0xffffffffffffffff)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="1400000035000b63d25a80648c2594f90624fc60", 0x14}], 0x1}, 0x0) (async)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="1400000035000b63d25a80648c2594f90624fc60", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
recvmsg(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, 0x0}, 0x102)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x4, 0x0) (async)
socket$kcm(0x29, 0x4, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'batadv_slave_0\x00', 0x1})
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x1, 0x3}, 0x2019, 0x0, 0x0, 0x9, 0xffb, 0x3, 0x7, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x3, 0xffffffffffffffff, 0x3) (async)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x1, 0x3}, 0x2019, 0x0, 0x0, 0x9, 0xffb, 0x3, 0x7, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x3, 0xffffffffffffffff, 0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x0) (async)
r3 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000011008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0xe, 0xf2, 0x0, 0x8000ef, 0x1af1ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x197}, 0x0, 0x1, 0x0, 0x0, 0x20000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0xe, 0xf2, 0x0, 0x8000ef, 0x1af1ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x197}, 0x0, 0x1, 0x0, 0x0, 0x20000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={r2, 0x58, &(0x7f00000003c0)}, 0x10)

15.652321767s ago: executing program 0 (id=2551):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005080000000000008200000018010000", @ANYRES32, @ANYBLOB="0000000000000000b7080000048000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x35}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

15.505775176s ago: executing program 0 (id=2552):
r0 = socket$kcm(0x22, 0x2, 0x21)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0)
r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_config_ext={0x6, 0x10001}, 0x3480, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r2, &(0x7f0000000080)="a0", 0x0}, 0x20)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0x85ae, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={&(0x7f0000000080)}, 0x0, 0x10000, 0x0, 0x0, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000400000000"]) (async)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000400000000"])
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x5d71, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x101, 0x1}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300) (async)
r5 = socket$kcm(0x11, 0x200000000000002, 0x300)
socket$kcm(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x0) (async)
socket$kcm(0x10, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000500)=""/161, 0xa1}, {&(0x7f00000005c0)=""/130, 0x82}, {&(0x7f0000000680)=""/189, 0xbd}, {&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000002b80)=""/117, 0x75}, {0x0}, {&(0x7f00000017c0)=""/176, 0xb0}], 0x7}, 0x2002) (async)
recvmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000500)=""/161, 0xa1}, {&(0x7f00000005c0)=""/130, 0x82}, {&(0x7f0000000680)=""/189, 0xbd}, {&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000002b80)=""/117, 0x75}, {0x0}, {&(0x7f00000017c0)=""/176, 0xb0}], 0x7}, 0x2002)
r6 = perf_event_open(&(0x7f0000001900)={0x1, 0x80, 0x5, 0x5, 0x0, 0x4, 0x0, 0x43c, 0x10203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8000, 0x1, @perf_bp={&(0x7f0000000400), 0x3}, 0x1a828, 0x7fffffffffffffff, 0x6, 0x0, 0x7fffffffffffffff, 0x4, 0x81, 0x0, 0x3, 0x0, 0x80000001}, 0xffffffffffffffff, 0x0, r4, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x11, 0x4, &(0x7f0000001740)=ANY=[@ANYBLOB="18500000080000000000070000dc40b07e6ece72f0000001feffffb2eae67a849000f1070eacbe7829a2b7c42ee3e6d95685552153e70a5bda0811a1c0c464867bd8f6"], &(0x7f0000001980)='GPL\x00', 0xfffffe7b, 0x1000, &(0x7f00000019c0)=""/4096, 0x41000, 0x61, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000029c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0xf, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000002a40)=[r1], &(0x7f0000002a80)=[{0x5, 0x3, 0xd, 0x5}], 0x10, 0x7}, 0x94) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x11, 0x4, &(0x7f0000001740)=ANY=[@ANYBLOB="18500000080000000000070000dc40b07e6ece72f0000001feffffb2eae67a849000f1070eacbe7829a2b7c42ee3e6d95685552153e70a5bda0811a1c0c464867bd8f6"], &(0x7f0000001980)='GPL\x00', 0xfffffe7b, 0x1000, &(0x7f00000019c0)=""/4096, 0x41000, 0x61, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000029c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0xf, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000002a40)=[r1], &(0x7f0000002a80)=[{0x5, 0x3, 0xd, 0x5}], 0x10, 0x7}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r8 = syz_clone(0x48400, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x420, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, r8, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)}, 0x10140) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)}, 0x10140)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r9}, &(0x7f00000001c0), &(0x7f0000000200)='%-5lx  \x00'}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r9}, &(0x7f00000001c0), &(0x7f0000000200)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x11d)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x3, 0x9}, 0x8000, 0x7, 0x101, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00') (async)
unlink(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')

244.967446ms ago: executing program 32 (id=2552):
r0 = socket$kcm(0x22, 0x2, 0x21)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0)
r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_config_ext={0x6, 0x10001}, 0x3480, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r2, &(0x7f0000000080)="a0", 0x0}, 0x20)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0x85ae, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={&(0x7f0000000080)}, 0x0, 0x10000, 0x0, 0x0, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000400000000"]) (async)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000400000000"])
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x5d71, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x101, 0x1}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300) (async)
r5 = socket$kcm(0x11, 0x200000000000002, 0x300)
socket$kcm(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x0) (async)
socket$kcm(0x10, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000500)=""/161, 0xa1}, {&(0x7f00000005c0)=""/130, 0x82}, {&(0x7f0000000680)=""/189, 0xbd}, {&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000002b80)=""/117, 0x75}, {0x0}, {&(0x7f00000017c0)=""/176, 0xb0}], 0x7}, 0x2002) (async)
recvmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000500)=""/161, 0xa1}, {&(0x7f00000005c0)=""/130, 0x82}, {&(0x7f0000000680)=""/189, 0xbd}, {&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000002b80)=""/117, 0x75}, {0x0}, {&(0x7f00000017c0)=""/176, 0xb0}], 0x7}, 0x2002)
r6 = perf_event_open(&(0x7f0000001900)={0x1, 0x80, 0x5, 0x5, 0x0, 0x4, 0x0, 0x43c, 0x10203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8000, 0x1, @perf_bp={&(0x7f0000000400), 0x3}, 0x1a828, 0x7fffffffffffffff, 0x6, 0x0, 0x7fffffffffffffff, 0x4, 0x81, 0x0, 0x3, 0x0, 0x80000001}, 0xffffffffffffffff, 0x0, r4, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x11, 0x4, &(0x7f0000001740)=ANY=[@ANYBLOB="18500000080000000000070000dc40b07e6ece72f0000001feffffb2eae67a849000f1070eacbe7829a2b7c42ee3e6d95685552153e70a5bda0811a1c0c464867bd8f6"], &(0x7f0000001980)='GPL\x00', 0xfffffe7b, 0x1000, &(0x7f00000019c0)=""/4096, 0x41000, 0x61, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000029c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0xf, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000002a40)=[r1], &(0x7f0000002a80)=[{0x5, 0x3, 0xd, 0x5}], 0x10, 0x7}, 0x94) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x11, 0x4, &(0x7f0000001740)=ANY=[@ANYBLOB="18500000080000000000070000dc40b07e6ece72f0000001feffffb2eae67a849000f1070eacbe7829a2b7c42ee3e6d95685552153e70a5bda0811a1c0c464867bd8f6"], &(0x7f0000001980)='GPL\x00', 0xfffffe7b, 0x1000, &(0x7f00000019c0)=""/4096, 0x41000, 0x61, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000029c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0xf, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000002a40)=[r1], &(0x7f0000002a80)=[{0x5, 0x3, 0xd, 0x5}], 0x10, 0x7}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r8 = syz_clone(0x48400, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x420, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, r8, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)}, 0x10140) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)}, 0x10140)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r9}, &(0x7f00000001c0), &(0x7f0000000200)='%-5lx  \x00'}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r9}, &(0x7f00000001c0), &(0x7f0000000200)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x11d)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x3, 0x9}, 0x8000, 0x7, 0x101, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00') (async)
unlink(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')

90.185235ms ago: executing program 33 (id=2550):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb0100180000000000000014000000140000000500000002000000010000060400000003000008ffff168cffd0ffff00"], &(0x7f0000000480)=""/2, 0x31, 0x2, 0x1, 0x4}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000003f01f00660000007f00000001000000", @ANYRES32, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r0) (async)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})
close(0xffffffffffffffff) (async)
close(0xffffffffffffffff)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="1400000035000b63d25a80648c2594f90624fc60", 0x14}], 0x1}, 0x0) (async)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="1400000035000b63d25a80648c2594f90624fc60", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
recvmsg(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, 0x0}, 0x102)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x4, 0x0) (async)
socket$kcm(0x29, 0x4, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'batadv_slave_0\x00', 0x1})
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x1, 0x3}, 0x2019, 0x0, 0x0, 0x9, 0xffb, 0x3, 0x7, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x3, 0xffffffffffffffff, 0x3) (async)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x1, 0x3}, 0x2019, 0x0, 0x0, 0x9, 0xffb, 0x3, 0x7, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x3, 0xffffffffffffffff, 0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x0) (async)
r3 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000011008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0xe, 0xf2, 0x0, 0x8000ef, 0x1af1ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x197}, 0x0, 0x1, 0x0, 0x0, 0x20000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0xe, 0xf2, 0x0, 0x8000ef, 0x1af1ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x197}, 0x0, 0x1, 0x0, 0x0, 0x20000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={r2, 0x58, &(0x7f00000003c0)}, 0x10)

0s ago: executing program 34 (id=2549):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89a2, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
r2 = socket$kcm(0x10, 0x7, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb9040a1d080006007c095dd208", 0x1b}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030036000b05d25a806c8c6f94f90224fc60100005000a", 0x19}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="97d9deabea352018000000000000006761110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="3504000040000511d25a35400c0002000200002037153e370c040180060410", 0x1f}], 0x1}, 0x10049014)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b05d25a806f8c6394f91a24fc600702", 0x16}], 0x1, 0x0, 0x0, 0x400300}, 0x20044050)
r3 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10)
write$cgroup_subtree(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x3, 0x14, &(0x7f0000000a80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af81801000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095000000000000004faaf4057c2fe7cb3b362fb1c507a177d503574b1264f7bd93a4"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x0, 0xe, 0x39, &(0x7f00000003c0)="928e04b416cac951c35f7f4586e6", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = socket$kcm(0xa, 0x1, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xb, 0x5, 0x10001, 0xa, 0x1, 0xffffffffffffffff, 0x3}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r9, &(0x7f0000000080), &(0x7f00000001c0)=""/155}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r9}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r8}, &(0x7f0000000040), &(0x7f0000000140)=r7}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r8, &(0x7f0000000500), 0x0}, 0x20)
setsockopt$sock_attach_bpf(r6, 0x0, 0x41, 0x0, 0x90)
syz_clone(0x41909000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1400000037000b63717a3c4a01d8b45b0808aa78", 0x14}], 0x1}, 0x1)
mkdir(&(0x7f0000000140)='./file0\x00', 0x20)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000800))
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x24000000)

kernel console output (not intermixed with test programs):

[T10112] CPU: 0 PID: 10112 Comm: syz.0.1509 Not tainted syzkaller #0
[  254.149740][T10112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  254.159807][T10112] Call Trace:
[  254.163097][T10112]  <TASK>
[  254.166046][T10112]  dump_stack_lvl+0x18c/0x250
[  254.170752][T10112]  ? show_regs_print_info+0x20/0x20
[  254.175982][T10112]  ? load_image+0x400/0x400
[  254.180514][T10112]  ? __lock_acquire+0x7d40/0x7d40
[  254.185565][T10112]  should_fail_ex+0x39d/0x4d0
[  254.190269][T10112]  should_failslab+0x9/0x20
[  254.194849][T10112]  slab_pre_alloc_hook+0x59/0x310
[  254.199905][T10112]  kmem_cache_alloc+0x5a/0x2d0
[  254.204700][T10112]  ? alloc_empty_file+0x9e/0x1d0
[  254.209668][T10112]  alloc_empty_file+0x9e/0x1d0
[  254.214454][T10112]  path_openat+0x113/0x3230
[  254.218972][T10112]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  254.224715][T10112]  ? mark_lock+0x94/0x320
[  254.229064][T10112]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  254.235065][T10112]  ? lock_chain_count+0x20/0x20
[  254.239930][T10112]  ? do_filp_open+0x430/0x430
[  254.244622][T10112]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  254.250789][T10112]  ? lockdep_hardirqs_on+0x98/0x150
[  254.256001][T10112]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  254.262173][T10112]  do_filp_open+0x1f5/0x430
[  254.266693][T10112]  ? vfs_tmpfile+0x490/0x490
[  254.271313][T10112]  ? _raw_spin_unlock+0x28/0x40
[  254.276172][T10112]  ? alloc_fd+0x58f/0x630
[  254.280524][T10112]  do_sys_openat2+0x134/0x1d0
[  254.285217][T10112]  ? do_sys_open+0xe0/0xe0
[  254.289651][T10112]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  254.295650][T10112]  ? lock_chain_count+0x20/0x20
[  254.300511][T10112]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  254.306501][T10112]  __x64_sys_openat+0x139/0x160
[  254.311370][T10112]  do_syscall_64+0x55/0xa0
[  254.315802][T10112]  ? clear_bhb_loop+0x40/0x90
[  254.320490][T10112]  ? clear_bhb_loop+0x40/0x90
[  254.325182][T10112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  254.331087][T10112] RIP: 0033:0x7fdc1015b58e
[  254.335515][T10112] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  254.355136][T10112] RSP: 002b:00007fdc11050ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  254.363565][T10112] RAX: ffffffffffffffda RBX: 00007fdc110516c0 RCX: 00007fdc1015b58e
[  254.371546][T10112] RDX: 0000000000000000 RSI: 00007fdc11050f90 RDI: ffffffffffffff9c
[  254.379528][T10112] RBP: 00007fdc11051090 R08: 0000000000000000 R09: 0000000000000000
[  254.387514][T10112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  254.395496][T10112] R13: 00007fdc10416038 R14: 00007fdc10415fa0 R15: 00007ffcb6655db8
[  254.403492][T10112]  </TASK>
[  255.640450][ T5087] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  255.860551][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  255.867050][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  256.136913][T10155] netlink: 'syz.0.1522': attribute type 10 has an invalid length.
[  256.149111][T10153] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1521'.
[  256.346171][T10161] FAULT_INJECTION: forcing a failure.
[  256.346171][T10161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.367499][T10161] CPU: 0 PID: 10161 Comm: syz.0.1524 Not tainted syzkaller #0
[  256.375017][T10161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  256.385095][T10161] Call Trace:
[  256.388376][T10161]  <TASK>
[  256.391305][T10161]  dump_stack_lvl+0x18c/0x250
[  256.395996][T10161]  ? show_regs_print_info+0x20/0x20
[  256.401200][T10161]  ? load_image+0x400/0x400
[  256.405711][T10161]  ? __might_fault+0xaa/0x120
[  256.410388][T10161]  ? __lock_acquire+0x7d40/0x7d40
[  256.415422][T10161]  should_fail_ex+0x39d/0x4d0
[  256.420116][T10161]  _copy_to_user+0x2f/0xa0
[  256.424536][T10161]  generic_map_lookup_batch+0x860/0xc60
[  256.430112][T10161]  ? bpf_map_update_value+0x720/0x720
[  256.435493][T10161]  ? __fdget+0x180/0x210
[  256.439745][T10161]  ? bpf_map_update_value+0x720/0x720
[  256.445115][T10161]  bpf_map_do_batch+0x2cb/0x610
[  256.449963][T10161]  ? bpf_lsm_bpf+0x9/0x10
[  256.454296][T10161]  ? security_bpf+0x7e/0xa0
[  256.458806][T10161]  __sys_bpf+0x7d7/0x890
[  256.463056][T10161]  ? bpf_link_show_fdinfo+0x390/0x390
[  256.468454][T10161]  ? lock_chain_count+0x20/0x20
[  256.473324][T10161]  __x64_sys_bpf+0x7c/0x90
[  256.477742][T10161]  do_syscall_64+0x55/0xa0
[  256.482159][T10161]  ? clear_bhb_loop+0x40/0x90
[  256.486839][T10161]  ? clear_bhb_loop+0x40/0x90
[  256.491515][T10161]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  256.497404][T10161] RIP: 0033:0x7fdc1019acb9
[  256.501818][T10161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  256.521420][T10161] RSP: 002b:00007fdc11051028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  256.529836][T10161] RAX: ffffffffffffffda RBX: 00007fdc10415fa0 RCX: 00007fdc1019acb9
[  256.537807][T10161] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  256.545780][T10161] RBP: 00007fdc11051090 R08: 0000000000000000 R09: 0000000000000000
[  256.553750][T10161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  256.561715][T10161] R13: 00007fdc10416038 R14: 00007fdc10415fa0 R15: 00007ffcb6655db8
[  256.569713][T10161]  </TASK>
[  259.177631][ T5087] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  259.585886][T10199] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1537'.
[  259.595707][T10199] openvswitch: netlink: Key type 4112 is out of range max 32
[  260.046288][ T5087] Bluetooth: hci1: unexpected subevent 0x01 length: 150 > 18
[  260.165632][ T5087] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  260.403637][T10229] netlink: 'syz.2.1547': attribute type 10 has an invalid length.
[  260.482086][T10229] veth0_vlan: left promiscuous mode
[  260.499223][T10229] veth0_vlan: entered promiscuous mode
[  260.507841][T10229] team0: Device veth0_vlan failed to register rx_handler
[  260.549005][T10234] netlink: 'syz.3.1550': attribute type 10 has an invalid length.
[  260.557865][T10238] netlink: 'syz.0.1551': attribute type 1 has an invalid length.
[  260.563739][T10234] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1550'.
[  260.573686][T10238] netlink: 'syz.0.1551': attribute type 3 has an invalid length.
[  260.574792][T10234] bond0: entered promiscuous mode
[  260.582255][T10238] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1551'.
[  260.588753][T10234] bond_slave_0: entered promiscuous mode
[  260.604600][T10234] bond_slave_1: entered promiscuous mode
[  260.621234][T10234] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  260.624921][T10238] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  260.633692][T10234] batadv_slave_0: entered promiscuous mode
[  260.652805][T10235] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  260.660132][T10235] IPv6: NLM_F_CREATE should be set when creating new route
[  260.667463][T10235] IPv6: NLM_F_CREATE should be set when creating new route
[  260.674729][T10235] IPv6: NLM_F_CREATE should be set when creating new route
[  260.745378][T10244] netlink: 'syz.2.1553': attribute type 29 has an invalid length.
[  260.764056][T10244] netlink: 'syz.2.1553': attribute type 29 has an invalid length.
[  260.908737][T10255] netlink: 'syz.2.1553': attribute type 29 has an invalid length.
[  261.436509][ T5087] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  262.071996][T10276] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1566'.
[  262.283843][T10286] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  262.291145][T10286] IPv6: NLM_F_CREATE should be set when creating new route
[  262.298455][T10286] IPv6: NLM_F_CREATE should be set when creating new route
[  262.305724][T10286] IPv6: NLM_F_CREATE should be set when creating new route
[  262.397121][T10289] netlink: 'syz.0.1571': attribute type 41 has an invalid length.
[  262.405355][T10289] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1571'.
[  262.542169][T10294] netlink: set zone limit has 8 unknown bytes
[  262.559992][T10294] netlink: 'syz.0.1573': attribute type 10 has an invalid length.
[  264.056805][T10313] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  264.064123][T10313] IPv6: NLM_F_CREATE should be set when creating new route
[  264.071397][T10313] IPv6: NLM_F_CREATE should be set when creating new route
[  264.078671][T10313] IPv6: NLM_F_CREATE should be set when creating new route
[  264.448763][T10324] netlink: 'syz.3.1584': attribute type 10 has an invalid length.
[  264.471798][T10324] veth1_vlan: entered allmulticast mode
[  264.535858][T10324] team0: Device veth1_vlan failed to register rx_handler
[  264.630333][T10330] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1584'.
[  264.967207][T10343] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1590'.
[  265.036989][T10343] ksmbd: Daemon and kernel module version mismatch. ksmbd: 36, kernel module: 1. User-space ksmbd should terminate.
[  265.421275][T10343] validate_nla: 2 callbacks suppressed
[  265.421368][T10343] netlink: 'syz.1.1590': attribute type 10 has an invalid length.
[  265.466137][T10356] netlink: 'syz.0.1593': attribute type 33 has an invalid length.
[  265.474741][T10356] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1593'.
[  266.238087][T10377] netlink: 'syz.1.1602': attribute type 7 has an invalid length.
[  266.641945][ T5087] Bluetooth: hci3: unexpected subevent 0x01 length: 150 > 18
[  266.960212][T10394] netpci0: tun_chr_ioctl cmd 21731
[  267.246102][T10410] delete_channel: no stack
[  267.295523][T10415] netlink: 'syz.2.1615': attribute type 10 has an invalid length.
[  268.358854][T10451] FAULT_INJECTION: forcing a failure.
[  268.358854][T10451] name failslab, interval 1, probability 0, space 0, times 0
[  268.392113][T10451] CPU: 0 PID: 10451 Comm: syz.2.1630 Not tainted syzkaller #0
[  268.399620][T10451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  268.409678][T10451] Call Trace:
[  268.412964][T10451]  <TASK>
[  268.415898][T10451]  dump_stack_lvl+0x18c/0x250
[  268.420597][T10451]  ? sctp_sendmsg+0x1575/0x28c0
[  268.425453][T10451]  ? ___sys_sendmsg+0x2a6/0x360
[  268.430318][T10451]  ? show_regs_print_info+0x20/0x20
[  268.435539][T10451]  ? load_image+0x400/0x400
[  268.440069][T10451]  should_fail_ex+0x39d/0x4d0
[  268.444770][T10451]  should_failslab+0x9/0x20
[  268.449290][T10451]  slab_pre_alloc_hook+0x59/0x310
[  268.454333][T10451]  ? sctp_add_bind_addr+0x8c/0x360
[  268.459461][T10451]  __kmem_cache_alloc_node+0x53/0x250
[  268.464849][T10451]  ? sctp_add_bind_addr+0x8c/0x360
[  268.469977][T10451]  kmalloc_trace+0x2a/0xe0
[  268.474408][T10451]  sctp_add_bind_addr+0x8c/0x360
[  268.479359][T10451]  sctp_copy_local_addr_list+0x315/0x4f0
[  268.485004][T10451]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  268.490732][T10451]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  268.496823][T10451]  ? sctp_v6_is_any+0x64/0x70
[  268.501510][T10451]  ? sctp_copy_one_addr+0x8c/0x350
[  268.506629][T10451]  sctp_bind_addr_copy+0xb3/0x3c0
[  268.511671][T10451]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  268.518102][T10451]  sctp_connect_new_asoc+0x2f9/0x6a0
[  268.523407][T10451]  ? __sctp_connect+0xd80/0xd80
[  268.528267][T10451]  ? __local_bh_enable_ip+0x13a/0x1c0
[  268.533667][T10451]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  268.539225][T10451]  ? security_sctp_bind_connect+0x89/0xb0
[  268.544960][T10451]  sctp_sendmsg+0x1575/0x28c0
[  268.549662][T10451]  ? sctp_getsockopt+0xb60/0xb60
[  268.554613][T10451]  ? aa_sk_perm+0x83c/0x970
[  268.559146][T10451]  ? aa_af_perm+0x330/0x330
[  268.563699][T10451]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  268.570129][T10451]  ? sock_rps_record_flow+0x19/0x3f0
[  268.575430][T10451]  ? inet_sendmsg+0xe9/0x2f0
[  268.580029][T10451]  ? inet_send_prepare+0x260/0x260
[  268.585152][T10451]  ____sys_sendmsg+0x5ba/0x960
[  268.589935][T10451]  ? __lock_acquire+0x7d40/0x7d40
[  268.594986][T10451]  ? __sys_sendmsg_sock+0x30/0x30
[  268.600028][T10451]  ? __import_iovec+0x5f2/0x850
[  268.604920][T10451]  ? import_iovec+0x73/0xa0
[  268.609446][T10451]  ___sys_sendmsg+0x2a6/0x360
[  268.614160][T10451]  ? get_pid_task+0x20/0x1e0
[  268.618770][T10451]  ? __sys_sendmsg+0x2a0/0x2a0
[  268.623575][T10451]  ? __lock_acquire+0x7d40/0x7d40
[  268.628639][T10451]  __se_sys_sendmsg+0x1c2/0x2b0
[  268.633511][T10451]  ? __x64_sys_sendmsg+0x80/0x80
[  268.638484][T10451]  ? lockdep_hardirqs_on+0x98/0x150
[  268.643697][T10451]  do_syscall_64+0x55/0xa0
[  268.648121][T10451]  ? clear_bhb_loop+0x40/0x90
[  268.652788][T10451]  ? clear_bhb_loop+0x40/0x90
[  268.657456][T10451]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  268.663338][T10451] RIP: 0033:0x7f914c99acb9
[  268.667747][T10451] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  268.687340][T10451] RSP: 002b:00007f914d811028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.695747][T10451] RAX: ffffffffffffffda RBX: 00007f914cc15fa0 RCX: 00007f914c99acb9
[  268.703718][T10451] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  268.711689][T10451] RBP: 00007f914d811090 R08: 0000000000000000 R09: 0000000000000000
[  268.719659][T10451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  268.727625][T10451] R13: 00007f914cc16038 R14: 00007f914cc15fa0 R15: 00007ffef65f0178
[  268.735601][T10451]  </TASK>
[  269.546184][T10443] netlink: 'syz.3.1628': attribute type 10 has an invalid length.
[  269.576749][T10465] netlink: 'syz.2.1634': attribute type 10 has an invalid length.
[  269.606575][T10465] veth1_vlan: entered allmulticast mode
[  269.709842][T10465] team0: Device veth1_vlan failed to register rx_handler
[  269.789475][T10464] netlink: 'syz.2.1634': attribute type 10 has an invalid length.
[  269.833761][T10464] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1634'.
[  270.023388][T10476] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1638'.
[  270.203561][T10486] netlink: 3076 bytes leftover after parsing attributes in process `syz.3.1642'.
[  270.235840][T10483] 
@ÿ: renamed from bond_slave_0
[  270.243656][T10486] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1642'.
[  270.633805][ T5087] Bluetooth: hci1: unexpected subevent 0x0a length: 150 > 30
[  270.641647][ T5087] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[  270.652115][ T5087] CPU: 0 PID: 5087 Comm: kworker/u5:1 Not tainted syzkaller #0
[  270.659693][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  270.669774][ T5087] Workqueue: hci1 hci_rx_work
[  270.674487][ T5087] Call Trace:
[  270.677775][ T5087]  <TASK>
[  270.680707][ T5087]  dump_stack_lvl+0x18c/0x250
[  270.685388][ T5087]  ? show_regs_print_info+0x20/0x20
[  270.690579][ T5087]  ? load_image+0x400/0x400
[  270.695079][ T5087]  sysfs_create_dir_ns+0x26e/0x2a0
[  270.700199][ T5087]  ? sysfs_warn_dup+0xa0/0xa0
[  270.704899][ T5087]  ? do_raw_spin_unlock+0x121/0x230
[  270.710128][ T5087]  kobject_add_internal+0x61c/0xcc0
[  270.715360][ T5087]  kobject_add+0x164/0x240
[  270.719797][ T5087]  ? __rwlock_init+0x150/0x150
[  270.724588][ T5087]  ? kobject_init+0x1e0/0x1e0
[  270.729288][ T5087]  ? _raw_spin_unlock+0x28/0x40
[  270.734167][ T5087]  ? get_device_parent+0x366/0x390
[  270.739309][ T5087]  device_add+0x408/0xc20
[  270.743675][ T5087]  hci_conn_add_sysfs+0xd5/0x1e0
[  270.748644][ T5087]  le_conn_complete_evt+0xf5d/0x1540
[  270.753974][ T5087]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  270.760242][ T5087]  ? bt_info+0x180/0x180
[  270.764520][ T5087]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  270.770183][ T5087]  ? skb_pull_data+0xfb/0x200
[  270.774887][ T5087]  hci_le_enh_conn_complete_evt+0x189/0x460
[  270.780805][ T5087]  ? hci_le_remote_conn_param_req_evt+0xd10/0xd10
[  270.787250][ T5087]  ? hci_remote_host_features_evt+0x150/0x150
[  270.793344][ T5087]  hci_event_packet+0x7ba/0x1270
[  270.798315][ T5087]  ? bis_list+0x290/0x290
[  270.802669][ T5087]  ? lockdep_hardirqs_on+0x98/0x150
[  270.807899][ T5087]  ? hci_send_to_monitor+0xd7/0x4f0
[  270.813130][ T5087]  hci_rx_work+0x43a/0xd60
[  270.817587][ T5087]  ? process_scheduled_works+0x96f/0x15d0
[  270.823336][ T5087]  process_scheduled_works+0xa5d/0x15d0
[  270.828945][ T5087]  ? assign_work+0x430/0x430
[  270.833569][ T5087]  ? assign_work+0x3d0/0x430
[  270.838202][ T5087]  worker_thread+0xa55/0xfc0
[  270.842824][ T5087]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  270.848747][ T5087]  ? _raw_spin_unlock+0x40/0x40
[  270.853635][ T5087]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  270.859568][ T5087]  kthread+0x2fa/0x390
[  270.863654][ T5087]  ? pr_cont_work+0x560/0x560
[  270.868357][ T5087]  ? kthread_blkcg+0xd0/0xd0
[  270.872965][ T5087]  ret_from_fork+0x48/0x80
[  270.877402][ T5087]  ? kthread_blkcg+0xd0/0xd0
[  270.882024][ T5087]  ret_from_fork_asm+0x11/0x20
[  270.886831][ T5087]  </TASK>
[  270.893384][ T5087] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  270.907483][ T5087] Bluetooth: hci1: failed to register connection device
[  271.180109][T10511] netlink: 'syz.1.1650': attribute type 10 has an invalid length.
[  271.206555][T10511] veth1_vlan: entered allmulticast mode
[  271.327893][T10516] netlink: 'syz.1.1650': attribute type 10 has an invalid length.
[  271.351630][T10516] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1650'.
[  271.422145][T10522] FAULT_INJECTION: forcing a failure.
[  271.422145][T10522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.453547][T10522] CPU: 1 PID: 10522 Comm: syz.2.1655 Not tainted syzkaller #0
[  271.461066][T10522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  271.471134][T10522] Call Trace:
[  271.474424][T10522]  <TASK>
[  271.477377][T10522]  dump_stack_lvl+0x18c/0x250
[  271.482082][T10522]  ? show_regs_print_info+0x20/0x20
[  271.487302][T10522]  ? load_image+0x400/0x400
[  271.491825][T10522]  ? __might_fault+0xaa/0x120
[  271.496512][T10522]  ? __lock_acquire+0x7d40/0x7d40
[  271.501540][T10522]  should_fail_ex+0x39d/0x4d0
[  271.506220][T10522]  _copy_from_user+0x2f/0xe0
[  271.510808][T10522]  __sys_bpf+0x23e/0x890
[  271.515051][T10522]  ? bpf_link_show_fdinfo+0x390/0x390
[  271.520422][T10522]  ? lock_chain_count+0x20/0x20
[  271.525270][T10522]  __x64_sys_bpf+0x7c/0x90
[  271.529674][T10522]  do_syscall_64+0x55/0xa0
[  271.534081][T10522]  ? clear_bhb_loop+0x40/0x90
[  271.538747][T10522]  ? clear_bhb_loop+0x40/0x90
[  271.543411][T10522]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  271.549293][T10522] RIP: 0033:0x7f914c99acb9
[  271.553699][T10522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  271.573296][T10522] RSP: 002b:00007f914d811028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  271.581700][T10522] RAX: ffffffffffffffda RBX: 00007f914cc15fa0 RCX: 00007f914c99acb9
[  271.589662][T10522] RDX: 0000000000000094 RSI: 00002000000005c0 RDI: 0000000000000005
[  271.597627][T10522] RBP: 00007f914d811090 R08: 0000000000000000 R09: 0000000000000000
[  271.605584][T10522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.613545][T10522] R13: 00007f914cc16038 R14: 00007f914cc15fa0 R15: 00007ffef65f0178
[  271.621524][T10522]  </TASK>
[  272.976953][ T5780] Bluetooth: hci1: command tx timeout
[  273.449874][T10538] netlink: 'syz.2.1660': attribute type 39 has an invalid length.
[  273.700623][T10547] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1663'.
[  275.062497][T10552] netlink: 'syz.1.1664': attribute type 10 has an invalid length.
[  275.070599][T10554] netlink: 'syz.3.1665': attribute type 10 has an invalid length.
[  275.387494][T10564] netlink: 'syz.2.1668': attribute type 13 has an invalid length.
[  275.398585][T10565] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1669'.
[  275.411779][T10564] macvtap0: refused to change device tx_queue_len
[  275.431247][T10567] 
@ÿ: renamed from bond_slave_0
[  276.032187][T10591] netlink: 'syz.1.1676': attribute type 3 has an invalid length.
[  276.041564][T10591] netlink: 13435 bytes leftover after parsing attributes in process `syz.1.1676'.
[  276.446440][T10602] 
@ÿ: renamed from bond_slave_0
[  276.671390][T10612] netlink: 'syz.1.1684': attribute type 10 has an invalid length.
[  277.611474][T10647] wg2: entered promiscuous mode
[  277.623647][T10647] wg2: entered allmulticast mode
[  277.679934][T10650] netlink: 'syz.1.1698': attribute type 2 has an invalid length.
[  277.687920][T10650] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1698'.
[  277.819294][T10652] netlink: 'syz.1.1699': attribute type 5 has an invalid length.
[  277.843599][T10652] netlink: 'syz.1.1699': attribute type 1 has an invalid length.
[  277.851363][T10652] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.1699'.
[  278.000188][T10662] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1703'.
[  278.030395][T10662] debugfs: Directory '!!ô!' with parent 'ieee80211' already present!
[  278.102154][T10666] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1704'.
[  278.175615][T10666] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.193147][T10666] bond_slave_0: left promiscuous mode
[  278.334494][T10666] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.395616][T10666] bond_slave_1: left promiscuous mode
[  278.454705][T10666] bond0 (unregistering): (slave netdevsim0): Releasing backup interface
[  278.514002][T10666] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  278.741704][T10666] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  278.794459][T10666] batadv_slave_0: left promiscuous mode
[  278.853155][T10666] bond0 (unregistering): Released all slaves
[  279.098364][T10681] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.1709'.
[  279.264634][T10666] netlink: 'syz.3.1704': attribute type 4 has an invalid length.
[  279.379816][T10666] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1704'.
[  279.617126][ T5780] Bluetooth: hci2: unexpected subevent 0x01 length: 150 > 18
[  279.945067][T10696] C: renamed from team_slave_0 (while UP)
[  279.977771][T10696] netlink: 'syz.3.1713': attribute type 3 has an invalid length.
[  279.986446][T10696] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1713'.
[  280.001230][T10696] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  280.114692][T10703] netlink: 'syz.3.1717': attribute type 10 has an invalid length.
[  280.158467][T10703] veth0_vlan: left promiscuous mode
[  280.179319][T10703] veth0_vlan: entered promiscuous mode
[  280.187652][T10707] sctp: [Deprecated]: syz.1.1716 (pid 10707) Use of int in maxseg socket option.
[  280.187652][T10707] Use struct sctp_assoc_value instead
[  280.214296][T10703] team0: Device veth0_vlan failed to register rx_handler
[  282.144002][T10778] netlink: set zone limit has 8 unknown bytes
[  282.184314][T10778] netlink: 'syz.0.1741': attribute type 10 has an invalid length.
[  283.986886][T10825] netlink: 'syz.3.1758': attribute type 3 has an invalid length.
[  284.014788][T10825] netlink: 'syz.3.1758': attribute type 3 has an invalid length.
[  284.092728][T10825] netlink: 153952 bytes leftover after parsing attributes in process `syz.3.1758'.
[  285.435190][ T5087] Bluetooth: hci3: unexpected subevent 0x01 length: 150 > 18
[  285.443033][ T5087] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0'
[  285.453368][ T5087] CPU: 1 PID: 5087 Comm: kworker/u5:1 Not tainted syzkaller #0
[  285.460950][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  285.471032][ T5087] Workqueue: hci3 hci_rx_work
[  285.475760][ T5087] Call Trace:
[  285.479070][ T5087]  <TASK>
[  285.482022][ T5087]  dump_stack_lvl+0x18c/0x250
[  285.486740][ T5087]  ? show_regs_print_info+0x20/0x20
[  285.491969][ T5087]  ? load_image+0x400/0x400
[  285.496515][ T5087]  sysfs_create_dir_ns+0x26e/0x2a0
[  285.501648][ T5087]  ? sysfs_warn_dup+0xa0/0xa0
[  285.506349][ T5087]  ? do_raw_spin_unlock+0x121/0x230
[  285.511577][ T5087]  kobject_add_internal+0x61c/0xcc0
[  285.516810][ T5087]  kobject_add+0x164/0x240
[  285.521248][ T5087]  ? __rwlock_init+0x150/0x150
[  285.526051][ T5087]  ? kobject_init+0x1e0/0x1e0
[  285.530759][ T5087]  ? _raw_spin_unlock+0x28/0x40
[  285.535648][ T5087]  ? get_device_parent+0x366/0x390
[  285.540787][ T5087]  device_add+0x408/0xc20
[  285.545144][ T5087]  hci_conn_add_sysfs+0xd5/0x1e0
[  285.550089][ T5087]  le_conn_complete_evt+0xf5d/0x1540
[  285.555393][ T5087]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  285.561640][ T5087]  ? bt_info+0x180/0x180
[  285.565888][ T5087]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  285.571552][ T5087]  ? skb_pull_data+0xfb/0x200
[  285.576238][ T5087]  hci_le_conn_complete_evt+0x187/0x440
[  285.581798][ T5087]  ? hci_remote_host_features_evt+0x150/0x150
[  285.587876][ T5087]  hci_event_packet+0x7ba/0x1270
[  285.592837][ T5087]  ? bis_list+0x290/0x290
[  285.597183][ T5087]  ? lockdep_hardirqs_on+0x98/0x150
[  285.602391][ T5087]  ? hci_send_to_monitor+0xd7/0x4f0
[  285.607603][ T5087]  hci_rx_work+0x43a/0xd60
[  285.612049][ T5087]  ? process_scheduled_works+0x96f/0x15d0
[  285.617776][ T5087]  process_scheduled_works+0xa5d/0x15d0
[  285.623359][ T5087]  ? assign_work+0x430/0x430
[  285.627960][ T5087]  ? assign_work+0x3d0/0x430
[  285.632554][ T5087]  worker_thread+0xa55/0xfc0
[  285.637149][ T5087]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  285.643042][ T5087]  ? _raw_spin_unlock+0x40/0x40
[  285.647889][ T5087]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  285.653809][ T5087]  kthread+0x2fa/0x390
[  285.657896][ T5087]  ? pr_cont_work+0x560/0x560
[  285.662581][ T5087]  ? kthread_blkcg+0xd0/0xd0
[  285.667172][ T5087]  ret_from_fork+0x48/0x80
[  285.671591][ T5087]  ? kthread_blkcg+0xd0/0xd0
[  285.676183][ T5087]  ret_from_fork_asm+0x11/0x20
[  285.680970][ T5087]  </TASK>
[  285.689138][ T5087] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  285.703173][ T5087] Bluetooth: hci3: failed to register connection device
[  286.100808][T10887] delete_channel: no stack
[  286.233155][T10890] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.1783'.
[  286.774391][T10898] netlink: 'syz.3.1786': attribute type 10 has an invalid length.
[  286.820311][T10898] team0: Device ipvlan1 failed to register rx_handler
[  288.523538][T10908] netlink: 160 bytes leftover after parsing attributes in process `syz.2.1789'.
[  289.094042][T10929] FAULT_INJECTION: forcing a failure.
[  289.094042][T10929] name failslab, interval 1, probability 0, space 0, times 0
[  289.124272][T10925] netlink: 'syz.3.1794': attribute type 39 has an invalid length.
[  289.173530][T10929] CPU: 0 PID: 10929 Comm: syz.1.1796 Not tainted syzkaller #0
[  289.181050][T10929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  289.191127][T10929] Call Trace:
[  289.194424][T10929]  <TASK>
[  289.197368][T10929]  dump_stack_lvl+0x18c/0x250
[  289.202067][T10929]  ? sctp_sendmsg+0x1575/0x28c0
[  289.206941][T10929]  ? ___sys_sendmsg+0x2a6/0x360
[  289.211820][T10929]  ? show_regs_print_info+0x20/0x20
[  289.217044][T10929]  ? load_image+0x400/0x400
[  289.221584][T10929]  should_fail_ex+0x39d/0x4d0
[  289.226288][T10929]  should_failslab+0x9/0x20
[  289.230807][T10929]  slab_pre_alloc_hook+0x59/0x310
[  289.235852][T10929]  ? sctp_add_bind_addr+0x8c/0x360
[  289.240986][T10929]  __kmem_cache_alloc_node+0x53/0x250
[  289.246388][T10929]  ? sctp_add_bind_addr+0x8c/0x360
[  289.251524][T10929]  kmalloc_trace+0x2a/0xe0
[  289.255969][T10929]  sctp_add_bind_addr+0x8c/0x360
[  289.260933][T10929]  sctp_copy_local_addr_list+0x315/0x4f0
[  289.266595][T10929]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  289.272339][T10929]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  289.278430][T10929]  ? sctp_v6_is_any+0x64/0x70
[  289.283125][T10929]  ? sctp_copy_one_addr+0x8c/0x350
[  289.288259][T10929]  sctp_bind_addr_copy+0xb3/0x3c0
[  289.293300][T10929]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  289.299646][T10929]  sctp_connect_new_asoc+0x2f9/0x6a0
[  289.304957][T10929]  ? __sctp_connect+0xd80/0xd80
[  289.309818][T10929]  ? __local_bh_enable_ip+0x13a/0x1c0
[  289.315212][T10929]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  289.320774][T10929]  ? security_sctp_bind_connect+0x89/0xb0
[  289.326516][T10929]  sctp_sendmsg+0x1575/0x28c0
[  289.331228][T10929]  ? sctp_getsockopt+0xb60/0xb60
[  289.336181][T10929]  ? aa_sk_perm+0x83c/0x970
[  289.340754][T10929]  ? aa_af_perm+0x330/0x330
[  289.345272][T10929]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  289.351711][T10929]  ? sock_rps_record_flow+0x19/0x3f0
[  289.357018][T10929]  ? inet_sendmsg+0xe9/0x2f0
[  289.361626][T10929]  ? inet_send_prepare+0x260/0x260
[  289.366762][T10929]  ____sys_sendmsg+0x5ba/0x960
[  289.371559][T10929]  ? __lock_acquire+0x7d40/0x7d40
[  289.376609][T10929]  ? __sys_sendmsg_sock+0x30/0x30
[  289.381657][T10929]  ? __import_iovec+0x5f2/0x850
[  289.386547][T10929]  ? import_iovec+0x73/0xa0
[  289.391079][T10929]  ___sys_sendmsg+0x2a6/0x360
[  289.395777][T10929]  ? get_pid_task+0x20/0x1e0
[  289.400389][T10929]  ? __sys_sendmsg+0x2a0/0x2a0
[  289.405199][T10929]  ? __lock_acquire+0x7d40/0x7d40
[  289.410274][T10929]  __se_sys_sendmsg+0x1c2/0x2b0
[  289.415150][T10929]  ? __x64_sys_sendmsg+0x80/0x80
[  289.420128][T10929]  ? trace_sys_enter+0x1f/0x80
[  289.424917][T10929]  do_syscall_64+0x55/0xa0
[  289.429354][T10929]  ? clear_bhb_loop+0x40/0x90
[  289.434043][T10929]  ? clear_bhb_loop+0x40/0x90
[  289.438741][T10929]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  289.444645][T10929] RIP: 0033:0x7f96d419acb9
[  289.449078][T10929] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  289.468704][T10929] RSP: 002b:00007f96d4fff028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  289.477133][T10929] RAX: ffffffffffffffda RBX: 00007f96d4415fa0 RCX: 00007f96d419acb9
[  289.485117][T10929] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  289.493102][T10929] RBP: 00007f96d4fff090 R08: 0000000000000000 R09: 0000000000000000
[  289.501083][T10929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  289.509063][T10929] R13: 00007f96d4416038 R14: 00007f96d4415fa0 R15: 00007ffddcb09278
[  289.517072][T10929]  </TASK>
[  291.606368][T10965] FAULT_INJECTION: forcing a failure.
[  291.606368][T10965] name failslab, interval 1, probability 0, space 0, times 0
[  291.634775][T10965] CPU: 0 PID: 10965 Comm: syz.2.1807 Not tainted syzkaller #0
[  291.642365][T10965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  291.652524][T10965] Call Trace:
[  291.655902][T10965]  <TASK>
[  291.658936][T10965]  dump_stack_lvl+0x18c/0x250
[  291.663768][T10965]  ? show_regs_print_info+0x20/0x20
[  291.669093][T10965]  ? load_image+0x400/0x400
[  291.673772][T10965]  ? __might_sleep+0xe0/0xe0
[  291.678495][T10965]  ? __lock_acquire+0x7d40/0x7d40
[  291.683700][T10965]  should_fail_ex+0x39d/0x4d0
[  291.688571][T10965]  should_failslab+0x9/0x20
[  291.693207][T10965]  slab_pre_alloc_hook+0x59/0x310
[  291.698377][T10965]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  291.704247][T10965]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  291.710079][T10965]  __kmem_cache_alloc_node+0x53/0x250
[  291.715624][T10965]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  291.721465][T10965]  __kmalloc+0xa4/0x230
[  291.725772][T10965]  tomoyo_realpath_from_path+0xe3/0x5d0
[  291.731568][T10965]  tomoyo_path_number_perm+0x248/0x620
[  291.737143][T10965]  ? tomoyo_path_number_perm+0x217/0x620
[  291.742914][T10965]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  291.748524][T10965]  ? ksys_write+0x1c4/0x260
[  291.753448][T10965]  ? __fget_files+0x28/0x4b0
[  291.758143][T10965]  ? __fget_files+0x28/0x4b0
[  291.762974][T10965]  security_file_ioctl+0x70/0xa0
[  291.768065][T10965]  __se_sys_ioctl+0x48/0x170
[  291.772812][T10965]  do_syscall_64+0x55/0xa0
[  291.777336][T10965]  ? clear_bhb_loop+0x40/0x90
[  291.782113][T10965]  ? clear_bhb_loop+0x40/0x90
[  291.786918][T10965]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  291.792911][T10965] RIP: 0033:0x7f914c99acb9
[  291.797443][T10965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  291.817156][T10965] RSP: 002b:00007f914d811028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  291.825709][T10965] RAX: ffffffffffffffda RBX: 00007f914cc15fa0 RCX: 00007f914c99acb9
[  291.833785][T10965] RDX: 0000200000000000 RSI: 0000000000008b28 RDI: 0000000000000006
[  291.841857][T10965] RBP: 00007f914d811090 R08: 0000000000000000 R09: 0000000000000000
[  291.849929][T10965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.857999][T10965] R13: 00007f914cc16038 R14: 00007f914cc15fa0 R15: 00007ffef65f0178
[  291.866230][T10965]  </TASK>
[  291.966765][T10965] ERROR: Out of memory at tomoyo_realpath_from_path.
[  291.983301][T10971] netlink: 'syz.1.1808': attribute type 3 has an invalid length.
[  292.047486][T10971] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1808'.
[  292.276932][T10979] netlink: 'syz.3.1811': attribute type 10 has an invalid length.
[  292.369764][T10981] FAULT_INJECTION: forcing a failure.
[  292.369764][T10981] name failslab, interval 1, probability 0, space 0, times 0
[  292.382681][T10981] CPU: 0 PID: 10981 Comm: syz.1.1812 Not tainted syzkaller #0
[  292.390156][T10981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  292.400223][T10981] Call Trace:
[  292.403529][T10981]  <TASK>
[  292.406469][T10981]  dump_stack_lvl+0x18c/0x250
[  292.411168][T10981]  ? show_regs_print_info+0x20/0x20
[  292.416386][T10981]  ? load_image+0x400/0x400
[  292.420908][T10981]  ? __might_sleep+0xe0/0xe0
[  292.425510][T10981]  ? __lock_acquire+0x7d40/0x7d40
[  292.430545][T10981]  ? mark_lock+0x94/0x320
[  292.434890][T10981]  should_fail_ex+0x39d/0x4d0
[  292.439590][T10981]  should_failslab+0x9/0x20
[  292.444112][T10981]  slab_pre_alloc_hook+0x59/0x310
[  292.449136][T10981]  ? __get_vm_area_node+0x125/0x370
[  292.454327][T10981]  __kmem_cache_alloc_node+0x53/0x250
[  292.459693][T10981]  ? __get_vm_area_node+0x125/0x370
[  292.464882][T10981]  kmalloc_node_trace+0x26/0xe0
[  292.469727][T10981]  __get_vm_area_node+0x125/0x370
[  292.474743][T10981]  __vmalloc_node_range+0x36e/0x1330
[  292.480020][T10981]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  292.485553][T10981]  ? mark_lock+0x94/0x320
[  292.489876][T10981]  ? __lock_acquire+0x1347/0x7d40
[  292.494890][T10981]  ? verify_lock_unused+0x140/0x140
[  292.500086][T10981]  ? free_vm_area+0x50/0x50
[  292.504591][T10981]  ? end_current_label_crit_section+0x170/0x170
[  292.510837][T10981]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  292.516373][T10981]  __vmalloc+0x7a/0x90
[  292.520444][T10981]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  292.525982][T10981]  bpf_prog_alloc_no_stats+0x47/0x440
[  292.531358][T10981]  ? bpf_prog_alloc+0x2b/0x1a0
[  292.536128][T10981]  bpf_prog_alloc+0x3d/0x1a0
[  292.540712][T10981]  bpf_prog_load+0x6eb/0x1670
[  292.545402][T10981]  ? map_freeze+0x420/0x420
[  292.549907][T10981]  ? __might_fault+0xaa/0x120
[  292.554576][T10981]  ? __lock_acquire+0x7d40/0x7d40
[  292.559597][T10981]  ? file_end_write+0x159/0x250
[  292.564450][T10981]  ? __might_fault+0xaa/0x120
[  292.569120][T10981]  ? __might_fault+0xc6/0x120
[  292.573789][T10981]  ? __might_fault+0xaa/0x120
[  292.578459][T10981]  ? bpf_lsm_bpf+0x9/0x10
[  292.582784][T10981]  ? security_bpf+0x7e/0xa0
[  292.587283][T10981]  __sys_bpf+0x5ba/0x890
[  292.591515][T10981]  ? bpf_link_show_fdinfo+0x390/0x390
[  292.596888][T10981]  ? lock_chain_count+0x20/0x20
[  292.601731][T10981]  __x64_sys_bpf+0x7c/0x90
[  292.606137][T10981]  do_syscall_64+0x55/0xa0
[  292.610544][T10981]  ? clear_bhb_loop+0x40/0x90
[  292.615208][T10981]  ? clear_bhb_loop+0x40/0x90
[  292.619875][T10981]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  292.625753][T10981] RIP: 0033:0x7f96d419acb9
[  292.630177][T10981] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  292.649794][T10981] RSP: 002b:00007f96d4fff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  292.658206][T10981] RAX: ffffffffffffffda RBX: 00007f96d4415fa0 RCX: 00007f96d419acb9
[  292.666186][T10981] RDX: 0000000000000094 RSI: 00002000000005c0 RDI: 0000000000000005
[  292.674154][T10981] RBP: 00007f96d4fff090 R08: 0000000000000000 R09: 0000000000000000
[  292.682116][T10981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.690077][T10981] R13: 00007f96d4416038 R14: 00007f96d4415fa0 R15: 00007ffddcb09278
[  292.698065][T10981]  </TASK>
[  292.734484][T10981] syz.1.1812: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  292.751081][T10981] CPU: 0 PID: 10981 Comm: syz.1.1812 Not tainted syzkaller #0
[  292.758559][T10981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  292.768613][T10981] Call Trace:
[  292.771886][T10981]  <TASK>
[  292.774808][T10981]  dump_stack_lvl+0x18c/0x250
[  292.779485][T10981]  ? show_regs_print_info+0x20/0x20
[  292.784678][T10981]  ? load_image+0x400/0x400
[  292.789175][T10981]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  292.795591][T10981]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  292.802174][T10981]  warn_alloc+0x246/0x340
[  292.806499][T10981]  ? __get_vm_area_node+0x125/0x370
[  292.811693][T10981]  ? zone_watermark_ok_safe+0x230/0x230
[  292.817233][T10981]  ? rcu_is_watching+0x15/0xb0
[  292.821998][T10981]  ? __get_vm_area_node+0x356/0x370
[  292.827195][T10981]  __vmalloc_node_range+0x393/0x1330
[  292.832480][T10981]  ? mark_lock+0x94/0x320
[  292.836805][T10981]  ? __lock_acquire+0x1347/0x7d40
[  292.841823][T10981]  ? verify_lock_unused+0x140/0x140
[  292.847034][T10981]  ? free_vm_area+0x50/0x50
[  292.851537][T10981]  ? end_current_label_crit_section+0x170/0x170
[  292.857862][T10981]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  292.863403][T10981]  __vmalloc+0x7a/0x90
[  292.867467][T10981]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  292.873004][T10981]  bpf_prog_alloc_no_stats+0x47/0x440
[  292.878369][T10981]  ? bpf_prog_alloc+0x2b/0x1a0
[  292.883129][T10981]  bpf_prog_alloc+0x3d/0x1a0
[  292.887717][T10981]  bpf_prog_load+0x6eb/0x1670
[  292.892396][T10981]  ? map_freeze+0x420/0x420
[  292.896897][T10981]  ? __might_fault+0xaa/0x120
[  292.901567][T10981]  ? __lock_acquire+0x7d40/0x7d40
[  292.906584][T10981]  ? file_end_write+0x159/0x250
[  292.911435][T10981]  ? __might_fault+0xaa/0x120
[  292.916098][T10981]  ? __might_fault+0xc6/0x120
[  292.920762][T10981]  ? __might_fault+0xaa/0x120
[  292.925427][T10981]  ? bpf_lsm_bpf+0x9/0x10
[  292.929746][T10981]  ? security_bpf+0x7e/0xa0
[  292.934240][T10981]  __sys_bpf+0x5ba/0x890
[  292.938478][T10981]  ? bpf_link_show_fdinfo+0x390/0x390
[  292.943850][T10981]  ? lock_chain_count+0x20/0x20
[  292.948691][T10981]  __x64_sys_bpf+0x7c/0x90
[  292.953095][T10981]  do_syscall_64+0x55/0xa0
[  292.957503][T10981]  ? clear_bhb_loop+0x40/0x90
[  292.962168][T10981]  ? clear_bhb_loop+0x40/0x90
[  292.966835][T10981]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  292.972713][T10981] RIP: 0033:0x7f96d419acb9
[  292.977119][T10981] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  292.996710][T10981] RSP: 002b:00007f96d4fff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  293.005110][T10981] RAX: ffffffffffffffda RBX: 00007f96d4415fa0 RCX: 00007f96d419acb9
[  293.013069][T10981] RDX: 0000000000000094 RSI: 00002000000005c0 RDI: 0000000000000005
[  293.021027][T10981] RBP: 00007f96d4fff090 R08: 0000000000000000 R09: 0000000000000000
[  293.028984][T10981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.036941][T10981] R13: 00007f96d4416038 R14: 00007f96d4415fa0 R15: 00007ffddcb09278
[  293.044909][T10981]  </TASK>
[  293.072703][T10981] Mem-Info:
[  293.075986][T10981] active_anon:5524 inactive_anon:0 isolated_anon:0
[  293.075986][T10981]  active_file:19272 inactive_file:40010 isolated_file:0
[  293.075986][T10981]  unevictable:768 dirty:278 writeback:0
[  293.075986][T10981]  slab_reclaimable:10327 slab_unreclaimable:92862
[  293.075986][T10981]  mapped:24863 shmem:1361 pagetables:588
[  293.075986][T10981]  sec_pagetables:0 bounce:0
[  293.075986][T10981]  kernel_misc_reclaimable:0
[  293.075986][T10981]  free:1344092 free_pcp:9686 free_cma:0
[  293.122245][T10981] Node 0 active_anon:22096kB inactive_anon:0kB active_file:77088kB inactive_file:159836kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99452kB dirty:1112kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11620kB pagetables:2352kB sec_pagetables:0kB all_unreclaimable? no
[  293.155622][T10981] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  293.187640][T10981] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  293.235410][T10981] lowmem_reserve[]: 0 2521 2522 2522 2522
[  293.241214][T10981] Node 0 DMA32 free:1463044kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:22056kB inactive_anon:0kB active_file:77088kB inactive_file:159016kB unevictable:1536kB writepending:1112kB present:3129332kB managed:2586972kB mlocked:0kB bounce:0kB free_pcp:20368kB local_pcp:408kB free_cma:0kB
[  293.273543][T10981] lowmem_reserve[]: 0 0 0 0 0
[  293.278447][T10981] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[  293.305888][T10981] lowmem_reserve[]: 0 0 0 0 0
[  293.310727][T10981] Node 1 Normal free:3897964kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18080kB local_pcp:9856kB free_cma:0kB
[  293.340691][T10981] lowmem_reserve[]: 0 0 0 0 0
[  293.345832][T10981] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  293.375821][T10981] Node 0 DMA32: 2587*4kB (UME) 1447*8kB (UME) 1120*16kB (UME) 847*32kB (UME) 478*64kB (UME) 172*128kB (UM) 86*256kB (UME) 53*512kB (UME) 34*1024kB (UME) 11*2048kB (UM) 302*4096kB (UM) = 1463044kB
[  293.401490][T10981] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  293.414057][T10981] Node 1 Normal: 231*4kB (UE) 58*8kB (UME) 48*16kB (UME) 38*32kB (UME) 15*64kB (UE) 7*128kB (UME) 0*256kB 3*512kB (UME) 2*1024kB (UE) 1*2048kB (E) 949*4096kB (M) = 3897964kB
[  293.433927][T10981] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  293.444138][T10981] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  293.473554][T10981] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  293.492906][T10981] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  293.502946][T10981] 60643 total pagecache pages
[  293.507816][T10981] 0 pages in swap cache
[  293.512083][T10981] Free swap  = 124996kB
[  293.523987][T10981] Total swap = 124996kB
[  293.528148][T10981] 2097051 pages RAM
[  293.531935][T10981] 0 pages HighMem/MovableOnly
[  293.540349][T10981] 416922 pages reserved
[  293.544948][T10981] 0 pages cma reserved
[  293.677998][T10999] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1817'.
[  293.800866][ T5780] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  294.157841][T11010] netlink: 'syz.0.1821': attribute type 41 has an invalid length.
[  294.241462][T11018] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1825'.
[  294.440666][T11018] syzkaller0: entered promiscuous mode
[  294.490188][T11028] netlink: 'syz.1.1830': attribute type 10 has an invalid length.
[  296.015821][T11035] netlink: 'syz.0.1832': attribute type 10 has an invalid length.
[  296.198417][T11045] netlink: 'syz.2.1834': attribute type 13 has an invalid length.
[  296.260330][T11045] macvtap0: refused to change device tx_queue_len
[  296.702839][ T5780] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  297.186323][T11074] netlink: 'syz.2.1843': attribute type 10 has an invalid length.
[  297.216964][T11074] bridge0: port 4(bond0) entered blocking state
[  297.223344][T11074] bridge0: port 4(bond0) entered forwarding state
[  297.230126][T11074] bridge0: port 3(team0) entered blocking state
[  297.236542][T11074] bridge0: port 3(team0) entered forwarding state
[  297.243104][T11074] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.250341][T11074] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.257833][T11074] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.264966][T11074] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.289267][T11074] bridge0: port 4(bond0) entered disabled state
[  297.295807][T11074] bridge0: port 3(team0) entered disabled state
[  297.302228][T11074] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.309465][T11074] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.831387][T11086] netpci0: tun_chr_ioctl cmd 2147767511
[  297.927738][ T5780] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  298.311194][T11103] IPv6: NLM_F_CREATE should be specified when creating new route
[  298.480772][T11103] netlink: 'syz.1.1857': attribute type 41 has an invalid length.
[  298.925884][ T5780] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  302.334792][T11148] netlink: 'syz.3.1871': attribute type 41 has an invalid length.
[  302.404227][T11157] netlink: 'syz.1.1873': attribute type 10 has an invalid length.
[  302.488171][T11159] netlink: 'syz.0.1874': attribute type 10 has an invalid length.
[  302.631389][T11168] netlink: 'syz.1.1878': attribute type 21 has an invalid length.
[  302.640143][T11168] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1878'.
[  303.074221][ T5780] Bluetooth: hci1: unexpected event 0x05 length: 151 > 4
[  303.466589][T11193] netlink: 'syz.3.1887': attribute type 16 has an invalid length.
[  303.484717][T11193] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1887'.
[  304.114742][T11213] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1894'.
[  304.497561][ T5780] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  304.574389][T11220] netlink: 'syz.2.1897': attribute type 41 has an invalid length.
[  304.615916][T11222] netlink: set zone limit has 8 unknown bytes
[  304.658862][T11220] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1897'.
[  305.511608][T11257] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1909'.
[  305.632504][T11257] netlink: 'syz.1.1909': attribute type 39 has an invalid length.
[  305.774833][T11263] delete_channel: no stack
[  305.918901][T11274] netlink: 'syz.0.1916': attribute type 10 has an invalid length.
[  305.933763][T11274] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1916'.
[  305.953049][T11274] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  305.989664][T11270] netlink: 'syz.2.1913': attribute type 1 has an invalid length.
[  306.052887][T11279] netlink: 'syz.1.1918': attribute type 9 has an invalid length.
[  306.061454][T11279] netlink: 61951 bytes leftover after parsing attributes in process `syz.1.1918'.
[  306.089071][T11279] netlink: 61951 bytes leftover after parsing attributes in process `syz.1.1918'.
[  306.514327][T11286] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1920'.
[  308.301578][T11292] validate_nla: 3 callbacks suppressed
[  308.301592][T11292] netlink: 'syz.2.1922': attribute type 2 has an invalid length.
[  308.323582][T11292] netlink: 'syz.2.1922': attribute type 8 has an invalid length.
[  308.331552][T11292] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1922'.
[  308.356418][T11302] netlink: 'syz.0.1926': attribute type 10 has an invalid length.
[  308.491001][T11306] delete_channel: no stack
[  308.907635][T11320] sock: sock_timestamping_bind_phc: sock not bind to device
[  309.694668][T11332] netlink: 'syz.3.1937': attribute type 21 has an invalid length.
[  309.702726][T11332] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1937'.
[  309.716492][T11332] netlink: 'syz.3.1937': attribute type 4 has an invalid length.
[  309.985817][T11342] netlink: 'syz.0.1942': attribute type 21 has an invalid length.
[  310.003600][T11342] netlink: 'syz.0.1942': attribute type 6 has an invalid length.
[  310.022064][T11342] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1942'.
[  310.646030][T11371] netlink: 'syz.0.1951': attribute type 13 has an invalid length.
[  310.678270][T11371] netlink: 'syz.0.1951': attribute type 58 has an invalid length.
[  310.705340][T11371] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1951'.
[  310.962784][T11382] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1954'.
[  311.001803][T11382] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  311.820868][T11399] netlink: 'syz.2.1961': attribute type 2 has an invalid length.
[  311.830949][T11399] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1961'.
[  312.472100][T11428] FAULT_INJECTION: forcing a failure.
[  312.472100][T11428] name failslab, interval 1, probability 0, space 0, times 0
[  312.537337][T11428] CPU: 0 PID: 11428 Comm: syz.0.1970 Not tainted syzkaller #0
[  312.544943][T11428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  312.555115][T11428] Call Trace:
[  312.558508][T11428]  <TASK>
[  312.561547][T11428]  dump_stack_lvl+0x18c/0x250
[  312.566384][T11428]  ? show_regs_print_info+0x20/0x20
[  312.571723][T11428]  ? load_image+0x400/0x400
[  312.576385][T11428]  ? __might_sleep+0xe0/0xe0
[  312.581108][T11428]  ? __lock_acquire+0x7d40/0x7d40
[  312.586306][T11428]  should_fail_ex+0x39d/0x4d0
[  312.591159][T11428]  should_failslab+0x9/0x20
[  312.595782][T11428]  slab_pre_alloc_hook+0x59/0x310
[  312.600943][T11428]  ? tomoyo_encode+0x28b/0x540
[  312.605830][T11428]  ? tomoyo_encode+0x28b/0x540
[  312.610715][T11428]  __kmem_cache_alloc_node+0x53/0x250
[  312.616266][T11428]  ? tomoyo_encode+0x28b/0x540
[  312.621145][T11428]  __kmalloc+0xa4/0x230
[  312.625465][T11428]  tomoyo_encode+0x28b/0x540
[  312.630244][T11428]  tomoyo_realpath_from_path+0x592/0x5d0
[  312.636118][T11428]  tomoyo_path_number_perm+0x248/0x620
[  312.641710][T11428]  ? tomoyo_path_number_perm+0x217/0x620
[  312.647547][T11428]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  312.653310][T11428]  ? ksys_write+0x1c4/0x260
[  312.658252][T11428]  ? __fget_files+0x28/0x4b0
[  312.663079][T11428]  ? __fget_files+0x28/0x4b0
[  312.667927][T11428]  security_file_ioctl+0x70/0xa0
[  312.673030][T11428]  __se_sys_ioctl+0x48/0x170
[  312.677783][T11428]  do_syscall_64+0x55/0xa0
[  312.682313][T11428]  ? clear_bhb_loop+0x40/0x90
[  312.687095][T11428]  ? clear_bhb_loop+0x40/0x90
[  312.691906][T11428]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.697901][T11428] RIP: 0033:0x7fdc1019acb9
[  312.702432][T11428] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  312.722136][T11428] RSP: 002b:00007fdc11051028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  312.730677][T11428] RAX: ffffffffffffffda RBX: 00007fdc10415fa0 RCX: 00007fdc1019acb9
[  312.738769][T11428] RDX: 0000200000000000 RSI: 0000000000008b28 RDI: 0000000000000006
[  312.746842][T11428] RBP: 00007fdc11051090 R08: 0000000000000000 R09: 0000000000000000
[  312.754916][T11428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.762984][T11428] R13: 00007fdc10416038 R14: 00007fdc10415fa0 R15: 00007ffcb6655db8
[  312.771209][T11428]  </TASK>
[  312.794661][T11428] ERROR: Out of memory at tomoyo_realpath_from_path.
[  312.885019][T11438] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1974'.
[  313.006939][T11440] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1974'.
[  315.995034][T11455] validate_nla: 1 callbacks suppressed
[  315.995050][T11455] netlink: 'syz.3.1982': attribute type 1 has an invalid length.
[  316.033723][T11455] netlink: 'syz.3.1982': attribute type 4 has an invalid length.
[  316.043747][T11455] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.1982'.
[  316.168720][T11465] netlink: 'syz.1.1987': attribute type 10 has an invalid length.
[  317.249605][T11514] netlink: 'syz.2.2002': attribute type 10 has an invalid length.
[  317.267145][T11514] bridge0: port 4(bond0) entered blocking state
[  317.273670][T11514] bridge0: port 4(bond0) entered forwarding state
[  317.280432][T11514] bridge0: port 3(team0) entered blocking state
[  317.286843][T11514] bridge0: port 3(team0) entered forwarding state
[  317.293558][T11514] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.300727][T11514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.308248][T11514] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.315510][T11514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.355705][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  317.362036][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  317.396867][T11514] bridge0: port 4(bond0) entered disabled state
[  317.403334][T11514] bridge0: port 3(team0) entered disabled state
[  317.409849][T11514] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.417110][T11514] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.092579][T11536] netlink: 'syz.0.2011': attribute type 2 has an invalid length.
[  318.140247][T11536] netlink: 168876 bytes leftover after parsing attributes in process `syz.0.2011'.
[  318.267336][T11543] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2016'.
[  318.338886][T11548] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2018'.
[  319.428217][T11574] netlink: 'syz.1.2030': attribute type 10 has an invalid length.
[  319.534089][T11576] netlink: 'syz.2.2031': attribute type 5 has an invalid length.
[  319.637416][T11578] netlink: 'syz.1.2032': attribute type 10 has an invalid length.
[  319.744199][T11580] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2033'.
[  319.905641][T11587] netlink: 'syz.3.2037': attribute type 1 has an invalid length.
[  319.917805][T11587] netlink: 'syz.3.2037': attribute type 3 has an invalid length.
[  319.941958][T11587] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2037'.
[  319.945836][T11590] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2038'.
[  319.977656][T11587] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  323.142319][T11633] C: renamed from team_slave_0
[  323.209046][T11633] validate_nla: 1 callbacks suppressed
[  323.209091][T11633] netlink: 'syz.2.2052': attribute type 3 has an invalid length.
[  323.277216][T11633] netlink: 'syz.2.2052': attribute type 1 has an invalid length.
[  323.319790][T11633] netlink: 116 bytes leftover after parsing attributes in process `syz.2.2052'.
[  324.127684][T11650] netlink: 'syz.2.2057': attribute type 27 has an invalid length.
[  324.136292][T11650] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2057'.
[  324.331323][T11659] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2060'.
[  325.652242][T11672] sock: sock_set_timeout: `syz.1.2066' (pid 11672) tries to set negative timeout
[  325.682764][T11672] sock: sock_set_timeout: `syz.1.2066' (pid 11672) tries to set negative timeout
[  325.715868][T11672] netlink: 199824 bytes leftover after parsing attributes in process `syz.1.2066'.
[  326.181779][T11692] netlink: 'syz.0.2072': attribute type 3 has an invalid length.
[  326.197554][T11693] netlink: 16255 bytes leftover after parsing attributes in process `syz.3.2075'.
[  326.209507][T11692] netlink: 199824 bytes leftover after parsing attributes in process `syz.0.2072'.
[  326.636605][T11701] netlink: 'syz.3.2079': attribute type 21 has an invalid length.
[  327.145649][ T5780] Bluetooth: hci1: unexpected subevent 0x01 length: 150 > 18
[  328.872166][T11756] netlink: 'syz.1.2100': attribute type 10 has an invalid length.
[  328.989606][T11761] delete_channel: no stack
[  331.019972][T11802] FAULT_INJECTION: forcing a failure.
[  331.019972][T11802] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  331.123832][T11802] CPU: 0 PID: 11802 Comm: syz.1.2117 Not tainted syzkaller #0
[  331.131332][T11802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  331.141400][T11802] Call Trace:
[  331.144777][T11802]  <TASK>
[  331.147715][T11802]  dump_stack_lvl+0x18c/0x250
[  331.152423][T11802]  ? show_regs_print_info+0x20/0x20
[  331.157634][T11802]  ? load_image+0x400/0x400
[  331.162157][T11802]  ? __might_fault+0xaa/0x120
[  331.166851][T11802]  should_fail_ex+0x39d/0x4d0
[  331.171559][T11802]  copyin+0x1a/0x90
[  331.175387][T11802]  _copy_from_iter+0x404/0x12e0
[  331.180250][T11802]  ? lock_chain_count+0x20/0x20
[  331.185118][T11802]  ? copyout_mc+0x70/0x70
[  331.189469][T11802]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  331.195649][T11802]  copy_page_from_iter+0x7b/0x100
[  331.200697][T11802]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  331.206536][T11802]  packet_sendmsg+0x3566/0x4d70
[  331.211416][T11802]  ? perf_trace_preemptirq_template+0x269/0x330
[  331.217687][T11802]  ? lock_chain_count+0x20/0x20
[  331.222551][T11802]  ? perf_trace_lock_acquire+0x104/0x410
[  331.228210][T11802]  ? aa_sk_perm+0x83c/0x970
[  331.232733][T11802]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  331.238905][T11802]  ? packet_getsockopt+0xad0/0xad0
[  331.244037][T11802]  ? replace_chunk+0x246/0x750
[  331.248814][T11802]  ? aa_sock_msg_perm+0x94/0x150
[  331.253764][T11802]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  331.259058][T11802]  ? security_socket_sendmsg+0x80/0xa0
[  331.264525][T11802]  ? packet_getsockopt+0xad0/0xad0
[  331.269655][T11802]  ____sys_sendmsg+0x5ba/0x960
[  331.274436][T11802]  ? __lock_acquire+0x7d40/0x7d40
[  331.279475][T11802]  ? __asan_memset+0x22/0x40
[  331.284078][T11802]  ? __sys_sendmsg_sock+0x30/0x30
[  331.289116][T11802]  ? __import_iovec+0x3fa/0x850
[  331.293994][T11802]  ? import_iovec+0x73/0xa0
[  331.298515][T11802]  ___sys_sendmsg+0x2a6/0x360
[  331.303214][T11802]  ? __sys_sendmsg+0x2a0/0x2a0
[  331.308046][T11802]  __se_sys_sendmsg+0x1c2/0x2b0
[  331.313088][T11802]  ? __x64_sys_sendmsg+0x80/0x80
[  331.318058][T11802]  ? syscall_enter_from_user_mode+0x2e/0x80
[  331.323964][T11802]  do_syscall_64+0x55/0xa0
[  331.328389][T11802]  ? clear_bhb_loop+0x40/0x90
[  331.333071][T11802]  ? clear_bhb_loop+0x40/0x90
[  331.337783][T11802]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  331.343683][T11802] RIP: 0033:0x7f96d419acb9
[  331.348110][T11802] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  331.367729][T11802] RSP: 002b:00007f96d4fff028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.376155][T11802] RAX: ffffffffffffffda RBX: 00007f96d4415fa0 RCX: 00007f96d419acb9
[  331.384133][T11802] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  331.392109][T11802] RBP: 00007f96d4fff090 R08: 0000000000000000 R09: 0000000000000000
[  331.400082][T11802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  331.408057][T11802] R13: 00007f96d4416038 R14: 00007f96d4415fa0 R15: 00007ffddcb09278
[  331.416051][T11802]  </TASK>
[  331.715797][T11810] netlink: 'syz.2.2121': attribute type 21 has an invalid length.
[  331.723796][T11810] netlink: 'syz.2.2121': attribute type 6 has an invalid length.
[  331.731533][T11810] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2121'.
[  331.938720][T11815] netlink: 'syz.1.2122': attribute type 3 has an invalid length.
[  331.963991][T11815] netlink: 'syz.1.2122': attribute type 1 has an invalid length.
[  331.985875][T11815] netlink: 116 bytes leftover after parsing attributes in process `syz.1.2122'.
[  332.690651][ T5087] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  332.806205][T11850] FAULT_INJECTION: forcing a failure.
[  332.806205][T11850] name failslab, interval 1, probability 0, space 0, times 0
[  332.827291][T11850] CPU: 1 PID: 11850 Comm: syz.3.2136 Not tainted syzkaller #0
[  332.834779][T11850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  332.844847][T11850] Call Trace:
[  332.848138][T11850]  <TASK>
[  332.851083][T11850]  dump_stack_lvl+0x18c/0x250
[  332.855781][T11850]  ? sctp_sendmsg+0x1575/0x28c0
[  332.860647][T11850]  ? ___sys_sendmsg+0x2a6/0x360
[  332.865523][T11850]  ? show_regs_print_info+0x20/0x20
[  332.870747][T11850]  ? load_image+0x400/0x400
[  332.875284][T11850]  should_fail_ex+0x39d/0x4d0
[  332.879996][T11850]  should_failslab+0x9/0x20
[  332.884517][T11850]  slab_pre_alloc_hook+0x59/0x310
[  332.889571][T11850]  ? sctp_add_bind_addr+0x8c/0x360
[  332.894705][T11850]  __kmem_cache_alloc_node+0x53/0x250
[  332.900104][T11850]  ? sctp_add_bind_addr+0x8c/0x360
[  332.905239][T11850]  kmalloc_trace+0x2a/0xe0
[  332.909672][T11850]  sctp_add_bind_addr+0x8c/0x360
[  332.914631][T11850]  sctp_copy_local_addr_list+0x315/0x4f0
[  332.920288][T11850]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  332.926033][T11850]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  332.932297][T11850]  ? sctp_v6_is_any+0x64/0x70
[  332.936991][T11850]  ? sctp_copy_one_addr+0x8c/0x350
[  332.942214][T11850]  sctp_bind_addr_copy+0xb3/0x3c0
[  332.947257][T11850]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  332.953615][T11850]  sctp_connect_new_asoc+0x2f9/0x6a0
[  332.958925][T11850]  ? __sctp_connect+0xd80/0xd80
[  332.963784][T11850]  ? __local_bh_enable_ip+0x13a/0x1c0
[  332.969178][T11850]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  332.974737][T11850]  ? security_sctp_bind_connect+0x89/0xb0
[  332.980473][T11850]  sctp_sendmsg+0x1575/0x28c0
[  332.985183][T11850]  ? sctp_getsockopt+0xb60/0xb60
[  332.990130][T11850]  ? aa_sk_perm+0x83c/0x970
[  332.994659][T11850]  ? aa_af_perm+0x330/0x330
[  332.999179][T11850]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  333.005606][T11850]  ? sock_rps_record_flow+0x19/0x3f0
[  333.010891][T11850]  ? inet_sendmsg+0xe9/0x2f0
[  333.015474][T11850]  ? inet_send_prepare+0x260/0x260
[  333.020577][T11850]  ____sys_sendmsg+0x5ba/0x960
[  333.025336][T11850]  ? __lock_acquire+0x7d40/0x7d40
[  333.030356][T11850]  ? __sys_sendmsg_sock+0x30/0x30
[  333.035375][T11850]  ? __import_iovec+0x5f2/0x850
[  333.040223][T11850]  ? import_iovec+0x73/0xa0
[  333.044719][T11850]  ___sys_sendmsg+0x2a6/0x360
[  333.049388][T11850]  ? get_pid_task+0x20/0x1e0
[  333.053971][T11850]  ? __sys_sendmsg+0x2a0/0x2a0
[  333.058743][T11850]  ? __lock_acquire+0x7d40/0x7d40
[  333.063775][T11850]  __se_sys_sendmsg+0x1c2/0x2b0
[  333.068623][T11850]  ? __x64_sys_sendmsg+0x80/0x80
[  333.073570][T11850]  ? lockdep_hardirqs_on+0x98/0x150
[  333.078760][T11850]  do_syscall_64+0x55/0xa0
[  333.083171][T11850]  ? clear_bhb_loop+0x40/0x90
[  333.087834][T11850]  ? clear_bhb_loop+0x40/0x90
[  333.092502][T11850]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  333.098383][T11850] RIP: 0033:0x7f53f919acb9
[  333.102790][T11850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  333.122385][T11850] RSP: 002b:00007f53fa06c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  333.130787][T11850] RAX: ffffffffffffffda RBX: 00007f53f9415fa0 RCX: 00007f53f919acb9
[  333.138748][T11850] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  333.146707][T11850] RBP: 00007f53fa06c090 R08: 0000000000000000 R09: 0000000000000000
[  333.154666][T11850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  333.162620][T11850] R13: 00007f53f9416038 R14: 00007f53f9415fa0 R15: 00007fff2d5c3868
[  333.170591][T11850]  </TASK>
[  333.450863][T11869] netlink: 'syz.2.2150': attribute type 39 has an invalid length.
[  333.537481][T11873] netlink: 'syz.3.2143': attribute type 3 has an invalid length.
[  333.559736][T11873] netlink: 'syz.3.2143': attribute type 1 has an invalid length.
[  333.582215][T11873] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2143'.
[  333.642975][ T5087] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  333.777333][T11881] netlink: 'syz.0.2147': attribute type 10 has an invalid length.
[  334.418251][ T5087] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  334.475835][T11916] FAULT_INJECTION: forcing a failure.
[  334.475835][T11916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.546234][T11916] CPU: 1 PID: 11916 Comm: syz.3.2161 Not tainted syzkaller #0
[  334.553833][T11916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  334.563990][T11916] Call Trace:
[  334.567362][T11916]  <TASK>
[  334.570391][T11916]  dump_stack_lvl+0x18c/0x250
[  334.575238][T11916]  ? show_regs_print_info+0x20/0x20
[  334.580565][T11916]  ? load_image+0x400/0x400
[  334.585215][T11916]  ? __might_fault+0xaa/0x120
[  334.590012][T11916]  ? __lock_acquire+0x7d40/0x7d40
[  334.595131][T11916]  ? tomoyo_path_number_perm+0x5b4/0x620
[  334.600922][T11916]  should_fail_ex+0x39d/0x4d0
[  334.605764][T11916]  _copy_from_user+0x2f/0xe0
[  334.610520][T11916]  wext_handle_ioctl+0xc8/0x1d0
[  334.615530][T11916]  ? call_commit_handler+0xf0/0xf0
[  334.620915][T11916]  sock_ioctl+0x15d/0x7e0
[  334.625386][T11916]  ? sock_poll+0x3e0/0x3e0
[  334.630034][T11916]  ? bpf_lsm_file_ioctl+0x9/0x10
[  334.635084][T11916]  ? security_file_ioctl+0x80/0xa0
[  334.640321][T11916]  ? sock_poll+0x3e0/0x3e0
[  334.644860][T11916]  __se_sys_ioctl+0xfd/0x170
[  334.649594][T11916]  do_syscall_64+0x55/0xa0
[  334.654116][T11916]  ? clear_bhb_loop+0x40/0x90
[  334.658895][T11916]  ? clear_bhb_loop+0x40/0x90
[  334.663696][T11916]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  334.669689][T11916] RIP: 0033:0x7f53f919acb9
[  334.674224][T11916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  334.693938][T11916] RSP: 002b:00007f53fa06c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  334.702496][T11916] RAX: ffffffffffffffda RBX: 00007f53f9415fa0 RCX: 00007f53f919acb9
[  334.710569][T11916] RDX: 0000200000000000 RSI: 0000000000008b28 RDI: 0000000000000006
[  334.718643][T11916] RBP: 00007f53fa06c090 R08: 0000000000000000 R09: 0000000000000000
[  334.726713][T11916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.734779][T11916] R13: 00007f53f9416038 R14: 00007f53f9415fa0 R15: 00007fff2d5c3868
[  334.743001][T11916]  </TASK>
[  335.182495][T11931] netlink: 140 bytes leftover after parsing attributes in process `syz.2.2168'.
[  335.459172][ T5087] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  335.974716][T11951] netlink: 'syz.0.2176': attribute type 10 has an invalid length.
[  335.992315][T11951] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2176'.
[  336.009360][T11951] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  336.407072][T11950] delete_channel: no stack
[  336.408653][T11964] netlink: 'syz.3.2180': attribute type 1 has an invalid length.
[  336.425272][T11964] netlink: 'syz.3.2180': attribute type 4 has an invalid length.
[  336.456165][T11964] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.2180'.
[  336.663212][ T5087] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  337.185839][T11985] netlink: 'syz.3.2189': attribute type 13 has an invalid length.
[  337.202345][T11985] macvtap0: refused to change device tx_queue_len
[  337.293917][T11987] netlink: 'syz.1.2190': attribute type 21 has an invalid length.
[  337.407968][T11989] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2191'.
[  337.483686][T11997] netlink: 'syz.0.2195': attribute type 10 has an invalid length.
[  337.763196][T12010] netpci0: tun_chr_ioctl cmd 2147767511
[  338.040873][T12022] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2204'.
[  338.264618][T12028] netlink: 'syz.0.2207': attribute type 2 has an invalid length.
[  338.272656][T12028] netlink: 130044 bytes leftover after parsing attributes in process `syz.0.2207'.
[  339.131371][T12059] FAULT_INJECTION: forcing a failure.
[  339.131371][T12059] name failslab, interval 1, probability 0, space 0, times 0
[  339.183694][T12059] CPU: 0 PID: 12059 Comm: syz.2.2217 Not tainted syzkaller #0
[  339.191205][T12059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  339.194882][T12062] netlink: 'syz.3.2218': attribute type 3 has an invalid length.
[  339.201253][T12059] Call Trace:
[  339.201264][T12059]  <TASK>
[  339.201271][T12059]  dump_stack_lvl+0x18c/0x250
[  339.201298][T12059]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  339.226005][T12059]  ? show_regs_print_info+0x20/0x20
[  339.231207][T12059]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  339.237378][T12059]  should_fail_ex+0x39d/0x4d0
[  339.242067][T12059]  should_failslab+0x9/0x20
[  339.246568][T12059]  slab_pre_alloc_hook+0x59/0x310
[  339.251595][T12059]  kmem_cache_alloc+0x5a/0x2d0
[  339.256355][T12059]  ? security_inode_alloc+0x34/0x110
[  339.261653][T12059]  security_inode_alloc+0x34/0x110
[  339.266773][T12059]  inode_init_always+0x8fc/0xc90
[  339.271699][T12059]  ? new_inode_pseudo+0x82/0x1d0
[  339.276627][T12059]  new_inode_pseudo+0x95/0x1d0
[  339.281379][T12059]  ? __ns_get_path+0x2c/0x640
[  339.286046][T12059]  __ns_get_path+0x24d/0x640
[  339.290630][T12059]  ? _raw_spin_unlock+0x28/0x40
[  339.295474][T12059]  ns_get_path+0x54/0x90
[  339.299709][T12059]  proc_ns_get_link+0xf8/0x240
[  339.304466][T12059]  ? proc_ns_instantiate+0xf0/0xf0
[  339.309568][T12059]  ? try_to_unlazy+0x34c/0x5a0
[  339.314326][T12059]  ? proc_ns_instantiate+0xf0/0xf0
[  339.319425][T12059]  pick_link+0x666/0xdd0
[  339.323662][T12059]  step_into+0xc4d/0xf20
[  339.327898][T12059]  ? pid_revalidate+0x22/0x260
[  339.332661][T12059]  ? pid_revalidate+0x22/0x260
[  339.337415][T12059]  ? set_root+0x3a0/0x3a0
[  339.341733][T12059]  ? lookup_fast+0x4a2/0x4d0
[  339.346316][T12059]  path_openat+0x1714/0x3230
[  339.350894][T12059]  ? trace_call_bpf+0xc3/0x6c0
[  339.355659][T12059]  ? do_sys_openat2+0xda/0x1d0
[  339.360415][T12059]  ? do_filp_open+0x430/0x430
[  339.365081][T12059]  ? mark_lock+0x94/0x320
[  339.369403][T12059]  do_filp_open+0x1f5/0x430
[  339.373896][T12059]  ? vfs_tmpfile+0x490/0x490
[  339.378484][T12059]  ? _raw_spin_unlock+0x28/0x40
[  339.383321][T12059]  ? alloc_fd+0x58f/0x630
[  339.387649][T12059]  do_sys_openat2+0x134/0x1d0
[  339.392320][T12059]  ? do_sys_open+0xe0/0xe0
[  339.396730][T12059]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  339.402878][T12059]  __x64_sys_openat+0x139/0x160
[  339.407720][T12059]  do_syscall_64+0x55/0xa0
[  339.412125][T12059]  ? clear_bhb_loop+0x40/0x90
[  339.416789][T12059]  ? clear_bhb_loop+0x40/0x90
[  339.421453][T12059]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  339.427338][T12059] RIP: 0033:0x7f914c95b58e
[  339.431743][T12059] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  339.451337][T12059] RSP: 002b:00007f914d810ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  339.459741][T12059] RAX: ffffffffffffffda RBX: 00007f914d8116c0 RCX: 00007f914c95b58e
[  339.467700][T12059] RDX: 0000000000000000 RSI: 00007f914d810f90 RDI: ffffffffffffff9c
[  339.475674][T12059] RBP: 00007f914d811090 R08: 0000000000000000 R09: 0000000000000000
[  339.483641][T12059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  339.491605][T12059] R13: 00007f914cc16038 R14: 00007f914cc15fa0 R15: 00007ffef65f0178
[  339.499583][T12059]  </TASK>
[  339.513127][T12062] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2218'.
[  339.529897][T12062] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  339.689593][T12072] sctp: [Deprecated]: syz.1.2221 (pid 12072) Use of int in maxseg socket option.
[  339.689593][T12072] Use struct sctp_assoc_value instead
[  340.104603][ T5087] Bluetooth: hci1: unexpected event 0x05 length: 151 > 4
[  340.111244][T12085] FAULT_INJECTION: forcing a failure.
[  340.111244][T12085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.132192][T12085] CPU: 0 PID: 12085 Comm: syz.2.2226 Not tainted syzkaller #0
[  340.139691][T12085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  340.149759][T12085] Call Trace:
[  340.153035][T12085]  <TASK>
[  340.155962][T12085]  dump_stack_lvl+0x18c/0x250
[  340.160643][T12085]  ? show_regs_print_info+0x20/0x20
[  340.165839][T12085]  ? load_image+0x400/0x400
[  340.170344][T12085]  ? __might_fault+0xaa/0x120
[  340.175017][T12085]  ? __lock_acquire+0x7d40/0x7d40
[  340.180050][T12085]  should_fail_ex+0x39d/0x4d0
[  340.184784][T12085]  _copy_to_user+0x2f/0xa0
[  340.189226][T12085]  generic_map_lookup_batch+0x860/0xc60
[  340.194830][T12085]  ? bpf_map_update_value+0x720/0x720
[  340.200224][T12085]  ? __fdget+0x180/0x210
[  340.204469][T12085]  ? bpf_map_update_value+0x720/0x720
[  340.209833][T12085]  bpf_map_do_batch+0x2cb/0x610
[  340.214681][T12085]  ? bpf_lsm_bpf+0x9/0x10
[  340.219007][T12085]  ? security_bpf+0x7e/0xa0
[  340.223515][T12085]  __sys_bpf+0x7d7/0x890
[  340.227761][T12085]  ? bpf_link_show_fdinfo+0x390/0x390
[  340.233155][T12085]  ? lock_chain_count+0x20/0x20
[  340.238035][T12085]  __x64_sys_bpf+0x7c/0x90
[  340.242467][T12085]  do_syscall_64+0x55/0xa0
[  340.246918][T12085]  ? clear_bhb_loop+0x40/0x90
[  340.251610][T12085]  ? clear_bhb_loop+0x40/0x90
[  340.256294][T12085]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  340.262184][T12085] RIP: 0033:0x7f914c99acb9
[  340.266593][T12085] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  340.286200][T12085] RSP: 002b:00007f914d811028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  340.294610][T12085] RAX: ffffffffffffffda RBX: 00007f914cc15fa0 RCX: 00007f914c99acb9
[  340.302588][T12085] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[  340.310566][T12085] RBP: 00007f914d811090 R08: 0000000000000000 R09: 0000000000000000
[  340.318534][T12085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  340.326504][T12085] R13: 00007f914cc16038 R14: 00007f914cc15fa0 R15: 00007ffef65f0178
[  340.334505][T12085]  </TASK>
[  340.434174][T12089] netlink: 'syz.1.2228': attribute type 10 has an invalid length.
[  340.442016][T12089] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2228'.
[  340.594987][ T5087] Bluetooth: hci2: unexpected event 0x23 length: 15 > 13
[  340.724227][T12108] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2230'.
[  340.946962][ T5087] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  341.596596][T12125] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2240'.
[  342.239785][ T5087] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  342.847765][T12159] netlink: 'syz.3.2252': attribute type 41 has an invalid length.
[  342.867417][T12159] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2252'.
[  343.331485][ T5087] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  344.251578][T12183] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.2259'.
[  344.593773][ T5087] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  345.109346][ T5087] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  345.295603][T12218] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.2273'.
[  345.433748][T12230] netlink: 'syz.2.2275': attribute type 10 has an invalid length.
[  347.125579][T12247] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2282'.
[  347.226020][T12247] netlink: 'syz.2.2282': attribute type 21 has an invalid length.
[  347.235632][ T5087] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  347.243989][T12247] netlink: 'syz.2.2282': attribute type 6 has an invalid length.
[  347.262692][T12247] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2282'.
[  347.755863][T12267] netlink: 'syz.2.2290': attribute type 21 has an invalid length.
[  347.766047][T12267] netlink: 'syz.2.2290': attribute type 6 has an invalid length.
[  347.774080][T12267] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2290'.
[  347.841259][T12265] FAULT_INJECTION: forcing a failure.
[  347.841259][T12265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.895139][T12265] CPU: 1 PID: 12265 Comm: syz.0.2289 Not tainted syzkaller #0
[  347.902646][T12265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  347.912713][T12265] Call Trace:
[  347.916002][T12265]  <TASK>
[  347.918939][T12265]  dump_stack_lvl+0x18c/0x250
[  347.923642][T12265]  ? show_regs_print_info+0x20/0x20
[  347.928864][T12265]  ? load_image+0x400/0x400
[  347.933390][T12265]  ? __might_fault+0xaa/0x120
[  347.938084][T12265]  should_fail_ex+0x39d/0x4d0
[  347.942799][T12265]  copyin+0x1a/0x90
[  347.946626][T12265]  _copy_from_iter+0x404/0x12e0
[  347.951490][T12265]  ? copyin+0x70/0x90
[  347.955480][T12265]  ? copyout_mc+0x70/0x70
[  347.959830][T12265]  ? copyout_mc+0x70/0x70
[  347.964186][T12265]  ? __virt_addr_valid+0x18c/0x540
[  347.969314][T12265]  ? page_copy_sane+0x16a/0x270
[  347.974181][T12265]  copy_page_from_iter+0x7b/0x100
[  347.979214][T12265]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  347.985023][T12265]  packet_sendmsg+0x3566/0x4d70
[  347.989882][T12265]  ? verify_lock_unused+0x140/0x140
[  347.995074][T12265]  ? verify_lock_unused+0x140/0x140
[  348.000272][T12265]  ? aa_sk_perm+0x83c/0x970
[  348.004773][T12265]  ? packet_getsockopt+0xad0/0xad0
[  348.009881][T12265]  ? aa_sock_msg_perm+0x94/0x150
[  348.014812][T12265]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  348.020089][T12265]  ? security_socket_sendmsg+0x80/0xa0
[  348.025541][T12265]  ? packet_getsockopt+0xad0/0xad0
[  348.030646][T12265]  ____sys_sendmsg+0x5ba/0x960
[  348.035402][T12265]  ? __lock_acquire+0x7d40/0x7d40
[  348.040416][T12265]  ? __asan_memset+0x22/0x40
[  348.044996][T12265]  ? __sys_sendmsg_sock+0x30/0x30
[  348.050015][T12265]  ? __import_iovec+0x3fa/0x850
[  348.054862][T12265]  ? import_iovec+0x73/0xa0
[  348.059358][T12265]  ___sys_sendmsg+0x2a6/0x360
[  348.064036][T12265]  ? __sys_sendmsg+0x2a0/0x2a0
[  348.068805][T12265]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  348.075048][T12265]  __se_sys_sendmsg+0x1c2/0x2b0
[  348.079892][T12265]  ? __x64_sys_sendmsg+0x80/0x80
[  348.084836][T12265]  ? lockdep_hardirqs_on+0x98/0x150
[  348.090024][T12265]  do_syscall_64+0x55/0xa0
[  348.094431][T12265]  ? clear_bhb_loop+0x40/0x90
[  348.099103][T12265]  ? clear_bhb_loop+0x40/0x90
[  348.103790][T12265]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  348.109667][T12265] RIP: 0033:0x7fdc1019acb9
[  348.114068][T12265] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  348.133666][T12265] RSP: 002b:00007fdc11051028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.142065][T12265] RAX: ffffffffffffffda RBX: 00007fdc10415fa0 RCX: 00007fdc1019acb9
[  348.150027][T12265] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  348.157983][T12265] RBP: 00007fdc11051090 R08: 0000000000000000 R09: 0000000000000000
[  348.165939][T12265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  348.173900][T12265] R13: 00007fdc10416038 R14: 00007fdc10415fa0 R15: 00007ffcb6655db8
[  348.181874][T12265]  </TASK>
[  348.318263][ T5087] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  349.139398][T12304] FAULT_INJECTION: forcing a failure.
[  349.139398][T12304] name failslab, interval 1, probability 0, space 0, times 0
[  349.173564][ T5087] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  349.196526][T12304] CPU: 0 PID: 12304 Comm: syz.2.2307 Not tainted syzkaller #0
[  349.211031][T12304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  349.221074][T12304] Call Trace:
[  349.224342][T12304]  <TASK>
[  349.227269][T12304]  dump_stack_lvl+0x18c/0x250
[  349.231937][T12304]  ? sctp_sendmsg+0x1575/0x28c0
[  349.236770][T12304]  ? ___sys_sendmsg+0x2a6/0x360
[  349.241638][T12304]  ? show_regs_print_info+0x20/0x20
[  349.246852][T12304]  ? load_image+0x400/0x400
[  349.251367][T12304]  should_fail_ex+0x39d/0x4d0
[  349.256043][T12304]  should_failslab+0x9/0x20
[  349.260537][T12304]  slab_pre_alloc_hook+0x59/0x310
[  349.265559][T12304]  ? sctp_add_bind_addr+0x8c/0x360
[  349.270667][T12304]  __kmem_cache_alloc_node+0x53/0x250
[  349.276035][T12304]  ? sctp_add_bind_addr+0x8c/0x360
[  349.281153][T12304]  kmalloc_trace+0x2a/0xe0
[  349.285571][T12304]  sctp_add_bind_addr+0x8c/0x360
[  349.290503][T12304]  sctp_copy_local_addr_list+0x315/0x4f0
[  349.296134][T12304]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  349.301846][T12304]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  349.307908][T12304]  ? sctp_v6_is_any+0x64/0x70
[  349.312575][T12304]  ? sctp_copy_one_addr+0x8c/0x350
[  349.317681][T12304]  sctp_bind_addr_copy+0xb3/0x3c0
[  349.322699][T12304]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  349.329020][T12304]  sctp_connect_new_asoc+0x2f9/0x6a0
[  349.334298][T12304]  ? __sctp_connect+0xd80/0xd80
[  349.339145][T12304]  ? __local_bh_enable_ip+0x13a/0x1c0
[  349.344511][T12304]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  349.350045][T12304]  ? security_sctp_bind_connect+0x89/0xb0
[  349.355762][T12304]  sctp_sendmsg+0x1575/0x28c0
[  349.360439][T12304]  ? sctp_getsockopt+0xb60/0xb60
[  349.365367][T12304]  ? aa_sk_perm+0x83c/0x970
[  349.369871][T12304]  ? aa_af_perm+0x330/0x330
[  349.374365][T12304]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  349.380774][T12304]  ? sock_rps_record_flow+0x19/0x3f0
[  349.386054][T12304]  ? inet_sendmsg+0xe9/0x2f0
[  349.390634][T12304]  ? inet_send_prepare+0x260/0x260
[  349.395737][T12304]  ____sys_sendmsg+0x5ba/0x960
[  349.400494][T12304]  ? __lock_acquire+0x7d40/0x7d40
[  349.405513][T12304]  ? __sys_sendmsg_sock+0x30/0x30
[  349.410527][T12304]  ? __import_iovec+0x5f2/0x850
[  349.415377][T12304]  ? import_iovec+0x73/0xa0
[  349.419878][T12304]  ___sys_sendmsg+0x2a6/0x360
[  349.424545][T12304]  ? get_pid_task+0x20/0x1e0
[  349.429127][T12304]  ? __sys_sendmsg+0x2a0/0x2a0
[  349.433901][T12304]  ? __lock_acquire+0x7d40/0x7d40
[  349.438938][T12304]  __se_sys_sendmsg+0x1c2/0x2b0
[  349.443788][T12304]  ? __x64_sys_sendmsg+0x80/0x80
[  349.448729][T12304]  ? lockdep_hardirqs_on+0x98/0x150
[  349.453918][T12304]  do_syscall_64+0x55/0xa0
[  349.458327][T12304]  ? clear_bhb_loop+0x40/0x90
[  349.462992][T12304]  ? clear_bhb_loop+0x40/0x90
[  349.467656][T12304]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  349.473539][T12304] RIP: 0033:0x7f914c99acb9
[  349.477945][T12304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  349.497542][T12304] RSP: 002b:00007f914d811028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.505946][T12304] RAX: ffffffffffffffda RBX: 00007f914cc15fa0 RCX: 00007f914c99acb9
[  349.513905][T12304] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  349.521882][T12304] RBP: 00007f914d811090 R08: 0000000000000000 R09: 0000000000000000
[  349.529859][T12304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  349.537829][T12304] R13: 00007f914cc16038 R14: 00007f914cc15fa0 R15: 00007ffef65f0178
[  349.545813][T12304]  </TASK>
[  349.869230][T12317] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2313'.
[  349.920888][T12325] netlink: 'syz.1.2312': attribute type 10 has an invalid length.
[  349.998116][T12320] wg2: entered allmulticast mode
[  350.018115][T12327] netlink: 'syz.0.2315': attribute type 10 has an invalid length.
[  350.086754][T12322] wg2: entered promiscuous mode
[  350.111476][T12317] netlink: 'syz.3.2313': attribute type 21 has an invalid length.
[  350.133784][T12317] netlink: 'syz.3.2313': attribute type 6 has an invalid length.
[  350.163958][T12317] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2313'.
[  350.229733][T12333] FAULT_INJECTION: forcing a failure.
[  350.229733][T12333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  350.243197][T12333] CPU: 0 PID: 12333 Comm: syz.0.2317 Not tainted syzkaller #0
[  350.250694][T12333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  350.260752][T12333] Call Trace:
[  350.264044][T12333]  <TASK>
[  350.266993][T12333]  dump_stack_lvl+0x18c/0x250
[  350.271676][T12333]  ? show_regs_print_info+0x20/0x20
[  350.276876][T12333]  ? load_image+0x400/0x400
[  350.281412][T12333]  ? __lock_acquire+0x7d40/0x7d40
[  350.286471][T12333]  ? snprintf+0xe9/0x140
[  350.290734][T12333]  should_fail_ex+0x39d/0x4d0
[  350.295436][T12333]  _copy_to_user+0x2f/0xa0
[  350.299865][T12333]  simple_read_from_buffer+0xe7/0x150
[  350.305434][T12333]  proc_fail_nth_read+0x1e8/0x260
[  350.310474][T12333]  ? proc_fault_inject_write+0x360/0x360
[  350.316125][T12333]  ? fsnotify_perm+0x271/0x5e0
[  350.320908][T12333]  ? proc_fault_inject_write+0x360/0x360
[  350.326552][T12333]  vfs_read+0x28b/0x970
[  350.330731][T12333]  ? kernel_read+0x1e0/0x1e0
[  350.335338][T12333]  ? __fget_files+0x28/0x4b0
[  350.339936][T12333]  ? __fget_files+0x28/0x4b0
[  350.344539][T12333]  ? __fget_files+0x43d/0x4b0
[  350.349247][T12333]  ? __fdget_pos+0x2a3/0x330
[  350.353843][T12333]  ? ksys_read+0x75/0x260
[  350.358187][T12333]  ksys_read+0x150/0x260
[  350.362451][T12333]  ? vfs_write+0x990/0x990
[  350.366886][T12333]  ? lockdep_hardirqs_on+0x98/0x150
[  350.372098][T12333]  do_syscall_64+0x55/0xa0
[  350.376522][T12333]  ? clear_bhb_loop+0x40/0x90
[  350.381204][T12333]  ? clear_bhb_loop+0x40/0x90
[  350.385897][T12333]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  350.391796][T12333] RIP: 0033:0x7fdc1015b58e
[  350.396225][T12333] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  350.416099][T12333] RSP: 002b:00007fdc11050fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  350.424625][T12333] RAX: ffffffffffffffda RBX: 00007fdc110516c0 RCX: 00007fdc1015b58e
[  350.432622][T12333] RDX: 000000000000000f RSI: 00007fdc110510a0 RDI: 0000000000000008
[  350.440621][T12333] RBP: 00007fdc11051090 R08: 0000000000000000 R09: 0000000000000000
[  350.448608][T12333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.456593][T12333] R13: 00007fdc10416038 R14: 00007fdc10415fa0 R15: 00007ffcb6655db8
[  350.464641][T12333]  </TASK>
[  350.574279][ T5087] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  351.120374][T12360] netlink: 211 bytes leftover after parsing attributes in process `syz.3.2327'.
[  351.552946][ T5087] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  351.888164][T12380] netlink: 'syz.1.2335': attribute type 10 has an invalid length.
[  351.903673][T12380] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2335'.
[  352.109259][ T5780] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  352.118872][ T5780] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  352.127570][ T5780] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  352.145903][ T5780] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  352.153968][ T5780] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  352.161392][ T5780] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  352.291835][T12382] chnl_net:caif_netlink_parms(): no params data found
[  352.356951][ T1091] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.385962][T12382] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.393146][T12382] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.401536][T12382] bridge_slave_0: entered allmulticast mode
[  352.409647][T12382] bridge_slave_0: entered promiscuous mode
[  352.417328][T12382] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.424768][T12382] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.432248][T12382] bridge_slave_1: entered allmulticast mode
[  352.439211][T12382] bridge_slave_1: entered promiscuous mode
[  352.458145][ T1091] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.488264][T12382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.503073][T12382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  352.552837][ T1091] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.581519][T12382] team0: Port device team_slave_0 added
[  352.591932][T12382] team0: Port device team_slave_1 added
[  352.632450][ T1091] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.699200][T12382] batman_adv: batadv0: Adding interface: batadv_slave_0
[  352.728317][T12382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.813739][T12382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.830667][T12382] batman_adv: batadv0: Adding interface: batadv_slave_1
[  352.852677][T12382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.881270][T12382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  352.930431][T12399] netlink: 'syz.1.2340': attribute type 10 has an invalid length.
[  353.090210][T12382] hsr_slave_0: entered promiscuous mode
[  353.125866][T12382] hsr_slave_1: entered promiscuous mode
[  353.336979][ T5087] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  353.389605][T12411] netlink: 'syz.2.2344': attribute type 13 has an invalid length.
[  353.438964][T12411] macvtap0: refused to change device tx_queue_len
[  353.890007][T12430] netlink: 'syz.2.2348': attribute type 10 has an invalid length.
[  353.899876][T12430] bridge0: port 4(bond0) entered blocking state
[  353.906304][T12430] bridge0: port 4(bond0) entered forwarding state
[  353.913046][T12430] bridge0: port 3(team0) entered blocking state
[  353.919458][T12430] bridge0: port 3(team0) entered forwarding state
[  353.926178][T12430] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.934035][T12430] bridge0: port 2(bridge_slave_1) entered forwarding state
[  353.941518][T12430] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.948765][T12430] bridge0: port 1(bridge_slave_0) entered forwarding state
[  354.029014][T12430] bridge0: port 4(bond0) entered disabled state
[  354.035543][T12430] bridge0: port 3(team0) entered disabled state
[  354.042156][T12430] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.049417][T12430] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.260282][ T5087] Bluetooth: hci4: command tx timeout
[  354.607822][ T5087] Bluetooth: hci1: unexpected event 0x05 length: 151 > 4
[  355.855305][T12382] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  355.921088][T12382] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  356.158528][T12382] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  356.335095][ T5087] Bluetooth: hci4: command tx timeout
[  356.424134][ T5087] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  356.495276][T12382] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  357.876170][T12532] netlink: 'syz.3.2368': attribute type 21 has an invalid length.
[  357.890490][T12532] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2368'.
[  357.902023][T12532] netlink: 'syz.3.2368': attribute type 4 has an invalid length.
[  357.910090][T12532] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2368'.
[  358.046036][ T1091] hsr_slave_1: left promiscuous mode
[  358.137777][ T1091] veth1_macvtap: left promiscuous mode
[  358.154440][ T1091] veth0_macvtap: left promiscuous mode
[  358.163659][ T1091] veth1_vlan: left promiscuous mode
[  358.413596][ T5087] Bluetooth: hci4: command tx timeout
[  359.574638][T12571] netlink: 'syz.3.2376': attribute type 2 has an invalid length.
[  359.582409][T12571] netlink: 'syz.3.2376': attribute type 1 has an invalid length.
[  359.602922][T12571] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2376'.
[  360.415552][T12382] 8021q: adding VLAN 0 to HW filter on device bond0
[  360.491983][T12382] 8021q: adding VLAN 0 to HW filter on device team0
[  360.503513][ T5087] Bluetooth: hci4: command tx timeout
[  360.557518][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.564724][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  360.634545][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.642082][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  360.661200][ T5087] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  361.086605][T12382] 8021q: adding VLAN 0 to HW filter on device batadv0
[  361.245057][T12382] veth0_vlan: entered promiscuous mode
[  361.285452][T12382] veth1_vlan: entered promiscuous mode
[  361.400248][T12382] veth0_macvtap: entered promiscuous mode
[  361.410782][T12382] veth1_macvtap: entered promiscuous mode
[  361.430775][T12382] batman_adv: batadv0: Interface activated: batadv_slave_0
[  361.442094][T12382] batman_adv: batadv0: Interface activated: batadv_slave_1
[  361.467326][T12382] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.477577][T12382] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.505082][T12382] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.524554][T12382] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.725407][ T5087] Bluetooth: hci3: unexpected event 0x05 length: 151 > 4
[  361.774613][ T5944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.784939][ T5944] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.869002][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.898709][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.950547][T12624] netlink: set zone limit has 8 unknown bytes
[  362.132405][T12628] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2334'.
[  362.633703][ T5087] Bluetooth: hci1: unexpected event 0x05 length: 151 > 4
[  362.831138][ T5780] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  362.853323][ T5780] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  362.869627][ T5780] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  362.912454][ T5780] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  362.943354][ T5780] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  362.959258][ T5780] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  363.255736][T12646] chnl_net:caif_netlink_parms(): no params data found
[  363.370012][T12646] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.393209][T12646] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.403393][T12646] bridge_slave_0: entered allmulticast mode
[  363.411180][T12646] bridge_slave_0: entered promiscuous mode
[  363.564025][T12646] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.579444][T12646] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.602342][T12660] netlink: 'syz.0.2404': attribute type 27 has an invalid length.
[  363.602508][T12646] bridge_slave_1: entered allmulticast mode
[  363.620296][T12658] netlink: 'syz.1.2402': attribute type 1 has an invalid length.
[  363.641034][T12660] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2404'.
[  363.655234][T12658] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.2402'.
[  363.664824][T12646] bridge_slave_1: entered promiscuous mode
[  363.719960][T12646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.736474][T12660] netlink: 'syz.0.2404': attribute type 21 has an invalid length.
[  363.818094][   T42] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.858436][T12646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  363.886143][T12668] netlink: 'syz.1.2406': attribute type 3 has an invalid length.
[  363.921236][T12668] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2406'.
[  363.981425][   T42] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.001039][T12665] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2406'.
[  364.021566][T12646] team0: Port device team_slave_0 added
[  364.081648][   T42] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.129927][T12646] team0: Port device team_slave_1 added
[  364.200822][   T42] bond0: (slave netdevsim0): Releasing backup interface
[  364.220262][   T42] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[  364.243837][   T42] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[  364.262122][   T42] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.344747][T12646] batman_adv: batadv0: Adding interface: batadv_slave_0
[  364.351726][T12646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.412814][T12646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  364.459806][T12646] batman_adv: batadv0: Adding interface: batadv_slave_1
[  364.469155][T12646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.499594][T12646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  364.696859][T12646] hsr_slave_0: entered promiscuous mode
[  364.716727][T12646] hsr_slave_1: entered promiscuous mode
[  364.730843][T12646] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  364.743329][T12646] Cannot create hsr debugfs directory
[  365.184548][T12714] netlink: 'syz.3.2421': attribute type 10 has an invalid length.
[  365.456106][ T5087] Bluetooth: hci0: command tx timeout
[  365.847845][T12731] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2425'.
[  366.318364][T12646] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  366.339968][T12646] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  366.385286][T12646] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  366.502541][T12646] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  366.950833][   T42] bond0: (slave wlan1): Releasing backup interface
[  367.018919][   T42] mac80211_hwsim hwsim3 wlan1 (unregistering): left promiscuous mode
[  367.544062][ T5087] Bluetooth: hci0: command tx timeout
[  368.384438][   T42] bond0: left allmulticast mode
[  368.398067][   T42] bond_slave_1: left allmulticast mode
[  368.419866][   T42] bridge0: port 4(bond0) entered disabled state
[  368.455444][   T42] bridge0: port 3(team0) entered disabled state
[  368.488430][   T42] bridge_slave_1: left allmulticast mode
[  368.510953][   T42] bridge_slave_1: left promiscuous mode
[  368.527224][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.583278][   T42] bridge_slave_0: left allmulticast mode
[  368.599547][   T42] bridge_slave_0: left promiscuous mode
[  368.625628][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.705664][   T42] veth1_macvtap: left promiscuous mode
[  368.716449][   T42] veth0_macvtap: left promiscuous mode
[  369.441386][   T42] team_slave_1 (unregistering): left promiscuous mode
[  369.452772][   T42] team_slave_1 (unregistering): left allmulticast mode
[  369.471512][   T42] team0 (unregistering): Port device team_slave_1 removed
[  369.538519][   T42] C (unregistering): left promiscuous mode
[  369.545712][   T42] C (unregistering): left allmulticast mode
[  369.557852][   T42] team0 (unregistering): Port device C removed
[  369.620276][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  369.632777][ T5087] Bluetooth: hci0: command tx timeout
[  369.633366][   T42] bond_slave_1 (unregistering): left promiscuous mode
[  369.791083][T12789] FAULT_INJECTION: forcing a failure.
[  369.791083][T12789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  369.809087][T12789] CPU: 1 PID: 12789 Comm: syz.3.2436 Not tainted syzkaller #0
[  369.816588][T12789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  369.826654][T12789] Call Trace:
[  369.829932][T12789]  <TASK>
[  369.832860][T12789]  dump_stack_lvl+0x18c/0x250
[  369.837558][T12789]  ? show_regs_print_info+0x20/0x20
[  369.842754][T12789]  ? load_image+0x400/0x400
[  369.847249][T12789]  ? __might_fault+0xaa/0x120
[  369.851919][T12789]  should_fail_ex+0x39d/0x4d0
[  369.856593][T12789]  copyin+0x1a/0x90
[  369.860393][T12789]  _copy_from_iter+0x404/0x12e0
[  369.865235][T12789]  ? copyin+0x70/0x90
[  369.869213][T12789]  ? copyout_mc+0x70/0x70
[  369.873538][T12789]  ? copyout_mc+0x70/0x70
[  369.877867][T12789]  ? __virt_addr_valid+0x18c/0x540
[  369.882971][T12789]  ? page_copy_sane+0x16a/0x270
[  369.887817][T12789]  copy_page_from_iter+0x7b/0x100
[  369.892834][T12789]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  369.898635][T12789]  packet_sendmsg+0x3566/0x4d70
[  369.903500][T12789]  ? verify_lock_unused+0x140/0x140
[  369.908691][T12789]  ? mark_lock+0x94/0x320
[  369.913009][T12789]  ? __lock_acquire+0x1273/0x7d40
[  369.918022][T12789]  ? verify_lock_unused+0x140/0x140
[  369.923217][T12789]  ? aa_sk_perm+0x83c/0x970
[  369.927717][T12789]  ? packet_getsockopt+0xad0/0xad0
[  369.932825][T12789]  ? aa_sock_msg_perm+0x94/0x150
[  369.937752][T12789]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  369.943028][T12789]  ? security_socket_sendmsg+0x80/0xa0
[  369.948477][T12789]  ? packet_getsockopt+0xad0/0xad0
[  369.953581][T12789]  ____sys_sendmsg+0x5ba/0x960
[  369.958338][T12789]  ? __lock_acquire+0x7d40/0x7d40
[  369.963353][T12789]  ? __asan_memset+0x22/0x40
[  369.967931][T12789]  ? __sys_sendmsg_sock+0x30/0x30
[  369.972945][T12789]  ? __import_iovec+0x3fa/0x850
[  369.977792][T12789]  ? import_iovec+0x73/0xa0
[  369.982285][T12789]  ___sys_sendmsg+0x2a6/0x360
[  369.986952][T12789]  ? get_pid_task+0x20/0x1e0
[  369.991534][T12789]  ? __sys_sendmsg+0x2a0/0x2a0
[  369.996303][T12789]  ? __lock_acquire+0x7d40/0x7d40
[  370.001330][T12789]  __se_sys_sendmsg+0x1c2/0x2b0
[  370.006177][T12789]  ? __x64_sys_sendmsg+0x80/0x80
[  370.011118][T12789]  ? lockdep_hardirqs_on+0x98/0x150
[  370.016309][T12789]  do_syscall_64+0x55/0xa0
[  370.020716][T12789]  ? clear_bhb_loop+0x40/0x90
[  370.025381][T12789]  ? clear_bhb_loop+0x40/0x90
[  370.030047][T12789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  370.035925][T12789] RIP: 0033:0x7f53f919acb9
[  370.040327][T12789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  370.059920][T12789] RSP: 002b:00007f53fa06c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  370.068319][T12789] RAX: ffffffffffffffda RBX: 00007f53f9415fa0 RCX: 00007f53f919acb9
[  370.076277][T12789] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  370.084238][T12789] RBP: 00007f53fa06c090 R08: 0000000000000000 R09: 0000000000000000
[  370.092192][T12789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  370.100155][T12789] R13: 00007f53f9416038 R14: 00007f53f9415fa0 R15: 00007fff2d5c3868
[  370.108128][T12789]  </TASK>
[  370.359690][   T42] bond0 (unregistering): Released all slaves
[  370.441493][T12646] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.468513][T12646] 8021q: adding VLAN 0 to HW filter on device team0
[  370.504769][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.511893][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.526839][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.534000][ T5949] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.726146][T12646] 8021q: adding VLAN 0 to HW filter on device batadv0
[  370.765323][T12646] veth0_vlan: entered promiscuous mode
[  370.777863][T12646] veth1_vlan: entered promiscuous mode
[  370.803876][T12646] veth0_macvtap: entered promiscuous mode
[  370.812306][T12646] veth1_macvtap: entered promiscuous mode
[  370.828131][T12646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.839231][T12646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.850211][T12646] batman_adv: batadv0: Interface activated: batadv_slave_0
[  370.864303][T12646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.874776][T12646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.886237][T12646] batman_adv: batadv0: Interface activated: batadv_slave_1
[  370.901295][T12646] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.910190][T12646] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.919313][T12646] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.928564][T12646] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.984412][ T5941] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.992237][ T5941] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.023342][ T5941] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.032088][ T5941] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.279801][T12805] netlink: 'syz.0.2446': attribute type 10 has an invalid length.
[  371.694007][ T5087] Bluetooth: hci0: command tx timeout
[  372.000408][ T5780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  372.011935][ T5780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  372.029640][ T5780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  372.038913][ T5780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  372.047208][ T5780] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  372.054889][ T5780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  372.369992][T12841] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2451'.
[  373.027524][T12829] chnl_net:caif_netlink_parms(): no params data found
[  373.530612][T12829] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.560791][T12829] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.585957][T12829] bridge_slave_0: entered allmulticast mode
[  373.592660][T12829] bridge_slave_0: entered promiscuous mode
[  373.698491][   T42] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.740589][T12829] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.748108][T12829] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.764091][T12829] bridge_slave_1: entered allmulticast mode
[  373.770799][T12829] bridge_slave_1: entered promiscuous mode
[  373.815315][   T42] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.875547][T12875] netlink: 'syz.0.2460': attribute type 10 has an invalid length.
[  374.020769][T12875] 8021q: adding VLAN 0 to HW filter on device bond0
[  374.093709][ T5087] Bluetooth: hci2: command tx timeout
[  374.113685][T12875] team0: Port device bond0 added
[  374.151369][   T42] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.165132][T12877] lo: entered allmulticast mode
[  374.203636][T12875] syz.0.2460 (12875) used greatest stack depth: 18536 bytes left
[  374.240465][   T42] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.267573][T12829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  374.296960][T12829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.515964][T12829] team0: Port device team_slave_0 added
[  374.574549][T12829] team0: Port device team_slave_1 added
[  374.831194][T12829] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.859382][T12829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.928176][T12829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.957332][T12890] netlink: 'syz.3.2465': attribute type 10 has an invalid length.
[  375.025401][T12829] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.032380][T12829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.112144][T12829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.751984][T12829] hsr_slave_0: entered promiscuous mode
[  376.433625][ T5087] Bluetooth: hci2: command tx timeout
[  376.486381][T12829] hsr_slave_1: entered promiscuous mode
[  376.508587][T12829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  376.516511][T12829] Cannot create hsr debugfs directory
[  376.522863][T12905] netlink: 'syz.2.2469': attribute type 1 has an invalid length.
[  376.562804][T12907] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2469'.
[  377.881341][T12925] netlink: 'syz.2.2471': attribute type 10 has an invalid length.
[  377.894071][T12925] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2471'.
[  377.915704][T12925] batman_adv: batadv0: Adding interface: hsr_slave_1
[  377.933652][T12925] batman_adv: batadv0: The MTU of interface hsr_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  377.993566][T12925] batman_adv: batadv0: Interface activated: hsr_slave_1
[  378.493720][ T5087] Bluetooth: hci2: command tx timeout
[  378.737571][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  378.745882][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  378.846700][T12958] netlink: 'syz.3.2479': attribute type 10 has an invalid length.
[  379.655624][T12829] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  379.669892][T12829] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  379.691976][T12829] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  379.704212][T12829] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  380.098345][   T42] veth0_macvtap: left promiscuous mode
[  380.575468][ T5087] Bluetooth: hci2: command tx timeout
[  380.933194][T12829] 8021q: adding VLAN 0 to HW filter on device bond0
[  381.013873][T12829] 8021q: adding VLAN 0 to HW filter on device team0
[  381.056270][ T1079] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.063587][ T1079] bridge0: port 1(bridge_slave_0) entered forwarding state
[  381.121190][ T1079] bridge0: port 2(bridge_slave_1) entered blocking state
[  381.128366][ T1079] bridge0: port 2(bridge_slave_1) entered forwarding state
[  381.310649][T13020] netlink: 'syz.3.2492': attribute type 10 has an invalid length.
[  381.325583][T13020] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2492'.
[  381.472855][ T5087] Bluetooth: hci4: unexpected event 0x05 length: 151 > 4
[  381.850247][T13036] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2494'.
[  381.978005][T13039] syzkaller0: entered promiscuous mode
[  381.984283][T13039] syzkaller0: entered allmulticast mode
[  383.410071][T13059] netlink: set zone limit has 8 unknown bytes
[  383.918424][ T5087] Bluetooth: hci1: unexpected event 0x05 length: 151 > 4
[  385.192406][T13050] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  385.234962][T13065] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2504'.
[  385.320481][T12829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  385.422564][T12829] veth0_vlan: entered promiscuous mode
[  385.450738][T12829] veth1_vlan: entered promiscuous mode
[  385.492843][T12829] veth0_macvtap: entered promiscuous mode
[  385.511936][T12829] veth1_macvtap: entered promiscuous mode
[  385.548279][T12829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.566138][T12829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.586479][T12829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.603574][T12829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.619261][T12829] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.643056][T12829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.662710][T12829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.680981][T12829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.716657][T12829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.745809][T12829] batman_adv: batadv0: Interface activated: batadv_slave_1
[  385.778986][T12829] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  385.799671][T12829] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  385.808666][T12829] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  385.817594][T12829] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  385.989802][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.006982][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.080185][ T5944] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.097274][ T5944] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.184091][ T5087] Bluetooth: hci0: unexpected event 0x05 length: 151 > 4
[  387.368185][ T5780] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  387.403640][ T5780] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  387.411896][ T5780] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  387.429899][ T5780] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  387.460785][ T5780] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  387.468794][ T5780] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  387.471818][T13104] mac80211_hwsim hwsim16 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  388.252107][T13117] chnl_net:caif_netlink_parms(): no params data found
[  389.268789][T13146] netlink: 'syz.1.2528': attribute type 33 has an invalid length.
[  389.287698][T13146] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2528'.
[  389.487259][T13117] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.513846][T13117] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.533400][T13117] bridge_slave_0: entered allmulticast mode
[  389.544654][ T5087] Bluetooth: hci3: command tx timeout
[  389.555187][T13117] bridge_slave_0: entered promiscuous mode
[  389.582982][T13117] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.619604][T13117] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.652004][T13117] bridge_slave_1: entered allmulticast mode
[  389.681473][T13117] bridge_slave_1: entered promiscuous mode
[  389.853298][T13117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.879364][T13117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.949533][T13117] team0: Port device team_slave_0 added
[  389.975684][T13117] team0: Port device team_slave_1 added
[  390.024416][ T1113] wlan1: Trigger new scan to find an IBSS to join
[  390.039775][T13117] batman_adv: batadv0: Adding interface: batadv_slave_0
[  390.052237][T13117] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  390.123606][T13117] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  390.168579][T13180] netlink: 'syz.0.2537': attribute type 10 has an invalid length.
[  390.238673][T13180] team0: Port device wlan1 added
[  390.248107][T13176] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  391.364393][T13117] batman_adv: batadv0: Adding interface: batadv_slave_1
[  391.371373][T13117] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  391.506221][T13117] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  391.613703][ T5087] Bluetooth: hci3: command tx timeout
[  392.460163][ T5949] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.494425][T13193] sit0: entered allmulticast mode
[  392.559690][ T5949] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.579523][T13195] sit0: entered promiscuous mode
[  392.682244][ T5949] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.848437][ T5949] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.946472][T13117] hsr_slave_0: entered promiscuous mode
[  392.952929][T13117] hsr_slave_1: entered promiscuous mode
[  392.963166][T13117] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  392.971018][T13117] Cannot create hsr debugfs directory
[  392.979428][ T5944] wlan1: Trigger new scan to find an IBSS to join
[  393.002901][T13212] netlink: 'syz.1.2548': attribute type 10 has an invalid length.
[  393.064165][T13214] netlink: 63503 bytes leftover after parsing attributes in process `syz.2.2549'.
[  393.129403][T13215] netlink: 'syz.2.2549': attribute type 10 has an invalid length.
[  393.240571][T13215] team0 (unregistering): Port device team_slave_0 removed
[  393.267214][T13215] team0 (unregistering): Port device team_slave_1 removed
[  393.302514][T13217] netlink: 'syz.1.2550': attribute type 10 has an invalid length.
[  393.311865][T13217] netlink: 55 bytes leftover after parsing attributes in process `syz.1.2550'.
[  393.693852][ T5087] Bluetooth: hci3: command tx timeout
[  395.773628][ T5087] Bluetooth: hci3: command tx timeout
[  409.599437][ T5780] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  409.609704][ T5780] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  409.617821][ T5780] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  409.634363][ T5780] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  409.642790][ T5780] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  409.650840][ T5780] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  409.838310][ T5087] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  409.850954][ T5087] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  409.860829][ T5087] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  409.873977][ T5087] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  409.881773][ T5087] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  409.894835][ T5087] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  409.951706][ T5780] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  409.965404][ T5780] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  409.973164][ T5780] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  409.983941][ T5780] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  409.992871][ T5780] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  410.005074][ T5780] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  411.703784][ T5087] Bluetooth: hci1: command tx timeout
[  411.943789][ T5087] Bluetooth: hci5: command tx timeout
[  412.093845][ T5087] Bluetooth: hci6: command tx timeout
[  413.773762][ T5087] Bluetooth: hci1: command tx timeout
[  414.013717][ T5087] Bluetooth: hci5: command tx timeout
[  414.173805][ T5087] Bluetooth: hci6: command tx timeout
[  415.858453][ T5087] Bluetooth: hci1: command tx timeout
[  416.110936][ T5087] Bluetooth: hci5: command tx timeout
[  416.253764][ T5087] Bluetooth: hci6: command tx timeout
[  417.933564][ T5087] Bluetooth: hci1: command tx timeout
[  418.187885][ T5087] Bluetooth: hci5: command tx timeout
[  418.333712][ T5087] Bluetooth: hci6: command tx timeout
[  448.664491][ T5780] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  448.694200][ T5780] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  448.703042][ T5780] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  448.711214][ T5780] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  448.722835][ T5780] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  448.730239][ T5780] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  450.823832][ T5087] Bluetooth: hci7: command tx timeout
[  452.893745][ T5087] Bluetooth: hci7: command tx timeout
[  454.983752][ T5087] Bluetooth: hci7: command tx timeout
[  457.063697][ T5087] Bluetooth: hci7: command tx timeout
[  470.246966][ T5780] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  470.256600][ T5780] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  470.264683][ T5780] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  470.273073][ T5780] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  470.281050][ T5780] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  470.288664][ T5780] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  471.774026][ T5087] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  471.783822][ T5087] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  471.791977][ T5087] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  471.809202][ T5087] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  471.817116][ T5087] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  471.824575][ T5087] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  471.970178][ T5780] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  471.989243][ T5780] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  472.015525][ T5780] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  472.034157][ T5780] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  472.041963][ T5780] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  472.051172][ T5780] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  472.333739][ T5087] Bluetooth: hci8: command tx timeout
[  473.943796][ T5087] Bluetooth: hci9: command tx timeout
[  474.103831][ T5087] Bluetooth: hci10: command tx timeout
[  474.413657][ T5087] Bluetooth: hci8: command tx timeout
[  476.014219][ T5087] Bluetooth: hci9: command tx timeout
[  476.173796][ T5087] Bluetooth: hci10: command tx timeout
[  476.503969][ T5087] Bluetooth: hci8: command tx timeout
[  478.103684][ T5087] Bluetooth: hci9: command tx timeout
[  478.253637][ T5087] Bluetooth: hci10: command tx timeout
[  478.573816][ T5087] Bluetooth: hci8: command tx timeout
[  480.173779][ T5780] Bluetooth: hci9: command tx timeout
[  480.333724][ T5780] Bluetooth: hci10: command tx timeout
[  488.347255][ T5087] Bluetooth: hci0: command 0x0406 tx timeout
[  498.667563][T13265] Bluetooth: hci2: command 0x0406 tx timeout
[  498.793506][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  498.800220][    C0] rcu: 	0-....: (10477 ticks this GP) idle=fff4/1/0x4000000000000000 softirq=44751/44757 fqs=4458
[  498.811719][    C0] rcu: 	         hardirqs   softirqs   csw/system
[  498.818121][    C0] rcu: 	 number:  1158664          0            0
[  498.824522][    C0] rcu: 	cputime:    18139      34349           36   ==> 52490(ms)
[  498.832307][    C0] rcu: 	(t=10500 jiffies g=48573 q=1840 ncpus=2)
[  498.838619][    C0] CPU: 0 PID: 13224 Comm: syz.0.2552 Not tainted syzkaller #0
[  498.846063][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  498.856114][    C0] RIP: 0010:kcov_remote_start+0x2b/0x7e0
[  498.861749][    C0] Code: 0f 1e fa 55 41 57 41 56 41 55 41 54 53 48 83 ec 18 65 4c 8b 35 96 9a 7c 7e 48 b8 00 00 00 00 ff ff ff 00 48 85 c7 74 11 0f 0b <48> 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d c3 48 89 f8 48 c1 e8 39
[  498.881346][    C0] RSP: 0018:ffffc90000007990 EFLAGS: 00000206
[  498.887401][    C0] RAX: ca9e05368c186b00 RBX: 0000000000000246 RCX: ca9e05368c186b00
[  498.895358][    C0] RDX: dffffc0000000000 RSI: ffffffff8acac900 RDI: ffffffff8b1c80e0
[  498.903316][    C0] RBP: ffffc90000007c30 R08: ffffffff911be5ff R09: 1ffffffff2237cbf
[  498.911275][    C0] R10: dffffc0000000000 R11: fffffbfff2237cc0 R12: fffffffffffffff0
[  498.919236][    C0] R13: ffffffff81871b9f R14: ffff888021541e00 R15: 0000000000000000
[  498.927194][    C0] FS:  00007f6a0743d6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  498.936113][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  498.942681][    C0] CR2: 00007f6a073faff0 CR3: 000000002e5d8000 CR4: 00000000003506f0
[  498.950642][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  498.958598][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  498.966555][    C0] Call Trace:
[  498.969822][    C0]  <IRQ>
[  498.972664][    C0]  ieee80211_rx_list+0x813/0x32d0
[  498.977690][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  498.982877][    C0]  ? sched_clock_cpu+0x75/0x430
[  498.987715][    C0]  ? clockevents_program_event+0x230/0x310
[  498.993512][    C0]  ? ieee80211_check_fast_rx_iface+0x210/0x210
[  498.999691][    C0]  ? lock_chain_count+0x20/0x20
[  499.004536][    C0]  ? read_lock_is_recursive+0x20/0x20
[  499.009903][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  499.015096][    C0]  ? ieee80211_rx_napi+0xd4/0x3d0
[  499.020118][    C0]  ieee80211_rx_napi+0x1b2/0x3d0
[  499.025053][    C0]  ? ieee80211_rx_list+0x32d0/0x32d0
[  499.030334][    C0]  ? skb_dequeue+0x124/0x160
[  499.034916][    C0]  ieee80211_handle_queued_frames+0x106/0x1a0
[  499.040977][    C0]  tasklet_action_common+0x302/0x4d0
[  499.046255][    C0]  ? trace_raw_output_tasklet+0xc0/0xc0
[  499.051797][    C0]  handle_softirqs+0x280/0x820
[  499.056554][    C0]  ? __irq_exit_rcu+0xd3/0x190
[  499.061313][    C0]  ? do_softirq+0x1a0/0x1a0
[  499.065806][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  499.071001][    C0]  __irq_exit_rcu+0xd3/0x190
[  499.075579][    C0]  ? irq_exit_rcu+0x20/0x20
[  499.080075][    C0]  irq_exit_rcu+0x9/0x20
[  499.084306][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  499.089934][    C0]  </IRQ>
[  499.092858][    C0]  <TASK>
[  499.095783][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  499.101755][    C0] RIP: 0010:finish_task_switch+0x26a/0x8f0
[  499.107552][    C0] Code: 0f 84 33 01 00 00 48 85 db 0f 85 52 01 00 00 0f 1f 44 00 00 4c 8b 75 d0 4c 89 e7 e8 50 52 30 09 e8 0b 21 30 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0
[  499.127143][    C0] RSP: 0018:ffffc90004247758 EFLAGS: 00000282
[  499.133224][    C0] RAX: ca9e05368c186b00 RBX: 0000000000000000 RCX: ca9e05368c186b00
[  499.141185][    C0] RDX: dffffc0000000000 RSI: ffffffff8acac900 RDI: ffffffff8b1c80e0
[  499.149145][    C0] RBP: ffffc900042477b0 R08: ffffffff911be5ff R09: 1ffffffff2237cbf
[  499.157106][    C0] R10: dffffc0000000000 R11: fffffbfff2237cc0 R12: ffff888021541e00
[  499.165066][    C0] R13: dffffc0000000000 R14: ffff88801f289e00 R15: ffff8880b8e3cac8
[  499.173047][    C0]  ? finish_task_switch+0x265/0x8f0
[  499.178243][    C0]  __schedule+0x155b/0x45a0
[  499.182750][    C0]  ? mark_lock+0x94/0x320
[  499.187071][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  499.193044][    C0]  ? lock_chain_count+0x20/0x20
[  499.197880][    C0]  ? asan.module_dtor+0x20/0x20
[  499.202723][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  499.208868][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  499.214061][    C0]  ? preempt_schedule+0xc0/0xd0
[  499.218901][    C0]  preempt_schedule_common+0x82/0xc0
[  499.224178][    C0]  preempt_schedule+0xc0/0xd0
[  499.228846][    C0]  ? schedule_preempt_disabled+0x20/0x20
[  499.234466][    C0]  ? event_function+0x300/0x300
[  499.239308][    C0]  ? smp_call_function_single+0x5a0/0x5a0
[  499.245019][    C0]  preempt_schedule_thunk+0x1a/0x30
[  499.250207][    C0]  ? smp_call_function_single+0x488/0x5a0
[  499.255915][    C0]  smp_call_function_single+0x48d/0x5a0
[  499.261455][    C0]  ? event_function+0x300/0x300
[  499.266297][    C0]  ? flush_smp_call_function_queue+0x250/0x250
[  499.272438][    C0]  ? event_function+0x300/0x300
[  499.277286][    C0]  perf_install_in_context+0x5be/0x920
[  499.282738][    C0]  ? exclusive_event_installable+0x2c0/0x2c0
[  499.288704][    C0]  ? add_event_to_ctx+0x1180/0x1180
[  499.293898][    C0]  ? anon_inode_getfile+0x109/0x1a0
[  499.299083][    C0]  ? perf_event__header_size+0x165/0x220
[  499.304706][    C0]  __se_sys_perf_event_open+0x1836/0x1c50
[  499.310422][    C0]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  499.316054][    C0]  ? lock_chain_count+0x20/0x20
[  499.320896][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  499.326081][    C0]  ? __x64_sys_perf_event_open+0x20/0xc0
[  499.331702][    C0]  do_syscall_64+0x55/0xa0
[  499.336105][    C0]  ? clear_bhb_loop+0x40/0x90
[  499.340770][    C0]  ? clear_bhb_loop+0x40/0x90
[  499.345437][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  499.351316][    C0] RIP: 0033:0x7f6a0659acb9
[  499.355720][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  499.375315][    C0] RSP: 002b:00007f6a0743d028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  499.383717][    C0] RAX: ffffffffffffffda RBX: 00007f6a06815fa0 RCX: 00007f6a0659acb9
[  499.391675][    C0] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000480
[  499.399630][    C0] RBP: 00007f6a06608bf7 R08: 0000000000000000 R09: 0000000000000000
[  499.407586][    C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  499.415546][    C0] R13: 00007f6a06816038 R14: 00007f6a06815fa0 R15: 00007ffd92bd2c88
[  499.423517][    C0]  </TASK>